Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Paralyzed browsing & internet connection after ad-block alert


  • Please log in to reply
25 replies to this topic

#1 527

527

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:03:14 PM

Posted 05 September 2013 - 10:01 PM

I was redirected to a strange site today and before I could close it out, something happened with my ad-block software. There was some kind of warning about turning the ad-blocker off/on and ever since then browsing has been incredibly slow.

 

My upload speed is also throttled. My connection was great and always fast but now I am struggling to upload 4 small pictures to a website. Browsing is slow and known, trusted websites are not responding.

 

Browser is Firefox with Ad blocker plus, I am worried I got a trojan or virus today. I have also been having some conflicts with Firefox and Flash, lots of crashes, but that was happening for a while before the slow browsing started today.

 

My computer is a Windows 7 laptop. Firefox is updated to latest version. I did the usual stuff, reboot the modem, refresh the wireless connection, restart the computer, run a Trend Micro housecall scan. Nothing helped. Thanks for any help!



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:14 PM

Posted 05 September 2013 - 10:34 PM

Hello 527, I have to leave now but please run these and see how it is.
 
Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
 
 
 
Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
ADW Cleaner

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  • Last run ESET.
    • Hold down Control and click on this link to open ESET OnlineScan in a new window.
    • Click the esetonlinebtn.png button.
    • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png icon on your desktop.
    • Check "YES, I accept the Terms of Use."
    • Click the Start button.
    • Accept any security warnings from your browser.
    • Under scan settings, check "Scan Archives" and "Remove found threats"
    • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
    • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    • When the scan completes, click List Threats
    • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    • Click the Back button.
    • Click the Finish button.
    • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 527

527
  • Topic Starter

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:03:14 PM

Posted 05 September 2013 - 10:56 PM

MiniToolBox by Farbar  Version: 13-07-2013
Ran by admin (administrator) on 05-09-2013 at 23:52:51
Running from "C:\Users\admin\Downloads"
Microsoft Windows 7 Home Premium   (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

Broadcom 43225 802.11b/g/n = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : admin-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Broadcast
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : hsd1.fl.comcast.net.

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : 70-5A-B6-A7-74-66
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : hsd1.fl.comcast.net.
   Description . . . . . . . . . . . : Broadcom 43225 802.11b/g/n
   Physical Address. . . . . . . . . : 78-E4-00-2F-2D-3C
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::3928:aab4:2845:9095%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 10.0.0.3(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, September 05, 2013 4:11:47 PM
   Lease Expires . . . . . . . . . . : Thursday, September 12, 2013 10:34:33 PM
   Default Gateway . . . . . . . . . : 10.0.0.1
   DHCP Server . . . . . . . . . . . : 10.0.0.1
   DHCPv6 IAID . . . . . . . . . . . : 242803712
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-71-EB-D2-78-E4-00-2F-2D-3C
   DNS Servers . . . . . . . . . . . : 75.75.75.75
                                       75.75.76.76
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:30e4:34c4:f5ff:fffc(Preferred)
   Link-local IPv6 Address . . . . . : fe80::30e4:34c4:f5ff:fffc%16(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{F146893B-A317-416D-A6BD-CEFA645C2A4F}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.hsd1.fl.comcast.net.:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : hsd1.fl.comcast.net.
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  cdns01.comcast.net
Address:  75.75.75.75

DNS request timed out.
    timeout was 2 seconds.
Name:    google.com
Addresses:  2607:f8b0:4008:803::1009
      173.194.37.129
      173.194.37.134
      173.194.37.136
      173.194.37.133
      173.194.37.137
      173.194.37.132
      173.194.37.128
      173.194.37.130
      173.194.37.142
      173.194.37.131
      173.194.37.135


Pinging google.com [173.194.46.6] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 173.194.46.6:
    Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),
Server:  cdns01.comcast.net
Address:  75.75.75.75

Name:    yahoo.com
Addresses:  98.139.183.24
      206.190.36.45
      98.138.253.109


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=131ms TTL=47
Reply from 206.190.36.45: bytes=32 time=116ms TTL=47

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 116ms, Maximum = 131ms, Average = 123ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 12...70 5a b6 a7 74 66 ......Realtek PCIe FE Family Controller
 11...78 e4 00 2f 2d 3c ......Broadcom 43225 802.11b/g/n
  1...........................Software Loopback Interface 1
 13...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         10.0.0.1         10.0.0.3     25
         10.0.0.0    255.255.255.0         On-link          10.0.0.3    281
         10.0.0.3  255.255.255.255         On-link          10.0.0.3    281
       10.0.0.255  255.255.255.255         On-link          10.0.0.3    281
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link          10.0.0.3    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link          10.0.0.3    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 16     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 16     58 2001::/32                On-link
 16    306 2001:0:5ef5:79fd:30e4:34c4:f5ff:fffc/128
                                    On-link
 11    281 fe80::/64                On-link
 16    306 fe80::/64                On-link
 16    306 fe80::30e4:34c4:f5ff:fffc/128
                                    On-link
 11    281 fe80::3928:aab4:2845:9095/128
                                    On-link
  1    306 ff00::/8                 On-link
 16    306 ff00::/8                 On-link
 11    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70144] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [193824] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/05/2013 04:14:08 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (09/05/2013 04:13:40 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (09/05/2013 04:11:06 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (09/03/2013 02:58:29 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (09/03/2013 02:58:01 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (09/03/2013 02:55:23 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/30/2013 10:10:44 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (08/30/2013 10:10:19 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (08/30/2013 10:08:29 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/27/2013 03:27:59 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.


System errors:
=============
Error: (09/05/2013 11:02:35 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (09/05/2013 04:19:36 PM) (Source: Service Control Manager) (User: )
Description: Windows Update

Error: (09/05/2013 01:09:44 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (09/05/2013 10:23:36 AM) (Source: Service Control Manager) (User: )
Description: 30000Netman

Error: (09/05/2013 10:23:36 AM) (Source: Service Control Manager) (User: )
Description: 30000EFS

Error: (09/04/2013 04:51:39 AM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (09/03/2013 01:09:48 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (09/02/2013 01:49:24 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (09/01/2013 11:16:57 PM) (Source: Service Control Manager) (User: )
Description: Windows Update

Error: (09/01/2013 11:09:06 PM) (Source: Service Control Manager) (User: )
Description: 30000WD SmartWare Background Service


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2012-11-17 16:45:48.860
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-11-17 16:45:48.833
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


=========================== Installed Programs ============================

 Update for Microsoft Office 2007 (KB2508958)
µTorrent (Version: 2.0.2)
7-Zip 4.65 (x64 edition) (Version: 4.65.00.0)
Acrobat.com (Version: 1.6.65)
ActiveCheck component for HP Active Support Library (Version: 3.0.0.3)
Adobe AIR (Version: 1.5.3.9120)
Adobe Anchor Service CS3 (Version: 1.0)
Adobe Asset Services CS3 (Version: 3)
Adobe Bridge CS3 (Version: 2)
Adobe Bridge Start Meeting (Version: 1.0)
Adobe Camera Raw 4.0 (Version: 4.0)
Adobe CMaps (Version: 1.0)
Adobe Color - Photoshop Specific (Version: 1.0)
Adobe Color Common Settings (Version: 1.0)
Adobe Color EU Extra Settings (Version: 1.0)
Adobe Color JA Extra Settings (Version: 1.0)
Adobe Color NA Recommended Settings (Version: 1.0)
Adobe Community Help (Version: 3.0.0)
Adobe Community Help (Version: 3.0.0.400)
Adobe Default Language CS3 (Version: 1.0)
Adobe Device Central CS3 (Version: 1.0)
Adobe Dreamweaver CS5 (Version: 11.0)
Adobe ExtendScript Toolkit 2 (Version: 2.0)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Fonts All (Version: 1.0)
Adobe Help Viewer CS3 (Version: 1)
Adobe Illustrator CS3 (Version: 13.0)
Adobe Linguistics CS3 (Version: 3.0.0)
Adobe Media Player (Version: 1.8)
Adobe PDF Library Files (Version: 8.0)
Adobe Photoshop CS3 (Version: 10)
Adobe Photoshop CS3 (Version: 10.0)
Adobe Setup (Version: 1.0)
Adobe Shockwave Player (Version: 11.5.1.601)
Adobe Stock Photos CS3 (Version: 1.5)
Adobe Type Support (Version: 1.0)
Adobe Update Manager CS3 (Version: 5.1.0)
Adobe Version Cue CS3 Client (Version: 3)
Adobe WinSoft Linguistics Plugin (Version: 1.0)
Adobe XMP Panels CS3 (Version: 1.0)
Alps Touch Pad Driver
Apple Application Support (Version: 1.5.1)
Apple Mobile Device Support (Version: 3.4.0.25)
Apple Software Update (Version: 2.1.2.120)
Audacity 1.2.6
AVG 2011 (Version: 10.0.1432)
AVG 2011 (Version: 10.0.3222)
Bonjour (Version: 2.0.5.0)
Broadcom 802.11 Wireless LAN Adapter (Version: 5.60.18.41)
CCleaner (Version: 4.00)
CDisplay 1.8
Compatibility Pack for the 2007 Office system (Version: 12.0.6425.1000)
CR2 Converter
CyberLink DVD Suite (Version: 7.0.2216)
Duplicate File Detector v4.8.0 (22-November-2010) (Version: 4.8.0)
DVD Menu Pack for HP MediaSmart Video (Version: 3.1.3224)
DVD Shrink 3.2
DVDFab 7.0.9.3 (08/08/2010)
ENE CIR Receiver Driver (Version: 2.7.4.0)
ESET Online Scanner v3
ESU for Microsoft Windows 7 (Version: 1.0.0)
FileZilla Client 3.6.0.1 (Version: 3.6.0.1)
foobar2000 v1.1.5 (Version: 1.1.5)
Google Chrome (Version: 29.0.1547.66)
Google Earth Plug-in (Version: 7.1.1.1888)
Google Update Helper (Version: 1.3.21.153)
Guitar Pro 5.2
HP 3D DriveGuard (Version: 4.0.3.1)
HP Advisor (Version: 3.3.9512.3162)
HP Customer Experience Enhancements (Version: 6.0.1.3)
HP Games (Version: 1.0.0.71)
HP MediaSmart DVD (Version: 3.1.3509)
HP MediaSmart Internet TV (Version: 3.1.2125)
HP MediaSmart Live TV (Version: 3.1.2206)
HP MediaSmart Music/Photo/Video (Version: 3.1.3405)
HP MediaSmart SlingPlayer (Version: 3.0.1.64)
HP MediaSmart SmartMenu (Version: 3.1.0.1)
HP MediaSmart Software Notebook Demo (Version: 1.00.0000)
HP MediaSmart Webcam (Version: 3.1.2207)
HP MediaSmart/TouchSmart Netflix (Version: 1.0.2.0)
HP Quick Launch Buttons (Version: 6.50.7.1)
HP QuickWeb (Version: 1.1.2.3)
HP Setup (Version: 1.2.3560.3170)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Support Assistant (Version: 4.4.6.3)
HP Update (Version: 5.001.000.014)
HP User Guides 0186 (Version: 1.00.0002)
HP Wireless Assistant (Version: 3.50.9.1)
HPAsset component for HP Active Support Library (Version: 3.0.2.2)
Hulu Desktop (Version: 0.9.10)
iCare Card Recovery Free 2.0
IDT Audio (Version: 1.0.6249.0)
ImgBurn (Version: 2.5.6.0)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.1986)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® Matrix Storage Manager
IrfanView (remove only) (Version: 4.27)
iTunes (Version: 10.2.2.14)
Java™ SE Development Kit 6 Update 15 (64-bit) (Version: 1.6.0.150)
Junk Mail filter update (Version: 14.0.8089.726)
LabelPrint (Version: 2.5.2215)
LightScribe System Software (Version: 1.18.9.1)
Logitech Vid (Version: 1.10.1009)
Logitech Webcam Software (Version: 12.10.1113)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Live Search Toolbar (Version: 3.0.566.0)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6425.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Home and Student 2007 (Version: 12.0.6425.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6425.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6425.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
Microsoft_VC80_CRT_x86 (Version: 1.00.0000)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Movie Theme Pack for HP MediaSmart Video (Version: 3.1.3310)
Mozilla Firefox 23.0.1 (x86 en-US) (Version: 23.0.1)
Mozilla Maintenance Service (Version: 23.0.1)
Mp3tag v2.54 (Version: v2.54)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nitro PDF Professional (Version: 6.0.3.1)
Notepad++ (Version: 5.6.8)
PDF Settings (Version: 1.0)
Power2Go (Version: 6.0.3415)
PowerDirector (Version: 7.0.3420)
QLBCASL (Version: 6.40.17.2)
QuickTime (Version: 7.69.80.9)
RadLight MPC DirectShow Filter (remove only)
Realtek Ethernet Controller Driver For Windows Vista and Later (Version: 1.00.0011)
Realtek USB2.0&PCIE Card Reader (Version: 2009.11.09)
Recovery Manager (Version: 5.5.2214)
Recuva (Version: 1.38)
Revo Uninstaller 1.94 (Version: 1.94)
Safari (Version: 5.33.21.1)
SmartWebPrinting (Version: 140.0.186.000)
SPEEDO Aquabeat Playlist Editor (Version: V1.30)
StreamTorrent 1.0
Trader's Little Helper 2.6.0 (Version: 2.6.0)
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2596560)
Veetle TV 0.9.18 (Version: 0.9.18)
Visual C++ 8.0 Runtime Setup Package (x64) (Version: 9.0.0.623)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
VLC media player 2.0.7 (Version: 2.0.7)
WD SmartWare (Version: 1.2.0.20)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8089.0726)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)

========================= Memory info: ===================================

Percentage of memory in use: 42%
Total physical RAM: 3894.79 MB
Available physical RAM: 2230.05 MB
Total Pagefile: 7787.72 MB
Available Pagefile: 5914.62 MB
Total Virtual: 4095.88 MB
Available Virtual: 3968.86 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:279.03 GB) (Free:3.28 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:18.77 GB) (Free:3.02 GB) NTFS
3 Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
5 Drive i: () (Removable) (Total:0.98 GB) (Free:0.98 GB) FAT

========================= Users: ========================================

User accounts for \\ADMIN-PC

admin                    Administrator            Guest                    


**** End of log ****
 



#4 527

527
  • Topic Starter

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:03:14 PM

Posted 05 September 2013 - 11:02 PM

TDSS no threats found.

 

23:55:52.0531 0x17f4  TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29
23:55:54.0559 0x17f4  ============================================================
23:55:54.0559 0x17f4  Current date / time: 2013/09/05 23:55:54.0559
23:55:54.0559 0x17f4  SystemInfo:
23:55:54.0559 0x17f4  
23:55:54.0559 0x17f4  OS Version: 6.1.7600 ServicePack: 0.0
23:55:54.0559 0x17f4  Product type: Workstation
23:55:54.0559 0x17f4  ComputerName: ADMIN-PC
23:55:54.0559 0x17f4  UserName: admin
23:55:54.0559 0x17f4  Windows directory: C:\Windows
23:55:54.0559 0x17f4  System windows directory: C:\Windows
23:55:54.0559 0x17f4  Running under WOW64
23:55:54.0559 0x17f4  Processor architecture: Intel x64
23:55:54.0559 0x17f4  Number of processors: 4
23:55:54.0559 0x17f4  Page size: 0x1000
23:55:54.0559 0x17f4  Boot type: Normal boot
23:55:54.0559 0x17f4  ============================================================
23:55:55.0183 0x17f4  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:55:55.0183 0x17f4  Drive \Device\Harddisk1\DR1 - Size: 0x3E800000 (0.98 Gb), SectorSize: 0x200, Cylinders: 0x7F, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:55:55.0198 0x17f4  ============================================================
23:55:55.0198 0x17f4  \Device\Harddisk0\DR0:
23:55:55.0198 0x17f4  MBR partitions:
23:55:55.0198 0x17f4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
23:55:55.0198 0x17f4  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x22E0E800
23:55:55.0198 0x17f4  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x22E72800, BlocksNum 0x2588000
23:55:55.0198 0x17f4  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x253FA800, BlocksNum 0x33AB0
23:55:55.0198 0x17f4  \Device\Harddisk1\DR1:
23:55:55.0198 0x17f4  MBR partitions:
23:55:55.0198 0x17f4  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x6, StartLBA 0x3B, BlocksNum 0x1F3F05
23:55:55.0198 0x17f4  ============================================================
23:55:55.0230 0x17f4  C: <-> \Device\Harddisk0\DR0\Partition2
23:55:55.0292 0x17f4  D: <-> \Device\Harddisk0\DR0\Partition3
23:55:55.0308 0x17f4  E: <-> \Device\Harddisk0\DR0\Partition4
23:55:55.0308 0x17f4  ============================================================
23:55:55.0308 0x17f4  Initialize success
23:55:55.0308 0x17f4  ============================================================
23:55:57.0351 0x14c4  ============================================================
23:55:57.0351 0x14c4  Scan started
23:55:57.0351 0x14c4  Mode: Manual;
23:55:57.0351 0x14c4  ============================================================
23:55:58.0225 0x14c4  ================ Scan system memory ========================
23:55:58.0225 0x14c4  System memory - ok
23:55:58.0225 0x14c4  ================ Scan services =============================
23:55:58.0396 0x14c4  [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
23:55:58.0412 0x14c4  1394ohci - ok
23:55:58.0428 0x14c4  [ 1CFFE9C06E66A57DAE1452E449A58240 ] Accelerometer   C:\Windows\system32\DRIVERS\Accelerometer.sys
23:55:58.0443 0x14c4  Accelerometer - ok
23:55:58.0474 0x14c4  [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
23:55:58.0474 0x14c4  ACPI - ok
23:55:58.0490 0x14c4  [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys
23:55:58.0506 0x14c4  AcpiPmi - ok
23:55:58.0693 0x14c4  [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:55:58.0693 0x14c4  AdobeFlashPlayerUpdateSvc - ok
23:55:58.0724 0x14c4  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
23:55:58.0740 0x14c4  adp94xx - ok
23:55:58.0771 0x14c4  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
23:55:58.0771 0x14c4  adpahci - ok
23:55:58.0786 0x14c4  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
23:55:58.0786 0x14c4  adpu320 - ok
23:55:58.0818 0x14c4  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
23:55:58.0818 0x14c4  AeLookupSvc - ok
23:55:58.0896 0x14c4  [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters     C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d15ed671de43d681\AESTSr64.exe
23:55:58.0896 0x14c4  AESTFilters - ok
23:55:58.0974 0x14c4  [ 6EF20DDF3172E97D69F596FB90602F29 ] AFD             C:\Windows\system32\drivers\afd.sys
23:55:58.0974 0x14c4  AFD - ok
23:55:59.0020 0x14c4  [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem  C:\Windows\system32\DRIVERS\agrsm64.sys
23:55:59.0052 0x14c4  AgereSoftModem - ok
23:55:59.0067 0x14c4  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
23:55:59.0067 0x14c4  agp440 - ok
23:55:59.0083 0x14c4  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
23:55:59.0083 0x14c4  ALG - ok
23:55:59.0114 0x14c4  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
23:55:59.0114 0x14c4  aliide - ok
23:55:59.0130 0x14c4  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
23:55:59.0130 0x14c4  amdide - ok
23:55:59.0130 0x14c4  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
23:55:59.0145 0x14c4  AmdK8 - ok
23:55:59.0145 0x14c4  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
23:55:59.0161 0x14c4  AmdPPM - ok
23:55:59.0176 0x14c4  [ 7A4B413614C055935567CF88A9734D38 ] amdsata       



#5 527

527
  • Topic Starter

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:03:14 PM

Posted 05 September 2013 - 11:06 PM

TDSS No threats found

 

23:55:52.0531 0x17f4  TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29
23:55:54.0559 0x17f4  ============================================================
23:55:54.0559 0x17f4  Current date / time: 2013/09/05 23:55:54.0559
23:55:54.0559 0x17f4  SystemInfo:
23:55:54.0559 0x17f4  
23:55:54.0559 0x17f4  OS Version: 6.1.7600 ServicePack: 0.0
23:55:54.0559 0x17f4  Product type: Workstation
23:55:54.0559 0x17f4  ComputerName: ADMIN-PC
23:55:54.0559 0x17f4  UserName: admin
23:55:54.0559 0x17f4  Windows directory: C:\Windows
23:55:54.0559 0x17f4  System windows directory: C:\Windows
23:55:54.0559 0x17f4  Running under WOW64
23:55:54.0559 0x17f4  Processor architecture: Intel x64
23:55:54.0559 0x17f4  Number of processors: 4
23:55:54.0559 0x17f4  Page size: 0x1000
23:55:54.0559 0x17f4  Boot type: Normal boot
23:55:54.0559 0x17f4  ============================================================
23:55:55.0183 0x17f4  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:55:55.0183 0x17f4  Drive \Device\Harddisk1\DR1 - Size: 0x3E800000 (0.98 Gb), SectorSize: 0x200, Cylinders: 0x7F, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:55:55.0198 0x17f4  ============================================================
23:55:55.0198 0x17f4  \Device\Harddisk0\DR0:
23:55:55.0198 0x17f4  MBR partitions:
23:55:55.0198 0x17f4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
23:55:55.0198 0x17f4  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x22E0E800
23:55:55.0198 0x17f4  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x22E72800, BlocksNum 0x2588000
23:55:55.0198 0x17f4  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x253FA800, BlocksNum 0x33AB0
23:55:55.0198 0x17f4  \Device\Harddisk1\DR1:
23:55:55.0198 0x17f4  MBR partitions:
23:55:55.0198 0x17f4  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x6, StartLBA 0x3B, BlocksNum 0x1F3F05
23:55:55.0198 0x17f4  ============================================================
23:55:55.0230 0x17f4  C: <-> \Device\Harddisk0\DR0\Partition2
23:55:55.0292 0x17f4  D: <-> \Device\Harddisk0\DR0\Partition3
23:55:55.0308 0x17f4  E: <-> \Device\Harddisk0\DR0\Partition4
23:55:55.0308 0x17f4  ============================================================
23:55:55.0308 0x17f4  Initialize success
23:55:55.0308 0x17f4  ============================================================
23:55:57.0351 0x14c4  ============================================================
23:55:57.0351 0x14c4  Scan started
23:55:57.0351 0x14c4  Mode: Manual;
23:55:57.0351 0x14c4  ============================================================
23:55:58.0225 0x14c4  ================ Scan system memory ========================
23:55:58.0225 0x14c4  System memory - ok
23:55:58.0225 0x14c4  ================ Scan services =============================
23:55:58.0396 0x14c4  [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
23:55:58.0412 0x14c4  1394ohci - ok
23:55:58.0428 0x14c4  [ 1CFFE9C06E66A57DAE1452E449A58240 ] Accelerometer   C:\Windows\system32\DRIVERS\Accelerometer.sys
23:55:58.0443 0x14c4  Accelerometer - ok
23:55:58.0474 0x14c4  [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
23:55:58.0474 0x14c4  ACPI - ok
23:55:58.0490 0x14c4  [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys
23:55:58.0506 0x14c4  AcpiPmi - ok
23:55:58.0693 0x14c4  [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:55:58.0693 0x14c4  AdobeFlashPlayerUpdateSvc - ok
23:55:58.0724 0x14c4  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
23:55:58.0740 0x14c4  adp94xx - ok
23:55:58.0771 0x14c4  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
23:55:58.0771 0x14c4  adpahci - ok
23:55:58.0786 0x14c4  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
23:55:58.0786 0x14c4  adpu320 - ok
23:55:58.0818 0x14c4  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
23:55:58.0818 0x14c4  AeLookupSvc - ok
23:55:58.0896 0x14c4  [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters     C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d15ed671de43d681\AESTSr64.exe
23:55:58.0896 0x14c4  AESTFilters - ok
23:55:58.0974 0x14c4  [ 6EF20DDF3172E97D69F596FB90602F29 ] AFD             C:\Windows\system32\drivers\afd.sys
23:55:58.0974 0x14c4  AFD - ok
23:55:59.0020 0x14c4  [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem  C:\Windows\system32\DRIVERS\agrsm64.sys
23:55:59.0052 0x14c4  AgereSoftModem - ok
23:55:59.0067 0x14c4  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
23:55:59.0067 0x14c4  agp440 - ok
23:55:59.0083 0x14c4  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
23:55:59.0083 0x14c4  ALG - ok
23:55:59.0114 0x14c4  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
23:55:59.0114 0x14c4  aliide - ok
23:55:59.0130 0x14c4  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
23:55:59.0130 0x14c4  amdide - ok
23:55:59.0130 0x14c4  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
23:55:59.0145 0x14c4  AmdK8 - ok
23:55:59.0145 0x14c4  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
23:55:59.0161 0x14c4  AmdPPM - ok
23:55:59.0176 0x14c4  [ 7A4B413614C055935567CF88A9734D38 ] amdsata         C:\Windows\system32\DRIVERS\amdsata.sys
23:55:59.0176 0x14c4  amdsata - ok
23:55:59.0192 0x14c4  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
23:55:59.0208 0x14c4  amdsbs - ok
23:55:59.0223 0x14c4  [ B4AD0CACBAB298671DD6F6EF7E20679D ] amdxata         C:\Windows\system32\DRIVERS\amdxata.sys
23:55:59.0223 0x14c4  amdxata - ok
23:55:59.0254 0x14c4  [ 05F1A0A81A98CF27E3F028213FB6C36A ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
23:55:59.0254 0x14c4  ApfiltrService - ok
23:55:59.0286 0x14c4  [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID           C:\Windows\system32\drivers\appid.sys
23:55:59.0286 0x14c4  AppID - ok
23:55:59.0301 0x14c4  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
23:55:59.0301 0x14c4  AppIDSvc - ok
23:55:59.0317 0x14c4  [ D065BE66822847B7F127D1F90158376E ] Appinfo         C:\Windows\System32\appinfo.dll
23:55:59.0317 0x14c4  Appinfo - ok
23:55:59.0473 0x14c4  [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:55:59.0473 0x14c4  Apple Mobile Device - ok
23:55:59.0504 0x14c4  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
23:55:59.0504 0x14c4  arc - ok
23:55:59.0535 0x14c4  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
23:55:59.0535 0x14c4  arcsas - ok
23:55:59.0566 0x14c4  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
23:55:59.0566 0x14c4  AsyncMac - ok
23:55:59.0598 0x14c4  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
23:55:59.0598 0x14c4  atapi - ok
23:55:59.0644 0x14c4  [ E857EEE6B92AAA473EBB3465ADD8F7E7 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
23:55:59.0676 0x14c4  athr - ok
23:55:59.0722 0x14c4  [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:55:59.0738 0x14c4  AudioEndpointBuilder - ok
23:55:59.0769 0x14c4  [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv        C:\Windows\System32\Audiosrv.dll
23:55:59.0769 0x14c4  AudioSrv - ok
23:55:59.0972 0x14c4  [ D45B7995761253A92AB071D576114F28 ] AVG Security Toolbar Service C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe
23:55:59.0972 0x14c4  AVG Security Toolbar Service - ok
23:56:00.0206 0x14c4  [ 7A0F6A3E0E41425B9BA54616B482668A ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
23:56:00.0253 0x14c4  AVGIDSAgent - ok
23:56:00.0346 0x14c4  [ E6671E90D38C88764412E07C9D9B3D63 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
23:56:00.0346 0x14c4  AVGIDSDriver - ok
23:56:00.0424 0x14c4  [ 1553B388E0F0462C25AD8F30C3C29E83 ] AVGIDSEH        C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
23:56:00.0424 0x14c4  AVGIDSEH - ok
23:56:00.0487 0x14c4  [ DCA426A66739E75F51A72160DFB945AD ] AVGIDSFilter    C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
23:56:00.0487 0x14c4  AVGIDSFilter - ok
23:56:00.0580 0x14c4  [ 5D9D7009EDA9338F286730390DBEB5B6 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
23:56:00.0596 0x14c4  Avgldx64 - ok
23:56:00.0612 0x14c4  [ 997D002827D3E3DCBBB25BF46DB161AB ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
23:56:00.0612 0x14c4  Avgmfx64 - ok
23:56:00.0643 0x14c4  [ BCCFE3374C887075CDE2AC8FDB1CB2F8 ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
23:56:00.0643 0x14c4  Avgrkx64 - ok
23:56:00.0721 0x14c4  [ 371428CF0F71934CB0F2344823ADFA32 ] avgtp           C:\Windows\system32\drivers\avgtpx64.sys
23:56:00.0736 0x14c4  avgtp - ok
23:56:00.0799 0x14c4  [ FC2BC51120A945F7C70376495E4E7737 ] avgwd           C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
23:56:00.0799 0x14c4  avgwd - ok
23:56:00.0846 0x14c4  [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
23:56:00.0846 0x14c4  AxInstSV - ok
23:56:00.0877 0x14c4  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
23:56:00.0892 0x14c4  b06bdrv - ok
23:56:00.0924 0x14c4  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
23:56:00.0939 0x14c4  b57nd60a - ok
23:56:01.0017 0x14c4  [ 7B6EAAA086DDE01D4C7FF215720987C6 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
23:56:01.0095 0x14c4  BCM43XX - ok
23:56:01.0126 0x14c4  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
23:56:01.0126 0x14c4  BDESVC - ok
23:56:01.0126 0x14c4  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
23:56:01.0142 0x14c4  Beep - ok
23:56:01.0173 0x14c4  [ 4992C609A6315671463E30F6512BC022 ] BFE             C:\Windows\System32\bfe.dll
23:56:01.0189 0x14c4  BFE - ok
23:56:01.0236 0x14c4  [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS            C:\Windows\system32\qmgr.dll
23:56:01.0267 0x14c4  BITS - ok
23:56:01.0282 0x14c4  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
23:56:01.0282 0x14c4  blbdrive - ok
23:56:01.0407 0x14c4  [ F2060A34C8A75BC24A9222EB4F8C07BD ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
23:56:01.0407 0x14c4  Bonjour Service - ok
23:56:01.0470 0x14c4  [ 19D20159708E152267E53B66677A4995 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
23:56:01.0485 0x14c4  bowser - ok
23:56:01.0532 0x14c4  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:56:01.0532 0x14c4  BrFiltLo - ok
23:56:01.0548 0x14c4  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:56:01.0548 0x14c4  BrFiltUp - ok
23:56:01.0579 0x14c4  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
23:56:01.0579 0x14c4  BridgeMP - ok
23:56:01.0610 0x14c4  [ 94FBC06F294D58D02361918418F996E3 ] Browser         C:\Windows\System32\browser.dll
23:56:01.0610 0x14c4  Browser - ok
23:56:01.0641 0x14c4  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
23:56:01.0641 0x14c4  Brserid - ok
23:56:01.0657 0x14c4  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
23:56:01.0657 0x14c4  BrSerWdm - ok
23:56:01.0672 0x14c4  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
23:56:01.0688 0x14c4  BrUsbMdm - ok
23:56:01.0688 0x14c4  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
23:56:01.0688 0x14c4  BrUsbSer - ok
23:56:01.0704 0x14c4  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
23:56:01.0704 0x14c4  BTHMODEM - ok
23:56:01.0735 0x14c4  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
23:56:01.0735 0x14c4  bthserv - ok
23:56:01.0750 0x14c4  catchme - ok
23:56:01.0766 0x14c4  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
23:56:01.0766 0x14c4  cdfs - ok
23:56:01.0813 0x14c4  [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
23:56:01.0813 0x14c4  cdrom - ok
23:56:01.0844 0x14c4  [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc     C:\Windows\System32\certprop.dll
23:56:01.0844 0x14c4  CertPropSvc - ok
23:56:01.0860 0x14c4  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
23:56:01.0860 0x14c4  circlass - ok
23:56:01.0891 0x14c4  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
23:56:01.0891 0x14c4  CLFS - ok
23:56:01.0953 0x14c4  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:56:01.0953 0x14c4  clr_optimization_v2.0.50727_32 - ok
23:56:02.0016 0x14c4  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:56:02.0016 0x14c4  clr_optimization_v2.0.50727_64 - ok
23:56:02.0125 0x14c4  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:56:02.0140 0x14c4  clr_optimization_v4.0.30319_32 - ok
23:56:02.0172 0x14c4  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:56:02.0187 0x14c4  clr_optimization_v4.0.30319_64 - ok
23:56:02.0203 0x14c4  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
23:56:02.0203 0x14c4  CmBatt - ok
23:56:02.0218 0x14c4  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
23:56:02.0218 0x14c4  cmdide - ok
23:56:02.0250 0x14c4  [ F95FD4CB7DA00BA2A63CE9F6B5C053E1 ] CNG             C:\Windows\system32\Drivers\cng.sys
23:56:02.0265 0x14c4 %



TDSS found no threats

 

23:55:52.0531 0x17f4  TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29
23:55:54.0559 0x17f4  ============================================================
23:55:54.0559 0x17f4  Current date / time: 2013/09/05 23:55:54.0559
23:55:54.0559 0x17f4  SystemInfo:
23:55:54.0559 0x17f4  
23:55:54.0559 0x17f4  OS Version: 6.1.7600 ServicePack: 0.0
23:55:54.0559 0x17f4  Product type: Workstation
23:55:54.0559 0x17f4  ComputerName: ADMIN-PC
23:55:54.0559 0x17f4  UserName: admin
23:55:54.0559 0x17f4  Windows directory: C:\Windows
23:55:54.0559 0x17f4  System windows directory: C:\Windows
23:55:54.0559 0x17f4  Running under WOW64
23:55:54.0559 0x17f4  Processor architecture: Intel x64
23:55:54.0559 0x17f4  Number of processors: 4
23:55:54.0559 0x17f4  Page size: 0x1000
23:55:54.0559 0x17f4  Boot type: Normal boot
23:55:54.0559 0x17f4  ============================================================
23:55:55.0183 0x17f4  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:55:55.0183 0x17f4  Drive \Device\Harddisk1\DR1 - Size: 0x3E800000 (0.98 Gb), SectorSize: 0x200, Cylinders: 0x7F, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:55:55.0198 0x17f4  ============================================================
23:55:55.0198 0x17f4  \Device\Harddisk0\DR0:
23:55:55.0198 0x17f4  MBR partitions:
23:55:55.0198 0x17f4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
23:55:55.0198 0x17f4  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x22E0E800
23:55:55.0198 0x17f4  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x22E72800, BlocksNum 0x2588000
23:55:55.0198 0x17f4  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x253FA800, BlocksNum 0x33AB0
23:55:55.0198 0x17f4  \Device\Harddisk1\DR1:
23:55:55.0198 0x17f4  MBR partitions:
23:55:55.0198 0x17f4  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x6, StartLBA 0x3B, BlocksNum 0x1F3F05
23:55:55.0198 0x17f4  ============================================================
23:55:55.0230 0x17f4  C: <-> \Device\Harddisk0\DR0\Partition2
23:55:55.0292 0x17f4  D: <-> \Device\Harddisk0\DR0\Partition3
23:55:55.0308 0x17f4  E: <-> \Device\Harddisk0\DR0\Partition4
23:55:55.0308 0x17f4  ============================================================
23:55:55.0308 0x17f4  Initialize success
23:55:55.0308 0x17f4  ============================================================
23:55:57.0351 0x14c4  ============================================================
23:55:57.0351 0x14c4  Scan started
23:55:57.0351 0x14c4  Mode: Manual;
23:55:57.0351 0x14c4  ============================================================
23:55:58.0225 0x14c4  ================ Scan system memory ========================
23:55:58.0225 0x14c4  System memory - ok
23:55:58.0225 0x14c4  ================ Scan services =============================
23:55:58.0396 0x14c4  [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
23:55:58.0412 0x14c4  1394ohci - ok
23:55:58.0428 0x14c4  [ 1CFFE9C06E66A57DAE1452E449A58240 ] Accelerometer   C:\Windows\system32\DRIVERS\Accelerometer.sys
23:55:58.0443 0x14c4  Accelerometer - ok
23:55:58.0474 0x14c4  [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
23:55:58.0474 0x14c4  ACPI - ok
23:55:58.0490 0x14c4  [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys
23:55:58.0506 0x14c4  AcpiPmi - ok
23:55:58.0693 0x14c4  [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:55:58.0693 0x14c4  AdobeFlashPlayerUpdateSvc - ok
23:55:58.0724 0x14c4  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
23:55:58.0740 0x14c4  adp94xx - ok
23:55:58.0771 0x14c4  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
23:55:58.0771 0x14c4  adpahci - ok
23:55:58.0786 0x14c4  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
23:55:58.0786 0x14c4  adpu320 - ok
23:55:58.0818 0x14c4  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
23:55:58.0818 0x14c4  AeLookupSvc - ok
23:55:58.0896 0x14c4  [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters     C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d15ed671de43d681\AESTSr64.exe
23:55:58.0896 0x14c4  AESTFilters - ok
23:55:58.0974 0x14c4  [ 6EF20DDF3172E97D69F596FB90602F29 ] AFD             C:\Windows\system32\drivers\afd.sys
23:55:58.0974 0x14c4  AFD - ok
23:55:59.0020 0x14c4  [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem  C:\Windows\system32\DRIVERS\agrsm64.sys
23:55:59.0052 0x14c4  AgereSoftModem - ok
23:55:59.0067 0x14c4  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
23:55:59.0067 0x14c4  agp440 - ok
23:55:59.0083 0x14c4  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
23:55:59.0083 0x14c4  ALG - ok
23:55:59.0114 0x14c4  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
23:55:59.0114 0x14c4  aliide - ok
23:55:59.0130 0x14c4  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
23:55:59.0130 0x14c4  amdide - ok
23:55:59.0130 0x14c4  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
23:55:59.0145 0x14c4  AmdK8 - ok
23:55:59.0145 0x14c4  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
23:55:59.0161 0x14c4  AmdPPM - ok
23:55:59.0176 0x14c4  [ 7A4B413614C055935567CF88A9734D38 ] amdsata         C:\Windows\system32\DRIVERS\amdsata.sys
23:55:59.0176 0x14c4  amdsata - ok
23:55:59.0192 0x14c4  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
23:55:59.0208 0x14c4  amdsbs - ok
23:55:59.0223 0x14c4  [ B4AD0CACBAB298671DD6F6EF7E20679D ] amdxata         C:\Windows\system32\DRIVERS\amdxata.sys
23:55:59.0223 0x14c4  amdxata - ok
23:55:59.0254 0x14c4  [ 05F1A0A81A98CF27E3F028213FB6C36A ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
23:55:59.0254 0x14c4  ApfiltrService - ok
23:55:59.0286 0x14c4  [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID           C:\Windows\system32\drivers\appid.sys
23:55:59.0286 0x14c4  AppID - ok
23:55:59.0301 0x14c4  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
23:55:59.0301 0x14c4  AppIDSvc - ok
23:55:59.0317 0x14c4  [ D065BE66822847B7F127D1F90158376E ] Appinfo         C:\Windows\System32\appinfo.dll
23:55:59.0317 0x14c4  Appinfo - ok
23:55:59.0473 0x14c4  [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:55:59.0473 0x14c4  Apple Mobile Device - ok
23:55:59.0504 0x14c4  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
23:55:59.0504 0x14c4  arc - ok
23:55:59.0535 0x14c4  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
23:55:59.0535 0x14c4  arcsas - ok
23:55:59.0566 0x14c4  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
23:55:59.0566 0x14c4  AsyncMac - ok
23:55:59.0598 0x14c4  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
23:55:59.0598 0x14c4  atapi - ok
23:55:59.0644 0x14c4  [ E857EEE6B92AAA473EBB3465ADD8F7E7 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
23:55:59.0676 0x14c4  athr - ok
23:55:59.0722 0x14c4  [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:55:59.0738 0x14c4  AudioEndpointBuilder - ok
23:55:59.0769 0x14c4  [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv        C:\Windows\System32\Audiosrv.dll
23:55:59.0769 0x14c4  AudioSrv - ok
23:55:59.0972 0x14c4  [ D45B7995761253A92AB071D576114F28 ] AVG Security Toolbar Service C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe
23:55:59.0972 0x14c4  AVG Security Toolbar Service - ok
23:56:00.0206 0x14c4  [ 7A0F6A3E0E41425B9BA54616B482668A ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
23:56:00.0253 0x14c4  AVGIDSAgent - ok
23:56:00.0346 0x14c4  [ E6671E90D38C88764412E07C9D9B3D63 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
23:56:00.0346 0x14c4  AVGIDSDriver - ok
23:56:00.0424 0x14c4  [ 1553B388E0F0462C25AD8F30C3C29E83 ] AVGIDSEH        C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
23:56:00.0424 0x14c4  AVGIDSEH - ok
23:56:00.0487 0x14c4  [ DCA426A66739E75F51A72160DFB945AD ] AVGIDSFilter    C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
23:56:00.0487 0x14c4  AVGIDSFilter - ok
23:56:00.0580 0x14c4  [ 5D9D7009EDA9338F286730390DBEB5B6 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
23:56:00.0596 0x14c4  Avgldx64 - ok
23:56:00.0612 0x14c4  [ 997D002827D3E3DCBBB25BF46DB161AB ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
23:56:00.0612 0x14c4  Avgmfx64 - ok
23:56:00.0643 0x14c4  [ BCCFE3374C887075CDE2AC8FDB1CB2F8 ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
23:56:00.0643 0x14c4  Avgrkx64 - ok
23:56:00.0721 0x14c4  [ 371428CF0F71934CB0F2344823ADFA32 ] avgtp           C:\Windows\system32\drivers\avgtpx64.sys
23:56:00.0736 0x14c4  avgtp - ok
23:56:00.0799 0x14c4  [ FC2BC51120A945F7C70376495E4E7737 ] avgwd           C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
23:56:00.0799 0x14c4  avgwd - ok
23:56:00.0846 0x14c4  [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
23:56:00.0846 0x14c4  AxInstSV - ok
23:56:00.0877 0x14c4  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
23:56:00.0892 0x14c4  b06bdrv - ok
23:56:00.0924 0x14c4  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
23:56:00.0939 0x14c4  b57nd60a - ok
23:56:01.0017 0x14c4  [ 7B6EAAA086DDE01D4C7FF215720987C6 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
23:56:01.0095 0x14c4  BCM43XX - ok
23:56:01.0126 0x14c4  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
23:56:01.0126 0x14c4  BDESVC - ok
23:56:01.0126 0x14c4  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
23:56:01.0142 0x14c4  Beep - ok
23:56:01.0173 0x14c4  [ 4992C609A6315671463E30F6512BC022 ] BFE             C:\Windows\System32\bfe.dll
23:56:01.0189 0x14c4  BFE - ok
23:56:01.0236 0x14c4  [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS            C:\Windows\system32\qmgr.dll
23:56:01.0267 0x14c4  BITS - ok
23:56:01.0282 0x14c4  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
23:56:01.0282 0x14c4  blbdrive - ok
23:56:01.0407 0x14c4  [ F2060A34C8A75BC24A9222EB4F8C07BD ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
23:56:01.0407 0x14c4  Bonjour Service - ok
23:56:01.0470 0x14c4  [ 19D20159708E152267E53B66677A4995 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
23:56:01.0485 0x14c4  bowser - ok
23:56:01.0532 0x14c4  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:56:01.0532 0x14c4  BrFiltLo - ok
23:56:01.0548 0x14c4  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:56:01.0548 0x14c4  BrFiltUp - ok
23:56:01.0579 0x14c4  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
23:56:01.0579 0x14c4  BridgeMP - ok
23:56:01.0610 0x14c4  [ 94FBC06F294D58D02361918418F996E3 ] Browser         C:\Windows\System32\browser.dll
23:56:01.0610 0x14c4  Browser - ok
23:56:01.0641 0x14c4  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
23:56:01.0641 0x14c4  Brserid - ok
23:56:01.0657 0x14c4  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
23:56:01.0657 0x14c4  BrSerWdm - ok
23:56:01.0672 0x14c4  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
23:56:01.0688 0x14c4  BrUsbMdm - ok
23:56:01.0688 0x14c4  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
23:56:01.0688 0x14c4  BrUsbSer - ok
23:56:01.0704 0x14c4  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
23:56:01.0704 0x14c4  BTHMODEM - ok
23:56:01.0735 0x14c4  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
23:56:01.0735 0x14c4  bthserv - ok
23:56:01.0750 0x14c4  catchme - ok
23:56:01.0766 0x14c4  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
23:56:01.0766 0x14c4  cdfs - ok
23:56:01.0813 0x14c4  [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
23:56:01.0813 0x14c4  cdrom - ok
23:56:01.0844 0x14c4  [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc     C:\Windows\System32\certprop.dll
23:56:01.0844 0x14c4  CertPropSvc - ok
23:56:01.0860 0x14c4  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
23:56:01.0860 0x14c4  circlass - ok
23:56:01.0891 0x14c4  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
23:56:01.0891 0x14c4  CLFS - ok
23:56:01.0953 0x14c4  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:56:01.0953 0x14c4  clr_optimization_v2.0.50727_32 - ok
23:56:02.0016 0x14c4  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:56:02.0016 0x14c4  clr_optimization_v2.0.50727_64 - ok
23:56:02.0125 0x14c4  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:56:02.0140 0x14c4  clr_optimization_v4.0.30319_32 - ok
23:56:02.0172 0x14c4  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:56:02.0187 0x14c4  clr_optimization_v4.0.30319_64 - ok
23:56:02.0203 0x14c4  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
23:56:02.0203 0x14c4  CmBatt - ok
23:56:02.0218 0x14c4  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
23:56:02.0218 0x14c4  cmdide - ok
23:56:02.0250 0x14c4  [ F95FD4CB7DA00BA2A63CE9F6B5C053E1 ] CNG             C:\Windows\system32\Drivers\cng.sys
23:56:02.0265 0x14c4  CNG - ok
23:56:02.0328 0x14c4  [ F9A79C5B27037821112C50A9C8FB367A ] Com4QLBEx       C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
23:56:02.0343 0x14c4  Com4QLBEx - ok
23:56:02.0359 0x14c4  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
23:56:02.0359 0x14c4  Compbatt - ok
23:56:02.0390 0x14c4  [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
23:56:02.0390 0x14c4  CompositeBus - ok
23:56:02.0406 0x14c4  COMSysApp - ok
23:56:02.0437 0x14c4  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
23:56:02.0437 0x14c4  crcdisk - ok
23:56:02.0468 0x14c4  [ 8C57411B66282C01533CB776F98AD384 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
23:56:02.0468 0x14c4  CryptSvc - ok
23:56:02.0499 0x14c4  [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch      C:\Windows\system32\rpcss.dll
23:56:02.0530 0x14c4  DcomLaunch - ok
23:56:02.0546 0x14c4  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
23:56:02.0562 0x14c4  defragsvc - ok
23:56:02.0608 0x14c4  [ 9C253CE7311CA60FC11C774692A13208 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
23:56:02.0608 0x14c4  DfsC - ok
23:56:02.0686 0x14c4  [ CE3B9562D997F69B330D181A8875960F ] Dhcp            C:\Windows\system32\dhcpcore.dll
23:56:02.0686 0x14c4  Dhcp - ok
23:56:02.0718 0x14c4  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
23:56:02.0718 0x14c4  discache - ok
23:56:02.0749 0x14c4  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
23:56:02.0749 0x14c4  Disk - ok
23:56:02.0811 0x14c4  [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache        C:\Windows\System32\dnsrslvr.dll
23:56:02.0811 0x14c4  Dnscache - ok
23:56:02.0842 0x14c4  [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc         C:\Windows\System32\dot3svc.dll
23:56:02.0842 0x14c4  dot3svc - ok
23:56:02.0858 0x14c4  [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS             C:\Windows\system32\dps.dll
23:56:02.0874 0x14c4  DPS - ok
23:56:02.0889 0x14c4  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
23:56:02.0889 0x14c4  drmkaud - ok
23:56:02.0952 0x14c4  [ F9F437B39CC0FCACCE8AC7CE422F537F ] DVMIO           C:\SPLASH.SYS\config\dvmio.sys
23:56:02.0952 0x14c4  DVMIO - ok
23:56:02.0983 0x14c4  [ 577582D57D90FB64276ACFEE958DBFD3 ] DvmMDES         C:\SPLASH.SYS\config\DVMExportService.exe
23:56:02.0983 0x14c4  DvmMDES - ok
23:56:03.0061 0x14c4  [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
23:56:03.0092 0x14c4  DXGKrnl - ok
23:56:03.0123 0x14c4  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
23:56:03.0123 0x14c4  EapHost - ok
23:56:03.0217 0x14c4  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
23:56:03.0326 0x14c4  ebdrv - ok
23:56:03.0342 0x14c4  [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS             C:\Windows\System32\lsass.exe
23:56:03.0342 0x14c4  EFS - ok
23:56:03.0451 0x14c4  [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
23:56:03.0466 0x14c4  ehRecvr - ok
23:56:03.0482 0x14c4  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
23:56:03.0498 0x14c4  ehSched - ok
23:56:03.0529 0x14c4  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
23:56:03.0544 0x14c4  elxstor - ok
23:56:03.0576 0x14c4  [ 524C79054636D2E5751169005006460B ] enecir          C:\Windows\system32\DRIVERS\enecir.sys
23:56:03.0576 0x14c4  enecir - ok
23:56:03.0607 0x14c4  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys
23:56:03.0607 0x14c4  ErrDev - ok
23:56:03.0654 0x14c4  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
23:56:03.0669 0x14c4  EventSystem - ok
23:56:03.0700 0x14c4  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
23:56:03.0700 0x14c4  exfat - ok
23:56:03.0732 0x14c4  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
23:56:03.0732 0x14c4  fastfat - ok
23:56:03.0763 0x14c4  [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax             C:\Windows\system32\fxssvc.exe
23:56:03.0778 0x14c4  Fax - ok
23:56:03.0794 0x14c4  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
23:56:03.0794 0x14c4  fdc - ok
23:56:03.0825 0x14c4  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
23:56:03.0825 0x14c4  fdPHost - ok
23:56:03.0841 0x14c4  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
23:56:03.0841 0x14c4  FDResPub - ok
23:56:03.0856 0x14c4  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
23:56:03.0856 0x14c4  FileInfo - ok
23:56:03.0856 0x14c4  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
23:56:03.0872 0x14c4  Filetrace - ok
23:56:03.0934 0x14c4  [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
23:56:03.0934 0x14c4  FLEXnet Licensing Service - ok
23:56:03.0966 0x14c4  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
23:56:03.0966 0x14c4  flpydisk - ok
23:56:03.0997 0x14c4  [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
23:56:03.0997 0x14c4  FltMgr - ok
23:56:04.0075 0x14c4  [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache       C:\Windows\system32\FntCache.dll
23:56:04.0106 0x14c4  FontCache - ok
23:56:04.0137 0x14c4  [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:56:04.0137 0x14c4  FontCache3.0.0.0 - ok
23:56:04.0153 0x14c4  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
23:56:04.0153 0x14c4  FsDepends - ok
23:56:04.0168 0x14c4  [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
23:56:04.0168 0x14c4  Fs_Rec - ok
23:56:04.0231 0x14c4  [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
23:56:04.0246 0x14c4  fvevol - ok
23:56:04.0278 0x14c4  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
23:56:04.0278 0x14c4  gagp30kx - ok
23:56:04.0324 0x14c4  [ C1BBCE4B30B45410178EE674C818D10C ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
23:56:04.0324 0x14c4  GameConsoleService - ok
23:56:04.0356 0x14c4  [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:56:04.0356 0x14c4  GEARAspiWDM - ok
23:56:04.0418 0x14c4  [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc           C:\Windows\System32\gpsvc.dll
23:56:04.0434 0x14c4  gpsvc - ok
23:56:04.0574 0x14c4  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:56:04.0574 0x14c4  gupdate - ok
23:56:04.0590 0x14c4  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:56:04.0590 0x14c4  gupdatem - ok
23:56:04.0605 0x14c4  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
23:56:04.0605 0x14c4  hcw85cir - ok
23:56:04.0652 0x14c4  [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:56:04.0652 0x14c4  HdAudAddService - ok
23:56:04.0668 0x14c4  [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
23:56:04.0668 0x14c4  HDAudBus - ok
23:56:04.0699 0x14c4  [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
23:56:04.0699 0x14c4  HECIx64 - ok
23:56:04.0714 0x14c4  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
23:56:04.0714 0x14c4  HidBatt - ok
23:56:04.0730 0x14c4  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
23:56:04.0746 0x14c4  HidBth - ok
23:56:04.0761 0x14c4  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
23:56:04.0761 0x14c4  HidIr - ok
23:56:04.0777 0x14c4  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
23:56:04.0777 0x14c4  hidserv - ok
23:56:04.0792 0x14c4  [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
23:56:04.0808 0x14c4  HidUsb - ok
23:56:04.0839 0x14c4  [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc          C:\Windows\system32\kmsvc.dll
23:56:04.0839 0x14c4  hkmsvc - ok
23:56:04.0855 0x14c4  [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:56:04.0855 0x14c4  HomeGroupListener - ok
23:56:04.0886 0x14c4  [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:56:04.0886 0x14c4  HomeGroupProvider - ok
23:56:04.0964 0x14c4  [ 58C91CCA61A948DC6E789C93C05A1D6F ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
23:56:04.0964 0x14c4  HP Health Check Service - ok
23:56:04.0995 0x14c4  [ 05712FDDBD45A5864EB326FAABC6A4E3 ] hpdskflt        C:\Windows\system32\DRIVERS\hpdskflt.sys
23:56:04.0995 0x14c4  hpdskflt - ok
23:56:05.0011 0x14c4  [ 9AF482D058BE59CC28BCE52E7C4B747C ] HpqKbFiltr      C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
23:56:05.0026 0x14c4  HpqKbFiltr - ok
23:56:05.0042 0x14c4  [ FDF273A845F1FFCCEADF363AAF47582F ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
23:56:05.0042 0x14c4  hpqwmiex - ok
23:56:05.0073 0x14c4  [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys
23:56:05.0073 0x14c4  HpSAMD - ok
23:56:05.0089 0x14c4  [ AA036CC5F5221D9B915F4D4DCE74BA9A ] hpsrv           C:\Windows\system32\Hpservice.exe
23:56:05.0089 0x14c4  hpsrv - ok
23:56:05.0120 0x14c4  [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
23:56:05.0151 0x14c4  HTTP - ok
23:56:05.0151 0x14c4  [ F17766A19145F111856378DF337A5D79 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
23:56:05.0151 0x14c4  hwpolicy - ok
23:56:05.0198 0x14c4  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
23:56:05.0198 0x14c4  i8042prt - ok
23:56:05.0229 0x14c4  [ BBB3B6DF1ABB0FE35802EDE85CC1C011 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
23:56:05.0229 0x14c4  iaStor - ok
23:56:05.0260 0x14c4  [ D83EFB6FD45DF9D55E9A1AFC63640D50 ] iaStorV         C:\Windows\system32\DRIVERS\iaStorV.sys
23:56:05.0276 0x14c4  iaStorV - ok
23:56:05.0307 0x14c4  [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:56:05.0338 0x14c4  idsvc - ok
23:56:05.0510 0x14c4  [ 0372C154226F7074CD150F475A4870A6 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
23:56:05.0713 0x14c4  igfx - ok
23:56:05.0744 0x14c4  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
23:56:05.0744 0x14c4  iirsp - ok
23:56:05.0775 0x14c4  [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT          C:\Windows\System32\ikeext.dll
23:56:05.0806 0x14c4  IKEEXT - ok
23:56:05.0822 0x14c4  [ 4FF8A2082D78255D2EB169F986BCC981 ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
23:56:05.0838 0x14c4  Impcd - ok
23:56:05.0869 0x14c4  [ 49072EDBC5C2F964917D1B585C90ED0A ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
23:56:05.0884 0x14c4  IntcDAud - ok
23:56:05.0884 0x14c4  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
23:56:05.0900 0x14c4  intelide - ok
23:56:05.0916 0x14c4  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
23:56:05.0916 0x14c4  intelppm - ok
23:56:05.0947 0x14c4  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
23:56:05.0947 0x14c4  IPBusEnum - ok
23:56:05.0962 0x14c4  [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:56:05.0978 0x14c4  IpFilterDriver - ok
23:56:05.0994 0x14c4  [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
23:56:06.0009 0x14c4  iphlpsvc - ok
23:56:06.0025 0x14c4  [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys
23:56:06.0025 0x14c4  IPMIDRV - ok
23:56:06.0040 0x14c4  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
23:56:06.0040 0x14c4  IPNAT - ok
23:56:06.0212 0x14c4  [ A9E53E1A9C4274EEBC00D36AE5ED40DE ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
23:56:06.0212 0x14c4  iPod Service - ok
23:56:06.0243 0x14c4  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
23:56:06.0243 0x14c4  IRENUM - ok
23:56:06.0259 0x14c4  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys
23:56:06.0259 0x14c4  isapnp - ok
23:56:06.0274 0x14c4  [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
23:56:06.0290 0x14c4  iScsiPrt - ok
23:56:06.0306 0x14c4  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
23:56:06.0306 0x14c4  kbdclass - ok
23:56:06.0321 0x14c4  [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
23:56:06.0321 0x14c4  kbdhid - ok
23:56:06.0352 0x14c4  [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso          C:\Windows\system32\lsass.exe
23:56:06.0352 0x14c4  KeyIso - ok
23:56:06.0368 0x14c4  [ E8B6FCC9C83535C67F835D407620BD27 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
23:56:06.0368 0x14c4  KSecDD - ok
23:56:06.0430 0x14c4  [ A8C63880EF6F4D3FEC7B616B9C060215 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
23:56:06.0430 0x14c4  KSecPkg - ok
23:56:06.0446 0x14c4  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
23:56:06.0446 0x14c4  ksthunk - ok
23:56:06.0477 0x14c4  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
23:56:06.0477 0x14c4  KtmRm - ok
23:56:06.0555 0x14c4  [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer    C:\Windows\System32\srvsvc.dll
23:56:06.0555 0x14c4  LanmanServer - ok
23:56:06.0586 0x14c4  [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:56:06.0586 0x14c4  LanmanWorkstation - ok
23:56:06.0649 0x14c4  [ 0EE66BDF485C6828AA65C0EF5D591133 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
23:56:06.0649 0x14c4  LightScribeService - ok
23:56:06.0680 0x14c4  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
23:56:06.0680 0x14c4  lltdio - ok
23:56:06.0711 0x14c4  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
23:56:06.0711 0x14c4  lltdsvc - ok
23:56:06.0727 0x14c4  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
23:56:06.0727 0x14c4  lmhosts - ok
23:56:06.0867 0x14c4  [ 7485FBCEF9136F530953575E2977859D ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
23:56:06.0867 0x14c4  LMS - ok
23:56:06.0898 0x14c4  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
23:56:06.0898 0x14c4  LSI_FC - ok
23:56:06.0914 0x14c4  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
23:56:06.0930 0x14c4  LSI_SAS - ok
23:56:06.0945 0x14c4  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:56:06.0945 0x14c4  LSI_SAS2 - ok
23:56:06.0961 0x14c4  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:56:06.0961 0x14c4  LSI_SCSI - ok
23:56:06.0992 0x14c4  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
23:56:06.0992 0x14c4  luafv - ok
23:56:07.0054 0x14c4  [ B2085E335F2B57077B0CBADB6F1245CD ] lvpopf64        C:\Windows\system32\DRIVERS\lvpopf64.sys
23:56:07.0054 0x14c4  lvpopf64 - ok
23:56:07.0117 0x14c4  [ DED333DBDBBCC3555A6E6244522E2F1A ] LVPr2M64        C:\Windows\system32\DRIVERS\LVPr2M64.sys
23:56:07.0132 0x14c4  LVPr2M64 - ok
23:56:07.0132 0x14c4  [ DED333DBDBBCC3555A6E6244522E2F1A ] LVPr2Mon        C:\Windows\system32\DRIVERS\LVPr2M64.sys
23:56:07.0132 0x14c4  LVPr2Mon - ok
23:56:07.0226 0x14c4  [ A35679E56E78091E1042A2D7ADBF2958 ] LVPrcS64        C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
23:56:07.0226 0x14c4  LVPrcS64 - ok
23:56:07.0257 0x14c4  [ 986C1CB787A007BAA5F74E7D316D7246 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
23:56:07.0257 0x14c4  LVRS64 - ok
23:56:07.0444 0x14c4  [ 5747BC465ABEA2858C5D037252AED84E ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
23:56:07.0585 0x14c4  LVUVC64 - ok
23:56:07.0647 0x14c4  [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
23:56:07.0647 0x14c4  Mcx2Svc - ok
23:56:07.0678 0x14c4  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
23:56:07.0678 0x14c4  megasas - ok
23:56:07.0694 0x14c4  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
23:56:07.0694 0x14c4  MegaSR - ok
23:56:07.0788 0x14c4  [ 7C4C76B39D5525C4A465E0BE32528E19 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
23:56:07.0788 0x14c4  Microsoft Office Groove Audit Service - ok
23:56:07.0819 0x14c4  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
23:56:07.0819 0x14c4  MMCSS - ok
23:56:07.0834 0x14c4  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
23:56:07.0834 0x14c4  Modem - ok
23:56:07.0866 0x14c4  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
23:56:07.0866 0x14c4  monitor - ok
23:56:07.0897 0x14c4  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
23:56:07.0897 0x14c4  mouclass - ok
23:56:07.0912 0x14c4  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
23:56:07.0928 0x14c4  mouhid - ok
23:56:07.0944 0x14c4  [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
23:56:07.0959 0x14c4  mountmgr - ok
23:56:08.0006 0x14c4  [ A35576A433F4AEB0D48976A004657CB6 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:56:08.0006 0x14c4  MozillaMaintenance - ok
23:56:08.0037 0x14c4  [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio            C:\Windows\system32\DRIVERS\mpio.sys
23:56:08.0037 0x14c4  mpio - ok
23:56:08.0053 0x14c4  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
23:56:08.0053 0x14c4  mpsdrv - ok
23:56:08.0084 0x14c4  [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc          C:\Windows\system32\mpssvc.dll
23:56:08.0100 0x14c4  MpsSvc - ok
23:56:08.0115 0x14c4  [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
23:56:08.0131 0x14c4  MRxDAV - ok
23:56:08.0178 0x14c4  [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
23:56:08.0178 0x14c4  mrxsmb - ok
23:56:08.0209 0x14c4  [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:56:08.0209 0x14c4  mrxsmb10 - ok
23:56:08.0224 0x14c4  [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:56:08.0224 0x14c4  mrxsmb20 - ok
23:56:08.0256 0x14c4  [ 5C37497276E3B3A5488B23A326A754B7 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
23:56:08.0256 0x14c4  msahci - ok
23:56:08.0271 0x14c4  [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys
23:56:08.0271 0x14c4  msdsm - ok
23:56:08.0287 0x14c4  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
23:56:08.0302 0x14c4  MSDTC - ok
23:56:08.0318 0x14c4  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
23:56:08.0318 0x14c4  Msfs - ok
23:56:08.0334 0x14c4  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
23:56:08.0349 0x14c4  mshidkmdf - ok
23:56:08.0349 0x14c4  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys
23:56:08.0349 0x14c4  msisadrv - ok
23:56:08.0380 0x14c4  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
23:56:08.0380 0x14c4  MSiSCSI - ok
23:56:08.0396 0x14c4  msiserver - ok
23:56:08.0412 0x14c4  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
23:56:08.0412 0x14c4  MSKSSRV - ok
23:56:08.0427 0x14c4  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
23:56:08.0427 0x14c4  MSPCLOCK - ok
23:56:08.0443 0x14c4  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
23:56:08.0443 0x14c4  MSPQM - ok
23:56:08.0458 0x14c4  [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
23:56:08.0458 0x14c4  MsRPC - ok
23:56:08.0474 0x14c4  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
23:56:08.0474 0x14c4  mssmbios - ok
23:56:08.0490 0x14c4  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
23:56:08.0490 0x14c4  MSTEE - ok
23:56:08.0521 0x14c4  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
23:56:08.0521 0x14c4  MTConfig - ok
23:56:08.0521 0x14c4  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
23:56:08.0536 0x14c4  Mup - ok
23:56:08.0552 0x14c4  [ 4987E079A4530FA737A128BE54B63B12 ] napagent        C:\Windows\system32\qagentRT.dll
23:56:08.0568 0x14c4  napagent - ok
23:56:08.0599 0x14c4  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
23:56:08.0599 0x14c4  NativeWifiP - ok
23:56:08.0630 0x14c4  [ CAD515DBD07D082BB317D9928CE8962C ] NDIS            C:\Windows\system32\drivers\ndis.sys
23:56:08.0646 0x14c4  NDIS - ok
23:56:08.0677 0x14c4  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
23:56:08.0677 0x14c4  NdisCap - ok
23:56:08.0692 0x14c4  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
23:56:08.0692 0x14c4  NdisTapi - ok
23:56:08.0708 0x14c4  [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
23:56:08.0708 0x14c4  Ndisuio - ok
23:56:08.0724 0x14c4  [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
23:56:08.0739 0x14c4  NdisWan - ok
23:56:08.0739 0x14c4  [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
23:56:08.0755 0x14c4  NDProxy - ok
23:56:08.0755 0x14c4  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
23:56:08.0755 0x14c4  NetBIOS - ok
23:56:08.0770 0x14c4  [ 9162B273A44AB9DCE5B44362731D062A ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
23:56:08.0786 0x14c4  NetBT - ok
23:56:08.0802 0x14c4  [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon        C:\Windows\system32\lsass.exe
23:56:08.0802 0x14c4  Netlogon - ok
23:56:08.0848 0x14c4  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
23:56:08.0848 0x14c4  Netman - ok
23:56:08.0880 0x14c4  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
23:56:08.0880 0x14c4  netprofm - ok
23:56:08.0911 0x14c4  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:56:08.0911 0x14c4  NetTcpPortSharing - ok
23:56:09.0067 0x14c4  [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
23:56:09.0192 0x14c4  netw5v64 - ok
23:56:09.0238 0x14c4  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
23:56:09.0238 0x14c4  nfrd960 - ok
23:56:09.0316 0x14c4  [ C69CFE06098360C13E6A0420DD4DE59E ] NitroDriverReadSpool C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe
23:56:09.0332 0x14c4  NitroDriverReadSpool - ok
23:56:09.0363 0x14c4  [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc          C:\Windows\System32\nlasvc.dll
23:56:09.0363 0x14c4  NlaSvc - ok
23:56:09.0488 0x14c4  [ 5A28D39F504C3BB4773AF70D8306B263 ] nlsX86cc        C:\Windows\SysWOW64\NLSSRV32.EXE
23:56:09.0488 0x14c4  nlsX86cc - ok
23:56:09.0519 0x14c4  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
23:56:09.0519 0x14c4  Npfs - ok
23:56:09.0535 0x14c4  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
23:56:09.0535 0x14c4  nsi - ok
23:56:09.0535 0x14c4  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
23:56:09.0535 0x14c4  nsiproxy - ok
23:56:09.0582 0x14c4  [ 356698A13C4630D5B31C37378D469196 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
23:56:09.0628 0x14c4  Ntfs - ok
23:56:09.0644 0x14c4  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
23:56:09.0644 0x14c4  Null - ok
23:56:09.0660 0x14c4  [ 3E38712941E9BB4DDBEE00AFFE3FED3D ] nvraid          C:\Windows\system32\DRIVERS\nvraid.sys
23:56:09.0660 0x14c4  nvraid - ok
23:56:09.0675 0x14c4  [ 477DC4D6DEB99BE37084C9AC6D013DA1 ] nvstor          C:\Windows\system32\DRIVERS\nvstor.sys
23:56:09.0691 0x14c4  nvstor - ok
23:56:09.0706 0x14c4  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys
23:56:09.0706 0x14c4  nv_agp - ok
23:56:09.0800 0x14c4  [ 1F0E05DFF4F5A833168E49BE1256F002 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:56:09.0800 0x14c4  odserv - ok
23:56:09.0831 0x14c4  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
23:56:09.0831 0x14c4  ohci1394 - ok
23:56:09.0847 0x14c4  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:56:09.0847 0x14c4  ose - ok
23:56:09.0909 0x14c4  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
23:56:09.0909 0x14c4  p2pimsvc - ok
23:56:09.0925 0x14c4  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
23:56:09.0940 0x14c4  p2psvc - ok
23:56:09.0956 0x14c4  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
23:56:09.0956 0x14c4  Parport - ok
23:56:09.0972 0x14c4  [ 7DAA117143316C4A1537E074A5A9EAF0 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
23:56:09.0972 0x14c4  partmgr - ok
23:56:09.0987 0x14c4  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
23:56:10.0003 0x14c4  PcaSvc - ok
23:56:10.0019 0x14c4  [ F36F6504009F2FB0DFD1B17A116AD74B ] pci             C:\Windows\system32\DRIVERS\pci.sys
23:56:10.0019 0x14c4  pci - ok
23:56:10.0019 0x14c4  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
23:56:10.0019 0x14c4  pciide - ok
23:56:10.0050 0x14c4  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
23:56:10.0065 0x14c4  pcmcia - ok
23:56:10.0143 0x14c4  [ AF7CE12C4F3DC8CB2B07685C916BBCFE ] pcouffin        C:\Windows\system32\Drivers\pcouffin.sys
23:56:10.0143 0x14c4  pcouffin - ok
23:56:10.0159 0x14c4  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
23:56:10.0159 0x14c4  pcw - ok
23:56:10.0175 0x14c4  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
23:56:10.0190 0x14c4  PEAUTH - ok
23:56:10.0221 0x14c4  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
23:56:10.0221 0x14c4  PerfHost - ok
23:56:10.0268 0x14c4  [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla             C:\Windows\system32\pla.dll
23:56:10.0315 0x14c4  pla - ok
23:56:10.0393 0x14c4  [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
23:56:10.0409 0x14c4  PlugPlay - ok
23:56:10.0424 0x14c4  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
23:56:10.0424 0x14c4  PNRPAutoReg - ok
23:56:10.0440 0x14c4  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
23:56:10.0440 0x14c4  PNRPsvc - ok
23:56:10.0471 0x14c4  [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
23:56:10.0487 0x14c4  PolicyAgent - ok
23:56:10.0518 0x14c4  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
23:56:10.0518 0x14c4  Power - ok
23:56:10.0533 0x14c4  [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
23:56:10.0533 0x14c4  PptpMiniport - ok
23:56:10.0565 0x14c4  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
23:56:10.0565 0x14c4  Processor - ok
23:56:10.0580 0x14c4  [ F381975E1F4346DE875CB07339CE8D3A ] ProfSvc         C:\Windows\system32\profsvc.dll
23:56:10.0596 0x14c4  ProfSvc - ok
23:56:10.0596 0x14c4  [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\Windows\system32\lsass.exe
23:56:10.0611 0x14c4  ProtectedStorage - ok
23:56:10.0627 0x14c4  [ EE992183BD8EAEFD9973F352E587A299 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
23:56:10.0643 0x14c4  Psched - ok
23:56:10.0689 0x14c4  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
23:56:10.0721 0x14c4  ql2300 - ok
23:56:10.0736 0x14c4  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
23:56:10.0752 0x14c4  ql40xx - ok
23:56:10.0767 0x14c4  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
23:56:10.0767 0x14c4  QWAVE - ok
23:56:10.0783 0x14c4  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
23:56:10.0783 0x14c4  QWAVEdrv - ok
23:56:10.0799 0x14c4  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
23:56:10.0799 0x14c4  RasAcd - ok
23:56:10.0830 0x14c4  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
23:56:10.0830 0x14c4  RasAgileVpn - ok
23:56:10.0845 0x14c4  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
23:56:10.0845 0x14c4  RasAuto - ok
23:56:10.0861 0x14c4  [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
23:56:10.0861 0x14c4  Rasl2tp - ok
23:56:10.0877 0x14c4  [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan          C:\Windows\System32\rasmans.dll
23:56:10.0892 0x14c4  RasMan - ok
23:56:10.0908 0x14c4  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
23:56:10.0908 0x14c4  RasPppoe - ok
23:56:10.0923 0x14c4  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
23:56:10.0923 0x14c4  RasSstp - ok
23:56:10.0939 0x14c4  [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
23:56:10.0939 0x14c4  rdbss - ok
23:56:10.0955 0x14c4  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
23:56:10.0970 0x14c4  rdpbus - ok
23:56:10.0970 0x14c4  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
23:56:10.0986 0x14c4  RDPCDD - ok
23:56:11.0001 0x14c4  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
23:56:11.0001 0x14c4  RDPENCDD - ok
23:56:11.0017 0x14c4  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
23:56:11.0017 0x14c4  RDPREFMP - ok
23:56:11.0048 0x14c4  [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
23:56:11.0048 0x14c4  RDPWD - ok
23:56:11.0064 0x14c4  [ 634B9A2181D98F15941236886164EC8B ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
23:56:11.0064 0x14c4  rdyboost - ok
23:56:11.0095 0x14c4  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
23:56:11.0095 0x14c4  RemoteAccess - ok
23:56:11.0111 0x14c4  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
23:56:11.0126 0x14c4  RemoteRegistry - ok
23:56:11.0173 0x14c4  [ 498EB62A160674E793FA40FD65390625 ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
23:56:11.0173 0x14c4  RichVideo - ok
23:56:11.0189 0x14c4  RimUsb - ok
23:56:11.0267 0x14c4  [ C903D49655B4AAE46673F0AAA6BE0F58 ] RimVSerPort     C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
23:56:11.0267 0x14c4  RimVSerPort - ok
23:56:11.0282 0x14c4  [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys
23:56:11.0298 0x14c4  ROOTMODEM - ok
23:56:11.0298 0x14c4  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
23:56:11.0313 0x14c4  RpcEptMapper - ok
23:56:11.0329 0x14c4  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
23:56:11.0345 0x14c4  RpcLocator - ok
23:56:11.0360 0x14c4  [ 7266972E86890E2B30C0C322E906B027 ] RpcSs           C:\Windows\system32\rpcss.dll
23:56:11.0360 0x14c4  RpcSs - ok
23:56:11.0391 0x14c4  [ 48C4D7895B5B6A655CA9F8C480DB293B ] RSPCIESTOR      C:\Windows\system32\DRIVERS\RtsPStor.sys
23:56:11.0391 0x14c4  RSPCIESTOR - ok
23:56:11.0423 0x14c4  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
23:56:11.0423 0x14c4  rspndr - ok
23:56:11.0438 0x14c4  [ 9AA2048CAB0B57DC408BB119AD52F70D ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
23:56:11.0438 0x14c4  RSUSBSTOR - ok
23:56:11.0469 0x14c4  [ 365ED58B47B46DE8B1C5FA759B6FCD6E ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
23:56:11.0469 0x14c4  RTL8167 - ok
23:56:11.0485 0x14c4  RTSTOR - ok
23:56:11.0501 0x14c4  [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs           C:\Windows\system32\lsass.exe
23:56:11.0501 0x14c4  SamSs - ok
23:56:11.0516 0x14c4  [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
23:56:11.0516 0x14c4  sbp2port - ok
23:56:11.0547 0x14c4  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
23:56:11.0547 0x14c4  SCardSvr - ok
23:56:11.0563 0x14c4  [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
23:56:11.0563 0x14c4  scfilter - ok
23:56:11.0641 0x14c4  [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule        C:\Windows\system32\schedsvc.dll
23:56:11.0672 0x14c4  Schedule - ok
23:56:11.0703 0x14c4  [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc     C:\Windows\System32\certprop.dll
23:56:11.0703 0x14c4  SCPolicySvc - ok
23:56:11.0735 0x14c4  [ 54E47AD086782D3AE9417C155CDCEB9B ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
23:56:11.0735 0x14c4  sdbus - ok
23:56:11.0750 0x14c4  [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
23:56:11.0750 0x14c4  SDRSVC - ok
23:56:11.0766 0x14c4  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
23:56:11.0766 0x14c4  secdrv - ok
23:56:11.0781 0x14c4  [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon        C:\Windows\system32\seclogon.dll
23:56:11.0781 0x14c4  seclogon - ok
23:56:11.0797 0x14c4  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
23:56:11.0797 0x14c4  SENS - ok
23:56:11.0828 0x14c4  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
23:56:11.0844 0x14c4  SensrSvc - ok
23:56:11.0859 0x14c4  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
23:56:11.0859 0x14c4  Serenum - ok
23:56:11.0875 0x14c4  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
23:56:11.0875 0x14c4  Serial - ok
23:56:11.0891 0x14c4  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
23:56:11.0891 0x14c4  sermouse - ok
23:56:11.0922 0x14c4  [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv      C:\Windows\system32\sessenv.dll
23:56:11.0922 0x14c4  SessionEnv - ok
23:56:11.0937 0x14c4  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
23:56:11.0937 0x14c4  sffdisk - ok
23:56:11.0953 0x14c4  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys
23:56:11.0953 0x14c4  sffp_mmc - ok
23:56:11.0969 0x14c4  [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
23:56:11.0969 0x14c4  sffp_sd - ok
23:56:11.0984 0x14c4  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
23:56:11.0984 0x14c4  sfloppy - ok
23:56:12.0031 0x14c4  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
23:56:12.0031 0x14c4  SharedAccess - ok
23:56:12.0062 0x14c4  [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:56:12.0062 0x14c4  ShellHWDetection - ok
23:56:12.0093 0x14c4  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:56:12.0093 0x14c4  SiSRaid2 - ok
23:56:12.0093 0x14c4  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
23:56:12.0093 0x14c4  SiSRaid4 - ok
23:56:12.0125 0x14c4  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
23:56:12.0125 0x14c4  Smb - ok
23:56:12.0140 0x14c4  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
23:56:12.0156 0x14c4  SNMPTRAP - ok
23:56:12.0171 0x14c4  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
23:56:12.0171 0x14c4  spldr - ok
23:56:12.0234 0x14c4  [ F8E1FA03CB70D54A9892AC88B91D1E7B ] Spooler         C:\Windows\System32\spoolsv.exe
23:56:12.0234 0x14c4  Spooler - ok
23:56:12.0327 0x14c4  [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc          C:\Windows\system32\sppsvc.exe
23:56:12.0437 0x14c4  sppsvc - ok
23:56:12.0452 0x14c4  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
23:56:12.0452 0x14c4  sppuinotify - ok
23:56:12.0515 0x14c4  [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
23:56:12.0530 0x14c4  srv - ok
23:56:12.0546 0x14c4  [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
23:56:12.0561 0x14c4  srv2 - ok
23:56:12.0577 0x14c4  [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
23:56:12.0593 0x14c4  SrvHsfHDA - ok
23:56:12.0624 0x14c4  [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
23:56:12.0655 0x14c4  SrvHsfV92 - ok
23:56:12.0686 0x14c4  [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
23:56:12.0702 0x14c4  SrvHsfWinac - ok
23:56:12.0764 0x14c4  [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
23:56:12.0764 0x14c4  srvnet - ok
23:56:12.0780 0x14c4  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
23:56:12.0780 0x14c4  SSDPSRV - ok
23:56:12.0795 0x14c4  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
23:56:12.0795 0x14c4  SstpSvc - ok
23:56:12.0873 0x14c4  [ 57BEB4500716DD30B65DFA85A35CC3D7 ] STacSV          C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d15ed671de43d681\STacSV64.exe
23:56:12.0889 0x14c4  STacSV - ok
23:56:12.0905 0x14c4  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
23:56:12.0905 0x14c4  stexstor - ok
23:56:12.0936 0x14c4  [ 1FEDF8D130CE221521B9BAD6703B92DE ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
23:56:12.0951 0x14c4  STHDA - ok
23:56:12.0983 0x14c4  [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc          C:\Windows\System32\wiaservc.dll
23:56:12.0998 0x14c4  stisvc - ok
23:56:13.0014 0x14c4  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
23:56:13.0029 0x14c4  swenum - ok
23:56:13.0045 0x14c4  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
23:56:13.0061 0x14c4  swprv - ok
23:56:13.0107 0x14c4  [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain         C:\Windows\system32\sysmain.dll
23:56:13.0170 0x14c4  SysMain - ok
23:56:13.0217 0x14c4  [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:56:13.0232 0x14c4  TabletInputService - ok
23:56:13.0232 0x14c4  [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv         C:\Windows\System32\tapisrv.dll
23:56:13.0248 0x14c4  TapiSrv - ok
23:56:13.0263 0x14c4  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
23:56:13.0263 0x14c4  TBS - ok
23:56:13.0357 0x14c4  [ B9D87C7707F058AC652A398CD28DE14B ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
23:56:13.0419 0x14c4  Tcpip - ok
23:56:13.0466 0x14c4  [ B9D87C7707F058AC652A398CD28DE14B ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
23:56:13.0482 0x14c4  TCPIP6 - ok
23:56:13.0497 0x14c4  [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
23:56:13.0513 0x14c4  tcpipreg - ok
23:56:13.0529 0x14c4  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
23:56:13.0529 0x14c4  TDPIPE - ok
23:56:13.0544 0x14c4  [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
23:56:13.0544 0x14c4  TDTCP - ok
23:56:13.0560 0x14c4  [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
23:56:13.0575 0x14c4  tdx - ok
23:56:13.0591 0x14c4  [ C448651339196C0E869A355171875522 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
23:56:13.0591 0x14c4  TermDD - ok
23:56:13.0607 0x14c4  [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService     C:\Windows\System32\termsrv.dll
23:56:13.0622 0x14c4  TermService - ok
23:56:13.0638 0x14c4  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
23:56:13.0638 0x14c4  Themes - ok
23:56:13.0653 0x14c4  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
23:56:13.0653 0x14c4  THREADORDER - ok
23:56:13.0669 0x14c4  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
23:56:13.0669 0x14c4  TrkWks - ok
23:56:13.0716 0x14c4  [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:56:13.0716 0x14c4  TrustedInstaller - ok
23:56:13.0731 0x14c4  [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
23:56:13.0731 0x14c4  tssecsrv - ok
23:56:13.0747 0x14c4  [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
23:56:13.0747 0x14c4  tunnel - ok
23:56:13.0763 0x14c4  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
23:56:13.0763 0x14c4  uagp35 - ok
23:56:13.0794 0x14c4  [ 31BA4A33AFAB6A69EA092B18017F737F ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
23:56:13.0794 0x14c4  udfs - ok
23:56:13.0825 0x14c4  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
23:56:13.0825 0x14c4  UI0Detect - ok
23:56:13.0841 0x14c4  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys
23:56:13.0841 0x14c4  uliagpkx - ok
23:56:13.0856 0x14c4  [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
23:56:13.0856 0x14c4  umbus - ok
23:56:13.0872 0x14c4  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
23:56:13.0872 0x14c4  UmPass - ok
23:56:13.0997 0x14c4  [ 765F2DD351BA064F657751D8D75E58C0 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
23:56:14.0028 0x14c4  UNS - ok
23:56:14.0059 0x14c4  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
23:56:14.0059 0x14c4  upnphost - ok
23:56:14.0121 0x14c4  [ 54D4B48D443E7228BF64CF7CDC3118AC ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
23:56:14.0121 0x14c4  USBAAPL64 - ok
23:56:14.0184 0x14c4  [ 77B01BC848298223A95D4EC23E1785A1 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
23:56:14.0184 0x14c4  usbaudio - ok
23:56:14.0199 0x14c4  [ B26AFB54A534D634523C4FB66765B026 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
23:56:14.0215 0x14c4  usbccgp - ok
23:56:14.0231 0x14c4  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
23:56:14.0231 0x14c4  usbcir - ok
23:56:14.0246 0x14c4  [ 2EA4AFF7BE7EB4632E3AA8595B0803B5 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
23:56:14.0262 0x14c4  usbehci - ok
23:56:14.0277 0x14c4  [ 7CC1C95896D60E868AA6DD2DD2F97EAD ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
23:56:14.0277 0x14c4  usbhub - ok
23:56:14.0309 0x14c4  [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
23:56:14.0309 0x14c4  usbohci - ok
23:56:14.0324 0x14c4  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
23:56:14.0324 0x14c4  usbprint - ok
23:56:14.0387 0x14c4  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
23:56:14.0387 0x14c4  usbscan - ok
23:56:14.0402 0x14c4  [ 080D3820DA6C046BE82FC8B45A893E83 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:56:14.0418 0x14c4  USBSTOR - ok
23:56:14.0433 0x14c4  [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
23:56:14.0433 0x14c4  usbuhci - ok
23:56:14.0465 0x14c4  [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
23:56:14.0480 0x14c4  usbvideo - ok
23:56:14.0496 0x14c4  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
23:56:14.0496 0x14c4  UxSms - ok
23:56:14.0511 0x14c4  [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc        C:\Windows\system32\lsass.exe
23:56:14.0511 0x14c4  VaultSvc - ok
23:56:14.0527 0x14c4  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys
23:56:14.0527 0x14c4  vdrvroot - ok
23:56:14.0543 0x14c4  [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds             C:\Windows\System32\vds.exe
23:56:14.0558 0x14c4  vds - ok
23:56:14.0589 0x14c4  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
23:56:14.0589 0x14c4  vga - ok
23:56:14.0605 0x14c4  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
23:56:14.0605 0x14c4  VgaSave - ok
23:56:14.0636 0x14c4  [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
23:56:14.0636 0x14c4  vhdmp - ok
23:56:14.0652 0x14c4  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\DRIVERS\viaide.sys
23:56:14.0652 0x14c4  viaide - ok
23:56:14.0667 0x14c4  [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys
23:56:14.0667 0x14c4  volmgr - ok
23:56:14.0683 0x14c4  [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
23:56:14.0699 0x14c4  volmgrx - ok
23:56:14.0699 0x14c4  [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap         C:\Windows\system32\DRIVERS\volsnap.sys
23:56:14.0714 0x14c4  volsnap - ok
23:56:14.0730 0x14c4  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
23:56:14.0730 0x14c4  vsmraid - ok
23:56:14.0777 0x14c4  [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS             C:\Windows\system32\vssvc.exe
23:56:14.0808 0x14c4  VSS - ok
23:56:15.0011 0x14c4  [ 7D110D645030C05A06C3CD08D1E47D0A ] vToolbarUpdater13.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
23:56:15.0026 0x14c4  vToolbarUpdater13.2.0 - ok
23:56:15.0057 0x14c4  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
23:56:15.0057 0x14c4  vwifibus - ok
23:56:15.0073 0x14c4  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
23:56:15.0073 0x14c4  vwififlt - ok
23:56:15.0104 0x14c4  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
23:56:15.0120 0x14c4  W32Time - ok
23:56:15.0135 0x14c4  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
23:56:15.0135 0x14c4  WacomPen - ok
23:56:15.0151 0x14c4  [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
23:56:15.0151 0x14c4  WANARP - ok
23:56:15.0167 0x14c4  [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
23:56:15.0167 0x14c4  Wanarpv6 - ok
23:56:15.0260 0x14c4  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
23:56:15.0291 0x14c4  WatAdminSvc - ok
23:56:15.0338 0x14c4  [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine        C:\Windows\system32\wbengine.exe
23:56:15.0369 0x14c4  wbengine - ok
23:56:15.0385 0x14c4  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
23:56:15.0385 0x14c4  WbioSrvc - ok
23:56:15.0463 0x14c4  [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
23:56:15.0463 0x14c4  wcncsvc - ok
23:56:15.0479 0x14c4  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:56:15.0479 0x14c4  WcsPlugInService - ok
23:56:15.0510 0x14c4  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
23:56:15.0510 0x14c4  Wd - ok
23:56:15.0572 0x14c4  [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
23:56:15.0572 0x14c4  WDC_SAM - ok
23:56:15.0666 0x14c4  [ 2ED495FB03C177A7F51416C2BE253363 ] WDDMService     C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
23:56:15.0666 0x14c4  WDDMService - ok
23:56:15.0681 0x14c4  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
23:56:15.0697 0x14c4  Wdf01000 - ok
23:56:15.0713 0x14c4  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
23:56:15.0713 0x14c4  WdiServiceHost - ok
23:56:15.0728 0x14c4  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
23:56:15.0728 0x14c4  WdiSystemHost - ok
23:56:15.0791 0x14c4  [ 138AB06ADBBF300AA804D7974A5AEC82 ] WDSmartWareBackgroundService C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
23:56:15.0806 0x14c4  WDSmartWareBackgroundService - ok
23:56:15.0869 0x14c4  [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient       C:\Windows\System32\webclnt.dll
23:56:15.0869 0x14c4  WebClient - ok
23:56:15.0884 0x14c4  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
23:56:15.0900 0x14c4  Wecsvc - ok
23:56:15.0915 0x14c4  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
23:56:15.0915 0x14c4  wercplsupport - ok
23:56:15.0947 0x14c4  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
23:56:15.0947 0x14c4  WerSvc - ok
23:56:15.0962 0x14c4  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
23:56:15.0962 0x14c4  WfpLwf - ok
23:56:15.0978 0x14c4  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
23:56:15.0978 0x14c4  WIMMount - ok
23:56:16.0009 0x14c4  WinDefend - ok
23:56:16.0009 0x14c4  WinHttpAutoProxySvc - ok
23:56:16.0071 0x14c4  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
23:56:16.0071 0x14c4  Winmgmt - ok
23:56:16.0134 0x14c4  [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM           C:\Windows\system32\WsmSvc.dll
23:56:16.0196 0x14c4  WinRM - ok
23:56:16.0259 0x14c4  [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
23:56:16.0259 0x14c4  WinUsb - ok
23:56:16.0305 0x14c4  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
23:56:16.0337 0x14c4  Wlansvc - ok
23:56:16.0352 0x14c4  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
23:56:16.0368 0x14c4  WmiAcpi - ok
23:56:16.0383 0x14c4  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
23:56:16.0383 0x14c4  wmiApSrv - ok
23:56:16.0415 0x14c4  WMPNetworkSvc - ok
23:56:16.0430 0x14c4  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
23:56:16.0430 0x14c4  WPCSvc - ok
23:56:16.0446 0x14c4  [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
23:56:16.0446 0x14c4  WPDBusEnum - ok
23:56:16.0477 0x14c4  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
23:56:16.0477 0x14c4  ws2ifsl - ok
23:56:16.0539 0x14c4  [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc          C:\Windows\system32\wscsvc.dll
23:56:16.0539 0x14c4  wscsvc - ok
23:56:16.0539 0x14c4  WSearch - ok
23:56:16.0617 0x14c4  [ 38340204A2D0228F1E87740FC5E554A7 ] wuauserv        C:\Windows\system32\wuaueng.dll
23:56:16.0664 0x14c4  wuauserv - ok
23:56:16.0680 0x14c4  [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
23:56:16.0680 0x14c4  WudfPf - ok
23:56:16.0711 0x14c4  [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
23:56:16.0711 0x14c4  WUDFRd - ok
23:56:16.0727 0x14c4  [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
23:56:16.0727 0x14c4  wudfsvc - ok
23:56:16.0742 0x14c4  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
23:56:16.0758 0x14c4  WwanSvc - ok
23:56:16.0789 0x14c4  [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
23:56:16.0789 0x14c4  yukonw7 - ok
23:56:16.0805 0x14c4  ================ Scan global ===============================
23:56:16.0820 0x14c4  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
23:56:16.0883 0x14c4  [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
23:56:16.0898 0x14c4  [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
23:56:16.0929 0x14c4  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
23:56:16.0945 0x14c4  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
23:56:16.0961 0x14c4  [Global] - ok
23:56:16.0961 0x14c4  ================ Scan MBR ==================================
23:56:16.0961 0x14c4  [ 838EED5000E4E17DC15A4D3D8106B341 ] \Device\Harddisk0\DR0
23:56:17.0257 0x14c4  \Device\Harddisk0\DR0 - ok
23:56:17.0288 0x14c4  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
23:56:17.0460 0x14c4  \Device\Harddisk1\DR1 - ok
23:56:17.0460 0x14c4  ================ Scan VBR ==================================
23:56:17.0460 0x14c4  [ C1BFBE24DD095673981948E3951037F1 ] \Device\Harddisk0\DR0\Partition1
23:56:17.0460 0x14c4  \Device\Harddisk0\DR0\Partition1 - ok
23:56:17.0475 0x14c4  [ 4317A4014C6CE7DB8BFCED196C946F72 ] \Device\Harddisk0\DR0\Partition2
23:56:17.0475 0x14c4  \Device\Harddisk0\DR0\Partition2 - ok
23:56:17.0507 0x14c4  [ 038094D397E6BDDD07FC3656B549903E ] \Device\Harddisk0\DR0\Partition3
23:56:17.0507 0x14c4  \Device\Harddisk0\DR0\Partition3 - ok
23:56:17.0522 0x14c4  [ 650472F53694462338F30342C5AF8CC6 ] \Device\Harddisk0\DR0\Partition4
23:56:17.0522 0x14c4  \Device\Harddisk0\DR0\Partition4 - ok
23:56:17.0538 0x14c4  [ 48D619DA98944DE7897AEBA1B8EF84F6 ] \Device\Harddisk1\DR1\Partition1
23:56:17.0538 0x14c4  \Device\Harddisk1\DR1\Partition1 - ok
23:56:17.0538 0x14c4  ============================================================
23:56:17.0538 0x14c4  Scan finished
23:56:17.0538 0x14c4  ============================================================
23:56:17.0538 0x1bac  Detected object count: 0
23:56:17.0538 0x1bac  Actual detected object count: 0
 

 



#6 527

527
  • Topic Starter

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:03:14 PM

Posted 05 September 2013 - 11:20 PM

Sorry in advance for any double postings - the browser keeps hanging when I post, the pages never fully load so I might make some double posts.

 

I am trying to run AdwCleaner according to the instructions but when I launch the program, I don't see a delete button. I only see "scan". If I scan, this is what I see. I stopped here so I don't make a mistake.

 

Capture.jpg

 

Here is the report from the scan:

 

# AdwCleaner v3.002 - Report created 06/09/2013 at 00:13:25
# Updated 01/09/2013 by Xplode
# Operating System : Windows 7 Home Premium  (64 bits)
# Username : admin - ADMIN-PC
# Running from : C:\Users\admin\Downloads\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : DvmMDES

***** [ Files / Folders ] *****

Folder Found C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Found C:\ProgramData\AVG Secure Search
Folder Found C:\ProgramData\AVG Security Toolbar
Folder Found C:\Users\admin\AppData\Local\AVG Security Toolbar
Folder Found C:\Users\admin\AppData\LocalLow\AVG Security Toolbar

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Key Found : HKCU\Software\AVG Security Toolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : [x64] HKCU\Software\AVG Security Toolbar
Key Found : [x64] HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\Software\AVG Secure Search
Key Found : HKLM\Software\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7CD74AFF-3433-4E34-92E2-D98DFDB30754}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Found : HKLM\Software\DeviceVM
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\tracing\askpartnercobrandingtool_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : [x64] HKLM\SOFTWARE\DeviceVM
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16421


-\\ Mozilla Firefox v23.0.1 (en-US)

[ File : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\b51rndpc.default\prefs.js ]


-\\ Google Chrome v

[ File : C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [2905 octets] - [06/09/2013 00:13:25]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2965 octets] ##########


Edited by 527, 05 September 2013 - 11:22 PM.


#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:14 PM

Posted 06 September 2013 - 10:34 AM

Double click on AdwCleaner.exe to run the tool again.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished... <-insert any special instructions here for what to uncheck OR remove this line if there are none->
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
You AVG is very old we'll have to address that after.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 527

527
  • Topic Starter

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:03:14 PM

Posted 06 September 2013 - 11:55 AM

# AdwCleaner v3.002 - Report created 06/09/2013 at 12:51:52
# Updated 01/09/2013 by Xplode
# Operating System : Windows 7 Home Premium  (64 bits)
# Username : admin - ADMIN-PC
# Running from : C:\Users\admin\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : DvmMDES

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\admin\AppData\Local\AVG Security Toolbar
Folder Deleted : C:\Users\admin\AppData\LocalLow\AVG Security Toolbar

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\tracing\askpartnercobrandingtool_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7CD74AFF-3433-4E34-92E2-D98DFDB30754}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\AVG Security Toolbar
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\DeviceVM
Key Deleted : [x64] HKLM\SOFTWARE\DeviceVM

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16421


-\\ Mozilla Firefox v23.0.1 (en-US)

[ File : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\b51rndpc.default\prefs.js ]


-\\ Google Chrome v

[ File : C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [3065 octets] - [06/09/2013 00:13:25]
AdwCleaner[R1].txt - [3125 octets] - [06/09/2013 12:51:25]
AdwCleaner[S0].txt - [2995 octets] - [06/09/2013 12:51:52]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3055 octets] ##########
 



#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:14 PM

Posted 06 September 2013 - 01:58 PM

Ok good, move on to ESET.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 527

527
  • Topic Starter

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:03:14 PM

Posted 06 September 2013 - 02:25 PM

Running the scan now. Taking a long time :) Only 33% after 2 hours.

 

2 threats found so far... PHP/RemoteAdmin.RemView.A pplication



#11 527

527
  • Topic Starter

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:03:14 PM

Posted 06 September 2013 - 03:05 PM

Eset log

 

C:\Users\admin\My Websites\vivretteguitaracademy.com\jeffvivrette.tar    PHP/RemoteAdmin.RemView.A application    deleted - quarantined
C:\Users\admin\My Websites\vivretteguitaracademy.com\jeffvivrette.tar.gz    PHP/RemoteAdmin.RemView.A application    deleted - quarantined
 



#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:14 PM

Posted 06 September 2013 - 03:19 PM

How long ago did you run ComboFix?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 527

527
  • Topic Starter

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:03:14 PM

Posted 06 September 2013 - 03:30 PM

Thanks for the help so far, I forgot to mention that!

 

I have not run ComboFix so far. Should I run it?



#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:14 PM

Posted 06 September 2013 - 08:07 PM

No, do not run it. I am wondering if someone else did..

See this from the Minilog...
CodeIntegrity Errors:
===================================
Date: 2012-11-17 16:45:48.860
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-11-17 16:45:48.833
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Do a search for ComboFix.txt


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 527

527
  • Topic Starter

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:03:14 PM

Posted 06 September 2013 - 08:45 PM

I found a file called ComboFix2.txt in a folder called Qoobox?

 

ComboFix 12-11-16.02 - admin 11/17/2012  16:13:44.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7600.0.1252.1.1033.18.3895.2189 [GMT -5:00]
Running from: c:\users\admin\Downloads\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\users\admin\AppData\Roaming\inst.exe
c:\users\Public\videos\HP MediaSmart Demo.exe
G:\Autorun.inf
G:\Setup.exe
.
.
(((((((((((((((((((((((((   Files Created from 2012-10-17 to 2012-11-17  )))))))))))))))))))))))))))))))
.
.
2012-11-17 21:49 . 2012-11-17 21:49    --------    d-----w-    c:\users\Default\AppData\Local\temp
2012-11-08 14:10 . 2012-11-08 14:09    30568    ----a-w-    c:\windows\system32\drivers\avgtpx64.sys
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-09 16:25 . 2012-04-03 06:53    696760    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-09 16:25 . 2011-07-02 00:33    73656    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-10-16 2363392]
"Logitech Vid"="c:\program files (x86)\Logitech\Logitech Vid\vid.exe" [2009-07-16 5458704]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HPCam_Menu"="c:\program files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-08-20 322104]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG10\avgtray.exe" [2012-08-01 2345592]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-04-27 421160]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2010-1-21 2119488]
WDSmartWare.lnk - c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2010-1-21 9136960]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute    REG_MULTI_SZ       autocheck autochk *\0c:\progra~2\AVG\AVG10\avgchsva.exe /sync\0c:\progra~2\AVG\AVG10\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2012-01-31 7391072]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-11-10 167264]
R3 lvpopf64;Logitech POP Suppression Filter;c:\windows\system32\DRIVERS\lvpopf64.sys [2009-10-07 271640]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2009-10-07 327704]
R3 LVUVC64;QuickCam for Notebooks Deluxe(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2009-10-07 6379288]
R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-11-12 232480]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-02-18 51712]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-01 1255736]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2009-02-13 14464]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-02-22 26704]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2011-03-16 37456]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2011-01-07 304720]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-03-01 41552]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2012-11-08 30568]
S1 DVMIO;DVMIO;c:\splash.sys\config\dvmio.sys [2009-09-27 21624]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d15ed671de43d681\AESTSr64.exe [2009-03-03 89600]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG10\avgwdsvc.exe [2011-02-08 269520]
S2 DvmMDES;DeviceVM Meta Data Export Service;c:\splash.sys\config\DVMExportService.exe [2009-07-09 323584]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2009-07-08 30520]
S2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 191000]
S2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool;c:\program files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe [2010-02-02 324928]
S2 nlsX86cc;NLS Service;c:\windows\SysWOW64\NLSSRV32.EXE [2010-02-02 65856]
S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-10-01 2320920]
S2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [2012-11-08 711112]
S2 WDDMService;WD SmartWare Drive Manager Service;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-01-21 130048]
S2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-05-27 118864]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-02-10 29264]
S3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2009-06-29 70656]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2009-10-13 151040]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2009-09-26 233984]
S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [2009-10-07 30232]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2010-08-14 82816]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2009-11-12 200736]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-11-06 291328]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-10-16 19:49    451872    ----a-w-    c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2012-11-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 16:25]
.
2012-11-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3729610577-99307064-2259490036-1001Core.job
- c:\users\admin\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-17 15:01]
.
2012-11-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3729610577-99307064-2259490036-1001UA.job
- c:\users\admin\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-17 15:01]
.
2012-11-17 c:\windows\Tasks\HPCeeScheduleForadmin.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 12:22]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-11-10 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-11-10 390168]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-11-10 408600]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-05-15 318464]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-10-21 487424]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-08-25 610872]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\b51rndpc.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.goal.com/en-gb/
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4dda6933&v=7.004.022.004&i=23&tp=ab&iy=&ychte=us&lng=en-US&q=
FF - ExtSQL: !HIDDEN! 2010-05-30 18:37; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKLM-Run-vProt - c:\program files (x86)\AVG Secure Search\vprot.exe
Wow6432Node-HKLM-Run-ROC_roc_dec12 - c:\program files (x86)\AVG Secure Search\ROC_roc_dec12.exe
Wow6432Node-HKLM-Run-HF_G_Jul - c:\program files (x86)\AVG Secure Search\HF_G_Jul.exe
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
AddRemove-RadLight MPC DirectShow Filter - c:\windows\system32\RadLightMPCUninstall.exe
AddRemove-{B60DCA15-56A3-4D2D-8747-22CF7D7B588B} - c:\program files (x86)\InstallShield Installation Information\{B60DCA15-56A3-4D2D-8747-22CF7D7B588B}\setup.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*,*%*2*0*S*h*i*o*n*e*%*2*0*IvËR\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*,*%*2*0*S*h*i*o*n*e*%*2*0*%¤sQ\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*0*oCÖh]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*0*oCÖh\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*a*v*i*§3YY\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*a*v*i* sÁu\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\. a
h\
 €ð ]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\. a
h\
 €ð \OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*a*ßØPc]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*a*ßØPc\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*b*e*r*r*i*m*o*r*e*ËCU\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*C*a*m*%*2*0*%*2*0*K*i*t*t*y*%*2*0*K*a*i*t*i*%*2*0*-*%*2*0*s*e*l*f*%*2*0*s*u*c*k*%*2*0*p*a*r*t*%*2*0*2*,*%*2*0*F*r*e*e*%*2*z$äN\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*C*a*m*%*2*0*%*2*0*K*i*t*t*y*%*2*0*K*a*i*t*i*%*2*0*-*%*2*0*s*e*l*f*%*2*0*s*u*c*k*%*2*0*p*a*r*t*%*2*0*2*,*%*2*0*F*r*e*e*%*2*ß…RC\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*C*e*ÌüD\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*c*o*m*QI\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*c*o*m*†%ZW\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*c*o*m*Î9O\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*c*o*m*)zl\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*c*o*m*Ë¿*\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*c*o*:F_T\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*c*o*B„§>\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*c*o*±šýA\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*c*o*¯D\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*c*y'N]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*c*y'N\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*e*x*e*D\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*e*x*e*÷™Ú•Z¾^ëuþîÌvü€!ÃÞ%|žiQ\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*F*i*s*t*i*n*g*(*D*V*D*R*i*P*»¯NZ\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*f*l*v*®XÅd\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*G*o*r*g*e*o*u*ÔÂjq\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*H*o*m*e*%*2*0*c*a*m*%*2*0*s*l*u*t*%*2*0*f*u*c*k*s*%*2*0*h*e*r*%*2*0*t*h*i*c*k*%*2*0*d*i*l*d*o*%*2*0*m*a*c*h*RÀOB\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*k*i*n*k*y*%*2*0*n*i*c*o*l*e*%*2*0*s*h*e*r*i*d*a*n*%*2*0*g*e*t*s*%*2*0*r*o*u*g*h*%*2*0*w*i*t*h*%*2*0*h*i*s*%*2*0*f*o*r*)<\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*l*e*e*ÇJm-\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*l*e*e*ÖJm-\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*l*i*k*e*‚ÀS\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*m*a*s*mî‘U\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*m*p*4*SéO\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*m*p*4*qéO\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*m*®Ìic]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*m*®Ìic\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*N*e*w*%*2*0*2*0*1*0*%*2*0*T*e*e*n*%*2*0*W*e*b*c*a*m*%*2*0*-*%*2*0*M*o*s*t*%*2*0*I*n*c*r*e*d*i*b*l*e*%*2*0*T*i*t*s*%*2*0*È ë@\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*P*e*t*e*r*s*b*“o-\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*P*e*t*e*r*s*b*i-\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*P*e*t*e*r*s*b*“HÖX\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*P*e*t*e*r*s*b*ßHÖX\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*P*e*t*e*r*s*b*û¢f[\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*P*e*t*e*r*s*b*}±NZ\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*P*e*t*e*r*s*b*Åän-\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*P*e*t*e*r*s*b*ån-\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*p*o*r*n*o*v    o-\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*p*o*r*n*o*8IÖX\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*p*o*r*n*o*ÏIÖX\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*p*o*r*n*o*Ÿ f[\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*p*o*v f[\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*p*o*åên-\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*s*u*c*A4ÈL\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*S*gÞe]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*S*gÞe\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*u*n*b*l*o*B¯NZ\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*u*n*b*l* lm-\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*w*i*f*e*%*2*0*p*e*e*i*n*g*%*2*0*i*n*%*2*0*p*a*n*t*i*e*s*%*2*0*t*h*e*n*%*2*0*m*e*%*2*0*p*e*e*i*n*g*%*2*0*o*n*%*2*0*h*e*r*%*2*0*H3,O\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*w*i*f*e*%*2*0*p*e*e*i*n*g*%*2*0*i*n*%*2*0*p*a*n*t*i*e*s*%*2*0*t*h*e*n*%*2*0*m*e*%*2*0*p*e*e*i*n*g*%*2*0*o*n*%*2*0*h*e*r*%*2*0*z»RL\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*w*m*v*ûyÀ5\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*w*U)]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*w*U)\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*w*’8O]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*w*’8O\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*w*°8O]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*w*°8O\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*w*jCbF]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*w*jCbF\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*w*3„K]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*w*3„K\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*X*v*i*D*-*D*i*v*X*f*a*c*T*o*r*y*Ø¡f[\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*X*v*i*D*-*J*äån-\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\. X v i D - U P P E R C U T [
&x\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*X*v*i*D*-*U*P*P*E*R*C*U*T*[*Å&x\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*¹{)]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*¹{)\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*Ê{)]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*Ê{)\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*µ
ÑB]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*µ
ÑB\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*µ+2k]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*µ+2k\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*–,øJ*€w]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*–,øJ*€w\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*È,øOµ*€™]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*È,øOµ*€™\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.**1ä€*€]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.**1ä€*€\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*ï1V€*€]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-3729610577-99307064-2259490036-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*ï1V€*€\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-11-17  17:05:45
ComboFix-quarantined-files.txt  2012-11-17 22:05
.
Pre-Run: 3,468,050,432 bytes free
Post-Run: 3,601,793,024 bytes free
.
- - End Of File - - C1EF65F6954DD1705881313FC7DF878F
 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users