Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

slow and sometimes freezing computer


  • Please log in to reply
3 replies to this topic

#1 elves1111

elves1111

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:09:53 PM

Posted 11 January 2013 - 05:04 PM

I recently cleared most of the hard drive onto my external one because of a very slow system. now even after clearing out my documents, it still slows down to a stop sometimes. when i can open task manager, my cpu % is at 0 and never more than 10 even though it has taken up to 5 or minutes just to open a file. plus, sometimes if i press ctrl-alt-del trying to get out of no movement, the screen goes black for a couple minutes and then an error window pops up saying ctrl-alt-del can't be accessed. when this has happened though, i haven't had the best of patience, so i didn't write down the error message. when all has literally frozen, for up to ten minutes sometimes, i can still move the cursor around, which leads to believe something is responsible for this that needs to be removed. am wondering if it is also on my external HD since the last couple times i have hooked up to it, it has taken so long to open up a file that i had to turn it off. i haven't scanned it with malwarebytes or eset, but i have my laptop and nothing is found. so i need to address the external HD also.

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:53 PM

Posted 11 January 2013 - 08:43 PM

Hello, it may not be malware. Lets take a look as we don't even have your OS.

Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.

>>>>

MiniToolBox
Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • List Minidump Files

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
>>>

ADW Cleaner

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

>>>>

I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

NOTE:Sometimes if ESET finds no infections it will not create a log.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 elves1111

elves1111
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:09:53 PM

Posted 13 January 2013 - 03:03 AM

forgot to mention its windows 7 64. This literaly took most of the day to do because the problem got as bad as it has today. i ended up having to boot in safe mode to finish the adwcleaner deletion part, since it stayed close to finishing for 2 hours before i finally restarted to no avail. tried ctrl-alt-del and wrote down the error message this time.

"Failure to display security and shutdown options.Log on process is unable to display security and log on options when ctrl+alt+del is pressed. If operating system doesn't respond, press ESC or restart computer by pressing power button."

I have eset on this laptop, but it too was taking a couple hours and was around 60% done with nothing found. I did a complete scan with it a couple days ago and didn't find anything so i decided to post all but the eset log, to hopefully get started on solving this issue. will still run the eset scan, but would rather not spend a few more hours waiting on a scan that might not even finish anyway the rate it has been moving.

though, after completing the adwcleaner "search" and "delete" using safe mode, it is doing better, it seems. before i booted in safe mode, i couldn't get opera or mozilla to open, even after waiting for almost an hour!

sorry if not supposed to post entire log but there isn't an attachment option, that i can find anyway.

MiniToolBox by Farbar Version:10-01-2013
Ran by me (administrator) on 12-01-2013 at 19:43:43
Running from "C:\Users\me\Desktop"
Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100888290cs.com

There are 15218 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Atheros AR5B93 Wireless Network Adapter = Wireless Network Connection (Connected)
Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
TAP-Win32 Adapter V9 = Local Area Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Wireless Network Connection" forwarding=disabled advertise=disabled mtu=1492 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Local Area Connection" forwarding=disabled advertise=disabled mtu=1492 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Wireless Network Connection 2" forwarding=disabled advertise=disabled mtu=1492 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Wireless Network Connection 3" forwarding=disabled advertise=disabled mtu=1492 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Wireless Network Connection 4" forwarding=disabled advertise=disabled mtu=1492 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Local Area Connection* 18" forwarding=disabled advertise=disabled mtu=1492 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
add address name="Local Area Connection* 18" address=10.196.56.34 mask=255.255.248.0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : me-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.ut.comcast.net.

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : TAP-Win32 Adapter V9 #2
Physical Address. . . . . . . . . : 00-FF-E2-D8-94-A9
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection* 18:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Anchorfree HSS Adapter
Physical Address. . . . . . . . . : 00-FF-E7-A8-33-EC
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 96-4C-E5-7D-A3-E2
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : 00-26-2D-70-F1-EE
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : hsd1.ut.comcast.net.
Description . . . . . . . . . . . : Atheros AR5B93 Wireless Network Adapter
Physical Address. . . . . . . . . : 90-4C-E5-7D-A3-E2
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::6c5e:6394:c3f3:edc3%10(Preferred)
IPv4 Address. . . . . . . . . . . : 10.0.0.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, January 12, 2013 7:37:16 PM
Lease Expires . . . . . . . . . . : Saturday, January 19, 2013 7:37:16 PM
Default Gateway . . . . . . . . . : 10.0.0.1
DHCP Server . . . . . . . . . . . : 10.0.0.1
DHCPv6 IAID . . . . . . . . . . . : 194006245
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-EF-81-F3-90-4C-E5-7D-A3-E2
DNS Servers . . . . . . . . . . . : 75.75.76.76
75.75.75.75
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.hsd1.ut.comcast.net.:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hsd1.ut.comcast.net.
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:1820:a0b:f5ff:fffc(Preferred)
Link-local IPv6 Address . . . . . : fe80::1820:a0b:f5ff:fffc%32(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{E2D894A9-A95D-494A-B07B-E290FAF6635C}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{E7A833EC-CD6F-4EAC-8833-F03013942FF6}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{637AADD0-3FDE-4C0E-9750-8454700929F5}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{9AA8ED52-9346-49FD-8D94-5B7D95BC0C3A}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: cdns02.comcast.net
Address: 75.75.76.76

Name: google.com
Addresses: 2001:4860:4001:801::1006
74.125.224.142
74.125.224.136
74.125.224.132
74.125.224.130
74.125.224.129
74.125.224.135
74.125.224.134
74.125.224.133
74.125.224.128
74.125.224.137
74.125.224.131


Pinging google.com [74.125.224.105] with 32 bytes of data:
Reply from 74.125.224.105: bytes=32 time=43ms TTL=55
Reply from 74.125.224.105: bytes=32 time=42ms TTL=55

Ping statistics for 74.125.224.105:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 42ms, Maximum = 43ms, Average = 42ms
Server: cdns02.comcast.net
Address: 75.75.76.76

Name: yahoo.com
Addresses: 98.138.253.109
72.30.38.140
98.139.183.24


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=62ms TTL=53
Reply from 72.30.38.140: bytes=32 time=85ms TTL=53

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 62ms, Maximum = 85ms, Average = 73ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
28...00 ff e2 d8 94 a9 ......TAP-Win32 Adapter V9 #2
24...00 ff e7 a8 33 ec ......Anchorfree HSS Adapter
13...96 4c e5 7d a3 e2 ......Microsoft Virtual WiFi Miniport Adapter
11...00 26 2d 70 f1 ee ......Broadcom NetLink ™ Gigabit Ethernet
10...90 4c e5 7d a3 e2 ......Atheros AR5B93 Wireless Network Adapter
1...........................Software Loopback Interface 1
33...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
32...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
26...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
27...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
34...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
30...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.0.1 10.0.0.3 20
10.0.0.0 255.255.255.0 On-link 10.0.0.3 276
10.0.0.3 255.255.255.255 On-link 10.0.0.3 276
10.0.0.255 255.255.255.255 On-link 10.0.0.3 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.0.0.3 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.0.0.3 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
32 58 ::/0 On-link
1 306 ::1/128 On-link
32 58 2001::/32 On-link
32 306 2001:0:4137:9e76:1820:a0b:f5ff:fffc/128
On-link
10 276 fe80::/64 On-link
32 306 fe80::/64 On-link
32 306 fe80::1820:a0b:f5ff:fffc/128
On-link
10 276 fe80::6c5e:6394:c3f3:edc3/128
On-link
1 306 ff00::/8 On-link
32 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 04 C:\Windows\SysWOW64\nwprovau.dll [File Not found] ()
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 27 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 29 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/10/2013 02:00:15 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
TraverseDir : Unable to FindFirstFile.

System Error:
Access is denied.
.

Error: (01/10/2013 02:00:13 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
TraverseDir : Unable to FindFirstFile.

System Error:
Access is denied.
.

Error: (01/09/2013 02:24:02 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
TraverseDir : Unable to FindFirstFile.

System Error:
Access is denied.
.

Error: (01/09/2013 00:42:41 AM) (Source: SecurityCenter) (User: )
Description: The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus, AntiSpyware and Firewall.

Error: (01/07/2013 02:57:12 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (01/06/2013 10:34:48 PM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 17.0.1.4715 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: ad0

Start Time: 01cde8b6d152a30b

Termination Time: 1352

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id:

Error: (01/06/2013 10:34:10 PM) (Source: Application Hang) (User: )
Description: The program opera.exe version 11.1.1190.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 2920

Start Time: 01cdec6fe96cb11a

Termination Time: 1084

Application Path: C:\Program Files (x86)\Opera\opera.exe

Report Id:

Error: (01/06/2013 10:05:40 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (01/06/2013 07:00:17 PM) (Source: Windows Backup) (User: )
Description: The backup did not complete because of an error writing to the backup location H:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (01/02/2013 02:32:34 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.


System errors:
=============
Error: (01/12/2013 07:37:37 PM) (Source: Service Control Manager) (User: )
Description: The Windows Defender service terminated with the following error:
%%126

Error: (01/12/2013 07:37:19 PM) (Source: Service Control Manager) (User: )
Description: The Audiowerk service failed to start due to the following error:
%%1275

Error: (01/12/2013 07:37:19 PM) (Source: Application Popup) (User: )
Description: \??\C:\Windows\SysWow64\drivers\Aw8Driver.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (01/12/2013 07:37:09 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 7:36:10 PM on ?1/?12/?2013 was unexpected.

Error: (01/12/2013 07:21:35 PM) (Source: DCOM) (User: )
Description: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}

Error: (01/12/2013 06:21:12 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (01/12/2013 06:20:42 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (01/12/2013 06:20:12 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (01/12/2013 06:19:42 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (01/10/2013 08:25:01 PM) (Source: DCOM) (User: )
Description: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}


Microsoft Office Sessions:
=========================
Error: (01/10/2013 02:00:15 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
TraverseDir : Unable to FindFirstFile.

System Error:
Access is denied.

Error: (01/10/2013 02:00:13 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
TraverseDir : Unable to FindFirstFile.

System Error:
Access is denied.

Error: (01/09/2013 02:24:02 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
TraverseDir : Unable to FindFirstFile.

System Error:
Access is denied.

Error: (01/09/2013 00:42:41 AM) (Source: SecurityCenter)(User: )
Description:

Error: (01/07/2013 02:57:12 AM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (01/06/2013 10:34:48 PM) (Source: Application Hang)(User: )
Description: firefox.exe17.0.1.4715ad001cde8b6d152a30b1352C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Error: (01/06/2013 10:34:10 PM) (Source: Application Hang)(User: )
Description: opera.exe11.1.1190.0292001cdec6fe96cb11a1084C:\Program Files (x86)\Opera\opera.exe

Error: (01/06/2013 10:05:40 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestF:\CRAIGKEYES ONLY!!!\coLmunztuff\DownloadsSS\SoftonicDownloader22094.exe

Error: (01/06/2013 07:00:17 PM) (Source: Windows Backup)(User: )
Description: H:\The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006)

Error: (01/02/2013 02:32:34 PM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8


CodeIntegrity Errors:
===================================
Date: 2012-04-20 00:53:22.989
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-04-20 00:53:22.958
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-04-20 00:53:22.942
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-04-20 00:53:22.911
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-04-20 00:46:30.727
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-04-20 00:46:30.711
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-04-20 00:46:30.680
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-04-20 00:46:30.665
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-04-19 13:12:21.105
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-04-19 13:12:21.089
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


=========================== Installed Programs ============================

7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
ABLPro 1.1.6
AC3Filter 1.63b (Version: 1.63b)
Acer Crystal Eye Webcam (Version: 5.2.9.3)
Ad-Aware Antivirus (Version: 10.1.211.3382)
Ad-Aware Browsing Protection (Version: 0.9.0.2)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.1.102.55)
Adobe Flash Player 11 Plugin (Version: 11.5.502.135)
Adobe Reader X (10.1.5) (Version: 10.1.5)
Adobe Shockwave Player 11.6 (Version: 11.6.4.634)
ALPS Touch Pad Driver (Version: 7.105.2015.1105)
Apple Application Support (Version: 2.1.7)
Apple Software Update (Version: 2.1.3.127)
ARP2600 V2 2.0
Ashampoo Burning Studio 11 v.11.0.4 (Version: 11.0.4)
Ashampoo WinOptimizer 9 v.9.2.0 (Version: 9.2.0)
ATI Catalyst Install Manager (Version: 3.0.750.0)
Avanquest update (Version: 1.29)
Bolt PDF Printer
Broadcom Gigabit NetLink Controller (Version: 12.33.03)
Camel Audio Alchemy64 (Version: 1.25.0)
CCleaner (Version: 3.25)
Chinese Traditional Fonts Support For Adobe Reader X (Version: 10.0.0)
ConvertXtoDVD 4.1.19.365 (Version: 4.1.19.365)
CopyTrans Suite Remove Only (Version: 2.36)
Corel Graphics - Windows Shell Extension (Version: 16.0.0.707)
Corel Graphics - Windows Shell Extension (Version: 16.0.707)
Corel Graphics - Windows Shell Extension 64 Bit (Version: 16.0.707)
Corel Website Creator X6 (Version: 12.5)
Corel Website Creator X6 (Version: 12.50.0000.5100)
CorelDRAW Graphics Suite X5 - Capture (Version: 15.0)
CorelDRAW Graphics Suite X5 - Common (Version: 15.0)
CorelDRAW Graphics Suite X5 - Connect (Version: 15.0)
CorelDRAW Graphics Suite X5 - Custom Data (Version: 15.0)
CorelDRAW Graphics Suite X5 - Draw (Version: 15.0)
CorelDRAW Graphics Suite X5 - EN (Version: 15.0)
CorelDRAW Graphics Suite X5 - Filters (Version: 15.0)
CorelDRAW Graphics Suite X5 - FontNav (Version: 15.0)
CorelDRAW Graphics Suite X5 - IPM (Version: 15.0)
CorelDRAW Graphics Suite X5 - PHOTO-PAINT (Version: 15.0)
CorelDRAW Graphics Suite X5 - Photozoom Plugin (Version: 15.0)
CorelDRAW Graphics Suite X5 - Redist (Version: 15.0)
CorelDRAW Graphics Suite X5 - Setup Files (Version: 15.0)
CorelDRAW Graphics Suite X5 - VBA (Version: 15.0)
CorelDRAW Graphics Suite X5 - VideoBrowser (Version: 15.0)
CorelDRAW Graphics Suite X5 - VSTA (Version: 15.0)
CorelDRAW Graphics Suite X5 - WT (Version: 15.0)
CorelDRAW Graphics Suite X5 (Version: 15.0)
CorelDRAW® Graphics Suite X5 (Version: 15.0.0.486)
Diversion VST version 1.11 (Version: 1.11)
DivX Web Player (Version: 1.5.0)
DjVuLibre+DjView (Version: 3.5.24+4.8)
Doxillion Document Converter
Driver Genius Professional Edition (Version: 11.0)
eLicenser Control
ESET Smart Security (Version: 5.0.94.0)
Expat Shield 2.25 (Version: 2.25)
Express Burn Disc Burning Software
Express Rip
FileHippo.com Update Checker
foobar2000 v1.1.7 (Version: 1.1.7)
FXpansion Etch (Version: 1.0.0.6)
Game Booster 3 (Version: 3.3.1)
GForce impOSCar v1.10 VSTi RTAS
Google Update Helper (Version: 1.3.21.123)
GPL Ghostscript (Version: 9.05)
HiJackThis (Version: 1.0.0)
HWiNFO32 Version 3.93 (Version: 3.93)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2555)
Intel® Management Engine Components (Version: 6.0.0.1179)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
Java™ 7 Update 3 (64-bit) (Version: 7.0.30)
K-Lite Codec Pack 7.0.0 (Standard) (Version: 7.0.0)
KORG Legacy Collection - ANALOG EDITION 2007 (Version: 1.2.3)
KORG Legacy Collection - DIGITAL EDITION (Version: 1.3.2)
Lexicon Omega Driver (Version: 2.7)
M-Audio Axiom Driver 1.1.1 (x64) (Version: 1.1.1)
MAGIX Burn routines (64-Bit) (Version: 9.0.0.212)
MAGIX Low Latency Driver (64-Bit) (Version: 2.10.2011.0)
MAGIX Speed burnR (MSI) (Version: 7.0.1.27)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Mask My IP (Version: 2.2.7.2)
Media Convert Master 8.1.1.2
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office Excel Viewer (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual J# 2.0 Redistributable Package
Microsoft Visual J# 2.0 Redistributable Package (Version: 2.0.50727)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (Version: 9.0.30729)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (Version: 9.0.30729)
MIDI-OX (Version: 7.02.372)
MotoHelper 2.1.32 Driver 5.4.0 (Version: 2.1.32)
MotoHelper MergeModules (Version: 1.2.0)
Motorola Mobile Drivers Installation 5.4.0 (Version: 5.4.0)
Motorola Phone Tools (Version: 5.00)
Motorola Phone Tools (Version: 5.31a 05/13/2010)
Movica (Version: 1.6.6)
Mozilla Firefox 18.0 (x86 en-US) (Version: 18.0)
Mozilla Maintenance Service (Version: 15.0.1)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
Native Instruments Reaktor 5
NI Service Center
Nuklear VST2 1.1.1 (Version: 1.1.1)
Nuklear VST3 1.1.1 (Version: 1.1.1)
Open Freely (Version: 1.0)
Opera 12.12 (Version: 12.12.1707)
PCB Artist Version 1.5.1 (Version: 1.5)
PowerISO (Version: 4.7)
Prism Video File Converter
qBittorrent 3.0.6
QuickTime (Version: 7.72.80.56)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
Realtek High Definition Audio Driver (Version: 6.0.1.6254)
RealUpgrade 1.1 (Version: 1.1.0)
REAPER (x64)
Reason 5.0 (Version: 5.0)
ReFill Packer 4.1.1 (Version: 4.1.1)
reFX Nexus VSTi RTAS v2.2.0
Rob Papen Albino 3
Rob Papen Predator V1.5.8 64 bits single core
Samplitude Pro X Suite Download Version (Version: 12.0.0.59)
SecurityKISS Tunnel v0.2.2
SOMAFM
Spybot - Search & Destroy (Version: 1.6.2)
SpywareBlaster 4.6 (Version: 4.6.0)
Sugar Bytes Cyclop 1.0.1 (Version: 1.0.1)
SUPERAntiSpyware (Version: 5.0.1136)
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 14.0.6.0)
System Requirements Lab for Intel (Version: 4.4.16.0)
The Baconing
The Soap Calculator 3.0 (Version: 3.0)
Tilt Mouse Software 4.1
Tixati
TubeOhm Pure-PoneV1_6
Ultra Fractal 5.04
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
VC80CRTRedist - 8.0.50727.762 (Version: 1.0.0)
Veoh Giraffic Video Accelerator (Version: 0.86.246.230)
Veoh Web Player (Version: 1.1.2.0000)
Visual Basic for Applications ® Core - English (Version: 6.4.99.69)
Visual Basic for Applications ® Core (Version: 6.4.99.69)
VLC media player 2.0.4 (Version: 2.0.4)
Waldorf Largo
WebcamMax (Version: 7.6.2.2.MultiLanguage)
WIDCOMM Bluetooth Software (Version: 6.2.1.800)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (Version: 07/30/2009 6.2.0.9405)
Windows Driver Package - Broadcom Bluetooth (09/11/2009 6.2.0.9407) (Version: 09/11/2009 6.2.0.9407)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (Version: 07/28/2009 6.2.0.9800)
WinPatrol (Version: 20.5.2011.0)
WinPatrol (Version: 25.6.2012.1)
WinRAR archiver
Xara Designer Pro 6 (Version: 6.1.1.13205)
Xara Designer Pro 6 Content Pack (Version: 1.0.0.0)
XenoDream 1.5 (Version: 1.5)
XILS-lab polyKB II VSTi RTAS v2.0.1
XILS-lab XILS-3 VSTi RTAS v1.3.0
XILS 3 (Version: 1.0.8)
Xvid Video Codec (Version: 1.3.2)
Zamzom Wireless (Version: 1.0.0)

========================= Memory info: ===================================

Percentage of memory in use: 33%
Total physical RAM: 3764.5 MB
Available physical RAM: 2485.98 MB
Total Pagefile: 7527.19 MB
Available Pagefile: 6255.73 MB
Total Virtual: 4095.88 MB
Available Virtual: 3968.29 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:298.08 GB) (Free:182.63 GB) NTFS

========================= Users: ========================================

User accounts for \\ME-PC

Administrator Guest me

========================= Minidump Files ==================================

No minidump file found


**** End of log ****

19:53:15.0616 4488 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:53:16.0115 4488 ============================================================
19:53:16.0115 4488 Current date / time: 2013/01/12 19:53:16.0115
19:53:16.0115 4488 SystemInfo:
19:53:16.0115 4488
19:53:16.0115 4488 OS Version: 6.1.7601 ServicePack: 1.0
19:53:16.0115 4488 Product type: Workstation
19:53:16.0115 4488 ComputerName: ME-PC
19:53:16.0115 4488 UserName: me
19:53:16.0115 4488 Windows directory: C:\Windows
19:53:16.0115 4488 System windows directory: C:\Windows
19:53:16.0115 4488 Running under WOW64
19:53:16.0115 4488 Processor architecture: Intel x64
19:53:16.0115 4488 Number of processors: 4
19:53:16.0115 4488 Page size: 0x1000
19:53:16.0115 4488 Boot type: Normal boot
19:53:16.0115 4488 ============================================================
19:53:17.0690 4488 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:53:17.0706 4488 ============================================================
19:53:17.0706 4488 \Device\Harddisk0\DR0:
19:53:17.0706 4488 MBR partitions:
19:53:17.0706 4488 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x254297C1
19:53:17.0706 4488 ============================================================
19:53:17.0737 4488 C: <-> \Device\Harddisk0\DR0\Partition1
19:53:17.0737 4488 ============================================================
19:53:17.0737 4488 Initialize success
19:53:17.0737 4488 ============================================================
19:54:43.0834 1704 ============================================================
19:54:43.0834 1704 Scan started
19:54:43.0834 1704 Mode: Manual; TDLFS;
19:54:43.0834 1704 ============================================================
19:54:44.0209 1704 ================ Scan system memory ========================
19:54:44.0209 1704 System memory - ok
19:54:44.0209 1704 ================ Scan services =============================
19:54:44.0333 1704 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
19:54:44.0333 1704 !SASCORE - ok
19:54:44.0489 1704 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:54:44.0755 1704 1394ohci - ok
19:54:44.0817 1704 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:54:44.0973 1704 ACPI - ok
19:54:44.0989 1704 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:54:45.0332 1704 AcpiPmi - ok
19:54:45.0379 1704 ACRUSBTM - ok
19:54:45.0488 1704 [ 09E61047B0CEF21559CFCEDF4F14D216 ] Ad-Aware Service C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
19:54:45.0488 1704 Ad-Aware Service - ok
19:54:45.0566 1704 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:54:45.0566 1704 AdobeARMservice - ok
19:54:45.0628 1704 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:54:45.0925 1704 adp94xx - ok
19:54:45.0956 1704 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:54:46.0221 1704 adpahci - ok
19:54:46.0237 1704 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:54:46.0517 1704 adpu320 - ok
19:54:46.0564 1704 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:54:46.0564 1704 AeLookupSvc - ok
19:54:46.0611 1704 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:54:46.0829 1704 AFD - ok
19:54:46.0907 1704 [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
19:54:47.0141 1704 AgereSoftModem - ok
19:54:47.0173 1704 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:54:47.0407 1704 agp440 - ok
19:54:47.0453 1704 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:54:47.0453 1704 ALG - ok
19:54:47.0485 1704 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:54:47.0719 1704 aliide - ok
19:54:47.0719 1704 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:54:47.0734 1704 amdide - ok
19:54:47.0781 1704 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:54:48.0031 1704 AmdK8 - ok
19:54:48.0046 1704 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:54:48.0343 1704 AmdPPM - ok
19:54:48.0389 1704 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:54:48.0639 1704 amdsata - ok
19:54:48.0670 1704 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:54:48.0951 1704 amdsbs - ok
19:54:48.0982 1704 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:54:49.0013 1704 amdxata - ok
19:54:49.0060 1704 [ 9815014F3E30357168DA272088C6F12F ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
19:54:49.0263 1704 ApfiltrService - ok
19:54:49.0325 1704 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:54:49.0559 1704 AppID - ok
19:54:49.0591 1704 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:54:49.0591 1704 AppIDSvc - ok
19:54:49.0622 1704 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:54:49.0856 1704 Appinfo - ok
19:54:49.0903 1704 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
19:54:49.0903 1704 AppMgmt - ok
19:54:49.0949 1704 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
19:54:50.0199 1704 arc - ok
19:54:50.0230 1704 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:54:50.0511 1704 arcsas - ok
19:54:50.0558 1704 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:54:50.0807 1704 AsyncMac - ok
19:54:50.0854 1704 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:54:50.0854 1704 atapi - ok
19:54:50.0932 1704 [ 0ACC06FCF46F64ED4F11E57EE461C1F4 ] athr C:\Windows\system32\DRIVERS\athrx.sys
19:54:51.0182 1704 athr - ok
19:54:51.0229 1704 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:54:51.0244 1704 AudioEndpointBuilder - ok
19:54:51.0275 1704 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:54:51.0275 1704 AudioSrv - ok
19:54:51.0291 1704 Audiowerk - ok
19:54:51.0322 1704 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:54:51.0463 1704 AxInstSV - ok
19:54:51.0509 1704 [ A4F12C74DE1A2E7E24CD331D308FA562 ] AXIOM C:\Windows\system32\DRIVERS\MAudioAxiom.sys
19:54:51.0821 1704 AXIOM - ok
19:54:51.0868 1704 [ 557E7BE0DAEE117E6261198380E40185 ] AxiomAudioDevMon C:\Program Files (x86)\M-Audio\Axiom\AudioDevMon.exe
19:54:51.0868 1704 AxiomAudioDevMon - ok
19:54:51.0915 1704 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
19:54:52.0149 1704 b06bdrv - ok
19:54:52.0196 1704 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:54:52.0461 1704 b57nd60a - ok
19:54:52.0508 1704 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:54:52.0508 1704 BDESVC - ok
19:54:52.0523 1704 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:54:52.0757 1704 Beep - ok
19:54:52.0804 1704 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
19:54:52.0820 1704 BFE - ok
19:54:52.0867 1704 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
19:54:53.0085 1704 BITS - ok
19:54:53.0116 1704 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:54:53.0506 1704 blbdrive - ok
19:54:53.0537 1704 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:54:53.0756 1704 bowser - ok
19:54:53.0787 1704 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:54:54.0068 1704 BrFiltLo - ok
19:54:54.0083 1704 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:54:54.0473 1704 BrFiltUp - ok
19:54:54.0520 1704 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
19:54:54.0723 1704 BridgeMP - ok
19:54:54.0754 1704 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
19:54:54.0754 1704 Browser - ok
19:54:54.0785 1704 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:54:55.0066 1704 Brserid - ok
19:54:55.0082 1704 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:54:55.0378 1704 BrSerWdm - ok
19:54:55.0409 1704 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:54:55.0706 1704 BrUsbMdm - ok
19:54:55.0721 1704 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:54:56.0018 1704 BrUsbSer - ok
19:54:56.0033 1704 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:54:56.0423 1704 BTHMODEM - ok
19:54:56.0486 1704 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:54:56.0689 1704 bthserv - ok
19:54:56.0751 1704 [ DCF8D8F1F87743509D9C0207CB28637D ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
19:54:56.0767 1704 btwdins - ok
19:54:56.0782 1704 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:54:57.0047 1704 cdfs - ok
19:54:57.0094 1704 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:54:57.0375 1704 cdrom - ok
19:54:57.0406 1704 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:54:57.0406 1704 CertPropSvc - ok
19:54:57.0453 1704 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:54:57.0703 1704 circlass - ok
19:54:57.0734 1704 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:54:58.0015 1704 CLFS - ok
19:54:58.0077 1704 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:54:58.0077 1704 clr_optimization_v2.0.50727_32 - ok
19:54:58.0155 1704 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:54:58.0358 1704 clr_optimization_v2.0.50727_64 - ok
19:54:58.0436 1704 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:54:58.0436 1704 clr_optimization_v4.0.30319_32 - ok
19:54:58.0467 1704 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:54:58.0467 1704 clr_optimization_v4.0.30319_64 - ok
19:54:58.0498 1704 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:54:58.0717 1704 CmBatt - ok
19:54:58.0748 1704 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:54:59.0044 1704 cmdide - ok
19:54:59.0075 1704 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
19:54:59.0107 1704 CNG - ok
19:54:59.0138 1704 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:54:59.0387 1704 Compbatt - ok
19:54:59.0419 1704 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:54:59.0699 1704 CompositeBus - ok
19:54:59.0715 1704 COMSysApp - ok
19:54:59.0809 1704 cpuz135 - ok
19:54:59.0840 1704 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:55:00.0043 1704 crcdisk - ok
19:55:00.0105 1704 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:55:00.0105 1704 CryptSvc - ok
19:55:00.0152 1704 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
19:55:00.0386 1704 CSC - ok
19:55:00.0433 1704 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
19:55:00.0433 1704 CscService - ok
19:55:00.0464 1704 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:55:00.0698 1704 DcomLaunch - ok
19:55:00.0729 1704 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:55:00.0729 1704 defragsvc - ok
19:55:00.0776 1704 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:55:01.0025 1704 DfsC - ok
19:55:01.0072 1704 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:55:01.0369 1704 Dhcp - ok
19:55:01.0478 1704 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:55:01.0727 1704 discache - ok
19:55:01.0759 1704 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:55:02.0055 1704 Disk - ok
19:55:02.0102 1704 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:55:02.0102 1704 Dnscache - ok
19:55:02.0133 1704 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:55:02.0133 1704 dot3svc - ok
19:55:02.0180 1704 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:55:02.0180 1704 DPS - ok
19:55:02.0211 1704 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:55:12.0959 1704 drmkaud - ok
19:55:13.0006 1704 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:55:13.0412 1704 DXGKrnl - ok
19:55:13.0459 1704 [ 13533557D01B88C83110D5CF749F14D7 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
19:55:13.0786 1704 eamonm - ok
19:55:13.0833 1704 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:55:13.0833 1704 EapHost - ok
19:55:13.0927 1704 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
19:55:14.0145 1704 ebdrv - ok
19:55:14.0161 1704 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:55:14.0176 1704 EFS - ok
19:55:14.0207 1704 [ E097728129E7B79BF1089D7AEF42332B ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
19:55:14.0395 1704 ehdrv - ok
19:55:14.0457 1704 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:55:14.0738 1704 ehRecvr - ok
19:55:14.0769 1704 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:55:14.0785 1704 ehSched - ok
19:55:14.0878 1704 [ C7BB95CF9631AA401E4ADED1648F6AF7 ] ekrn C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
19:55:14.0878 1704 ekrn - ok
19:55:14.0925 1704 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:55:15.0112 1704 elxstor - ok
19:55:15.0159 1704 [ 198C6FBC30BBD9632EA051203DCCF204 ] epfw C:\Windows\system32\DRIVERS\epfw.sys
19:55:15.0455 1704 epfw - ok
19:55:15.0471 1704 [ 56DE463F517710A8AA44EEF82C35B3C9 ] EpfwLWF C:\Windows\system32\DRIVERS\EpfwLWF.sys
19:55:15.0799 1704 EpfwLWF - ok
19:55:15.0814 1704 [ 710B0442BB2F99278D7B8E02A8849C11 ] epfwwfp C:\Windows\system32\DRIVERS\epfwwfp.sys
19:55:16.0142 1704 epfwwfp - ok
19:55:16.0157 1704 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:55:16.0547 1704 ErrDev - ok
19:55:16.0610 1704 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:55:16.0828 1704 EventSystem - ok
19:55:16.0844 1704 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:55:27.0155 1704 exfat - ok
19:55:27.0249 1704 [ 6C5B729C5934E2D8EC0BD6762AAE9251 ] ExpatShieldService C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe
19:55:27.0249 1704 ExpatShieldService - ok
19:55:27.0311 1704 [ 2CFEA9C337B699ACA38487E8A7438F35 ] ExpatSrv C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe
19:55:27.0311 1704 ExpatSrv - ok
19:55:27.0327 1704 [ C73830C0AA60BD62CBD16B45DA7D87FD ] ExpatTrayService C:\Program Files (x86)\Expat Shield\bin\ExpatTrayService.EXE
19:55:27.0327 1704 ExpatTrayService - ok
19:55:27.0343 1704 ExpatWd - ok
19:55:27.0374 1704 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:55:27.0545 1704 fastfat - ok
19:55:27.0592 1704 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:55:27.0608 1704 Fax - ok
19:55:27.0623 1704 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:55:27.0857 1704 fdc - ok
19:55:27.0904 1704 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:55:27.0904 1704 fdPHost - ok
19:55:27.0920 1704 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:55:27.0920 1704 FDResPub - ok
19:55:27.0920 1704 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:55:28.0325 1704 FileInfo - ok
19:55:28.0341 1704 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:55:38.0294 1704 Filetrace - ok
19:55:38.0325 1704 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:55:38.0715 1704 flpydisk - ok
19:55:38.0762 1704 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:55:39.0012 1704 FltMgr - ok
19:55:39.0105 1704 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
19:55:39.0121 1704 FontCache - ok
19:55:39.0168 1704 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:55:39.0370 1704 FontCache3.0.0.0 - ok
19:55:39.0433 1704 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:55:49.0417 1704 FsDepends - ok
19:55:49.0495 1704 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:55:49.0900 1704 Fs_Rec - ok
19:55:49.0963 1704 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:55:50.0259 1704 fvevol - ok
19:55:50.0290 1704 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:55:50.0571 1704 gagp30kx - ok
19:55:50.0649 1704 Giraffic - ok
19:55:50.0696 1704 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:55:50.0992 1704 gpsvc - ok
19:55:51.0133 1704 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:55:51.0133 1704 gupdate - ok
19:55:51.0180 1704 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:55:51.0180 1704 gupdatem - ok
19:55:51.0289 1704 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:55:51.0492 1704 hcw85cir - ok
19:55:51.0538 1704 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:55:51.0850 1704 HdAudAddService - ok
19:55:51.0897 1704 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
19:55:52.0162 1704 HDAudBus - ok
19:55:52.0225 1704 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
19:55:52.0552 1704 HECIx64 - ok
19:55:52.0599 1704 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:55:52.0927 1704 HidBatt - ok
19:55:52.0974 1704 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:55:53.0286 1704 HidBth - ok
19:55:53.0332 1704 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:55:53.0691 1704 HidIr - ok
19:55:53.0738 1704 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
19:55:53.0738 1704 hidserv - ok
19:55:53.0785 1704 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:56:04.0674 1704 HidUsb - ok
19:56:04.0720 1704 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:56:04.0720 1704 hkmsvc - ok
19:56:04.0767 1704 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:56:05.0142 1704 HomeGroupListener - ok
19:56:05.0188 1704 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:56:05.0500 1704 HomeGroupProvider - ok
19:56:05.0578 1704 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:56:06.0000 1704 HpSAMD - ok
19:56:06.0046 1704 [ 80B0C0D39178E80905E30FA92C0F6D43 ] HssDrv C:\Windows\system32\DRIVERS\HssDrv.sys
19:56:06.0873 1704 HssDrv - ok
19:56:06.0951 1704 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:56:07.0107 1704 HTTP - ok
19:56:07.0154 1704 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:56:07.0170 1704 hwpolicy - ok
19:56:07.0232 1704 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:56:07.0450 1704 i8042prt - ok
19:56:07.0544 1704 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:56:07.0934 1704 iaStorV - ok
19:56:07.0996 1704 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:56:07.0996 1704 idsvc - ok
19:56:08.0324 1704 [ F4F91789C7C7A159CE8215C1F69F2A85 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
19:56:09.0369 1704 igfx - ok
19:56:09.0432 1704 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:56:09.0525 1704 iirsp - ok
19:56:09.0572 1704 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:56:09.0572 1704 IKEEXT - ok
19:56:09.0603 1704 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
19:56:19.0884 1704 Impcd - ok
19:56:19.0993 1704 [ F4C031439501F6C1D336A36D7CB58F4F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:56:30.0180 1704 IntcAzAudAddService - ok
19:56:30.0226 1704 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
19:56:38.0650 1704 IntcDAud - ok
19:56:38.0682 1704 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:56:39.0056 1704 intelide - ok
19:56:39.0103 1704 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:56:39.0384 1704 intelppm - ok
19:56:39.0508 1704 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:56:39.0508 1704 IPBusEnum - ok
19:56:39.0555 1704 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:56:50.0304 1704 IpFilterDriver - ok
19:56:50.0366 1704 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:56:50.0366 1704 iphlpsvc - ok
19:56:50.0397 1704 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:56:50.0678 1704 IPMIDRV - ok
19:56:50.0740 1704 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:57:01.0442 1704 IPNAT - ok
19:57:01.0473 1704 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:57:11.0582 1704 IRENUM - ok
19:57:11.0613 1704 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:57:12.0019 1704 isapnp - ok
19:57:12.0034 1704 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:57:12.0409 1704 iScsiPrt - ok
19:57:12.0471 1704 [ D85F3F18E44F7447B5F1BA5C85BAEB7C ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
19:57:12.0471 1704 k57nd60a - ok
19:57:12.0502 1704 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
19:57:12.0799 1704 kbdclass - ok
19:57:12.0830 1704 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
19:57:13.0189 1704 kbdhid - ok
19:57:13.0204 1704 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:57:13.0220 1704 KeyIso - ok
19:57:13.0251 1704 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:57:13.0251 1704 KSecDD - ok
19:57:13.0267 1704 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:57:13.0282 1704 KSecPkg - ok
19:57:13.0314 1704 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:57:13.0594 1704 ksthunk - ok
19:57:13.0626 1704 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:57:13.0922 1704 KtmRm - ok
19:57:14.0000 1704 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
19:57:14.0000 1704 LanmanServer - ok
19:57:14.0031 1704 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:57:14.0031 1704 LanmanWorkstation - ok
19:57:14.0109 1704 Lavasoft Kernexplorer - ok
19:57:14.0140 1704 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:57:24.0733 1704 lltdio - ok
19:57:24.0811 1704 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:57:24.0826 1704 lltdsvc - ok
19:57:24.0826 1704 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:57:25.0216 1704 lmhosts - ok
19:57:25.0341 1704 [ 1307A05E6B8B2C161DF63C12AF55BE73 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
19:57:25.0341 1704 LMS - ok
19:57:25.0388 1704 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:57:25.0731 1704 LSI_FC - ok
19:57:25.0747 1704 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:57:26.0059 1704 LSI_SAS - ok
19:57:26.0106 1704 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:57:26.0464 1704 LSI_SAS2 - ok
19:57:26.0511 1704 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:57:26.0901 1704 LSI_SCSI - ok
19:57:26.0917 1704 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:57:27.0291 1704 luafv - ok
19:57:27.0338 1704 [ A832517901EEF41C206D70FCEC89B275 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
19:57:37.0993 1704 LVRS64 - ok
19:57:38.0243 1704 [ 644E919936A8017B5F205E7FE7EDD19F ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
19:57:49.0365 1704 LVUVC64 - ok
19:57:49.0443 1704 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
19:57:50.0364 1704 MBAMProtector - ok
19:57:50.0473 1704 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
19:57:50.0473 1704 MBAMScheduler - ok
19:57:50.0520 1704 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
19:57:50.0535 1704 MBAMService - ok
19:57:50.0551 1704 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:57:50.0567 1704 Mcx2Svc - ok
19:57:50.0567 1704 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:57:50.0676 1704 megasas - ok
19:57:50.0707 1704 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:57:51.0128 1704 MegaSR - ok
19:57:51.0159 1704 [ BA7E071E855D4C502916164A31B05D4D ] MHIKEY10 C:\Windows\system32\Drivers\MHIKEY10x64.sys
19:58:01.0533 1704 MHIKEY10 - ok
19:58:01.0565 1704 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:58:01.0565 1704 MMCSS - ok
19:58:01.0580 1704 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:58:01.0939 1704 Modem - ok
19:58:01.0986 1704 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:58:02.0391 1704 monitor - ok
19:58:02.0454 1704 [ C94A2EA3FDFA5D650884926B710B7DB1 ] motccgp C:\Windows\system32\DRIVERS\motccgp.sys
19:58:13.0452 1704 motccgp - ok
19:58:13.0483 1704 [ D51E009BAEDA07EBC107D49D224C2414 ] motccgpfl C:\Windows\system32\DRIVERS\motccgpfl.sys
19:58:23.0576 1704 motccgpfl - ok
19:58:23.0639 1704 [ 060F0EF84F430802DF3788F3DCFD009C ] motmodem C:\Windows\system32\DRIVERS\motmodem.sys
19:58:33.0716 1704 motmodem - ok
19:58:33.0779 1704 [ 9DFD34E6841C460B5D992A1C5327AE69 ] MotoHelper C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
19:58:33.0779 1704 MotoHelper - ok
19:58:33.0825 1704 [ 060F0EF84F430802DF3788F3DCFD009C ] motport C:\Windows\system32\DRIVERS\motport.sys
19:58:34.0169 1704 motport - ok
19:58:34.0200 1704 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:58:42.0593 1704 mouclass - ok
19:58:42.0639 1704 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:58:52.0998 1704 mouhid - ok
19:58:53.0013 1704 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:58:53.0029 1704 mountmgr - ok
19:58:53.0123 1704 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:58:53.0123 1704 MozillaMaintenance - ok
19:58:53.0169 1704 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:58:53.0497 1704 mpio - ok
19:58:53.0513 1704 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:59:04.0121 1704 mpsdrv - ok
19:59:04.0245 1704 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:59:04.0261 1704 MpsSvc - ok
19:59:04.0292 1704 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:59:04.0776 1704 MRxDAV - ok
19:59:04.0807 1704 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:59:05.0181 1704 mrxsmb - ok
19:59:05.0228 1704 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:59:05.0618 1704 mrxsmb10 - ok
19:59:05.0634 1704 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:59:06.0008 1704 mrxsmb20 - ok
19:59:06.0039 1704 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:59:06.0429 1704 msahci - ok
19:59:06.0445 1704 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:59:06.0851 1704 msdsm - ok
19:59:06.0897 1704 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:59:06.0897 1704 MSDTC - ok
19:59:06.0944 1704 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:59:07.0272 1704 Msfs - ok
19:59:07.0287 1704 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:59:07.0646 1704 mshidkmdf - ok
19:59:07.0693 1704 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:59:08.0067 1704 msisadrv - ok
19:59:08.0130 1704 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:59:08.0130 1704 MSiSCSI - ok
19:59:08.0145 1704 msiserver - ok
19:59:08.0177 1704 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:59:18.0348 1704 MSKSSRV - ok
19:59:18.0363 1704 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:59:28.0472 1704 MSPCLOCK - ok
19:59:28.0488 1704 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:59:28.0956 1704 MSPQM - ok
19:59:29.0003 1704 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:59:29.0018 1704 MsRPC - ok
19:59:29.0050 1704 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:59:29.0346 1704 mssmbios - ok
19:59:29.0408 1704 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:59:39.0626 1704 MSTEE - ok
19:59:39.0658 1704 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:59:40.0110 1704 MTConfig - ok
19:59:40.0141 1704 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:59:40.0141 1704 Mup - ok
19:59:40.0172 1704 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:59:40.0172 1704 napagent - ok
19:59:40.0219 1704 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:59:50.0780 1704 NativeWifiP - ok
19:59:50.0827 1704 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
19:59:51.0186 1704 NDIS - ok
19:59:51.0248 1704 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:00:01.0903 1704 NdisCap - ok
20:00:01.0966 1704 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:00:12.0074 1704 NdisTapi - ok
20:00:12.0121 1704 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:00:22.0199 1704 Ndisuio - ok
20:00:22.0230 1704 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:00:22.0698 1704 NdisWan - ok
20:00:22.0698 1704 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:00:33.0384 1704 NDProxy - ok
20:00:33.0400 1704 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:00:33.0899 1704 NetBIOS - ok
20:00:33.0930 1704 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:00:33.0961 1704 NetBT - ok
20:00:33.0977 1704 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
20:00:33.0977 1704 Netlogon - ok
20:00:34.0008 1704 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
20:00:34.0024 1704 Netman - ok
20:00:34.0039 1704 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
20:00:34.0039 1704 netprofm - ok
20:00:34.0070 1704 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:00:34.0070 1704 NetTcpPortSharing - ok
20:00:34.0102 1704 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
20:00:34.0351 1704 nfrd960 - ok
20:00:34.0382 1704 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:00:34.0398 1704 NlaSvc - ok
20:00:34.0414 1704 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:00:34.0788 1704 Npfs - ok
20:00:34.0819 1704 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
20:00:34.0819 1704 nsi - ok
20:00:34.0835 1704 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:00:35.0240 1704 nsiproxy - ok
20:00:35.0318 1704 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:00:35.0693 1704 Ntfs - ok
20:00:35.0724 1704 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
20:00:46.0519 1704 Null - ok
20:00:46.0613 1704 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:00:47.0143 1704 nvraid - ok
20:00:47.0174 1704 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:00:47.0596 1704 nvstor - ok
20:00:47.0642 1704 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:00:48.0017 1704 nv_agp - ok
20:00:48.0048 1704 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:00:48.0469 1704 ohci1394 - ok
20:00:48.0516 1704 [ E56F8148DF59BCEC1B4BA822B6AA4E9B ] P0630VID C:\Windows\system32\DRIVERS\P0630Vid.sys
20:00:58.0999 1704 P0630VID - ok
20:00:59.0077 1704 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:00:59.0077 1704 p2pimsvc - ok
20:00:59.0108 1704 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
20:00:59.0108 1704 p2psvc - ok
20:00:59.0140 1704 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:00:59.0498 1704 Parport - ok
20:00:59.0530 1704 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:00:59.0545 1704 partmgr - ok
20:00:59.0561 1704 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:00:59.0561 1704 PcaSvc - ok
20:00:59.0576 1704 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
20:00:59.0982 1704 pci - ok
20:01:00.0013 1704 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
20:01:00.0029 1704 pciide - ok
20:01:00.0044 1704 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:01:00.0434 1704 pcmcia - ok
20:01:00.0450 1704 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
20:01:00.0466 1704 pcw - ok
20:01:00.0497 1704 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:01:00.0902 1704 PEAUTH - ok
20:01:00.0965 1704 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
20:01:00.0980 1704 PeerDistSvc - ok
20:01:01.0058 1704 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:01:01.0058 1704 PerfHost - ok
20:01:01.0136 1704 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
20:01:01.0136 1704 pla - ok
20:01:01.0183 1704 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:01:01.0292 1704 PlugPlay - ok
20:01:01.0324 1704 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:01:01.0339 1704 PNRPAutoReg - ok
20:01:01.0355 1704 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:01:01.0355 1704 PNRPsvc - ok
20:01:01.0370 1704 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:01:01.0370 1704 PolicyAgent - ok
20:01:01.0417 1704 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
20:01:01.0417 1704 Power - ok
20:01:01.0448 1704 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:01:01.0760 1704 PptpMiniport - ok
20:01:01.0823 1704 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
20:01:02.0228 1704 Processor - ok
20:01:02.0291 1704 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
20:01:02.0306 1704 ProfSvc - ok
20:01:02.0306 1704 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:01:02.0322 1704 ProtectedStorage - ok
20:01:02.0353 1704 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:01:02.0743 1704 Psched - ok
20:01:02.0837 1704 [ 0B6DEA0A1662CAB8F2BF339DC0752EF4 ] PSI_SVC_2 c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
20:01:02.0837 1704 PSI_SVC_2 - ok
20:01:02.0915 1704 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
20:01:03.0227 1704 ql2300 - ok
20:01:03.0258 1704 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
20:01:03.0664 1704 ql40xx - ok
20:01:03.0695 1704 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
20:01:04.0085 1704 QWAVE - ok
20:01:04.0147 1704 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:01:04.0553 1704 QWAVEdrv - ok
20:01:04.0615 1704 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:01:14.0958 1704 RasAcd - ok
20:01:15.0005 1704 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:01:15.0473 1704 RasAgileVpn - ok
20:01:15.0488 1704 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
20:01:15.0488 1704 RasAuto - ok
20:01:15.0520 1704 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:01:23.0975 1704 Rasl2tp - ok
20:01:24.0006 1704 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
20:01:24.0412 1704 RasMan - ok
20:01:24.0459 1704 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:01:24.0942 1704 RasPppoe - ok
20:01:24.0973 1704 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:01:25.0410 1704 RasSstp - ok
20:01:25.0426 1704 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:01:25.0894 1704 rdbss - ok
20:01:25.0909 1704 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:01:36.0205 1704 rdpbus - ok
20:01:36.0268 1704 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:01:36.0705 1704 RDPCDD - ok
20:01:36.0767 1704 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
20:01:47.0391 1704 RDPDR - ok
20:01:47.0406 1704 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:01:47.0406 1704 RDPENCDD - ok
20:01:47.0406 1704 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:01:47.0890 1704 RDPREFMP - ok
20:01:47.0937 1704 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:01:58.0545 1704 RdpVideoMiniport - ok
20:01:58.0591 1704 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:02:08.0716 1704 RDPWD - ok
20:02:08.0747 1704 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:02:08.0763 1704 rdyboost - ok
20:02:08.0809 1704 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:02:08.0825 1704 RemoteAccess - ok
20:02:08.0841 1704 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:02:08.0856 1704 RemoteRegistry - ok
20:02:08.0872 1704 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:02:08.0872 1704 RpcEptMapper - ok
20:02:08.0903 1704 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
20:02:08.0903 1704 RpcLocator - ok
20:02:08.0950 1704 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
20:02:08.0950 1704 RpcSs - ok
20:02:08.0981 1704 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:02:18.0840 1704 rspndr - ok
20:02:18.0903 1704 [ 333224D4D25F9BCCA488E08345083E1C ] RTL8187 C:\Windows\system32\DRIVERS\rtl8187.sys
20:02:47.0076 1704 RTL8187 - ok
20:02:47.0139 1704 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
20:02:51.0460 1704 s3cap - ok
20:02:51.0475 1704 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
20:02:51.0475 1704 SamSs - ok
20:02:51.0600 1704 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
20:02:52.0006 1704 SASDIFSV - ok
20:02:52.0021 1704 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
20:03:02.0411 1704 SASKUTIL - ok
20:03:02.0583 1704 [ BCE943896289A91AD75CC5652620B1C6 ] SBAMSvc C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
20:03:02.0614 1704 SBAMSvc - ok
20:03:02.0629 1704 [ 6E342316E72F4B6FA39C99E06373A1A3 ] sbapifs C:\Windows\system32\DRIVERS\sbapifs.sys
20:03:12.0598 1704 sbapifs - ok
20:03:12.0629 1704 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:03:13.0066 1704 sbp2port - ok
20:03:13.0123 1704 [ 9ACEB2A2362FC87A3825963E61BA9076 ] SBRE C:\Windows\system32\drivers\SBREdrv.sys
20:03:13.0597 1704 SBRE - ok
20:03:13.0862 1704 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
20:03:13.0862 1704 SBSDWSCService - ok
20:03:13.0893 1704 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:03:14.0174 1704 SCardSvr - ok
20:03:14.0221 1704 [ 6CE6F98EA3D07A9C2CE3CD0A5A86352D ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
20:03:25.0594 1704 SCDEmu - ok
20:03:25.0640 1704 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:03:35.0890 1704 scfilter - ok
20:03:35.0952 1704 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
20:03:35.0968 1704 Schedule - ok
20:03:36.0046 1704 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:03:36.0046 1704 SCPolicySvc - ok
20:03:36.0077 1704 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:03:36.0077 1704 SDRSVC - ok
20:03:36.0108 1704 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:03:36.0498 1704 secdrv - ok
20:03:36.0529 1704 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
20:03:36.0529 1704 seclogon - ok
20:03:36.0560 1704 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
20:03:36.0560 1704 SENS - ok
20:03:36.0576 1704 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:03:36.0576 1704 SensrSvc - ok
20:03:36.0592 1704 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:03:36.0997 1704 Serenum - ok
20:03:37.0013 1704 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:03:37.0481 1704 Serial - ok
20:03:37.0496 1704 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
20:03:37.0994 1704 sermouse - ok
20:03:38.0034 1704 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
20:03:38.0034 1704 SessionEnv - ok
20:03:38.0064 1704 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:03:38.0484 1704 sffdisk - ok
20:03:38.0504 1704 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:03:38.0989 1704 sffp_mmc - ok
20:03:39.0004 1704 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:03:39.0534 1704 sffp_sd - ok
20:03:39.0574 1704 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
20:03:49.0959 1704 sfloppy - ok
20:03:50.0034 1704 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:03:50.0034 1704 SharedAccess - ok
20:03:50.0084 1704 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:03:50.0089 1704 ShellHWDetection - ok
20:03:50.0119 1704 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:03:50.0554 1704 SiSRaid2 - ok
20:03:50.0599 1704 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
20:03:51.0109 1704 SiSRaid4 - ok
20:03:51.0134 1704 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:04:02.0439 1704 Smb - ok
20:04:02.0489 1704 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:04:02.0489 1704 SNMPTRAP - ok
20:04:02.0554 1704 SNP2UVC - ok
20:04:02.0579 1704 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
20:04:02.0599 1704 spldr - ok
20:04:02.0639 1704 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
20:04:02.0644 1704 Spooler - ok
20:04:02.0744 1704 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
20:04:02.0764 1704 sppsvc - ok
20:04:02.0834 1704 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:04:02.0839 1704 sppuinotify - ok
20:04:02.0874 1704 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
20:04:03.0014 1704 srv - ok
20:04:03.0039 1704 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:04:03.0049 1704 srv2 - ok
20:04:03.0059 1704 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:04:03.0084 1704 srvnet - ok
20:04:03.0129 1704 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:04:03.0134 1704 SSDPSRV - ok
20:04:03.0149 1704 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:04:03.0154 1704 SstpSvc - ok
20:04:03.0189 1704 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
20:04:03.0549 1704 stexstor - ok
20:04:03.0629 1704 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
20:04:04.0034 1704 stisvc - ok
20:04:04.0094 1704 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
20:04:04.0594 1704 storflt - ok
20:04:04.0619 1704 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
20:04:05.0114 1704 storvsc - ok
20:04:05.0129 1704 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
20:04:05.0619 1704 swenum - ok
20:04:05.0659 1704 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
20:04:05.0664 1704 swprv - ok
20:04:05.0684 1704 Synth3dVsc - ok
20:04:05.0719 1704 [ ED6D1424E5B0C21A57B28DD8508D6843 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
20:04:15.0914 1704 SynTP - ok
20:04:16.0044 1704 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
20:04:16.0059 1704 SysMain - ok
20:04:16.0104 1704 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:04:16.0109 1704 TabletInputService - ok
20:04:16.0144 1704 [ F0B9D3ED88E56D3CD713DFF21E42AAF0 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
20:04:16.0552 1704 tap0901 - ok
20:04:16.0592 1704 [ F33FDC72298DF4BF9813A55D21F4EB31 ] taphss C:\Windows\system32\DRIVERS\taphss.sys
20:04:17.0642 1704 taphss - ok
20:04:17.0702 1704 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:04:17.0707 1704 TapiSrv - ok
20:04:17.0742 1704 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
20:04:17.0747 1704 TBS - ok
20:04:17.0812 1704 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:04:18.0307 1704 Tcpip - ok
20:04:18.0372 1704 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:04:18.0382 1704 TCPIP6 - ok
20:04:18.0417 1704 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:04:18.0692 1704 tcpipreg - ok
20:04:18.0727 1704 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:04:28.0922 1704 TDPIPE - ok
20:04:28.0952 1704 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:04:39.0968 1704 TDTCP - ok
20:04:39.0998 1704 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:04:50.0963 1704 tdx - ok
20:04:51.0003 1704 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:04:51.0628 1704 TermDD - ok
20:04:51.0698 1704 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
20:04:51.0708 1704 TermService - ok
20:04:51.0738 1704 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
20:04:51.0738 1704 Themes - ok
20:04:51.0773 1704 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
20:04:51.0778 1704 THREADORDER - ok
20:04:51.0803 1704 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
20:04:52.0153 1704 TrkWks - ok
20:04:52.0193 1704 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:04:52.0698 1704 TrustedInstaller - ok
20:04:52.0758 1704 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:05:02.0938 1704 tssecsrv - ok
20:05:03.0038 1704 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:05:13.0967 1704 TsUsbFlt - ok
20:05:13.0967 1704 tsusbhub - ok
20:05:14.0022 1704 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:05:14.0547 1704 tunnel - ok
20:05:14.0577 1704 [ 825E7A1F48FB8BCFBA27C178AAB4E275 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
20:05:25.0565 1704 TurboB - ok
20:05:25.0630 1704 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
20:05:26.0145 1704 uagp35 - ok
20:05:26.0175 1704 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:05:37.0002 1704 udfs - ok
20:05:37.0042 1704 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:05:37.0047 1704 UI0Detect - ok
20:05:37.0117 1704 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:05:37.0559 1704 uliagpkx - ok
20:05:37.0639 1704 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
20:05:38.0229 1704 umbus - ok
20:05:38.0259 1704 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
20:05:38.0764 1704 UmPass - ok
20:05:38.0829 1704 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
20:05:38.0834 1704 UmRdpService - ok
20:05:38.0974 1704 [ 0768AC6BDC292AA4EB35710FB29BB106 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
20:05:38.0989 1704 UNS - ok
20:05:39.0024 1704 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
20:05:39.0349 1704 upnphost - ok
20:05:39.0414 1704 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
20:05:40.0044 1704 usbaudio - ok
20:05:40.0094 1704 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:05:48.0629 1704 usbccgp - ok
20:05:48.0674 1704 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:05:49.0209 1704 usbcir - ok
20:05:49.0244 1704 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
20:05:49.0769 1704 usbehci - ok
20:05:49.0809 1704 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:05:50.0385 1704 usbhub - ok
20:05:50.0411 1704 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:05:50.0951 1704 usbohci - ok
20:05:50.0996 1704 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:06:00.0936 1704 usbprint - ok
20:06:00.0966 1704 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:06:01.0526 1704 USBSTOR - ok
20:06:01.0601 1704 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:06:02.0141 1704 usbuhci - ok
20:06:02.0201 1704 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
20:06:12.0986 1704 usbvideo - ok
20:06:13.0026 1704 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
20:06:13.0546 1704 UxSms - ok
20:06:13.0596 1704 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
20:06:13.0601 1704 VaultSvc - ok
20:06:13.0631 1704 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:06:13.0631 1704 vdrvroot - ok
20:06:13.0666 1704 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
20:06:13.0671 1704 vds - ok
20:06:13.0706 1704 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:06:23.0971 1704 vga - ok
20:06:23.0991 1704 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
20:06:24.0591 1704 VgaSave - ok
20:06:24.0596 1704 VGPU - ok
20:06:24.0631 1704 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:06:25.0196 1704 vhdmp - ok
20:06:25.0231 1704 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
20:06:25.0756 1704 viaide - ok
20:06:25.0801 1704 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
20:06:26.0381 1704 vmbus - ok
20:06:26.0416 1704 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
20:06:26.0916 1704 VMBusHID - ok
20:06:26.0966 1704 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:06:27.0516 1704 volmgr - ok
20:06:27.0596 1704 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:06:28.0161 1704 volmgrx - ok
20:06:28.0191 1704 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:06:28.0216 1704 volsnap - ok
20:06:28.0261 1704 [ B4A73CA4EF9A02B9738CEA9AD5FE5917 ] vpcbus C:\Windows\system32\DRIVERS\vpchbus.sys
20:06:38.0977 1704 vpcbus - ok
20:06:39.0032 1704 [ E675FB2B48C54F09895482E2253B289C ] vpcnfltr C:\Windows\system32\DRIVERS\vpcnfltr.sys
20:06:49.0982 1704 vpcnfltr - ok
20:06:50.0027 1704 [ 5FB42082B0D19A0268705F1DD343DF20 ] vpcusb C:\Windows\system32\DRIVERS\vpcusb.sys
20:06:58.0672 1704 vpcusb - ok
20:06:58.0717 1704 [ 63F4E10873BEB4124028C6D1A66B0968 ] vpcuxd C:\Windows\system32\DRIVERS\vpcuxd.sys
20:07:08.0932 1704 vpcuxd - ok
20:07:09.0017 1704 [ 207B6539799CC1C112661A9B620DD233 ] vpcvmm C:\Windows\system32\drivers\vpcvmm.sys
20:07:09.0047 1704 vpcvmm - ok
20:07:09.0092 1704 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
20:07:09.0742 1704 vsmraid - ok
20:07:09.0807 1704 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
20:07:09.0817 1704 VSS - ok
20:07:09.0832 1704 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:07:19.0972 1704 vwifibus - ok
20:07:19.0992 1704 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:07:30.0942 1704 vwififlt - ok
20:07:31.0052 1704 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
20:07:31.0637 1704 vwifimp - ok
20:07:31.0782 1704 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
20:07:31.0792 1704 W32Time - ok
20:07:31.0832 1704 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
20:07:32.0502 1704 WacomPen - ok
20:07:32.0582 1704 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:07:42.0972 1704 WANARP - ok
20:07:42.0997 1704 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:07:43.0567 1704 Wanarpv6 - ok
20:07:43.0657 1704 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:07:43.0667 1704 WatAdminSvc - ok
20:07:43.0737 1704 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
20:07:43.0747 1704 wbengine - ok
20:07:43.0787 1704 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:07:43.0792 1704 WbioSrvc - ok
20:07:43.0867 1704 [ 3A2D452C40162823B79867040B46D4A8 ] WCMVCAM C:\Windows\system32\DRIVERS\wcmvcam64.sys
20:07:44.0272 1704 WCMVCAM - ok
20:07:44.0307 1704 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:07:44.0312 1704 wcncsvc - ok
20:07:44.0337 1704 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:07:44.0337 1704 WcsPlugInService - ok
20:07:44.0367 1704 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
20:07:44.0832 1704 Wd - ok
20:07:44.0867 1704 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
20:07:55.0367 1704 WDC_SAM - ok
20:07:55.0442 1704 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:07:56.0047 1704 Wdf01000 - ok
20:07:56.0072 1704 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:07:56.0072 1704 WdiServiceHost - ok
20:07:56.0082 1704 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:07:56.0082 1704 WdiSystemHost - ok
20:07:56.0137 1704 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
20:07:56.0137 1704 WebClient - ok
20:07:56.0157 1704 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:07:56.0162 1704 Wecsvc - ok
20:07:56.0177 1704 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:07:56.0182 1704 wercplsupport - ok
20:07:56.0197 1704 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
20:07:56.0202 1704 WerSvc - ok
20:07:56.0247 1704 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:08:06.0972 1704 WfpLwf - ok
20:08:07.0012 1704 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:08:17.0982 1704 WIMMount - ok
20:08:18.0012 1704 WinDefend - ok
20:08:18.0022 1704 WinHttpAutoProxySvc - ok
20:08:18.0087 1704 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:08:18.0087 1704 Winmgmt - ok
20:08:18.0172 1704 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
20:08:18.0197 1704 WinRM - ok
20:08:18.0247 1704 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:08:26.0937 1704 WinUsb - ok
20:08:27.0002 1704 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
20:08:27.0012 1704 Wlansvc - ok
20:08:27.0037 1704 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:08:27.0552 1704 WmiAcpi - ok
20:08:27.0617 1704 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:08:27.0617 1704 wmiApSrv - ok
20:08:27.0652 1704 WMPNetworkSvc - ok
20:08:27.0662 1704 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:08:27.0667 1704 WPCSvc - ok
20:08:27.0692 1704 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:08:27.0697 1704 WPDBusEnum - ok
20:08:27.0722 1704 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:08:28.0182 1704 ws2ifsl - ok
20:08:28.0252 1704 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
20:08:28.0257 1704 wscsvc - ok
20:08:28.0272 1704 WSearch - ok
20:08:28.0372 1704 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
20:08:28.0392 1704 wuauserv - ok
20:08:28.0487 1704 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:08:38.0937 1704 WudfPf - ok
20:08:39.0027 1704 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:08:39.0722 1704 WUDFRd - ok
20:08:39.0747 1704 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:08:39.0752 1704 wudfsvc - ok
20:08:39.0772 1704 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
20:08:39.0777 1704 WwanSvc - ok
20:08:39.0822 1704 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
20:08:50.0177 1704 xusb21 - ok
20:08:50.0237 1704 ================ Scan global ===============================
20:08:50.0272 1704 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
20:08:50.0822 1704 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
20:08:50.0842 1704 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
20:08:50.0877 1704 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
20:08:51.0452 1704 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
20:08:51.0452 1704 [Global] - ok
20:08:51.0457 1704 ================ Scan MBR ==================================
20:08:51.0467 1704 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:08:51.0772 1704 \Device\Harddisk0\DR0 - ok
20:08:51.0772 1704 ================ Scan VBR ==================================
20:08:51.0777 1704 [ 1B3ADD0E34A3DFC14D7DD22881171776 ] \Device\Harddisk0\DR0\Partition1
20:08:51.0782 1704 \Device\Harddisk0\DR0\Partition1 - ok
20:08:51.0782 1704 ============================================================
20:08:51.0782 1704 Scan finished
20:08:51.0782 1704 ============================================================
20:08:51.0797 3260 Detected object count: 0
20:08:51.0797 3260 Actual detected object count: 0
20:13:45.0265 4072 Deinitialize success


# AdwCleaner v2.105 - Logfile created 01/12/2013 at 20:17:22
# Updated 08/01/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : me - ME-PC
# Boot Mode : Normal
# Running from : C:\Users\me\Desktop\AdwCleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Uninstall.exe
File Found : C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\nuw83slz.default\searchplugins\Conduit.xml
Folder Found : C:\Program Files (x86)\1ClickDownload
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\Mozilla Firefox\Extensions\afurladvisor@anchorfree.com
Folder Found : C:\ProgramData\InstallMate
Folder Found : C:\ProgramData\Premium
Folder Found : C:\Users\me\AppData\Local\~0
Folder Found : C:\Users\me\AppData\Local\Conduit
Folder Found : C:\Users\me\AppData\LocalLow\Conduit
Folder Found : C:\Users\me\AppData\LocalLow\PriceGong
Folder Found : C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\nuw83slz.default\ConduitCommon
Folder Found : C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\nuw83slz.default\CT2549263
Folder Found : C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\nuw83slz.default\extensions\{a060276a-53be-45ec-8ebe-b94b1e803179}
Folder Found : C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\nuw83slz.default\extensions\OneClickDownload@OneClickDownload.com

***** [Registry] *****

Key Found : HKCU\Software\1ClickDownload
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\PIP
Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\AppID\{7E8A36EA-2501-4ED3-A3C8-CFA9143FB169}
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\AppID\Toolbar.DLL
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\Iminent
Key Found : HKLM\Software\PIP
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16448

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0 (en-US)

File : C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\prefs.js

Found : user_pref("extensions.crossriderapp435.bic", "135abf9eca18753e5d03822b7b850ea7");
Found : user_pref("extensions.crossriderapp435.firstrun", false);
Found : user_pref("extensions.crossriderapp435.installationdate", 1330030177);
Found : user_pref("extensions.crossriderapp435.jsver", 3);
Found : user_pref("extensions.crossriderapp435.lastcheck", 22311643);
Found : user_pref("extensions.crossriderapp435.lastcheckitem", 22311650);
Found : user_pref("extensions.crossriderapp435.misc.lastBgWorkerTimer", "1338698927610");
Found : user_pref("extensions.crossriderapp435.misc.lastDomWorkerTimer", "1338698927605");

File : C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\nuw83slz.default\prefs.js

Found : user_pref("CT2549263..clientLogIsEnabled", false);
Found : user_pref("CT2549263..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2549263..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2549263.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT2549263.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2549263.AppTrackingLastCheckTime", "Wed Mar 07 2012 19:25:19 GMT-0700 (Mountain Standar[...]
Found : user_pref("CT2549263.BrowserCompStateIsOpen_129681782619538716", true);
Found : user_pref("CT2549263.BrowserCompStateIsOpen_129738909652389324", true);
Found : user_pref("CT2549263.CTID", "CT2549263");
Found : user_pref("CT2549263.CurrentServerDate", "12-1-2013");
Found : user_pref("CT2549263.DSInstall", true);
Found : user_pref("CT2549263.DialogsAlignMode", "LTR");
Found : user_pref("CT2549263.DialogsGetterLastCheckTime", "Thu Jan 10 2013 18:17:41 GMT-0700 (Mountain Stand[...]
Found : user_pref("CT2549263.DownloadReferralCookieData", "");
Found : user_pref("CT2549263.EMailNotifierPollDate", "Wed Mar 07 2012 19:25:07 GMT-0700 (Mountain Standard T[...]
Found : user_pref("CT2549263.FeedLastCount129118271027024187", 30);
Found : user_pref("CT2549263.FeedPollDate128795077986382124", "Wed Mar 07 2012 19:25:08 GMT-0700 (Mountain S[...]
Found : user_pref("CT2549263.FeedPollDate128795078397943899", "Wed Mar 07 2012 19:25:08 GMT-0700 (Mountain S[...]
Found : user_pref("CT2549263.FeedTTL128795078397943899", 40);
Found : user_pref("CT2549263.FirstServerDate", "8-3-2012");
Found : user_pref("CT2549263.FirstTime", true);
Found : user_pref("CT2549263.FirstTimeFF3", true);
Found : user_pref("CT2549263.FixPageNotFoundErrors", true);
Found : user_pref("CT2549263.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2549263.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2549263.HPInstall", true);
Found : user_pref("CT2549263.HasUserGlobalKeys", true);
Found : user_pref("CT2549263.HomePageProtectorEnabled", true);
Found : user_pref("CT2549263.HomepageBeforeUnload", "hxxp://search.conduit.com/?ctid=CT2549263&SearchSource=[...]
Found : user_pref("CT2549263.Initialize", true);
Found : user_pref("CT2549263.InitializeCommonPrefs", true);
Found : user_pref("CT2549263.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2549263.InstallationId", "ConduitStubGeneric");
Found : user_pref("CT2549263.InstallationType", "ConduitStubIntegration");
Found : user_pref("CT2549263.InstalledDate", "Wed Mar 07 2012 19:25:07 GMT-0700 (Mountain Standard Time)");
Found : user_pref("CT2549263.InvalidateCache", false);
Found : user_pref("CT2549263.IsGrouping", false);
Found : user_pref("CT2549263.IsInitSetupIni", true);
Found : user_pref("CT2549263.IsMulticommunity", false);
Found : user_pref("CT2549263.IsOpenThankYouPage", false);
Found : user_pref("CT2549263.IsOpenUninstallPage", true);
Found : user_pref("CT2549263.IsProtectorsInit", true);
Found : user_pref("CT2549263.LanguagePackLastCheckTime", "Thu Jan 10 2013 18:17:41 GMT-0700 (Mountain Standa[...]
Found : user_pref("CT2549263.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2549263.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2549263.LastLogin_3.12.2.3", "Sun Jun 03 2012 23:32:44 GMT-0600 (Mountain Daylight Time[...]
Found : user_pref("CT2549263.LastLogin_3.13.0.6", "Wed Jul 18 2012 12:23:02 GMT-0600 (Mountain Daylight Time[...]
Found : user_pref("CT2549263.LastLogin_3.14.1.0", "Wed Aug 22 2012 08:38:29 GMT-0600 (Mountain Daylight Time[...]
Found : user_pref("CT2549263.LastLogin_3.15.1.0", "Sat Jan 12 2013 12:37:36 GMT-0700 (Mountain Standard Time[...]
Found : user_pref("CT2549263.LastLogin_3.9.0.3", "Wed Mar 07 2012 19:25:08 GMT-0700 (Mountain Standard Time)[...]
Found : user_pref("CT2549263.LatestVersion", "3.16.0.3");
Found : user_pref("CT2549263.Locale", "en-us");
Found : user_pref("CT2549263.MCDetectTooltipHeight", "83");
Found : user_pref("CT2549263.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2549263.MCDetectTooltipWidth", "295");
Found : user_pref("CT2549263.MyStuffEnabledAtInstallation", true);
Found : user_pref("CT2549263.OriginalFirstVersion", "3.9.0.3");
Found : user_pref("CT2549263.RadioIsPodcast", false);
Found : user_pref("CT2549263.RadioLastCheckTime", "Wed Mar 07 2012 19:25:07 GMT-0700 (Mountain Standard Time[...]
Found : user_pref("CT2549263.RadioLastUpdateIPServer", "3");
Found : user_pref("CT2549263.RadioLastUpdateServer", "129118362079830000");
Found : user_pref("CT2549263.RadioMediaID", "20117398");
Found : user_pref("CT2549263.RadioMediaType", "Media Player");
Found : user_pref("CT2549263.RadioMenuSelectedID", "EBRadioMenu_CT254926320117398");
Found : user_pref("CT2549263.RadioShrinkedFromSetup", false);
Found : user_pref("CT2549263.RadioStationName", "Radio%20Hip-Hop%2FRap(USA)");
Found : user_pref("CT2549263.RadioStationURL", "hxxp://206.51.233.231/007HipHop");
Found : user_pref("CT2549263.SavedHomepage", "resource:/browserconfig.properties");
Found : user_pref("CT2549263.SearchCaption", "Expat Shield Customized Web Search");
Found : user_pref("CT2549263.SearchEngineBeforeUnload", "Expat Shield Customized Web Search");
Found : user_pref("CT2549263.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2549263.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT254[...]
Found : user_pref("CT2549263.SearchInNewTabEnabled", true);
Found : user_pref("CT2549263.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2549263.SearchInNewTabLastCheckTime", "Fri Jan 11 2013 18:18:03 GMT-0700 (Mountain Stan[...]
Found : user_pref("CT2549263.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2549263.SearchProtectorEnabled", true);
Found : user_pref("CT2549263.SearchProtectorToolbarDisabled", false);
Found : user_pref("CT2549263.SendProtectorDataViaLogin", true);
Found : user_pref("CT2549263.ServiceMapLastCheckTime", "Thu Jan 10 2013 18:17:40 GMT-0700 (Mountain Standard[...]
Found : user_pref("CT2549263.SettingsLastCheckTime", "Thu Jan 10 2013 23:59:02 GMT-0700 (Mountain Standard T[...]
Found : user_pref("CT2549263.SettingsLastUpdate", "1357833775");
Found : user_pref("CT2549263.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2549263&SearchSource=13");
Found : user_pref("CT2549263.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2549263.ThirdPartyComponentsLastCheck", "Wed Mar 07 2012 19:25:05 GMT-0700 (Mountain St[...]
Found : user_pref("CT2549263.ThirdPartyComponentsLastUpdate", "1312887586");
Found : user_pref("CT2549263.ToolbarShrinkedFromSetup", false);
Found : user_pref("CT2549263.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2549263");
Found : user_pref("CT2549263.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT2549263.UserID", "UN37420869029102766");
Found : user_pref("CT2549263.alertChannelId", "942243");
Found : user_pref("CT2549263.backendstorage.cbfirsttime", "576564204D617220303720323031322031393A32353A31312[...]
Found : user_pref("CT2549263.backendstorage.shoppingapp.gk.exipres", "4D6F6E204D617220313220323031322031393A[...]
Found : user_pref("CT2549263.backendstorage.shoppingapp.gk.geolocation", "756E6974656420737461746573");
Found : user_pref("CT2549263.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT2549263.globalFirstTimeInfoLastCheckTime", "Wed Mar 07 2012 19:25:07 GMT-0700 (Mountain[...]
Found : user_pref("CT2549263.homepageProtectorEnableByLogin", true);
Found : user_pref("CT2549263.initDone", true);
Found : user_pref("CT2549263.isAppTrackingManagerOn", true);
Found : user_pref("CT2549263.isFirstRadioInstallation", false);
Found : user_pref("CT2549263.myStuffEnabled", true);
Found : user_pref("CT2549263.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2549263.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2549263.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2549263.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2549263.revertSettingsEnabled", false);
Found : user_pref("CT2549263.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT2549263.searchProtectorEnableByLogin", true);
Found : user_pref("CT2549263.testingCtid", "");
Found : user_pref("CT2549263.toolbarAppMetaDataLastCheckTime", "Fri Jan 11 2013 18:18:03 GMT-0700 (Mountain [...]
Found : user_pref("CT2549263.toolbarContextMenuLastCheckTime", "Wed Mar 07 2012 19:25:08 GMT-0700 (Mountain [...]
Found : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2549263&Search[...]
Found : user_pref("CommunityToolbar.ConduitSearchList", "Expat Shield Customized Web Search");
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2549263/CT2549263[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/942243/938027/US", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2549263", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2549263",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"[...]
Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\me\\AppData\\Roaming\\Mozilla\\Fire[...]
Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.9.0.3");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Found : user_pref("CommunityToolbar.ToolbarsList", "CT2549263");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2549263");
Found : user_pref("CommunityToolbar.ToolbarsList4", "CT2549263");
Found : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Wed Mar 07 2012 19:25:08 GMT-0700 (Mou[...]
Found : user_pref("CommunityToolbar.globalUserId", "cce4afd5-a921-49c7-aec6-02b68088fd95");
Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2549263");
Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Wed Mar 07 2012 19:25:0[...]
Found : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Found : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Wed Mar 07 2012 19:25:16 GMT-070[...]
Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.notifications.locale", "en");
Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Wed Mar 07 2012 19:25:07 GMT-0700 (M[...]
Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.notifications.userId", "5992216c-b839-4ce8-ad74-e7a49dbd75db");
Found : user_pref("CommunityToolbar.originalHomepage", "resource:/browserconfig.properties");
Found : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties[...]
Found : user_pref("browser.search.defaultthis.engineName", "Expat Shield Customized Web Search");
Found : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2549263&Sea[...]
Found : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT2549263&SearchSource=13");
Found : user_pref("extensions.crossriderapp435.435.active", true);
Found : user_pref("extensions.crossriderapp435.435.affid", "0");
Found : user_pref("extensions.crossriderapp435.435.backgroundjs", "\n//------------------ PLUGIN resources_[...]
Found : user_pref("extensions.crossriderapp435.435.backgroundver", 8);
Found : user_pref("extensions.crossriderapp435.435.certdomaininstaller", "");
Found : user_pref("extensions.crossriderapp435.435.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 GM[...]
Found : user_pref("extensions.crossriderapp435.435.cookie._GPL_aoi.value", "%221324797636%22");
Found : user_pref("extensions.crossriderapp435.435.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030 0[...]
Found : user_pref("extensions.crossriderapp435.435.cookie._GPL_parent_zoneid.value", "%2216097%22");
Found : user_pref("extensions.crossriderapp435.435.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:00[...]
Found : user_pref("extensions.crossriderapp435.435.cookie._GPL_zoneid.value", "%2216140%22");
Found : user_pref("extensions.crossriderapp435.435.cookie.__GPL_ID.expiration", "Fri Feb 01 2030 00:00:00 GM[...]
Found : user_pref("extensions.crossriderapp435.435.cookie.__GPL_ID.value", "120");
Found : user_pref("extensions.crossriderapp435.435.cookie.__GPL_custom_zoneid.expiration", "Fri Feb 01 2030 [...]
Found : user_pref("extensions.crossriderapp435.435.cookie.__GPL_custom_zoneid.value", "16075");
Found : user_pref("extensions.crossriderapp435.435.cookie.__GPL_pubid.expiration", "Fri Feb 01 2030 00:00:00[...]
Found : user_pref("extensions.crossriderapp435.435.cookie.__GPL_pubid.value", "%223003%22");
Found : user_pref("extensions.crossriderapp435.435.cookie.previous_page.expiration", "Fri Feb 01 2030 00:00:[...]
Found : user_pref("extensions.crossriderapp435.435.cookie.previous_page.value", "%22hxxp%3A//www.disclose.tv[...]
Found : user_pref("extensions.crossriderapp435.435.description", "Premiumplay Codec check");
Found : user_pref("extensions.crossriderapp435.435.domain", "");
Found : user_pref("extensions.crossriderapp435.435.emailsig", "");
Found : user_pref("extensions.crossriderapp435.435.exposesites", "");
Found : user_pref("extensions.crossriderapp435.435.fbremoteurl", "");
Found : user_pref("extensions.crossriderapp435.435.group", 0);
Found : user_pref("extensions.crossriderapp435.435.homepage", "");
Found : user_pref("extensions.crossriderapp435.435.iframe", false);
Found : user_pref("extensions.crossriderapp435.435.js", "\n//------------------ PLUGIN base_monetization ST[...]
Found : user_pref("extensions.crossriderapp435.435.name", "Codec-V");
Found : user_pref("extensions.crossriderapp435.435.premium", true);
Found : user_pref("extensions.crossriderapp435.435.publisher", "Premiumplay");
Found : user_pref("extensions.crossriderapp435.435.settingsurl", "");
Found : user_pref("extensions.crossriderapp435.435.thankyou", "");
Found : user_pref("extensions.crossriderapp435.435.ver", 68);
Found : user_pref("extensions.crossriderapp435.apps", "435");
Found : user_pref("extensions.crossriderapp435.bic", "1332f80cb1e316828c37b337afff65cb");
Found : user_pref("extensions.crossriderapp435.cid", 435);
Found : user_pref("extensions.crossriderapp435.firstrun", false);
Found : user_pref("extensions.crossriderapp435.hadappinstalled", true);
Found : user_pref("extensions.crossriderapp435.installationdate", 1319351930);
Found : user_pref("extensions.crossriderapp435.jsver", 3);
Found : user_pref("extensions.crossriderapp435.lastcheck", 22631118);
Found : user_pref("extensions.crossriderapp435.lastcheckitem", 22631461);
Found : user_pref("extensions.crossriderapp435.misc.lastBgWorkerTimer", "1358020173540");
Found : user_pref("extensions.crossriderapp435.misc.lastDomWorkerTimer", "1358020173537");
Found : user_pref("extensions.enabledAddons", "pr0n%40wepr0n.com:0.9.3,%7B3DB5ABE1-407D-458F-AD5D-8D89BD625C[...]
Found : user_pref("{5911488E-9D1E-40ec-8CBB-06B231CC153F}.name", "StartNow Toolbar");

-\\ Google Chrome v [Unable to get version]

File : C:\Users\me\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v12.12.1707.0

File : C:\Users\me\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [21336 octets] - [12/01/2013 20:17:22]

########## EOF - C:\AdwCleaner[R1].txt - [21397 octets] ##########

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:53 PM

Posted 13 January 2013 - 12:15 PM

Looks like alot ofRootkit activity. Since the system is fighting removal... lets get a deeper look so we do not lose the machine.

Start a new topic...Please follow this Preparation Guide and post in a new topic.

Let me know if all went well.


Include this link back to here...

http://www.bleepingcomputer.com/forums/topic481419.html/page__pid__2946102#top
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users