Jump to content

PeeacMem-A virus removal


a97virago

Recommended Posts

Hi,

 

My name is Larry and I've encounter a very persistent virus that I can't seem to get rid of.  I see that you've had success with at least one other person.  I was hoping you could help me.

 

The virus is PeeacMem as stated in the subject and it is causing dozens of dllhosts.exe to launch when the computer starts and is connected to the internet, at least wirelessly.

 

It's late here so I'll be starting tomorrow morning.

 

Larry Slosberg

Link to post
Share on other sites

Hello a97virago, welcome to Malwarebytes' Malware Removal forum!
 
My username is LiquidTension, but you can call me Adam. I will be assisting you with your malware-related problems.
If you would allow me to call you by your first name I would prefer that. xsmile.png.pagespeed.ic.CwSpBGGvqN.png
 
General P2P/Piracy Notice:
 

If you are using Peer to Peer (P2P) filesharing software such as uTorrent, BitTorrent or similar you must either fully uninstall or completely disable the programme(s) from running whilst receiving assistance at this forum. 
Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
If you have illegal/cracked/keygen or similar software on the computer, please remove/uninstall the software now and read the policy on Piracy. Failure to do so will also result in your topic being closed.

 
======================================================
 
Please read through the points below to ensure this process moves as quickly and efficiently as possible.

  • Please read through my instructions thoroughly, and ensure you carry out each step in the order specified.
  • Please do not post logs using the CODE, QUOTE or ATTACHMENT format. Logs should be posted directly in plain text. If you receive an error whilst posting, please break the log in half and use multiple posts.
  • Please do not run any tools or take any steps other than those I provide for you. Independent efforts may make matters worse, and will affect my ability in ascertaining the current situation & providing the best set of instructions for you.
  • Please backup important documents before proceeding with my instructions.
  • If you come across any issues whilst following my instructions, please stop and inform me of the issue in as much detail as possible. Please do not hesitate to ask before you run anything.
  • Topics are locked if no response is made after 4 days. Please inform me if you will require additional time to complete my instructions.
  • Ensure you are following this topic. Click xetYzdbu.png.pagespeed.ic.U7AjmRUewW.png at the top of the page.
     

======================================================
 
STEP 1
xGfiJrQ9.png.pagespeed.ic.HjgFxjvw2Z.jpg Malwarebytes Anti-Malware (MBAM)

  • If you have not downloaded and installed the updated Malwarebytes Anti-Malware 2.0 please do so now.
  • Open Malwarebytes Anti-Malware and click Update Now.
  • Once updated, click the Settings tab and tick Scan for rootkits.
  • Click the Scan tab, ensure Threat Scan is checked and click Scan Now.
  • Note: You may see the following message, "Could not load DDA driver". Click Yes, allow your PC to reboot and continue afterwards.
  • If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
  • Upon completion of the scan (or after the reboot), click the History tab.
  • Click Application Logs and double-click the Scan Log.
  • Click Copy to Clipboard and paste the log in your next reply.
     

STEP 2
YARWD1t.png.pagespeed.ce.nvhmVeYDe3.pngTDSSKiller Scan

  • Please download TDSSKiller and save the file to your Desktop.
  • Right-Click TDSSKiller.exe and select xAVOiBNU.jpg.pagespeed.ic.H5HC6LkiJX.jpg Run as administrator to run the programme.
  • Click Change parameters. Place a checkmark next to Detect TDLFS file system and Verify file digital signatures.
  • ​Click Start Scan. Do not use the computer during the scan.
  • If objects are found, change the action to skip.
  • Click Continue and close the window.
  • A log will be created and saved to the root directory (usually C:\). Copy the contents of the log and paste in your next reply.
     

======================================================
 
STEP 3
xpfNZP4A.png.pagespeed.ic.bp5cRl1pJg.jpg Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • MBAM log
  • TDSSKiller log
Link to post
Share on other sites

Completed the first set of instructions.  Here are the log files

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 9/28/2014
Scan Time: 7:58:46 AM
Logfile: MBAMScan201409280835.txt
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.09.28.03
Rootkit Database: v2014.09.19.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Sacred Heart
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 330083
Time Elapsed: 25 min, 17 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 197
Trojan.FakeGoog, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, Quarantined, [661ff8f71c5f082ed50a0af9f21315eb], 
Trojan.FakeGoog, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, Quarantined, [661ff8f71c5f082ed50a0af9f21315eb], 
PUP.Optional.AudioToAudioToolBar.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MapsGalaxy_39Service, Quarantined, [b9cc21ce9ae13afc6289c86dba467d83], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{1e91a655-bb4b-4693-a05e-2edebc4c9d89}, Quarantined, [2c59bc33205bed49c8c6ade67989b64a], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{364ea597-e728-4ce4-bb4a-ed846ef47970}, Quarantined, [2c59bc33205bed49c8c6ade67989b64a], 
PUP.Optional.MindSpark.A, HKU\S-1-5-21-639415932-1215857684-1316868989-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{364EA597-E728-4CE4-BB4A-ED846EF47970}, Quarantined, [2c59bc33205bed49c8c6ade67989b64a], 
PUP.Optional.MindSpark.A, HKU\S-1-5-21-639415932-1215857684-1316868989-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{364EA597-E728-4CE4-BB4A-ED846EF47970}, Quarantined, [2c59bc33205bed49c8c6ade67989b64a], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4b7d0b0c-cff3-49c5-9bc3-ffabc031c822}, Quarantined, [2c59bc33205bed49c8c6ade67989b64a], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{a549a4f7-fa70-421c-b0f2-8f6c0b4b85a8}, Quarantined, [2c59bc33205bed49c8c6ade67989b64a], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{05F5414D-DCD6-4EE6-8C46-20A3F1209E0F}, Quarantined, [2c59bc33205bed49c8c6ade67989b64a], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{4F55EE37-30D9-45D6-870F-3EEA6CB9BE9F}, Quarantined, [2c59bc33205bed49c8c6ade67989b64a], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{50ADA3A9-20B4-4EE0-8AFA-DE0BCAB94A25}, Quarantined, [2c59bc33205bed49c8c6ade67989b64a], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{6818868A-1B3D-4E35-A561-FA964A96CD3B}, Quarantined, [2c59bc33205bed49c8c6ade67989b64a], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{9193E23B-4182-493F-A38E-682307A7C463}, Quarantined, [2c59bc33205bed49c8c6ade67989b64a], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{9D2A3081-70F2-4877-A06D-9BF697A35518}, Quarantined, [2c59bc33205bed49c8c6ade67989b64a], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{05F5414D-DCD6-4EE6-8C46-20A3F1209E0F}, Quarantined, [2c59bc33205bed49c8c6ade67989b64a], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{4F55EE37-30D9-45D6-870F-3EEA6CB9BE9F}, Quarantined, [2c59bc33205bed49c8c6ade67989b64a], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{50ADA3A9-20B4-4EE0-8AFA-DE0BCAB94A25}, Quarantined, [2c59bc33205bed49c8c6ade67989b64a], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{6818868A-1B3D-4E35-A561-FA964A96CD3B}, Quarantined, [2c59bc33205bed49c8c6ade67989b64a], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9193E23B-4182-493F-A38E-682307A7C463}, Quarantined, [2c59bc33205bed49c8c6ade67989b64a], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9D2A3081-70F2-4877-A06D-9BF697A35518}, Quarantined, [2c59bc33205bed49c8c6ade67989b64a], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{a549a4f7-fa70-421c-b0f2-8f6c0b4b85a8}, Quarantined, [2c59bc33205bed49c8c6ade67989b64a], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.SettingsPlugin.1, Quarantined, [2c59bc33205bed49c8c6ade67989b64a], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.SettingsPlugin, Quarantined, [2c59bc33205bed49c8c6ade67989b64a], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.SettingsPlugin, Quarantined, [2c59bc33205bed49c8c6ade67989b64a], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.SettingsPlugin.1, Quarantined, [2c59bc33205bed49c8c6ade67989b64a], 
PUP.Optional.MindSpark.A, HKU\S-1-5-21-639415932-1215857684-1316868989-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{4B7D0B0C-CFF3-49C5-9BC3-FFABC031C822}, Quarantined, [2c59bc33205bed49c8c6ade67989b64a], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{4B7D0B0C-CFF3-49C5-9BC3-FFABC031C822}, Quarantined, [2c59bc33205bed49c8c6ade67989b64a], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\MapsGalaxy_39bar Uninstall, Quarantined, [2c59bc33205bed49c8c6ade67989b64a], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89}, Quarantined, [2c59bc33205bed49c8c6ade67989b64a], 
PUP.Optional.MindSpark.A, HKU\S-1-5-21-639415932-1215857684-1316868989-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89}, Quarantined, [2c59bc33205bed49c8c6ade67989b64a], 
PUP.Optional.MindSpark.A, HKU\S-1-5-21-639415932-1215857684-1316868989-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89}, Quarantined, [2c59bc33205bed49c8c6ade67989b64a], 
PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{33119133-0854-469d-807A-171568457991}, Quarantined, [6b1ac12e76059f97090301cafd05c838], 
PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{13119113-0854-469d-807A-171568457991}, Quarantined, [6b1ac12e76059f97090301cafd05c838], 
PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.SkinLauncher.1, Quarantined, [6b1ac12e76059f97090301cafd05c838], 
PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.SkinLauncher, Quarantined, [6b1ac12e76059f97090301cafd05c838], 
PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.SkinLauncher, Quarantined, [6b1ac12e76059f97090301cafd05c838], 
PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.SkinLauncher.1, Quarantined, [6b1ac12e76059f97090301cafd05c838], 
PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{03119103-0854-469d-807A-171568457991}, Quarantined, [6b1ac12e76059f97090301cafd05c838], 
PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{23119123-0854-469D-807A-171568457991}, Quarantined, [6b1ac12e76059f97090301cafd05c838], 
PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{23119123-0854-469D-807A-171568457991}, Quarantined, [6b1ac12e76059f97090301cafd05c838], 
PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{03119103-0854-469d-807A-171568457991}, Quarantined, [6b1ac12e76059f97090301cafd05c838], 
PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.SkinLauncherSettings.1, Quarantined, [6b1ac12e76059f97090301cafd05c838], 
PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.SkinLauncherSettings, Quarantined, [6b1ac12e76059f97090301cafd05c838], 
PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.SkinLauncherSettings, Quarantined, [6b1ac12e76059f97090301cafd05c838], 
PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.SkinLauncherSettings.1, Quarantined, [6b1ac12e76059f97090301cafd05c838], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{71c1d63a-c944-428a-a5bd-ba513190e5d2}, Quarantined, [8df822cd413a5fd7c6cdf89b3bc751af], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{71C1D63A-C944-428A-A5BD-BA513190E5D2}, Quarantined, [8df822cd413a5fd7c6cdf89b3bc751af], 
PUP.Optional.MindSpark.A, HKU\S-1-5-21-639415932-1215857684-1316868989-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{71C1D63A-C944-428A-A5BD-BA513190E5D2}, Quarantined, [8df822cd413a5fd7c6cdf89b3bc751af], 
PUP.Optional.MindSpark.A, HKU\S-1-5-21-639415932-1215857684-1316868989-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{71C1D63A-C944-428A-A5BD-BA513190E5D2}, Quarantined, [8df822cd413a5fd7c6cdf89b3bc751af], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MapsGalaxy_39, Quarantined, [74118d62dc9f7db9a1c9ee84788c8080], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@MapsGalaxy_39.com/Plugin, Quarantined, [9beabc33e2996ccadbb31715c2414bb5], 
PUP.Optional.MindSpark.A, HKU\S-1-5-21-639415932-1215857684-1316868989-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MapsGalaxy_39, Quarantined, [5a2b32bd3348c0768ae11c56758ff50b], 
PUP.Optional.MindSpark.A, HKU\S-1-5-21-639415932-1215857684-1316868989-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\MapsGalaxy_39, Quarantined, [3c49e20d5328e155c0840323b15258a8], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{cae88e60-cea5-4fcb-b611-54ea6305d8ab}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.MultipleButton.1, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.MultipleButton, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.MultipleButton, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.MultipleButton.1, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4369f96e-4071-43e7-8fd2-4d8f96918ef3}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{69d0bac4-a1b1-45ce-944f-9eeb1479f059}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{269D72FF-8629-4DB6-AB4F-86AA3A92F8A9}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{797657A7-D3C7-4D7C-98E3-D0324DDFC4BA}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{F8B71C28-069E-406D-8D61-4461B464E37F}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{269D72FF-8629-4DB6-AB4F-86AA3A92F8A9}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{797657A7-D3C7-4D7C-98E3-D0324DDFC4BA}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{F8B71C28-069E-406D-8D61-4461B464E37F}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{69d0bac4-a1b1-45ce-944f-9eeb1479f059}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.ToolbarProtector.1, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.ToolbarProtector, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.ToolbarProtector, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.ToolbarProtector.1, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4f28fa5f-7d15-4753-b4fc-d548a0f02bfb}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{0396d01a-1323-4a15-bd0c-1bc7510f46c6}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{A8168AFE-9F36-49DE-A80A-00D19FB50207}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{B82A91D3-2A13-4BF6-981B-7D9ED152CCED}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{B9D4AA93-F4C6-480B-8C06-0811F2446943}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{A8168AFE-9F36-49DE-A80A-00D19FB50207}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{B82A91D3-2A13-4BF6-981B-7D9ED152CCED}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{B9D4AA93-F4C6-480B-8C06-0811F2446943}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{0396d01a-1323-4a15-bd0c-1bc7510f46c6}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{f3477e9d-d2f6-49f0-9b23-854d7958d07e}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{bf78452b-f168-4310-9ec0-4b9b66b845f0}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{7A739956-FB82-4379-AF60-E38C48226AA7}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{7A739956-FB82-4379-AF60-E38C48226AA7}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{bf78452b-f168-4310-9ec0-4b9b66b845f0}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{a083c35d-61a9-4625-bbb6-fb54e71b8527}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.DynamicBarButton.1, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.DynamicBarButton, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.DynamicBarButton, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.DynamicBarButton.1, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{c4a25b73-8ef5-4282-9d21-c8920dd577a1}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{15106ae4-6bdf-443e-80b0-3e38b59d26ec}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{9EF88362-131D-48B0-8969-CCC96F897AB8}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{EF8C6146-8009-4A3F-8CA3-9E932B017099}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9EF88362-131D-48B0-8969-CCC96F897AB8}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EF8C6146-8009-4A3F-8CA3-9E932B017099}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{15106ae4-6bdf-443e-80b0-3e38b59d26ec}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.FeedManager.1, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.FeedManager, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.FeedManager, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.FeedManager.1, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3ED5E5EC-0965-4DD3-B7D8-DBC48A1172B9}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.HTMLMenu.1, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.HTMLMenu, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.HTMLMenu, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.HTMLMenu.1, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{3ED5E5EC-0965-4DD3-B7D8-DBC48A1172B9}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5e1bdcf6-dd5f-4dd3-8783-b1454aef1830}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{d833690c-6e56-46c2-a19f-cf5fd81c9c9a}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{200F1306-1316-473B-90CE-A777144BBDF5}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{4E26AE37-A628-496E-B410-5D432F38BD1A}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{200F1306-1316-473B-90CE-A777144BBDF5}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{4E26AE37-A628-496E-B410-5D432F38BD1A}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{d833690c-6e56-46c2-a19f-cf5fd81c9c9a}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{1796ec91-d094-4a5f-b681-e16015d1ceac}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{3141fb47-2f0f-417d-a6fe-7047c5d2bbb4}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{16C7BB64-AC8D-4863-92ED-799D20F001DA}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{AE0F4663-EAE3-437F-BE60-9EC9B745DBFA}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{BAD750C1-F04B-42E6-847F-4F4BA8A7EDE1}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{16C7BB64-AC8D-4863-92ED-799D20F001DA}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{AE0F4663-EAE3-437F-BE60-9EC9B745DBFA}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{BAD750C1-F04B-42E6-847F-4F4BA8A7EDE1}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{3141fb47-2f0f-417d-a6fe-7047c5d2bbb4}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.XMLSessionPlugin.1, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.XMLSessionPlugin, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.XMLSessionPlugin, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.XMLSessionPlugin.1, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{1796EC91-D094-4A5F-B681-E16015D1CEAC}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{37ed966d-4d0e-4d66-9633-bea542c92860}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{87792411-b73a-435e-86f3-ae633a690e84}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{E2DAE1A4-09EE-4209-AD3B-1C96330EDCEF}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E2DAE1A4-09EE-4209-AD3B-1C96330EDCEF}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{87792411-b73a-435e-86f3-ae633a690e84}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.RadioSettings.1, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.RadioSettings, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.RadioSettings, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.RadioSettings.1, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{7d4dfaf7-f2ce-4c91-91a4-514c9612914d}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.Radio.1, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.Radio, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.Radio, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.Radio.1, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{db1384d8-1bda-4c8d-a743-e9ca671feb00}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.ScriptButton.1, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.ScriptButton, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.ScriptButton, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.ScriptButton.1, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{1241cebd-9777-4bc6-aae5-2a77e25db246}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{64fbf8b6-c770-401a-8b84-f630edaf4448}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{0D8734DB-7110-4CDB-833F-52BC93865AB2}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{41AE59EF-88EE-450B-B60A-F153679E6EE8}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{4AEF0F25-D761-4EAA-AEB7-9E756C6BF11E}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{902E7D34-D421-4766-8191-15A1B52D0BA2}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{0D8734DB-7110-4CDB-833F-52BC93865AB2}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{41AE59EF-88EE-450B-B60A-F153679E6EE8}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{4AEF0F25-D761-4EAA-AEB7-9E756C6BF11E}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{902E7D34-D421-4766-8191-15A1B52D0BA2}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{64fbf8b6-c770-401a-8b84-f630edaf4448}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1241CEBD-9777-4BC6-AAE5-2A77E25DB246}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{173a5778-34bf-48a2-8a5e-6963ce922fed}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.PseudoTransparentPlugin.1, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.PseudoTransparentPlugin, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.PseudoTransparentPlugin, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.PseudoTransparentPlugin.1, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{173A5778-34BF-48A2-8A5E-6963CE922FED}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{9b58a6ce-b337-43d5-9c2f-8c6d92fba094}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{e045df14-bf1d-405c-a37b-a75c1551ad17}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{f9b90065-cd7a-4439-b311-b292299182a9}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{47A124BA-A6E2-4ED4-AA6F-84FF29E4D7DC}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{DE4CC811-10B7-41F0-AB0E-EC2CFC91A8AD}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{47A124BA-A6E2-4ED4-AA6F-84FF29E4D7DC}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{DE4CC811-10B7-41F0-AB0E-EC2CFC91A8AD}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{f9b90065-cd7a-4439-b311-b292299182a9}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.ThirdPartyInstaller.1, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.ThirdPartyInstaller, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.ThirdPartyInstaller, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.ThirdPartyInstaller.1, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{E045DF14-BF1D-405C-A37B-A75C1551AD17}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{b70e008c-967b-4104-bc7b-6f7c77dbc38d}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.UrlAlertButton.1, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.UrlAlertButton, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.UrlAlertButton, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.UrlAlertButton.1, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{a35ff019-6dbe-4044-b080-6f3fa78a947f}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{8feeda9e-8f71-45df-a797-468226d1d35b}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{C285FFF4-DE32-402D-B8FD-6F34F1D5920C}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{CDDB17CD-7A6B-4887-8EE6-68A43F532197}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C285FFF4-DE32-402D-B8FD-6F34F1D5920C}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{CDDB17CD-7A6B-4887-8EE6-68A43F532197}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{8feeda9e-8f71-45df-a797-468226d1d35b}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.HTMLPanel.1, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MapsGalaxy_39.HTMLPanel, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.HTMLPanel, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MapsGalaxy_39.HTMLPanel.1, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKU\S-1-5-21-639415932-1215857684-1316868989-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A35FF019-6DBE-4044-B080-6F3FA78A947F}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{A35FF019-6DBE-4044-B080-6F3FA78A947F}, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
 
Registry Values: 13
Trojan.FakeGoog, HKU\S-1-5-21-639415932-1215857684-1316868989-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|GoogleUpdate, C:\Users\Sacred Heart\AppData\Roaming\GoogleUpdate.exe, Quarantined, [661ff8f71c5f082ed50a0af9f21315eb]
PUP.Optional.MindSpark.A, HKU\S-1-5-21-639415932-1215857684-1316868989-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{364EA597-E728-4CE4-BB4A-ED846EF47970}, â??Â¥N6(çäL»Jíâ??nôyp, Quarantined, [2c59bc33205bed49c8c6ade67989b64a]
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{364EA597-E728-4CE4-BB4A-ED846EF47970}, Quarantined, [2c59bc33205bed49c8c6ade67989b64a], 
PUP.Optional.MindSpark.A, HKU\S-1-5-21-639415932-1215857684-1316868989-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{364EA597-E728-4CE4-BB4A-ED846EF47970}, Quarantined, [4f36599686f52c0a0d83deb5649e5aa6], 
PUP.Optional.MindSpark.A, HKU\S-1-5-21-639415932-1215857684-1316868989-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{26842a09-ffa8-4e2c-ae12-0c80f01c3295}, Quarantined, [5b2a539c7407be783e5112817092db25], 
PUP.Optional.MindSpark.A, HKU\S-1-5-21-639415932-1215857684-1316868989-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{26842A09-FFA8-4E2C-AE12-0C80F01C3295}, Quarantined, [5b2a539c7407be783e5112817092db25], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{364ea597-e728-4ce4-bb4a-ed846ef47970}, Quarantined, [642176799fdcc86e157b801353af6b95], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|39ffxtbr@MapsGalaxy_39.com, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin, Quarantined, [f68fb23df28993a3fcca84ac847f9868]
Trojan.Agent.EV, HKU\S-1-5-21-639415932-1215857684-1316868989-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\CONTROL PANEL\DESKTOP|SCRNSAVE.EXE, "C:\Users\Sacred Heart\AppData\Roaming\Microsoft\Windows\IEUpdate\xwizard.exe", Quarantined, [e4a1db14cead00360b4c6ea459aaed13]
Hijack.Autorun, HKU\S-1-5-21-639415932-1215857684-1316868989-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\COMMAND PROCESSOR|AutoRun, "C:\Users\Sacred Heart\AppData\Roaming\Microsoft\Windows\IEUpdate\xwizard.exe", Quarantined, [88fdba35116a0f27db28043df3107b85]
Trojan.Agent.EVGen, HKU\S-1-5-21-639415932-1215857684-1316868989-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|xwizard, "C:\Users\Sacred Heart\AppData\Roaming\Microsoft\Windows\IEUpdate\xwizard.exe", Quarantined, [aadb04ebd2a9072f114741d1dc279070]
Backdoor.Bot, HKU\S-1-5-21-639415932-1215857684-1316868989-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|svchost86x.sys, "C:\Users\SACRED~1\AppData\Local\Temp\conhost41.exe", Quarantined, [add814db4b30231338546afb010204fc]
Trojan.Agent.EVGen, HKU\S-1-5-21-639415932-1215857684-1316868989-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|xwizard, "C:\Users\Sacred Heart\AppData\Roaming\Microsoft\Windows\IEUpdate\xwizard.exe", Quarantined, [88fd8d6286f55fd7db7e1cf65ba8b34d]
 
Registry Data: 0
(No malicious items detected)
 
Folders: 49
Rogue.Multiple, C:\Users\Sacred Heart\AppData\Roaming\46113357, Quarantined, [691c19d6cbb0ab8bea9bd6f72bd708f8], 
Rogue.Multiple, C:\Users\Sacred Heart\AppData\Roaming\2739811445, Quarantined, [b5d0cb24a0db0a2ca9dd88454eb408f8], 
Rogue.Multiple, C:\Users\Sacred Heart\AppData\Roaming\4121640743, Quarantined, [afd60ae5304b10268105aa23d72bc739], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\chrome, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\ThirdPartyInstallers, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\gen1, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\History, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\IE9Mesg, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\Message, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\Settings, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 
PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39, Quarantined, [e79ef3fc5229c472173da3435da55da3], 
PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23, Quarantined, [e79ef3fc5229c472173da3435da55da3], 
PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.1.2, Quarantined, [e79ef3fc5229c472173da3435da55da3], 
PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3, Quarantined, [e79ef3fc5229c472173da3435da55da3], 
PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\css, Quarantined, [e79ef3fc5229c472173da3435da55da3], 
PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\images, Quarantined, [e79ef3fc5229c472173da3435da55da3], 
PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\images\icons, Quarantined, [e79ef3fc5229c472173da3435da55da3], 
PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 
PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a, Quarantined, [e79ef3fc5229c472173da3435da55da3], 
PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2, Quarantined, [e79ef3fc5229c472173da3435da55da3], 
PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\css, Quarantined, [e79ef3fc5229c472173da3435da55da3], 
PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\fonts, Quarantined, [e79ef3fc5229c472173da3435da55da3], 
PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\images, Quarantined, [e79ef3fc5229c472173da3435da55da3], 
PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 
PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd, Quarantined, [e79ef3fc5229c472173da3435da55da3], 
PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2, Quarantined, [e79ef3fc5229c472173da3435da55da3], 
PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\css, Quarantined, [e79ef3fc5229c472173da3435da55da3], 
PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\fonts, Quarantined, [e79ef3fc5229c472173da3435da55da3], 
PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images, Quarantined, [e79ef3fc5229c472173da3435da55da3], 
PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather, Quarantined, [e79ef3fc5229c472173da3435da55da3], 
PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 
PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 
PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 
PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Cache, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 
PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\History, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 
PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Message, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 
PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Message\COMMON, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 
PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Settings, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 
PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\MapsGalaxy_39, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 
PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\MapsGalaxy_39\Cache, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 
Trojan.Siredef.C, C:\$Recycle.Bin\S-1-5-18\$e832065498a1fb1692b97b2bda927d12\U, Quarantined, [671e46a9cfac2d09c13223dd4ab6817f], 
Trojan.Siredef.C, C:\$Recycle.Bin\S-1-5-21-639415932-1215857684-1316868989-1003\$e832065498a1fb1692b97b2bda927d12\U, Quarantined, [d9ac8b64ec8f082eb73c8878ea16ea16], 
Trojan.Siredef.C, C:\$Recycle.Bin\S-1-5-18\$e832065498a1fb1692b97b2bda927d12\L, Quarantined, [a4e19c534f2c20167382bc44e8183dc3], 
Trojan.Siredef.C, C:\$Recycle.Bin\S-1-5-21-639415932-1215857684-1316868989-1003\$e832065498a1fb1692b97b2bda927d12\L, Quarantined, [92f3747b572452e4b14418e8f907d828], 
Trojan.Siredef.C, C:\$Recycle.Bin\S-1-5-18\$e832065498a1fb1692b97b2bda927d12, Quarantined, [63226c832b502c0a54a248b8ff01619f], 
Trojan.Siredef.C, C:\$Recycle.Bin\S-1-5-21-639415932-1215857684-1316868989-1003\$e832065498a1fb1692b97b2bda927d12, Quarantined, [75103eb1116a3afc42b4c7394fb105fb], 
 
Link to post
Share on other sites

Files: 719

Trojan.FakeGoog, C:\Users\Sacred Heart\AppData\Roaming\GoogleUpdate.exe, Quarantined, [661ff8f71c5f082ed50a0af9f21315eb], 

PUP.Optional.AudioToAudioToolBar.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39barsvc.exe, Quarantined, [b9cc21ce9ae13afc6289c86dba467d83], 

PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39bar.dll, Quarantined, [2c59bc33205bed49c8c6ade67989b64a], 

PUP.Optional.FunWebProducts.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39sknlcr.dll, Quarantined, [6b1ac12e76059f97090301cafd05c838], 

PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll, Quarantined, [8df822cd413a5fd7c6cdf89b3bc751af], 

Trojan.FakeMS.ED, C:\ProgramData\EvitpUseyw\EvitpUseyw.dat, Quarantined, [1075ca250c6f6ec8393dbb01936ef907], 

PUP.Optional.InstallIQ.A, C:\$Recycle.Bin\S-1-5-21-506334461-662739515-669185290-1003\$RA50WN6\7zipap_1320.exe, Quarantined, [0382f6f91b6077bfc752c365f809728e], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd80B3.tmp, Quarantined, [d6af10df8bf0d5615a6aa50f88796997], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd80E2.tmp, Quarantined, [c6bfb83786f5f83ef8cc159f3dc4d42c], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd8239.tmp, Quarantined, [ff86b23d8bf072c4e4e0456fd8291be5], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd83CF.tmp, Quarantined, [226305eaed8e43f3f9cbe5cffc05ac54], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd841D.tmp, Quarantined, [394c1ad514671224c400a3114eb35ca4], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd847A.tmp, Quarantined, [1c6933bc7605cd693193b5ff71909769], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd8545.tmp, Quarantined, [31545d920a71989e5371d5df0af722de], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd8593.tmp, Quarantined, [087d5d92502bf442dce87044a75a4eb2], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd867D.tmp, Quarantined, [760fd7182a510333962ee2d25aa76997], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd86AC.tmp, Quarantined, [5f2616d9c1ba9e98a71d8f25af524ab6], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd878.tmp, Quarantined, [6223af40651654e2279db9fb9c65b14f], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd87E4.tmp, Quarantined, [295c1fd0f685ef47cff53c783ac75ea2], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd89A8.tmp, Quarantined, [5f2676797b0078be259f3c788d74e31d], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd8A35.tmp, Quarantined, [64217d72ea91e3536a5a3e76d1306e92], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd8B0F.tmp, Quarantined, [582d17d84d2ed462a91b8a2a23de20e0], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd8BCA.tmp, Quarantined, [e99cf0ff7605e353b70d7a3a669b39c7], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd8C47.tmp, Quarantined, [8df8af401269b680d4f0961e3ac78b75], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd8C6.tmp, Quarantined, [7a0b5996b6c542f4e1e39420f50c5da3], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd8C85.tmp, Quarantined, [c8bd5b94fb801c1a0bb95e56b24ff40c], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd8CC4.tmp, Quarantined, [9ce9f9f6017a2412c400b20234cd2dd3], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd8DAE.tmp, Quarantined, [3154ea05b8c3e84e9133f5bf44bdb050], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd8EF5.tmp, Quarantined, [7f06f9f68cefac8a2c98e4d09c65db25], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd8F72.tmp, Quarantined, [bfc6618ea1da81b51ca89c1826dbb44c], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd901E.tmp, Quarantined, [1f6634bb0a71ab8bbf0543718879c23e], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd904D.tmp, Quarantined, [2d58658a4833a294f5cfd8dc45bce719], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd90E9.tmp, Quarantined, [93f2d9169ae18aaca024d4e0c73aca36], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd9221.tmp, Quarantined, [d6afa04fec8f02347c4805af2fd207f9], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd925F.tmp, Quarantined, [f293f8f7d1aadc5ab90b22921be6b050], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updC2B2.tmp, Quarantined, [a7deec03d3a8072f4b79a60ed32e41bf], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updC2F0.tmp, Quarantined, [691c3db23c3f61d5d5efd5df54ad847c], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updC37D.tmp, Quarantined, [5134717e007b57dfdee62094c43d0ff1], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updC3FA.tmp, Quarantined, [95f0f8f7f685bb7bb50fefc514ed54ac], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updC438.tmp, Quarantined, [493c2bc44d2e0e2811b3d3e1936eaa56], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updC4B5.tmp, Quarantined, [1570767985f61323d6eefcb84ab70000], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updC560.tmp, Quarantined, [6f16747b87f42f076460902411f0fb05], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updC5DD.tmp, Quarantined, [d7aeb13e6f0c989e81439d17827f60a0], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updC679.tmp, Quarantined, [e79e6b845625df573f850fa535cc14ec], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updC8BA.tmp, Quarantined, [b9cc0ce3f685b185b50f169e7e83be42], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updC947.tmp, Quarantined, [7d0831be176442f48d378b298081748c], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updC9D.tmp, Quarantined, [dea704eb7605b482754f3381a75aab55], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updC9F2.tmp, Quarantined, [65205b945823cf671ea6f3c19c6502fe], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updCA21.tmp, Quarantined, [fb8abe31cbb00333facad1e325dc847c], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updCA8F.tmp, Quarantined, [99ec5f90017a6ec8f1d3159f907139c7], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updCB2A.tmp, Quarantined, [01848e61611a6acc289cd6de59a8857b], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updCBC.tmp, Quarantined, [196cee01116ad165467ef7bd827fb848], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updCC53.tmp, Quarantined, [7a0b628d1f5c76c0774d486cfa0757a9], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updCE07.tmp, Quarantined, [7b0a49a685f6ab8b10b44c6834cd58a8], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updCE94.tmp, Quarantined, [463feb0405764beb368e6f45758c4cb4], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updCF11.tmp, Quarantined, [cdb801ee611a96a0f3d17440c041ea16], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updCF12.tmp, Quarantined, [1c699659b9c276c0ffc5f2c2cf32d62a], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updD058.tmp, Quarantined, [cabbe00f94e77bbbae16496b43bec838], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updD068.tmp, Quarantined, [067f43aca1daa29416aeeec6ba4744bc], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updD097.tmp, Quarantined, [7e079b54df9c2016873d2c88837e50b0], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updD0B6.tmp, Quarantined, [117402ed6a118da95e66efc543beae52], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updD22D.tmp, Quarantined, [afd6d51a6b10ca6ce2e23c78f8097c84], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updD46E.tmp, Quarantined, [cabb905fadceba7c03c1bbf95da41ae6], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd252C.tmp, Quarantined, [a1e434bb4c2f0f279232971dff023ec2], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd25D7.tmp, Quarantined, [bec709e64f2c3402279de6cecf3212ee], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd2809.tmp, Quarantined, [e3a22ac52457d6607b49575d8c75f10f], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd2847.tmp, Quarantined, [d2b3cc23bfbc2e08e2e2d7dd07faf50b], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd2876.tmp, Quarantined, [a3e217d81962d2646f55575dd22f60a0], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd28D4.tmp, Quarantined, [4342589780fbf0468d37fbb93dc426da], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd29E.tmp, Quarantined, [c6bfae41bebd68cebd07773dd62b6997], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd2AD6.tmp, Quarantined, [0a7b66892655a1959e260ca828d9a957], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd2B05.tmp, Quarantined, [176e38b77803979f8143852fa55c5aa6], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd2D28.tmp, Quarantined, [077eb738ed8e83b301c38c287c852bd5], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd2E02.tmp, Quarantined, [8bfac8273d3e76c0e1e33a7ad42d56aa], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd2E21.tmp, Quarantined, [e2a3ba358af1b77f4f753381a06157a9], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd2E50.tmp, Quarantined, [6f16f9f6aad14beb31937f3557aad828], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd3033.tmp, Quarantined, [0a7b46a90f6c0531339172423ec33ac6], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd3052.tmp, Quarantined, [0f76cb24bebdee4812b2ad07748d30d0], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd30A0.tmp, Quarantined, [5530b43b4e2d1f176064bbf92cd530d0], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd30DF.tmp, Quarantined, [dda80ee1fe7d88ae4e76f7bd6e93f010], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd3255.tmp, Quarantined, [d6afe20de695d75ffec61a9a36cbae52], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd3340.tmp, Quarantined, [7510559acbb0171f2d970ba9d52c19e7], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd33CC.tmp, Quarantined, [186d7778f28937ff09bb862ee21f817f], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd33EB.tmp, Quarantined, [493cd9161e5dd85e11b3843024dd56aa], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd3429.tmp, Quarantined, [c5c0a44b95e6aa8c0aba6c48ee13ec14], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd368A.tmp, Quarantined, [770e44abaccf7eb8a123823204fdd030], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd383F.tmp, Quarantined, [2d582ac54f2ce1551ba991236e9317e9], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd3938.tmp, Quarantined, [ff865897cdae0036daea5e562cd530d0], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd39A5.tmp, Quarantined, [23621cd3bdbeb08672524f65a9585ba5], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd39B5.tmp, Quarantined, [cdb8559abfbcfb3b269e377d758cf10f], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd3A41.tmp, Quarantined, [8500d21d0b70c274586c852f6b966a96], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd3B5A.tmp, Quarantined, [ceb7c32c7803f5412d97e8cc936ee61a], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd3C63.tmp, Quarantined, [7411549b4e2d8ea81aaa84300cf59769], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd3D4D.tmp, Quarantined, [711410dfd2a98bab299bddd703fe728e], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd3E18.tmp, Quarantined, [b3d29956e2992313e1e3f7bd15ec27d9], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd3F31.tmp, Quarantined, [63220ae5106b77bf6e56c1f32dd4926e], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updE61A.tmp, Quarantined, [d5b02bc4c5b62016774da212ec15629e], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updE6F4.tmp, Quarantined, [0b7a628dc7b4181ed5ef7f35e61ba759], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updE713.tmp, Quarantined, [6d18c9261764c1759034932105fc22de], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updE732.tmp, Quarantined, [9aeba748c3b81521e3e1bcf83bc60ff1], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updE7BF.tmp, Quarantined, [c1c4b13ec9b2c076bd073c78c0418e72], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updE7C0.tmp, Quarantined, [86ff0ee1c4b750e68f352391659c0ef2], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updE945.tmp, Quarantined, [80059a5503786bcba123ac084ab7f709], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updEA.tmp, Quarantined, [9ce9c629ed8e55e143812d872ad7c13f], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updEABB.tmp, Quarantined, [c2c3d916562558de3a8a496bbf429868], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updEACB.tmp, Quarantined, [d2b336b9e09b88ae3391f3c139c8a858], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updEB38.tmp, Quarantined, [8302aa453546b87e685cc3f1b0511fe1], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updEC41.tmp, Quarantined, [7510b13eaecd55e1cef6179d629fe51b], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updECE.tmp, Quarantined, [e3a2a64981fa39fd8d377e3655ac2ed2], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updECED.tmp, Quarantined, [018432bd433895a10bb9c7eddd24f010], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updED89.tmp, Quarantined, [6f1614db304b76c04c78753f08f9f50b], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updEDA8.tmp, Quarantined, [72130de2b1ca37ffb80c91238a774fb1], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updEE73.tmp, Quarantined, [3352fcf3fd7eba7ca123d9db6e9308f8], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updEE92.tmp, Quarantined, [e5a040af4c2fe74fd5efebc9df229d63], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updEF1F.tmp, Quarantined, [1c6915da7cff181e655f42723ac7b64a], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updF095.tmp, Quarantined, [f5901ed17dfed264378d93215ba647b9], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updF121.tmp, Quarantined, [1b6a9b548fec1422467e308436cbc63a], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updF2C.tmp, Quarantined, [87fe816e97e411253391169e1be66c94], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updF2C6.tmp, Quarantined, [4144ba3553286accb60e5262a160e41c], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updF372.tmp, Quarantined, [087dfbf4e4972b0b3f85c8ecb74afa06], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updF373.tmp, Quarantined, [cabb5b94d8a379bd52720ca8e819ad53], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updF43D.tmp, Quarantined, [52333fb085f639fdfcc8edc77e83a15f], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updF45C.tmp, Quarantined, [d2b3905fe497a98d269ef7bdc43d54ac], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updF537.tmp, Quarantined, [03829a55661586b0ab19b20201007789], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updF66F.tmp, Quarantined, [295ca74854277cbac400a60e4cb5ec14], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updA256.tmp, Quarantined, [008543acd0ab1422b212e6ced22f55ab], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updA3AE.tmp, Quarantined, [fb8ada153f3c3204f9cb763ecd34e51b], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updA3C.tmp, Quarantined, [d3b204ebb6c5ab8b23a1377dc938bc44], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updA42A.tmp, Quarantined, [b3d2ec03b9c2ff37893b654f10f1669a], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updA572.tmp, Quarantined, [741122cd43383ff72a9a8331da2735cb], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updA5B0.tmp, Quarantined, [671ed21da0db270f3292872d70919e62], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updA65C.tmp, Quarantined, [dbaad6197a019e98ae1602b2ef12748c], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updA69A.tmp, Quarantined, [067fba35a0dbcd69d9eb3381cb36f60a], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updA717.tmp, Quarantined, [1a6b2ec144378bab7e467e3627dab947], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updA830.tmp, Quarantined, [0c798669b7c4e74fbc082d8702ff22de], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updA831.tmp, Quarantined, [e79ed6196615ea4c7c48d6de12ef6b95], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updA978.tmp, Quarantined, [ec99ea051d5e4ceacbf9e0d49a67d030], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updA9A7.tmp, Quarantined, [671e47a8304b84b22b996f4541c020e0], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updA9D5.tmp, Quarantined, [5134ec03156692a42a9a6a4a22df5ea2], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updAB7A.tmp, Quarantined, [b4d130bf6e0d9c9ab90b526243be38c8], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updAC45.tmp, Quarantined, [1f667e71bfbc51e52b99dada768b3cc4], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updAC74.tmp, Quarantined, [077e07e8b1ca251192324b69a160e11f], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updAD10.tmp, Quarantined, [4441ed02057666d0f6ce852fdd24639d], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updAD9.tmp, Quarantined, [1f665a9599e2eb4b933107ad9c6550b0], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updADFA.tmp, Quarantined, [99ecfdf269128ea8eada30840cf53cc4], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updAEE4.tmp, Quarantined, [8005ac43bdbe66d0a51f7440867b0bf5], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updAF51.tmp, Quarantined, [86ff56991e5d66d0576d357fc63bee12], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updB154.tmp, Quarantined, [75100de23a415cda16ae0fa5e31e5ba5], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updB1A2.tmp, Quarantined, [562fdf108dee3afc6163a60e768b4ab6], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updB20F.tmp, Quarantined, [dea702ed483355e15b69447024ddd927], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updB23E.tmp, Quarantined, [4441747baad11323566edbd9c43d36ca], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updB26.tmp, Quarantined, [00856f8099e249edf8cc1a9af1103dc3], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd5550.tmp, Quarantined, [5f26c02f601b142213b10fa533cea858], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd56C6.tmp, Quarantined, [642144ab2c4f50e69d273282e81905fb], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd56D6.tmp, Quarantined, [22638966691245f1a4203e76ec15639d], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd5705.tmp, Quarantined, [3f46a9463249fa3c0cb8516306fbd729], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd57DF.tmp, Quarantined, [fd8822cd3b400630982cdfd523dea957], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd5994.tmp, Quarantined, [e79e27c896e5ed49ae16694bfc05db25], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd5B0A.tmp, Quarantined, [b8cd28c715668bab01c3dbd9da2721df], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd5C90.tmp, Quarantined, [95f0d41b9be0f343d0f4f0c4dd24b44c], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd5CA0.tmp, Quarantined, [1c6937b884f79b9bfcc8d8dcd031bf41], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd5D0D.tmp, Quarantined, [bcc905ea52291422e7dd684c13ee39c7], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd5D99.tmp, Quarantined, [91f49659fa811620853f2b893cc5ab55], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd5DA9.tmp, Quarantined, [ff868e61b8c3d660774da2121ee3c838], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd5DB9.tmp, Quarantined, [c0c531be433845f1cbf9e2d242bf639d], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd5F5E.tmp, Quarantined, [b0d53eb12f4cc07602c2f3c12cd522de], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd60D4.tmp, Quarantined, [c5c0c02ff08b1d19ccf87b393ac7f808], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd625A.tmp, Quarantined, [592c38b7d6a56cca05bfecc840c107f9], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd626A.tmp, Quarantined, [03829f50ed8e6cca24a0417319e8e41c], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd6306.tmp, Quarantined, [3253df10ef8cd95d6d575064b74ac53b], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd6325.tmp, Quarantined, [d3b25c93334877bfe9db852fa45d649c], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd6392.tmp, Quarantined, [315420cf64174ceadaea09ab5aa750b0], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd6528.tmp, Quarantined, [4243866916652b0beed6dfd5a35e857b], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd66AE.tmp, Quarantined, [ef9649a68bf09b9b279d6c485aa7ee12], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd6824.tmp, Quarantined, [d3b23bb48cefd165754f437199681de3], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd6843.tmp, Quarantined, [a8dd45aa49329b9b279d694b47ba837d], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd692E.tmp, Quarantined, [55307976d2a9e74f24a0239131d0e61a], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd694D.tmp, Quarantined, [8bfa7976a2d9013532929024bb4646ba], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd699B.tmp, Quarantined, [2164f4fbf18a85b1665ee8cc06fb847c], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd6A37.tmp, Quarantined, [86ff07e89be084b2596bb10327da6d93], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd6AF2.tmp, Quarantined, [a3e2d81781fa2610fcc8f4c0d03147b9], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd6C3.tmp, Quarantined, [6e17e30cbfbcd95d12b29f15c1405ea2], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd6C78.tmp, Quarantined, [3e47bd32e794c86ef0d411a331d06f91], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd6D.tmp, Quarantined, [473e7b7465169f97f8ccc1f3c839d927], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd6DFE.tmp, Quarantined, [fe877c735b20a6904b799321d03133cd], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd12E4.tmp, Quarantined, [55302ec1df9c2412ad17cce89a67de22], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd1370.tmp, Quarantined, [6e171ed12655b0868440b202ba47ac54], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd139F.tmp, Quarantined, [aadbf1fecbb0d462259fc9eba25f37c9], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd141C.tmp, Quarantined, [0f762fc07a011d19566eb7fd8978c53b], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd14F6.tmp, Quarantined, [bdc8e50ae2997db9863ea60e3cc546ba], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd15C1.tmp, Quarantined, [a1e4a24d81faf5413490edc715ec38c8], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd16DA.tmp, Quarantined, [0184c42be69543f3ae169321ea179868], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd16F9.tmp, Quarantined, [80054ea17407fa3cae16c4f0e41d06fa], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd194A.tmp, Quarantined, [d8ad6986710a8babd1f37d37659c817f], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd1979.tmp, Quarantined, [4342a34cfd7e91a5388cb6fe4db46997], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd1A05.tmp, Quarantined, [dbaa02ed79026acc0fb5585c21e008f8], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd1A82.tmp, Quarantined, [bbca0ce37b0039fd16aed0e429d8d52b], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd1B7B.tmp, Quarantined, [176ebc3390eb87afc1038f25db26aa56], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd1C65.tmp, Quarantined, [3550c22d2b50280eb80ccde756ab30d0], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd1C75.tmp, Quarantined, [3f4606e9087395a18044d3e16d941ee2], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd1CB3.tmp, Quarantined, [8005d91636451c1a4b79f4c06c959b65], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd1D11.tmp, Quarantined, [9de8c22d39424fe718acbafa43beda26], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd1D12.tmp, Quarantined, [e5a07f70a8d30c2a5371c1f3c938c23e], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd1DCC.tmp, Quarantined, [b2d338b73e3df244cdf75163956c748c], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd1E97.tmp, Quarantined, [d0b5a94656259e98952f476d27da649c], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd1F23.tmp, Quarantined, [7411b13e1665f145398bdbd951b021df], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd1F52.tmp, Quarantined, [dda8eb042d4ee353b014298be71a6e92], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd1F62.tmp, Quarantined, [c9bc737c3e3d76c0398b4470e021f010], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd1FDE.tmp, Quarantined, [a4e1539c3546c175537100b432cf55ab], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd1FDF.tmp, Quarantined, [087d935c3645ae885d67cce84eb352ae], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd201D.tmp, Quarantined, [daab17d83447d95d497b06ae13eeb947], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd20D8.tmp, Quarantined, [98ed32bd83f891a521a34470e21fc838], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd222.tmp, Quarantined, [24618a6537441b1bb50f0ea648b914ec], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd227D.tmp, Quarantined, [a5e0bc331b6049ed16aeb202be431be5], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd22CB.tmp, Quarantined, [1f66945b7a011a1c527222922ed329d7], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd250C.tmp, Quarantined, [a1e48a6569127bbbfcc8fcb8ae531ee2], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updD4DC.tmp, Quarantined, [7f062ec1bfbcd75fffc5288cb44d1be5], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updD4DD.tmp, Quarantined, [8ff636b9bebd76c08e36189cad54e917], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updD632.tmp, Quarantined, [aed7fcf3fb80ed49a1232f858978857b], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updD642.tmp, Quarantined, [9ee75f905a2145f1388c82322fd2fc04], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updD75A.tmp, Quarantined, [7d080be456255bdb3b897e369c65e31d], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updD77.tmp, Quarantined, [e5a0c12e780358de1fa5f4c0659c9a66], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updD7F7.tmp, Quarantined, [ee97f2fdf289a393dbe9af0537ca659b], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updD87.tmp, Quarantined, [681dbc333f3c989e3f85dcd81be6748c], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updD8B2.tmp, Quarantined, [483df8f7f7841b1b329233813cc5b64a], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updD90F.tmp, Quarantined, [f0957877fc7f66d0b014ebc9d62b758b], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updDA6.tmp, Quarantined, [7a0b5c931566999d4084694b41c0a55b], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updDA76.tmp, Quarantined, [95f0707f13683afcb60e159fe71a47b9], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updDAB4.tmp, Quarantined, [5f26b33c1b6051e5a81c8430010002fe], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updDAD4.tmp, Quarantined, [1b6ab13e7803fb3b3c885a5a6c95e719], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updDBFC.tmp, Quarantined, [acd98c63522962d4497b3d779d640af6], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updDC0B.tmp, Quarantined, [2065dd1235464fe70aba892b629fbd43], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updDC1B.tmp, Quarantined, [95f0bc335b20a6907d479d17af52cc34], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updDC5.tmp, Quarantined, [6c1943aca5d6043214b03381bb4636ca], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updDD53.tmp, Quarantined, [493c648b76059b9b12b28c2839c82ad6], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updDFD3.tmp, Quarantined, [1f6642ad354696a08242496bef121be5], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updE040.tmp, Quarantined, [097c6b84c7b40036d9eb9e16c140f20e], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updE06F.tmp, Quarantined, [1075549b6e0d88aefcc82d8717ea6997], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updE070.tmp, Quarantined, [582d9e51d1aa3402b70d5a5ab74af50b], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updE09E.tmp, Quarantined, [4b3ace21fd7e043205bf5c5845bc3ec2], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updE1E5.tmp, Quarantined, [bbca42ad89f259ddab19892b37cae61a], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updE1F5.tmp, Quarantined, [295cad420b701422358f5e5641c0b54b], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updE35C.tmp, Quarantined, [75100ce37cff47efdfe52b8954adb14f], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updE3B9.tmp, Quarantined, [c4c118d7d5a6a88ee0e404b0f40de21e], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updE3BA.tmp, Quarantined, [9ce914dbadce350160648331629fd927], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updE52.tmp, Quarantined, [d9acd718dc9f072feada1b9913ee8878], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updE56E.tmp, Quarantined, [12737976dc9f0333d4f00fa5a35eae52], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updF890.tmp, Quarantined, [dbaaa24d03785adc8440f7bd2ed30cf4], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updF8BF.tmp, Quarantined, [9bea6689fc7f1422e0e4af05c140d52b], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updF9.tmp, Quarantined, [8bfa87680e6d1422f2d26450f01155ab], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updF95B.tmp, Quarantined, [6025846b76050531cbf9575dcd34cf31], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updF96B.tmp, Quarantined, [e0a5bd326a118ea8d3f113a11de4e719], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updF9F7.tmp, Quarantined, [cdb8c629611aa4920abaae0659a8fa06], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updFB01.tmp, Quarantined, [0085a8473348f046b70d09ab4ab77f81], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updFC48.tmp, Quarantined, [6e17dd12e2990a2cd0f413a123de41bf], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updFCB5.tmp, Quarantined, [dea7bd325625c76f388c12a2c73a6d93], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updFD51.tmp, Quarantined, [84011bd41368bb7b7f45b6fe29d88878], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updFE6A.tmp, Quarantined, [f293816e2952fa3cdee64173e31ee21e], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updFE7.tmp, Quarantined, [3a4b1fd017649e98dce8f2c2cd343bc5], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updFF35.tmp, Quarantined, [f88ddc13225948eefaca5262e21f7a86], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updFF45.tmp, Quarantined, [572e67888af1ed49319363516d949070], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd6F17.tmp, Quarantined, [d3b2806f512a88ae6f55eaca827fe818], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd6F26.tmp, Quarantined, [4f36747b394246f0358f615338c921df], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd6F74.tmp, Quarantined, [8ef7678895e67cba695b3f75b74a7d83], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd70CB.tmp, Quarantined, [b3d2ba35b3c8af87764e813306fb2ed2], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd7242.tmp, Quarantined, [abdaed0206752f0784402b89eb160ef2], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd729F.tmp, Quarantined, [ceb76b84d8a32d09d9ebb7fded147f81], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd730.tmp, Quarantined, [d8adea05ff7cbf771aaaae06e021df21], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd73C8.tmp, Quarantined, [6a1be609bfbc979f6361595bb8497d83], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd73E7.tmp, Quarantined, [dfa637b8136894a2f5cfb7fdea17c63a], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd750F.tmp, Quarantined, [364fb23d156640f64e76773ddc25d927], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd7619.tmp, Quarantined, [b4d112dd2e4d3ff7368e3d771fe2817f], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd76A5.tmp, Quarantined, [4a3b41aed5a670c616aea70d08f97987], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd76A6.tmp, Quarantined, [582d727ddaa1d363566e763eac55fc04], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd77CE.tmp, Quarantined, [8401955a007bca6c90340ca82dd4bc44], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd77E.tmp, Quarantined, [176e9857bfbc72c4863eb5ffe31e1ee2], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd781C.tmp, Quarantined, [d6af4ea1de9d8ea8fbc97440c53c9070], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd79A1.tmp, Quarantined, [6d1845aa572472c44381704427da0df3], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd79A2.tmp, Quarantined, [85005f9024571c1ac7fda80c966bf10f], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd7ACA.tmp, Quarantined, [374ed51aed8eb2849133cbe9659c21df], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd7B08.tmp, Quarantined, [5332b6394734fd3974501d9720e14cb4], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd7C50.tmp, Quarantined, [176e7a755328a195f5cf664e15ecfb05], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd7C5F.tmp, Quarantined, [aed7b7388eed9c9adfe5c1f329d8cb35], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd7D2A.tmp, Quarantined, [f392876802798babb410dadabc45619f], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd7DF5.tmp, Quarantined, [d0b5f2fdf289f244dbe921934db4be42], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd7E53.tmp, Quarantined, [d6afac439cdfa88edce808ac2bd6629e], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd7EA1.tmp, Quarantined, [c8bd2bc4354660d64381c9eb24dd4ab6], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd7EC.tmp, Quarantined, [770e6f80d0ab2b0b9e26476d2dd42ad6], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd7F6C.tmp, Quarantined, [99ecc6296219e155fbc9783c867baf51], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd9491.tmp, Quarantined, [6b1a6f80daa151e504c07b39bd44e31d], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd950D.tmp, Quarantined, [f88d0be4b4c7c86ea123951f2ed32cd4], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd953C.tmp, Quarantined, [7c09c02f314a6dc9dfe5bafa31d0d12f], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd95C9.tmp, Quarantined, [f78e747b6219a6904f75179d27da0000], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd96B3.tmp, Quarantined, [364fd619354695a19232b10361a0f808], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd96F1.tmp, Quarantined, [94f16b84d6a54aec1ba98f259c6537c9], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd97FA.tmp, Quarantined, [e99c7a75fe7d5fd7b113694ba45d2fd1], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd981.tmp, Quarantined, [661f00efec8f02349b29a0141ce5e61a], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd9839.tmp, Quarantined, [f68f35baaecde254547093218c7553ad], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd9AC8.tmp, Quarantined, [0d7837b8daa181b5f4d074402dd4ab55], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd9B06.tmp, Quarantined, [ccb9da15aad1b2841ea6b9fb6d94be42], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd9B45.tmp, Quarantined, [dca9b7389eddf83e477d763e33cec63a], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd9B46.tmp, Quarantined, [daabc12ee09bce6881435f55847d20e0], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd9B73.tmp, Quarantined, [364f30bf334859ddbc08585cb150bb45], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd9B83.tmp, Quarantined, [9ee7b43b9ae176c015af3e761ee337c9], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd9C8C.tmp, Quarantined, [b3d28c63b2c9bb7bffc512a243be52ae], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd9DD4.tmp, Quarantined, [c1c4618e067587afb2128e268b76946c], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd9E12.tmp, Quarantined, [8104c728df9c12248f35ad07ca3702fe], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd9EE.tmp, Quarantined, [30553ab5e596c670695b5a5a03fe7888], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd9F6A.tmp, Quarantined, [2f563cb3b0cb88ae05bff9bbe21f35cb], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd9FB7.tmp, Quarantined, [d2b37f70205bbd79c301d9db15eccc34], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updA092.tmp, Quarantined, [285dbe31e59661d512b22c8851b00af6], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updA0D0.tmp, Quarantined, [bec706e93b40d462fbc912a29869d52b], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updA0E.tmp, Quarantined, [91f4da15443794a219abf9bba65b28d8], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updA13D.tmp, Quarantined, [770e628daad16ec8428203b146bbf20e], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updB2E9.tmp, Quarantined, [c7bef7f80d6e8bab4183cee6b24f48b8], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updB4DD.tmp, Quarantined, [3e4733bc2c4fac8a1fa58d27cd349769], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updB4DE.tmp, Quarantined, [bdc81ad5ff7c3105f8cc456fcd3449b7], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updB51B.tmp, Quarantined, [dda828c780fbff37675df9bbd82943bd], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updB559.tmp, Quarantined, [0a7b2bc4b9c2e5511fa5a70d7b860df3], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updB73D.tmp, Quarantined, [51340fe09edd44f211b3298b43be45bb], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updB7D9.tmp, Quarantined, [bfc6a24d4b30ac8af1d36e4660a1916f], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updB818.tmp, Quarantined, [d3b2e40bd9a285b1a3214173e71ade22], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updB865.tmp, Quarantined, [364fbf30f883bd79eed6783cda2725db], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updB8A4.tmp, Quarantined, [592cac43304b59ddab197b399071758b], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updB8F2.tmp, Quarantined, [a1e4ba35e3984fe73d874e6630d1639d], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updB96F.tmp, Quarantined, [364f03ecc8b3cf67e3e1268e58a9a45c], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updBAF5.tmp, Quarantined, [88fd14db87f40531368e625212efbd43], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updBB81.tmp, Quarantined, [34515e916318ec4ae8dccee617ea4cb4], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updBBC0.tmp, Quarantined, [93f2f3fc0f6c59dd42822b89bd444bb5], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updBCF7.tmp, Quarantined, [f49111de116a72c47351823248b98d73], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updBD17.tmp, Quarantined, [1a6b13dca1dae45252725d57976ac63a], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updBDA3.tmp, Quarantined, [75109a55146764d2dce8c4f014edd52b], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updBE2.tmp, Quarantined, [1e6743acb0cb4cea3292f5bf20e110f0], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updBE20.tmp, Quarantined, [553040af196244f25f65dbd9c43d2cd4], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updBE6E.tmp, Quarantined, [0f761fd062194bebc5ffd5df45bc9f61], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updBEDB.tmp, Quarantined, [2c59c827344760d68e364b69719053ad], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updBEFA.tmp, Quarantined, [394ce807d4a7a98defd540740df46a96], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updC042.tmp, Quarantined, [cbba26c9aad172c4f7cdbafaa859867a], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updC0AF.tmp, Quarantined, [661fc22d1d5e1323bf0563513ec37b85], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updC0DE.tmp, Quarantined, [84018f6077042115dbe9961ea45d649c], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd3F80.tmp, Quarantined, [8afb4aa55526ab8b1ca88e2642bfe719], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd401B.tmp, Quarantined, [e69f5d92ec8f85b15c68496b19e8af51], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd415.tmp, Quarantined, [a7de8b644833d66017ad377dcb3622de], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd424C.tmp, Quarantined, [9ce9935c80fb51e502c2feb6c33eaf51], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd43C3.tmp, Quarantined, [9ce9707f99e2cb6b299b7143d130b947], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd43E2.tmp, Quarantined, [d6af14db7902fa3c962e2c88ab56758b], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd444.tmp, Quarantined, [5530de11accf0b2b0db78a2a51b06d93], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd451A.tmp, Quarantined, [6223509f1665c1756d5711a3f40d7f81], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd4549.tmp, Quarantined, [3451648b6a11ea4c8044b103768b827e], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd4559.tmp, Quarantined, [5431ea051c5fe155f7cda2123fc2768a], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd4623.tmp, Quarantined, [f392618e59220e282e96fdb7d42d5da3], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd4836.tmp, Quarantined, [8ef7fcf31e5df541a123466eaf529868], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd49AC.tmp, Quarantined, [88fddd122655cb6b0bb96153db26de22], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd4B13.tmp, Quarantined, [760f1fd072095ed8269e9123e819f808], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd4B23.tmp, Quarantined, [cabb42adc1ba2313cbf9e2d232cf3cc4], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd4B24.tmp, Quarantined, [65206b84532813231ea60ea61ee305fb], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd4C1C.tmp, Quarantined, [077e89664c2f56e0a71dbbf97b86867a], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd4C4B.tmp, Quarantined, [a3e26a8599e2e650695b684c1ee31de3], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd4DC1.tmp, Quarantined, [d1b4a34c93e8b97d12b2852f49b85ea2], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd4E0F.tmp, Quarantined, [a0e5c22d5b202610764e516334cdb24e], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd4F86.tmp, Quarantined, [0580707f28534de9c0043f753fc2fe02], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd50E.tmp, Quarantined, [b0d5c22d017a4beb4d776b498c750cf4], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd50F.tmp, Quarantined, [acd903ecf08bb87eefd5bbf9a45dfb05], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd50FC.tmp, Quarantined, [95f0f6f9c8b3d16510b4377d2dd4a060], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd50FD.tmp, Quarantined, [cfb62bc4d2a9d75f596bf9bbae53af51], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd510C.tmp, Quarantined, [fb8a3db293e8dc5abd0773418f7204fc], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd5205.tmp, Quarantined, [c1c4b639cbb03600d7ed6f4548b96b95], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd535D.tmp, Quarantined, [a3e2a946e992f73f42827c3805fc6f91], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd53CA.tmp, Quarantined, [4c39549b7ffc4fe711b301b3c33ec33d], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd1006.tmp, Quarantined, [5f264fa04833ab8beed6367e0ff2a15f], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd10B2.tmp, Quarantined, [c4c1eb04ee8dfe381fa5b004b74ab050], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd10B3.tmp, Quarantined, [4d3809e64e2db97d3e86f1c303fedf21], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd116D.tmp, Quarantined, [3352ae4181faaf87378d526230d1af51], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd1238.tmp, Quarantined, [9bea6f801a61ac8aa222bafa6b96b947], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd251C.tmp, Quarantined, [780d68872c4f4cea873d159f24dd827e], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd3F7F.tmp, Quarantined, [186d529da5d6bf77368e2490ac551de3], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd5437.tmp, Quarantined, [65202cc3fd7e64d27f45f1c33bc6d32d], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd6E1D.tmp, Quarantined, [c0c58f60aad185b1c103694b41c042be], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd80B.tmp, Quarantined, [8cf9717eccafc3735a6ab8fc68991be5], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\upd927E.tmp, Quarantined, [751007e828530c2ab60e437128d914ec], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updA1CA.tmp, Quarantined, [8ef7b837df9c0135675d32825ca5f808], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updB26D.tmp, Quarantined, [63228c63bcbf84b2a51ffeb6fd04bc44], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updC254.tmp, Quarantined, [ceb7747bb7c442f43f85fcb8f40db24e], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updD4DB.tmp, Quarantined, [5134ae417dfef73f07bd8a2a1ee336ca], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updE61.tmp, Quarantined, [b1d45a954b3095a181437e369a67a25e], 

Trojan.Agent, C:\Users\Sacred Heart\AppData\Local\Temp\updF6EB.tmp, Quarantined, [acd9e20deb909d995b69dada9a67dc24], 

PUP.Optional.InstallIQ.A, C:\Users\Sacred Heart\Downloads\7zipap_1320.exe, Quarantined, [1e678a65314ac37372a7d15739c8cf31], 

Backdoor.Bot.ED, C:\Windows\Installer\{460C2466-BAE8-40B3-83A1-0D69F50307F7}\api-ms-win-system-ndishc-l1-1-0.dll, Quarantined, [dbaad01f3a410a2c28a6338a748dd828], 

Spyware.Zbot.VXGen, C:\Windows\Installer\{7DB4B18B-298F-4F2C-B979-E1D154AB7232}\msiexec.exe, Quarantined, [a9dc2fc0e09bcd695104dedcc938936d], 

Exploit.Drop.GS, C:\Users\Sacred Heart\AppData\Local\Temp\wiupdat.exe, Quarantined, [fd88cf20ee8d999d8c519ac5c142dc24], 

Trojan.Agent.RvGen, C:\Windows\Tasks\Security Center Update - 3072967456.job, Quarantined, [6e173db2eb905cdafd9d9ba84db712ee], 

Trojan.Agent.WUGen, C:\Users\Sacred Heart\windowsupdate.exe, Quarantined, [3b4a6e81fa8150e6dd1f015043c1ca36], 

Rogue.Multiple, C:\Users\Sacred Heart\AppData\Roaming\46113357\3148552758.js, Quarantined, [691c19d6cbb0ab8bea9bd6f72bd708f8], 

Rogue.Multiple, C:\Users\Sacred Heart\AppData\Roaming\46113357\4244368205.js, Quarantined, [691c19d6cbb0ab8bea9bd6f72bd708f8], 

Rogue.Multiple, C:\Users\Sacred Heart\AppData\Roaming\46113357\example1.js, Quarantined, [691c19d6cbb0ab8bea9bd6f72bd708f8], 

Rogue.Multiple, C:\Users\Sacred Heart\AppData\Roaming\46113357\example2.js, Quarantined, [691c19d6cbb0ab8bea9bd6f72bd708f8], 

Rogue.Multiple, C:\Users\Sacred Heart\AppData\Roaming\46113357\manifest.json, Quarantined, [691c19d6cbb0ab8bea9bd6f72bd708f8], 

Rogue.Multiple, C:\Users\Sacred Heart\AppData\Roaming\4121640743\3148552758.js, Quarantined, [afd60ae5304b10268105aa23d72bc739], 

Rogue.Multiple, C:\Users\Sacred Heart\AppData\Roaming\4121640743\4244368205.js, Quarantined, [afd60ae5304b10268105aa23d72bc739], 

Rogue.Multiple, C:\Users\Sacred Heart\AppData\Roaming\4121640743\manifest.json, Quarantined, [afd60ae5304b10268105aa23d72bc739], 

PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39mlbtn.dll, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 

PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39auxstb.dll, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 

PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39bprtct.dll, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 

PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brmon.exe, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 

PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brstub.dll, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 

PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39datact.dll, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 

PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39dlghk.dll, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 

PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39dyn.dll, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 

PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39feedmg.dll, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 

PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39highin.exe, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 

PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39hkstub.dll, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 

PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39htmlmu.dll, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 

PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39httpct.dll, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 

PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39idle.dll, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 

PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39ieovr.dll, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 

PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39impipe.exe, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 

PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39medint.exe, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 

PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39msg.dll, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 

PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39Plugin.dll, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 

PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39radio.dll, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 

PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39regfft.dll, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 

PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39reghk.dll, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 

PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39regiet.dll, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 

PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39script.dll, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 

PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39skin.dll, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 

PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39skplay.exe, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 

PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrchMn.exe, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 

PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39tpinst.dll, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 

PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39uabtn.dll, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 

PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\BOOTSTRAP.JS, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 

PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\CHROME.MANIFEST, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 

PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\CREXT.DLL, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 

PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\CrExtP39.exe, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 

PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\INSTALL.RDF, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 

PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\installKeys.js, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 

PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\LOGO.BMP, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 

PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\T8EXTEX.DLL, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 

PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\T8EXTPEX.DLL, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 

PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\T8HTML.DLL, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 

PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\T8TICKER.DLL, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 

PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\chrome\39ffxtbr.jar, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 

PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\gen1\COMMON.T8S, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 

PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\IE9Mesg\COMMON.T8S, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 

PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\Message\COMMON.T8S, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 

PUP.Optional.MindSpark.A, C:\Program Files (x86)\MapsGalaxy_39\bar\Settings\s_pid.dat, Quarantined, [f590b03ffb80270f7e86a143fa0806fa], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\UrlFolderExtension.uf1, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\UrlFolderExtension.ufm, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\anemone-1.2.7.js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\background.html, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\Date.getWeek.js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\hidden-window.html, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\ie7-fix.html, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\jquery-1.7.2.min.js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\jquery-dropdown.js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\jquery-inputfieldrestrict.js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\jquery-modal.js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\jquery-ui.min.js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\json2.min.js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\manifest.json, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\SignedExtension.cab, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\underscore-1.3.1.min.js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\widget-api-1.2.js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\window.html, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\css\dropdown.css, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\css\modal.css, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\css\widget.css, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\images\favicon.ico, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\images\FBwidget_sprite.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\images\icon.bmp, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\images\icon.bmp,hot,flags=none.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\images\icon.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\images\loading.gif, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\images\icons\F0.bmp, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\images\icons\F0.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\images\icons\F1.bmp, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\images\icons\F1.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\images\icons\F10.bmp, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\images\icons\F10.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\images\icons\F2.bmp, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\images\icons\F2.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\images\icons\F3.bmp, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\images\icons\F3.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\images\icons\F4.bmp, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\images\icons\F4.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\images\icons\F5.bmp, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\images\icons\F5.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\images\icons\F6.bmp, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\images\icons\F6.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\images\icons\F7.bmp, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\images\icons\F7.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 
Link to post
Share on other sites

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\images\icons\F8.bmp, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\images\icons\F8.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\images\icons\F9.bmp, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\images\icons\F9.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\js\background.js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\js\hiddenwindow.js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\js\settings.js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\91fbdd335935d6fab2f0f46ec3451b3a18a24a23\1.2.3\js\widgetwindow.js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\anemone-1.2.7.js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\App.html, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\Background.html, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\EventManager.js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\hogan-2.0.0.js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\jquery-1.7.1.min.js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\manifest.json, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\reset.css, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\SignedExtension.cab, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\underscore-1.3.1.min.js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\widget-messaging-1.0.SNAPSHOT.js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\css\App.css, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\fonts\cabin.eot, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\fonts\cabin.woff, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\images\arrow.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\images\close.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\images\close2.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\images\delete.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\images\delete2.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\images\edit.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\images\find.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\images\go.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\images\logo.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\images\MapsGalaxy.bmp, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\images\MapsGalaxy.bmp,hot,flags=none.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\images\MapsGalaxy.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\images\MapsGalaxy2.bmp, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\images\MapsGalaxy2.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\images\save.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\images\save2.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\images\settings.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\images\stars.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\js\App.js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\js\App.Test.js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\js\Background.js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\js\Data.js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\js\FindLocation.js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\js\GetDirections.js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\js\MapsGalaxy.js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\js\MGDropDown.js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\js\Modals.Delete.js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\js\Modals.Location.js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\js\Modals.MaxRecent.js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\js\Modals.MaxSaved.js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\js\Reporting.js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\d0e0492c497d8c260a5e799f8212a9e2b288600a\1.0.2\js\Settings.js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\anemone-1.2.7.js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\App.html, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\Background.html, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\hogan-2.0.0.js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\jquery-1.7.1.min.js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\json2.min.js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\manifest.json, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\reset.css, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\SignedExtension.cab, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\underscore-1.4.2.min.js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\widget-api-1.2.js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\css\App.css, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\fonts\cabin.eot, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\fonts\cabin.woff, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\close.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\MainIcon.bmp, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\MainIcon.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\minimize.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\rateUISprite.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\rate_WB.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\search.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\WBlogo.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\ChanceOfRain.bmp, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\ChanceOfRain.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\ChanceOfRain_60x60.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\ChanceOfRain_90x90.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\ChanceOfSnow.bmp, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\ChanceOfSnow.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\ChanceOfSnow_60x60.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\ChanceOfSnow_90x90.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\ChanceOfStorm.bmp, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\ChanceOfStorm.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\ChanceOfStorm_90x90.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\ChanceOfTstorm.bmp, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\ChanceOfTstorm.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\ChanceOfTstorm_60x60.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\ChanceOfTstorm_90x90.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Cloudy.bmp, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Cloudy.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Cloudy_90x90.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Dust.bmp, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Dust.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Dust_60x60.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Dust_90x90.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Fog.bmp, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Fog.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Fog_60x60.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Fog_90x90.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Ice.bmp, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Ice.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Ice_60x60.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Ice_90x90.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\MainIcon.bmp, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\MainIcon.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Misc.bmp, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Misc.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Misc_60x60.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Misc_90x90.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Misty.bmp, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Misty.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Misty_60x60.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Misty_90x90.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\MostlyCloudy.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\MostlyCloudy_60x60.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\MostlyCloudy_90x90.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\MostlySunny.bmp, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\MostlySunny.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\MostlySunny_60x60.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\MostlySunny_90x90.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Rain.bmp, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Rain.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Rain_60x60.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\SevereWeatherAdvisory.bmp, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\SevereWeatherAdvisory.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\SevereWeatherWarning.bmp, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\SevereWeatherWarning.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\SevereWeatherWatch.bmp, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\SevereWeatherWatch.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Showers.bmp, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Showers.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Showers_60x60.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\ChanceOfStorm_60x60.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Cloudy_60x60.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\MostlyCloudy.bmp, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Rain_90x90.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Showers_90x90.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Sleet.bmp, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Sleet.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Sleet_60x60.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Sleet_90x90.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Snow.bmp, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Snow.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Snow_60x60.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Snow_90x90.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Sunny.bmp, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Sunny.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Sunny_60x60.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Sunny_90x90.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Thunderstorm.bmp, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Thunderstorm.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Thunderstorm_60x60.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Thunderstorm_90x90.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Windy.bmp, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Windy.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Windy_60x60.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\images\weather\Windy_90x90.png, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\js\App.js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\js\App.Test.js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\js\Background.js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\js\Settings.js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\Local\MapsGalaxy_39\e437a5256462a30d394f92ef7f9b66af4601a2bd\1.1.2\js\WeatherBlink.js, Quarantined, [e79ef3fc5229c472173da3435da55da3], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Cache\00010A5C.bmp, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Cache\00010AD8.cab, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Cache\0002421E.bmp, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Cache\0005AF80.cab, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Cache\0005B0E7.bmp, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Cache\0005B1D1.cab, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Cache\001D9D19.bmp, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Cache\00AB891F.bmp, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Cache\00AB898C.cab, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Cache\010DBCED, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Cache\010DBE06, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Cache\010DBE83.bmp, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Cache\010DBEB2.bmp, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Cache\010DBF00.bmp, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Cache\010DBF3E.cab, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Cache\010DC17F.bmp, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Cache\010DC1BE.bmp, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Cache\010DC1FC.bmp, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Cache\010DC23A.bmp, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Cache\010DC269.bmp, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Cache\010DC298.cab, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Cache\010DC41E.bmp, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Cache\010DD241.jhtml, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Cache\0128E583.bmp, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Cache\01299996.bmp, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Cache\files.ini, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\History\search3, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Message\COMMON\8_step1.gif, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Message\COMMON\anemone.js, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Message\COMMON\bd_grad.gif, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Message\COMMON\hpguard.js, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Message\COMMON\hpguard1.htm, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Message\COMMON\hpguard2.htm, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Message\COMMON\hpp_ok.png, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Message\COMMON\hpp_x.png, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Message\COMMON\hpp_x2.png, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Message\COMMON\index.htm, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Message\COMMON\mid_dots.gif, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Message\COMMON\mws_logo.gif, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Message\COMMON\protect.htm, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Message\COMMON\rebut4b.htm, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Message\COMMON\shield.png, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Message\COMMON\stop.gif, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Message\COMMON\systrayp.htm, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Message\COMMON\tp_grad.gif, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Settings\prevcfg2.htm, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Settings\setting3.htm, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Settings\setting3.htm.bak, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Settings\s_w1.dat, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Settings\s_w1.dat.bak, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Settings\s_w2.dat, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\bar\Settings\s_w2.dat.bak, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\MapsGalaxy_39\Cache\PopupProperties210250880.html, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\MapsGalaxy_39\Cache\PopupProperties210250891.html, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

PUP.Optional.MindSpark.A, C:\Users\Sacred Heart\AppData\LocalLow\MapsGalaxy_39\MapsGalaxy_39\Cache\Radio.html, Quarantined, [88fd99565823ef4738bd9e4fd230fa06], 

Trojan.Siredef.C, C:\$Recycle.Bin\S-1-5-18\$e832065498a1fb1692b97b2bda927d12\U\00000004.@, Quarantined, [671e46a9cfac2d09c13223dd4ab6817f], 

Trojan.Siredef.C, C:\$Recycle.Bin\S-1-5-18\$e832065498a1fb1692b97b2bda927d12\U\00000008.@, Quarantined, [671e46a9cfac2d09c13223dd4ab6817f], 

Trojan.Siredef.C, C:\$Recycle.Bin\S-1-5-18\$e832065498a1fb1692b97b2bda927d12\U\000000cb.@, Quarantined, [671e46a9cfac2d09c13223dd4ab6817f], 

Trojan.Siredef.C, C:\$Recycle.Bin\S-1-5-18\$e832065498a1fb1692b97b2bda927d12\U\80000000.@, Quarantined, [671e46a9cfac2d09c13223dd4ab6817f], 

Trojan.Siredef.C, C:\$Recycle.Bin\S-1-5-18\$e832065498a1fb1692b97b2bda927d12\U\80000032.@, Quarantined, [671e46a9cfac2d09c13223dd4ab6817f], 

Trojan.Siredef.C, C:\$Recycle.Bin\S-1-5-18\$e832065498a1fb1692b97b2bda927d12\U\80000064.@, Quarantined, [671e46a9cfac2d09c13223dd4ab6817f], 

Trojan.Siredef.C, C:\$Recycle.Bin\S-1-5-18\$e832065498a1fb1692b97b2bda927d12\L\00000004.@, Quarantined, [a4e19c534f2c20167382bc44e8183dc3], 

Trojan.Siredef.C, C:\$Recycle.Bin\S-1-5-18\$e832065498a1fb1692b97b2bda927d12\L\201d3dde, Quarantined, [a4e19c534f2c20167382bc44e8183dc3], 

Trojan.Siredef.C, C:\$Recycle.Bin\S-1-5-18\$e832065498a1fb1692b97b2bda927d12\L\76603ac3, Quarantined, [a4e19c534f2c20167382bc44e8183dc3], 

 

Physical Sectors: 0

(No malicious items detected)

 

 

(end)

Link to post
Share on other sites


08:35:29.0063 0x1254  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58

08:35:34.0087 0x1254  ============================================================

08:35:34.0087 0x1254  Current date / time: 2014/09/28 08:35:34.0087

08:35:34.0087 0x1254  SystemInfo:

08:35:34.0087 0x1254  

08:35:34.0087 0x1254  OS Version: 6.1.7601 ServicePack: 1.0

08:35:34.0087 0x1254  Product type: Workstation

08:35:34.0087 0x1254  ComputerName: SACREDHEART-PC

08:35:34.0087 0x1254  UserName: Sacred Heart

08:35:34.0087 0x1254  Windows directory: C:\Windows

08:35:34.0087 0x1254  System windows directory: C:\Windows

08:35:34.0087 0x1254  Running under WOW64

08:35:34.0087 0x1254  Processor architecture: Intel x64

08:35:34.0087 0x1254  Number of processors: 2

08:35:34.0087 0x1254  Page size: 0x1000

08:35:34.0087 0x1254  Boot type: Normal boot

08:35:34.0087 0x1254  ============================================================

08:35:35.0054 0x1254  KLMD registered as C:\Windows\system32\drivers\16559532.sys

08:35:35.0397 0x1254  System UUID: {B6358ACF-C888-981D-34CF-60BE519AA663}

08:35:36.0037 0x1254  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x700FC, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000040

08:35:36.0037 0x1254  Drive \Device\Harddisk1\DR1 - Size: 0x3BA300000 ( 14.91 Gb ), SectorSize: 0x200, Cylinders: 0x79A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

08:35:36.0052 0x1254  ============================================================

08:35:36.0052 0x1254  \Device\Harddisk0\DR0:

08:35:36.0052 0x1254  MBR partitions:

08:35:36.0052 0x1254  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

08:35:36.0052 0x1254  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3201

08:35:36.0052 0x1254  \Device\Harddisk1\DR1:

08:35:36.0052 0x1254  MBR partitions:

08:35:36.0052 0x1254  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x1DD06DB

08:35:36.0052 0x1254  ============================================================

08:35:36.0083 0x1254  C: <-> \Device\Harddisk0\DR0\Partition2

08:35:36.0083 0x1254  ============================================================

08:35:36.0083 0x1254  Initialize success

08:35:36.0083 0x1254  ============================================================

08:35:58.0875 0x03cc  ============================================================

08:35:58.0875 0x03cc  Scan started

08:35:58.0875 0x03cc  Mode: Manual; SigCheck; TDLFS; 

08:35:58.0875 0x03cc  ============================================================

08:35:58.0875 0x03cc  KSN ping started

08:35:58.0953 0x03cc  KSN ping finished: false

08:35:59.0374 0x03cc  ================ Scan system memory ========================

08:35:59.0374 0x03cc  System memory - ok

08:35:59.0374 0x03cc  ================ Scan services =============================

08:35:59.0561 0x03cc  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys

08:35:59.0702 0x03cc  1394ohci - ok

08:35:59.0764 0x03cc  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys

08:35:59.0795 0x03cc  ACPI - ok

08:35:59.0811 0x03cc  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys

08:35:59.0905 0x03cc  AcpiPmi - ok

08:36:00.0014 0x03cc  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

08:36:00.0061 0x03cc  AdobeARMservice - ok

08:36:00.0170 0x03cc  [ 6C40D5ED8951AB7B90D08AF655224EE4, 6603CD10A35EB9B13F77F767A729A0C97665252C51CEBD96C551DFAA3B22DDE9 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

08:36:00.0201 0x03cc  AdobeFlashPlayerUpdateSvc - ok

08:36:00.0263 0x03cc  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys

08:36:00.0295 0x03cc  adp94xx - ok

08:36:00.0341 0x03cc  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys

08:36:00.0373 0x03cc  adpahci - ok

08:36:00.0388 0x03cc  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys

08:36:00.0404 0x03cc  adpu320 - ok

08:36:00.0466 0x03cc  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll

08:36:00.0622 0x03cc  AeLookupSvc - ok

08:36:00.0669 0x03cc  [ 1C7857B62DE5994A75B054A9FD4C3825, 83F963D7E636532B1AD30B1E727EC429317CA540F6EB3BB268FCC0B163B67767 ] AFD             C:\Windows\system32\drivers\afd.sys

08:36:00.0763 0x03cc  AFD - ok

08:36:00.0809 0x03cc  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys

08:36:00.0841 0x03cc  agp440 - ok

08:36:00.0856 0x03cc  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe

08:36:00.0919 0x03cc  ALG - ok

08:36:00.0950 0x03cc  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys

08:36:00.0950 0x03cc  aliide - ok

08:36:00.0997 0x03cc  [ B3B263B419FC9E7B1D41E61FDAE45BD9, AB4BA2472BB56B4BEB8B18D95B9F44BBF0B7FBF3C3914F5549CD24C5E4428664 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe

08:36:01.0075 0x03cc  AMD External Events Utility - ok

08:36:01.0153 0x03cc  AMD FUEL Service - ok

08:36:01.0153 0x03cc  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys

08:36:01.0184 0x03cc  amdide - ok

08:36:01.0215 0x03cc  [ 6A2EEB0C4133B20773BB3DD0B7B377B4, E4CB35C6937C70A145A13E5AE5B34A271B49101DA623171ACBFDA8601E5A70EA ] amdiox64        C:\Windows\system32\DRIVERS\amdiox64.sys

08:36:01.0262 0x03cc  amdiox64 - ok

08:36:01.0277 0x03cc  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys

08:36:01.0355 0x03cc  AmdK8 - ok

08:36:01.0699 0x03cc  [ 9A6E9363F7A5E5A06629D9DDC76EE6B5, F97553FF6D79CDA5A1B445E4A8F8799D9F5EE8BF31B11869DE0294C562845F7E ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys

08:36:02.0120 0x03cc  amdkmdag - ok

08:36:02.0182 0x03cc  [ 957A4C13E1981B1701E600EF1E823C68, F8760C09F09F347D607FBE8A4F67E8B35CB82B5168954B04E8EB10B73412A609 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys

08:36:02.0229 0x03cc  amdkmdap - ok

08:36:02.0260 0x03cc  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys

08:36:02.0291 0x03cc  AmdPPM - ok

08:36:02.0369 0x03cc  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys

08:36:02.0401 0x03cc  amdsata - ok

08:36:02.0463 0x03cc  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys

08:36:02.0494 0x03cc  amdsbs - ok

08:36:02.0494 0x03cc  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys

08:36:02.0510 0x03cc  amdxata - ok

08:36:02.0541 0x03cc  [ EE4797DFEBBE8ACDB548DD8E80BE0A88, 9D56F835A5A9C045829EDFB546379E3448C9E539E5C2608B559DE4D052FEC769 ] amd_sata        C:\Windows\system32\DRIVERS\amd_sata.sys

08:36:02.0557 0x03cc  amd_sata - ok

08:36:02.0572 0x03cc  [ D56EAD71A86FD2ACAE2DB47D0A6A3A41, 2E5E6D0E00D25765CC8B9997B26DE43F305966BFA518CB72EA7CA77152001726 ] amd_xata        C:\Windows\system32\DRIVERS\amd_xata.sys

08:36:02.0588 0x03cc  amd_xata - ok

08:36:02.0619 0x03cc  [ 5B25D1A753CC3A3EDB909BB759AC1098, 1B931342D8D36C8D177D6D9BFFFD8CDC0C6E6F82BA552DC8E5CDC1CAF528D0B0 ] AODDriver4.1    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys

08:36:02.0635 0x03cc  AODDriver4.1 - ok

08:36:02.0681 0x03cc  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys

08:36:02.0853 0x03cc  AppID - ok

08:36:02.0884 0x03cc  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll

08:36:02.0947 0x03cc  AppIDSvc - ok

08:36:02.0978 0x03cc  [ 3977D4A871CA0D4F2ED1E7DB46829731, 2AF1C3225994769C3FD25CD7E9603964B035576F25B0B6D91545566E0722FFAA ] Appinfo         C:\Windows\System32\appinfo.dll

08:36:03.0040 0x03cc  Appinfo - ok

08:36:03.0103 0x03cc  [ F401929EE0CC92BFE7F15161CA535383, 61E1C0630B8BBC65C51121D5DC7F095C59B475F39BB7B0DC68133EF7D9D0A29D ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

08:36:03.0134 0x03cc  Apple Mobile Device - ok

08:36:03.0196 0x03cc  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys

08:36:03.0212 0x03cc  arc - ok

08:36:03.0259 0x03cc  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys

08:36:03.0290 0x03cc  arcsas - ok

08:36:03.0352 0x03cc  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys

08:36:03.0446 0x03cc  AsyncMac - ok

08:36:03.0493 0x03cc  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys

08:36:03.0508 0x03cc  atapi - ok

08:36:03.0586 0x03cc  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

08:36:03.0711 0x03cc  AudioEndpointBuilder - ok

08:36:03.0742 0x03cc  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll

08:36:03.0789 0x03cc  AudioSrv - ok

08:36:04.0007 0x03cc  [ B2B3FCBA37671C853879DF7DDE8A839A, B4EF6EA7CC2ED7DE545622CFA7000C9CB29B3886BDEC8AD41554417B4D472AC5 ] AVP             C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe

08:36:04.0039 0x03cc  AVP - ok

08:36:04.0085 0x03cc  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll

08:36:04.0132 0x03cc  AxInstSV - ok

08:36:04.0195 0x03cc  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys

08:36:04.0226 0x03cc  b06bdrv - ok

08:36:04.0273 0x03cc  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys

08:36:04.0319 0x03cc  b57nd60a - ok

08:36:04.0366 0x03cc  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll

08:36:04.0413 0x03cc  BDESVC - ok

08:36:04.0444 0x03cc  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys

08:36:04.0491 0x03cc  Beep - ok

08:36:04.0553 0x03cc  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll

08:36:04.0616 0x03cc  BFE - ok

08:36:04.0741 0x03cc  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll

08:36:04.0803 0x03cc  BITS - ok

08:36:04.0850 0x03cc  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys

08:36:04.0881 0x03cc  blbdrive - ok

08:36:04.0975 0x03cc  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

08:36:05.0006 0x03cc  Bonjour Service - ok

08:36:05.0037 0x03cc  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys

08:36:05.0068 0x03cc  bowser - ok

08:36:05.0099 0x03cc  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys

08:36:05.0162 0x03cc  BrFiltLo - ok

08:36:05.0177 0x03cc  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys

08:36:05.0209 0x03cc  BrFiltUp - ok

08:36:05.0224 0x03cc  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll

08:36:05.0255 0x03cc  Browser - ok

08:36:05.0302 0x03cc  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys

08:36:05.0333 0x03cc  Brserid - ok

08:36:05.0365 0x03cc  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys

08:36:05.0380 0x03cc  BrSerWdm - ok

08:36:05.0396 0x03cc  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys

08:36:05.0411 0x03cc  BrUsbMdm - ok

08:36:05.0427 0x03cc  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys

08:36:05.0458 0x03cc  BrUsbSer - ok

08:36:05.0505 0x03cc  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys

08:36:05.0536 0x03cc  BTHMODEM - ok

08:36:05.0599 0x03cc  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll

08:36:05.0708 0x03cc  bthserv - ok

08:36:05.0770 0x03cc  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys

08:36:05.0848 0x03cc  cdfs - ok

08:36:05.0895 0x03cc  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys

08:36:05.0911 0x03cc  cdrom - ok

08:36:05.0957 0x03cc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll

08:36:05.0989 0x03cc  CertPropSvc - ok

08:36:06.0020 0x03cc  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys

08:36:06.0051 0x03cc  circlass - ok

08:36:06.0082 0x03cc  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys

08:36:06.0098 0x03cc  CLFS - ok

08:36:06.0160 0x03cc  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

08:36:06.0160 0x03cc  clr_optimization_v2.0.50727_32 - ok

08:36:06.0207 0x03cc  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

08:36:06.0223 0x03cc  clr_optimization_v2.0.50727_64 - ok

08:36:06.0332 0x03cc  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

08:36:06.0410 0x03cc  clr_optimization_v4.0.30319_32 - ok

08:36:06.0441 0x03cc  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

08:36:06.0457 0x03cc  clr_optimization_v4.0.30319_64 - ok

08:36:06.0503 0x03cc  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys

08:36:06.0535 0x03cc  CmBatt - ok

08:36:06.0581 0x03cc  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys

08:36:06.0581 0x03cc  cmdide - ok

08:36:06.0613 0x03cc  [ 9AC4F97C2D3E93367E2148EA940CD2CD, 530E089E5CF868AECDB2B5548EBE76E0CA98FC74A72897292AB2485734402E3B ] CNG             C:\Windows\system32\Drivers\cng.sys

08:36:06.0659 0x03cc  CNG - ok

08:36:06.0675 0x03cc  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys

08:36:06.0691 0x03cc  Compbatt - ok

08:36:06.0722 0x03cc  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys

08:36:06.0753 0x03cc  CompositeBus - ok

08:36:06.0769 0x03cc  COMSysApp - ok

08:36:06.0800 0x03cc  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys

08:36:06.0815 0x03cc  crcdisk - ok

08:36:06.0831 0x03cc  [ 9C01375BE382E834CC26D1B7EAF2C4FE, B1D1E36B91A3C3CD09428EE3403896F71390A2798323BB406B484D9DB064A219 ] CryptSvc        C:\Windows\system32\cryptsvc.dll

08:36:06.0878 0x03cc  CryptSvc - ok

08:36:07.0049 0x03cc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll

08:36:07.0127 0x03cc  DcomLaunch - ok

08:36:07.0190 0x03cc  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll

08:36:07.0283 0x03cc  defragsvc - ok

08:36:07.0346 0x03cc  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys

08:36:07.0424 0x03cc  DfsC - ok

08:36:07.0471 0x03cc  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll

08:36:07.0502 0x03cc  Dhcp - ok

08:36:07.0549 0x03cc  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys

08:36:07.0627 0x03cc  discache - ok

08:36:07.0642 0x03cc  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys

08:36:07.0658 0x03cc  Disk - ok

08:36:07.0689 0x03cc  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll

08:36:07.0720 0x03cc  Dnscache - ok

08:36:07.0783 0x03cc  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll

08:36:07.0829 0x03cc  dot3svc - ok

08:36:07.0876 0x03cc  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll

08:36:07.0907 0x03cc  DPS - ok

08:36:07.0954 0x03cc  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys

08:36:07.0970 0x03cc  drmkaud - ok

08:36:08.0001 0x03cc  [ F5BEE30450E18E6B83A5012C100616FD, 44D0577D159FC2BDF4EAD1DC2C7FD14925D075225EF97608CAC52DEE405B08FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys

08:36:08.0048 0x03cc  DXGKrnl - ok

08:36:08.0079 0x03cc  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll

08:36:08.0126 0x03cc  EapHost - ok

08:36:08.0266 0x03cc  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys

08:36:08.0407 0x03cc  ebdrv - ok

08:36:08.0469 0x03cc  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] EFS             C:\Windows\System32\lsass.exe

08:36:08.0500 0x03cc  EFS - ok

08:36:08.0609 0x03cc  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe

08:36:08.0672 0x03cc  ehRecvr - ok

08:36:08.0703 0x03cc  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe

08:36:08.0750 0x03cc  ehSched - ok

08:36:08.0843 0x03cc  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys

08:36:08.0875 0x03cc  elxstor - ok

08:36:08.0890 0x03cc  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys

08:36:08.0906 0x03cc  ErrDev - ok

08:36:08.0968 0x03cc  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll

08:36:09.0031 0x03cc  EventSystem - ok

08:36:09.0077 0x03cc  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys

08:36:09.0140 0x03cc  exfat - ok

08:36:09.0171 0x03cc  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys

08:36:09.0218 0x03cc  fastfat - ok

08:36:09.0296 0x03cc  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe

08:36:09.0374 0x03cc  Fax - ok

08:36:09.0405 0x03cc  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys

08:36:09.0452 0x03cc  fdc - ok

08:36:09.0483 0x03cc  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll

08:36:09.0545 0x03cc  fdPHost - ok

08:36:09.0577 0x03cc  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll

08:36:09.0608 0x03cc  FDResPub - ok

08:36:09.0623 0x03cc  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys

08:36:09.0639 0x03cc  FileInfo - ok

08:36:09.0655 0x03cc  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys

08:36:09.0701 0x03cc  Filetrace - ok

08:36:09.0748 0x03cc  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys

08:36:09.0764 0x03cc  flpydisk - ok

08:36:09.0795 0x03cc  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys

08:36:09.0826 0x03cc  FltMgr - ok

08:36:09.0920 0x03cc  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll

08:36:09.0998 0x03cc  FontCache - ok

08:36:10.0045 0x03cc  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

08:36:10.0076 0x03cc  FontCache3.0.0.0 - ok

08:36:10.0076 0x03cc  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys

08:36:10.0091 0x03cc  FsDepends - ok

08:36:10.0123 0x03cc  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys

08:36:10.0138 0x03cc  Fs_Rec - ok

08:36:10.0169 0x03cc  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys

08:36:10.0185 0x03cc  fvevol - ok

08:36:10.0201 0x03cc  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys

08:36:10.0216 0x03cc  gagp30kx - ok

08:36:10.0232 0x03cc  [ E403AACF8C7BB11375122D2464560311, 0427B8FFD999D256EA1A5135F218692959A7577CB32354D3087CF0FB4F0577DF ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

08:36:10.0247 0x03cc  GEARAspiWDM - ok

08:36:10.0310 0x03cc  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll

08:36:10.0388 0x03cc  gpsvc - ok

08:36:10.0481 0x03cc  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

08:36:10.0497 0x03cc  gusvc - ok

08:36:10.0544 0x03cc  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys

08:36:10.0575 0x03cc  hcw85cir - ok

08:36:10.0637 0x03cc  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

08:36:10.0669 0x03cc  HdAudAddService - ok

08:36:10.0731 0x03cc  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys

08:36:10.0762 0x03cc  HDAudBus - ok

08:36:10.0793 0x03cc  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys

08:36:10.0840 0x03cc  HidBatt - ok

08:36:10.0871 0x03cc  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys

08:36:10.0903 0x03cc  HidBth - ok

08:36:10.0918 0x03cc  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys

08:36:10.0949 0x03cc  HidIr - ok

08:36:10.0996 0x03cc  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll

08:36:11.0074 0x03cc  hidserv - ok

08:36:11.0121 0x03cc  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys

08:36:11.0137 0x03cc  HidUsb - ok

08:36:11.0168 0x03cc  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll

08:36:11.0199 0x03cc  hkmsvc - ok

08:36:11.0215 0x03cc  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll

08:36:11.0261 0x03cc  HomeGroupListener - ok

08:36:11.0293 0x03cc  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

08:36:11.0339 0x03cc  HomeGroupProvider - ok

08:36:11.0386 0x03cc  [ 0570A17A2E5001B97E20C15B4FC516AE, 6F963EB216B71C0FAFA2AFEB8D78312154AF23AC6C54C5E411F77B7B4C60DC9D ] HP1210FAX       C:\Windows\system32\Drivers\HPM1210FAX.sys

08:36:11.0402 0x03cc  HP1210FAX - ok

08:36:11.0480 0x03cc  [ F8F686D62121549377D9E1CDF6BC3441, CE4F2C31A35ED0679D0D21529782C3A2B10C5B929F539C35157351B3B50179E3 ] HPM1210RcvFaxSrvc C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe

08:36:11.0511 0x03cc  HPM1210RcvFaxSrvc - ok

08:36:11.0527 0x03cc  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys

08:36:11.0542 0x03cc  HpSAMD - ok

08:36:11.0558 0x03cc  [ 4E9CAE3200A46135DE01CE22BAF832BE, 722A14BEB3FC6BBD5700CE6901FA0C47305ED61FFB0E9604C369BC9366B1E16C ] HPSIService     C:\Windows\system32\HPSIsvc.exe

08:36:11.0573 0x03cc  HPSIService - ok

08:36:11.0651 0x03cc  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys

08:36:11.0714 0x03cc  HTTP - ok

08:36:11.0714 0x03cc  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys

08:36:11.0729 0x03cc  hwpolicy - ok

08:36:11.0776 0x03cc  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys

08:36:11.0792 0x03cc  i8042prt - ok

08:36:11.0823 0x03cc  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys

08:36:11.0854 0x03cc  iaStorV - ok

08:36:12.0026 0x03cc  [ ABEFA4BD23329FD9BD47496BF2E58774, 9689D4C6380735EE1CC7F480696CDDC229E0FA511942AC813314D353584D82DD ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe

08:36:12.0104 0x03cc  IconMan_R - detected UnsignedFile.Multi.Generic ( 1 )

08:36:12.0182 0x03cc  IconMan_R ( UnsignedFile.Multi.Generic ) - warning

08:36:12.0244 0x03cc  [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe

08:36:12.0275 0x03cc  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )

08:36:12.0275 0x03cc  IDriverT ( UnsignedFile.Multi.Generic ) - warning

08:36:12.0385 0x03cc  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

08:36:12.0416 0x03cc  idsvc - ok

08:36:12.0431 0x03cc  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys

08:36:12.0447 0x03cc  iirsp - ok

08:36:12.0556 0x03cc  [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT          C:\Windows\System32\ikeext.dll

08:36:12.0634 0x03cc  IKEEXT - ok

08:36:12.0650 0x03cc  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys

08:36:12.0665 0x03cc  intelide - ok

08:36:12.0697 0x03cc  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys

08:36:12.0728 0x03cc  intelppm - ok

08:36:12.0775 0x03cc  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll

08:36:12.0837 0x03cc  IPBusEnum - ok

08:36:12.0868 0x03cc  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys

08:36:12.0931 0x03cc  IpFilterDriver - ok

08:36:13.0024 0x03cc  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll

08:36:13.0071 0x03cc  iphlpsvc - ok

08:36:13.0087 0x03cc  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys

08:36:13.0118 0x03cc  IPMIDRV - ok

08:36:13.0180 0x03cc  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys

08:36:13.0258 0x03cc  IPNAT - ok

08:36:13.0336 0x03cc  [ A9AB99EE7D39725EAFEC82732D2B3271, 962F231608C36BA0B2EAE5981BB9BAC85B6CAA3A5F656D786B97D9B421A831A6 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe

08:36:13.0367 0x03cc  iPod Service - ok

08:36:13.0399 0x03cc  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys

08:36:13.0430 0x03cc  IRENUM - ok

08:36:13.0461 0x03cc  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys

08:36:13.0477 0x03cc  isapnp - ok

08:36:13.0508 0x03cc  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys

08:36:13.0523 0x03cc  iScsiPrt - ok

08:36:13.0555 0x03cc  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys

08:36:13.0555 0x03cc  kbdclass - ok

08:36:13.0601 0x03cc  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys

08:36:13.0664 0x03cc  kbdhid - ok

08:36:13.0695 0x03cc  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] KeyIso          C:\Windows\system32\lsass.exe

08:36:13.0711 0x03cc  KeyIso - ok

08:36:13.0742 0x03cc  [ 97A7070AEA4C058B6418519E869A63B4, 15345C2D6CA159BD498002974A0BD21CAB611124D85E3320248B47652AEF23C8 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys

08:36:13.0757 0x03cc  KSecDD - ok

08:36:13.0773 0x03cc  [ 26C43A7C2862447EC59DEDA188D1DA07, 5363BF87E650FE2010ACA9417D6920FF4ED752256FF47732882E9B2BA1ED154B ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys

08:36:13.0789 0x03cc  KSecPkg - ok

08:36:13.0789 0x03cc  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys

08:36:13.0820 0x03cc  ksthunk - ok

08:36:13.0898 0x03cc  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll

08:36:13.0976 0x03cc  KtmRm - ok

08:36:14.0023 0x03cc  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll

08:36:14.0085 0x03cc  LanmanServer - ok

08:36:14.0116 0x03cc  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

08:36:14.0163 0x03cc  LanmanWorkstation - ok

08:36:14.0210 0x03cc  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys

08:36:14.0288 0x03cc  lltdio - ok

08:36:14.0303 0x03cc  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll

08:36:14.0366 0x03cc  lltdsvc - ok

08:36:14.0397 0x03cc  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll

08:36:14.0444 0x03cc  lmhosts - ok

08:36:14.0491 0x03cc  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys

08:36:14.0522 0x03cc  LSI_FC - ok

08:36:14.0553 0x03cc  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys

08:36:14.0569 0x03cc  LSI_SAS - ok

08:36:14.0600 0x03cc  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys

08:36:14.0600 0x03cc  LSI_SAS2 - ok

08:36:14.0615 0x03cc  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys

08:36:14.0631 0x03cc  LSI_SCSI - ok

08:36:14.0647 0x03cc  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys

08:36:14.0693 0x03cc  luafv - ok

08:36:14.0740 0x03cc  [ F92B0E478C0FAA6D6661E6E977247E60, 8B26B57C2C60C98CD6273ACA126B2CD0356ADB13A59FEC12882357A6B973123C ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys

08:36:14.0756 0x03cc  MBAMProtector - ok

08:36:14.0881 0x03cc  [ D84AEA3F3329D622DFC1297DDDF6163B, 316FE56CC30ED1473A917253F46B79EAA12F4ABD5B4B1ADB03929DFEE940F577 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

08:36:14.0943 0x03cc  MBAMScheduler - ok

08:36:14.0990 0x03cc  [ 4F45ED469906494F9BF754E476390DBD, D8FF6AFD73D8C191F5732DF9737E6F83B2B52B06A3A6CD4CC6EAC9464CBB2772 ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

08:36:15.0021 0x03cc  MBAMService - ok

08:36:15.0068 0x03cc  [ 8A50D5304E6AE48664CF5838EC32F647, C76943FABEE1B5E1B641AA610668CCD4227E2C4B191DD30B79D3AB31A9E8B5BE ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys

08:36:15.0068 0x03cc  MBAMSwissArmy - ok

08:36:15.0115 0x03cc  [ 15E8ABC06843672955CE26A009533BAD, E7221B7DE9DB45447C68E79C6BFD064713C5974F7E79925BD7DEEF71F73F3E83 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys

08:36:15.0130 0x03cc  MBAMWebAccessControl - ok

08:36:15.0161 0x03cc  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll

08:36:15.0224 0x03cc  Mcx2Svc - ok

08:36:15.0255 0x03cc  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys

08:36:15.0271 0x03cc  megasas - ok

08:36:15.0380 0x03cc  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys

08:36:15.0395 0x03cc  MegaSR - ok

08:36:15.0442 0x03cc  Microsoft SharePoint Workspace Audit Service - ok

08:36:15.0536 0x03cc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll

08:36:15.0598 0x03cc  MMCSS - ok

08:36:15.0645 0x03cc  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys

08:36:15.0692 0x03cc  Modem - ok

08:36:15.0723 0x03cc  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys

08:36:15.0770 0x03cc  monitor - ok

08:36:15.0801 0x03cc  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys

08:36:15.0817 0x03cc  mouclass - ok

08:36:15.0832 0x03cc  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys

08:36:15.0863 0x03cc  mouhid - ok

08:36:15.0926 0x03cc  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys

08:36:15.0957 0x03cc  mountmgr - ok

08:36:15.0973 0x03cc  [ 46297FA8E30A6007F14118FC2B942FBC, 40785B7121DBFA411EA922ECF6008BA4A94BC742662E271BFD6B31288ECC1BA4 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

08:36:15.0988 0x03cc  MozillaMaintenance - ok

08:36:16.0004 0x03cc  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys

08:36:16.0019 0x03cc  mpio - ok

08:36:16.0035 0x03cc  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys

08:36:16.0097 0x03cc  mpsdrv - ok

08:36:16.0222 0x03cc  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll

08:36:16.0269 0x03cc  MpsSvc - ok

08:36:16.0285 0x03cc  [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys

08:36:16.0331 0x03cc  MRxDAV - ok

08:36:16.0363 0x03cc  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys

08:36:16.0441 0x03cc  mrxsmb - ok

08:36:16.0472 0x03cc  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys

08:36:16.0503 0x03cc  mrxsmb10 - ok

08:36:16.0519 0x03cc  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys

08:36:16.0550 0x03cc  mrxsmb20 - ok

08:36:16.0597 0x03cc  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys

08:36:16.0597 0x03cc  msahci - ok

08:36:16.0612 0x03cc  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys

08:36:16.0628 0x03cc  msdsm - ok

08:36:16.0643 0x03cc  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe

08:36:16.0659 0x03cc  MSDTC - ok

08:36:16.0690 0x03cc  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys

08:36:16.0737 0x03cc  Msfs - ok

08:36:16.0768 0x03cc  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys

08:36:16.0831 0x03cc  mshidkmdf - ok

08:36:16.0877 0x03cc  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys

08:36:16.0877 0x03cc  msisadrv - ok

08:36:16.0940 0x03cc  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll

08:36:17.0018 0x03cc  MSiSCSI - ok

08:36:17.0018 0x03cc  msiserver - ok

08:36:17.0065 0x03cc  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys

08:36:17.0111 0x03cc  MSKSSRV - ok

08:36:17.0127 0x03cc  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys

08:36:17.0158 0x03cc  MSPCLOCK - ok

08:36:17.0174 0x03cc  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys

08:36:17.0221 0x03cc  MSPQM - ok

08:36:17.0267 0x03cc  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys

08:36:17.0299 0x03cc  MsRPC - ok

08:36:17.0314 0x03cc  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys

08:36:17.0314 0x03cc  mssmbios - ok

08:36:17.0330 0x03cc  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys

08:36:17.0377 0x03cc  MSTEE - ok

08:36:17.0408 0x03cc  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys

08:36:17.0439 0x03cc  MTConfig - ok

08:36:17.0486 0x03cc  [ 03B7145C889603537E9FFEABB1AD1089, B3CD93B893D4A2370CBF382366C6F596372857F8711EF6FFF83BFE2B449F424E ] MTsensor        C:\Windows\system32\drivers\ASACPI.sys

08:36:17.0533 0x03cc  MTsensor - ok

08:36:17.0579 0x03cc  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys

08:36:17.0611 0x03cc  Mup - ok

08:36:17.0642 0x03cc  [ 09818558C2579B45D78AB18A759B0CA8, 3A4A01004A75D7C768ADB388EADE875841A8E40C81997880E602D8881BB0F8F5 ] mvusbews        C:\Windows\system32\Drivers\mvusbews.sys

08:36:17.0657 0x03cc  mvusbews - ok

08:36:17.0720 0x03cc  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll

08:36:17.0798 0x03cc  napagent - ok

08:36:17.0860 0x03cc  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys

 

Link to post
Share on other sites

08:36:17.0907 0x03cc  NativeWifiP - ok

08:36:18.0001 0x03cc  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys

08:36:18.0047 0x03cc  NDIS - ok

08:36:18.0079 0x03cc  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys

08:36:18.0141 0x03cc  NdisCap - ok

08:36:18.0172 0x03cc  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys

08:36:18.0235 0x03cc  NdisTapi - ok

08:36:18.0266 0x03cc  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys

08:36:18.0313 0x03cc  Ndisuio - ok

08:36:18.0344 0x03cc  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys

08:36:18.0406 0x03cc  NdisWan - ok

08:36:18.0453 0x03cc  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys

08:36:18.0500 0x03cc  NDProxy - ok

08:36:18.0515 0x03cc  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys

08:36:18.0547 0x03cc  NetBIOS - ok

08:36:18.0562 0x03cc  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys

08:36:18.0609 0x03cc  NetBT - ok

08:36:18.0640 0x03cc  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] Netlogon        C:\Windows\system32\lsass.exe

08:36:18.0640 0x03cc  Netlogon - ok

08:36:18.0703 0x03cc  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll

08:36:18.0765 0x03cc  Netman - ok

08:36:18.0781 0x03cc  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll

08:36:18.0827 0x03cc  netprofm - ok

08:36:18.0905 0x03cc  [ EED1FBDE98CF5F6D5C0C5B27AB1F68EC, E006494890D8BDB131C10176EB554DF325481F6BC9DF543FD9F82C8DCF389487 ] netr28ux        C:\Windows\system32\DRIVERS\netr28ux.sys

08:36:18.0968 0x03cc  netr28ux - ok

08:36:19.0093 0x03cc  [ 3B7DE4C730202F6F5B0CB202990AA6EF, 468A3E1C76120624951CC626FE8EC4189C6B7A39584F58DDE9A92490D35C55B5 ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys

08:36:19.0171 0x03cc  netr28x - ok

08:36:19.0186 0x03cc  [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

08:36:19.0202 0x03cc  NetTcpPortSharing - ok

08:36:19.0217 0x03cc  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys

08:36:19.0217 0x03cc  nfrd960 - ok

08:36:19.0249 0x03cc  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll

08:36:19.0264 0x03cc  NlaSvc - ok

08:36:19.0280 0x03cc  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys

08:36:19.0311 0x03cc  Npfs - ok

08:36:19.0342 0x03cc  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll

08:36:19.0389 0x03cc  nsi - ok

08:36:19.0420 0x03cc  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys

08:36:19.0467 0x03cc  nsiproxy - ok

08:36:19.0545 0x03cc  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys

08:36:19.0623 0x03cc  Ntfs - ok

08:36:19.0654 0x03cc  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys

08:36:19.0685 0x03cc  Null - ok

08:36:20.0044 0x03cc  [ DD81FBC57AB9134CDDC5CE90880BFD80, 16DF4D9645238D1014FA9189FF171DCF7B7C7573F759B5AC73025518139D86B1 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys

08:36:20.0465 0x03cc  nvlddmkm - ok

08:36:20.0543 0x03cc  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys

08:36:20.0575 0x03cc  nvraid - ok

08:36:20.0637 0x03cc  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys

08:36:20.0668 0x03cc  nvstor - ok

08:36:20.0699 0x03cc  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys

08:36:20.0715 0x03cc  nv_agp - ok

08:36:20.0746 0x03cc  [ 1E65CFD59DDFA8166D2174DC3E6D4AAE, 739287F30E7E2DACA84F41B19272FC2AA5A175CDE655E8262FEE127983CBC6AF ] NWVoltron       C:\Windows\system32\DRIVERS\NWVoltron.sys

08:36:20.0762 0x03cc  NWVoltron - ok

08:36:20.0777 0x03cc  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys

08:36:20.0824 0x03cc  ohci1394 - ok

08:36:20.0902 0x03cc  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

08:36:20.0933 0x03cc  ose - ok

08:36:21.0136 0x03cc  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

08:36:21.0261 0x03cc  osppsvc - ok

08:36:21.0308 0x03cc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll

08:36:21.0339 0x03cc  p2pimsvc - ok

08:36:21.0386 0x03cc  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll

08:36:21.0401 0x03cc  p2psvc - ok

08:36:21.0448 0x03cc  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys

08:36:21.0464 0x03cc  Parport - ok

08:36:21.0479 0x03cc  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys

08:36:21.0479 0x03cc  partmgr - ok

08:36:21.0511 0x03cc  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll

08:36:21.0542 0x03cc  PcaSvc - ok

08:36:21.0573 0x03cc  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys

08:36:21.0589 0x03cc  pci - ok

08:36:21.0620 0x03cc  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys

08:36:21.0620 0x03cc  pciide - ok

08:36:21.0651 0x03cc  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys

08:36:21.0667 0x03cc  pcmcia - ok

08:36:21.0682 0x03cc  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys

08:36:21.0698 0x03cc  pcw - ok

08:36:21.0729 0x03cc  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys

08:36:21.0791 0x03cc  PEAUTH - ok

08:36:21.0869 0x03cc  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe

08:36:21.0916 0x03cc  PerfHost - ok

08:36:22.0088 0x03cc  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll

08:36:22.0197 0x03cc  pla - ok

08:36:22.0259 0x03cc  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll

08:36:22.0291 0x03cc  PlugPlay - ok

08:36:22.0337 0x03cc  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll

08:36:22.0353 0x03cc  PNRPAutoReg - ok

08:36:22.0384 0x03cc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll

08:36:22.0400 0x03cc  PNRPsvc - ok

08:36:22.0431 0x03cc  [ 32D374C60778253B81FA76C2FE19E155, 6BD6B360EAC4F9988921281B52B4B1A29DDD287C6DB18688B4CEA5B1B4F22106 ] Point64         C:\Windows\system32\DRIVERS\point64.sys

08:36:22.0447 0x03cc  Point64 - ok

08:36:22.0493 0x03cc  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll

08:36:22.0556 0x03cc  PolicyAgent - ok

08:36:22.0649 0x03cc  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll

08:36:22.0727 0x03cc  Power - ok

08:36:22.0759 0x03cc  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys

08:36:22.0821 0x03cc  PptpMiniport - ok

08:36:22.0837 0x03cc  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys

08:36:22.0868 0x03cc  Processor - ok

08:36:22.0930 0x03cc  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll

08:36:22.0946 0x03cc  ProfSvc - ok

08:36:22.0961 0x03cc  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] ProtectedStorage C:\Windows\system32\lsass.exe

08:36:22.0977 0x03cc  ProtectedStorage - ok

08:36:23.0008 0x03cc  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys

08:36:23.0055 0x03cc  Psched - ok

08:36:23.0086 0x03cc  [ D8589A43B352E7F2317194C98447149F, CFEC6F28FDF946D310133817423FB4FE9C20560B6F89F936913F2C7C9853F4BA ] pwdrvio         C:\Windows\system32\pwdrvio.sys

08:36:23.0117 0x03cc  pwdrvio - ok

08:36:23.0164 0x03cc  [ 4B8FDA635F4D2E7D638B2B3817B5AFC8, 8B72446B02CC1657785E06DD2E5E199F76778433491765BDE57E9F3C59AA4877 ] pwdspio         C:\Windows\system32\pwdspio.sys

08:36:23.0195 0x03cc  pwdspio - ok

08:36:23.0289 0x03cc  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys

08:36:23.0351 0x03cc  ql2300 - ok

08:36:23.0398 0x03cc  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys

08:36:23.0414 0x03cc  ql40xx - ok

08:36:23.0445 0x03cc  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll

08:36:23.0461 0x03cc  QWAVE - ok

08:36:23.0476 0x03cc  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys

08:36:23.0492 0x03cc  QWAVEdrv - ok

08:36:23.0570 0x03cc  [ 4E033A3D13F2D3611A7DF0A60CE090CB, 545AC55E76A122C7303F074A4733F5363E2C758465E80A0DFBC80E6DA7FBAE35 ] RalinkRegistryWriter C:\Program Files (x86)\Ralink\Common\RaRegistry.exe

08:36:23.0632 0x03cc  RalinkRegistryWriter - detected UnsignedFile.Multi.Generic ( 1 )

08:36:23.0632 0x03cc  RalinkRegistryWriter ( UnsignedFile.Multi.Generic ) - warning

08:36:23.0695 0x03cc  [ 1222BD405310F8B39D4EC28691E24F7A, CDE37AB98B924A699A4DB193D92FC17F8A76EFED38558102C1537DC265636292 ] RalinkRegistryWriter64 C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe

08:36:23.0741 0x03cc  RalinkRegistryWriter64 - detected UnsignedFile.Multi.Generic ( 1 )

08:36:23.0741 0x03cc  RalinkRegistryWriter64 ( UnsignedFile.Multi.Generic ) - warning

08:36:23.0851 0x03cc  [ 2EEB382F8335327EC50E00D919050BA2, 7B198E5A659E05ACF761B9B13B076549BA48BD88CAB54A232338058AE0DA1291 ] RaMediaServer   C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe

08:36:23.0944 0x03cc  RaMediaServer - detected UnsignedFile.Multi.Generic ( 1 )

08:36:23.0944 0x03cc  RaMediaServer ( UnsignedFile.Multi.Generic ) - warning

08:36:23.0975 0x03cc  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys

08:36:24.0007 0x03cc  RasAcd - ok

08:36:24.0022 0x03cc  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys

08:36:24.0085 0x03cc  RasAgileVpn - ok

08:36:24.0116 0x03cc  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll

08:36:24.0147 0x03cc  RasAuto - ok

08:36:24.0178 0x03cc  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys

08:36:24.0225 0x03cc  Rasl2tp - ok

08:36:24.0256 0x03cc  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll

08:36:24.0303 0x03cc  RasMan - ok

08:36:24.0319 0x03cc  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys

08:36:24.0350 0x03cc  RasPppoe - ok

08:36:24.0365 0x03cc  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys

08:36:24.0412 0x03cc  RasSstp - ok

08:36:24.0459 0x03cc  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys

08:36:24.0490 0x03cc  rdbss - ok

08:36:24.0521 0x03cc  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys

08:36:24.0553 0x03cc  rdpbus - ok

08:36:24.0599 0x03cc  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys

08:36:24.0662 0x03cc  RDPCDD - ok

08:36:24.0677 0x03cc  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys

08:36:24.0709 0x03cc  RDPENCDD - ok

08:36:24.0755 0x03cc  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys

08:36:24.0787 0x03cc  RDPREFMP - ok

08:36:24.0818 0x03cc  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys

08:36:24.0866 0x03cc  RDPWD - ok

08:36:24.0912 0x03cc  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys

08:36:24.0928 0x03cc  rdyboost - ok

08:36:24.0975 0x03cc  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll

08:36:25.0037 0x03cc  RemoteAccess - ok

08:36:25.0084 0x03cc  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll

08:36:25.0162 0x03cc  RemoteRegistry - ok

08:36:25.0193 0x03cc  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll

08:36:25.0256 0x03cc  RpcEptMapper - ok

08:36:25.0302 0x03cc  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe

08:36:25.0302 0x03cc  RpcLocator - ok

08:36:25.0443 0x03cc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll

08:36:25.0505 0x03cc  RpcSs - ok

08:36:25.0521 0x03cc  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys

08:36:25.0552 0x03cc  rspndr - ok

08:36:25.0599 0x03cc  [ 7291CC1B5ECA448B0B9C15E7E987A6B3, 1A61A4E5105354ABF041989044E97F1DEE356D65D77218F2DF97A4D2337177FD ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys

08:36:25.0630 0x03cc  RSUSBSTOR - ok

08:36:25.0692 0x03cc  [ BAEFEE35D27A5440D35092CE10267BEC, FB550D38C01E07B1170C52C1441874B56DD3BECB10CBE8E132EE3276A05C796E ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys

08:36:25.0724 0x03cc  RTL8167 - ok

08:36:25.0755 0x03cc  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] SamSs           C:\Windows\system32\lsass.exe

08:36:25.0770 0x03cc  SamSs - ok

08:36:25.0786 0x03cc  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys

08:36:25.0802 0x03cc  sbp2port - ok

08:36:25.0833 0x03cc  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll

08:36:25.0895 0x03cc  SCardSvr - ok

08:36:25.0942 0x03cc  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys

08:36:26.0020 0x03cc  scfilter - ok

08:36:26.0098 0x03cc  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll

08:36:26.0223 0x03cc  Schedule - ok

08:36:26.0285 0x03cc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll

08:36:26.0332 0x03cc  SCPolicySvc - ok

08:36:26.0348 0x03cc  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll

08:36:26.0363 0x03cc  SDRSVC - ok

08:36:26.0410 0x03cc  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys

08:36:26.0457 0x03cc  secdrv - ok

08:36:26.0504 0x03cc  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll

08:36:26.0566 0x03cc  seclogon - ok

08:36:26.0597 0x03cc  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll

08:36:26.0660 0x03cc  SENS - ok

08:36:26.0691 0x03cc  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll

08:36:26.0706 0x03cc  SensrSvc - ok

08:36:26.0738 0x03cc  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys

08:36:26.0769 0x03cc  Serenum - ok

08:36:26.0816 0x03cc  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys

08:36:26.0878 0x03cc  Serial - ok

08:36:26.0909 0x03cc  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys

08:36:26.0940 0x03cc  sermouse - ok

08:36:27.0003 0x03cc  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll

08:36:27.0065 0x03cc  SessionEnv - ok

08:36:27.0096 0x03cc  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys

08:36:27.0096 0x03cc  sffdisk - ok

08:36:27.0128 0x03cc  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys

08:36:27.0143 0x03cc  sffp_mmc - ok

08:36:27.0159 0x03cc  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys

08:36:27.0190 0x03cc  sffp_sd - ok

08:36:27.0206 0x03cc  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys

08:36:27.0221 0x03cc  sfloppy - ok

08:36:27.0268 0x03cc  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll

08:36:27.0330 0x03cc  SharedAccess - ok

08:36:27.0377 0x03cc  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

08:36:27.0424 0x03cc  ShellHWDetection - ok

08:36:27.0455 0x03cc  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys

08:36:27.0455 0x03cc  SiSRaid2 - ok

08:36:27.0486 0x03cc  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys

08:36:27.0502 0x03cc  SiSRaid4 - ok

08:36:27.0518 0x03cc  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys

08:36:27.0580 0x03cc  Smb - ok

08:36:27.0611 0x03cc  SMR322 - ok

08:36:27.0674 0x03cc  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe

08:36:27.0689 0x03cc  SNMPTRAP - ok

08:36:27.0830 0x03cc  [ D56F7986AA56D58A26644B562803970B, 13B21C8425D235282F4A338C4BAD1162CFBBA9E23AB136AEAE060439DF30CE37 ] SophosVirusRemovalTool C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\SVRTservice.exe

08:36:27.0861 0x03cc  SophosVirusRemovalTool - ok

08:36:27.0892 0x03cc  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys

08:36:27.0892 0x03cc  spldr - ok

08:36:27.0939 0x03cc  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe

08:36:27.0986 0x03cc  Spooler - ok

08:36:28.0126 0x03cc  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe

08:36:28.0266 0x03cc  sppsvc - ok

08:36:28.0313 0x03cc  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll

08:36:28.0391 0x03cc  sppuinotify - ok

08:36:28.0469 0x03cc  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys

08:36:28.0563 0x03cc  srv - ok

08:36:28.0610 0x03cc  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys

08:36:28.0656 0x03cc  srv2 - ok

08:36:28.0688 0x03cc  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys

08:36:28.0703 0x03cc  srvnet - ok

08:36:28.0734 0x03cc  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll

08:36:28.0781 0x03cc  SSDPSRV - ok

08:36:28.0812 0x03cc  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll

08:36:28.0859 0x03cc  SstpSvc - ok

08:36:28.0890 0x03cc  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys

08:36:28.0906 0x03cc  stexstor - ok

08:36:28.0953 0x03cc  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys

08:36:29.0000 0x03cc  StillCam - ok

08:36:29.0062 0x03cc  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll

08:36:29.0124 0x03cc  stisvc - ok

08:36:29.0156 0x03cc  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys

08:36:29.0171 0x03cc  swenum - ok

08:36:29.0202 0x03cc  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll

08:36:29.0249 0x03cc  swprv - ok

08:36:29.0312 0x03cc  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll

08:36:29.0374 0x03cc  SysMain - ok

08:36:29.0405 0x03cc  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll

08:36:29.0452 0x03cc  TabletInputService - ok

08:36:29.0483 0x03cc  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll

08:36:29.0546 0x03cc  TapiSrv - ok

08:36:29.0577 0x03cc  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll

08:36:29.0608 0x03cc  TBS - ok

08:36:29.0686 0x03cc  [ B62A953F2BF3922C8764A29C34A22899, 4A117FF9D1BD58C6A1787DDA7402BAE30E4BA7A70FE3A144F41DD647AA7A3901 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys

08:36:29.0764 0x03cc  Tcpip - ok

08:36:29.0842 0x03cc  [ B62A953F2BF3922C8764A29C34A22899, 4A117FF9D1BD58C6A1787DDA7402BAE30E4BA7A70FE3A144F41DD647AA7A3901 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys

08:36:29.0889 0x03cc  TCPIP6 - ok

08:36:29.0936 0x03cc  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys

08:36:29.0951 0x03cc  tcpipreg - ok

08:36:30.0029 0x03cc  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys

08:36:30.0060 0x03cc  TDPIPE - ok

08:36:30.0092 0x03cc  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys

08:36:30.0107 0x03cc  TDTCP - ok

08:36:30.0123 0x03cc  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys

08:36:30.0201 0x03cc  tdx - ok

08:36:30.0404 0x03cc  [ 2BBB318EA9F34FDC508CEA4AAB98D770, AA98BDB7677A452E38DB207E09A522C558F9E09DE43A57D24CD776C6248CC015 ] TeamViewer7     C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe

08:36:30.0466 0x03cc  TeamViewer7 - ok

08:36:30.0497 0x03cc  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys

08:36:30.0513 0x03cc  TermDD - ok

08:36:30.0544 0x03cc  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll

08:36:30.0638 0x03cc  TermService - ok

08:36:30.0669 0x03cc  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll

08:36:30.0700 0x03cc  Themes - ok

08:36:30.0731 0x03cc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll

08:36:30.0778 0x03cc  THREADORDER - ok

08:36:30.0794 0x03cc  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll

08:36:30.0825 0x03cc  TrkWks - ok

08:36:30.0872 0x03cc  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

08:36:30.0965 0x03cc  TrustedInstaller - ok

08:36:31.0012 0x03cc  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30, CA302C2ED6A6BF4670BAAA4F5C14C0238CF0C80316856AA0DB053F4D593033AC ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys

08:36:31.0090 0x03cc  tssecsrv - ok

08:36:31.0121 0x03cc  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys

08:36:31.0137 0x03cc  TsUsbFlt - ok

08:36:31.0184 0x03cc  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys

08:36:31.0215 0x03cc  TsUsbGD - ok

08:36:31.0262 0x03cc  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys

08:36:31.0324 0x03cc  tunnel - ok

08:36:31.0386 0x03cc  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys

08:36:31.0402 0x03cc  uagp35 - ok

08:36:31.0433 0x03cc  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys

08:36:31.0480 0x03cc  udfs - ok

08:36:31.0496 0x03cc  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe

08:36:31.0527 0x03cc  UI0Detect - ok

08:36:31.0558 0x03cc  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys

08:36:31.0574 0x03cc  uliagpkx - ok

08:36:31.0605 0x03cc  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys

08:36:31.0636 0x03cc  umbus - ok

08:36:31.0667 0x03cc  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys

08:36:31.0683 0x03cc  UmPass - ok

08:36:31.0698 0x03cc  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll

08:36:31.0761 0x03cc  upnphost - ok

08:36:31.0808 0x03cc  [ FB251567F41BC61988B26731DEC19E4B, 6A535F5A18EB43DD2E18AF0A05301630A1D1484B7D85DA79A7CD122DA4D018E2 ] USBAAPL64       C:\Windows\System32\Drivers\usbaapl64.sys

08:36:31.0839 0x03cc  USBAAPL64 - ok

08:36:31.0870 0x03cc  [ 6F1A3157A1C89435352CEB543CDB359C, 325B46220779C5FE3B6F19FF794474837FAB9675D9C98ACB68CCE47B1CFE5F12 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys

08:36:31.0917 0x03cc  usbccgp - ok

08:36:31.0948 0x03cc  [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir          C:\Windows\system32\drivers\usbcir.sys

08:36:31.0979 0x03cc  usbcir - ok

08:36:31.0995 0x03cc  [ C025055FE7B87701EB042095DF1A2D7B, D7B34B6C2C5BD3C8141895AC21BB637EA5E3C4F7A85EEF4C4C36E6BB2045A3D9 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys

08:36:32.0010 0x03cc  usbehci - ok

08:36:32.0026 0x03cc  [ 5AE9C87A1ED4B243942B3FDDD902134B, E19657C637B354F968099755DD311A159E57C4BD5ED89D81BDA1C70A62DC732E ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys

08:36:32.0042 0x03cc  usbfilter - ok

08:36:32.0057 0x03cc  [ 287C6C9410B111B68B52CA298F7B8C24, 98900C08FE662A00DF8B37837B2BEBF9ACB7989C387AF36B2109B05A4F462D4E ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys

08:36:32.0104 0x03cc  usbhub - ok

08:36:32.0135 0x03cc  [ 9840FC418B4CBD632D3D0A667A725C31, 776D86A032DCA2842EF7AADB35473193CA80547223EFAA7F110F296C377077B0 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys

08:36:32.0166 0x03cc  usbohci - ok

08:36:32.0213 0x03cc  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys

08:36:32.0244 0x03cc  usbprint - ok

08:36:32.0260 0x03cc  [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys

08:36:32.0291 0x03cc  usbscan - ok

08:36:32.0322 0x03cc  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS

08:36:32.0338 0x03cc  USBSTOR - ok

08:36:32.0354 0x03cc  [ 62069A34518BCF9C1FD9E74B3F6DB7CD, C58E21424718729324B285BEE1C96551540FCC3FD650B2D10895EBA48D981E25 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys

08:36:32.0369 0x03cc  usbuhci - ok

08:36:32.0416 0x03cc  [ 454800C2BC7F3927CE030141EE4F4C50, 10901E62DAA70657C499AD590DECCCA6E46FDDF4A193B2F19279E1B8ED7B1E44 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys

08:36:32.0432 0x03cc  usbvideo - ok

08:36:32.0447 0x03cc  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll

08:36:32.0510 0x03cc  UxSms - ok

08:36:32.0541 0x03cc  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] VaultSvc        C:\Windows\system32\lsass.exe

08:36:32.0541 0x03cc  VaultSvc - ok

08:36:32.0572 0x03cc  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys

08:36:32.0588 0x03cc  vdrvroot - ok

08:36:32.0619 0x03cc  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe

08:36:32.0697 0x03cc  vds - ok

08:36:32.0744 0x03cc  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys

08:36:32.0775 0x03cc  vga - ok

08:36:32.0806 0x03cc  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys

08:36:32.0868 0x03cc  VgaSave - ok

08:36:32.0900 0x03cc  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys

08:36:32.0915 0x03cc  vhdmp - ok

08:36:32.0931 0x03cc  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys

08:36:32.0946 0x03cc  viaide - ok

08:36:32.0962 0x03cc  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys

08:36:32.0978 0x03cc  volmgr - ok

08:36:32.0993 0x03cc  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys

08:36:33.0009 0x03cc  volmgrx - ok

08:36:33.0040 0x03cc  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys

08:36:33.0056 0x03cc  volsnap - ok

08:36:33.0071 0x03cc  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys

08:36:33.0087 0x03cc  vsmraid - ok

08:36:33.0165 0x03cc  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe

08:36:33.0274 0x03cc  VSS - ok

08:36:33.0305 0x03cc  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys

08:36:33.0321 0x03cc  vwifibus - ok

08:36:33.0352 0x03cc  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys

08:36:33.0399 0x03cc  vwififlt - ok

08:36:33.0446 0x03cc  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys

08:36:33.0477 0x03cc  vwifimp - ok

08:36:33.0508 0x03cc  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll

08:36:33.0586 0x03cc  W32Time - ok

08:36:33.0602 0x03cc  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys

08:36:33.0617 0x03cc  WacomPen - ok

08:36:33.0680 0x03cc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys

08:36:33.0742 0x03cc  WANARP - ok

08:36:33.0758 0x03cc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys

08:36:33.0773 0x03cc  Wanarpv6 - ok

08:36:33.0882 0x03cc  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe

08:36:33.0945 0x03cc  WatAdminSvc - ok

08:36:34.0038 0x03cc  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe

08:36:34.0116 0x03cc  wbengine - ok

08:36:34.0148 0x03cc  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll

08:36:34.0194 0x03cc  WbioSrvc - ok

08:36:34.0241 0x03cc  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll

08:36:34.0288 0x03cc  wcncsvc - ok

08:36:34.0319 0x03cc  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

08:36:34.0350 0x03cc  WcsPlugInService - ok

08:36:34.0397 0x03cc  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys

08:36:34.0413 0x03cc  Wd - ok

08:36:34.0444 0x03cc  [ 442783E2CB0DA19873B7A63833FF4CB4, 09254970265476214F3187CC22A4F9C7C2769D419600E83FBE302C3A103E527F ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys

08:36:34.0491 0x03cc  Wdf01000 - ok

08:36:34.0506 0x03cc  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll

08:36:34.0522 0x03cc  WdiServiceHost - ok

08:36:34.0522 0x03cc  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll

08:36:34.0538 0x03cc  WdiSystemHost - ok

08:36:34.0569 0x03cc  [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient       C:\Windows\System32\webclnt.dll

08:36:34.0600 0x03cc  WebClient - ok

08:36:34.0662 0x03cc  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll

08:36:34.0740 0x03cc  Wecsvc - ok

08:36:34.0772 0x03cc  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll

08:36:34.0818 0x03cc  wercplsupport - ok

08:36:34.0850 0x03cc  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll

08:36:34.0896 0x03cc  WerSvc - ok

08:36:34.0928 0x03cc  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys

08:36:34.0974 0x03cc  WfpLwf - ok

08:36:35.0006 0x03cc  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys

08:36:35.0021 0x03cc  WIMMount - ok

08:36:35.0052 0x03cc  WinDefend - ok

08:36:35.0068 0x03cc  WinHttpAutoProxySvc - ok

08:36:35.0130 0x03cc  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll

08:36:35.0224 0x03cc  Winmgmt - ok

08:36:35.0364 0x03cc  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll

08:36:35.0474 0x03cc  WinRM - ok

08:36:35.0552 0x03cc  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys

08:36:35.0614 0x03cc  WinUsb - ok

08:36:35.0723 0x03cc  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll

08:36:35.0786 0x03cc  Wlansvc - ok

08:36:35.0817 0x03cc  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys

08:36:35.0864 0x03cc  WmiAcpi - ok

08:36:35.0926 0x03cc  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe

08:36:35.0973 0x03cc  wmiApSrv - ok

08:36:36.0004 0x03cc  WMPNetworkSvc - ok

08:36:36.0020 0x03cc  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll

08:36:36.0035 0x03cc  WPCSvc - ok

08:36:36.0051 0x03cc  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll

08:36:36.0066 0x03cc  WPDBusEnum - ok

08:36:36.0082 0x03cc  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys

08:36:36.0144 0x03cc  ws2ifsl - ok

08:36:36.0191 0x03cc  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll

08:36:36.0207 0x03cc  wscsvc - ok

08:36:36.0207 0x03cc  WSearch - ok

08:36:36.0363 0x03cc  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll

08:36:36.0441 0x03cc  wuauserv - ok

08:36:36.0472 0x03cc  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys

08:36:36.0488 0x03cc  WudfPf - ok

08:36:36.0519 0x03cc  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys

08:36:36.0534 0x03cc  WUDFRd - ok

08:36:36.0566 0x03cc  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll

08:36:36.0612 0x03cc  wudfsvc - ok

08:36:36.0659 0x03cc  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll

08:36:36.0722 0x03cc  WwanSvc - ok

08:36:36.0784 0x03cc  ================ Scan global ===============================

08:36:36.0815 0x03cc  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll

08:36:36.0846 0x03cc  [ 0C27239FEA4DB8A2AAC9E502186B7264, 102AA14D7A3CCCE913D9887AF4CCE87EA649A21BEF5196DFFCAD7E8F0B6A7293 ] C:\Windows\system32\winsrv.dll

08:36:36.0893 0x03cc  [ 0C27239FEA4DB8A2AAC9E502186B7264, 102AA14D7A3CCCE913D9887AF4CCE87EA649A21BEF5196DFFCAD7E8F0B6A7293 ] C:\Windows\system32\winsrv.dll

08:36:36.0940 0x03cc  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll

08:36:36.0956 0x03cc  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe

08:36:36.0971 0x03cc  [ Global ] - ok

08:36:36.0971 0x03cc  ================ Scan MBR ==================================

08:36:36.0971 0x03cc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

08:36:37.0205 0x03cc  \Device\Harddisk0\DR0 - ok

08:36:37.0205 0x03cc  [ 9BDCD748DDEE745CACF4B8043E944BAF ] \Device\Harddisk1\DR1

08:36:37.0314 0x03cc  \Device\Harddisk1\DR1 - ok

08:36:37.0314 0x03cc  ================ Scan VBR ==================================

08:36:37.0330 0x03cc  [ FFCB6774577B928649D912CC48C62198 ] \Device\Harddisk0\DR0\Partition1

08:36:37.0392 0x03cc  \Device\Harddisk0\DR0\Partition1 - ok

08:36:37.0392 0x03cc  [ 7A55368A334C9562AABF7A1411D55550 ] \Device\Harddisk0\DR0\Partition2

08:36:37.0455 0x03cc  \Device\Harddisk0\DR0\Partition2 - ok

08:36:37.0455 0x03cc  [ BC93B9A980F02ADAC212E33CFD9E9F22 ] \Device\Harddisk1\DR1\Partition1

08:36:37.0455 0x03cc  \Device\Harddisk1\DR1\Partition1 - ok

08:36:37.0470 0x03cc  ================ Scan generic autorun ======================

08:36:37.0580 0x03cc  [ 8476E1C89C9D9834102EF86B651C6F39, 728D025B925FBACB45E31B4531CB05E5CA1662D99FFC97E237C2033030D8FDD7 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

08:36:37.0611 0x03cc  StartCCC - ok

08:36:37.0642 0x03cc  [ 901AA7A38CE13F14B6BBEC38C0595698, 1E95F2048E2A1782807D52E9816ED267355718E24D01FF07ACE73D965EDE388A ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe

08:36:37.0658 0x03cc  BCSSync - ok

08:36:37.0736 0x03cc  [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

08:36:37.0751 0x03cc  Adobe ARM - ok

08:36:37.0876 0x03cc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe

08:36:37.0970 0x03cc  Sidebar - ok

08:36:38.0016 0x03cc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe

08:36:38.0048 0x03cc  mctadmin - ok

08:36:38.0079 0x03cc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe

08:36:38.0110 0x03cc  Sidebar - ok

08:36:38.0126 0x03cc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe

08:36:38.0141 0x03cc  mctadmin - ok

08:36:38.0141 0x03cc  [ 59BCE9F07985F8A4204F4D6554CFF708, CA24AEF558647274D019DFB4D7FD1506D84EC278795C30BA53B81BB36130DC57 ] C:\Windows\system32\regsvr32.exe

08:36:38.0157 0x03cc  CryptoUpdate - ok

08:36:38.0266 0x03cc  jptlpajahwb - ok

08:36:38.0282 0x03cc  [ 59BCE9F07985F8A4204F4D6554CFF708, CA24AEF558647274D019DFB4D7FD1506D84EC278795C30BA53B81BB36130DC57 ] C:\Windows\system32\regsvr32.exe

08:36:38.0313 0x03cc  CryptoUpdate - ok

08:36:38.0375 0x03cc  Win FW state via NFP2: enabled

08:36:38.0375 0x03cc  ============================================================

08:36:38.0375 0x03cc  Scan finished

08:36:38.0375 0x03cc  ============================================================

08:36:38.0391 0x1124  Detected object count: 5

08:36:38.0391 0x1124  Actual detected object count: 5

08:36:56.0783 0x1124  IconMan_R ( UnsignedFile.Multi.Generic ) - skipped by user

08:36:56.0783 0x1124  IconMan_R ( UnsignedFile.Multi.Generic ) - User select action: Skip 

08:36:56.0783 0x1124  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user

08:36:56.0783 0x1124  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 

08:36:56.0783 0x1124  RalinkRegistryWriter ( UnsignedFile.Multi.Generic ) - skipped by user

08:36:56.0783 0x1124  RalinkRegistryWriter ( UnsignedFile.Multi.Generic ) - User select action: Skip 

08:36:56.0783 0x1124  RalinkRegistryWriter64 ( UnsignedFile.Multi.Generic ) - skipped by user

08:36:56.0783 0x1124  RalinkRegistryWriter64 ( UnsignedFile.Multi.Generic ) - User select action: Skip 

08:36:56.0783 0x1124  RaMediaServer ( UnsignedFile.Multi.Generic ) - skipped by user

08:36:56.0783 0x1124  RaMediaServer ( UnsignedFile.Multi.Generic ) - User select action: Skip 

08:37:14.0068 0x11dc  Deinitialize success
Link to post
Share on other sites

Hello, 
 
Your computer is heavily infected. Unfortunately, I must issue the following warning. 
Please have a read, and let me know how you wish to proceed. 

 

xgoGMWSt.gif.pagespeed.ic.T3xMEQZT0d.pngBACKDOOR WARNING

------------------------------

One or more of the identified infections is known to use a backdoor, that allows attackers to remotely control your computer, download/execute files and steal critical system, financial and personal information.

Please disconnect your computer from the internet immediately. If your computer was used for online banking, has credit card information or other sensitive data, using a non-infected computer/device you should immediately change all account information (including those used for banking, email, eBay, paypal, online forums, etc). Consider these accounts already compromised.

If you have used a router, you will need to reset it with a strong logon/password to ensure the malware cannot gain control before connecting again. Banking and credit card institutions should be notified of the possible security breach immediately. Please read the following for more information: How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

Whilst the identified infection(s) can be removed, there is no way to guarantee that your computer will be trustworthy again. This is due to the nature of the infection, which allows the attacker complete control over the computer. Many experts in the security community believe that once infected with this type of malware, the best course of action is to reformat the hard drive and reinstall the Operating System. Please read the following articles for more information.

Please let me know how you wish to proceed, and if you have any questions.
Link to post
Share on other sites

OK. Please do the following.

 

STEP 1
9SN2ePL.png ComboFix

  • Note: Please read through these instructions before running ComboFix.
  • Please download ComboFix and save the file to your Desktop. << Important!
  • Temporarily disable your anti-virus software. For instructions, please refer to the following link.
  • Right-Click ComboFix.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Follow the prompts. 
     
  • Allow ComboFix to complete it's removal routine (please refer to Important Notes:).
  • Upon completion, a log (ComboFix.txt) will be created in the root directory (C:\). Copy the contents of the log and paste in your next reply.
  • Re-enable your anti-virus software.
     

Important Notes:

  • Do NOT mouse click ComboFix's window whilst it is running. This may cause the programme to stall.
  • Do NOT use your computer whilst ComboFix is running.
  • Your Desktop/taskbar may disappear whilst ComboFix is running; this is normal.
     
  • If you get the message Illegal operation attempted on registry key that has been marked for deletion please reboot your computer.
  • ComboFix will disconnect your machine from the Internet as soon as it starts.
  • Please do not attempt to re-connect your machine back to the Internet until ComboFix has completely finished.
  • If you are unable to access the Internet after running ComboFix, please reboot your computer. 
     

STEP 2
xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Scan

  • Please download Farbar Recovery Scan Tool (x64) and save the file to your Desktop.
  • Right-Click FRST64.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Yes to the disclaimer.
  • Ensure the Addition.txt box is checked.
  • Click the Scan button and let the programme run.
  • Upon completion, click OK, then OK on the Addition.txt pop up screen.
  • Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply. 
     

======================================================
 
STEP 3
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • ComboFix.txt
  • FRST.txt
  • Addition.txt
Link to post
Share on other sites

ComboFix 14-09-24.01 - Sacred Heart 09/28/2014   9:21.1.2 - x64

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3571.2109 [GMT -4:00]

Running from: c:\users\Sacred Heart\Desktop\ComboFix.exe

SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\@system.att

c:\programdata\@system2.att

c:\programdata\wrnhoah.tmp

c:\users\Sacred Heart\alg.exe

c:\users\Sacred Heart\AppData\Roaming\{00004C28-44DC-4899-8259-545237DB241C}.exe

c:\users\Sacred Heart\AppData\Roaming\2035015489

c:\users\Sacred Heart\AppData\Roaming\209053014

c:\users\Sacred Heart\AppData\Roaming\2207073097

c:\users\Sacred Heart\AppData\Roaming\2880139563

c:\users\Sacred Heart\AppData\Roaming\3003501318

c:\users\Sacred Heart\AppData\Roaming\3120250656

c:\users\Sacred Heart\AppData\Roaming\Microsoft\Crypto\RSA\cert_v65_0.tpl

c:\users\Sacred Heart\Documents\~WRL0001.tmp

c:\users\Sacred Heart\Documents\~WRL0002.tmp

c:\users\Sacred Heart\Documents\~WRL0003.tmp

c:\users\Sacred Heart\Documents\~WRL0004.tmp

c:\users\Sacred Heart\Documents\~WRL0005.tmp

c:\users\Sacred Heart\Documents\~WRL0006.tmp

c:\users\Sacred Heart\Documents\~WRL0007.tmp

c:\users\Sacred Heart\Documents\~WRL0008.tmp

c:\users\Sacred Heart\Documents\~WRL0009.tmp

c:\users\Sacred Heart\Documents\~WRL0010.tmp

c:\users\Sacred Heart\Documents\~WRL0011.tmp

c:\users\Sacred Heart\Documents\~WRL0012.tmp

c:\users\Sacred Heart\Documents\~WRL0013.tmp

c:\users\Sacred Heart\Documents\~WRL0014.tmp

c:\users\Sacred Heart\Documents\~WRL0015.tmp

c:\users\Sacred Heart\Documents\~WRL0016.tmp

c:\users\Sacred Heart\Documents\~WRL0017.tmp

c:\users\Sacred Heart\Documents\~WRL0018.tmp

c:\users\Sacred Heart\Documents\~WRL0019.tmp

c:\users\Sacred Heart\Documents\~WRL0020.tmp

c:\users\Sacred Heart\Documents\~WRL0021.tmp

c:\users\Sacred Heart\Documents\~WRL0022.tmp

c:\users\Sacred Heart\Documents\~WRL0023.tmp

c:\users\Sacred Heart\Documents\~WRL0029.tmp

c:\users\Sacred Heart\Documents\~WRL0078.tmp

c:\users\Sacred Heart\Documents\~WRL0186.tmp

c:\users\Sacred Heart\Documents\~WRL0261.tmp

c:\users\Sacred Heart\Documents\~WRL0295.tmp

c:\users\Sacred Heart\Documents\~WRL0323.tmp

c:\users\Sacred Heart\Documents\~WRL0355.tmp

c:\users\Sacred Heart\Documents\~WRL0411.tmp

c:\users\Sacred Heart\Documents\~WRL0597.tmp

c:\users\Sacred Heart\Documents\~WRL0602.tmp

c:\users\Sacred Heart\Documents\~WRL0643.tmp

c:\users\Sacred Heart\Documents\~WRL0686.tmp

c:\users\Sacred Heart\Documents\~WRL0936.tmp

c:\users\Sacred Heart\Documents\~WRL1034.tmp

c:\users\Sacred Heart\Documents\~WRL1061.tmp

c:\users\Sacred Heart\Documents\~WRL1158.tmp

c:\users\Sacred Heart\Documents\~WRL1186.tmp

c:\users\Sacred Heart\Documents\~WRL1322.tmp

c:\users\Sacred Heart\Documents\~WRL1326.tmp

c:\users\Sacred Heart\Documents\~WRL1349.tmp

c:\users\Sacred Heart\Documents\~WRL1471.tmp

c:\users\Sacred Heart\Documents\~WRL1506.tmp

c:\users\Sacred Heart\Documents\~WRL1507.tmp

c:\users\Sacred Heart\Documents\~WRL1519.tmp

c:\users\Sacred Heart\Documents\~WRL1597.tmp

c:\users\Sacred Heart\Documents\~WRL1899.tmp

c:\users\Sacred Heart\Documents\~WRL1917.tmp

c:\users\Sacred Heart\Documents\~WRL1941.tmp

c:\users\Sacred Heart\Documents\~WRL2015.tmp

c:\users\Sacred Heart\Documents\~WRL2291.tmp

c:\users\Sacred Heart\Documents\~WRL2304.tmp

c:\users\Sacred Heart\Documents\~WRL2583.tmp

c:\users\Sacred Heart\Documents\~WRL2801.tmp

c:\users\Sacred Heart\Documents\~WRL3048.tmp

c:\users\Sacred Heart\Documents\~WRL3228.tmp

c:\users\Sacred Heart\Documents\~WRL3321.tmp

c:\users\Sacred Heart\Documents\~WRL3324.tmp

c:\users\Sacred Heart\Documents\~WRL3485.tmp

c:\users\Sacred Heart\Documents\~WRL3596.tmp

c:\users\Sacred Heart\Documents\~WRL3615.tmp

c:\users\Sacred Heart\Documents\~WRL3665.tmp

c:\users\Sacred Heart\Documents\~WRL3713.tmp

c:\users\Sacred Heart\Documents\~WRL3739.tmp

c:\users\Sacred Heart\Documents\~WRL3839.tmp

c:\users\Sacred Heart\GoToAssistDownloadHelper.exe

c:\users\Sacred Heart\notepad.exe

c:\windows\SysWow64\SETBEE9.tmp

c:\windows\SysWow64\SETC004.tmp

c:\windows\SysWow64\u

.

.

CLSID={AB8902B4-09CA-4bb6-B78D-A8F59079A8D5} - infected with Poweliks and removed.

You should verify if current CLSID data is correct: 

.

HKEY_CLASSES_ROOT\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}

    (Default)    REG_SZ    Thumbnail Cache Class Factory for Out of Proc Server

    AppID    REG_SZ    {AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}

.

HKEY_CLASSES_ROOT\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\InprocServer32

    (Default)    REG_SZ    c:\windows\system32\thumbcache.dll

    ThreadingModel    REG_SZ    Apartment

.

.

(((((((((((((((((((((((((   Files Created from 2014-08-28 to 2014-09-28  )))))))))))))))))))))))))))))))

.

.

2014-09-28 14:22 . 2014-09-28 14:22 -------- d-----w- c:\users\Default\AppData\Local\temp

2014-09-28 12:50 . 2014-05-14 16:23 44512 ----a-w- c:\windows\system32\wups2.dll

2014-09-28 12:50 . 2014-05-14 16:23 58336 ----a-w- c:\windows\system32\wuauclt.exe

2014-09-28 12:50 . 2014-05-14 16:23 2477536 ----a-w- c:\windows\system32\wuaueng.dll

2014-09-28 12:50 . 2014-05-14 16:21 2620928 ----a-w- c:\windows\system32\wucltux.dll

2014-09-28 12:49 . 2014-05-14 13:23 198600 ----a-w- c:\windows\system32\wuwebv.dll

2014-09-28 12:49 . 2014-05-14 13:23 179656 ----a-w- c:\windows\SysWow64\wuwebv.dll

2014-09-28 12:49 . 2014-05-14 13:20 36864 ----a-w- c:\windows\system32\wuapp.exe

2014-09-28 12:49 . 2014-05-14 13:17 33792 ----a-w- c:\windows\SysWow64\wuapp.exe

2014-09-28 12:42 . 2014-09-28 12:42 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{07C4B4FB-A34F-48A1-B174-DA5CB18D12E2}\offreg.dll

2014-09-28 11:54 . 2014-09-28 12:31 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys

2014-09-28 11:54 . 2014-09-28 12:25 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware

2014-09-28 11:54 . 2014-05-12 11:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys

2014-09-28 11:54 . 2014-05-12 11:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys

2014-09-28 11:54 . 2014-05-12 11:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys

2014-09-28 11:53 . 2014-09-28 11:53 -------- d-----w- c:\users\Sacred Heart\AppData\Local\Programs

2014-09-27 22:22 . 2014-09-27 22:19 34905600 ----a-w- C:\sp58084.exe

2014-09-24 12:32 . 2014-09-24 12:32 -------- d-----w- c:\users\Sacred Heart\AppData\Local\VirtualStore

2014-09-23 15:47 . 2014-09-23 15:47 -------- d-----w- c:\users\Sacred Heart\AppData\Roaming\pdfforge

2014-09-22 12:19 . 2014-09-22 12:21 -------- d-----w- c:\programdata\Sophos

2014-09-22 12:18 . 2014-09-22 12:18 73728 ----a-r- c:\users\Sacred Heart\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\SVRTgui.exe1_810EDD9E2F0A4E2BACF86673C38D9F48.exe

2014-09-22 12:18 . 2014-09-22 12:18 73728 ----a-r- c:\users\Sacred Heart\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\SVRTgui.exe_810EDD9E2F0A4E2BACF86673C38D9F48.exe

2014-09-22 12:18 . 2014-09-22 12:18 73728 ----a-r- c:\users\Sacred Heart\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\ARPPRODUCTICON.exe

2014-09-22 11:59 . 2014-09-22 11:59 -------- d-----w- c:\program files (x86)\Sophos

2014-09-16 13:10 . 2014-09-16 13:10 -------- d-sh--w- c:\windows\system32\%APPDATA%

2014-09-05 14:40 . 2014-09-28 12:25 -------- d-----w- c:\programdata\EvitpUseyw

.

.

.

((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2014-08-21 17:33 . 2012-07-30 22:30 512000 ----a-w- c:\windows\system32\rpcss.dll

.

.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown 

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-08-06 642216]

"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17416880]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"FlashPlayerUpdate"="c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_268_ActiveX.exe" [2012-07-30 686792]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"Run"= "c:\users\Sacred Heart\AppData\Roaming\Microsoft\Windows\IEUpdate\xwizard.exe"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SophosVirusRemovalTool]

@="Service"

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]

"DisableMonitoring"=dword:00000001

.

R0 SMR322;Symantec SMR Utility Service 3.2.2;c:\windows\System32\drivers\SMR322.SYS;c:\windows\SYSNATIVE\drivers\SMR322.SYS [x]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R2 RaMediaServer;Ralink UPnP Media Server;c:\program files (x86)\Ralink\Common\RaMediaServer.exe;c:\program files (x86)\Ralink\Common\RaMediaServer.exe [x]

R3 HP1210FAX;HP1210MFP FAX;c:\windows\system32\Drivers\HPM1210FAX.sys;c:\windows\SYSNATIVE\Drivers\HPM1210FAX.sys [x]

R3 mvusbews;USB EWS Device;c:\windows\system32\Drivers\mvusbews.sys;c:\windows\SYSNATIVE\Drivers\mvusbews.sys [x]

R3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]

R3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]

R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys;c:\windows\SYSNATIVE\pwdrvio.sys [x]

R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys;c:\windows\SYSNATIVE\pwdspio.sys [x]

R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]

R3 SophosVirusRemovalTool;Sophos Virus Removal Tool;c:\program files (x86)\Sophos\Sophos Virus Removal Tool\SVRTservice.exe;c:\program files (x86)\Sophos\Sophos Virus Removal Tool\SVRTservice.exe [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\System32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]

S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]

S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]

S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]

S2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]

S2 HPM1210RcvFaxSrvc;HP LaserJet Professional M1210 MFP Series Receive Fax Service;c:\program files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe;c:\program files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [x]

S2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe;c:\windows\SYSNATIVE\HPSIsvc.exe [x]

S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [x]

S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]

S2 RalinkRegistryWriter64;RalinkRegistryWriter64;c:\program files (x86)\Ralink\Common\RaRegistry64.exe;c:\program files (x86)\Ralink\Common\RaRegistry64.exe [x]

S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [x]

S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]

S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]

S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]

S3 NWVoltron;NextWindow Voltron Touch Screen;c:\windows\system32\DRIVERS\NWVoltron.sys;c:\windows\SYSNATIVE\DRIVERS\NWVoltron.sys [x]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]

S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - 73231332

*NewlyCreated* - MBAMWEBACCESSCONTROL

*Deregistered* - 73231332

.

Contents of the 'Scheduled Tasks' folder

.

2014-09-28 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-30 22:51]

.

.

--------- X64 Entries -----------

.

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.aol.com/?mtmhp=txtlnkusaolp00000051

mLocal Page = c:\windows\system32\blank.htm

TCP: DhcpNameServer = 192.168.1.1

FF - ProfilePath - 

.

.

------- File Associations -------

.

JSEFile=NOTEPAD.EXE "%1"

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

Wow6432Node-HKCU-Run-CryptoUpdate - c:\users\Sacred Heart\AppData\Roaming\Microsoft\Crypto\RSA\cert_v65_0.tpl

Wow6432Node-HKCU-RunOnce-CryptoUpdate - c:\users\Sacred Heart\AppData\Roaming\Microsoft\Crypto\RSA\cert_v65_0.tpl

c:\users\Sacred Heart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\xwizard.lnk - c:\users\Sacred Heart\AppData\Roaming\Microsoft\Windows\IEUpdate\xwizard.exe

HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start

Toolbar-Locked - (no file)

AddRemove-Critical Security Update - c:\windows\system32\javaws.exe

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\S-1-5-21-639415932-1215857684-1316868989-1003_Classes\clsid\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32\*]

@Allowed: (B) (CreatorAuthority-4)

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_268_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_268_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]

@="?????????????????? v1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]

@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]

@="?????????????????? v2"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]

@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2014-09-28  10:25:50

ComboFix-quarantined-files.txt  2014-09-28 14:25

.

Pre-Run: 931,434,491,904 bytes free

Post-Run: 931,163,324,416 bytes free

.

- - End Of File - - 26500675B194D1F299BDA4ACBE2D1D6A

A36C5E4F47E84449FF07ED3517B43A31
Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-09-2014

Ran by Sacred Heart (administrator) on SACREDHEART-PC on 28-09-2014 10:52:48

Running from C:\Users\Sacred Heart\Desktop

Loaded Profile: Sacred Heart (Available profiles: Sacred Heart)

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 10

Boot Mode: Normal


 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(AMD) C:\Windows\System32\atiesrxx.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Microsoft Corporation) C:\Windows\System32\wisptis.exe

(Microsoft Corporation) C:\Windows\System32\wisptis.exe

(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(HP) C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe

(HP) C:\Windows\System32\HPSIsvc.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry.exe

(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe

(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

 

 

==================== Registry (Whitelisted) ==================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [bCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)

HKU\S-1-5-21-639415932-1215857684-1316868989-1003\...\Run: [CryptoUpdate] => C:\Windows\system32\regsvr32.exe /s "C:\Users\Sacred Heart\AppData\Roaming\Microsoft\Crypto\RSA\cert_v65_0.tpl"

HKU\S-1-5-21-639415932-1215857684-1316868989-1003\...\Policies\Explorer: [Run] "C:\Users\Sacred Heart\AppData\Roaming\Microsoft\Windows\IEUpdate\xwizard.exe"

HKU\S-1-5-21-639415932-1215857684-1316868989-1003\...A8F59079A8D5}\localserver32:  <==== ATTENTION!

HKU\S-1-5-18\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [17416880 2012-07-13] (Skype Technologies S.A.)

HKU\S-1-5-18\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_268_ActiveX.exe [686792 2012-07-30] (Adobe Systems Incorporated)

HKU\S-1-5-18\...\MountPoints2: D - D:\Programs\nu2menu\nu2menu.exe

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xDBAF2A4F8647CE01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aol.com/?mtmhp=txtlnkusaolp00000051

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)

BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File

BHO-x32: No Name -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} ->  No File

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

Winsock: Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Winsock: Catalog5-x64 01 %SystemRoot%\System32\mswsock.dll [326144] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

 

FireFox:

========

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_268.dll ()

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll ()

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)

FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_33 -> C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)

FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak [2014-08-12]

FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-07-30]

FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\virtualKeyboard@kaspersky.ru

FF Extension: Kaspersky Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\virtualKeyboard@kaspersky.ru [2014-08-12]

FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\linkfilter@kaspersky.ru

FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\linkfilter@kaspersky.ru [2014-08-12]

 

Chrome: 

=======

 

==================== Services (Whitelisted) =================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-06] (Advanced Micro Devices, Inc.) [File not signed]

S3 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe [365336 2010-11-02] (Kaspersky Lab ZAO)

R2 HPM1210RcvFaxSrvc; C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [362296 2010-05-11] (HP)

R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]

S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)

R2 RalinkRegistryWriter; C:\Program Files (x86)\Ralink\Common\RaRegistry.exe [372736 2012-07-04] (Ralink Technology, Corp.) [File not signed]

R2 RalinkRegistryWriter64; C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe [447488 2012-07-04] (Ralink Technology, Corp.) [File not signed]

S2 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [1859584 2012-07-04] (Ralink) [File not signed]

S3 SophosVirusRemovalTool; C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\SVRTservice.exe [152872 2014-08-11] (Sophos Limited)

 

==================== Drivers (Whitelisted) ====================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)

S3 HP1210FAX; C:\Windows\System32\Drivers\HPM1210FAX.sys [16384 2010-04-28] ()

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-28] (Malwarebytes Corporation)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)

S3 MTsensor; C:\Windows\system32\drivers\ASACPI.sys [8192 2005-03-29] ()

S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2010-04-28] (Marvell Semiconductor, Inc.)

R3 NWVoltron; C:\Windows\System32\DRIVERS\NWVoltron.sys [28440 2011-06-23] ()

S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2012-06-18] ()

S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2012-06-18] ()

U3 catchme; \??\C:\ComboFix\catchme.sys [X]

S0 SMR322; System32\drivers\SMR322.SYS [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

 

 

==================== One Month Created Files and Folders ========

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2014-09-28 10:52 - 2014-09-28 10:53 - 00013039 _____ () C:\Users\Sacred Heart\Desktop\FRST.txt

2014-09-28 10:52 - 2014-09-28 10:52 - 00000000 ____D () C:\FRST

2014-09-28 10:25 - 2014-09-28 10:25 - 00020510 _____ () C:\ComboFix.txt

2014-09-28 09:19 - 2014-09-28 10:25 - 00000000 ____D () C:\Qoobox

2014-09-28 09:19 - 2011-06-26 02:45 - 00256000 _____ () C:\Windows\PEV.exe

2014-09-28 09:19 - 2010-11-07 13:20 - 00208896 _____ () C:\Windows\MBR.exe

2014-09-28 09:19 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe

2014-09-28 09:19 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe

2014-09-28 09:19 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe

2014-09-28 09:19 - 2000-08-30 20:00 - 00098816 _____ () C:\Windows\sed.exe

2014-09-28 09:19 - 2000-08-30 20:00 - 00080412 _____ () C:\Windows\grep.exe

2014-09-28 09:19 - 2000-08-30 20:00 - 00068096 _____ () C:\Windows\zip.exe

2014-09-28 09:18 - 2014-09-28 10:23 - 00000000 ____D () C:\Windows\erdnt

2014-09-28 08:50 - 2014-05-14 12:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll

2014-09-28 08:50 - 2014-05-14 12:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe

2014-09-28 08:50 - 2014-05-14 12:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll

2014-09-28 08:50 - 2014-05-14 12:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll

2014-09-28 08:49 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll

2014-09-28 08:49 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll

2014-09-28 08:49 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

2014-09-28 08:49 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

2014-09-28 08:33 - 2014-09-28 08:34 - 00148009 _____ () C:\Users\Sacred Heart\Desktop\New Text Document.txt

2014-09-28 08:04 - 2014-09-28 07:46 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Sacred Heart\Desktop\mbam-setup-2.0.2.1012.exe

2014-09-28 08:04 - 2014-09-27 22:35 - 01699276 _____ (Thisisu) C:\Users\Sacred Heart\Desktop\JRT.exe

2014-09-28 08:04 - 2014-09-27 22:35 - 01373475 _____ () C:\Users\Sacred Heart\Desktop\AdwCleaner.exe

2014-09-28 08:04 - 2014-09-27 22:33 - 02108928 _____ (Farbar) C:\Users\Sacred Heart\Desktop\FRST64.exe

2014-09-28 08:04 - 2014-09-27 22:27 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Sacred Heart\Desktop\tdsskiller.exe

2014-09-28 08:04 - 2014-09-27 22:23 - 05580995 ____R (Swearware) C:\Users\Sacred Heart\Desktop\ComboFix.exe

2014-09-28 07:54 - 2014-09-28 08:31 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-09-28 07:54 - 2014-09-28 08:25 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-09-28 07:54 - 2014-09-28 07:54 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-09-28 07:54 - 2014-09-28 07:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-09-28 07:54 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-09-28 07:54 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-09-28 07:54 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-09-27 21:23 - 2014-09-28 08:30 - 00000964 _____ () C:\Windows\setupact.log

2014-09-27 21:23 - 2014-09-27 21:23 - 00000000 _____ () C:\Windows\setuperr.log

2014-09-27 20:11 - 2014-09-05 09:56 - 00004130 _____ () C:\Users\Sacred Heart\Downloads\grrr - Copy.TXT

2014-09-27 18:22 - 2014-09-27 18:19 - 34905600 _____ (Hewlett-Packard Development Company, L.P. ) C:\sp58084.exe

2014-09-27 15:59 - 2014-09-05 09:58 - 00004130 _____ () C:\Users\Grrr.TXT

2014-09-24 12:14 - 2014-09-24 12:14 - 00007016 ____N () C:\bootsqm.dat

2014-09-24 08:32 - 2014-09-24 08:32 - 00000000 ____D () C:\Users\Sacred Heart\AppData\Local\VirtualStore

2014-09-23 12:21 - 2014-09-24 08:18 - 00003978 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{BFCE2EDA-C7EC-46A2-A6B4-FCF23DE328B7}

2014-09-23 11:47 - 2014-09-23 11:47 - 00000000 ____D () C:\Users\Sacred Heart\AppData\Roaming\pdfforge

2014-09-22 11:23 - 2014-09-22 11:23 - 00058880 _____ () C:\Users\Sacred Heart\Desktop\9_21_14-SUN_COLLECT.xls

2014-09-22 11:19 - 2014-09-22 11:19 - 00058880 _____ () C:\Users\Sacred Heart\Downloads\9_21_14-SUN_COLLECT.xls

2014-09-22 08:19 - 2014-09-22 08:21 - 00000000 ____D () C:\ProgramData\Sophos

2014-09-22 08:18 - 2014-09-22 08:18 - 00003237 _____ () C:\Users\Sacred Heart\Desktop\Sophos Virus Removal Tool.lnk

2014-09-22 08:18 - 2014-09-22 08:18 - 00000000 ____D () C:\Users\Sacred Heart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos

2014-09-22 07:59 - 2014-09-22 07:59 - 00000000 ____D () C:\Program Files (x86)\Sophos

2014-09-17 13:16 - 2014-09-17 13:16 - 00000448 ____H () C:\Users\Sacred Heart\AppData\Roaming\麽鎒駓覜

2014-09-17 10:59 - 2014-09-17 14:11 - 00011366 _____ () C:\Users\Sacred Heart\Documents\liturgy 2014.xlsx

2014-09-16 20:20 - 2014-09-18 09:16 - 118352120 _____ (Microsoft Corporation) C:\Users\Sacred Heart\Downloads\msert.exe

2014-09-16 19:20 - 2014-09-16 19:20 - 00000000 ____D () C:\Windows\pss

2014-09-16 15:12 - 2014-09-16 15:12 - 00002052 _____ () C:\Windows\epplauncher.mif

2014-09-16 09:10 - 2014-09-16 09:10 - 00000000 __SHD () C:\Windows\system32\%APPDATA%

2014-09-15 12:22 - 2014-09-15 12:28 - 00058880 _____ () C:\Users\Sacred Heart\Downloads\9_14_14-SUN_COLLECT.xls

2014-09-05 10:40 - 2014-09-28 08:25 - 00000000 ____D () C:\ProgramData\EvitpUseyw

2014-08-29 13:22 - 2014-08-29 13:25 - 00219244 _____ () C:\Users\Sacred Heart\Desktop\fa1131bi.tif

2014-08-29 13:21 - 2014-08-29 13:21 - 00000000 _____ () C:\Users\Sacred Heart\Downloads\fa1131bi.tif.en9r1v9.partial

 

==================== One Month Modified Files and Folders =======

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2014-09-28 10:25 - 2009-07-13 23:20 - 00000000 __RHD () C:\Users\Default

2014-09-28 10:22 - 2009-07-13 22:34 - 00000215 _____ () C:\Windows\system.ini

2014-09-28 10:21 - 2012-08-22 15:55 - 00000000 ____D () C:\Users\Sacred Heart

2014-09-28 10:20 - 2012-07-30 18:51 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-09-28 08:57 - 2009-07-14 00:45 - 00024480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-09-28 08:57 - 2009-07-14 00:45 - 00024480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-09-28 08:50 - 2012-08-22 15:54 - 01897940 _____ () C:\Windows\WindowsUpdate.log

2014-09-28 08:35 - 2009-07-14 01:13 - 00730210 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-09-28 08:31 - 2012-07-31 15:00 - 00003510 _____ () C:\Windows\System32\Tasks\AutoKMS

2014-09-28 08:30 - 2012-07-31 03:17 - 00265226 _____ () C:\Windows\PFRO.log

2014-09-28 08:30 - 2012-07-30 22:13 - 00000000 ____D () C:\Windows\Panther

2014-09-28 08:30 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-09-28 07:55 - 2013-05-30 09:03 - 00000000 ____D () C:\Users\Sacred Heart\AppData\Local\CrashDumps

2014-09-28 07:54 - 2013-05-02 21:06 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-09-28 07:36 - 2013-11-08 11:43 - 00000000 ____D () C:\Program Files\Google

2014-09-28 07:36 - 2012-07-30 18:53 - 00000000 ____D () C:\Program Files (x86)\Google

2014-09-27 22:45 - 2013-11-08 11:42 - 00000000 ____D () C:\Users\Sacred Heart\AppData\Local\Google

2014-09-27 21:17 - 2012-08-22 17:41 - 00000000 ____D () C:\Users\Sacred Heart\Documents\My Scans

2014-09-27 21:10 - 2014-02-21 15:52 - 00000000 ____D () C:\Users\Sacred Heart\Desktop\Publisher Bulletins

2014-09-27 21:10 - 2013-05-10 12:18 - 00000000 ___SD () C:\Users\Sacred Heart\Documents\My Data Sources

2014-09-27 20:21 - 2012-09-18 12:51 - 00000000 ____D () C:\Users\Sacred Heart\AppData\Local\Microsoft Games

2014-09-27 20:21 - 2012-08-28 14:23 - 00000000 ____D () C:\Users\Sacred Heart\AppData\Roaming\LPi Express HTD

2014-09-27 20:21 - 2012-08-22 17:25 - 00000000 ____D () C:\Users\Sacred Heart\AppData\Roaming\Adobe

2014-09-27 20:12 - 2012-08-22 16:30 - 00000000 ____D () C:\Users\Sacred Heart\AppData\Local\AMD

2014-09-27 20:12 - 2012-07-30 18:56 - 00000000 ____D () C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}

2014-09-27 16:02 - 2014-08-12 09:26 - 00000000 ____D () C:\ProgramData\Kaspersky Lab

2014-09-27 16:02 - 2014-07-07 08:54 - 00000000 ____D () C:\Users\Sacred Heart\AppData\Local\fc044c

2014-09-27 16:02 - 2012-10-10 10:01 - 00000000 ____D () C:\Users\Sacred Heart\AppData\Local\Apple Computer

2014-09-27 16:02 - 2012-08-22 17:28 - 00000000 ____D () C:\ProgramData\Ralink Driver

2014-09-27 16:01 - 2012-12-06 10:29 - 00000000 ____D () C:\ebsword

2014-09-27 16:01 - 2012-08-22 16:26 - 00000000 ____D () C:\ATI

2014-09-27 16:01 - 2012-08-22 16:21 - 00000000 ____D () C:\AMD

2014-09-26 08:42 - 2009-07-14 01:08 - 00032586 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

2014-09-25 13:31 - 2012-08-22 17:41 - 00011858 _____ () C:\Users\Sacred Heart\Documents\WEEKLY2.xlsx

2014-09-25 08:44 - 2012-09-18 11:13 - 00001511 _____ () C:\Users\Sacred Heart\AppData\Local\print.ini

2014-09-24 08:32 - 2012-07-30 18:30 - 00000000 __SHD () C:\Users\Sacred Heart\AppData\Roaming\dteivvbh

2014-09-16 12:24 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF

2014-09-05 12:03 - 2012-07-31 15:00 - 00000000 ____D () C:\Windows\AutoKMS

2014-09-05 12:02 - 2012-08-22 16:04 - 00000000 ____D () C:\Users\Sacred Heart\AppData\Local\Apple

2014-09-05 12:02 - 2012-07-31 14:51 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-09-05 12:02 - 2009-07-14 03:44 - 00000000 ___RD () C:\Users\Public\Recorded TV

2014-09-05 12:01 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration

2014-09-05 09:55 - 2013-03-13 12:12 - 14592872 _____ () C:\Users\Sacred Heart\Downloads\IMG_1150.mp4

2014-09-05 09:55 - 2012-08-22 17:41 - 00578630 _____ () C:\Users\Sacred Heart\Downloads\Palm01c_sc.eps

2014-09-05 09:54 - 2013-09-24 10:23 - 00546002 _____ () C:\Users\Sacred Heart\Downloads\bi03fa06_sc.eps

2014-09-05 09:54 - 2013-06-03 14:20 - 00636234 _____ () C:\Users\Sacred Heart\Downloads\bi57sp04_sc.eps

 

Files to move or delete:

====================

C:\Users\Sacred Heart\acrobat.exe

C:\Users\Sacred Heart\chrome935539.exe

C:\Users\Sacred Heart\ctfmon132343.exe

C:\Users\Sacred Heart\flashplayer560745.exe

C:\Users\Sacred Heart\googleupdate.exe

C:\Users\Sacred Heart\googleupdate27226.exe

C:\Users\Sacred Heart\msconfig464447.exe

C:\Users\Sacred Heart\mstsc524057.exe

C:\Users\Sacred Heart\rundll3238542.exe

C:\Users\Sacred Heart\rundll32826958.exe

C:\Users\Sacred Heart\spoolsv35736.exe

C:\Users\Sacred Heart\vlcplayer.exe

C:\Users\Sacred Heart\vlcplayer566390.exe

 

 

==================== Bamital & volsnap Check =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2014-09-03 11:52

 

==================== End Of Log ============================

Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-09-2014

Ran by Sacred Heart at 2014-09-28 10:53:38

Running from C:\Users\Sacred Heart\Desktop

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

==================== Installed Programs ======================

 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.3.0.3670 - Adobe Systems Incorporated)

Adobe AIR (x32 Version: 3.3.0.3670 - Adobe Systems Incorporated) Hidden

Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.3.300.268 - Adobe Systems Incorporated)

Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.3.300.268 - Adobe Systems Incorporated)

Adobe Reader X (10.1.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)

Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)

AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden

AMD Catalyst Install Manager (HKLM\...\{F4C71C2A-F068-8EEB-61AE-EA4707C57A1B}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)

AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden

AMD Fuel (Version: 2012.0806.1213.19931 - Advanced Micro Devices, Inc.) Hidden

AMD Media Foundation Decoders (Version: 1.0.70727.2220 - Advanced Micro Devices, Inc.) Hidden

AMD Steady Video Plug-In  (Version: 2.06.0000 - AMD) Hidden

AMD VISION Engine Control Center (x32 Version: 2012.0806.1213.19931 - Advanced Micro Devices, Inc.) Hidden

Apple Application Support (HKLM-x32\...\{122ADF8C-DDA1-480C-9936-C88F2825B265}) (Version: 2.1.9 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}) (Version: 5.2.0.6 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0806.1213.19931 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center InstallProxy (x32 Version: 2012.0806.1213.19931 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Localization All (x32 Version: 2012.0806.1213.19931 - Advanced Micro Devices, Inc.) Hidden

CCC Help Chinese Standard (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden

CCC Help Chinese Traditional (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden

CCC Help Czech (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden

CCC Help Danish (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden

CCC Help Dutch (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden

CCC Help English (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden

CCC Help Finnish (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden

CCC Help French (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden

CCC Help German (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden

CCC Help Greek (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden

CCC Help Hungarian (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden

CCC Help Italian (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden

CCC Help Japanese (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden

CCC Help Korean (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden

CCC Help Norwegian (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden

CCC Help Polish (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden

CCC Help Portuguese (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden

CCC Help Russian (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden

CCC Help Spanish (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden

CCC Help Swedish (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden

CCC Help Thai (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden

CCC Help Turkish (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden

ccc-utility64 (Version: 2012.0806.1213.19931 - Advanced Micro Devices, Inc.) Hidden

Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)

Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)

Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)

Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{131CD369-AA3B-424F-A83C-54DF3534B95C}) (Version:  - Microsoft)

Driver Genius Professional Edition (HKLM-x32\...\Driver Genius Professional Edition_is1) (Version:  - Driver-Soft Inc.)

Google Earth (HKLM-x32\...\{28E82311-8616-11E1-BEB0-B8AC6F97B88E}) (Version: 6.2.2.6613 - Google)

HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version:  - )

HP LaserJet Professional M1210 MFP Series Fax Installer (HKLM\...\{E65099C4-9110-4C31-BD03-5C17EFB5FE92}) (Version: 1.1.0 - HP)

IDS Client (HKLM-x32\...\{01218E3C-86E4-4D70-A36F-69CD41B78DBC}) (Version: 3.2.1.4466 - IDS LLC)

ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)

iTunes (HKLM\...\{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}) (Version: 10.6.3.25 - Apple Inc.)

Java Auto Updater (x32 Version: 2.0.7.1 - Sun Microsystems, Inc.) Hidden

Java 6 Update 33 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216033FF}) (Version: 6.0.330 - Oracle)

Kaspersky Anti-Virus 2011 (HKLM-x32\...\InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}) (Version: 11.0.2.556 - Kaspersky Lab)

Kaspersky Anti-Virus 2011 (x32 Version: 11.0.2.556 - Kaspersky Lab) Hidden

KeePass Password Safe 1.23 (HKLM-x32\...\KeePass Password Safe_is1) (Version: 1.23 - Dominik Reichl)

LPi Express HTD 5.3 (HKLM-x32\...\LPi Express HTD) (Version: 5.3 - Liturgical Publications Inc.)

Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)

Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden

Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 1.1.500.0 - Microsoft Corporation)

Microsoft Mouse and Keyboard Center (Version: 1.1.500.0 - Microsoft Corporation) Hidden

Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version:  - Microsoft)

Microsoft Office 2010 Service Pack 1 (SP1) (x32 Version:  - Microsoft) Hidden

Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation)

Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20125.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)

MiniTool Partition Wizard Home Edition 7.5 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)

Mozilla Firefox 14.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 14.0.1 (x86 en-US)) (Version: 14.0.1 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 14.0.1 - Mozilla)

PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.4.3 - Frank Heindörfer, Philip Chinery)

Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.8 - Google, Inc.)

QuickTime (HKLM-x32\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)

Ralink 802.11n Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 4.0.3.0 - Ralink)

Readiris Pro 12 (HKLM-x32\...\{3AC26580-A695-4134-84AE-5121B3AAE545}) (Version: 12.00.5965 - I.R.I.S.)

Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.2.8400.30137 - Realtek Semiconductor Corp.)

Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP)

Skype™ 5.10 (HKLM-x32\...\{1845470B-EB14-4ABC-835B-E36C693DC07D}) (Version: 5.10.116 - Skype Technologies S.A.)

Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.3 - Sophos Limited)

swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

TeamViewer 7 (HKLM-x32\...\TeamViewer 7) (Version: 7.0.13989 - TeamViewer)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)

Update for Microsoft Office 2010 (KB2553065) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{A8686D24-1E89-43A1-973E-05A258D2B3F8}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2553092) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7AC49FC8-F8D2-4DD8-9086-09E52385A21F}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{48E1B6C2-7299-4F3F-AA63-42F0ACE55AA4}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{18B3CF2A-73F7-4716-B1AE-86D68726D408}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUS_{73E67A3A-8D61-44EF-90C2-1697C3DBE668}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{14B7142F-D7E2-4FB0-9E3B-7CAA8D7FFC56}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2566458) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFB525A0-E1C0-4E32-9968-FE401BC87363}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ED31DE9A-3E13-4E2C-9106-E0D8AFFB9FA6}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{C4F26A9B-B121-4135-8084-A0D9C780C7C8}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{460FF681-BC66-4C38-99DF-7012E03F1EBA}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{C633216E-FF30-45B6-B2AB-21922A9353EF}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B1FA5E8C-2342-45AF-8A62-5E860042F8DF}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{1CBEDB37-C438-473F-8BA0-2535B0D237E2}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{1CBEDB37-C438-473F-8BA0-2535B0D237E2}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9CFD026D-EB1C-48C2-9DD2-8E8875F251B2}) (Version:  - Microsoft)

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUS_{9865DC3A-2898-48D9-B96A-46397571C934}) (Version:  - Microsoft)

Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1CBE095-403D-466D-BB13-B185A5F33231}) (Version:  - Microsoft)

Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{47894754-0FEC-4920-9A65-6C1E732587AC}) (Version:  - Microsoft)

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BC6DFBFD-16DD-47E1-A7EF-2C062930FA4F}) (Version:  - Microsoft)

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{1EEFF749-6F29-4F0B-AB08-4C6EA52AA110}) (Version:  - Microsoft)

Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{6B6DDDCE-B456-4FE1-9A07-DBC1708E4158}) (Version:  - Microsoft)

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5DA2D071-A54C-47C0-83E5-43C63DBFD936}) (Version:  - Microsoft)

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{5DA2D071-A54C-47C0-83E5-43C63DBFD936}) (Version:  - Microsoft)

VLC media player 2.0.3 (HKLM-x32\...\VLC media player) (Version: 2.0.3 - VideoLAN)

WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

WordPerfect Office 11 (HKLM-x32\...\{54F90B55-BEB3-4F0D-8802-228822FA5921}) (Version: 11.0.0.233 - Corel Corporation)

 

==================== Custom CLSID (selected items): ==========================

 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

 

 

==================== Restore Points  =========================

 

28-09-2014 12:49:32 Windows Update

 

==================== Hosts content: ==========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2009-07-13 22:34 - 2014-09-28 10:22 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

 

==================== Scheduled Tasks (whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

 

Task: {1C386C0E-A445-47DA-901A-393EB6C2D382} - System32\Tasks\{297F2293-13B0-4FE3-9198-BB8A93BE8460} => C:\Program Files (x86)\Microsoft Office\Office14\MSPUB.EXE [2011-04-06] (Microsoft Corporation)

Task: {3F39A9C4-19EB-4085-866A-319B46C3831C} - System32\Tasks\{9C20487D-2C01-4F9E-974B-09089469BCF8} => C:\Program Files (x86)\Driver-Soft\DriverGenius\DriverGenius.exe [2010-04-21] (Driver-Soft Inc.)

Task: {57C34F52-F55D-46A9-BBEC-7FE5497E2771} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-13] (Microsoft Corporation)

Task: {5E579732-3AE5-4CCE-98D9-C8936BB00502} - System32\Tasks\{153E2278-86B5-49E0-AE94-8AF4E54E5B22} => C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE [2012-10-20] (Microsoft Corporation)

Task: {70B14C0D-C1D5-4F0C-A0AA-4312FA676299} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2012-07-31] ()

Task: {766E07AE-1135-40DF-846A-958749F829BE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {7CC6BFF0-97EA-4DC0-AED0-97DB14A902ED} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup

Task: {8F7B41E9-2C26-4938-A4EE-F3BA6442CF6B} - System32\Tasks\{B3E80174-7A15-479A-8CC6-BE56E35E091D} => C:\Program Files (x86)\Microsoft Office\Office14\MSPUB.EXE [2011-04-06] (Microsoft Corporation)

Task: {AD5CF118-9EB3-4AB5-8CBA-2302A1EA732B} - System32\Tasks\{F66C47B5-EAA0-485C-8591-A65C09773112} => C:\Program Files (x86)\Driver-Soft\DriverGenius\DriverGenius.exe [2010-04-21] (Driver-Soft Inc.)

Task: {B3670107-77A8-46F9-BDD5-6573E06A504B} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => c:\Program Files\Microsoft Device Center\devicecenter.exe [2012-06-26] (Microsoft)

Task: {C105B06E-52C7-4CFA-862C-2A85C608D415} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Device Center\ipoint.exe [2012-06-26] (Microsoft Corporation)

Task: {C534DDA7-E6AF-4B97-9A5C-9FF71930D354} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Device Center\itype.exe [2012-06-26] (Microsoft Corporation)

Task: {CE83A9E3-F3FE-4B66-A10B-BC53E06A8BF4} - System32\Tasks\{1B1556A2-E352-4B56-8363-A1F352A73E81} => Chrome.exe 

Task: {CF34E322-8BD7-48BB-BD6C-675495149C5F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-30] (Adobe Systems Incorporated)

Task: {F1422699-57D0-4C49-B113-955A814AC852} - System32\Tasks\{2D3E9920-B639-4DE1-AE6E-AE6A472279CA} => C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE [2012-10-20] (Microsoft Corporation)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

 

==================== Loaded Modules (whitelisted) =============

 

2012-08-24 10:20 - 2010-03-31 11:51 - 00407040 _____ () C:\Windows\System32\HPM1210LM.DLL

2012-08-28 14:22 - 2011-04-29 23:14 - 00083752 _____ () C:\Windows\system32\PuzzlePort64.dll

2012-08-24 10:20 - 2010-03-31 11:51 - 00074240 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HPM1210PP.dll

2012-08-06 12:24 - 2012-08-06 12:24 - 00212480 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll

2012-03-05 16:03 - 2012-03-05 16:03 - 00677376 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll

2012-02-16 14:53 - 2012-02-16 14:53 - 03642880 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll

2012-08-24 10:19 - 2010-04-28 11:49 - 00222720 _____ () C:\Windows\system32\m1210nwia.dll

2012-08-06 12:24 - 2012-08-06 12:24 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll

2012-08-06 12:07 - 2012-08-06 12:07 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll

2011-03-17 01:07 - 2011-03-17 01:07 - 04297568 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF

2010-10-20 16:23 - 2010-10-20 16:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll

2012-05-30 20:06 - 2012-05-30 20:06 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2012-05-30 20:06 - 2012-05-30 20:06 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2011-03-17 01:11 - 2011-03-17 01:11 - 04297568 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

2010-10-20 16:45 - 2010-10-20 16:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

 

 

==================== Safe Mode (whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SophosVirusRemovalTool => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SophosVirusRemovalTool => ""="Service"

 

==================== EXE Association (whitelisted) =============

 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

 

 

==================== MSCONFIG/TASK MANAGER disabled items =========

 

(Currently there is no automatic fix for this section.)

 

MSCONFIG\startupfolder: C:^Users^Sacred Heart^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^xwizard.lnk => C:\Windows\pss\xwizard.lnk.Startup

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

MSCONFIG\startupreg: Driver Genius => 

MSCONFIG\startupreg: IntelliType Pro => "c:\Program Files\Microsoft Device Center\itype.exe"

MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

MSCONFIG\startupreg: MapsGalaxy Search Scope Monitor => "C:\PROGRA~2\MAPSGA~2\bar\1.bin\39srchmn.exe" /m=2 /w /h

MSCONFIG\startupreg: MapsGalaxy_39 Browser Plugin Loader => C:\PROGRA~2\MAPSGA~2\bar\1.bin\39brmon.exe

MSCONFIG\startupreg: QuickFinder Scheduler => "C:\Program Files (x86)\WordPerfect Office 11\Programs\QFSCHD110.EXE"

MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

MSCONFIG\startupreg: xwizard => "C:\Users\Sacred Heart\AppData\Roaming\Microsoft\Windows\IEUpdate\xwizard.exe"

MSCONFIG\startupreg: {f55de818-9e4d-43d0-0b46-54c71f088e85} => "C:\ProgramData\Microsoft\{f55de818-9e4d-43d0-0b46-54c71f088e85}\{f55de818-9e4d-43d0-0b46-54c71f088e85}.exe"

MSCONFIG\startupreg: .tluafed => 

 

========================= Accounts: ==========================

 

Administrator (S-1-5-21-639415932-1215857684-1316868989-500 - Administrator - Disabled)

Guest (S-1-5-21-639415932-1215857684-1316868989-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-639415932-1215857684-1316868989-1006 - Limited - Enabled)

Sacred Heart (S-1-5-21-639415932-1215857684-1316868989-1003 - Administrator - Enabled) => C:\Users\Sacred Heart

 

==================== Faulty Device Manager Devices =============

 

Name: Ethernet Controller

Description: Ethernet Controller

Class Guid: 

Manufacturer: 

Service: 

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

 

Name: 802.11n Wireless LAN Card

Description: 802.11n Wireless LAN Card

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Ralink Technology, Corp.

Service: netr28x

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (09/28/2014 08:26:30 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: Fuel.Service.exe, version: 1.0.0.0, time stamp: 0x501fefb5

Faulting module name: Device.dll, version: 4.1.0.0, time stamp: 0x4f55e10b

Exception code: 0xc0000005

Fault offset: 0x00000000000033c1

Faulting process id: 0x710

Faulting application start time: 0xFuel.Service.exe0

Faulting application path: Fuel.Service.exe1

Faulting module path: Fuel.Service.exe2

Report Id: Fuel.Service.exe3

 

Error: (09/28/2014 07:54:55 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d672ee4

Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000

Exception code: 0xc0000005

Fault offset: 0x00000000062c3523

Faulting process id: 0x994

Faulting application start time: 0xexplorer.exe0

Faulting application path: explorer.exe1

Faulting module path: explorer.exe2

Report Id: explorer.exe3

 

Error: (09/28/2014 07:53:06 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d672ee4

Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000

Exception code: 0xc0000005

Fault offset: 0x0000000009263523

Faulting process id: 0x870

Faulting application start time: 0xexplorer.exe0

Faulting application path: explorer.exe1

Faulting module path: explorer.exe2

Report Id: explorer.exe3

 

Error: (09/28/2014 07:51:11 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4

Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000

Exception code: 0xc0000005

Fault offset: 0x0000000008a83523

Faulting process id: 0x64c

Faulting application start time: 0xExplorer.EXE0

Faulting application path: Explorer.EXE1

Faulting module path: Explorer.EXE2

Report Id: Explorer.EXE3

 

Error: (09/28/2014 07:49:31 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4

Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000

Exception code: 0xc0000005

Fault offset: 0x00000000087d3523

Faulting process id: 0x878

Faulting application start time: 0xExplorer.EXE0

Faulting application path: Explorer.EXE1

Faulting module path: Explorer.EXE2

Report Id: Explorer.EXE3

 

Error: (09/28/2014 07:47:51 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4

Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000

Exception code: 0xc0000005

Fault offset: 0x00000000050c3523

Faulting process id: 0xaec

Faulting application start time: 0xExplorer.EXE0

Faulting application path: Explorer.EXE1

Faulting module path: Explorer.EXE2

Report Id: Explorer.EXE3

 

Error: (09/28/2014 07:46:11 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4

Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000

Exception code: 0xc0000005

Fault offset: 0x0000000009883523

Faulting process id: 0xe00

Faulting application start time: 0xExplorer.EXE0

Faulting application path: Explorer.EXE1

Faulting module path: Explorer.EXE2

Report Id: Explorer.EXE3

 

Error: (09/28/2014 07:44:31 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4

Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000

Exception code: 0xc0000005

Fault offset: 0x00000000062d3523

Faulting process id: 0x72c

Faulting application start time: 0xExplorer.EXE0

Faulting application path: Explorer.EXE1

Faulting module path: Explorer.EXE2

Report Id: Explorer.EXE3

 

Error: (09/28/2014 07:42:50 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4

Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000

Exception code: 0xc0000005

Fault offset: 0x0000000007d83523

Faulting process id: 0xc70

Faulting application start time: 0xExplorer.EXE0

Faulting application path: Explorer.EXE1

Faulting module path: Explorer.EXE2

Report Id: Explorer.EXE3

 

Error: (09/28/2014 07:41:10 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4

Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000

Exception code: 0xc000041d

Fault offset: 0x0000000000000000

Faulting process id: 0xbc0

Faulting application start time: 0xExplorer.EXE0

Faulting application path: Explorer.EXE1

Faulting module path: Explorer.EXE2

Report Id: Explorer.EXE3

 

 

System errors:

=============

Error: (09/28/2014 10:22:43 AM) (Source: Service Control Manager) (EventID: 7030) (User: )

Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

 

Error: (09/28/2014 10:21:16 AM) (Source: Application Popup) (EventID: 1060) (User: )

Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

 

Error: (09/28/2014 09:47:40 AM) (Source: Service Control Manager) (EventID: 7030) (User: )

Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

 

Error: (09/28/2014 08:32:54 AM) (Source: DCOM) (EventID: 10010) (User: )

Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

 

Error: (09/28/2014 08:31:01 AM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: The following boot-start or system-start driver(s) failed to load: 

SMR322

 

Error: (09/28/2014 08:30:58 AM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the Ralink UPnP Media Server service to connect.

 

Error: (09/28/2014 08:26:31 AM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The AMD FUEL Service service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (09/28/2014 08:25:55 AM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The IPsec Policy Agent service depends on the Base Filtering Engine service which failed to start because of the following error: 

%%1290

 

Error: (09/28/2014 08:25:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Base Filtering Engine service failed to start due to the following error: 

%%1290

 

Error: (09/28/2014 08:25:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Security Center service failed to start due to the following error: 

%%1314

 

 

Microsoft Office Sessions:

=========================

Error: (09/28/2014 08:26:30 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Fuel.Service.exe1.0.0.0501fefb5Device.dll4.1.0.04f55e10bc000000500000000000033c171001cfdb1081caacc9C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exeC:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dllac48dd2a-470a-11e4-bafd-e7a61a1ba403

 

Error: (09/28/2014 07:54:55 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: explorer.exe6.1.7601.175674d672ee4unknown0.0.0.000000000c000000500000000062c352399401cfdb12c6a5c40eC:\Windows\explorer.exeunknown4322818f-4706-11e4-bafd-a6300096e01c

 

Error: (09/28/2014 07:53:06 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: explorer.exe6.1.7601.175674d672ee4unknown0.0.0.000000000c0000005000000000926352387001cfdb12aebdab23C:\Windows\explorer.exeunknown01b7cda3-4706-11e4-bafd-a6300096e01c

 

Error: (09/28/2014 07:51:11 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Explorer.EXE6.1.7601.175674d672ee4unknown0.0.0.000000000c00000050000000008a8352364c01cfdb1246672c35C:\Windows\Explorer.EXEunknownbd28fdcc-4705-11e4-bafd-a6300096e01c

 

Error: (09/28/2014 07:49:31 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Explorer.EXE6.1.7601.175674d672ee4unknown0.0.0.000000000c000000500000000087d352387801cfdb120b482a89C:\Windows\Explorer.EXEunknown8176d469-4705-11e4-bafd-a6300096e01c

 

Error: (09/28/2014 07:47:51 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Explorer.EXE6.1.7601.175674d672ee4unknown0.0.0.000000000c000000500000000050c3523aec01cfdb11cfa42258C:\Windows\Explorer.EXEunknown466d3f20-4705-11e4-bafd-a6300096e01c

 

Error: (09/28/2014 07:46:11 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Explorer.EXE6.1.7601.175674d672ee4unknown0.0.0.000000000c00000050000000009883523e0001cfdb1193ba8589C:\Windows\Explorer.EXEunknown0a94d8a8-4705-11e4-bafd-a6300096e01c

 

Error: (09/28/2014 07:44:31 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Explorer.EXE6.1.7601.175674d672ee4unknown0.0.0.000000000c000000500000000062d352372c01cfdb1157db4911C:\Windows\Explorer.EXEunknownced875fe-4704-11e4-bafd-a6300096e01c

 

Error: (09/28/2014 07:42:50 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Explorer.EXE6.1.7601.175674d672ee4unknown0.0.0.000000000c00000050000000007d83523c7001cfdb111c0a06bbC:\Windows\Explorer.EXEunknown92f21566-4704-11e4-bafd-a6300096e01c

 

Error: (09/28/2014 07:41:10 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Explorer.EXE6.1.7601.175674d672ee4unknown0.0.0.000000000c000041d0000000000000000bc001cfdb10e04e57d7C:\Windows\Explorer.EXEunknown5723346f-4704-11e4-bafd-a6300096e01c

 

 

CodeIntegrity Errors:

===================================

  Date: 2014-09-28 10:21:16.472

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2014-09-28 10:21:16.332

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

 

==================== Memory info =========================== 

 

Processor: AMD A4-3400 APU with Radeon HD Graphics

Percentage of memory in use: 71%

Total physical RAM: 3570.79 MB

Available physical RAM: 1006.53 MB

Total Pagefile: 7139.75 MB

Available Pagefile: 5610.53 MB

Total Virtual: 8192 MB

Available Virtual: 8191.84 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:931.41 GB) (Free:867.21 GB) NTFS

Drive e: (WINTOUSB) (Removable) (Total:14.89 GB) (Free:13.76 GB) FAT32

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 58CFF908)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

 

========================================================

Disk: 1 (Size: 14.9 GB) (Disk ID: 00005053)

Partition 1: (Active) - (Size=14.9 GB) - (Type=0C)

 

==================== End Of Log ============================

Link to post
Share on other sites

Here is the new FRST scan after removing autokms

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-09-2014
Ran by Sacred Heart (administrator) on SACREDHEART-PC on 28-09-2014 13:05:00
Running from C:\Users\Sacred Heart\Desktop
Loaded Profile: Sacred Heart (Available profiles: Sacred Heart)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(HP) C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [bCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-639415932-1215857684-1316868989-1003\...\Run: [CryptoUpdate] => C:\Windows\system32\regsvr32.exe /s "C:\Users\Sacred Heart\AppData\Roaming\Microsoft\Crypto\RSA\cert_v65_0.tpl"
HKU\S-1-5-21-639415932-1215857684-1316868989-1003\...\Policies\Explorer: [Run] "C:\Users\Sacred Heart\AppData\Roaming\Microsoft\Windows\IEUpdate\xwizard.exe"
HKU\S-1-5-21-639415932-1215857684-1316868989-1003\...A8F59079A8D5}\localserver32:  <==== ATTENTION!
HKU\S-1-5-18\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [17416880 2012-07-13] (Skype Technologies S.A.)
HKU\S-1-5-18\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_268_ActiveX.exe [686792 2012-07-30] (Adobe Systems Incorporated)
HKU\S-1-5-18\...\MountPoints2: D - D:\Programs\nu2menu\nu2menu.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xDBAF2A4F8647CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aol.com/?mtmhp=txtlnkusaolp00000051
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO-x32: No Name -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} ->  No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Winsock: Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 01 %SystemRoot%\System32\mswsock.dll [326144] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_268.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_33 -> C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak [2014-08-12]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-07-30]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\virtualKeyboard@kaspersky.ru
FF Extension: Kaspersky Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\virtualKeyboard@kaspersky.ru [2014-08-12]
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\linkfilter@kaspersky.ru
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\linkfilter@kaspersky.ru [2014-08-12]
 
Chrome: 
=======
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-06] (Advanced Micro Devices, Inc.) [File not signed]
S3 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe [365336 2010-11-02] (Kaspersky Lab ZAO)
R2 HPM1210RcvFaxSrvc; C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [362296 2010-05-11] (HP)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 RalinkRegistryWriter; C:\Program Files (x86)\Ralink\Common\RaRegistry.exe [372736 2012-07-04] (Ralink Technology, Corp.) [File not signed]
R2 RalinkRegistryWriter64; C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe [447488 2012-07-04] (Ralink Technology, Corp.) [File not signed]
S2 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [1859584 2012-07-04] (Ralink) [File not signed]
S3 SophosVirusRemovalTool; C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\SVRTservice.exe [152872 2014-08-11] (Sophos Limited)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 HP1210FAX; C:\Windows\System32\Drivers\HPM1210FAX.sys [16384 2010-04-28] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-28] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 MTsensor; C:\Windows\system32\drivers\ASACPI.sys [8192 2005-03-29] ()
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2010-04-28] (Marvell Semiconductor, Inc.)
R3 NWVoltron; C:\Windows\System32\DRIVERS\NWVoltron.sys [28440 2011-06-23] ()
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2012-06-18] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2012-06-18] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S0 SMR322; System32\drivers\SMR322.SYS [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-28 10:54 - 2014-09-28 10:54 - 00025396 _____ () C:\Users\Sacred Heart\Desktop\FRST201409281056.txt
2014-09-28 10:53 - 2014-09-28 13:03 - 00039260 _____ () C:\Users\Sacred Heart\Desktop\Addition.txt
2014-09-28 10:52 - 2014-09-28 13:05 - 00013189 _____ () C:\Users\Sacred Heart\Desktop\FRST.txt
2014-09-28 10:52 - 2014-09-28 13:05 - 00000000 ____D () C:\FRST
2014-09-28 10:25 - 2014-09-28 10:25 - 00020510 _____ () C:\ComboFix.txt
2014-09-28 09:19 - 2014-09-28 10:25 - 00000000 ____D () C:\Qoobox
2014-09-28 09:19 - 2011-06-26 02:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-09-28 09:19 - 2010-11-07 13:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-09-28 09:19 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-09-28 09:19 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-09-28 09:19 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-09-28 09:19 - 2000-08-30 20:00 - 00098816 _____ () C:\Windows\sed.exe
2014-09-28 09:19 - 2000-08-30 20:00 - 00080412 _____ () C:\Windows\grep.exe
2014-09-28 09:19 - 2000-08-30 20:00 - 00068096 _____ () C:\Windows\zip.exe
2014-09-28 09:18 - 2014-09-28 10:23 - 00000000 ____D () C:\Windows\erdnt
2014-09-28 08:50 - 2014-05-14 12:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-09-28 08:50 - 2014-05-14 12:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-09-28 08:50 - 2014-05-14 12:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-09-28 08:50 - 2014-05-14 12:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-09-28 08:49 - 2014-05-14 12:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-09-28 08:49 - 2014-05-14 12:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-09-28 08:49 - 2014-05-14 12:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-09-28 08:49 - 2014-05-14 12:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-09-28 08:49 - 2014-05-14 12:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-09-28 08:49 - 2014-05-14 12:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-09-28 08:49 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-09-28 08:49 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-09-28 08:49 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-09-28 08:49 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-09-28 08:33 - 2014-09-28 08:34 - 00148009 _____ () C:\Users\Sacred Heart\Desktop\New Text Document.txt
2014-09-28 08:04 - 2014-09-28 07:46 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Sacred Heart\Desktop\mbam-setup-2.0.2.1012.exe
2014-09-28 08:04 - 2014-09-27 22:35 - 01699276 _____ (Thisisu) C:\Users\Sacred Heart\Desktop\JRT.exe
2014-09-28 08:04 - 2014-09-27 22:35 - 01373475 _____ () C:\Users\Sacred Heart\Desktop\AdwCleaner.exe
2014-09-28 08:04 - 2014-09-27 22:33 - 02108928 _____ (Farbar) C:\Users\Sacred Heart\Desktop\FRST64.exe
2014-09-28 08:04 - 2014-09-27 22:27 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Sacred Heart\Desktop\tdsskiller.exe
2014-09-28 08:04 - 2014-09-27 22:23 - 05580995 ____R (Swearware) C:\Users\Sacred Heart\Desktop\ComboFix.exe
2014-09-28 07:54 - 2014-09-28 13:00 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-28 07:54 - 2014-09-28 08:25 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-28 07:54 - 2014-09-28 07:54 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-28 07:54 - 2014-09-28 07:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-28 07:54 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-28 07:54 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-28 07:54 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-27 21:23 - 2014-09-28 12:59 - 00001872 _____ () C:\Windows\setupact.log
2014-09-27 21:23 - 2014-09-27 21:23 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-27 20:11 - 2014-09-05 09:56 - 00004130 _____ () C:\Users\Sacred Heart\Downloads\grrr - Copy.TXT
2014-09-27 18:22 - 2014-09-27 18:19 - 34905600 _____ (Hewlett-Packard Development Company, L.P. ) C:\sp58084.exe
2014-09-27 15:59 - 2014-09-05 09:58 - 00004130 _____ () C:\Users\Grrr.TXT
2014-09-24 12:14 - 2014-09-24 12:14 - 00007016 ____N () C:\bootsqm.dat
2014-09-24 08:32 - 2014-09-24 08:32 - 00000000 ____D () C:\Users\Sacred Heart\AppData\Local\VirtualStore
2014-09-23 12:21 - 2014-09-24 08:18 - 00003978 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{BFCE2EDA-C7EC-46A2-A6B4-FCF23DE328B7}
2014-09-23 11:47 - 2014-09-23 11:47 - 00000000 ____D () C:\Users\Sacred Heart\AppData\Roaming\pdfforge
2014-09-22 11:23 - 2014-09-22 11:23 - 00058880 _____ () C:\Users\Sacred Heart\Desktop\9_21_14-SUN_COLLECT.xls
2014-09-22 11:19 - 2014-09-22 11:19 - 00058880 _____ () C:\Users\Sacred Heart\Downloads\9_21_14-SUN_COLLECT.xls
2014-09-22 08:19 - 2014-09-22 08:21 - 00000000 ____D () C:\ProgramData\Sophos
2014-09-22 08:18 - 2014-09-22 08:18 - 00003237 _____ () C:\Users\Sacred Heart\Desktop\Sophos Virus Removal Tool.lnk
2014-09-22 08:18 - 2014-09-22 08:18 - 00000000 ____D () C:\Users\Sacred Heart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos
2014-09-22 07:59 - 2014-09-22 07:59 - 00000000 ____D () C:\Program Files (x86)\Sophos
2014-09-17 13:16 - 2014-09-17 13:16 - 00000448 ____H () C:\Users\Sacred Heart\AppData\Roaming\麽鎒駓覜
2014-09-17 10:59 - 2014-09-17 14:11 - 00011366 _____ () C:\Users\Sacred Heart\Documents\liturgy 2014.xlsx
2014-09-16 20:20 - 2014-09-18 09:16 - 118352120 _____ (Microsoft Corporation) C:\Users\Sacred Heart\Downloads\msert.exe
2014-09-16 19:20 - 2014-09-16 19:20 - 00000000 ____D () C:\Windows\pss
2014-09-16 15:12 - 2014-09-16 15:12 - 00002052 _____ () C:\Windows\epplauncher.mif
2014-09-16 09:10 - 2014-09-16 09:10 - 00000000 __SHD () C:\Windows\system32\%APPDATA%
2014-09-15 12:22 - 2014-09-15 12:28 - 00058880 _____ () C:\Users\Sacred Heart\Downloads\9_14_14-SUN_COLLECT.xls
2014-09-05 10:40 - 2014-09-28 08:25 - 00000000 ____D () C:\ProgramData\EvitpUseyw
2014-08-29 13:22 - 2014-08-29 13:25 - 00219244 _____ () C:\Users\Sacred Heart\Desktop\fa1131bi.tif
2014-08-29 13:21 - 2014-08-29 13:21 - 00000000 _____ () C:\Users\Sacred Heart\Downloads\fa1131bi.tif.en9r1v9.partial
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-28 13:04 - 2009-07-14 01:13 - 00730210 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-28 13:03 - 2012-08-22 15:54 - 01057297 _____ () C:\Windows\WindowsUpdate.log
2014-09-28 12:59 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-28 12:20 - 2012-07-30 18:51 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-28 11:55 - 2009-07-14 00:45 - 00024480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-28 11:55 - 2009-07-14 00:45 - 00024480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-28 11:46 - 2012-07-31 03:17 - 00266026 _____ () C:\Windows\PFRO.log
2014-09-28 10:25 - 2009-07-13 23:20 - 00000000 __RHD () C:\Users\Default
2014-09-28 10:22 - 2009-07-13 22:34 - 00000215 _____ () C:\Windows\system.ini
2014-09-28 10:21 - 2012-08-22 15:55 - 00000000 ____D () C:\Users\Sacred Heart
2014-09-28 08:30 - 2012-07-30 22:13 - 00000000 ____D () C:\Windows\Panther
2014-09-28 07:55 - 2013-05-30 09:03 - 00000000 ____D () C:\Users\Sacred Heart\AppData\Local\CrashDumps
2014-09-28 07:54 - 2013-05-02 21:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-28 07:36 - 2013-11-08 11:43 - 00000000 ____D () C:\Program Files\Google
2014-09-28 07:36 - 2012-07-30 18:53 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-27 22:45 - 2013-11-08 11:42 - 00000000 ____D () C:\Users\Sacred Heart\AppData\Local\Google
2014-09-27 21:17 - 2012-08-22 17:41 - 00000000 ____D () C:\Users\Sacred Heart\Documents\My Scans
2014-09-27 21:10 - 2014-02-21 15:52 - 00000000 ____D () C:\Users\Sacred Heart\Desktop\Publisher Bulletins
2014-09-27 21:10 - 2013-05-10 12:18 - 00000000 ___SD () C:\Users\Sacred Heart\Documents\My Data Sources
2014-09-27 20:21 - 2012-09-18 12:51 - 00000000 ____D () C:\Users\Sacred Heart\AppData\Local\Microsoft Games
2014-09-27 20:21 - 2012-08-28 14:23 - 00000000 ____D () C:\Users\Sacred Heart\AppData\Roaming\LPi Express HTD
2014-09-27 20:21 - 2012-08-22 17:25 - 00000000 ____D () C:\Users\Sacred Heart\AppData\Roaming\Adobe
2014-09-27 20:12 - 2012-08-22 16:30 - 00000000 ____D () C:\Users\Sacred Heart\AppData\Local\AMD
2014-09-27 20:12 - 2012-07-30 18:56 - 00000000 ____D () C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2014-09-27 16:02 - 2014-08-12 09:26 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-09-27 16:02 - 2014-07-07 08:54 - 00000000 ____D () C:\Users\Sacred Heart\AppData\Local\fc044c
2014-09-27 16:02 - 2012-10-10 10:01 - 00000000 ____D () C:\Users\Sacred Heart\AppData\Local\Apple Computer
2014-09-27 16:02 - 2012-08-22 17:28 - 00000000 ____D () C:\ProgramData\Ralink Driver
2014-09-27 16:01 - 2012-12-06 10:29 - 00000000 ____D () C:\ebsword
2014-09-27 16:01 - 2012-08-22 16:26 - 00000000 ____D () C:\ATI
2014-09-27 16:01 - 2012-08-22 16:21 - 00000000 ____D () C:\AMD
2014-09-26 08:42 - 2009-07-14 01:08 - 00032586 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-25 13:31 - 2012-08-22 17:41 - 00011858 _____ () C:\Users\Sacred Heart\Documents\WEEKLY2.xlsx
2014-09-25 08:44 - 2012-09-18 11:13 - 00001511 _____ () C:\Users\Sacred Heart\AppData\Local\print.ini
2014-09-24 08:32 - 2012-07-30 18:30 - 00000000 __SHD () C:\Users\Sacred Heart\AppData\Roaming\dteivvbh
2014-09-16 12:24 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-15 09:06 - 2012-07-30 18:59 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-05 12:02 - 2012-08-22 16:04 - 00000000 ____D () C:\Users\Sacred Heart\AppData\Local\Apple
2014-09-05 12:02 - 2012-07-31 14:51 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-05 12:02 - 2009-07-14 03:44 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-09-05 12:01 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2014-09-05 09:55 - 2013-03-13 12:12 - 14592872 _____ () C:\Users\Sacred Heart\Downloads\IMG_1150.mp4
2014-09-05 09:55 - 2012-08-22 17:41 - 00578630 _____ () C:\Users\Sacred Heart\Downloads\Palm01c_sc.eps
2014-09-05 09:54 - 2013-09-24 10:23 - 00546002 _____ () C:\Users\Sacred Heart\Downloads\bi03fa06_sc.eps
2014-09-05 09:54 - 2013-06-03 14:20 - 00636234 _____ () C:\Users\Sacred Heart\Downloads\bi57sp04_sc.eps
 
Files to move or delete:
====================
C:\Users\Sacred Heart\acrobat.exe
C:\Users\Sacred Heart\chrome935539.exe
C:\Users\Sacred Heart\ctfmon132343.exe
C:\Users\Sacred Heart\flashplayer560745.exe
C:\Users\Sacred Heart\googleupdate.exe
C:\Users\Sacred Heart\googleupdate27226.exe
C:\Users\Sacred Heart\msconfig464447.exe
C:\Users\Sacred Heart\mstsc524057.exe
C:\Users\Sacred Heart\rundll3238542.exe
C:\Users\Sacred Heart\rundll32826958.exe
C:\Users\Sacred Heart\spoolsv35736.exe
C:\Users\Sacred Heart\vlcplayer.exe
C:\Users\Sacred Heart\vlcplayer566390.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-28 11:17
 
==================== End Of Log ============================
Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-09-2014

Ran by Sacred Heart at 2014-09-28 13:05:26

Running from C:\Users\Sacred Heart\Desktop

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

==================== Installed Programs ======================

 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be un