Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer Virus


  • Please log in to reply
29 replies to this topic

#1 stubby97

stubby97

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:55 PM

Posted 28 October 2013 - 02:16 AM

My computer is doing strange things on me.. I think that I have a virus.. What is the first thing I should do to try and elimanate it.. What files do you need.. I would also like to clean my computer.. I would very much appreciate your help.. where do we start

 

tks rick


Edited by hamluis, 28 October 2013 - 06:06 AM.
Moved from XP to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 HydroLar

HydroLar

  • Members
  • 454 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Storrs, Connecticut USA
  • Local time:01:55 AM

Posted 28 October 2013 - 07:00 AM

Hi rick and welcome to BleepingComputer :)

Let's get started....

:step1:
Download Security Check from here or here and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • Notepad document should open automatically called checkup.txt; please post the contents of that document.
NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me.

:step2:
Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.
:step3:
 Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size
Click Go and post the result.

:step4:
Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad.
  •  Post the log back here.
  • Be sure to restart the computer.

    The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
    Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

    :step5:
    Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
    There are 2 different versions. If one of them won't run then download and try to run the other one.
    You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

    rKill.exehttp://www.bleepingcomputer.com/download/rkill/dl/10/
    iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/
    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
    • black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • Do not reboot until instructed.
    • If the tool does not run from any of the links provided, please let me know.
    If normal mode still doesn't work, run the tool from safe mode.

    When the scan is done Notepad will open with rKill log.
    Post it in your next reply.

    NOTE. rKill.txt log will also be present on your desktop.

    NOTE Do NOT wrap your logs in "quote" or "code" brackets.

Edited by HydroLar, 28 October 2013 - 07:22 AM.

Posted Image
 
"The object of life is not to be on the side of the majority, but to escape finding oneself in the ranks of the insane." - Marcus Aurelius

#3 stubby97

stubby97
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:55 PM

Posted 28 October 2013 - 12:24 PM

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.10.28.06

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Owner :: RICKSTUBBS [administrator]

Protection: Enabled

28/10/2013 9:42:48 AM
mbam-log-2013-10-28 (09-42-48).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 280880
Time elapsed: 19 minute(s), 3 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 35
HKCR\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} (PUP.Optional.BrowseFox.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899} (PUP.Optional.WebCake.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517} (PUP.WebCake) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517} (PUP.WebCake) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{44ED99E2-16A6-4B89-80D6-5B21CF42E78B} (PUP.Optional.SafeMonitor.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{44ED99E2-16A6-4B89-80D6-5B21CF42E78B} (PUP.Optional.SafeMonitor.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} (PUP.Optional.Wajam) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} (PUP.Optional.Wajam) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EA582743-9076-4178-9AA6-7393FDF4D5CE} (PUP.Optional.AmazonTB.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EA582743-9076-4178-9AA6-7393FDF4D5CE} (PUP.Optional.AmazonTB.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{F443A627-5009-4323-9C1D-7FD598D0D712} (PUP.Optional.AmazonTB.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F443A627-5009-4323-9C1D-7FD598D0D712} (PUP.Optional.AmazonTB.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA} (PUP.Optional.WebCake.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SETUP.EXE (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\BabylonToolbar (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Quarantined and deleted successfully.
HKCU\Software\ConduitSearchScopes (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> Quarantined and deleted successfully.
HKCU\Software\delta LTD (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCU\Software\PriceGong (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
HKCU\Software\Conduit\FF (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\CROSSRIDER (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\CROSSRIDER (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCU\Software\Distromatic\Toolbars (PUP.Optional.AlexaTB.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\babylontoolbar (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.

Registry Values Detected: 3
HKCU\Software\Crossrider|Verifier (PUP.Optional.CrossRider.A) -> Data: a0258cf08945dccb95d062439d1680c8 -> Quarantined and deleted successfully.
HKCU\Software\Crossrider|215AppVerifier (Adware.GamePlayLab) -> Data: 940e184c289815403308ac95b6f9f058 -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs|bProtectTabs (PUP.Optional.BrowserProtect.A) -> Data: http://www2.delta-search.com/?affID=121150&babsrc=NT_ss&mntrId=24C3001195CAEDCB -> Quarantined and deleted successfully.

Registry Data Items Detected: 4
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Search Bar (Hijack.SearchPage) -> Bad: (http://search.certified-toolbar.com?si=42102&tid=2876&bs=true&q=) Good: (http://www.google.com) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search|Default_Search_URL (Hijack.SearchPage) -> Bad: (http://search.certified-toolbar.com?si=42102&tid=2876&bs=true&q=) Good: (http://www.google.com/) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Search Bar (Hijack.SearchPage) -> Bad: (http://search.certified-toolbar.com?si=42102&tid=2876&bs=true&q=) Good: (http://www.google.com) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search|Default_Search_URL (Hijack.SearchPage) -> Bad: (http://search.certified-toolbar.com?si=42102&tid=2876&bs=true&q=) Good: (http://www.google.com/) -> Quarantined and repaired successfully.

Folders Detected: 23
C:\Documents and Settings\Owner\Application Data\Babylon (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\SearchProtect\Dialogs (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\SearchProtect\Dialogs\lib (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\SearchProtect\Dialogs\spbd (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\SearchProtect\Dialogs\spbd\images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\SearchProtect\Dialogs\spsd (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\SearchProtect\Dialogs\spsd\images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\SearchProtect\Dialogs (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\SearchProtect\Dialogs\lib (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\SearchProtect\Dialogs\spbd (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\SearchProtect\Dialogs\spbd\images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\SearchProtect\Dialogs\spsd (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\SearchProtect\Dialogs\spsd\images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\SearchProtect\ffprotect (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\SearchProtect\ffprotect (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\SearchProtect\ffprotect\SProtectorRepository (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Tarma Installer (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504} (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Cache (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\PriceGong (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\PriceGong\Data (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\PriceGong (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\PriceGong\Data (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.

Files Detected: 127
C:\Documents and Settings\All Users\Application Data\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\SearchProtect\bin\ChromeModule.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\SearchProtect\bin\cltmng.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\SearchProtect\bin\CltMngSvc.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\SearchProtect\bin\FirefoxModule.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\SearchProtect\bin\InternetExplorerModule.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\SearchProtect\bin\SPHook32.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\SearchProtect\bin\SPRunner.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\SearchProtect\bin\uninstall.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\SearchProtect\bin\ChromeModule.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\SearchProtect\bin\cltmng.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\SearchProtect\bin\CltMngSvc.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\SearchProtect\bin\FirefoxModule.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\SearchProtect\bin\InternetExplorerModule.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\SearchProtect\bin\SPHook32.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\SearchProtect\bin\SPRunner.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\SearchProtect\bin\uninstall.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Local Settings\Temp\cltmng.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\8HXF8Z06\Setup[1].exe (PUP.Optional.LuckyLeap.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\SearchProtect\Dialogs\dialogsApi.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\SearchProtect\Dialogs\lib\jquery.min.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\SearchProtect\Dialogs\lib\json2.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\SearchProtect\Dialogs\spbd\bubble.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\SearchProtect\Dialogs\spbd\bubble.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\SearchProtect\Dialogs\spbd\main.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\SearchProtect\Dialogs\spbd\images\information.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\SearchProtect\Dialogs\spbd\images\x-default-LTR.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\SearchProtect\Dialogs\spbd\images\x-default-RTL.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\SearchProtect\Dialogs\spbd\images\x-mouseover-LTR.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\SearchProtect\Dialogs\spbd\images\x-mouseover-RTL.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\SearchProtect\Dialogs\spsd\main.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\SearchProtect\Dialogs\spsd\SearchProtector.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\SearchProtect\Dialogs\spsd\settings.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\SearchProtect\Dialogs\spsd\images\ok-button.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\SearchProtect\Dialogs\spsd\images\separation-line.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\SearchProtect\Dialogs\spsd\images\warning.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\SearchProtect\Dialogs\dialogsApi.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\SearchProtect\Dialogs\lib\jquery.min.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\SearchProtect\Dialogs\lib\json2.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\SearchProtect\Dialogs\spbd\bubble.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\SearchProtect\Dialogs\spbd\bubble.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\SearchProtect\Dialogs\spbd\main.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\SearchProtect\Dialogs\spbd\images\information.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\SearchProtect\Dialogs\spbd\images\x-default-LTR.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\SearchProtect\Dialogs\spbd\images\x-default-RTL.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\SearchProtect\Dialogs\spbd\images\x-mouseover-LTR.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\SearchProtect\Dialogs\spbd\images\x-mouseover-RTL.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\SearchProtect\Dialogs\spsd\main.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\SearchProtect\Dialogs\spsd\SearchProtector.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\SearchProtect\Dialogs\spsd\settings.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\SearchProtect\Dialogs\spsd\images\ok-button.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\SearchProtect\Dialogs\spsd\images\separation-line.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\SearchProtect\Dialogs\spsd\images\warning.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\SearchProtect\ffprotect\nsprotector.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\SearchProtect\ffprotect\abstraction.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest\Application Data\SearchProtect\ffprotect\application.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\SearchProtect\ffprotect\nsprotector.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\SearchProtect\ffprotect\abstraction.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\SearchProtect\ffprotect\application.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\SearchProtect\ffprotect\SProtectorRepository\EN (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\SearchProtect\ffprotect\SProtectorRepository\searchProtectorData (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\roboot.exe (PUP.Optional.PCPerformer.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Local Settings\Application Data\Google\Chrome\User Data\Default\bprotector web data (PUP.Optional.BProtector.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Local Settings\Application Data\Google\Chrome\User Data\Default\bprotectorpreferences (PUP.Optional.BProtector.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage (PUP.Optional.BrowserDefender.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.dat (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.ico (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setup.dll (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\PriceGong\Data\1.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\PriceGong\Data\a.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\PriceGong\Data\b.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\PriceGong\Data\c.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\PriceGong\Data\d.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\PriceGong\Data\e.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\PriceGong\Data\f.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\PriceGong\Data\g.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\PriceGong\Data\h.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\PriceGong\Data\i.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\PriceGong\Data\j.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\PriceGong\Data\k.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\PriceGong\Data\l.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\PriceGong\Data\m.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\PriceGong\Data\n.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\PriceGong\Data\o.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\PriceGong\Data\p.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\PriceGong\Data\q.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\PriceGong\Data\r.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\PriceGong\Data\s.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\PriceGong\Data\t.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\PriceGong\Data\u.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\PriceGong\Data\v.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\PriceGong\Data\w.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\PriceGong\Data\wlu.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\PriceGong\Data\x.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\PriceGong\Data\y.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Application Data\PriceGong\Data\z.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\PriceGong\Data\1.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\PriceGong\Data\a.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\PriceGong\Data\b.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\PriceGong\Data\c.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\PriceGong\Data\d.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\PriceGong\Data\e.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\PriceGong\Data\f.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\PriceGong\Data\g.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\PriceGong\Data\h.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\PriceGong\Data\i.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\PriceGong\Data\j.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\PriceGong\Data\k.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\PriceGong\Data\l.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\PriceGong\Data\m.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\PriceGong\Data\mru.xml (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\PriceGong\Data\n.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\PriceGong\Data\o.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\PriceGong\Data\p.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\PriceGong\Data\q.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\PriceGong\Data\r.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\PriceGong\Data\s.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\PriceGong\Data\t.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\PriceGong\Data\u.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\PriceGong\Data\v.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\PriceGong\Data\w.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\PriceGong\Data\wlu.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\PriceGong\Data\x.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\PriceGong\Data\y.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Terri\Application Data\PriceGong\Data\z.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.

(end)2013/10/28 09:32:16 -0700    RICKSTUBBS    Owner    MESSAGE    Starting protection
2013/10/28 09:32:16 -0700    RICKSTUBBS    Owner    MESSAGE    Protection started successfully
2013/10/28 09:32:16 -0700    RICKSTUBBS    Owner    MESSAGE    Starting IP protection
2013/10/28 09:37:15 -0700    RICKSTUBBS    Owner    MESSAGE    IP Protection started successfully
2013/10/28 09:38:32 -0700    RICKSTUBBS    Owner    MESSAGE    Starting database refresh
2013/10/28 09:38:33 -0700    RICKSTUBBS    Owner    MESSAGE    Stopping IP protection
2013/10/28 09:40:06 -0700    RICKSTUBBS    Owner    MESSAGE    IP Protection stopped successfully
2013/10/28 09:42:35 -0700    RICKSTUBBS    Owner    MESSAGE    Database refreshed successfully
2013/10/28 09:42:35 -0700    RICKSTUBBS    Owner    MESSAGE    Starting IP protection
2013/10/28 09:42:55 -0700    RICKSTUBBS    Owner    MESSAGE    IP Protection started successfully
2013/10/28 10:12:15 -0700    RICKSTUBBS    Owner    MESSAGE    Starting protection
2013/10/28 10:12:15 -0700    RICKSTUBBS    Owner    MESSAGE    Protection started successfully
2013/10/28 10:12:15 -0700    RICKSTUBBS    Owner    MESSAGE    Starting IP protection
2013/10/28 10:12:27 -0700    RICKSTUBBS    Owner    MESSAGE    IP Protection started successfully

 

Rkill 2.6.2 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/28/2013 10:26:24 AM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\WINDOWS\system32\IoctlSvc.exe (PID: 1192) [WD-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Reparse Point/Junctions Found (Most likely legitimate)!

     * C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a => C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492 [Dir]
     * C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Workflow.Compiler\v4.0_4.0.0.0__31bf3856ad364e35 => C:\WINDOWS\WinSxS\MSIL_Microsoft.Workflow.Compiler_31bf3856ad364e35_4.0.0.0_x-ww_97359ba5 [Dir]

Checking Windows Service Integrity:

 * No issues found.

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * HOSTS file entries found:

  127.0.0.1       localhost

Program finished at: 10/28/2013 10:27:54 AM
Execution time: 0 hours(s), 1 minute(s), and 29 seconds(s)




 


Edited by stubby97, 28 October 2013 - 12:30 PM.


#4 HydroLar

HydroLar

  • Members
  • 454 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Storrs, Connecticut USA
  • Local time:01:55 AM

Posted 28 October 2013 - 01:24 PM

Thanks for the logs Rick.  We still need the logs for the Farbar Service Scanner, Security Check and MiniToolBox.

 

What is your computer doing to make you think you have problems?

 


Posted Image
 
"The object of life is not to be on the side of the majority, but to escape finding oneself in the ranks of the insane." - Marcus Aurelius

#5 stubby97

stubby97
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:55 PM

Posted 28 October 2013 - 06:44 PM

 Results of screen317's Security Check version 0.99.74  
 Windows XP Service Pack 3 x86   
 Internet Explorer 8  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
Please wait while WMIC compiles updated MOF files.d
i
s
p
l
a
y
N
a
m
e
ECHO is off.
M
i
c
r
o
s
o
f
t
ECHO is off.
S
e
c
u
r
i
t
y
ECHO is off.
E
s
e
n
t
i
a
l
s
ECHO is off.
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:`````````
 Adobe Flash Player     11.9.900.117  
 Adobe Reader XI  
 Mozilla Firefox (24.0)
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe
 Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:: 7%
````````````````````End of Log``````````````````````
 

Farbar Service Scanner Version: 24-10-2013
Ran by Owner (administrator) on 28-10-2013 at 09:09:34
Running from "C:\Documents and Settings\Owner\My Documents\Downloads"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Other Services:
==============


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3)
0x0700000004000000030000000800000005000000060000000700000001000000
IpSec Tag value is correct.

**** End of log ****

MiniToolBox by Farbar  Version: 13-07-2013
Ran by Owner (administrator) on 28-10-2013 at 09:14:04
Running from "C:\Documents and Settings\Owner\My Documents\Downloads"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================


127.0.0.1       localhost

========================= IP Configuration: ================================

1394 Net Adapter = 1394 Connection (Connected)
D-Link AirPremier DWL-AG530 Wireless PCI Adapter = Wireless Network Connection (Connected)
Broadcom NetXtreme 57xx Gigabit Controller = Local Area Connection 2 (Media disconnected)


# ----------------------------------
# Interface IP Configuration         
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Wireless Network Connection"

set address name="Wireless Network Connection" source=dhcp
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp

# Interface IP Configuration for "Local Area Connection 2"

set address name="Local Area Connection 2" source=dhcp
set dns name="Local Area Connection 2" source=dhcp register=PRIMARY
set wins name="Local Area Connection 2" source=dhcp


popd
# End of interface IP configuration


Windows IP Configuration        Host Name . . . . . . . . . . . . : RickStubbs        Primary Dns Suffix  . . . . . . . :         Node Type . . . . . . . . . . . . : Unknown        IP Routing Enabled. . . . . . . . : No        WINS Proxy Enabled. . . . . . . . : No        DNS Suffix Search List. . . . . . : BelkinEthernet adapter Wireless Network Connection:        Connection-specific DNS Suffix  . : Belkin        Description . . . . . . . . . . . : D-Link AirPremier DWL-AG530 Wireless PCI Adapter        Physical Address. . . . . . . . . : 00-11-95-CA-ED-CB        Dhcp Enabled. . . . . . . . . . . : Yes        Autoconfiguration Enabled . . . . : Yes        IP Address. . . . . . . . . . . . : 192.168.2.14        Subnet Mask . . . . . . . . . . . : 255.255.255.0        Default Gateway . . . . . . . . . : 192.168.2.1        DHCP Server . . . . . . . . . . . : 192.168.2.1        DNS Servers . . . . . . . . . . . : 192.168.2.1        Lease Obtained. . . . . . . . . . : October 28, 2013 6:41:42 AM        Lease Expires . . . . . . . . . . : January 18, 2038 8:14:07 PMEthernet adapter Local Area Connection 2:        Media State . . . . . . . . . . . : Media disconnected        Description . . . . . . . . . . . : Broadcom NetXtreme 57xx Gigabit Controller        Physical Address. . . . . . . . . : 00-13-20-06-F3-93Server:  router.belkin
Address:  192.168.2.1

Name:    google.com
Addresses:  173.194.33.174, 173.194.33.168, 173.194.33.164, 173.194.33.165
      173.194.33.167, 173.194.33.166, 173.194.33.169, 173.194.33.160, 173.194.33.163
      173.194.33.161, 173.194.33.162

Pinging google.com [173.194.33.174] with 32 bytes of data:Reply from 173.194.33.174: bytes=32 time=11ms TTL=56Reply from 173.194.33.174: bytes=32 time=24ms TTL=57Ping statistics for 173.194.33.174:    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds:    Minimum = 11ms, Maximum = 24ms, Average = 17msServer:  router.belkin
Address:  192.168.2.1

Name:    yahoo.com
Addresses:  98.139.183.24, 206.190.36.45, 98.138.253.109

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:Reply from 98.139.183.24: bytes=32 time=106ms TTL=48Reply from 98.139.183.24: bytes=32 time=107ms TTL=48Ping statistics for 98.139.183.24:    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds:    Minimum = 106ms, Maximum = 107ms, Average = 106msPinging 127.0.0.1 with 32 bytes of data:Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Ping statistics for 127.0.0.1:    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds:    Minimum = 0ms, Maximum = 0ms, Average = 0ms===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 11 95 ca ed cb ...... D-Link AirPremier DWL-AG530 Wireless PCI Adapter - Packet Scheduler Miniport
0x3 ...00 13 20 06 f3 93 ...... Broadcom NetXtreme 57xx Gigabit Controller - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.2.1    192.168.2.14      25
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
      192.168.2.0    255.255.255.0     192.168.2.14    192.168.2.14      25
     192.168.2.14  255.255.255.255        127.0.0.1       127.0.0.1      25
    192.168.2.255  255.255.255.255     192.168.2.14    192.168.2.14      25
        224.0.0.0        240.0.0.0     192.168.2.14    192.168.2.14      25
  255.255.255.255  255.255.255.255     192.168.2.14               3      1
  255.255.255.255  255.255.255.255     192.168.2.14    192.168.2.14      1
Default Gateway:       192.168.2.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/28/2013 00:53:28 AM) (Source: Application Hang) (User: )
Description: Hanging application firefox.exe, version 24.0.0.5001, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (10/24/2013 06:17:44 AM) (Source: Application Error) (User: )
Description: Faulting application outlook.exe, version 11.0.5510.0, faulting module kernel32.dll, version 5.1.2600.6293, fault address 0x00012fd3.
Processing media-specific event for [outlook.exe!ws!]

Error: (10/22/2013 11:17:15 PM) (Source: Application Error) (User: )
Description: Faulting application msimn.exe, version 6.0.2900.5512, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [msimn.exe!ws!]

Error: (10/20/2013 09:34:25 AM) (Source: Microsoft Security Client) (User: )
Description: mssecurityclientmsseces.exe4.3.219.00x80508018scheduledscancmainwindow__onautoscancomplete0security essentialsNILNILNIL

Error: (10/20/2013 06:06:06 AM) (Source: Microsoft Security Client) (User: )
Description: mssecurityclientmsseces.exe4.3.219.00x80508018scheduledscancmainwindow__onautoscancomplete0security essentialsNILNILNIL

Error: (10/20/2013 04:54:15 AM) (Source: Microsoft Security Client) (User: )
Description: mssecurityclientsetup.exe4.3.219.00x80004002morrobootstraper__cinstallflow__internalrun - getenablefirewallactionmorrobootstraper__cflow__processflowactionresult0security essentialsNILNILNIL

Error: (10/20/2013 04:54:06 AM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 0x80070003, P2 moac, P3 cachereset, P4 4.3.219.0, P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (10/19/2013 08:47:45 PM) (Source: Application Error) (User: )
Description: Faulting application outlook.exe, version 11.0.5510.0, faulting module kernel32.dll, version 5.1.2600.6293, fault address 0x00012fd3.
Processing media-specific event for [outlook.exe!ws!]

Error: (10/19/2013 08:24:06 PM) (Source: CltMngSvc) (User: )
Description: CltMngSvcServiceDelete: failed to OpenService (Error: 1060)

Error: (10/14/2013 01:26:01 PM) (Source: Application Hang) (User: )
Description: Hanging application FlashPlayerApp.exe, version 11.9.900.117, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


System errors:
=============
Error: (10/27/2013 03:29:29 AM) (Source: 0) (User: )
Description: \Device\Ide\iaStor0

Error: (10/25/2013 06:57:38 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the ShellHWDetection service.

Error: (10/25/2013 06:57:38 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the WZCSVC service.

Error: (10/22/2013 09:50:29 PM) (Source: Service Control Manager) (User: )
Description: The Computer Backup (MyPC Backup) service terminated unexpectedly.  It has done this 1 time(s).

Error: (10/22/2013 02:57:59 PM) (Source: Print) (User: RICKSTUBBS)
Description: The document 5 generations.jpg owned by Owner failed to print on printer Lexmark 5200 Series. Data type: LEMF. Size of the spool file in bytes: 2029617. Number of bytes printed: 2029617. Total number of pages in the document: 1. Number of pages printed: 0. Client machine: \\RICKSTUBBS. Win32 error code returned by the print processor: 5 generations.jpg0. 5 generations.jpg1

Error: (10/21/2013 04:22:13 AM) (Source: 0) (User: )
Description: \Device\Ide\iaStor0

Error: (10/21/2013 03:55:25 AM) (Source: 0) (User: )
Description: \Device\Ide\iaStor0

Error: (10/21/2013 03:35:38 AM) (Source: 0) (User: )
Description: \Device\Ide\iaStor0

Error: (10/21/2013 03:23:08 AM) (Source: 0) (User: )
Description: \Device\Ide\iaStor0

Error: (10/20/2013 04:19:34 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {7F6316B4-4D69-4765-B0A3-B2598F2FA80A} did not register with DCOM within the required timeout.


Microsoft Office Sessions:
=========================
Error: (10/28/2013 00:53:28 AM) (Source: Application Hang)(User: )
Description: firefox.exe24.0.0.5001hungapp0.0.0.000000000

Error: (10/24/2013 06:17:44 AM) (Source: Application Error)(User: )
Description: outlook.exe11.0.5510.0kernel32.dll5.1.2600.629300012fd3

Error: (10/22/2013 11:17:15 PM) (Source: Application Error)(User: )
Description: msimn.exe6.0.2900.5512unknown0.0.0.000000000

Error: (10/20/2013 09:34:25 AM) (Source: Microsoft Security Client)(User: )
Description: mssecurityclientmsseces.exe4.3.219.00x80508018scheduledscancmainwindow__onautoscancomplete0security essentialsNILNILNIL

Error: (10/20/2013 06:06:06 AM) (Source: Microsoft Security Client)(User: )
Description: mssecurityclientmsseces.exe4.3.219.00x80508018scheduledscancmainwindow__onautoscancomplete0security essentialsNILNILNIL

Error: (10/20/2013 04:54:15 AM) (Source: Microsoft Security Client)(User: )
Description: mssecurityclientsetup.exe4.3.219.00x80004002morrobootstraper__cinstallflow__internalrun - getenablefirewallactionmorrobootstraper__cflow__processflowactionresult0security essentialsNILNILNIL

Error: (10/20/2013 04:54:06 AM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry0x80070003moaccachereset4.3.219.0unspecifiedunspecifiedunspecifiedNILNILNIL

Error: (10/19/2013 08:47:45 PM) (Source: Application Error)(User: )
Description: outlook.exe11.0.5510.0kernel32.dll5.1.2600.629300012fd3

Error: (10/19/2013 08:24:06 PM) (Source: CltMngSvc)(User: )
Description: CltMngSvcServiceDelete: failed to OpenService (Error: 1060)

Error: (10/14/2013 01:26:01 PM) (Source: Application Hang)(User: )
Description: FlashPlayerApp.exe11.9.900.117hungapp0.0.0.000000000


=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
Adobe Reader XI (11.0.05) (Version: 11.0.05)
Adobe Shockwave Player 12.0 (Version: 12.0.4.144)
ATI - Software Uninstall Utility (Version: 6.14.10.1010)
ATI Control Panel (Version: 6.14.10.5120)
ATI Display Driver (Version: 8.051-040825a-019641C-Dell)
FileZilla Client 3.6.0.2 (Version: 3.6.0.2)
Junk Mail filter update (Version: 14.0.8117.416)
KODAK Share Button App (Version: 4.05.0000.0000)
Lexmark 5200 Series
Microsoft .NET Framework 1.0 Hotfix (KB2604042)
Microsoft .NET Framework 1.0 Hotfix (KB2656378)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.0 Security Update (KB2698035)
Microsoft .NET Framework 1.0 Security Update (KB2742607)
Microsoft .NET Framework 1.0 Security Update (KB2833951)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Security Client (Version: 4.3.0219.0)
Microsoft Security Essentials (Version: 4.3.219.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (Version: 9.0.21022.218)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.40303)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.40308)
Mozilla Firefox 24.0 (x86 en-US) (Version: 24.0)
Mozilla Maintenance Service (Version: 24.0)
MSN
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6 Service Pack 2 (KB954459) (Version: 6.20.1099.0)
MySQL Connector/ODBC 3.51 (Version: 3.51.28)
Nero 7 Essentials (Version: 7.03.1152)
neroxml (Version: 1.0.0)
OpenOffice 4.0.1 (Version: 4.01.9714)
PowerDVD (Version: 7.0.3409.a)
PowerProducer
RPS CADR (Version: 9.0.54)
RPS CRT (Version: 9.0.54)
SAMSUNG Intelli-studio
Segoe UI (Version: 14.0.4327.805)
Sonic Encoders (Version: 1.00)
SoundMAX (Version: 5.12.01.5246)
swMSM (Version: 12.0.0.1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows Internet Explorer 8 (KB2632503) (Version: 1)
Update for Windows Media Player 10 (KB913800)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2492386) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB2863058) (Version: 1)
Update for Windows XP (KB943729)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB961503) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Update Rollup 2 for Windows XP Media Center Edition 2005
WebFldrs XP (Version: 9.50.7523)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Imaging Component (Version: 3.0.0.0)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Mail (Version: 14.0.8117.0416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Photo Gallery (Version: 14.0.8117.416)
Windows Live Writer (Version: 14.0.8117.0416)
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB2619340
Windows XP Media Center Edition 2005 KB2628259
Windows XP Media Center Edition 2005 KB925766
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3 (Version: 20080414.031525)
WinZip Registry Optimizer (Version: 1.0)
Yahoo! Software Update

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 64%
Total physical RAM: 1022.09 MB
Available physical RAM: 365.11 MB
Total Pagefile: 2458.2 MB
Available Pagefile: 1941.48 MB
Total Virtual: 2047.88 MB
Available Virtual: 1971.21 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:367.91 GB) (Free:335.98 GB) NTFS
3 Drive d: () (Fixed) (Total:367.91 GB) (Free:300.23 GB) NTFS

========================= Users: ========================================

User accounts for \\RICKSTUBBS

Administrator            ASPNET                   Guest                    
HelpAssistant            Owner                    SUPPORT_388945a0         
Terri                    


**** End of log ****
 



#6 HydroLar

HydroLar

  • Members
  • 454 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Storrs, Connecticut USA
  • Local time:01:55 AM

Posted 28 October 2013 - 07:52 PM

Rick,

I don't see anything that really stands out. We did get rid of a lot of adware, spyware and borderline malware so you may notice a difference in how your computer is acting.

I would like to do a more comprehensive check for a rootkit then we can hit the remaining junkware and adware head on. So....

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.

Posted Image
 
"The object of life is not to be on the side of the majority, but to escape finding oneself in the ranks of the insane." - Marcus Aurelius

#7 stubby97

stubby97
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:55 PM

Posted 28 October 2013 - 11:37 PM

18:06:48.0671 0x01a0  TDSS rootkit removing tool 3.0.0.14 Oct 15 2013 15:35:38
18:06:56.0234 0x01a0  ============================================================
18:06:56.0234 0x01a0  Current date / time: 2013/10/28 18:06:56.0234
18:06:56.0234 0x01a0  SystemInfo:
18:06:56.0250 0x01a0  
18:06:56.0250 0x01a0  OS Version: 5.1.2600 ServicePack: 3.0
18:06:56.0250 0x01a0  Product type: Workstation
18:06:56.0250 0x01a0  ComputerName: RICKSTUBBS
18:06:56.0250 0x01a0  UserName: Owner
18:06:56.0250 0x01a0  Windows directory: C:\WINDOWS
18:06:56.0250 0x01a0  System windows directory: C:\WINDOWS
18:06:56.0250 0x01a0  Processor architecture: Intel x86
18:06:56.0250 0x01a0  Number of processors: 1
18:06:56.0250 0x01a0  Page size: 0x1000
18:06:56.0250 0x01a0  Boot type: Normal boot
18:06:56.0250 0x01a0  ============================================================
18:07:04.0140 0x01a0  System UUID: {9F467B6A-0818-5EBB-1A05-ED293908D08A}
18:07:07.0546 0x01a0  Drive \Device\Harddisk0\DR0 - Size: 0x5D27216000 (372.61 Gb), SectorSize: 0x200, Cylinders: 0xBE01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:07:07.0562 0x01a0  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:07:07.0578 0x01a0  ============================================================
18:07:07.0578 0x01a0  \Device\Harddisk0\DR0:
18:07:07.0578 0x01a0  MBR partitions:
18:07:07.0578 0x01a0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B747, BlocksNum 0x2DFD389C
18:07:07.0578 0x01a0  \Device\Harddisk1\DR1:
18:07:07.0578 0x01a0  MBR partitions:
18:07:07.0578 0x01a0  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x1B747, BlocksNum 0x2DFD389C
18:07:07.0578 0x01a0  ============================================================
18:07:07.0687 0x01a0  C: <-> \Device\Harddisk0\DR0\Partition1
18:07:07.0703 0x01a0  D: <-> \Device\Harddisk1\DR1\Partition1
18:07:07.0718 0x01a0  ============================================================
18:07:07.0718 0x01a0  Initialize success
18:07:07.0718 0x01a0  ============================================================
18:08:06.0203 0x0a00  ============================================================
18:08:06.0203 0x0a00  Scan started
18:08:06.0203 0x0a00  Mode: Manual;
18:08:06.0203 0x0a00  ============================================================
18:08:06.0203 0x0a00  KSN ping started
18:08:09.0375 0x0a00  KSN ping finished: true
18:08:09.0609 0x0a00  ================ Scan system memory ========================
18:08:09.0609 0x0a00  System memory - ok
18:08:09.0609 0x0a00  ================ Scan services =============================
18:08:09.0828 0x0a00  [ 21AF8E9C727C6D7643AD497268F55BF1, 1C1E446C72A41420F841C1B1F271E436A5C6BE595CAF561CE61D1508E01B541B ] A3AB            C:\WINDOWS\system32\DRIVERS\A3AB.sys
18:08:09.0859 0x0a00  A3AB - ok
18:08:10.0015 0x0a00  Abiosdsk - ok
18:08:10.0109 0x0a00  [ 6ABB91494FE6C59089B9336452AB2EA3, FA28396820E44F991891042E051A4414485B54D456F252E03E3FFE1B4B4CF843 ] abp480n5        C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
18:08:10.0109 0x0a00  abp480n5 - ok
18:08:10.0187 0x0a00  [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:08:10.0187 0x0a00  ACPI - ok
18:08:10.0218 0x0a00  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
18:08:10.0250 0x0a00  ACPIEC - ok
18:08:10.0343 0x0a00  [ A283108E14F3970432C21AF4C0CB1BCE, 1D3219EF916D54232838870EDE557296AACB714B456ED0AAE0DE3CE3822F4643 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:08:10.0390 0x0a00  AdobeFlashPlayerUpdateSvc - ok
18:08:10.0406 0x0a00  [ 9A11864873DA202C996558B2106B0BBC, 4C68F1DBD1541291DD0FAB78DB42B25FA051CD9F55ED869173E3219CD31500C4 ] adpu160m        C:\WINDOWS\system32\DRIVERS\adpu160m.sys
18:08:10.0421 0x0a00  adpu160m - ok
18:08:10.0437 0x0a00  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
18:08:10.0453 0x0a00  aec - ok
18:08:10.0500 0x0a00  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
18:08:10.0515 0x0a00  AFD - ok
18:08:10.0562 0x0a00  [ 08FD04AA961BDC77FB983F328334E3D7, A784EC8A9EDB579262366B5A9AB177DB7BEC0A421BDE85431D0AD4959D5AF5E7 ] agp440          C:\WINDOWS\system32\DRIVERS\agp440.sys
18:08:10.0562 0x0a00  agp440 - ok
18:08:10.0578 0x0a00  [ 03A7E0922ACFE1B07D5DB2EEB0773063, 93EEA872A5642C95FF19C81F8EFFB9B52742A14DBF138784F0F713AD18C413ED ] agpCPQ          C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
18:08:10.0578 0x0a00  agpCPQ - ok
18:08:10.0593 0x0a00  [ C23EA9B5F46C7F7910DB3EAB648FF013, 92C84E9AF278A3B55D56C4F8E6C10E3EF1F7B336A44A018AED6DC51A46671F0B ] Aha154x         C:\WINDOWS\system32\DRIVERS\aha154x.sys
18:08:10.0593 0x0a00  Aha154x - ok
18:08:10.0625 0x0a00  [ 19DD0FB48B0C18892F70E2E7D61A1529, 95BA1568E8E08314508CA0E1F95555891E70399AEC312C793B46A841F56FFDCF ] aic78u2         C:\WINDOWS\system32\DRIVERS\aic78u2.sys
18:08:10.0625 0x0a00  aic78u2 - ok
18:08:10.0656 0x0a00  [ B7FE594A7468AA0132DEB03FB8E34326, BF0DC2B8C474DB151589BA9968264413521DDD9E7316B752B2FA40C24200FBE0 ] aic78xx         C:\WINDOWS\system32\DRIVERS\aic78xx.sys
18:08:10.0656 0x0a00  aic78xx - ok
18:08:10.0687 0x0a00  [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
18:08:10.0687 0x0a00  Alerter - ok
18:08:10.0718 0x0a00  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             C:\WINDOWS\System32\alg.exe
18:08:10.0718 0x0a00  ALG - ok
18:08:10.0734 0x0a00  [ 1140AB9938809700B46BB88E46D72A96, 369379ECC5941ACE984A7F31EAABB66A2E693EDBADA639B86D26FD681D45608E ] AliIde          C:\WINDOWS\system32\DRIVERS\aliide.sys
18:08:10.0734 0x0a00  AliIde - ok
18:08:10.0750 0x0a00  [ CB08AED0DE2DD889A8A820CD8082D83C, B1A9D493390AEDF6EFF8BCAA3B33EC31758452AB497C34C0728CDDA1D8DCBF2A ] alim1541        C:\WINDOWS\system32\DRIVERS\alim1541.sys
18:08:10.0750 0x0a00  alim1541 - ok
18:08:10.0765 0x0a00  [ 95B4FB835E28AA1336CEEB07FD5B9398, 36CD3B14EF78B01FB653B78187FAA63C4DD5F4137AC3B91D81256A350EEDCBC1 ] amdagp          C:\WINDOWS\system32\DRIVERS\amdagp.sys
18:08:10.0765 0x0a00  amdagp - ok
18:08:10.0781 0x0a00  [ 79F5ADD8D24BD6893F2903A3E2F3FAD6, 9B179F0B6A559639D3AE3975CEBF2718294BE5743517BEE06586F0D258164C81 ] amsint          C:\WINDOWS\system32\DRIVERS\amsint.sys
18:08:10.0781 0x0a00  amsint - ok
18:08:10.0828 0x0a00  [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
18:08:10.0828 0x0a00  AppMgmt - ok
18:08:10.0859 0x0a00  [ B5B8A80875C1DEDEDA8B02765642C32F, AD0C71D73B1B8225351FBF4FFB43001A32B4DAE69504C59970CD2428BB33D4EF ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
18:08:10.0859 0x0a00  Arp1394 - ok
18:08:10.0875 0x0a00  [ 62D318E9A0C8FC9B780008E724283707, 1A69806AB2BDECCEB5EB23A80700B3F98983D5D67F78839CBF269087FA460757 ] asc             C:\WINDOWS\system32\DRIVERS\asc.sys
18:08:10.0875 0x0a00  asc - ok
18:08:10.0890 0x0a00  [ 69EB0CC7714B32896CCBFD5EDCBEA447, 1CB506B5F71F84EFD26961010681D0A79AA7B266573378E3D2755125DF5D6BB6 ] asc3350p        C:\WINDOWS\system32\DRIVERS\asc3350p.sys
18:08:10.0890 0x0a00  asc3350p - ok
18:08:10.0890 0x0a00  [ 5D8DE112AA0254B907861E9E9C31D597, 557C93E82A71131D226267151C84B197503831A16263DDFE040E996B605CA9E8 ] asc3550         C:\WINDOWS\system32\DRIVERS\asc3550.sys
18:08:10.0906 0x0a00  asc3550 - ok
18:08:11.0062 0x0a00  [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
18:08:11.0109 0x0a00  aspnet_state - ok
18:08:11.0125 0x0a00  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:08:11.0140 0x0a00  AsyncMac - ok
18:08:11.0171 0x0a00  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
18:08:11.0171 0x0a00  atapi - ok
18:08:11.0187 0x0a00  Atdisk - ok
18:08:11.0250 0x0a00  [ 4DEAA162480367B232F3EE3A6D34084B, EC77589E17B1660284FB6F903F715F71D371401D5DAB6D6CAADC7C9FA23F5191 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
18:08:11.0281 0x0a00  Ati HotKey Poller - ok
18:08:11.0406 0x0a00  [ F0D0B0CDEC0BE32D775F404CAC2604BF, 6806FB0A20898CF9AFD7E7C2F8A85A22C5082C8A9E205ADC5BFC65F9F5A3DA88 ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
18:08:11.0437 0x0a00  ati2mtag - ok
18:08:11.0515 0x0a00  [ 34E74FAB657DC47031330DFA30EE7E38, EC5DA4CACFADB15C3024DA6AE538AABEDF4EBC335237EF2878175BAB98021CF1 ] atinewp2        C:\WINDOWS\system32\DRIVERS\atinewp2.sys
18:08:11.0531 0x0a00  atinewp2 - ok
18:08:11.0562 0x0a00  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:08:11.0578 0x0a00  Atmarpc - ok
18:08:11.0656 0x0a00  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
18:08:11.0656 0x0a00  AudioSrv - ok
18:08:11.0703 0x0a00  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
18:08:11.0718 0x0a00  audstub - ok
18:08:11.0750 0x0a00  [ 4826FCF97C47B361A2E2F68CD487A19E, C9DA912C3EE76D62E8ABE9FB232951CEE577CD598995C707C2152B4F6BDA6610 ] b57w2k          C:\WINDOWS\system32\DRIVERS\b57xp32.sys
18:08:11.0765 0x0a00  b57w2k - ok
18:08:11.0796 0x0a00  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
18:08:11.0796 0x0a00  Beep - ok
18:08:11.0875 0x0a00  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            C:\WINDOWS\system32\qmgr.dll
18:08:11.0937 0x0a00  BITS - ok
18:08:12.0000 0x0a00  [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser         C:\WINDOWS\System32\browser.dll
18:08:12.0015 0x0a00  Browser - ok
18:08:12.0031 0x0a00  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf           C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
18:08:12.0031 0x0a00  cbidf - ok
18:08:12.0046 0x0a00  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
18:08:12.0046 0x0a00  cbidf2k - ok
18:08:12.0078 0x0a00  [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
18:08:12.0078 0x0a00  CCDECODE - ok
18:08:12.0109 0x0a00  [ F3EC03299634490E97BBCE94CD2954C7, CDC85ADA27E0D501581CE6F28D7E1941E90411FA8E8F2C43A68BAA8CB78E85DD ] cd20xrnt        C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
18:08:12.0109 0x0a00  cd20xrnt - ok
18:08:12.0125 0x0a00  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
18:08:12.0125 0x0a00  Cdaudio - ok
18:08:12.0125 0x0a00  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
18:08:12.0140 0x0a00  Cdfs - ok
18:08:12.0171 0x0a00  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:08:12.0171 0x0a00  Cdrom - ok
18:08:12.0171 0x0a00  Changer - ok
18:08:12.0234 0x0a00  [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
18:08:12.0234 0x0a00  CiSvc - ok
18:08:12.0265 0x0a00  [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
18:08:12.0281 0x0a00  ClipSrv - ok
18:08:12.0375 0x0a00  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:08:12.0375 0x0a00  clr_optimization_v2.0.50727_32 - ok
18:08:12.0437 0x0a00  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:08:12.0562 0x0a00  clr_optimization_v4.0.30319_32 - ok
18:08:12.0593 0x0a00  [ E5DCB56C533014ECBC556A8357C929D5, B2915C0C07EDBA59C5D02680804C4C2DE099D73DE0D0DD0CDA748F34F11057E0 ] CmdIde          C:\WINDOWS\system32\DRIVERS\cmdide.sys
18:08:12.0593 0x0a00  CmdIde - ok
18:08:12.0656 0x0a00  [ 1EF05B641E9A67DED74AC8AD40055DBF, A27C22D785BBD3A92D686CD6C7BE6992A6BC0EE4F832F4934D11E2D2263421FF ] COMMONFX.DLL    C:\WINDOWS\system32\COMMONFX.DLL
18:08:12.0656 0x0a00  COMMONFX.DLL - ok
18:08:12.0671 0x0a00  COMSysApp - ok
18:08:12.0703 0x0a00  [ 3EE529119EED34CD212A215E8C40D4B6, A6B71F3D4EE7358CA85F010E6271A6B72226D25DF30ED331DA830639ED3E9903 ] Cpqarray        C:\WINDOWS\system32\DRIVERS\cpqarray.sys
18:08:12.0703 0x0a00  Cpqarray - ok
18:08:12.0765 0x0a00  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
18:08:12.0765 0x0a00  CryptSvc - ok
18:08:12.0812 0x0a00  [ 6191A973461852A09D643609E1D5F7C6, 66D731C335B8A6CA225B8B5CCB4B89B1920928322E2483D4CAF2CF250606A917 ] CT20XUT.DLL     C:\WINDOWS\system32\CT20XUT.DLL
18:08:12.0812 0x0a00  CT20XUT.DLL - ok
18:08:12.0875 0x0a00  [ 8AC5F77E30E37D2D11BD99EFF0C53D8C, 0A10560ED02CF1760506241ABFC7BB10C39516D1373C8991BFBF956C1C1FE5E0 ] ctac32k         C:\WINDOWS\system32\drivers\ctac32k.sys
18:08:12.0906 0x0a00  ctac32k - ok
18:08:12.0953 0x0a00  [ 673241D314E932F4890509AE8EBF26DB, C739993F99F2BABFF831CA116A683C2C452F834DFC61B3850063FF41E7BE71EC ] ctaud2k         C:\WINDOWS\system32\drivers\ctaud2k.sys
18:08:12.0968 0x0a00  ctaud2k - ok
18:08:13.0062 0x0a00  [ 472B82D7E549E7FAB428852E4D16F21D, D79E9806ABDA55185337469FB612012913B5D9F5213F9C10F448F2AD6BACA2A2 ] CTAUDFX.DLL     C:\WINDOWS\system32\CTAUDFX.DLL
18:08:13.0093 0x0a00  CTAUDFX.DLL - ok
18:08:13.0140 0x0a00  [ ED316D4C3D39C5B6C23DE067E275C183, 9CF974809CAA573407D30D838EC339F6BCD9A164464A764EE473C82F43AF84B2 ] ctdvda2k        C:\WINDOWS\system32\drivers\ctdvda2k.sys
18:08:13.0156 0x0a00  ctdvda2k - ok
18:08:13.0187 0x0a00  [ 6A57F82009563AEE8826F117E1D3C72C, C1D8E5AF7571B01C039B431862F5937F1315996D8039F48780E856F7640A99D1 ] CTEAPSFX.DLL    C:\WINDOWS\system32\CTEAPSFX.DLL
18:08:13.0187 0x0a00  CTEAPSFX.DLL - ok
18:08:13.0218 0x0a00  [ C8AC1FFAEADD655193D7B1811A572D8D, 708A16A6A642F5A21FDFA478964B4D428ACA329CBE6308BAB3759B5C058955E2 ] CTEDSPFX.DLL    C:\WINDOWS\system32\CTEDSPFX.DLL
18:08:13.0234 0x0a00  CTEDSPFX.DLL - ok
18:08:13.0265 0x0a00  [ 44495D9DAF675257D00B25B041EE6667, 23123D90B9C6E42FE3871D0F417A413BC5515543B9F380D158D523806E29401B ] CTEDSPIO.DLL    C:\WINDOWS\system32\CTEDSPIO.DLL
18:08:13.0281 0x0a00  CTEDSPIO.DLL - ok
18:08:13.0343 0x0a00  [ 8E90B1762CB42E2FC76DAC9210C83C66, 3F9FABCC92F10234D86E75B5FBC97096FF5EF49694B20B8A425F063C03368F86 ] CTEDSPSY.DLL    C:\WINDOWS\system32\CTEDSPSY.DLL
18:08:13.0359 0x0a00  CTEDSPSY.DLL - ok
18:08:13.0390 0x0a00  [ D3FBD9983325435B06795F29CB57ED3D, 61649EC01E15F9D3A91428FB4150C5441F9C568A04C3389F1E7A2F4217B938C0 ] CTERFXFX.DLL    C:\WINDOWS\system32\CTERFXFX.DLL
18:08:13.0390 0x0a00  CTERFXFX.DLL - ok
18:08:13.0484 0x0a00  [ 2C48E9D8CA703964463F27AE341115B7, 7EB81214200A4ED6BFAFC7F1CC70353F136BEF8CA55953EF554C73FD78357885 ] CTEXFIFX.DLL    C:\WINDOWS\system32\CTEXFIFX.DLL
18:08:13.0531 0x0a00  CTEXFIFX.DLL - ok
18:08:13.0562 0x0a00  [ F7657C598E7C29C6683C1E4A8DD68884, 84EA9946F00141A839C42FE19DB9B3A589433E472D26D6126D084B7F217B2642 ] CTHWIUT.DLL     C:\WINDOWS\system32\CTHWIUT.DLL
18:08:13.0578 0x0a00  CTHWIUT.DLL - ok
18:08:13.0609 0x0a00  [ 34E7F8A499FD8361DF14FEDB724C0AD3, 57AB7DEA85308FF262B9E566C1F1B00D984E2558F4461E1AF8FE7C4D56876E77 ] ctprxy2k        C:\WINDOWS\system32\drivers\ctprxy2k.sys
18:08:13.0609 0x0a00  ctprxy2k - ok
18:08:13.0640 0x0a00  [ 679AE21EB7F48A08184813AEBABDEC7C, 48551B1D9263F92FCAB3110ADDAE79D646391140281577E60175D3BF74CE7F24 ] CTSBLFX.DLL     C:\WINDOWS\system32\CTSBLFX.DLL
18:08:13.0671 0x0a00  CTSBLFX.DLL - ok
18:08:13.0703 0x0a00  [ 32098497CB4DFE9EA7660FA62DD91060, 4C5B942AE1EDB1444FDE074A8889074003D343B013BEE28D3AE450BAA4C89D65 ] ctsfm2k         C:\WINDOWS\system32\drivers\ctsfm2k.sys
18:08:13.0703 0x0a00  ctsfm2k - ok
18:08:13.0781 0x0a00  [ E550E7418984B65A78299D248F0A7F36, 52F6BD1027E91F9A90AFAB82C7F2A0314B7E55262F5293D5F9F8F12135EDD88C ] dac2w2k         C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
18:08:13.0781 0x0a00  dac2w2k - ok
18:08:13.0796 0x0a00  [ 683789CAA3864EB46125AE86FF677D34, B725D026E069AD253192E21245260CBA44EF3C72781616A2CAD0BF0E2D86D510 ] dac960nt        C:\WINDOWS\system32\DRIVERS\dac960nt.sys
18:08:13.0796 0x0a00  dac960nt - ok
18:08:13.0875 0x0a00  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
18:08:13.0890 0x0a00  DcomLaunch - ok
18:08:13.0968 0x0a00  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
18:08:13.0968 0x0a00  Dhcp - ok
18:08:13.0984 0x0a00  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
18:08:13.0984 0x0a00  Disk - ok
18:08:14.0000 0x0a00  dmadmin - ok
18:08:14.0062 0x0a00  [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
18:08:14.0109 0x0a00  dmboot - ok
18:08:14.0125 0x0a00  [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
18:08:14.0125 0x0a00  dmio - ok
18:08:14.0140 0x0a00  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
18:08:14.0140 0x0a00  dmload - ok
18:08:14.0187 0x0a00  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        C:\WINDOWS\System32\dmserver.dll
18:08:14.0187 0x0a00  dmserver - ok
18:08:14.0203 0x0a00  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
18:08:14.0203 0x0a00  DMusic - ok
18:08:14.0250 0x0a00  [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
18:08:14.0250 0x0a00  Dnscache - ok
18:08:14.0296 0x0a00  [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
18:08:14.0296 0x0a00  Dot3svc - ok
18:08:14.0328 0x0a00  [ 40F3B93B4E5B0126F2F5C0A7A5E22660, 8AFFF28903037F5E36BB5352F2B236A217558FCC0146B23C787606C3F21243DB ] dpti2o          C:\WINDOWS\system32\DRIVERS\dpti2o.sys
18:08:14.0343 0x0a00  dpti2o - ok
18:08:14.0390 0x0a00  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
18:08:14.0390 0x0a00  drmkaud - ok
18:08:14.0421 0x0a00  [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         C:\WINDOWS\System32\eapsvc.dll
18:08:14.0421 0x0a00  EapHost - ok
18:08:14.0515 0x0a00  [ 5D1347AA5AE6E2F77D7F4F8372D95AC9, F3CA10753B7D76C87A71A0FEDB5EACE77E2E10E8DD44BEE7C66BCE17BD3EFD71 ] ehRecvr         C:\WINDOWS\eHome\ehRecvr.exe
18:08:14.0515 0x0a00  ehRecvr - ok
18:08:14.0578 0x0a00  [ A53243709439AC2A4C216B817F8D7411, AF4624EEA9B165DE873B7D104D1EA3BE9A14BBC5B4CABE26544F90B78689EEF9 ] ehSched         C:\WINDOWS\eHome\ehSched.exe
18:08:14.0578 0x0a00  ehSched - ok
18:08:14.0609 0x0a00  [ 2885F72D2DAFFD0329272F12E16D6579, 2F847799C692419F2A4EBF97272ECB5F99FD5AB6172A2F4BE2655442CA6360B2 ] emupia          C:\WINDOWS\system32\drivers\emupia2k.sys
18:08:14.0609 0x0a00  emupia - ok
18:08:14.0640 0x0a00  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
18:08:14.0640 0x0a00  ERSvc - ok
18:08:14.0687 0x0a00  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog        C:\WINDOWS\system32\services.exe
18:08:14.0718 0x0a00  Eventlog - ok
18:08:14.0765 0x0a00  [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem     C:\WINDOWS\system32\es.dll
18:08:14.0781 0x0a00  EventSystem - ok
18:08:14.0796 0x0a00  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
18:08:14.0812 0x0a00  Fastfat - ok
18:08:14.0875 0x0a00  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
18:08:14.0875 0x0a00  FastUserSwitchingCompatibility - ok
18:08:14.0937 0x0a00  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
18:08:14.0937 0x0a00  Fdc - ok
18:08:14.0968 0x0a00  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
18:08:14.0968 0x0a00  Fips - ok
18:08:14.0984 0x0a00  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
18:08:14.0984 0x0a00  Flpydisk - ok
18:08:15.0062 0x0a00  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
18:08:15.0062 0x0a00  FltMgr - ok
18:08:15.0156 0x0a00  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
18:08:15.0171 0x0a00  FontCache3.0.0.0 - ok
18:08:15.0203 0x0a00  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:08:15.0203 0x0a00  Fs_Rec - ok
18:08:15.0218 0x0a00  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:08:15.0218 0x0a00  Ftdisk - ok
18:08:15.0250 0x0a00  [ 065639773D8B03F33577F6CDAEA21063, F20D0F3256F5F894CCA48755B23679619B5D02A0F64A142FC6CB619FC0952067 ] gameenum        C:\WINDOWS\system32\DRIVERS\gameenum.sys
18:08:15.0250 0x0a00  gameenum - ok
18:08:15.0281 0x0a00  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:08:15.0281 0x0a00  Gpc - ok
18:08:15.0375 0x0a00  [ DA2C735B66D2E7B739F9A46146581A9D, 6687721ED7EB80092B165F3E4FD08425CE74BFC39F4AA0B2A6144007B8992AB1 ] ha10kx2k        C:\WINDOWS\system32\drivers\ha10kx2k.sys
18:08:15.0406 0x0a00  ha10kx2k - ok
18:08:15.0437 0x0a00  [ 5C7D6D68796E4621B4168C879908DAE0, EE2FE26A2FBA7CC6935DA08C5D212C08ABF48C6C6E06CFDF408B49589BA501F7 ] hap16v2k        C:\WINDOWS\system32\drivers\hap16v2k.sys
18:08:15.0453 0x0a00  hap16v2k - ok
18:08:15.0484 0x0a00  [ A595B88AD16D8B5693DDF08113CAF30E, B46ECF3C26065374593C87A3CE305FACEB5B5B4B0F994C7895F25332703E8FC2 ] hap17v2k        C:\WINDOWS\system32\drivers\hap17v2k.sys
18:08:15.0500 0x0a00  hap17v2k - ok
18:08:15.0593 0x0a00  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:08:15.0593 0x0a00  helpsvc - ok
18:08:15.0640 0x0a00  [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ         C:\WINDOWS\System32\hidserv.dll
18:08:15.0656 0x0a00  HidServ - ok
18:08:15.0656 0x0a00  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:08:15.0671 0x0a00  HidUsb - ok
18:08:15.0718 0x0a00  [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
18:08:15.0718 0x0a00  hkmsvc - ok
18:08:15.0796 0x0a00  [ B028377DEA0546A5FCFBA928A8AEFAE0, FD7B34A6036AD443014B16394A5F051A298CEE4276D50525FB9F15A0D2684C8B ] hpn             C:\WINDOWS\system32\DRIVERS\hpn.sys
18:08:15.0796 0x0a00  hpn - ok
18:08:15.0875 0x0a00  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
18:08:15.0890 0x0a00  HTTP - ok
18:08:15.0937 0x0a00  [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
18:08:15.0968 0x0a00  HTTPFilter - ok
18:08:16.0031 0x0a00  [ 9368670BD426EBEA5E8B18A62416EC28, 0ED865F8FB79F0B6309521925280E8640DB5CA6F75377434830536899734B6EE ] i2omgmt         C:\WINDOWS\system32\drivers\i2omgmt.sys
18:08:16.0031 0x0a00  i2omgmt - ok
18:08:16.0046 0x0a00  [ F10863BF1CCC290BABD1A09188AE49E0, BC038EAE6C8A76D56A5AD27035DC0369D6E766711E9FAA7467144370851F1615 ] i2omp           C:\WINDOWS\system32\DRIVERS\i2omp.sys
18:08:16.0046 0x0a00  i2omp - ok
18:08:16.0062 0x0a00  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:08:16.0062 0x0a00  i8042prt - ok
18:08:16.0156 0x0a00  [ 309C4D86D989FB1FCF64BD30DC81C51B, 90412120B005D5178E27EFD09D52005BE6CE1965E5CBB59612EAD02C5896A8A7 ] iaStor          C:\WINDOWS\system32\DRIVERS\IASTOR.SYS
18:08:16.0187 0x0a00  iaStor - ok
18:08:16.0343 0x0a00  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
18:08:16.0343 0x0a00  IDriverT - ok
18:08:16.0468 0x0a00  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:08:16.0515 0x0a00  idsvc - ok
18:08:16.0546 0x0a00  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
18:08:16.0546 0x0a00  Imapi - ok
18:08:16.0609 0x0a00  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    C:\WINDOWS\system32\imapi.exe
18:08:16.0625 0x0a00  ImapiService - ok
18:08:16.0687 0x0a00  [ 4A40E045FAEE58631FD8D91AFC620719, 7A2FD81BD483821B3DA01B1CD7215423EDD719CBE3862C0342FF7D21A17AF437 ] ini910u         C:\WINDOWS\system32\DRIVERS\ini910u.sys
18:08:16.0687 0x0a00  ini910u - ok
18:08:16.0703 0x0a00  [ B5466A9250342A7AA0CD1FBA13420678, 87E735C4E8924A883AB692D387A83BCBFAE6E165688336AE7AB488F7CA8D339E ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
18:08:16.0718 0x0a00  IntelIde - ok
18:08:16.0765 0x0a00  [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
18:08:16.0765 0x0a00  intelppm - ok
18:08:16.0796 0x0a00  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
18:08:16.0796 0x0a00  Ip6Fw - ok
18:08:16.0828 0x0a00  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:08:16.0828 0x0a00  IpFilterDriver - ok
18:08:16.0843 0x0a00  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:08:16.0843 0x0a00  IpInIp - ok
18:08:16.0890 0x0a00  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:08:16.0906 0x0a00  IpNat - ok
18:08:16.0921 0x0a00  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:08:16.0921 0x0a00  IPSec - ok
18:08:16.0968 0x0a00  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
18:08:16.0968 0x0a00  IRENUM - ok
18:08:16.0984 0x0a00  [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:08:16.0984 0x0a00  isapnp - ok
18:08:17.0046 0x0a00  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:08:17.0046 0x0a00  Kbdclass - ok
18:08:17.0109 0x0a00  [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
18:08:17.0109 0x0a00  kbdhid - ok
18:08:17.0125 0x0a00  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
18:08:17.0140 0x0a00  kmixer - ok
18:08:17.0187 0x0a00  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
18:08:17.0203 0x0a00  KSecDD - ok
18:08:17.0265 0x0a00  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
18:08:17.0265 0x0a00  lanmanserver - ok
18:08:17.0328 0x0a00  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
18:08:17.0359 0x0a00  lanmanworkstation - ok
18:08:17.0359 0x0a00  lbrtfdc - ok
18:08:17.0421 0x0a00  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
18:08:17.0421 0x0a00  LmHosts - ok
18:08:17.0421 0x0a00  lxbt_device - ok
18:08:17.0484 0x0a00  [ 4470E3C1E0C3378E4CAB137893C12C3A, CA8E66356F0E671D5454E561E7EAD74DE25DCF53BE452369F96ECACFA8709489 ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
18:08:17.0484 0x0a00  MBAMProtector - ok
18:08:17.0562 0x0a00  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:08:17.0578 0x0a00  MBAMScheduler - ok
18:08:17.0656 0x0a00  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
18:08:17.0687 0x0a00  MBAMService - ok
18:08:17.0765 0x0a00  [ DF0A511F38F16016BF658FCA0090CB87, 6D2F6360A4E1D369607F2F394B4A8C6EE8EEE9FA46A67394769E9C0044529B6C ] McrdSvc         C:\WINDOWS\ehome\mcrdsvc.exe
18:08:17.0765 0x0a00  McrdSvc - ok
18:08:17.0796 0x0a00  [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
18:08:17.0796 0x0a00  Messenger - ok
18:08:17.0828 0x0a00  [ B7521F69C0A9B29D356157229376FB21, A77C89BDC181038DD0F9A8AC0F7164B10EF9C54B0C57D8BAB8BC27932EBF890B ] MHN             C:\WINDOWS\System32\mhn.dll
18:08:17.0828 0x0a00  MHN - ok
18:08:17.0859 0x0a00  [ 7F2F1D2815A6449D346FCCCBC569FBD6, 1C5A321CE95CE4D9AA2CB5A00E9B7E711521A6BBB25D36F7F49A397C361585C6 ] MHNDRV          C:\WINDOWS\system32\DRIVERS\mhndrv.sys
18:08:17.0859 0x0a00  MHNDRV - ok
18:08:17.0906 0x0a00  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
18:08:17.0906 0x0a00  mnmdd - ok
18:08:17.0953 0x0a00  [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
18:08:17.0953 0x0a00  mnmsrvc - ok
18:08:18.0000 0x0a00  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
18:08:18.0000 0x0a00  Modem - ok
18:08:18.0031 0x0a00  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:08:18.0046 0x0a00  Mouclass - ok
18:08:18.0062 0x0a00  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:08:18.0062 0x0a00  mouhid - ok
18:08:18.0093 0x0a00  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
18:08:18.0093 0x0a00  MountMgr - ok
18:08:18.0156 0x0a00  [ 0329A45C849C9D77901094B8FFE8BBB9, 2151C15A4185FABBC3367B8213017B45E08C43E26E1D8942E707E217C6A5EDA7 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:08:18.0156 0x0a00  MozillaMaintenance - ok
18:08:18.0203 0x0a00  [ 24406D75B40F0F6B3C1AC7031D734565, B58AA80E9C3738CFD826D7C8129D5467166A4397CCFEEEF7F14542DEBB659A51 ] MpFilter        C:\WINDOWS\system32\DRIVERS\MpFilter.sys
18:08:18.0203 0x0a00  MpFilter - ok
18:08:18.0421 0x0a00  [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKslf0180d20   c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0E5A2A87-E74F-483B-8661-0169D864F7A5}\MpKslf0180d20.sys
18:08:18.0421 0x0a00  MpKslf0180d20 - ok
18:08:18.0468 0x0a00  [ 3F4BB95E5A44F3BE34824E8E7CAF0737, 9A4F9E63AA55B779AF3563C66C8E40D9C42FF3BB5F533F70905ADC7A44EA7DAD ] mraid35x        C:\WINDOWS\system32\DRIVERS\mraid35x.sys
18:08:18.0484 0x0a00  mraid35x - ok
18:08:18.0531 0x0a00  [ 9BD4DCB5412921864A7AACDEDFBD1923, 46DEE9B9414D26203B62F0D6CAEBF37A3CEFD118556129547B2C5FC7B6FDBA05 ] MREMP50         C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
18:08:18.0546 0x0a00  MREMP50 - ok
18:08:18.0578 0x0a00  [ 07C02C892E8E1A72D6BF35004F0E9C5E, 09ECD59AADF08E2AA0C1BAF5D3D7CBB0948153E531E1F82ECACD43F14F88106B ] MRESP50         C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
18:08:18.0578 0x0a00  MRESP50 - ok
18:08:18.0593 0x0a00  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:08:18.0593 0x0a00  MRxDAV - ok
18:08:18.0656 0x0a00  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:08:18.0671 0x0a00  MRxSmb - ok
18:08:18.0734 0x0a00  [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
18:08:18.0734 0x0a00  MSDTC - ok
18:08:18.0750 0x0a00  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
18:08:18.0750 0x0a00  Msfs - ok
18:08:18.0765 0x0a00  MSIServer - ok
18:08:18.0812 0x0a00  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:08:18.0812 0x0a00  MSKSSRV - ok
18:08:18.0921 0x0a00  [ 0A7F86657755ADA92C57E597BF5151F7, E226DFF12C4930DF1D0F1D2E7CE7BFFDF62F6DC402200EEFE196D14172A59B63 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
18:08:18.0921 0x0a00  MsMpSvc - ok
18:08:18.0953 0x0a00  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:08:18.0953 0x0a00  MSPCLOCK - ok
18:08:18.0984 0x0a00  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
18:08:19.0000 0x0a00  MSPQM - ok
18:08:19.0046 0x0a00  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:08:19.0046 0x0a00  mssmbios - ok
18:08:19.0062 0x0a00  [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
18:08:19.0062 0x0a00  MSTEE - ok
18:08:19.0125 0x0a00  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
18:08:19.0125 0x0a00  Mup - ok
18:08:19.0171 0x0a00  [ E1CDF20697D992CF83FF86DD04DF1285, F11EFA7B96672225BFB4302CD2272AD0D189973CBC24E9DA71FC3C7DAA78D4EA ] mxnic           C:\WINDOWS\system32\DRIVERS\mxnic.sys
18:08:19.0171 0x0a00  mxnic - ok
18:08:19.0187 0x0a00  [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
18:08:19.0203 0x0a00  NABTSFEC - ok
18:08:19.0234 0x0a00  [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        C:\WINDOWS\System32\qagentrt.dll
18:08:19.0250 0x0a00  napagent - ok
18:08:19.0390 0x0a00  [ 3BAE2BFCB6D69E19C8373F635DD544DC, A32DB5282ED5AFC1650883B1870E46FDC029EF9225075E6916D2E371F18D8B9E ] NBService       C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
18:08:19.0421 0x0a00  NBService - ok
18:08:19.0453 0x0a00  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
18:08:19.0468 0x0a00  NDIS - ok
18:08:19.0500 0x0a00  [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
18:08:19.0500 0x0a00  NdisIP - ok
18:08:19.0546 0x0a00  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:08:19.0546 0x0a00  NdisTapi - ok
18:08:19.0593 0x0a00  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:08:19.0593 0x0a00  Ndisuio - ok
18:08:19.0609 0x0a00  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:08:19.0609 0x0a00  NdisWan - ok
18:08:19.0671 0x0a00  [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
18:08:19.0671 0x0a00  NDProxy - ok
18:08:19.0687 0x0a00  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
18:08:19.0687 0x0a00  NetBIOS - ok
18:08:19.0703 0x0a00  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
18:08:19.0703 0x0a00  NetBT - ok
18:08:19.0750 0x0a00  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          C:\WINDOWS\system32\netdde.exe
18:08:19.0750 0x0a00  NetDDE - ok
18:08:19.0765 0x0a00  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
18:08:19.0765 0x0a00  NetDDEdsdm - ok
18:08:19.0796 0x0a00  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        C:\WINDOWS\system32\lsass.exe
18:08:19.0796 0x0a00  Netlogon - ok
18:08:19.0828 0x0a00  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          C:\WINDOWS\System32\netman.dll
18:08:19.0828 0x0a00  Netman - ok
18:08:19.0875 0x0a00  [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:08:19.0890 0x0a00  NetTcpPortSharing - ok
18:08:19.0921 0x0a00  [ E9E47CFB2D461FA0FC75B7A74C6383EA, 544136F5BFD4DC23D45E90F12FA48B82FD9EAEA9EAF3E0F5F0BD27E23D672C3E ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
18:08:19.0921 0x0a00  NIC1394 - ok
18:08:19.0984 0x0a00  [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla             C:\WINDOWS\System32\mswsock.dll
18:08:19.0984 0x0a00  Nla - ok
18:08:20.0156 0x0a00  [ 193FA51DDDD0BFFDED1C340F0434999A, C05CA0A8568E9CBDA15633ED420C29F52082114B2B9F24EB61369E42C480C080 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
18:08:20.0171 0x0a00  NMIndexingService - ok
18:08:20.0218 0x0a00  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
18:08:20.0218 0x0a00  Npfs - ok
18:08:20.0250 0x0a00  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
18:08:20.0265 0x0a00  Ntfs - ok
18:08:20.0281 0x0a00  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
18:08:20.0281 0x0a00  NtLmSsp - ok
18:08:20.0343 0x0a00  [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
18:08:20.0359 0x0a00  NtmsSvc - ok
18:08:20.0406 0x0a00  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
18:08:20.0406 0x0a00  Null - ok
18:08:20.0515 0x0a00  [ 2B298519EDBFCF451D43E0F1E8F1006D, 67F3F2001F4C8DABD253D60AB3222793635532DC51AD977954286F8A246F5592 ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
18:08:20.0578 0x0a00  nv - ok
18:08:20.0609 0x0a00  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:08:20.0625 0x0a00  NwlnkFlt - ok
18:08:20.0671 0x0a00  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:08:20.0671 0x0a00  NwlnkFwd - ok
18:08:20.0703 0x0a00  [ CA33832DF41AFB202EE7AEB05145922F, 9DD0089C2E13C7F81214C3B5A4A61276292052F9BBFEA7FCD0F6AA27815D5F95 ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
18:08:20.0703 0x0a00  ohci1394 - ok
18:08:20.0734 0x0a00  [ 61C85AFEAA6EF0C1B32D43F84F7BFBCF, 5593350B3856FAB6895388BDD6CF280C3DA4528EE31AC2A01FEDF236A8B7ED41 ] ossrv           C:\WINDOWS\system32\drivers\ctoss2k.sys
18:08:20.0734 0x0a00  ossrv - ok
18:08:20.0796 0x0a00  [ C90018BAFDC7098619A4A95B046B30F3, 1826E46F237AD65BA189B83803A46A6C2B29089C1BA146106ADD9F2B04D4A89D ] P3              C:\WINDOWS\system32\DRIVERS\p3.sys
18:08:20.0796 0x0a00  P3 - ok
18:08:20.0828 0x0a00  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
18:08:20.0828 0x0a00  Parport - ok
18:08:20.0828 0x0a00  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
18:08:20.0843 0x0a00  PartMgr - ok
18:08:20.0875 0x0a00  [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
18:08:20.0875 0x0a00  ParVdm - ok
18:08:20.0890 0x0a00  [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
18:08:20.0890 0x0a00  PCI - ok
18:08:20.0890 0x0a00  PCIDump - ok
18:08:20.0906 0x0a00  [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
18:08:20.0906 0x0a00  PCIIde - ok
18:08:20.0937 0x0a00  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
18:08:20.0937 0x0a00  Pcmcia - ok
18:08:20.0953 0x0a00  PDCOMP - ok
18:08:20.0953 0x0a00  PDFRAME - ok
18:08:20.0968 0x0a00  PDRELI - ok
18:08:20.0984 0x0a00  PDRFRAME - ok
18:08:20.0984 0x0a00  [ 6C14B9C19BA84F73D3A86DBA11133101, 2CFB7E027E43C1B3890985DFD7987B23E4E3CC003E3FD2583E4A8AC1F8A13B26 ] perc2           C:\WINDOWS\system32\DRIVERS\perc2.sys
18:08:21.0000 0x0a00  perc2 - ok
18:08:21.0000 0x0a00  [ F50F7C27F131AFE7BEBA13E14A3B9416, C0498EA65B908C07A734324ED70DB27F434FAAA815DD02F1BC429A3AB6C663D5 ] perc2hib        C:\WINDOWS\system32\DRIVERS\perc2hib.sys
18:08:21.0000 0x0a00  perc2hib - ok
18:08:21.0078 0x0a00  [ 875E4E0661F3A5994DF9E5E3A0A4F96B, 7198C02935B3714C455EE94305D2A21D900D72AC67049C11A1E842572AD6C5E1 ] PLFlash DeviceIoControl Service C:\WINDOWS\system32\IoctlSvc.exe
18:08:21.0078 0x0a00  PLFlash DeviceIoControl Service - ok
18:08:21.0140 0x0a00  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay        C:\WINDOWS\system32\services.exe
18:08:21.0140 0x0a00  PlugPlay - ok
18:08:21.0156 0x0a00  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
18:08:21.0156 0x0a00  PolicyAgent - ok
18:08:21.0171 0x0a00  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:08:21.0171 0x0a00  PptpMiniport - ok
18:08:21.0187 0x0a00  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
18:08:21.0187 0x0a00  ProtectedStorage - ok
18:08:21.0203 0x0a00  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
18:08:21.0203 0x0a00  PSched - ok
18:08:21.0218 0x0a00  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:08:21.0218 0x0a00  Ptilink - ok
18:08:21.0234 0x0a00  [ 617ACCADA2E0A0F43EC6030BBAC49513, D1117E8ED757B485CD58E8790595EA50C3AB0EF336AD6F789E0B63A0773A8023 ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
18:08:21.0234 0x0a00  PxHelp20 - ok
18:08:21.0250 0x0a00  [ 0A63FB54039EB5662433CABA3B26DBA7, A1FB923EB2D08D89D24E8AD7042BBED7CB1DBDA9A5B77BDD188E9913BADAB0EF ] ql1080          C:\WINDOWS\system32\DRIVERS\ql1080.sys
18:08:21.0250 0x0a00  ql1080 - ok
18:08:21.0265 0x0a00  [ 6503449E1D43A0FF0201AD5CB1B8C706, F1EFC2DE5998615CB182D7984366631FE956AE1ECA9AC777F26FCA2E6F2E05A6 ] Ql10wnt         C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
18:08:21.0265 0x0a00  Ql10wnt - ok
18:08:21.0281 0x0a00  [ 156ED0EF20C15114CA097A34A30D8A01, 7490B90D4C88B7A9BADB9473D4033535F054C797ABF6D542CB859DA5C9B2586A ] ql12160         C:\WINDOWS\system32\DRIVERS\ql12160.sys
18:08:21.0281 0x0a00  ql12160 - ok
18:08:21.0296 0x0a00  [ 70F016BEBDE6D29E864C1230A07CC5E6, 895BC2C888F6566086FC1399F499A401D447E57333BC9F9C6DBAFE0F117603D6 ] ql1240          C:\WINDOWS\system32\DRIVERS\ql1240.sys
18:08:21.0296 0x0a00  ql1240 - ok
18:08:21.0312 0x0a00  [ 907F0AEEA6BC451011611E732BD31FCF, F9E7023BD1042963110D0A613054D094437868B20779F23C316A38E4781A6152 ] ql1280          C:\WINDOWS\system32\DRIVERS\ql1280.sys
18:08:21.0312 0x0a00  ql1280 - ok
18:08:21.0328 0x0a00  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:08:21.0328 0x0a00  RasAcd - ok
18:08:21.0375 0x0a00  [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto         C:\WINDOWS\System32\rasauto.dll
18:08:21.0375 0x0a00  RasAuto - ok
18:08:21.0390 0x0a00  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:08:21.0390 0x0a00  Rasl2tp - ok
18:08:21.0437 0x0a00  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan          C:\WINDOWS\System32\rasmans.dll
18:08:21.0437 0x0a00  RasMan - ok
18:08:21.0453 0x0a00  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:08:21.0453 0x0a00  RasPppoe - ok
18:08:21.0500 0x0a00  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
18:08:21.0500 0x0a00  Raspti - ok
18:08:21.0546 0x0a00  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:08:21.0546 0x0a00  Rdbss - ok
18:08:21.0562 0x0a00  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:08:21.0562 0x0a00  RDPCDD - ok
18:08:21.0578 0x0a00  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
18:08:21.0593 0x0a00  rdpdr - ok
18:08:21.0656 0x0a00  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
18:08:21.0656 0x0a00  RDPWD - ok
18:08:21.0687 0x0a00  [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
18:08:21.0687 0x0a00  RDSessMgr - ok
18:08:21.0703 0x0a00  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
18:08:21.0718 0x0a00  redbook - ok
18:08:21.0750 0x0a00  [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
18:08:21.0750 0x0a00  RemoteAccess - ok
18:08:21.0796 0x0a00  [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
18:08:21.0796 0x0a00  RemoteRegistry - ok
18:08:21.0953 0x0a00  [ 06A49B7BDC36CFBF97DD90804F833369, 0E02B50F9F371162E18D5E4FFEF1669E9B5B75460618B10FD31E63F2ACC50A90 ] RichVideo       C:\Program Files\CyberLink\Shared Files\RichVideo.exe
18:08:21.0968 0x0a00  RichVideo - ok
18:08:22.0000 0x0a00  [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator      C:\WINDOWS\system32\locator.exe
18:08:22.0015 0x0a00  RpcLocator - ok
18:08:22.0062 0x0a00  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs           C:\WINDOWS\system32\rpcss.dll
18:08:22.0078 0x0a00  RpcSs - ok
18:08:22.0140 0x0a00  [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            C:\WINDOWS\system32\rsvp.exe
18:08:22.0156 0x0a00  RSVP - ok
18:08:22.0171 0x0a00  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs           C:\WINDOWS\system32\lsass.exe
18:08:22.0171 0x0a00  SamSs - ok
18:08:22.0187 0x0a00  [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
18:08:22.0203 0x0a00  SCardSvr - ok
18:08:22.0234 0x0a00  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
18:08:22.0234 0x0a00  Schedule - ok
18:08:22.0296 0x0a00  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:08:22.0296 0x0a00  Secdrv - ok
18:08:22.0328 0x0a00  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon        C:\WINDOWS\System32\seclogon.dll
18:08:22.0328 0x0a00  seclogon - ok
18:08:22.0437 0x0a00  [ B9C7617C1E8AB6FDFF75D3C8DAFCB4C8, E94F7E97AAB80600DED0310160527C3CC8CAC8593EC2FBEAED2EF5EC5A6C4086 ] senfilt         C:\WINDOWS\system32\drivers\senfilt.sys
18:08:22.0453 0x0a00  senfilt - ok
18:08:22.0515 0x0a00  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS            C:\WINDOWS\system32\sens.dll
18:08:22.0531 0x0a00  SENS - ok
18:08:22.0562 0x0a00  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] Serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
18:08:22.0562 0x0a00  Serenum - ok
18:08:22.0578 0x0a00  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
18:08:22.0593 0x0a00  Serial - ok
18:08:22.0671 0x0a00  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
18:08:22.0671 0x0a00  Sfloppy - ok
18:08:22.0750 0x0a00  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
18:08:22.0765 0x0a00  SharedAccess - ok
18:08:22.0796 0x0a00  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:08:22.0812 0x0a00  ShellHWDetection - ok
18:08:22.0812 0x0a00  Simbad - ok
18:08:22.0828 0x0a00  [ 6B33D0EBD30DB32E27D1D78FE946A754, CDA3D082D370B079C06D943DA124D76BAF0C5DB264FB0C893148EF6322D2FABE ] sisagp          C:\WINDOWS\system32\DRIVERS\sisagp.sys
18:08:22.0828 0x0a00  sisagp - ok
18:08:22.0859 0x0a00  [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
18:08:22.0859 0x0a00  SLIP - ok
18:08:22.0921 0x0a00  [ C6D9959E493682F872A639B6EC1B4A08, 5B6D3FD23A44422F8B3972CF47BF16B5015DC0CCF7EF59FADAFEEF1AEE32958B ] smwdm           C:\WINDOWS\system32\drivers\smwdm.sys
18:08:22.0937 0x0a00  smwdm - ok
18:08:23.0000 0x0a00  [ 83C0F71F86D3BDAF915685F3D568B20E, 10B24723914A5A9E27A592FD58DAE2207B6E49F13A17CD2B1477C51D2D609D2E ] Sparrow         C:\WINDOWS\system32\DRIVERS\sparrow.sys
18:08:23.0015 0x0a00  Sparrow - ok
18:08:23.0078 0x0a00  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
18:08:23.0078 0x0a00  splitter - ok
18:08:23.0125 0x0a00  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
18:08:23.0140 0x0a00  Spooler - ok
18:08:23.0140 0x0a00  [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
18:08:23.0156 0x0a00  sr - ok
18:08:23.0203 0x0a00  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice       C:\WINDOWS\system32\srsvc.dll
18:08:23.0203 0x0a00  srservice - ok
18:08:23.0281 0x0a00  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
18:08:23.0296 0x0a00  Srv - ok
18:08:23.0312 0x0a00  [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
18:08:23.0312 0x0a00  SSDPSRV - ok
18:08:23.0390 0x0a00  [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
18:08:23.0421 0x0a00  stisvc - ok
18:08:23.0453 0x0a00  [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
18:08:23.0468 0x0a00  streamip - ok
18:08:23.0484 0x0a00  [ C86A229BB5CB5DC47498B2C530A9458E, EA5BFA0741B520340F3728F6D68BF9F7F4DAC8220332EB016899D86AE02508CE ] SWDUMon         C:\WINDOWS\system32\DRIVERS\SWDUMon.sys
18:08:23.0562 0x0a00  SWDUMon - ok
18:08:23.0609 0x0a00  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
18:08:23.0609 0x0a00  swenum - ok
18:08:23.0640 0x0a00  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
18:08:23.0640 0x0a00  swmidi - ok
18:08:23.0656 0x0a00  SwPrv - ok
18:08:23.0718 0x0a00  [ 1FF3217614018630D0A6758630FC698C, 78A3075BBFF5D7ADEAC1527E65ACA8527BFC509DF124D44410BB46C4D96C96BB ] symc810         C:\WINDOWS\system32\DRIVERS\symc810.sys
18:08:23.0718 0x0a00  symc810 - ok
18:08:23.0734 0x0a00  [ 070E001D95CF725186EF8B20335F933C, B98B29FB01741AF3B4BB02C76A4D117EA04FE4CC4F8CDB491F9216931704A6D8 ] symc8xx         C:\WINDOWS\system32\DRIVERS\symc8xx.sys
18:08:23.0734 0x0a00  symc8xx - ok
18:08:23.0750 0x0a00  [ 80AC1C4ABBE2DF3B738BF15517A51F2C, CCF82D09C63F4FA98BCBEF3A1DC8C02D4269B78256D0B6213E815D9BBE174432 ] sym_hi          C:\WINDOWS\system32\DRIVERS\sym_hi.sys
18:08:23.0750 0x0a00  sym_hi - ok
18:08:23.0765 0x0a00  [ BF4FAB949A382A8E105F46EBB4937058, FE7C114A19D50E37463CDD3605C26105A779EEA79CB92BF98267C7BE809D853B ] sym_u3          C:\WINDOWS\system32\DRIVERS\sym_u3.sys
18:08:23.0765 0x0a00  sym_u3 - ok
18:08:23.0781 0x0a00  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
18:08:23.0781 0x0a00  sysaudio - ok
18:08:23.0843 0x0a00  [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
18:08:23.0843 0x0a00  SysmonLog - ok
18:08:23.0875 0x0a00  [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
18:08:23.0890 0x0a00  TapiSrv - ok
18:08:23.0968 0x0a00  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:08:23.0984 0x0a00  Tcpip - ok
18:08:24.0015 0x0a00  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
18:08:24.0015 0x0a00  TDPIPE - ok
18:08:24.0046 0x0a00  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
18:08:24.0046 0x0a00  TDTCP - ok
18:08:24.0093 0x0a00  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
18:08:24.0093 0x0a00  TermDD - ok
18:08:24.0140 0x0a00  [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService     C:\WINDOWS\System32\termsrv.dll
18:08:24.0156 0x0a00  TermService - ok
18:08:24.0187 0x0a00  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes          C:\WINDOWS\System32\shsvcs.dll
18:08:24.0203 0x0a00  Themes - ok
18:08:24.0234 0x0a00  [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
18:08:24.0234 0x0a00  TlntSvr - ok
18:08:24.0281 0x0a00  [ F2790F6AF01321B172AA62F8E1E187D9, 5644B5EFA0065C0CC9DB28E5520AAD2F4B3BCE48337F165BF9F166ECC164630C ] TosIde          C:\WINDOWS\system32\DRIVERS\toside.sys
18:08:24.0281 0x0a00  TosIde - ok
18:08:24.0343 0x0a00  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
18:08:24.0343 0x0a00  TrkWks - ok
18:08:24.0390 0x0a00  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
18:08:24.0406 0x0a00  Udfs - ok
18:08:24.0437 0x0a00  [ 1B698A51CD528D8DA4FFAED66DFC51B9, FC3F12D25EE0E99AFE056502FCCFC052854699C21B99D559FAF1244F206DFB4F ] ultra           C:\WINDOWS\system32\DRIVERS\ultra.sys
18:08:24.0437 0x0a00  ultra - ok
18:08:24.0453 0x0a00  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
18:08:24.0468 0x0a00  Update - ok
18:08:24.0515 0x0a00  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost        C:\WINDOWS\System32\upnphost.dll
18:08:24.0515 0x0a00  upnphost - ok
18:08:24.0546 0x0a00  [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS             C:\WINDOWS\System32\ups.exe
18:08:24.0546 0x0a00  UPS - ok
18:08:24.0609 0x0a00  [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:08:24.0609 0x0a00  usbccgp - ok
18:08:24.0625 0x0a00  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:08:24.0640 0x0a00  usbehci - ok
18:08:24.0671 0x0a00  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:08:24.0671 0x0a00  usbhub - ok
18:08:24.0718 0x0a00  [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
18:08:24.0796 0x0a00  usbprint - ok
18:08:24.0859 0x0a00  [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:08:24.0859 0x0a00  usbscan - ok
18:08:24.0875 0x0a00  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] usbstor         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:08:24.0875 0x0a00  usbstor - ok
18:08:24.0906 0x0a00  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
18:08:24.0906 0x0a00  usbuhci - ok
18:08:24.0921 0x0a00  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
18:08:24.0921 0x0a00  VgaSave - ok
18:08:24.0984 0x0a00  [ 754292CE5848B3738281B4F3607EAEF4, B0DCC9E9F8F78671FF878B493264C3B1DD2ED4A7167E3F5495F66ABF5FACB86C ] viaagp          C:\WINDOWS\system32\DRIVERS\viaagp.sys
18:08:25.0000 0x0a00  viaagp - ok
18:08:25.0031 0x0a00  [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E, FC7FFD53FCC0F81587EFF26A43C141D25C43DBC68311520CE2BCDD739CA58CA9 ] ViaIde          C:\WINDOWS\system32\DRIVERS\viaide.sys
18:08:25.0031 0x0a00  ViaIde - ok
18:08:25.0046 0x0a00  [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
18:08:25.0046 0x0a00  VolSnap - ok
18:08:25.0125 0x0a00  [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS             C:\WINDOWS\System32\vssvc.exe
18:08:25.0125 0x0a00  VSS - ok
18:08:25.0171 0x0a00  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time         C:\WINDOWS\system32\w32time.dll
18:08:25.0187 0x0a00  W32Time - ok
18:08:25.0218 0x0a00  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:08:25.0234 0x0a00  Wanarp - ok
18:08:25.0296 0x0a00  [ D918617B46457B9AC28027722E30F647, 407284D3055DC11944D4EE7E4357E7CF9CAF8CA40CA50633AB6FD4A82CB7EEA6 ] Wdf01000        C:\WINDOWS\system32\Drivers\wdf01000.sys
18:08:25.0328 0x0a00  Wdf01000 - ok
18:08:25.0328 0x0a00  WDICA - ok
18:08:25.0359 0x0a00  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
18:08:25.0375 0x0a00  wdmaud - ok
18:08:25.0437 0x0a00  [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient       C:\WINDOWS\System32\webclnt.dll
18:08:25.0437 0x0a00  WebClient - ok
18:08:25.0562 0x0a00  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
18:08:25.0562 0x0a00  winmgmt - ok
18:08:25.0671 0x0a00  [ 18F347402DA544A780949B8FDF83351B, D1AD972D438A51A4998FEF68670395DAE3353240AD2A17F35794287AF0826FFB ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
18:08:25.0718 0x0a00  WinRM - ok
18:08:25.0765 0x0a00  [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
18:08:25.0765 0x0a00  WmdmPmSN - ok
18:08:25.0843 0x0a00  [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi             C:\WINDOWS\System32\advapi32.dll
18:08:25.0859 0x0a00  Wmi - ok
18:08:25.0937 0x0a00  [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
18:08:25.0937 0x0a00  WmiApSrv - ok
18:08:26.0078 0x0a00  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B, C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E09C9A014526066 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
18:08:26.0109 0x0a00  WMPNetworkSvc - ok
18:08:26.0218 0x0a00  [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
18:08:26.0265 0x0a00  WPFFontCache_v0400 - ok
18:08:26.0312 0x0a00  [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
18:08:26.0328 0x0a00  WS2IFSL - ok
18:08:26.0359 0x0a00  [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
18:08:26.0375 0x0a00  wscsvc - ok
18:08:26.0406 0x0a00  [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
18:08:26.0406 0x0a00  WSTCODEC - ok
18:08:26.0437 0x0a00  [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
18:08:26.0437 0x0a00  wuauserv - ok
18:08:26.0484 0x0a00  [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
18:08:26.0500 0x0a00  WudfPf - ok
18:08:26.0515 0x0a00  [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
18:08:26.0515 0x0a00  WudfRd - ok
18:08:26.0546 0x0a00  [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
18:08:26.0546 0x0a00  WudfSvc - ok
18:08:26.0625 0x0a00  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
18:08:26.0656 0x0a00  WZCSVC - ok
18:08:26.0687 0x0a00  [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
18:08:26.0703 0x0a00  xmlprov - ok
18:08:26.0781 0x0a00  [ DD0042F0C3B606A6A8B92D49AFB18AD6, 8D3BE4C93D02AF5F42EC46AF598D6DA40C61D467CB2FEE5E222F9C1E7A84B852 ] YahooAUService  C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
18:08:26.0796 0x0a00  YahooAUService - ok
18:08:26.0843 0x0a00  ================ Scan global ===============================
18:08:26.0906 0x0a00  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
18:08:26.0937 0x0a00  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
18:08:26.0984 0x0a00  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
18:08:27.0031 0x0a00  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
18:08:27.0031 0x0a00  [ Global ] - ok
18:08:27.0046 0x0a00  ================ Scan MBR ==================================
18:08:27.0078 0x0a00  [ 117EBF02F374A2469D61D1C801F8C1FF ] \Device\Harddisk0\DR0
18:08:27.0296 0x0a00  \Device\Harddisk0\DR0 - ok
18:08:27.0312 0x0a00  [ B16A2359F4962B0C622D81A1C1F4B703 ] \Device\Harddisk1\DR1
18:08:27.0484 0x0a00  \Device\Harddisk1\DR1 - ok
18:08:27.0484 0x0a00  ================ Scan VBR ==================================
18:08:27.0484 0x0a00  [ 35C2CA384356707F78B46A3A66420B39 ] \Device\Harddisk0\DR0\Partition1
18:08:27.0500 0x0a00  \Device\Harddisk0\DR0\Partition1 - ok
18:08:27.0500 0x0a00  [ D4260963E12E939229E818DF7F359A0D ] \Device\Harddisk1\DR1\Partition1
18:08:27.0500 0x0a00  \Device\Harddisk1\DR1\Partition1 - ok
18:08:27.0515 0x0a00  Waiting for KSN requests completion. In queue: 261
18:08:28.0515 0x0a00  Waiting for KSN requests completion. In queue: 261
18:08:29.0515 0x0a00  Waiting for KSN requests completion. In queue: 261
18:08:30.0515 0x0a00  Waiting for KSN requests completion. In queue: 261
18:08:31.0625 0x0a00  AV detected via SS1: Microsoft Security Essentials, 4.3.0219.0, enabled, updated
18:08:31.0640 0x0a00  Win FW state via NFM: enabled
18:08:34.0218 0x0a00  ============================================================
18:08:34.0218 0x0a00  Scan finished
18:08:34.0218 0x0a00  ============================================================
18:08:34.0218 0x06e4  Detected object count: 0
18:08:34.0218 0x06e4  Actual detected object count: 0
18:08:53.0015 0x0cd8  ============================================================
18:08:53.0015 0x0cd8  Scan started
18:08:53.0015 0x0cd8  Mode: Manual;
18:08:53.0015 0x0cd8  ============================================================
18:08:53.0015 0x0cd8  KSN ping started
18:08:55.0687 0x0cd8  KSN ping finished: true
18:08:55.0781 0x0cd8  ================ Scan system memory ========================
18:08:55.0781 0x0cd8  System memory - ok
18:08:55.0781 0x0cd8  ================ Scan services =============================
18:08:56.0015 0x0cd8  [ 21AF8E9C727C6D7643AD497268F55BF1, 1C1E446C72A41420F841C1B1F271E436A5C6BE595CAF561CE61D1508E01B541B ] A3AB            C:\WINDOWS\system32\DRIVERS\A3AB.sys
18:08:56.0046 0x0cd8  A3AB - ok
18:08:56.0062 0x0cd8  Abiosdsk - ok
18:08:56.0109 0x0cd8  [ 6ABB91494FE6C59089B9336452AB2EA3, FA28396820E44F991891042E051A4414485B54D456F252E03E3FFE1B4B4CF843 ] abp480n5        C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
18:08:56.0125 0x0cd8  abp480n5 - ok
18:08:56.0156 0x0cd8  [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:08:56.0171 0x0cd8  ACPI - ok
18:08:56.0187 0x0cd8  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
18:08:56.0187 0x0cd8  ACPIEC - ok
18:08:56.0265 0x0cd8  [ A283108E14F3970432C21AF4C0CB1BCE, 1D3219EF916D54232838870EDE557296AACB714B456ED0AAE0DE3CE3822F4643 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:08:56.0281 0x0cd8  AdobeFlashPlayerUpdateSvc - ok
18:08:56.0312 0x0cd8  [ 9A11864873DA202C996558B2106B0BBC, 4C68F1DBD1541291DD0FAB78DB42B25FA051CD9F55ED869173E3219CD31500C4 ] adpu160m        C:\WINDOWS\system32\DRIVERS\adpu160m.sys
18:08:56.0328 0x0cd8  adpu160m - ok
18:08:56.0359 0x0cd8  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
18:08:56.0359 0x0cd8  aec - ok
18:08:56.0421 0x0cd8  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
18:08:56.0421 0x0cd8  AFD - ok
18:08:56.0468 0x0cd8  [ 08FD04AA961BDC77FB983F328334E3D7, A784EC8A9EDB579262366B5A9AB177DB7BEC0A421BDE85431D0AD4959D5AF5E7 ] agp440          C:\WINDOWS\system32\DRIVERS\agp440.sys
18:08:56.0468 0x0cd8  agp440 - ok
18:08:56.0468 0x0cd8  [ 03A7E0922ACFE1B07D5DB2EEB0773063, 93EEA872A5642C95FF19C81F8EFFB9B52742A14DBF138784F0F713AD18C413ED ] agpCPQ          C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
18:08:56.0484 0x0cd8  agpCPQ - ok
18:08:56.0484 0x0cd8  [ C23EA9B5F46C7F7910DB3EAB648FF013, 92C84E9AF278A3B55D56C4F8E6C10E3EF1F7B336A44A018AED6DC51A46671F0B ] Aha154x         C:\WINDOWS\system32\DRIVERS\aha154x.sys
18:08:56.0484 0x0cd8  Aha154x - ok
18:08:56.0500 0x0cd8  [ 19DD0FB48B0C18892F70E2E7D61A1529, 95BA1568E8E08314508CA0E1F95555891E70399AEC312C793B46A841F56FFDCF ] aic78u2         C:\WINDOWS\system32\DRIVERS\aic78u2.sys
18:08:56.0500 0x0cd8  aic78u2 - ok
18:08:56.0515 0x0cd8  [ B7FE594A7468AA0132DEB03FB8E34326, BF0DC2B8C474DB151589BA9968264413521DDD9E7316B752B2FA40C24200FBE0 ] aic78xx         C:\WINDOWS\system32\DRIVERS\aic78xx.sys
18:08:56.0515 0x0cd8  aic78xx - ok
18:08:56.0546 0x0cd8  [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
18:08:56.0546 0x0cd8  Alerter - ok
18:08:56.0593 0x0cd8  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             C:\WINDOWS\System32\alg.exe
18:08:56.0593 0x0cd8  ALG - ok
18:08:56.0609 0x0cd8  [ 1140AB9938809700B46BB88E46D72A96, 369379ECC5941ACE984A7F31EAABB66A2E693EDBADA639B86D26FD681D45608E ] AliIde          C:\WINDOWS\system32\DRIVERS\aliide.sys
18:08:56.0609 0x0cd8  AliIde - ok
18:08:56.0609 0x0cd8  [ CB08AED0DE2DD889A8A820CD8082D83C, B1A9D493390AEDF6EFF8BCAA3B33EC31758452AB497C34C0728CDDA1D8DCBF2A ] alim1541        C:\WINDOWS\system32\DRIVERS\alim1541.sys
18:08:56.0625 0x0cd8  alim1541 - ok
18:08:56.0640 0x0cd8  [ 95B4FB835E28AA1336CEEB07FD5B9398, 36CD3B14EF78B01FB653B78187FAA63C4DD5F4137AC3B91D81256A350EEDCBC1 ] amdagp          C:\WINDOWS\system32\DRIVERS\amdagp.sys
18:08:56.0640 0x0cd8  amdagp - ok
18:08:56.0656 0x0cd8  [ 79F5ADD8D24BD6893F2903A3E2F3FAD6, 9B179F0B6A559639D3AE3975CEBF2718294BE5743517BEE06586F0D258164C81 ] amsint          C:\WINDOWS\system32\DRIVERS\amsint.sys
18:08:56.0656 0x0cd8  amsint - ok
18:08:56.0703 0x0cd8  [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
18:08:56.0718 0x0cd8  AppMgmt - ok
18:08:56.0765 0x0cd8  [ B5B8A80875C1DEDEDA8B02765642C32F, AD0C71D73B1B8225351FBF4FFB43001A32B4DAE69504C59970CD2428BB33D4EF ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
18:08:56.0765 0x0cd8  Arp1394 - ok
18:08:56.0781 0x0cd8  [ 62D318E9A0C8FC9B780008E724283707, 1A69806AB2BDECCEB5EB23A80700B3F98983D5D67F78839CBF269087FA460757 ] asc             C:\WINDOWS\system32\DRIVERS\asc.sys
18:08:56.0781 0x0cd8  asc - ok
18:08:56.0828 0x0cd8  [ 69EB0CC7714B32896CCBFD5EDCBEA447, 1CB506B5F71F84EFD26961010681D0A79AA7B266573378E3D2755125DF5D6BB6 ] asc3350p        C:\WINDOWS\system32\DRIVERS\asc3350p.sys
18:08:56.0828 0x0cd8  asc3350p - ok
18:08:56.0843 0x0cd8  [ 5D8DE112AA0254B907861E9E9C31D597, 557C93E82A71131D226267151C84B197503831A16263DDFE040E996B605CA9E8 ] asc3550         C:\WINDOWS\system32\DRIVERS\asc3550.sys
18:08:56.0843 0x0cd8  asc3550 - ok
18:08:57.0000 0x0cd8  [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
18:08:57.0000 0x0cd8  aspnet_state - ok
18:08:57.0031 0x0cd8  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:08:57.0031 0x0cd8  AsyncMac - ok
18:08:57.0046 0x0cd8  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
18:08:57.0046 0x0cd8  atapi - ok
18:08:57.0062 0x0cd8  Atdisk - ok
18:08:57.0125 0x0cd8  [ 4DEAA162480367B232F3EE3A6D34084B, EC77589E17B1660284FB6F903F715F71D371401D5DAB6D6CAADC7C9FA23F5191 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
18:08:57.0125 0x0cd8  Ati HotKey Poller - ok
18:08:57.0187 0x0cd8  [ F0D0B0CDEC0BE32D775F404CAC2604BF, 6806FB0A20898CF9AFD7E7C2F8A85A22C5082C8A9E205ADC5BFC65F9F5A3DA88 ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
18:08:57.0218 0x0cd8  ati2mtag - ok
18:08:57.0296 0x0cd8  [ 34E74FAB657DC47031330DFA30EE7E38, EC5DA4CACFADB15C3024DA6AE538AABEDF4EBC335237EF2878175BAB98021CF1 ] atinewp2        C:\WINDOWS\system32\DRIVERS\atinewp2.sys
18:08:57.0312 0x0cd8  atinewp2 - ok
18:08:57.0359 0x0cd8  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:08:57.0359 0x0cd8  Atmarpc - ok
18:08:57.0406 0x0cd8  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
18:08:57.0406 0x0cd8  AudioSrv - ok
18:08:57.0468 0x0cd8  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
18:08:57.0468 0x0cd8  audstub - ok
18:08:57.0515 0x0cd8  [ 4826FCF97C47B361A2E2F68CD487A19E, C9DA912C3EE76D62E8ABE9FB232951CEE577CD598995C707C2152B4F6BDA6610 ] b57w2k          C:\WINDOWS\system32\DRIVERS\b57xp32.sys
18:08:57.0515 0x0cd8  b57w2k - ok
18:08:57.0546 0x0cd8  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
18:08:57.0546 0x0cd8  Beep - ok
18:08:57.0625 0x0cd8  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            C:\WINDOWS\system32\qmgr.dll
18:08:57.0640 0x0cd8  BITS - ok
18:08:57.0703 0x0cd8  [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser         C:\WINDOWS\System32\browser.dll
18:08:57.0718 0x0cd8  Browser - ok
18:08:57.0734 0x0cd8  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf           C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
18:08:57.0734 0x0cd8  cbidf - ok
18:08:57.0750 0x0cd8  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
18:08:57.0750 0x0cd8  cbidf2k - ok
18:08:57.0781 0x0cd8  [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
18:08:57.0781 0x0cd8  CCDECODE - ok
18:08:57.0796 0x0cd8  [ F3EC03299634490E97BBCE94CD2954C7, CDC85ADA27E0D501581CE6F28D7E1941E90411FA8E8F2C43A68BAA8CB78E85DD ] cd20xrnt        C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
18:08:57.0796 0x0cd8  cd20xrnt - ok
18:08:57.0812 0x0cd8  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
18:08:57.0812 0x0cd8  Cdaudio - ok
18:08:57.0843 0x0cd8  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
18:08:57.0859 0x0cd8  Cdfs - ok
18:08:57.0906 0x0cd8  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:08:57.0921 0x0cd8  Cdrom - ok
18:08:57.0921 0x0cd8  Changer - ok
18:08:57.0984 0x0cd8  [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
18:08:57.0984 0x0cd8  CiSvc - ok
18:08:58.0015 0x0cd8  [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
18:08:58.0015 0x0cd8  ClipSrv - ok
18:08:58.0109 0x0cd8  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:08:58.0125 0x0cd8  clr_optimization_v2.0.50727_32 - ok
18:08:58.0171 0x0cd8  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:08:58.0187 0x0cd8  clr_optimization_v4.0.30319_32 - ok
18:08:58.0234 0x0cd8  [ E5DCB56C533014ECBC556A8357C929D5, B2915C0C07EDBA59C5D02680804C4C2DE099D73DE0D0DD0CDA748F34F11057E0 ] CmdIde          C:\WINDOWS\system32\DRIVERS\cmdide.sys
18:08:58.0234 0x0cd8  CmdIde - ok
18:08:58.0296 0x0cd8  [ 1EF05B641E9A67DED74AC8AD40055DBF, A27C22D785BBD3A92D686CD6C7BE6992A6BC0EE4F832F4934D11E2D2263421FF ] COMMONFX.DLL    C:\WINDOWS\system32\COMMONFX.DLL
18:08:58.0296 0x0cd8  COMMONFX.DLL - ok
18:08:58.0312 0x0cd8  COMSysApp - ok
18:08:58.0328 0x0cd8  [ 3EE529119EED34CD212A215E8C40D4B6, A6B71F3D4EE7358CA85F010E6271A6B72226D25DF30ED331DA830639ED3E9903 ] Cpqarray        C:\WINDOWS\system32\DRIVERS\cpqarray.sys
18:08:58.0328 0x0cd8  Cpqarray - ok
18:08:58.0375 0x0cd8  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
18:08:58.0375 0x0cd8  CryptSvc - ok
18:08:58.0421 0x0cd8  [ 6191A973461852A09D643609E1D5F7C6, 66D731C335B8A6CA225B8B5CCB4B89B1920928322E2483D4CAF2CF250606A917 ] CT20XUT.DLL     C:\WINDOWS\system32\CT20XUT.DLL
18:08:58.0421 0x0cd8  CT20XUT.DLL - ok
18:08:58.0468 0x0cd8  [ 8AC5F77E30E37D2D11BD99EFF0C53D8C, 0A10560ED02CF1760506241ABFC7BB10C39516D1373C8991BFBF956C1C1FE5E0 ] ctac32k         C:\WINDOWS\system32\drivers\ctac32k.sys
18:08:58.0484 0x0cd8  ctac32k - ok
18:08:58.0531 0x0cd8  [ 673241D314E932F4890509AE8EBF26DB, C739993F99F2BABFF831CA116A683C2C452F834DFC61B3850063FF41E7BE71EC ] ctaud2k         C:\WINDOWS\system32\drivers\ctaud2k.sys
18:08:58.0546 0x0cd8  ctaud2k - ok
18:08:58.0578 0x0cd8  [ 472B82D7E549E7FAB428852E4D16F21D, D79E9806ABDA55185337469FB612012913B5D9F5213F9C10F448F2AD6BACA2A2 ] CTAUDFX.DLL     C:\WINDOWS\system32\CTAUDFX.DLL
18:08:58.0593 0x0cd8  CTAUDFX.DLL - ok
18:08:58.0656 0x0cd8  [ ED316D4C3D39C5B6C23DE067E275C183, 9CF974809CAA573407D30D838EC339F6BCD9A164464A764EE473C82F43AF84B2 ] ctdvda2k        C:\WINDOWS\system32\drivers\ctdvda2k.sys
18:08:58.0656 0x0cd8  ctdvda2k - ok
18:08:58.0703 0x0cd8  [ 6A57F82009563AEE8826F117E1D3C72C, C1D8E5AF7571B01C039B431862F5937F1315996D8039F48780E856F7640A99D1 ] CTEAPSFX.DLL    C:\WINDOWS\system32\CTEAPSFX.DLL
18:08:58.0703 0x0cd8  CTEAPSFX.DLL - ok
18:08:58.0734 0x0cd8  [ C8AC1FFAEADD655193D7B1811A572D8D, 708A16A6A642F5A21FDFA478964B4D428ACA329CBE6308BAB3759B5C058955E2 ] CTEDSPFX.DLL    C:\WINDOWS\system32\CTEDSPFX.DLL
18:08:58.0750 0x0cd8  CTEDSPFX.DLL - ok
18:08:58.0781 0x0cd8  [ 44495D9DAF675257D00B25B041EE6667, 23123D90B9C6E42FE3871D0F417A413BC5515543B9F380D158D523806E29401B ] CTEDSPIO.DLL    C:\WINDOWS\system32\CTEDSPIO.DLL
18:08:58.0781 0x0cd8  CTEDSPIO.DLL - ok
18:08:58.0812 0x0cd8  [ 8E90B1762CB42E2FC76DAC9210C83C66, 3F9FABCC92F10234D86E75B5FBC97096FF5EF49694B20B8A425F063C03368F86 ] CTEDSPSY.DLL    C:\WINDOWS\system32\CTEDSPSY.DLL
18:08:58.0828 0x0cd8  CTEDSPSY.DLL - ok
18:08:58.0875 0x0cd8  [ D3FBD9983325435B06795F29CB57ED3D, 61649EC01E15F9D3A91428FB4150C5441F9C568A04C3389F1E7A2F4217B938C0 ] CTERFXFX.DLL    C:\WINDOWS\system32\CTERFXFX.DLL
18:08:58.0875 0x0cd8  CTERFXFX.DLL - ok
18:08:58.0968 0x0cd8  [ 2C48E9D8CA703964463F27AE341115B7, 7EB81214200A4ED6BFAFC7F1CC70353F136BEF8CA55953EF554C73FD78357885 ] CTEXFIFX.DLL    C:\WINDOWS\system32\CTEXFIFX.DLL
18:08:59.0015 0x0cd8  CTEXFIFX.DLL - ok
18:08:59.0062 0x0cd8  [ F7657C598E7C29C6683C1E4A8DD68884, 84EA9946F00141A839C42FE19DB9B3A589433E472D26D6126D084B7F217B2642 ] CTHWIUT.DLL     C:\WINDOWS\system32\CTHWIUT.DLL
18:08:59.0062 0x0cd8  CTHWIUT.DLL - ok
18:08:59.0093 0x0cd8  [ 34E7F8A499FD8361DF14FEDB724C0AD3, 57AB7DEA85308FF262B9E566C1F1B00D984E2558F4461E1AF8FE7C4D56876E77 ] ctprxy2k        C:\WINDOWS\system32\drivers\ctprxy2k.sys
18:08:59.0093 0x0cd8  ctprxy2k - ok
18:08:59.0140 0x0cd8  [ 679AE21EB7F48A08184813AEBABDEC7C, 48551B1D9263F92FCAB3110ADDAE79D646391140281577E60175D3BF74CE7F24 ] CTSBLFX.DLL     C:\WINDOWS\system32\CTSBLFX.DLL
18:08:59.0156 0x0cd8  CTSBLFX.DLL - ok
18:08:59.0171 0x0cd8  [ 32098497CB4DFE9EA7660FA62DD91060, 4C5B942AE1EDB1444FDE074A8889074003D343B013BEE28D3AE450BAA4C89D65 ] ctsfm2k         C:\WINDOWS\system32\drivers\ctsfm2k.sys
18:08:59.0187 0x0cd8  ctsfm2k - ok
18:08:59.0250 0x0cd8  [ E550E7418984B65A78299D248F0A7F36, 52F6BD1027E91F9A90AFAB82C7F2A0314B7E55262F5293D5F9F8F12135EDD88C ] dac2w2k         C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
18:08:59.0250 0x0cd8  dac2w2k - ok
18:08:59.0265 0x0cd8  [ 683789CAA3864EB46125AE86FF677D34, B725D026E069AD253192E21245260CBA44EF3C72781616A2CAD0BF0E2D86D510 ] dac960nt        C:\WINDOWS\system32\DRIVERS\dac960nt.sys
18:08:59.0265 0x0cd8  dac960nt - ok
18:08:59.0343 0x0cd8  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
18:08:59.0375 0x0cd8  DcomLaunch - ok
18:08:59.0437 0x0cd8  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
18:08:59.0437 0x0cd8  Dhcp - ok
18:08:59.0453 0x0cd8  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
18:08:59.0453 0x0cd8  Disk - ok
18:08:59.0468 0x0cd8  dmadmin - ok
18:08:59.0531 0x0cd8  [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
18:08:59.0562 0x0cd8  dmboot - ok
18:08:59.0578 0x0cd8  [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
18:08:59.0593 0x0cd8  dmio - ok
18:08:59.0609 0x0cd8  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
18:08:59.0609 0x0cd8  dmload - ok
18:08:59.0656 0x0cd8  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        C:\WINDOWS\System32\dmserver.dll
18:08:59.0656 0x0cd8  dmserver - ok
18:08:59.0671 0x0cd8  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
18:08:59.0671 0x0cd8  DMusic - ok
18:08:59.0750 0x0cd8  [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
18:08:59.0750 0x0cd8  Dnscache - ok
18:08:59.0781 0x0cd8  [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
18:08:59.0796 0x0cd8  Dot3svc - ok
18:08:59.0828 0x0cd8  [ 40F3B93B4E5B0126F2F5C0A7A5E22660, 8AFFF28903037F5E36BB5352F2B236A217558FCC0146B23C787606C3F21243DB ] dpti2o          C:\WINDOWS\system32\DRIVERS\dpti2o.sys
18:08:59.0828 0x0cd8  dpti2o - ok
18:08:59.0890 0x0cd8  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
18:08:59.0890 0x0cd8  drmkaud - ok
18:08:59.0921 0x0cd8  [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         C:\WINDOWS\System32\eapsvc.dll
18:08:59.0921 0x0cd8  EapHost - ok
18:09:00.0046 0x0cd8  [ 5D1347AA5AE6E2F77D7F4F8372D95AC9, F3CA10753B7D76C87A71A0FEDB5EACE77E2E10E8DD44BEE7C66BCE17BD3EFD71 ] ehRecvr         C:\WINDOWS\eHome\ehRecvr.exe
18:09:00.0062 0x0cd8  ehRecvr - ok
18:09:00.0125 0x0cd8  [ A53243709439AC2A4C216B817F8D7411, AF4624EEA9B165DE873B7D104D1EA3BE9A14BBC5B4CABE26544F90B78689EEF9 ] ehSched         C:\WINDOWS\eHome\ehSched.exe
18:09:00.0125 0x0cd8  ehSched - ok
18:09:00.0156 0x0cd8  [ 2885F72D2DAFFD0329272F12E16D6579, 2F847799C692419F2A4EBF97272ECB5F99FD5AB6172A2F4BE2655442CA6360B2 ] emupia          C:\WINDOWS\system32\drivers\emupia2k.sys
18:09:00.0156 0x0cd8  emupia - ok
18:09:00.0187 0x0cd8  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
18:09:00.0187 0x0cd8  ERSvc - ok
18:09:00.0234 0x0cd8  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog        C:\WINDOWS\system32\services.exe
18:09:00.0234 0x0cd8  Eventlog - ok
18:09:00.0312 0x0cd8  [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem     C:\WINDOWS\system32\es.dll
18:09:00.0328 0x0cd8  EventSystem - ok
18:09:00.0343 0x0cd8  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
18:09:00.0359 0x0cd8  Fastfat - ok
18:09:00.0421 0x0cd8  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
18:09:00.0421 0x0cd8  FastUserSwitchingCompatibility - ok
18:09:00.0484 0x0cd8  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
18:09:00.0484 0x0cd8  Fdc - ok
18:09:00.0515 0x0cd8  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
18:09:00.0515 0x0cd8  Fips - ok
18:09:00.0531 0x0cd8  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
18:09:00.0531 0x0cd8  Flpydisk - ok
18:09:00.0593 0x0cd8  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
18:09:00.0609 0x0cd8  FltMgr - ok
18:09:00.0703 0x0cd8  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
18:09:00.0718 0x0cd8  FontCache3.0.0.0 - ok
18:09:00.0750 0x0cd8  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:09:00.0750 0x0cd8  Fs_Rec - ok
18:09:00.0765 0x0cd8  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:09:00.0765 0x0cd8  Ftdisk - ok
18:09:00.0796 0x0cd8  [ 065639773D8B03F33577F6CDAEA21063, F20D0F3256F5F894CCA48755B23679619B5D02A0F64A142FC6CB619FC0952067 ] gameenum        C:\WINDOWS\system32\DRIVERS\gameenum.sys
18:09:00.0796 0x0cd8  gameenum - ok
18:09:00.0828 0x0cd8  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:09:00.0828 0x0cd8  Gpc - ok
18:09:00.0921 0x0cd8  [ DA2C735B66D2E7B739F9A46146581A9D, 6687721ED7EB80092B165F3E4FD08425CE74BFC39F4AA0B2A6144007B8992AB1 ] ha10kx2k        C:\WINDOWS\system32\drivers\ha10kx2k.sys
18:09:00.0953 0x0cd8  ha10kx2k - ok
18:09:00.0984 0x0cd8  [ 5C7D6D68796E4621B4168C879908DAE0, EE2FE26A2FBA7CC6935DA08C5D212C08ABF48C6C6E06CFDF408B49589BA501F7 ] hap16v2k        C:\WINDOWS\system32\drivers\hap16v2k.sys
18:09:01.0000 0x0cd8  hap16v2k - ok
18:09:01.0031 0x0cd8  [ A595B88AD16D8B5693DDF08113CAF30E, B46ECF3C26065374593C87A3CE305FACEB5B5B4B0F994C7895F25332703E8FC2 ] hap17v2k        C:\WINDOWS\system32\drivers\hap17v2k.sys
18:09:01.0046 0x0cd8  hap17v2k - ok
18:09:01.0140 0x0cd8  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:09:01.0140 0x0cd8  helpsvc - ok
18:09:01.0203 0x0cd8  [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ         C:\WINDOWS\System32\hidserv.dll
18:09:01.0203 0x0cd8  HidServ - ok
18:09:01.0218 0x0cd8  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:09:01.0218 0x0cd8  HidUsb - ok
18:09:01.0265 0x0cd8  [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
18:09:01.0265 0x0cd8  hkmsvc - ok
18:09:01.0312 0x0cd8  [ B028377DEA0546A5FCFBA928A8AEFAE0, FD7B34A6036AD443014B16394A5F051A298CEE4276D50525FB9F15A0D2684C8B ] hpn             C:\WINDOWS\system32\DRIVERS\hpn.sys
18:09:01.0312 0x0cd8  hpn - ok
18:09:01.0390 0x0cd8  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
18:09:01.0406 0x0cd8  HTTP - ok
18:09:01.0453 0x0cd8  [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
18:09:01.0468 0x0cd8  HTTPFilter - ok
18:09:01.0515 0x0cd8  [ 9368670BD426EBEA5E8B18A62416EC28, 0ED865F8FB79F0B6309521925280E8640DB5CA6F75377434830536899734B6EE ] i2omgmt         C:\WINDOWS\system32\drivers\i2omgmt.sys
18:09:01.0515 0x0cd8  i2omgmt - ok
18:09:01.0531 0x0cd8  [ F10863BF1CCC290BABD1A09188AE49E0, BC038EAE6C8A76D56A5AD27035DC0369D6E766711E9FAA7467144370851F1615 ] i2omp           C:\WINDOWS\system32\DRIVERS\i2omp.sys
18:09:01.0531 0x0cd8  i2omp - ok
18:09:01.0546 0x0cd8  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:09:01.0546 0x0cd8  i8042prt - ok
18:09:01.0640 0x0cd8  [ 309C4D86D989FB1FCF64BD30DC81C51B, 90412120B005D5178E27EFD09D52005BE6CE1965E5CBB59612EAD02C5896A8A7 ] iaStor          C:\WINDOWS\system32\DRIVERS\IASTOR.SYS
18:09:01.0671 0x0cd8  iaStor - ok
18:09:01.0906 0x0cd8  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
18:09:01.0906 0x0cd8  IDriverT - ok
18:09:02.0031 0x0cd8  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:09:02.0062 0x0cd8  idsvc - ok
18:09:02.0093 0x0cd8  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
18:09:02.0093 0x0cd8  Imapi - ok
18:09:02.0171 0x0cd8  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    C:\WINDOWS\system32\imapi.exe
18:09:02.0171 0x0cd8  ImapiService - ok
18:09:02.0234 0x0cd8  [ 4A40E045FAEE58631FD8D91AFC620719, 7A2FD81BD483821B3DA01B1CD7215423EDD719CBE3862C0342FF7D21A17AF437 ] ini910u         C:\WINDOWS\system32\DRIVERS\ini910u.sys
18:09:02.0234 0x0cd8  ini910u - ok
18:09:02.0250 0x0cd8  [ B5466A9250342A7AA0CD1FBA13420678, 87E735C4E8924A883AB692D387A83BCBFAE6E165688336AE7AB488F7CA8D339E ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
18:09:02.0250 0x0cd8  IntelIde - ok
18:09:02.0296 0x0cd8  [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
18:09:02.0296 0x0cd8  intelppm - ok
18:09:02.0343 0x0cd8  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
18:09:02.0343 0x0cd8  Ip6Fw - ok
18:09:02.0359 0x0cd8  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:09:02.0359 0x0cd8  IpFilterDriver - ok
18:09:02.0375 0x0cd8  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:09:02.0390 0x0cd8  IpInIp - ok
18:09:02.0437 0x0cd8  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:09:02.0437 0x0cd8  IpNat - ok
18:09:02.0453 0x0cd8  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:09:02.0468 0x0cd8  IPSec - ok
18:09:02.0500 0x0cd8  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
18:09:02.0500 0x0cd8  IRENUM - ok
18:09:02.0515 0x0cd8  [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:09:02.0515 0x0cd8  isapnp - ok
18:09:02.0562 0x0cd8  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:09:02.0562 0x0cd8  Kbdclass - ok
18:09:02.0625 0x0cd8  [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
18:09:02.0625 0x0cd8  kbdhid - ok
18:09:02.0640 0x0cd8  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
18:09:02.0656 0x0cd8  kmixer - ok
18:09:02.0718 0x0cd8  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
18:09:02.0718 0x0cd8  KSecDD - ok
18:09:02.0781 0x0cd8  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
18:09:02.0781 0x0cd8  lanmanserver - ok
18:09:02.0843 0x0cd8  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
18:09:02.0843 0x0cd8  lanmanworkstation - ok
18:09:02.0859 0x0cd8  lbrtfdc - ok
18:09:02.0937 0x0cd8  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
18:09:02.0937 0x0cd8  LmHosts - ok
18:09:02.0953 0x0cd8  lxbt_device - ok
18:09:03.0000 0x0cd8  [ 4470E3C1E0C3378E4CAB137893C12C3A, CA8E66356F0E671D5454E561E7EAD74DE25DCF53BE452369F96ECACFA8709489 ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
18:09:03.0000 0x0cd8  MBAMProtector - ok
18:09:03.0093 0x0cd8  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:09:03.0109 0x0cd8  MBAMScheduler - ok
18:09:03.0171 0x0cd8  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
18:09:03.0187 0x0cd8  MBAMService - ok
18:09:03.0250 0x0cd8  [ DF0A511F38F16016BF658FCA0090CB87, 6D2F6360A4E1D369607F2F394B4A8C6EE8EEE9FA46A67394769E9C0044529B6C ] McrdSvc         C:\WINDOWS\ehome\mcrdsvc.exe
18:09:03.0250 0x0cd8  McrdSvc - ok
18:09:03.0296 0x0cd8  [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
18:09:03.0296 0x0cd8  Messenger - ok
18:09:03.0312 0x0cd8  [ B7521F69C0A9B29D356157229376FB21, A77C89BDC181038DD0F9A8AC0F7164B10EF9C54B0C57D8BAB8BC27932EBF890B ] MHN             C:\WINDOWS\System32\mhn.dll
18:09:03.0328 0x0cd8  MHN - ok
18:09:03.0343 0x0cd8  [ 7F2F1D2815A6449D346FCCCBC569FBD6, 1C5A321CE95CE4D9AA2CB5A00E9B7E711521A6BBB25D36F7F49A397C361585C6 ] MHNDRV          C:\WINDOWS\system32\DRIVERS\mhndrv.sys
18:09:03.0343 0x0cd8  MHNDRV - ok
18:09:03.0390 0x0cd8  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
18:09:03.0390 0x0cd8  mnmdd - ok
18:09:03.0453 0x0cd8  [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
18:09:03.0453 0x0cd8  mnmsrvc - ok
18:09:03.0484 0x0cd8  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
18:09:03.0484 0x0cd8  Modem - ok
18:09:03.0515 0x0cd8  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:09:03.0515 0x0cd8  Mouclass - ok
18:09:03.0546 0x0cd8  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:09:03.0546 0x0cd8  mouhid - ok
18:09:03.0593 0x0cd8  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
18:09:03.0593 0x0cd8  MountMgr - ok
18:09:03.0671 0x0cd8  [ 0329A45C849C9D77901094B8FFE8BBB9, 2151C15A4185FABBC3367B8213017B45E08C43E26E1D8942E707E217C6A5EDA7 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:09:03.0671 0x0cd8  MozillaMaintenance - ok
18:09:03.0703 0x0cd8  [ 24406D75B40F0F6B3C1AC7031D734565, B58AA80E9C3738CFD826D7C8129D5467166A4397CCFEEEF7F14542DEBB659A51 ] MpFilter        C:\WINDOWS\system32\DRIVERS\MpFilter.sys
18:09:03.0718 0x0cd8  MpFilter - ok
18:09:03.0953 0x0cd8  [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKslf0180d20   c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0E5A2A87-E74F-483B-8661-0169D864F7A5}\MpKslf0180d20.sys
18:09:03.0953 0x0cd8  MpKslf0180d20 - ok
18:09:03.0968 0x0cd8  [ 3F4BB95E5A44F3BE34824E8E7CAF0737, 9A4F9E63AA55B779AF3563C66C8E40D9C42FF3BB5F533F70905ADC7A44EA7DAD ] mraid35x        C:\WINDOWS\system32\DRIVERS\mraid35x.sys
18:09:03.0968 0x0cd8  mraid35x - ok
18:09:04.0015 0x0cd8  [ 9BD4DCB5412921864A7AACDEDFBD1923, 46DEE9B9414D26203B62F0D6CAEBF37A3CEFD118556129547B2C5FC7B6FDBA05 ] MREMP50         C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
18:09:04.0031 0x0cd8  MREMP50 - ok
18:09:04.0046 0x0cd8  [ 07C02C892E8E1A72D6BF35004F0E9C5E, 09ECD59AADF08E2AA0C1BAF5D3D7CBB0948153E531E1F82ECACD43F14F88106B ] MRESP50         C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
18:09:04.0046 0x0cd8  MRESP50 - ok
18:09:04.0093 0x0cd8  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:09:04.0093 0x0cd8  MRxDAV - ok
18:09:04.0187 0x0cd8  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:09:04.0187 0x0cd8  MRxSmb - ok
18:09:04.0250 0x0cd8  [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
18:09:04.0250 0x0cd8  MSDTC - ok
18:09:04.0281 0x0cd8  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
18:09:04.0281 0x0cd8  Msfs - ok
18:09:04.0296 0x0cd8  MSIServer - ok
18:09:04.0359 0x0cd8  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:09:04.0359 0x0cd8  MSKSSRV - ok
18:09:04.0453 0x0cd8  [ 0A7F86657755ADA92C57E597BF5151F7, E226DFF12C4930DF1D0F1D2E7CE7BFFDF62F6DC402200EEFE196D14172A59B63 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
18:09:04.0453 0x0cd8  MsMpSvc - ok
18:09:04.0484 0x0cd8  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:09:04.0484 0x0cd8  MSPCLOCK - ok
18:09:04.0515 0x0cd8  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
18:09:04.0531 0x0cd8  MSPQM - ok
18:09:04.0578 0x0cd8  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:09:04.0578 0x0cd8  mssmbios - ok
18:09:04.0593 0x0cd8  [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
18:09:04.0593 0x0cd8  MSTEE - ok
18:09:04.0625 0x0cd8  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
18:09:04.0640 0x0cd8  Mup - ok
18:09:04.0671 0x0cd8  [ E1CDF20697D992CF83FF86DD04DF1285, F11EFA7B96672225BFB4302CD2272AD0D189973CBC24E9DA71FC3C7DAA78D4EA ] mxnic           C:\WINDOWS\system32\DRIVERS\mxnic.sys
18:09:04.0671 0x0cd8  mxnic - ok
18:09:04.0687 0x0cd8  [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
18:09:04.0703 0x0cd8  NABTSFEC - ok
18:09:04.0734 0x0cd8  [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        C:\WINDOWS\System32\qagentrt.dll
18:09:04.0750 0x0cd8  napagent - ok
18:09:04.0921 0x0cd8  [ 3BAE2BFCB6D69E19C8373F635DD544DC, A32DB5282ED5AFC1650883B1870E46FDC029EF9225075E6916D2E371F18D8B9E ] NBService       C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
18:09:04.0953 0x0cd8  NBService - ok
18:09:04.0984 0x0cd8  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
18:09:04.0984 0x0cd8  NDIS - ok
18:09:05.0031 0x0cd8  [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
18:09:05.0031 0x0cd8  NdisIP - ok
18:09:05.0062 0x0cd8  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:09:05.0062 0x0cd8  NdisTapi - ok
18:09:05.0125 0x0cd8  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:09:05.0125 0x0cd8  Ndisuio - ok
18:09:05.0156 0x0cd8  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:09:05.0156 0x0cd8  NdisWan - ok
18:09:05.0218 0x0cd8  [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
18:09:05.0218 0x0cd8  NDProxy - ok
18:09:05.0265 0x0cd8  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
18:09:05.0281 0x0cd8  NetBIOS - ok
18:09:05.0312 0x0cd8  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
18:09:05.0328 0x0cd8  NetBT - ok
18:09:05.0359 0x0cd8  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          C:\WINDOWS\system32\netdde.exe
18:09:05.0375 0x0cd8  NetDDE - ok
18:09:05.0390 0x0cd8  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
18:09:05.0390 0x0cd8  NetDDEdsdm - ok
18:09:05.0437 0x0cd8  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        C:\WINDOWS\system32\lsass.exe
18:09:05.0437 0x0cd8  Netlogon - ok
18:09:05.0500 0x0cd8  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          C:\WINDOWS\System32\netman.dll
18:09:05.0500 0x0cd8  Netman - ok
18:09:05.0562 0x0cd8  [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:09:05.0562 0x0cd8  NetTcpPortSharing - ok
18:09:05.0609 0x0cd8  [ E9E47CFB2D461FA0FC75B7A74C6383EA, 544136F5BFD4DC23D45E90F12FA48B82FD9EAEA9EAF3E0F5F0BD27E23D672C3E ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
18:09:05.0609 0x0cd8  NIC1394 - ok
18:09:05.0640 0x0cd8  [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla             C:\WINDOWS\System32\mswsock.dll
18:09:05.0656 0x0cd8  Nla - ok
18:09:05.0828 0x0cd8  [ 193FA51DDDD0BFFDED1C340F0434999A, C05CA0A8568E9CBDA15633ED420C29F52082114B2B9F24EB61369E42C480C080 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
18:09:05.0843 0x0cd8  NMIndexingService - ok
18:09:05.0906 0x0cd8  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
18:09:05.0906 0x0cd8  Npfs - ok
18:09:05.0937 0x0cd8  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
18:09:05.0953 0x0cd8  Ntfs - ok
18:09:05.0968 0x0cd8  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
18:09:05.0968 0x0cd8  NtLmSsp - ok
18:09:06.0031 0x0cd8  [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
18:09:06.0046 0x0cd8  NtmsSvc - ok
18:09:06.0093 0x0cd8  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
18:09:06.0093 0x0cd8  Null - ok
18:09:06.0218 0x0cd8  [ 2B298519EDBFCF451D43E0F1E8F1006D, 67F3F2001F4C8DABD253D60AB3222793635532DC51AD977954286F8A246F5592 ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
18:09:06.0281 0x0cd8  nv - ok
18:09:06.0312 0x0cd8  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:09:06.0312 0x0cd8  NwlnkFlt - ok
18:09:06.0343 0x0cd8  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:09:06.0343 0x0cd8  NwlnkFwd - ok
18:09:06.0375 0x0cd8  [ CA33832DF41AFB202EE7AEB05145922F, 9DD0089C2E13C7F81214C3B5A4A61276292052F9BBFEA7FCD0F6AA27815D5F95 ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
18:09:06.0375 0x0cd8  ohci1394 - ok
18:09:06.0406 0x0cd8  [ 61C85AFEAA6EF0C1B32D43F84F7BFBCF, 5593350B3856FAB6895388BDD6CF280C3DA4528EE31AC2A01FEDF236A8B7ED41 ] ossrv           C:\WINDOWS\system32\drivers\ctoss2k.sys
18:09:06.0406 0x0cd8  ossrv - ok
18:09:06.0484 0x0cd8  [ C90018BAFDC7098619A4A95B046B30F3, 1826E46F237AD65BA189B83803A46A6C2B29089C1BA146106ADD9F2B04D4A89D ] P3              C:\WINDOWS\system32\DRIVERS\p3.sys
18:09:06.0484 0x0cd8  P3 - ok
18:09:06.0500 0x0cd8  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
18:09:06.0500 0x0cd8  Parport - ok
18:09:06.0515 0x0cd8  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
18:09:06.0515 0x0cd8  PartMgr - ok
18:09:06.0562 0x0cd8  [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
18:09:06.0562 0x0cd8  ParVdm - ok
18:09:06.0578 0x0cd8  [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
18:09:06.0578 0x0cd8  PCI - ok
18:09:06.0593 0x0cd8  PCIDump - ok
18:09:06.0609 0x0cd8  [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
18:09:06.0609 0x0cd8  PCIIde - ok
18:09:06.0640 0x0cd8  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
18:09:06.0640 0x0cd8  Pcmcia - ok
18:09:06.0656 0x0cd8  PDCOMP - ok
18:09:06.0671 0x0cd8  PDFRAME - ok
18:09:06.0687 0x0cd8  PDRELI - ok
18:09:06.0703 0x0cd8  PDRFRAME - ok
18:09:06.0703 0x0cd8  [ 6C14B9C19BA84F73D3A86DBA11133101, 2CFB7E027E43C1B3890985DFD7987B23E4E3CC003E3FD2583E4A8AC1F8A13B26 ] perc2           C:\WINDOWS\system32\DRIVERS\perc2.sys
18:09:06.0718 0x0cd8  perc2 - ok
18:09:06.0718 0x0cd8  [ F50F7C27F131AFE7BEBA13E14A3B9416, C0498EA65B908C07A734324ED70DB27F434FAAA815DD02F1BC429A3AB6C663D5 ] perc2hib        C:\WINDOWS\system32\DRIVERS\perc2hib.sys
18:09:06.0718 0x0cd8  perc2hib - ok
18:09:06.0781 0x0cd8  [ 875E4E0661F3A5994DF9E5E3A0A4F96B, 7198C02935B3714C455EE94305D2A21D900D72AC67049C11A1E842572AD6C5E1 ] PLFlash DeviceIoControl Service C:\WINDOWS\system32\IoctlSvc.exe
18:09:06.0796 0x0cd8  PLFlash DeviceIoControl Service - ok
18:09:06.0812 0x0cd8  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay        C:\WINDOWS\system32\services.exe
18:09:06.0828 0x0cd8  PlugPlay - ok
18:09:06.0843 0x0cd8  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
18:09:06.0843 0x0cd8  PolicyAgent - ok
18:09:06.0859 0x0cd8  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:09:06.0859 0x0cd8  PptpMiniport - ok
18:09:06.0875 0x0cd8  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
18:09:06.0875 0x0cd8  ProtectedStorage - ok
18:09:06.0906 0x0cd8  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
18:09:06.0906 0x0cd8  PSched - ok
18:09:06.0921 0x0cd8  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:09:06.0921 0x0cd8  Ptilink - ok
18:09:06.0953 0x0cd8  [ 617ACCADA2E0A0F43EC6030BBAC49513, D1117E8ED757B485CD58E8790595EA50C3AB0EF336AD6F789E0B63A0773A8023 ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
18:09:06.0953 0x0cd8  PxHelp20 - ok
18:09:06.0968 0x0cd8  [ 0A63FB54039EB5662433CABA3B26DBA7, A1FB923EB2D08D89D24E8AD7042BBED7CB1DBDA9A5B77BDD188E9913BADAB0EF ] ql1080          C:\WINDOWS\system32\DRIVERS\ql1080.sys
18:09:06.0968 0x0cd8  ql1080 - ok
18:09:06.0984 0x0cd8  [ 6503449E1D43A0FF0201AD5CB1B8C706, F1EFC2DE5998615CB182D7984366631FE956AE1ECA9AC777F26FCA2E6F2E05A6 ] Ql10wnt         C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
18:09:06.0984 0x0cd8  Ql10wnt - ok
18:09:07.0000 0x0cd8  [ 156ED0EF20C15114CA097A34A30D8A01, 7490B90D4C88B7A9BADB9473D4033535F054C797ABF6D542CB859DA5C9B2586A ] ql12160         C:\WINDOWS\system32\DRIVERS\ql12160.sys
18:09:07.0000 0x0cd8  ql12160 - ok
18:09:07.0015 0x0cd8  [ 70F016BEBDE6D29E864C1230A07CC5E6, 895BC2C888F6566086FC1399F499A401D447E57333BC9F9C6DBAFE0F117603D6 ] ql1240          C:\WINDOWS\system32\DRIVERS\ql1240.sys
18:09:07.0015 0x0cd8  ql1240 - ok
18:09:07.0031 0x0cd8  [ 907F0AEEA6BC451011611E732BD31FCF, F9E7023BD1042963110D0A613054D094437868B20779F23C316A38E4781A6152 ] ql1280          C:\WINDOWS\system32\DRIVERS\ql1280.sys
18:09:07.0031 0x0cd8  ql1280 - ok
18:09:07.0046 0x0cd8  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:09:07.0046 0x0cd8  RasAcd - ok
18:09:07.0109 0x0cd8  [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto         C:\WINDOWS\System32\rasauto.dll
18:09:07.0109 0x0cd8  RasAuto - ok
18:09:07.0125 0x0cd8  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:09:07.0125 0x0cd8  Rasl2tp - ok
18:09:07.0171 0x0cd8  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan          C:\WINDOWS\System32\rasmans.dll
18:09:07.0187 0x0cd8  RasMan - ok
18:09:07.0203 0x0cd8  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:09:07.0203 0x0cd8  RasPppoe - ok
18:09:07.0250 0x0cd8  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
18:09:07.0250 0x0cd8  Raspti - ok
18:09:07.0281 0x0cd8  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:09:07.0296 0x0cd8  Rdbss - ok
18:09:07.0312 0x0cd8  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:09:07.0312 0x0cd8  RDPCDD - ok
18:09:07.0328 0x0cd8  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
18:09:07.0343 0x0cd8  rdpdr - ok
18:09:07.0406 0x0cd8  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
18:09:07.0421 0x0cd8  RDPWD - ok
18:09:07.0453 0x0cd8  [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
18:09:07.0453 0x0cd8  RDSessMgr - ok
18:09:07.0484 0x0cd8  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
18:09:07.0484 0x0cd8  redbook - ok
18:09:07.0531 0x0cd8  [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
18:09:07.0531 0x0cd8  RemoteAccess - ok
18:09:07.0562 0x0cd8  [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
18:09:07.0562 0x0cd8  RemoteRegistry - ok
18:09:07.0718 0x0cd8  [ 06A49B7BDC36CFBF97DD90804F833369, 0E02B50F9F371162E18D5E4FFEF1669E9B5B75460618B10FD31E63F2ACC50A90 ] RichVideo       C:\Program Files\CyberLink\Shared Files\RichVideo.exe
18:09:07.0734 0x0cd8  RichVideo - ok
18:09:07.0781 0x0cd8  [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator      C:\WINDOWS\system32\locator.exe
18:09:07.0781 0x0cd8  RpcLocator - ok
18:09:07.0828 0x0cd8  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs           C:\WINDOWS\system32\rpcss.dll
18:09:07.0859 0x0cd8  RpcSs - ok
18:09:07.0921 0x0cd8  [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            C:\WINDOWS\system32\rsvp.exe
18:09:07.0921 0x0cd8  RSVP - ok
18:09:07.0953 0x0cd8  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs           C:\WINDOWS\system32\lsass.exe
18:09:07.0968 0x0cd8  SamSs - ok
18:09:07.0984 0x0cd8  [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
18:09:07.0984 0x0cd8  SCardSvr - ok
18:09:08.0015 0x0cd8  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
18:09:08.0031 0x0cd8  Schedule - ok
18:09:08.0078 0x0cd8  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:09:08.0078 0x0cd8  Secdrv - ok
18:09:08.0125 0x0cd8  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon        C:\WINDOWS\System32\seclogon.dll
18:09:08.0125 0x0cd8  seclogon - ok
18:09:08.0218 0x0cd8  [ B9C7617C1E8AB6FDFF75D3C8DAFCB4C8, E94F7E97AAB80600DED0310160527C3CC8CAC8593EC2FBEAED2EF5EC5A6C4086 ] senfilt         C:\WINDOWS\system32\drivers\senfilt.sys
18:09:08.0250 0x0cd8  senfilt - ok
18:09:08.0312 0x0cd8  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS            C:\WINDOWS\system32\sens.dll
18:09:08.0312 0x0cd8  SENS - ok
18:09:08.0343 0x0cd8  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] Serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
18:09:08.0359 0x0cd8  Serenum - ok
18:09:08.0375 0x0cd8  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
18:09:08.0375 0x0cd8  Serial - ok
18:09:08.0453 0x0cd8  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
18:09:08.0453 0x0cd8  Sfloppy - ok
18:09:08.0531 0x0cd8  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
18:09:08.0531 0x0cd8  SharedAccess - ok
18:09:08.0562 0x0cd8  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:09:08.0578 0x0cd8  ShellHWDetection - ok
18:09:08.0578 0x0cd8  Simbad - ok
18:09:08.0609 0x0cd8  [ 6B33D0EBD30DB32E27D1D78FE946A754, CDA3D082D370B079C06D943DA124D76BAF0C5DB264FB0C893148EF6322D2FABE ] sisagp          C:\WINDOWS\system32\DRIVERS\sisagp.sys
18:09:08.0609 0x0cd8  sisagp - ok
18:09:08.0656 0x0cd8  [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
18:09:08.0656 0x0cd8  SLIP - ok
18:09:08.0718 0x0cd8  [ C6D9959E493682F872A639B6EC1B4A08, 5B6D3FD23A44422F8B3972CF47BF16B5015DC0CCF7EF59FADAFEEF1AEE32958B ] smwdm           C:\WINDOWS\system32\drivers\smwdm.sys
18:09:08.0718 0x0cd8  smwdm - ok
18:09:08.0765 0x0cd8  [ 83C0F71F86D3BDAF915685F3D568B20E, 10B24723914A5A9E27A592FD58DAE2207B6E49F13A17CD2B1477C51D2D609D2E ] Sparrow         C:\WINDOWS\system32\DRIVERS\sparrow.sys
18:09:08.0765 0x0cd8  Sparrow - ok
18:09:08.0796 0x0cd8  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
18:09:08.0796 0x0cd8  splitter - ok
18:09:08.0875 0x0cd8  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
18:09:08.0875 0x0cd8  Spooler - ok
18:09:08.0890 0x0cd8  [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
18:09:08.0890 0x0cd8  sr - ok
18:09:08.0953 0x0cd8  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice       C:\WINDOWS\system32\srsvc.dll
18:09:08.0968 0x0cd8  srservice - ok
18:09:09.0031 0x0cd8  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
18:09:09.0046 0x0cd8  Srv - ok
18:09:09.0093 0x0cd8  [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
18:09:09.0093 0x0cd8  SSDPSRV - ok
18:09:09.0140 0x0cd8  [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
18:09:09.0156 0x0cd8  stisvc - ok
18:09:09.0203 0x0cd8  [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
18:09:09.0203 0x0cd8  streamip - ok
18:09:09.0234 0x0cd8  [ C86A229BB5CB5DC47498B2C530A9458E, EA5BFA0741B520340F3728F6D68BF9F7F4DAC8220332EB016899D86AE02508CE ] SWDUMon         C:\WINDOWS\system32\DRIVERS\SWDUMon.sys
18:09:09.0234 0x0cd8  SWDUMon - ok
18:09:09.0281 0x0cd8  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
18:09:09.0281 0x0cd8  swenum - ok
18:09:09.0296 0x0cd8  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
18:09:09.0296 0x0cd8  swmidi - ok
18:09:09.0312 0x0cd8  SwPrv - ok
18:09:09.0375 0x0cd8  [ 1FF3217614018630D0A6758630FC698C, 78A3075BBFF5D7ADEAC1527E65ACA8527BFC509DF124D44410BB46C4D96C96BB ] symc810         C:\WINDOWS\system32\DRIVERS\symc810.sys
18:09:09.0375 0x0cd8  symc810 - ok
18:09:09.0390 0x0cd8  [ 070E001D95CF725186EF8B20335F933C, B98B29FB01741AF3B4BB02C76A4D117EA04FE4CC4F8CDB491F9216931704A6D8 ] symc8xx         C:\WINDOWS\system32\DRIVERS\symc8xx.sys
18:09:09.0390 0x0cd8  symc8xx - ok
18:09:09.0406 0x0cd8  [ 80AC1C4ABBE2DF3B738BF15517A51F2C, CCF82D09C63F4FA98BCBEF3A1DC8C02D4269B78256D0B6213E815D9BBE174432 ] sym_hi          C:\WINDOWS\system32\DRIVERS\sym_hi.sys
18:09:09.0406 0x0cd8  sym_hi - ok
18:09:09.0421 0x0cd8  [ BF4FAB949A382A8E105F46EBB4937058, FE7C114A19D50E37463CDD3605C26105A779EEA79CB92BF98267C7BE809D853B ] sym_u3          C:\WINDOWS\system32\DRIVERS\sym_u3.sys
18:09:09.0421 0x0cd8  sym_u3 - ok
18:09:09.0453 0x0cd8  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
18:09:09.0453 0x0cd8  sysaudio - ok
18:09:09.0515 0x0cd8  [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
18:09:09.0515 0x0cd8  SysmonLog - ok
18:09:09.0562 0x0cd8  [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
18:09:09.0562 0x0cd8  TapiSrv - ok
18:09:09.0640 0x0cd8  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:09:09.0656 0x0cd8  Tcpip - ok
18:09:09.0687 0x0cd8  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
18:09:09.0703 0x0cd8  TDPIPE - ok
18:09:09.0718 0x0cd8  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
18:09:09.0718 0x0cd8  TDTCP - ok
18:09:09.0765 0x0cd8  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
18:09:09.0765 0x0cd8  TermDD - ok
18:09:09.0796 0x0cd8  [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService     C:\WINDOWS\System32\termsrv.dll
18:09:09.0812 0x0cd8  TermService - ok
18:09:09.0843 0x0cd8  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes          C:\WINDOWS\System32\shsvcs.dll
18:09:09.0859 0x0cd8  Themes - ok
18:09:09.0906 0x0cd8  [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
18:09:09.0906 0x0cd8  TlntSvr - ok
18:09:09.0953 0x0cd8  [ F2790F6AF01321B172AA62F8E1E187D9, 5644B5EFA0065C0CC9DB28E5520AAD2F4B3BCE48337F165BF9F166ECC164630C ] TosIde          C:\WINDOWS\system32\DRIVERS\toside.sys
18:09:09.0953 0x0cd8  TosIde - ok
18:09:10.0031 0x0cd8  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
18:09:10.0031 0x0cd8  TrkWks - ok
18:09:10.0078 0x0cd8  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
18:09:10.0078 0x0cd8  Udfs - ok
18:09:10.0093 0x0cd8  [ 1B698A51CD528D8DA4FFAED66DFC51B9, FC3F12D25EE0E99AFE056502FCCFC052854699C21B99D559FAF1244F206DFB4F ] ultra           C:\WINDOWS\system32\DRIVERS\ultra.sys
18:09:10.0093 0x0cd8  ultra - ok
18:09:10.0140 0x0cd8  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
18:09:10.0156 0x0cd8  Update - ok
18:09:10.0187 0x0cd8  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost        C:\WINDOWS\System32\upnphost.dll
18:09:10.0187 0x0cd8  upnphost - ok
18:09:10.0203 0x0cd8  [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS             C:\WINDOWS\System32\ups.exe
18:09:10.0203 0x0cd8  UPS - ok
18:09:10.0265 0x0cd8  [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:09:10.0265 0x0cd8  usbccgp - ok
18:09:10.0281 0x0cd8  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:09:10.0281 0x0cd8  usbehci - ok
18:09:10.0312 0x0cd8  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:09:10.0328 0x0cd8  usbhub - ok
18:09:10.0359 0x0cd8  [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
18:09:10.0359 0x0cd8  usbprint - ok
18:09:10.0437 0x0cd8  [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:09:10.0437 0x0cd8  usbscan - ok
18:09:10.0453 0x0cd8  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] usbstor         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:09:10.0453 0x0cd8  usbstor - ok
18:09:10.0484 0x0cd8  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
18:09:10.0484 0x0cd8  usbuhci - ok
18:09:10.0500 0x0cd8  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
18:09:10.0500 0x0cd8  VgaSave - ok
18:09:10.0578 0x0cd8  [ 754292CE5848B3738281B4F3607EAEF4, B0DCC9E9F8F78671FF878B493264C3B1DD2ED4A7167E3F5495F66ABF5FACB86C ] viaagp          C:\WINDOWS\system32\DRIVERS\viaagp.sys
18:09:10.0578 0x0cd8  viaagp - ok
18:09:10.0593 0x0cd8  [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E, FC7FFD53FCC0F81587EFF26A43C141D25C43DBC68311520CE2BCDD739CA58CA9 ] ViaIde          C:\WINDOWS\system32\DRIVERS\viaide.sys
18:09:10.0593 0x0cd8  ViaIde - ok
18:09:10.0609 0x0cd8  [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
18:09:10.0609 0x0cd8  VolSnap - ok
18:09:10.0687 0x0cd8  [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS             C:\WINDOWS\System32\vssvc.exe
18:09:10.0703 0x0cd8  VSS - ok
18:09:10.0734 0x0cd8  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time         C:\WINDOWS\system32\w32time.dll
18:09:10.0734 0x0cd8  W32Time - ok
18:09:10.0765 0x0cd8  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:09:10.0765 0x0cd8  Wanarp - ok
18:09:10.0828 0x0cd8  [ D918617B46457B9AC28027722E30F647, 407284D3055DC11944D4EE7E4357E7CF9CAF8CA40CA50633AB6FD4A82CB7EEA6 ] Wdf01000        C:\WINDOWS\system32\Drivers\wdf01000.sys
18:09:10.0843 0x0cd8  Wdf01000 - ok
18:09:10.0859 0x0cd8  WDICA - ok
18:09:10.0921 0x0cd8  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
18:09:10.0921 0x0cd8  wdmaud - ok
18:09:10.0953 0x0cd8  [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient       C:\WINDOWS\System32\webclnt.dll
18:09:10.0953 0x0cd8  WebClient - ok
18:09:11.0078 0x0cd8  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
18:09:11.0093 0x0cd8  winmgmt - ok
18:09:11.0265 0x0cd8  [ 18F347402DA544A780949B8FDF83351B, D1AD972D438A51A4998FEF68670395DAE3353240AD2A17F35794287AF0826FFB ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
18:09:11.0296 0x0cd8  WinRM - ok
18:09:11.0359 0x0cd8  [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
18:09:11.0359 0x0cd8  WmdmPmSN - ok
18:09:11.0437 0x0cd8  [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi             C:\WINDOWS\System32\advapi32.dll
18:09:11.0468 0x0cd8  Wmi - ok
18:09:11.0531 0x0cd8  [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
18:09:11.0546 0x0cd8  WmiApSrv - ok
18:09:11.0687 0x0cd8  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B, C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E09C9A014526066 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
18:09:11.0718 0x0cd8  WMPNetworkSvc - ok
18:09:11.0859 0x0cd8  [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
18:09:11.0875 0x0cd8  WPFFontCache_v0400 - ok
18:09:11.0937 0x0cd8  [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
18:09:11.0937 0x0cd8  WS2IFSL - ok
18:09:12.0000 0x0cd8  [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
18:09:12.0015 0x0cd8  wscsvc - ok
18:09:12.0046 0x0cd8  [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
18:09:12.0046 0x0cd8  WSTCODEC - ok
18:09:12.0093 0x0cd8  [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
18:09:12.0093 0x0cd8  wuauserv - ok
18:09:12.0140 0x0cd8  [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
18:09:12.0140 0x0cd8  WudfPf - ok
18:09:12.0171 0x0cd8  [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
18:09:12.0171 0x0cd8  WudfRd - ok
18:09:12.0203 0x0cd8  [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
18:09:12.0203 0x0cd8  WudfSvc - ok
18:09:12.0281 0x0cd8  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
18:09:12.0296 0x0cd8  WZCSVC - ok
18:09:12.0343 0x0cd8  [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
18:09:12.0359 0x0cd8  xmlprov - ok
18:09:12.0453 0x0cd8  [ DD0042F0C3B606A6A8B92D49AFB18AD6, 8D3BE4C93D02AF5F42EC46AF598D6DA40C61D467CB2FEE5E222F9C1E7A84B852 ] YahooAUService  C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
18:09:12.0468 0x0cd8  YahooAUService - ok
18:09:12.0515 0x0cd8  ================ Scan global ===============================
18:09:12.0562 0x0cd8  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
18:09:12.0609 0x0cd8  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
18:09:12.0656 0x0cd8  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
18:09:12.0703 0x0cd8  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
18:09:12.0703 0x0cd8  [ Global ] - ok
18:09:12.0718 0x0cd8  ================ Scan MBR ==================================
18:09:12.0750 0x0cd8  [ 117EBF02F374A2469D61D1C801F8C1FF ] \Device\Harddisk0\DR0
18:09:12.0984 0x0cd8  \Device\Harddisk0\DR0 - ok
18:09:13.0000 0x0cd8  [ B16A2359F4962B0C622D81A1C1F4B703 ] \Device\Harddisk1\DR1
18:09:13.0109 0x0cd8  \Device\Harddisk1\DR1 - ok
18:09:13.0109 0x0cd8  ================ Scan VBR ==================================
18:09:13.0125 0x0cd8  [ 35C2CA384356707F78B46A3A66420B39 ] \Device\Harddisk0\DR0\Partition1
18:09:13.0125 0x0cd8  \Device\Harddisk0\DR0\Partition1 - ok
18:09:13.0125 0x0cd8  [ D4260963E12E939229E818DF7F359A0D ] \Device\Harddisk1\DR1\Partition1
18:09:13.0140 0x0cd8  \Device\Harddisk1\DR1\Partition1 - ok
18:09:13.0218 0x0cd8  AV detected via SS1: Microsoft Security Essentials, 4.3.0219.0, enabled, updated
18:09:13.0218 0x0cd8  Win FW state via NFM: enabled
18:09:15.0812 0x0cd8  ============================================================
18:09:15.0812 0x0cd8  Scan finished
18:09:15.0812 0x0cd8  ============================================================
18:09:15.0812 0x0b68  Detected object count: 0
18:09:15.0812 0x0b68  Actual detected object count: 0
18:09:24.0812 0x013c  Deinitialize success
 



#8 stubby97

stubby97
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:55 PM

Posted 28 October 2013 - 11:49 PM

SchedLgU.Txt file.. Does this file look correct to you ....

 

"User_Feed_Synchronization-{9C0BEB84-D4D0-4B9B-896B-8E25B7646F76}.job" (msfeedssync.exe) 10/28/2013 7:24:00 PM ** ERROR **
    The attempt to retrieve account information for the specified task failed; therefore, the task did not run. Either an error occurred, or no account information existed for the task.
    The specific error is:
    0x8004130f: No account information could be found in the Task Scheduler security database for the task indicated.
"User_Feed_Synchronization-{9C0BEB84-D4D0-4B9B-896B-8E25B7646F76}.job" (msfeedssync.exe) 10/28/2013 7:29:04 PM ** ERROR **
    The attempt to retrieve account information for the specified task failed; therefore, the task did not run. Either an error occurred, or no account information existed for the task.
    The specific error is:
    0x8004130f: No account information could be found in the Task Scheduler security database for the task indicated.
"User_Feed_Synchronization-{9C0BEB84-D4D0-4B9B-896B-8E25B7646F76}.job" (msfeedssync.exe) 10/28/2013 7:34:00 PM ** ERROR **
    The attempt to retrieve account information for the specified task failed; therefore, the task did not run. Either an error occurred, or no account information existed for the task.
    The specific error is:
    0x8004130f: No account information could be found in the Task Scheduler security database for the task indicated.
"User_Feed_Synchronization-{9C0BEB84-D4D0-4B9B-896B-8E25B7646F76}.job" (msfeedssync.exe) 10/28/2013 7:39:00 PM ** ERROR **
    The attempt to retrieve account information for the specified task failed; therefore, the task did not run. Either an error occurred, or no account information existed for the task.
    The specific error is:
    0x8004130f: No account information could be found in the Task Scheduler security database for the task indicated.
"User_Feed_Synchronization-{9C0BEB84-D4D0-4B9B-896B-8E25B7646F76}.job" (msfeedssync.exe) 10/28/2013 7:44:00 PM ** ERROR **
    The attempt to retrieve account information for the specified task failed; therefore, the task did not run. Either an error occurred, or no account information existed for the task.
    The specific error is:
    0x8004130f: No account information could be found in the Task Scheduler security database for the task indicated.
"User_Feed_Synchronization-{9C0BEB84-D4D0-4B9B-896B-8E25B7646F76}.job" (msfeedssync.exe) 10/28/2013 7:49:00 PM ** ERROR **
    The attempt to retrieve account information for the specified task failed; therefore, the task did not run. Either an error occurred, or no account information existed for the task.
    The specific error is:
    0x8004130f: No account information could be found in the Task Scheduler security database for the task indicated.
"User_Feed_Synchronization-{9C0BEB84-D4D0-4B9B-896B-8E25B7646F76}.job" (msfeedssync.exe) 10/28/2013 7:54:00 PM ** ERROR **
    The attempt to retrieve account information for the specified task failed; therefore, the task did not run. Either an error occurred, or no account information existed for the task.
    The specific error is:
    0x8004130f: No account information could be found in the Task Scheduler security database for the task indicated.
"User_Feed_Synchronization-{9C0BEB84-D4D0-4B9B-896B-8E25B7646F76}.job" (msfeedssync.exe) 10/28/2013 7:59:00 PM ** ERROR **
    The attempt to retrieve account information for the specified task failed; therefore, the task did not run. Either an error occurred, or no account information existed for the task.
    The specific error is:
    0x8004130f: No account information could be found in the Task Scheduler security database for the task indicated.
"User_Feed_Synchronization-{9C0BEB84-D4D0-4B9B-896B-8E25B7646F76}.job" (msfeedssync.exe) 10/28/2013 8:04:00 PM ** ERROR **
    The attempt to retrieve account information for the specified task failed; therefore, the task did not run. Either an error occurred, or no account information existed for the task.
    The specific error is:
    0x8004130f: No account information could be found in the Task Scheduler security database for the task indicated.
"User_Feed_Synchronization-{9C0BEB84-D4D0-4B9B-896B-8E25B7646F76}.job" (msfeedssync.exe) 10/28/2013 8:09:00 PM ** ERROR **
    The attempt to retrieve account information for the specified task failed; therefore, the task did not run. Either an error occurred, or no account information existed for the task.
    The specific error is:
    0x8004130f: No account information could be found in the Task Scheduler security database for the task indicated.
"User_Feed_Synchronization-{9C0BEB84-D4D0-4B9B-896B-8E25B7646F76}.job" (msfeedssync.exe) 10/28/2013 8:14:00 PM ** ERROR **
    The attempt to retrieve account information for the specified task failed; therefore, the task did not run. Either an error occurred, or no account information existed for the task.
    The specific error is:
    0x8004130f: No account information could be found in the Task Scheduler security database for the task indicated.
"Adobe Flash Player Updater.job" (FlashPlayerUpdateService.exe) 10/28/2013 8:19:04 PM ** ERROR **
    The attempt to retrieve account information for the specified task failed; therefore, the task did not run. Either an error occurred, or no account information existed for the task.
    The specific error is:
    0x8004130f: No account information could be found in the Task Scheduler security database for the task indicated.
"User_Feed_Synchronization-{9C0BEB84-D4D0-4B9B-896B-8E25B7646F76}.job" (msfeedssync.exe) 10/28/2013 8:19:11 PM ** ERROR **
    The attempt to retrieve account information for the specified task failed; therefore, the task did not run. Either an error occurred, or no account information existed for the task.
    The specific error is:
    0x8004130f: No account information could be found in the Task Scheduler security database for the task indicated.
"User_Feed_Synchronization-{9C0BEB84-D4D0-4B9B-896B-8E25B7646F76}.job" (msfeedssync.exe) 10/28/2013 8:24:00 PM ** ERROR **
    The attempt to retrieve account information for the specified task failed; therefore, the task did not run. Either an error occurred, or no account information existed for the task.
    The specific error is:
    0x8004130f: No account information could be found in the Task Scheduler security database for the task indicated.
"Task Scheduler Service"
    Exited at 10/28/2013 8:28:57 PM
"Task Scheduler Service"
    Started at 10/28/2013 8:29:55 PM
"User_Feed_Synchronization-{9C0BEB84-D4D0-4B9B-896B-8E25B7646F76}.job" (msfeedssync.exe) 10/28/2013 8:34:00 PM ** ERROR **
    The attempt to retrieve account information for the specified task failed; therefore, the task did not run. Either an error occurred, or no account information existed for the task.
    The specific error is:
    0x8004130f: No account information could be found in the Task Scheduler security database for the task indicated.
"User_Feed_Synchronization-{9C0BEB84-D4D0-4B9B-896B-8E25B7646F76}.job" (msfeedssync.exe) 10/28/2013 8:39:00 PM ** ERROR **
    The attempt to retrieve account information for the specified task failed; therefore, the task did not run. Either an error occurred, or no account information existed for the task.
    The specific error is:
    0x8004130f: No account information could be found in the Task Scheduler security database for the task indicated.
"User_Feed_Synchronization-{9C0BEB84-D4D0-4B9B-896B-8E25B7646F76}.job" (msfeedssync.exe) 10/28/2013 8:44:00 PM ** ERROR **
    The attempt to retrieve account information for the specified task failed; therefore, the task did not run. Either an error occurred, or no account information existed for the task.
    The specific error is:
    0x8004130f: No account information could be found in the Task Scheduler security database for the task indicated.
"User_Feed_Synchronization-{9C0BEB84-D4D0-4B9B-896B-8E25B7646F76}.job" (msfeedssync.exe) 10/28/2013 8:49:00 PM ** ERROR **
    The attempt to retrieve account information for the specified task failed; therefore, the task did not run. Either an error occurred, or no account information existed for the task.
    The specific error is:
    0x8004130f: No account information could be found in the Task Scheduler security database for the task indicated.
"User_Feed_Synchronization-{9C0BEB84-D4D0-4B9B-896B-8E25B7646F76}.job" (msfeedssync.exe) 10/28/2013 8:54:00 PM ** ERROR **
    The attempt to retrieve account information for the specified task failed; therefore, the task did not run. Either an error occurred, or no account information existed for the task.
    The specific error is:
    0x8004130f: No account information could be found in the Task Scheduler security database for the task indicated.
"User_Feed_Synchronization-{9C0BEB84-D4D0-4B9B-896B-8E25B7646F76}.job" (msfeedssync.exe) 10/28/2013 8:59:00 PM ** ERROR **
    The attempt to retrieve account information for the specified task failed; therefore, the task did not run. Either an error occurred, or no account information existed for the task.
    The specific error is:
    0x8004130f: No account information could be found in the Task Scheduler security database for the task indicated.
"User_Feed_Synchronization-{9C0BEB84-D4D0-4B9B-896B-8E25B7646F76}.job" (msfeedssync.exe) 10/28/2013 9:04:00 PM ** ERROR **
    The attempt to retrieve account information for the specified task failed; therefore, the task did not run. Either an error occurred, or no account information existed for the task.
    The specific error is:
    0x8004130f: No account information could be found in the Task Scheduler security database for the task indicated.
"User_Feed_Synchronization-{9C0BEB84-D4D0-4B9B-896B-8E25B7646F76}.job" (msfeedssync.exe) 10/28/2013 9:09:00 PM ** ERROR **
    The attempt to retrieve account information for the specified task failed; therefore, the task did not run. Either an error occurred, or no account information existed for the task.
    The specific error is:
    0x8004130f: No account information could be found in the Task Scheduler security database for the task indicated.
"User_Feed_Synchronization-{9C0BEB84-D4D0-4B9B-896B-8E25B7646F76}.job" (msfeedssync.exe) 10/28/2013 9:14:01 PM ** ERROR **
    The attempt to retrieve account information for the specified task failed; therefore, the task did not run. Either an error occurred, or no account information existed for the task.
    The specific error is:
    0x8004130f: No account information could be found in the Task Scheduler security database for the task indicated.
"Adobe Flash Player Updater.job" (FlashPlayerUpdateService.exe) 10/28/2013 9:19:00 PM ** ERROR **
    The attempt to retrieve account information for the specified task failed; therefore, the task did not run. Either an error occurred, or no account information existed for the task.
    The specific error is:
    0x8004130f: No account information could be found in the Task Scheduler security database for the task indicated.
"User_Feed_Synchronization-{9C0BEB84-D4D0-4B9B-896B-8E25B7646F76}.job" (msfeedssync.exe) 10/28/2013 9:19:00 PM ** ERROR **
    The attempt to retrieve account information for the specified task failed; therefore, the task did not run. Either an error occurred, or no account information existed for the task.
    The specific error is:
    0x8004130f: No account information could be found in the Task Scheduler security database for the task indicated.
"User_Feed_Synchronization-{9C0BEB84-D4D0-4B9B-896B-8E25B7646F76}.job" (msfeedssync.exe) 10/28/2013 9:24:00 PM ** ERROR **
    The attempt to retrieve account information for the specified task failed; therefore, the task did not run. Either an error occurred, or no account information existed for the task.
    The specific error is:
    0x8004130f: No account information could be found in the Task Scheduler security database for the task indicated.
"User_Feed_Synchronization-{9C0BEB84-D4D0-4B9B-896B-8E25B7646F76}.job" (msfeedssync.exe) 10/28/2013 9:29:00 PM ** ERROR **
    The attempt to retrieve account information for the specified task failed; therefore, the task did not run. Either an error occurred, or no account information existed for the task.
    The specific error is:
    0x8004130f: No account information could be found in the Task Scheduler security database for the task indicated.
"User_Feed_Synchronization-{9C0BEB84-D4D0-4B9B-896B-8E25B7646F76}.job" (msfeedssync.exe) 10/28/2013 9:34:00 PM ** ERROR **
    The attempt to retrieve account information for the specified task failed; therefore, the task did not run. Either an error occurred, or no account information existed for the task.
    The specific error is:
    0x8004130f: No account information could be found in the Task Scheduler security database for the task indicated.
"User_Feed_Synchronization-{9C0BEB84-D4D0-4B9B-896B-8E25B7646F76}.job" (msfeedssync.exe) 10/28/2013 9:39:00 PM ** ERROR **
    The attempt to retrieve account information for the specified task failed; therefore, the task did not run. Either an error occurred, or no account information existed for the task.
    The specific error is:
    0x8004130f: No account information could be found in the Task Scheduler security database for the task indicated.
"User_Feed_Synchronization-{9C0BEB84-D4D0-4B9B-896B-8E25B7646F76}.job" (msfeedssync.exe) 10/28/2013 9:44:00 PM ** ERROR **
    The attempt to retrieve account information for the specified task failed; therefore, the task did not run. Either an error occurred, or no account information existed for the task.
    The specific error is:
    0x8004130f: No account information could be found in the Task Scheduler security database for the task indicated.
[ ***** Most recent entry is above this line ***** ]

                                                                                                                                                                                                                                                                                                                                                                                                       
"User_Feed_Synchronization-{9C0BEB84-D4D0-4B9B-896B-8E25B7646F76}.job" (msfeedssync.exe) 10/28/2013 7:04:00 PM ** ERROR **
    The attempt to retrieve account information for the specified task failed; therefore, the task did not run. Either an error occurred, or no account information existed for the task.
    The specific error is:
    0x8004130f: No account information could be found in the Task Scheduler security database for the task indicated.
"User_Feed_Synchronization-{9C0BEB84-D4D0-4B9B-896B-8E25B7646F76}.job" (msfeedssync.exe) 10/28/2013 7:09:00 PM ** ERROR **
    The attempt to retrieve account information for the specified task failed; therefore, the task did not run. Either an error occurred, or no account information existed for the task.
    The specific error is:
    0x8004130f: No account information could be found in the Task Scheduler security database for the task indicated.
"User_Feed_Synchronization-{9C0BEB84-D4D0-4B9B-896B-8E25B7646F76}.job" (msfeedssync.exe) 10/28/2013 7:14:00 PM ** ERROR **
    The attempt to retrieve account information for the specified task failed; therefore, the task did not run. Either an error occurred, or no account information existed for the task.
    The specific error is:
    0x8004130f: No account information could be found in the Task Scheduler security database for the task indicated.
"Adobe Flash Player Updater.job" (FlashPlayerUpdateService.exe) 10/28/2013 7:19:04 PM ** ERROR **
    The attempt to retrieve account information for the specified task failed; therefore, the task did not run. Either an error occurred, or no account information existed for the task.
    The specific error is:
    0x8004130f: No account information could be found in the Task Scheduler security database for the task indicated.
"User_Feed_Synchronization-{9C0BEB84-D4D0-4B9B-896B-8E25B7646F76}.job" (msfeedssync.exe) 10/28/2013 7:19:07 PM ** ERROR **
    The attempt to retrieve account information for the specified task failed; therefore, the task did not run. Either an error occurred, or no account information existed for the task.
    The specific error is:
    0x8004130f: No account information could be found in the Task Scheduler security database for the task indicated.
 



#9 stubby97

stubby97
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:55 PM

Posted 28 October 2013 - 11:54 PM

====================Start 'wiaservc.dll' Debug - Time: 2013/10/28 20:30:23:31====================
    CEventNotifier::RestoreDevPersistentCBs, RegQueryValueEx() for Desc failed.
    *> StiServiceMain entered, Time: 2013/10/28 20:30:23:312
 



#10 stubby97

stubby97
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:55 PM

Posted 29 October 2013 - 12:09 AM

Computer will not let me select and paste files here for you to view... any special reason why.. they look strange to me...



#11 HydroLar

HydroLar

  • Members
  • 454 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Storrs, Connecticut USA
  • Local time:01:55 AM

Posted 29 October 2013 - 10:30 AM

Computer will not let me select and paste files here for you to view... any special reason why.. they look strange to me...


Which files are you referring to? Do you mean they contain non-Latin characters (Unicode)?

As for 'Schedlgu.txt', all scheduled tasks maintain a log file (Schedlgu.txt), in the c:\Windows folder. This was a reoccurring error in Win XP SP1 which subsequent Win updates supposedly fixed. It literally means that the account information for that scheduled task is missing. It is possible that downloading Win XP service pack 3 and reinstalling may help but I am still researching this. I'll get back to you.
Posted Image
 
"The object of life is not to be on the side of the majority, but to escape finding oneself in the ranks of the insane." - Marcus Aurelius

#12 stubby97

stubby97
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:55 PM

Posted 29 October 2013 - 02:59 PM

I have 2 harddrives on this puter.. One is CDrive.. 2nd is DDrive... Not sure what is going on.. But is it possible I have 2 systems in one here.... I also have a bunch of Unistall folders and files in Blue font .. What does this mean... On the DDrive the dates on the files are old 2004 etc//

How can we check these files..... I have Office 11 installed and it says it cannot open because Misconfigureation... How do I get office to work

 

I appreciate your advice and help with my puter problems...

tks

rick



#13 HydroLar

HydroLar

  • Members
  • 454 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Storrs, Connecticut USA
  • Local time:01:55 AM

Posted 29 October 2013 - 09:01 PM

We'll check that out later, first let's look at the Task Manager errors and get rid of more junkware.

:step1:
After talking to my collegues here at BC it is entirely possible nothing is wrong with your Task Scheduler and the problem lies with a corrupted Adobe Flash Player so let's uninstall and reinstall the Flash Player.
  • Click "start" on the taskbar and then click on the "Control Panel" icon.
    Please doubleclick the "Add or Remove Programs" icon
    A list of programs installed will be "populated" this may take a bit of time.
    Click on the following entries and select "remove":

    Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
    Adobe Flash Player 11 Plugin (Version: 11.9.900.117)


    Additional instructions can be found here if needed.
  • Please download the latest version of Adobe Flash from http://get.adobe.com/flashplayer/otherversions/ to your Desktop
  • Double click the file to start the installation process
  • Repeat 1. and 2. for every other browser you have installed (eg Internet Explorer / Firefox / Chrome / Safari / Opera..) as applicable.
:step2:
Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
:step3:
thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Posted Image
 
"The object of life is not to be on the side of the majority, but to escape finding oneself in the ranks of the insane." - Marcus Aurelius

#14 stubby97

stubby97
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:55 PM

Posted 30 October 2013 - 12:02 AM

# AdwCleaner v3.010 - Report created 29/10/2013 at 21:48:01
# Updated 20/10/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Owner - RICKSTUBBS
# Running from : C:\Documents and Settings\Owner\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\apn
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Ask
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Babylon
Folder Deleted : C:\Documents and Settings\All Users\Start Menu\Programs\WinZip Registry Optimizer
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\WinZip Registry Optimizer
Folder Deleted : C:\Documents and Settings\Owner\Local Settings\Application Data\Conduit
Folder Deleted : C:\Documents and Settings\Owner\Local Settings\Application Data\OutBrowseToolbar
Folder Deleted : C:\Documents and Settings\Owner\Local Settings\Application Data\SimplyTech
Folder Deleted : C:\Documents and Settings\Owner\Local Settings\Application Data\Wajam
Folder Deleted : C:\Documents and Settings\Owner\Application Data\DriverCure
Folder Deleted : C:\Documents and Settings\Owner\Application Data\pccustubinstaller
Folder Deleted : C:\Documents and Settings\Owner\Application Data\Systweak
Folder Deleted : C:\Documents and Settings\Terri\Local Settings\Application Data\Conduit
Folder Deleted : C:\Documents and Settings\Terri\Application Data\AVG Secure Search
Folder Deleted : C:\Documents and Settings\Terri\Application Data\Delta
Folder Deleted : C:\Documents and Settings\Terri\Application Data\Searchprotect
Folder Deleted : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\x56r215a.default\Smartbar
Folder Deleted : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\x56r215a.default\CT2801948
Folder Deleted : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\x56r215a.default\Extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}(2)
[!] Folder Deleted : C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
[!] Folder Deleted : C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hchkdglnjoagfcnikmcebkjlfbcbkhnm
File Deleted : C:\END
File Deleted : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\x56r215a.default\bProtector_extensions.rdf
File Deleted : C:\Documents and Settings\Terri\Application Data\Mozilla\Firefox\Profiles\zvquunkh.default\bprotector_extensions.sqlite
File Deleted : C:\Documents and Settings\Terri\Application Data\Mozilla\Firefox\Profiles\zvquunkh.default\bprotector_prefs.js
File Deleted : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\x56r215a.default\invalidprefs.js
File Deleted : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\x56r215a.default\searchplugins\Askcom.xml
File Deleted : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\x56r215a.default\searchplugins\Babylon.xml
File Deleted : C:\Documents and Settings\Terri\Application Data\Mozilla\Firefox\Profiles\zvquunkh.default\searchplugins\Babylon.xml
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\Babylon.xml
File Deleted : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\x56r215a.default\searchplugins\BrowserProtect.xml
File Deleted : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\x56r215a.default\searchplugins\Conduit.xml
File Deleted : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\x56r215a.default\searchplugins\delta.xml
File Deleted : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\x56r215a.default\searchplugins\my-web-search.xml
File Deleted : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\x56r215a.default\searchplugins\Web Search.xml
File Deleted : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\x56r215a.default\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Key Deleted : HKCU\Software\Google\Chrome\Extensions\hchkdglnjoagfcnikmcebkjlfbcbkhnm
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hchkdglnjoagfcnikmcebkjlfbcbkhnm
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\BrowserProtect
Key Deleted : HKLM\SOFTWARE\Classes\driverscanner
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
Key Deleted : HKCU\Software\5928ddab369b949
Key Deleted : HKLM\SOFTWARE\5928ddab369b949
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2801948
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3196716
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3293216
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7697BC38-D0FA-454B-AC75-968B4CCABFCE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Key Deleted : HKCU\Software\Alexa Internet
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\distromatic
Key Deleted : HKCU\Software\OCS
Key Deleted : HKCU\Software\powerpack
Key Deleted : HKCU\Software\smartbar
Key Deleted : HKCU\Software\AppDataLow\Software\simplytech
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\Tarma Installer
Key Deleted : HKLM\Software\Uniblue\DriverScanner
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Wajam
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Search Bar]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Search Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [(Default)]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)]

-\\ Mozilla Firefox v25.0 (en-US)

[ File : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\x56r215a.default\prefs.js ]

Line Deleted : user_pref("CT2801948.1000082.isDisplayHidden", "true");
Line Deleted : user_pref("CT2801948.1000082.state", "{\"state\":\"stopped\",\"text\":\"Virgin Ra...\",\"description\":\"Virgin Radio Classic Rock\",\"url\":\"hxxp://www.smgradio.com/core/audio/wmp/live.asx?service=v[...]
Line Deleted : user_pref("CT2801948.1000234.TWC_TMP_city", "PRINCE GEORGE");
Line Deleted : user_pref("CT2801948.1000234.TWC_TMP_country", "CA");
Line Deleted : user_pref("CT2801948.1000234.TWC_locId", "CAXX0381");
Line Deleted : user_pref("CT2801948.1000234.TWC_location", "Prince George, Canada");
Line Deleted : user_pref("CT2801948.1000234.TWC_region", "OT");
Line Deleted : user_pref("CT2801948.1000234.TWC_temp_dis", "c");
Line Deleted : user_pref("CT2801948.1000234.TWC_wind_dis", "kmh");
Line Deleted : user_pref("CT2801948.1000234.weatherData", "{\"icon\":\"20.png\",\"temperature\":\"-9°C\",\"temperatureClear\":\"-9°C\",\"highTemperature\":\"-9°C\",\"lowTemperature\":\"-11°C\",\"feelsLike\":\"-13°C\[...]
Line Deleted : user_pref("CT2801948.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2801948.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2801948.FirstTime", "true");
Line Deleted : user_pref("CT2801948.FirstTimeFF3", "true");
Line Deleted : user_pref("CT2801948.LoginRevertSettingsEnabled", true);
Line Deleted : user_pref("CT2801948.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2801948&SearchSource=2&CUI=SB_CUI&q=");
Line Deleted : user_pref("CT2801948.UserID", "UN55283976508500961");
Line Deleted : user_pref("CT2801948.addressBarTakeOverEnabledInHidden", "true");
Line Deleted : user_pref("CT2801948.autoDisableScopes", 0);
Line Deleted : user_pref("CT2801948.browser.search.defaultthis.engineName", true);
Line Deleted : user_pref("CT2801948.defaultSearch", "true");
Line Deleted : user_pref("CT2801948.embeddedsData", "[{\"appId\":\"129306881621438061\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
Line Deleted : user_pref("CT2801948.enableAlerts", "always");
Line Deleted : user_pref("CT2801948.enableSearchFromAddressBar", "true");
Line Deleted : user_pref("CT2801948.firstTimeDialogOpened", "true");
Line Deleted : user_pref("CT2801948.fixPageNotFoundError", "true");
Line Deleted : user_pref("CT2801948.fixPageNotFoundErrorInHidden", "true");
Line Deleted : user_pref("CT2801948.fixUrls", true);
Line Deleted : user_pref("CT2801948.hxxp___pinterest_aot_im.isEnabled.enc", "WQ==");
Line Deleted : user_pref("CT2801948.installId", "conduitinstaller.exe");
Line Deleted : user_pref("CT2801948.installType", "conduitnsisintegration");
Line Deleted : user_pref("CT2801948.isCheckedStartAsHidden", true);
Line Deleted : user_pref("CT2801948.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2801948.isFirstTimeToolbarLoading", "false");
Line Deleted : user_pref("CT2801948.isNewTabEnabled", true);
Line Deleted : user_pref("CT2801948.isPerformedSmartBarTransition", "true");
Line Deleted : user_pref("CT2801948.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT2801948.keyword", true);
Line Deleted : user_pref("CT2801948.migrateAppsAndComponents", true);
Line Deleted : user_pref("CT2801948.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://NCHEN.OurToolbar.com/\",\"EB_TOOLBAR_I[...]
Line Deleted : user_pref("CT2801948.openThankYouPage", "false");
Line Deleted : user_pref("CT2801948.openUninstallPage", "true");
Line Deleted : user_pref("CT2801948.revertSettingsEnabled", "true");
Line Deleted : user_pref("CT2801948.search.searchAppId", "129306881621438061");
Line Deleted : user_pref("CT2801948.search.searchCount", "0");
Line Deleted : user_pref("CT2801948.searchInNewTabEnabledInHidden", "true");
Line Deleted : user_pref("CT2801948.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2801948.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2801948.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Deleted : user_pref("CT2801948.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2801948\"}");
Line Deleted : user_pref("CT2801948.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://NCHEN.OurToolbar.com//xpi\"}");
Line Deleted : user_pref("CT2801948.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"NCH EN\"}");
Line Deleted : user_pref("CT2801948.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2801948.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1356909546888");
Line Deleted : user_pref("CT2801948.serviceLayer_services_appsMetadata_lastUpdate", "1356909546860");
Line Deleted : user_pref("CT2801948.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1356909548169");
Line Deleted : user_pref("CT2801948.serviceLayer_services_login_10.13.40.15_lastUpdate", "1357971881590");
Line Deleted : user_pref("CT2801948.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1356909548049");
Line Deleted : user_pref("CT2801948.serviceLayer_services_searchAPI_lastUpdate", "1356909545223");
Line Deleted : user_pref("CT2801948.serviceLayer_services_serviceMap_lastUpdate", "1357978154271");
Line Deleted : user_pref("CT2801948.serviceLayer_services_toolbarContextMenu_lastUpdate", "1356909547987");
Line Deleted : user_pref("CT2801948.serviceLayer_services_toolbarSettings_lastUpdate", "1357979081759");
Line Deleted : user_pref("CT2801948.serviceLayer_services_translation_lastUpdate", "1357978154482");
Line Deleted : user_pref("CT2801948.settingsINI", true);
Line Deleted : user_pref("CT2801948.shouldFirstTimeDialog", "false");
Line Deleted : user_pref("CT2801948.smartbar.CTID", "CT2801948");
Line Deleted : user_pref("CT2801948.smartbar.Uninstall", "0");
Line Deleted : user_pref("CT2801948.smartbar.homepage", true);
Line Deleted : user_pref("CT2801948.smartbar.isHidden", true);
Line Deleted : user_pref("CT2801948.smartbar.toolbarName", "NCH EN ");
Line Deleted : user_pref("CT2801948.startPage", "userChanged");
Line Deleted : user_pref("CT2801948.toolbarBornServerTime", "31-12-2012");
Line Deleted : user_pref("CT2801948.toolbarCurrentServerTime", "12-1-2013");
Line Deleted : user_pref("CT2801948.twitter_v1.8.0_twitter_app_open_t_f.enc", "ZmFsc2U=");
Line Deleted : user_pref("CT2801948_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1357979347078,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("CT3293216_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1377334817048,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("CT3299872.1000082.isPlayDisplay", "true");
Line Deleted : user_pref("CT3299872.1000082.state", "{\"state\":\"stopped\",\"text\":\"Ontario -...\",\"description\":\"Ontario - CJRQ - Q92\",\"url\":\"hxxp://38.99.208.186/CJRQ\"}");
Line Deleted : user_pref("CT3299872.1000234.TWC_TMP_city", "VICTORIA");
Line Deleted : user_pref("CT3299872.1000234.TWC_TMP_country", "CA");
Line Deleted : user_pref("CT3299872.1000234.TWC_country", "CANADA");
Line Deleted : user_pref("CT3299872.1000234.TWC_locId", "CAXX0523");
Line Deleted : user_pref("CT3299872.1000234.TWC_location", "Victoria, Canada");
Line Deleted : user_pref("CT3299872.1000234.TWC_region", "OT");
Line Deleted : user_pref("CT3299872.1000234.TWC_temp_dis", "c");
Line Deleted : user_pref("CT3299872.1000234.TWC_wind_dis", "kmh");
Line Deleted : user_pref("CT3299872.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3299872.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3299872.FirstTime", "true");
Line Deleted : user_pref("CT3299872.FirstTimeFF3", "true");
Line Deleted : user_pref("CT3299872.LAST_CLIENT_STATS_SUBMIT_2.enc", "MTM3OTI2NDg0Mw==");
Line Deleted : user_pref("CT3299872.LOCAL_COOKIE_STATS_LAST_SUBMIT_6.enc", "MTM3OTI2NjY2Mg==");
Line Deleted : user_pref("CT3299872.LOCAL_COOKIE_STATS_STATS_SITE_IRRELEVANT.enc", "NA==");
Line Deleted : user_pref("CT3299872.LOCAL_COOKIE_STATS_STATS_SITE_SUPPORTED.enc", "MQ==");
Line Deleted : user_pref("CT3299872.LOCAL_COOKIE_THROTTLE_BASEadd_stats|0|LOCAL_COOKIE_STATS_STATS_SITE_IRRELEVANT.enc", "MTM3OTI2OTA4NA==");
Line Deleted : user_pref("CT3299872.LOCAL_COOKIE_THROTTLE_BASEadd_stats|0|LOCAL_COOKIE_STATS_STATS_SITE_SUPPORTED.enc", "MTM3OTI2NjczMA==");
Line Deleted : user_pref("CT3299872.PG_ENABLE", "dHJ1ZQ==");
Line Deleted : user_pref("CT3299872.SF_JUST_INSTALLED.enc", "RkFMU0U=");
Line Deleted : user_pref("CT3299872.SF_STATUS.enc", "RU5BQkxFRA==");
Line Deleted : user_pref("CT3299872.SF_USER_ID.enc", "Y2lkXzE1OTIwMTMxMDcyMjU3OTE4MjE=");
Line Deleted : user_pref("CT3299872.UserID", "UN25317626548277117");
Line Deleted : user_pref("CT3299872.acp_personal.appstate.enc", "ZW5hYmxl");
Line Deleted : user_pref("CT3299872.addressBarTakeOverEnabledInHidden", "true");
Line Deleted : user_pref("CT3299872.cbfirsttime.enc", "U3VuIFNlcCAxNSAyMDEzIDEwOjA3OjIyIEdNVC0wNzAwIChQYWNpZmljIFN0YW5kYXJkIFRpbWUp");
Line Deleted : user_pref("CT3299872.countryCode", "CA");
Line Deleted : user_pref("CT3299872.discover-experiments-photopop.enc", "eyJuYW1lIjoicGhvdG9wb3BfbmEiLCJ2ZXJzaW9uIjoxMH0=");
Line Deleted : user_pref("CT3299872.discover-periodic-reports.enc", "eyJwaW5nXzAiOlsxMzc5MjY2NjQ1ODY5LDE0NDAwMDAwXX0=");
Line Deleted : user_pref("CT3299872.discover-user-id.enc", "IjM3ZTc5NTdlLWI3ODctNDdkOC1hNGQ1LWQ3YjEzNmU2YzUyMiI=");
Line Deleted : user_pref("CT3299872.embeddedsData", "[{\"appId\":\"130116395078024690\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
Line Deleted : user_pref("CT3299872.event_data.enc", "JTVCJTVE");
Line Deleted : user_pref("CT3299872.fired_events.enc", "");
Line Deleted : user_pref("CT3299872.firstTimeDialogOpened", "true");
Line Deleted : user_pref("CT3299872.fixPageNotFoundErrorByUser", "TRUE");
Line Deleted : user_pref("CT3299872.fixPageNotFoundErrorInHidden", "true");
Line Deleted : user_pref("CT3299872.fullUserID", "UN25317626548277117.XP.20130915100000");
Line Deleted : user_pref("CT3299872.ground-country-code.enc", "IkNBIg==");
Line Deleted : user_pref("CT3299872.impression_counter.enc", "Mg==");
Line Deleted : user_pref("CT3299872.impression_session_counter.enc", "MA==");
Line Deleted : user_pref("CT3299872.impression_session_id.enc", "ImQ3M2Q3NjU0LTQ4MDktNDEwMi05OWE0LTQzYTZiNDQwZjA4YSI=");
Line Deleted : user_pref("CT3299872.impression_session_last_active.enc", "MTM3OTI2ODAzODAzOQ==");
Line Deleted : user_pref("CT3299872.installType", "Unknown");
Line Deleted : user_pref("CT3299872.isCheckedStartAsHidden", true);
Line Deleted : user_pref("CT3299872.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3299872.isFirstTimeToolbarLoading", "false");
Line Deleted : user_pref("CT3299872.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT3299872.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3299872.key_date.enc", "MTU=");
Line Deleted : user_pref("CT3299872.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3299872&octid=CT3299872&SearchSource=15&CUI=UN25317626548277117&SSPV=&Lay=1&UM=2\"}");
Line Deleted : user_pref("CT3299872.lastVersion", "10.20.0.13");
Line Deleted : user_pref("CT3299872.mam_gk_appStateReportTime.enc", "MTM3OTI2NDQyNDY3MA==");
Line Deleted : user_pref("CT3299872.mam_gk_appState_ACplus.enc", "b24=");
Line Deleted : user_pref("CT3299872.mam_gk_appState_CouponBuddy.enc", "b24=");
Line Deleted : user_pref("CT3299872.mam_gk_appState_Discover.enc", "b24=");
Line Deleted : user_pref("CT3299872.mam_gk_appState_Easytobook.enc", "b24=");
Line Deleted : user_pref("CT3299872.mam_gk_appState_Easytobook_targeted.enc", "b24=");
Line Deleted : user_pref("CT3299872.mam_gk_appState_PiclickV2-WebSearch.enc", "b24=");
Line Deleted : user_pref("CT3299872.mam_gk_appState_PriceGong.enc", "b24=");
Line Deleted : user_pref("CT3299872.mam_gk_appState_WindowShopper.enc", "b24=");
Line Deleted : user_pref("CT3299872.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9wcmljZWdvbmcuY29uZHVpdGFwcHMuY29tL01BTS92MS9odG1sX2NvbXAuaHRtbCIsInNjcmlwdFVybCI6bnVsbCwib3B0aW9uc0Rp[...]
Line Deleted : user_pref("CT3299872.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");
Line Deleted : user_pref("CT3299872.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IlBpY2xpY2tWMi1XZWJTZWFyY2giLCJjcml0ZXJpYXMiOlt7ImNyaXRlcmlhSWQiOiI5ODlhYzU1MC02ZjE2LTRkNjUtODBmMS0zOWNiMjcxNzBjYzAiLCJ[...]
Line Deleted : user_pref("CT3299872.mam_gk_currentVersion.enc", "MS4xMC40LjA=");
Line Deleted : user_pref("CT3299872.mam_gk_existingUsersRecoveryDone.enc", "MQ==");
Line Deleted : user_pref("CT3299872.mam_gk_first_time.enc", "MQ==");
Line Deleted : user_pref("CT3299872.mam_gk_installer_preapproved.enc", "VFJVRQ==");
Line Deleted : user_pref("CT3299872.mam_gk_lastLoginTime.enc", "MTM3OTI2NDQyMDk1MQ==");
Line Deleted : user_pref("CT3299872.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50IFBvbGljeSJ9LCJnYWRnZXREZXNjcmlwdGlvblByaW1hcnkiOnsiVGV4dCI6IlZhbHVlIEFwcHMgZW5yaWNoZXMgeW91ciB3ZWIg[...]
Line Deleted : user_pref("CT3299872.mam_gk_new_welcome_experience.enc", "MQ==");
Line Deleted : user_pref("CT3299872.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
Line Deleted : user_pref("CT3299872.mam_gk_settings1.10.4.0.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiMTAyXzAiLCJpc1Rlc3QiOnRydWUsIlVzZXJDb3VudHJ5Q29kZSI6IkNBIiwiaXNXZWxjb21lRXhw[...]
Line Deleted : user_pref("CT3299872.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
Line Deleted : user_pref("CT3299872.mam_gk_userId.enc", "ZmRlMjA3YzQtMWIyOS00ZDc1LWI3YTItM2RlN2VlZWRjNmE0");
Line Deleted : user_pref("CT3299872.mam_gk_user_approval_interacted.enc", "MQ==");
Line Deleted : user_pref("CT3299872.mam_gk_welcomeDialogMode.enc", "MQ==");
Line Deleted : user_pref("CT3299872.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fwww.microsoft.com%2Fen-ca%2Fdefault.aspx\",\"EB_MAIN_FRAME_TITLE\":\"%0A%09Microsoft%20Canada%20%7C%20Devices%20and%[...]
Line Deleted : user_pref("CT3299872.price-gong.isManagedApp", "true");
Line Deleted : user_pref("CT3299872.revertSettingsEnabled", "false");
Line Deleted : user_pref("CT3299872.search.searchAppId", "130116395078024690");
Line Deleted : user_pref("CT3299872.search.searchCount", "0");
Line Deleted : user_pref("CT3299872.searchFromAddressBarEnabledByUser", "false");
Line Deleted : user_pref("CT3299872.searchInNewTabEnabledByUser", "false");
Line Deleted : user_pref("CT3299872.searchInNewTabEnabledInHidden", "true");
Line Deleted : user_pref("CT3299872.searchSuggestEnabledByUser", "false");
Line Deleted : user_pref("CT3299872.searchUserMode", "2");
Line Deleted : user_pref("CT3299872.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3299872.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3299872.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"3\"}");
Line Deleted : user_pref("CT3299872.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3299872\"}");
Line Deleted : user_pref("CT3299872.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://InstalllConverter.OurToolbar.com//xpi\"}");
Line Deleted : user_pref("CT3299872.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"Installl Converter \"}");
Line Deleted : user_pref("CT3299872.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3299872.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Deleted : user_pref("CT3299872.serviceLayer_services_Configuration_lastUpdate", "1379264410756");
Line Deleted : user_pref("CT3299872.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1379264414262");
Line Deleted : user_pref("CT3299872.serviceLayer_services_appsMetadata_lastUpdate", "1379264413851");
Line Deleted : user_pref("CT3299872.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1379264413654");
Line Deleted : user_pref("CT3299872.serviceLayer_services_login_10.20.0.13_lastUpdate", "1379264839649");
Line Deleted : user_pref("CT3299872.serviceLayer_services_menu_769c590835a76d075fe33b9a87a87786_lastUpdate", "1379264414053");
Line Deleted : user_pref("CT3299872.serviceLayer_services_menu_d32f45618f5a02bd965c56155a643855_lastUpdate", "1379264414182");
Line Deleted : user_pref("CT3299872.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1379264413779");
Line Deleted : user_pref("CT3299872.serviceLayer_services_searchAPI_lastUpdate", "1379264411612");
Line Deleted : user_pref("CT3299872.serviceLayer_services_serviceMap_lastUpdate", "1379264402670");
Line Deleted : user_pref("CT3299872.serviceLayer_services_setupAPI_lastUpdate", "1379264411512");
Line Deleted : user_pref("CT3299872.serviceLayer_services_toolbarContextMenu_lastUpdate", "1379264413583");
Line Deleted : user_pref("CT3299872.serviceLayer_services_toolbarSettings_lastUpdate", "1379264411691");
Line Deleted : user_pref("CT3299872.serviceLayer_services_translation_lastUpdate", "1379264413899");
Line Deleted : user_pref("CT3299872.settingsINI", true);
Line Deleted : user_pref("CT3299872.showToolbarPermission", "false");
Line Deleted : user_pref("CT3299872.smartbar.CTID", "CT3299872");
Line Deleted : user_pref("CT3299872.smartbar.Uninstall", "0");
Line Deleted : user_pref("CT3299872.smartbar.toolbarName", "Installl Converter ");
Line Deleted : user_pref("CT3299872.toolbarBornServerTime", "15-9-2013");
Line Deleted : user_pref("CT3299872.toolbarCurrentServerTime", "15-9-2013");
Line Deleted : user_pref("CT3299872.toolbarLoginClientTime", "Sun Sep 15 2013 10:07:19 GMT-0700 (Pacific Standard Time)");
Line Deleted : user_pref("CT3299872.url_history0001.enc", "aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tLz9yZWY9dG5fdG5tbjo6OmNsaWNraGFuZGxlcjo6OjEzNzkyNjcwODIzNjEsLCxodHRwczovL3d3dy5mYWNlYm9vay5jb20vP3JlZj10bl90bm1uOjo6Y2xpY2to[...]
Line Deleted : user_pref("CT3299872.userIdGenerationCounter", "1");
Line Deleted : user_pref("CT3299872_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1379268940396,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("CT3310941_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1377334817103,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("Smartbar.ConduitHomepagesList", "");
Line Deleted : user_pref("Smartbar.ConduitSearchEngineList", "");
Line Deleted : user_pref("Smartbar.ConduitSearchUrlList", "");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3293216&SearchSource=2&CUI=UN37928418765251249&UM=2&q=");
Line Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3310941");
Line Deleted : user_pref("browser.search.defaultthis.engineName", "Vgrabber v1.5 ctrl Customized Web Search");
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3310941&CUI=UN12437080062006023&UM=2&SearchSource=3&q={searchTerms}");
Line Deleted : user_pref("extensions.delta.admin", false);
Line Deleted : user_pref("extensions.delta.aflt", "babsst");
Line Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Line Deleted : user_pref("extensions.delta.autoRvrt", "false");
Line Deleted : user_pref("extensions.delta.bbDpng", "4");
Line Deleted : user_pref("extensions.delta.cntry", "CA");
Line Deleted : user_pref("extensions.delta.dfltLng", "en");
Line Deleted : user_pref("extensions.delta.excTlbr", false);
Line Deleted : user_pref("extensions.delta.ffxUnstlRst", true);
Line Deleted : user_pref("extensions.delta.hdrMd5", "C4E6AFFBBB5151A0B3E6ACCD3F03C3C6");
Line Deleted : user_pref("extensions.delta.id", "24c37ee8000000000000001195caedcb");
Line Deleted : user_pref("extensions.delta.instlDay", "15826");
Line Deleted : user_pref("extensions.delta.instlRef", "sst");
Line Deleted : user_pref("extensions.delta.lastVrsnTs", "1.8.16.1622:28:27");
Line Deleted : user_pref("extensions.delta.newTab", false);
Line Deleted : user_pref("extensions.delta.prdct", "delta");
Line Deleted : user_pref("extensions.delta.prtnrId", "delta");
Line Deleted : user_pref("extensions.delta.rvrt", "false");
Line Deleted : user_pref("extensions.delta.sg", "azb");
Line Deleted : user_pref("extensions.delta.smplGrp", "none");
Line Deleted : user_pref("extensions.delta.tlbrId", "base");
Line Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");
Line Deleted : user_pref("extensions.delta.vrsn", "1.8.16.16");
Line Deleted : user_pref("extensions.delta.vrsnTs", "1.8.16.1622:28:27");
Line Deleted : user_pref("extensions.delta.vrsni", "1.8.16.16");
Line Deleted : user_pref("extensions.mywebsearch.prevDefaultEngine", "Web Search");
Line Deleted : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
Line Deleted : user_pref("extensions.mywebsearch.prevKwdURL", "hxxp://search.certified-toolbar.com?si=42102&tid=2876&bs=true&q=");
Line Deleted : user_pref("extensions.mywebsearch.prevSelectedEngine", "Web Search");
Line Deleted : user_pref("extensions.toolbar.mindspark._paMembers_.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=66FABC7E-01F4-43CB-8A80-1234B6CC3D46&n=77fc9048&p2=^Z1^xdm039^LENCA^ca&si=CJ6vypvyt7YCFUXZQg[...]
Line Deleted : user_pref("extensions.toolbar.mindspark._paMembers_.hp.enabled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._paMembers_.initialized", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._paMembers_.installation.contextKey", "");
Line Deleted : user_pref("extensions.toolbar.mindspark._paMembers_.installation.installDate", "2013040712");
Line Deleted : user_pref("extensions.toolbar.mindspark._paMembers_.installation.partnerId", "^Z1^xdm039^LENCA^ca");
Line Deleted : user_pref("extensions.toolbar.mindspark._paMembers_.installation.partnerSubId", "CJ6vypvyt7YCFUXZQgodQHcAkQ");
Line Deleted : user_pref("extensions.toolbar.mindspark._paMembers_.installation.success", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._paMembers_.installation.toolbarId", "66FABC7E-01F4-43CB-8A80-1234B6CC3D46");
Line Deleted : user_pref("extensions.toolbar.mindspark._paMembers_.lastActivePing", "1365364622762");
Line Deleted : user_pref("extensions.toolbar.mindspark._paMembers_.options.defaultSearch", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._paMembers_.options.homePageEnabled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._paMembers_.options.keywordEnabled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._paMembers_.options.tabEnabled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._paMembers_.weather.location", "V5K+V");
Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "filmfanatic2@mindspark.com");
Line Deleted : user_pref("extensions.toolbar.mindspark.lastInstalled", "filmfanatic2@mindspark.com");
Line Deleted : user_pref("plugin.state.npconduitfirefoxplugin", 0);
Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3310941");
Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT2801948&SearchSource=13&CUI=SB_CUI,hxxp://search.conduit.com/?ctid=CT3293216&CUI=UN37928418765251249&UM=2&SearchSource=13&s[...]
Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2801948&SearchSource=2&CUI=SB_CUI&q=,hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3293216&Search[...]
Line Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT3310941");
Line Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3310941");
Line Deleted : user_pref("smartbar.machineId", "W7HR4IUPENAVY3HKSIMIOKKJMYIW65SJFUCGCW9S3A6QMCHVMCKEM3H2Q/VDO4N87CRVCYTWFV3HEGHRBZT7NQ");
Line Deleted : user_pref("smartbar.originalHomepage", "hxxp://www.ask.com/?l=dis&o=APN10111&gct=hp");
Line Deleted : user_pref("smartbar.originalSearchAddressUrl", "");
Line Deleted : user_pref("smartbar.originalSearchEngine", false);

[ File : C:\Documents and Settings\Terri\Application Data\Mozilla\Firefox\Profiles\zvquunkh.default\prefs.js ]

Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Line Deleted : user_pref("browser.search.defaultenginename", "Delta Search");
Line Deleted : user_pref("browser.search.order.1", "Delta Search");
Line Deleted : user_pref("browser.search.selectedEngine", "Delta Search");
Line Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://isearch.avg.com/search?cid={12689C3B-07B0-48E0-85BD-3045F5395DB1}&mid=dfbf0780413647d0a569d158d32e0438-73182b44ebf59e8684ed8e609ef6844e3ea[...]

-\\ Google Chrome v

[ File : C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage
Deleted : icon_url
Deleted : search_url
Deleted : suggest_url
Deleted : keyword
Deleted : urls_to_restore_on_startup

[ File : C:\Documents and Settings\Terri\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [38422 octets] - [29/10/2013 21:41:11]
AdwCleaner[S0].txt - [38080 octets] - [29/10/2013 21:48:01]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [38141 octets] ##########
 



#15 HydroLar

HydroLar

  • Members
  • 454 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Storrs, Connecticut USA
  • Local time:01:55 AM

Posted 30 October 2013 - 07:56 AM

Coming along very nicely, rick, let more know how your PC is running now. Any better?

Those folders highlighted in Blue you mentioned means that they are compressed files and nothing to worry about. Compressed files merely save space.

Looking forward to the JRT log :)
Posted Image
 
"The object of life is not to be on the side of the majority, but to escape finding oneself in the ranks of the insane." - Marcus Aurelius




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users