Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Not sure if infected but comp is suddenly slow and internet spotty.


  • Please log in to reply
10 replies to this topic

#1 mllewis

mllewis

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:07 AM

Posted 14 November 2013 - 11:26 PM

I'm not sure if my computer is infected or if it's just getting old (about 4 years) but it's gotten incredibly slow just in the past couple months. My internet connection has begun to fail at random, but other devices (tablet, phones) still are connected just fine. I update and run malwarebytes daily but nothing is ever found. Today the wifi light on the actual hardware of the laptop would not turn on, and no internet connection could be found. Finally with some digging, and I don't know really what I even did, the connection came back. We did just get a "faster, better" modem from comcast a while ago which is when the problems seemed to start, but as I said before, other devices like phones or tablets have no connectivity issues. 

 

I have a Gateway NV55C notebook running Windows7. 

 

Thank you so much! 



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,430 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:07 AM

Posted 15 November 2013 - 08:29 PM

Hello mllewis, let's do these now.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
    <-insert any special instructions here for what to uncheck OR remove this line if there are none->
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • .
    .
    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 mllewis

mllewis
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:07 AM

Posted 08 December 2013 - 11:32 PM

Thank you! Here is the result from the minitoolbox:

 

MiniToolBox by Farbar  Version: 13-07-2013
Ran by John and Melanie (administrator) on 08-12-2013 at 21:27:26
Running from "C:\Users\John and Melanie\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
"network.proxy.type", 0
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
Atheros AR5B97 Wireless Network Adapter = Wireless Network Connection (Connected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Connected)
Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : JohnandMelanie
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : hsd1.co.comcast.net.
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : hsd1.co.comcast.net.
   Description . . . . . . . . . . . : Atheros AR5B97 Wireless Network Adapter
   Physical Address. . . . . . . . . : 5C-AC-4C-1E-5C-27
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2601:1:aa80:825:cda9:cfa5:3381:9a0(Preferred) 
   Temporary IPv6 Address. . . . . . : 2601:1:aa80:825:458c:4bd2:e696:54ca(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::cda9:cfa5:3381:9a0%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 10.0.0.2(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, December 08, 2013 4:37:58 PM
   Lease Expires . . . . . . . . . . : Sunday, December 15, 2013 8:37:24 PM
   Default Gateway . . . . . . . . . : fe80::21d:d4ff:fe4c:5a11%11
                                       10.0.0.1
   DHCP Server . . . . . . . . . . . : 10.0.0.1
   DHCPv6 IAID . . . . . . . . . . . : 308063308
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-18-CC-3F-88-AE-1D-92-C1-E1
   DNS Servers . . . . . . . . . . . : 75.75.75.75
                                       75.75.76.76
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : ACERGAIA
   Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
   Physical Address. . . . . . . . . : 88-AE-1D-92-C1-E1
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.hsd1.co.comcast.net.:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : hsd1.co.comcast.net.
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:38cd:492:f5ff:fffd(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::38cd:492:f5ff:fffd%12(Preferred) 
   Default Gateway . . . . . . . . . : 
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter isatap.ACERGAIA:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  cdns01.comcast.net
Address:  75.75.75.75
 
Name:    google.com
Addresses:  2607:f8b0:400b:80a::1007
 208.117.232.123
 208.117.232.117
 208.117.232.119
 208.117.232.116
 208.117.232.122
 208.117.232.120
 208.117.232.121
 208.117.232.118
 
 
Pinging google.com [2a00:1450:4001:804::1005] with 32 bytes of data:
Reply from 2a00:1450:4001:804::1005: time=137ms 
Reply from 2a00:1450:4001:804::1005: time=139ms 
 
Ping statistics for 2a00:1450:4001:804::1005:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 137ms, Maximum = 139ms, Average = 138ms
Server:  cdns01.comcast.net
Address:  75.75.75.75
 
Name:    yahoo.com
Addresses:  98.139.183.24
 206.190.36.45
 98.138.253.109
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Request timed out.
Request timed out.
 
Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=12ms TTL=128
Reply from 127.0.0.1: bytes=32 time=5ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 5ms, Maximum = 12ms, Average = 8ms
===========================================================================
Interface List
 11...5c ac 4c 1e 5c 27 ......Atheros AR5B97 Wireless Network Adapter
 10...88 ae 1d 92 c1 e1 ......Broadcom NetLink ™ Gigabit Ethernet
  1...........................Software Loopback Interface 1
 15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         10.0.0.1         10.0.0.2     25
         10.0.0.0    255.255.255.0         On-link          10.0.0.2    281
         10.0.0.2  255.255.255.255         On-link          10.0.0.2    281
       10.0.0.255  255.255.255.255         On-link          10.0.0.2    281
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link          10.0.0.2    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link          10.0.0.2    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 11    281 ::/0                     fe80::21d:d4ff:fe4c:5a11
  1    306 ::1/128                  On-link
 12     58 2001::/32                On-link
 12    306 2001:0:9d38:6abd:38cd:492:f5ff:fffd/128
                                    On-link
 11     33 2601:1:aa80:825::/64     On-link
 11    281 2601:1:aa80:825:458c:4bd2:e696:54ca/128
                                    On-link
 11    281 2601:1:aa80:825:cda9:cfa5:3381:9a0/128
                                    On-link
 11    281 fe80::/64                On-link
 12    306 fe80::/64                On-link
 12    306 fe80::38cd:492:f5ff:fffd/128
                                    On-link
 11    281 fe80::cda9:cfa5:3381:9a0/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    306 ff00::/8                 On-link
 11    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (12/08/2013 07:45:06 PM) (Source: ESENT) (User: )
Description: taskhost (7280) An attempt to open the file "C:\Users\John and Melanie\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Error: (12/08/2013 07:45:05 PM) (Source: Application Error) (User: )
Description: Faulting application name: SMessaging.exe, version: 5.0.2.34, time stamp: 0x4f7c54ea
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18229, time stamp: 0x51fb1116
Exception code: 0xe0434f4d
Fault offset: 0x0000c41f
Faulting process id: 0x%9
Faulting application start time: 0xSMessaging.exe0
Faulting application path: SMessaging.exe1
Faulting module path: SMessaging.exe2
Report Id: SMessaging.exe3
 
Error: (12/08/2013 07:43:22 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7146297
 
Error: (12/08/2013 07:43:22 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7146297
 
Error: (12/08/2013 07:43:22 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (12/08/2013 07:43:20 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7145252
 
Error: (12/08/2013 07:43:20 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7145252
 
Error: (12/08/2013 07:43:20 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (12/08/2013 07:43:19 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7144238
 
Error: (12/08/2013 07:43:19 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7144238
 
 
System errors:
=============
Error: (12/03/2013 07:19:07 AM) (Source: DCOM) (User: )
Description: {CC957078-B838-47C4-A7CF-626E7A82FC58}
 
Error: (12/01/2013 10:06:53 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
 
Error: (11/26/2013 07:38:00 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 11 for Windows 7 for x64-based Systems.
 
Error: (11/15/2013 08:23:47 AM) (Source: Microsoft-Windows-Bits-Client) (User: NT AUTHORITY)
Description: A new BITS job could not be created. The current job count for the user JohnandMelanie\John's Dongxi (60) is equal to or greater than the job limit (60) specified through group policy.  To correct the problem, complete or cancel the BITS jobs that haven't made progress by looking at the error, and restart the BITS service. If this error recurs, contact your system administrator and increate the per-user and per-computer Group Policy job limits.
 
Error: (11/02/2013 08:57:08 AM) (Source: Service Control Manager) (User: )
Description: The Apple Mobile Device service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (10/30/2013 08:12:37 AM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
 
Error: (10/29/2013 10:43:22 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BFE service.
 
Error: (10/21/2013 04:07:47 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
 
Error: (10/17/2013 08:53:15 AM) (Source: Microsoft-Windows-Bits-Client) (User: NT AUTHORITY)
Description: A new BITS job could not be created. The current job count for the user JohnandMelanie\John's Dongxi (60) is equal to or greater than the job limit (60) specified through group policy.  To correct the problem, complete or cancel the BITS jobs that haven't made progress by looking at the error, and restart the BITS service. If this error recurs, contact your system administrator and increate the per-user and per-computer Group Policy job limits.
 
Error: (10/15/2013 07:20:59 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 8:18:45 PM on ?10/?15/?2013 was unexpected.
 
 
Microsoft Office Sessions:
=========================
Error: (12/08/2013 07:45:06 PM) (Source: ESENT)(User: )
Description: taskhost7280C:\Users\John and Melanie\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.
 
Error: (12/08/2013 07:45:05 PM) (Source: Application Error)(User: )
Description: SMessaging.exe5.0.2.344f7c54eaKERNELBASE.dll6.1.7601.1822951fb1116e0434f4d0000c41f
 
Error: (12/08/2013 07:43:22 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7146297
 
Error: (12/08/2013 07:43:22 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7146297
 
Error: (12/08/2013 07:43:22 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (12/08/2013 07:43:20 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7145252
 
Error: (12/08/2013 07:43:20 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7145252
 
Error: (12/08/2013 07:43:20 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (12/08/2013 07:43:19 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7144238
 
Error: (12/08/2013 07:43:19 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7144238
 
 
CodeIntegrity Errors:
===================================
  Date: 2011-10-07 16:25:59.595
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2011-10-07 16:25:59.548
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2011-10-07 16:25:59.486
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2011-10-07 16:25:59.439
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2011-09-16 19:18:06.869
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2011-09-16 19:18:06.822
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2011-09-16 19:18:06.776
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2011-09-16 19:18:06.729
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2011-09-15 20:24:45.307
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2011-09-15 20:24:45.260
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
=========================== Installed Programs ============================
 
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
Adobe Reader X (10.1.7) (Version: 10.1.7)
Advertising Center (Version: 0.0.0.2)
Apple Application Support (Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (Version: 2.1.3.127)
Audacity 1.3.12 (Unicode)
Backup Manager Basic (Version: 2.0.0.63)
Belkin Setup and Router Monitor
Belkin USB Print and Storage Center (Version: 1.1.2)
Best Buy pc app (Version: 3.0.0.0)
Bonjour (Version: 3.0.0.10)
Broadcom Gigabit NetLink Controller (Version: 14.0.2.3)
CyberLink PowerDVD 9 (Version: 9.0.2829.50)
Gateway MyBackup (Version: 2.0.0.63)
Gateway Power Management (Version: 5.00.3005)
Gateway Recovery Management (Version: 4.05.3013)
Gateway ScreenSaver (Version: 1.1.0121.2010)
Gateway Updater (Version: 1.02.3001)
Google Chrome (Version: 31.0.1650.63)
Google Drive (Version: 1.12.5329.1887)
Google Update Helper (Version: 1.3.22.3)
HiJackThis (Version: 1.0.0)
HP Deskjet 1000 J110 series Basic Device Software (Version: 22.50.231.0)
iCloud (Version: 3.0.2.163)
ImagXpress (Version: 7.0.74.0)
InfoAtoms (Version: 1.6.0.0)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2125)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® Rapid Storage Technology (Version: 9.6.2.1001)
Internet TV for Windows Media Center (Version: 4.2.2.0)
iTunes (Version: 11.1.2.32)
Java 7 Update 45 (Version: 7.0.450)
Java Auto Updater (Version: 2.1.9.8)
Java™ 6 Update 26 (Version: 6.0.260)
JavaFX 2.1.1 (Version: 2.1.1)
Junk Mail filter update (Version: 14.0.8089.726)
Launch Manager (Version: 4.0.12)
Mafia II
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.88.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 25.0.1 (x86 en-US) (Version: 25.0.1)
Mozilla Maintenance Service (Version: 25.0.1)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nero 9 Essentials
Nero ControlCenter (Version: 9.0.0.1)
Nero DiscSpeed (Version: 5.4.13.100)
Nero DiscSpeed Help (Version: 5.4.4.100)
Nero DriveSpeed (Version: 4.4.12.100)
Nero DriveSpeed Help (Version: 4.4.4.100)
Nero Express Help (Version: 9.4.37.100)
Nero InfoTool (Version: 6.4.12.100)
Nero InfoTool Help (Version: 6.4.4.100)
Nero Installer (Version: 4.4.9.0)
Nero Online Upgrade (Version: 1.3.0.0)
Nero StartSmart (Version: 9.4.37.100)
Nero StartSmart Help (Version: 9.4.27.100)
Nero StartSmart OEM (Version: 9.4.10.100)
NeroExpress (Version: 9.4.37.100)
neroxml (Version: 1.0.0)
NVIDIA PhysX (Version: 9.10.0513)
OmmWriter (Version: 0.1.0.8)
QuickTime (Version: 7.74.80.86)
RealDownloader (Version: 1.3.0)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0)
RealPlayer (Version: 16.0.0)
Realtek High Definition Audio Driver (Version: 6.0.1.6602)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30121)
RealUpgrade 1.1 (Version: 1.1.0)
REAPER (x64)
Skype Click to Call (Version: 6.13.13771)
Skype™ 6.1 (Version: 6.1.129)
Spotify (Version: 0.8.5.1333.g822e0de8)
Steam (Version: 1.0.0.0)
Strongvault Online Backup (Version: 2.1.4.0)
StuffIt Expander 2011 (Version: 15.0.7.2518)
The Sims™ 2 Double Deluxe
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3)
Video Mover
Video Web Camera (Version: 0.5.37.3)
VoiceOver Kit (Version: 1.42.128.0)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Movie Maker (Version: 14.0.8091.0730)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8089.0726)
Windows Media Center Add-in for Flash (Version: 4.1.2.0)
Windows Mobile Device Updater Component (Version: 04.08.2345.00)
Windows Phone Support Tool (Version: 2.0.0000)
Zune (Version: 04.08.2345.00)
Zune Language Pack (CHS) (Version: 04.08.2345.00)
Zune Language Pack (CHT) (Version: 04.08.2345.00)
Zune Language Pack (CSY) (Version: 04.08.2345.00)
Zune Language Pack (DAN) (Version: 04.08.2345.00)
Zune Language Pack (DEU) (Version: 04.08.2345.00)
Zune Language Pack (ELL) (Version: 04.08.2345.00)
Zune Language Pack (ESP) (Version: 04.08.2345.00)
Zune Language Pack (FIN) (Version: 04.08.2345.00)
Zune Language Pack (FRA) (Version: 04.08.2345.00)
Zune Language Pack (HUN) (Version: 04.08.2345.00)
Zune Language Pack (IND) (Version: 04.08.2345.00)
Zune Language Pack (ITA) (Version: 04.08.2345.00)
Zune Language Pack (JPN) (Version: 04.08.2345.00)
Zune Language Pack (KOR) (Version: 04.08.2345.00)
Zune Language Pack (MSL) (Version: 04.08.2345.00)
Zune Language Pack (NLD) (Version: 04.08.2345.00)
Zune Language Pack (NOR) (Version: 04.08.2345.00)
Zune Language Pack (PLK) (Version: 04.08.2345.00)
Zune Language Pack (PTB) (Version: 04.08.2345.00)
Zune Language Pack (PTG) (Version: 04.08.2345.00)
Zune Language Pack (RUS) (Version: 04.08.2345.00)
Zune Language Pack (SVE) (Version: 04.08.2345.00)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 67%
Total physical RAM: 2806.71 MB
Available physical RAM: 918.82 MB
Total Pagefile: 5611.6 MB
Available Pagefile: 2559.32 MB
Total Virtual: 4095.88 MB
Available Virtual: 3964.56 MB
 
========================= Partitions: =====================================
 
1 Drive c: (Gateway) (Fixed) (Total:284.99 GB) (Free:166.23 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\JOHNANDMELANIE
 
Administrator            Guest                    John and Melanie         
John's Dongxi            
 
 
**** End of log ****


#4 mllewis

mllewis
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:07 AM

Posted 08 December 2013 - 11:39 PM

Here is the TDSSkiller log:

 

21:35:11.0786 0x1cb8  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
21:35:16.0996 0x1cb8  ============================================================
21:35:16.0996 0x1cb8  Current date / time: 2013/12/08 21:35:16.0996
21:35:16.0996 0x1cb8  SystemInfo:
21:35:16.0996 0x1cb8  
21:35:16.0996 0x1cb8  OS Version: 6.1.7601 ServicePack: 1.0
21:35:16.0996 0x1cb8  Product type: Workstation
21:35:16.0996 0x1cb8  ComputerName: JOHNANDMELANIE
21:35:16.0997 0x1cb8  UserName: John and Melanie
21:35:16.0997 0x1cb8  Windows directory: C:\Windows
21:35:16.0997 0x1cb8  System windows directory: C:\Windows
21:35:16.0997 0x1cb8  Running under WOW64
21:35:16.0997 0x1cb8  Processor architecture: Intel x64
21:35:16.0997 0x1cb8  Number of processors: 2
21:35:16.0997 0x1cb8  Page size: 0x1000
21:35:16.0997 0x1cb8  Boot type: Normal boot
21:35:16.0997 0x1cb8  ============================================================
21:35:17.0542 0x1cb8  KLMD registered as C:\Windows\system32\drivers\23325558.sys
21:35:18.0025 0x1cb8  System UUID: {A9D4EFAE-4F5E-F403-DDED-E3CE71084101}
21:35:19.0316 0x1cb8  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:35:19.0324 0x1cb8  ============================================================
21:35:19.0325 0x1cb8  \Device\Harddisk0\DR0:
21:35:19.0325 0x1cb8  MBR partitions:
21:35:19.0325 0x1cb8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000
21:35:19.0325 0x1cb8  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x239FB800
21:35:19.0325 0x1cb8  ============================================================
21:35:19.0364 0x1cb8  C: <-> \Device\Harddisk0\DR0\Partition2
21:35:19.0365 0x1cb8  ============================================================
21:35:19.0365 0x1cb8  Initialize success
21:35:19.0365 0x1cb8  ============================================================
21:35:20.0989 0x18c4  ============================================================
21:35:20.0989 0x18c4  Scan started
21:35:20.0989 0x18c4  Mode: Manual; 
21:35:20.0989 0x18c4  ============================================================
21:35:20.0989 0x18c4  KSN ping started
21:35:24.0490 0x18c4  KSN ping finished: true
21:35:24.0713 0x18c4  ================ Scan system memory ========================
21:35:24.0713 0x18c4  System memory - ok
21:35:24.0714 0x18c4  ================ Scan services =============================
21:35:24.0999 0x18c4  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
21:35:25.0016 0x18c4  1394ohci - ok
21:35:25.0126 0x18c4  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:35:25.0146 0x18c4  ACPI - ok
21:35:25.0184 0x18c4  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
21:35:25.0186 0x18c4  AcpiPmi - ok
21:35:25.0319 0x18c4  [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:35:25.0324 0x18c4  AdobeARMservice - ok
21:35:25.0582 0x18c4  [ A283108E14F3970432C21AF4C0CB1BCE, 1D3219EF916D54232838870EDE557296AACB714B456ED0AAE0DE3CE3822F4643 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:35:25.0596 0x18c4  AdobeFlashPlayerUpdateSvc - ok
21:35:25.0691 0x18c4  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
21:35:25.0718 0x18c4  adp94xx - ok
21:35:25.0777 0x18c4  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
21:35:25.0796 0x18c4  adpahci - ok
21:35:25.0822 0x18c4  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
21:35:25.0833 0x18c4  adpu320 - ok
21:35:25.0868 0x18c4  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:35:25.0873 0x18c4  AeLookupSvc - ok
21:35:25.0944 0x18c4  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
21:35:25.0972 0x18c4  AFD - ok
21:35:26.0077 0x18c4  [ 7F1130830B3BA85921519A5616E29803, 18A55229BFF735C101DE09F861E46FC964855B4D312CC2E56D7B8B233E3D56DF ] AffinegyService C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
21:35:26.0108 0x18c4  AffinegyService - ok
21:35:26.0169 0x18c4  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
21:35:26.0174 0x18c4  agp440 - ok
21:35:26.0205 0x18c4  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
21:35:26.0211 0x18c4  ALG - ok
21:35:26.0267 0x18c4  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:35:26.0270 0x18c4  aliide - ok
21:35:26.0310 0x18c4  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
21:35:26.0313 0x18c4  amdide - ok
21:35:26.0364 0x18c4  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
21:35:26.0369 0x18c4  AmdK8 - ok
21:35:26.0394 0x18c4  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
21:35:26.0399 0x18c4  AmdPPM - ok
21:35:26.0444 0x18c4  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:35:26.0452 0x18c4  amdsata - ok
21:35:26.0485 0x18c4  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
21:35:26.0497 0x18c4  amdsbs - ok
21:35:26.0520 0x18c4  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:35:26.0522 0x18c4  amdxata - ok
21:35:26.0571 0x18c4  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
21:35:26.0576 0x18c4  AppID - ok
21:35:26.0605 0x18c4  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:35:26.0608 0x18c4  AppIDSvc - ok
21:35:26.0666 0x18c4  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
21:35:26.0671 0x18c4  Appinfo - ok
21:35:26.0754 0x18c4  [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:35:26.0759 0x18c4  Apple Mobile Device - ok
21:35:26.0808 0x18c4  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
21:35:26.0814 0x18c4  arc - ok
21:35:26.0840 0x18c4  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
21:35:26.0846 0x18c4  arcsas - ok
21:35:26.0881 0x18c4  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:35:26.0884 0x18c4  AsyncMac - ok
21:35:26.0935 0x18c4  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
21:35:26.0938 0x18c4  atapi - ok
21:35:27.0110 0x18c4  [ E642491F64E58CD5BC8FB8B347DCF65F, D457175EF3A0552CEA3DA78E7116D54BC2BF157857A8B764597B51FB4E29C033 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
21:35:27.0235 0x18c4  athr - ok
21:35:27.0336 0x18c4  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:35:27.0374 0x18c4  AudioEndpointBuilder - ok
21:35:27.0418 0x18c4  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
21:35:27.0451 0x18c4  AudioSrv - ok
21:35:27.0517 0x18c4  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:35:27.0524 0x18c4  AxInstSV - ok
21:35:27.0582 0x18c4  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
21:35:27.0612 0x18c4  b06bdrv - ok
21:35:27.0661 0x18c4  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
21:35:27.0679 0x18c4  b57nd60a - ok
21:35:27.0736 0x18c4  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
21:35:27.0743 0x18c4  BDESVC - ok
21:35:27.0781 0x18c4  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:35:27.0783 0x18c4  Beep - ok
21:35:27.0917 0x18c4  [ 299E54DB3638A18E47BD3A2D2EF499F7, 7812C8F8EDA14CC74F43979B1C7E790EE15CFE10672C5F3E077AE6C87A69C27C ] Belkin Local Backup Service C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
21:35:27.0928 0x18c4  Belkin Local Backup Service - ok
21:35:27.0962 0x18c4  [ E62A04D615A8CAC83601E1F07C010D3C, BA9E08EE979C3898DF573B61514B3EAA6E5DAAA182DA3618BFA1BD94ABDA0266 ] Belkin Network USB Helper C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
21:35:27.0966 0x18c4  Belkin Network USB Helper - ok
21:35:28.0098 0x18c4  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
21:35:28.0136 0x18c4  BFE - ok
21:35:28.0217 0x18c4  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\system32\qmgr.dll
21:35:28.0363 0x18c4  BITS - ok
21:35:28.0389 0x18c4  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
21:35:28.0392 0x18c4  blbdrive - ok
21:35:28.0505 0x18c4  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:35:28.0530 0x18c4  Bonjour Service - ok
21:35:28.0580 0x18c4  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:35:28.0587 0x18c4  bowser - ok
21:35:28.0630 0x18c4  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:35:28.0632 0x18c4  BrFiltLo - ok
21:35:28.0650 0x18c4  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:35:28.0652 0x18c4  BrFiltUp - ok
21:35:28.0712 0x18c4  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
21:35:28.0720 0x18c4  Browser - ok
21:35:28.0756 0x18c4  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
21:35:28.0784 0x18c4  Brserid - ok
21:35:28.0800 0x18c4  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:35:28.0804 0x18c4  BrSerWdm - ok
21:35:28.0826 0x18c4  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:35:28.0828 0x18c4  BrUsbMdm - ok
21:35:28.0856 0x18c4  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:35:28.0858 0x18c4  BrUsbSer - ok
21:35:28.0876 0x18c4  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
21:35:28.0881 0x18c4  BTHMODEM - ok
21:35:28.0931 0x18c4  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
21:35:28.0937 0x18c4  bthserv - ok
21:35:28.0985 0x18c4  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:35:28.0991 0x18c4  cdfs - ok
21:35:29.0055 0x18c4  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:35:29.0064 0x18c4  cdrom - ok
21:35:29.0130 0x18c4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
21:35:29.0136 0x18c4  CertPropSvc - ok
21:35:29.0168 0x18c4  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
21:35:29.0171 0x18c4  circlass - ok
21:35:29.0217 0x18c4  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
21:35:29.0237 0x18c4  CLFS - ok
21:35:29.0295 0x18c4  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:35:29.0301 0x18c4  clr_optimization_v2.0.50727_32 - ok
21:35:29.0335 0x18c4  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:35:29.0342 0x18c4  clr_optimization_v2.0.50727_64 - ok
21:35:29.0437 0x18c4  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:35:29.0473 0x18c4  clr_optimization_v4.0.30319_32 - ok
21:35:29.0518 0x18c4  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:35:29.0528 0x18c4  clr_optimization_v4.0.30319_64 - ok
21:35:29.0552 0x18c4  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
21:35:29.0554 0x18c4  CmBatt - ok
21:35:29.0594 0x18c4  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:35:29.0596 0x18c4  cmdide - ok
21:35:29.0668 0x18c4  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
21:35:29.0693 0x18c4  CNG - ok
21:35:29.0731 0x18c4  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
21:35:29.0733 0x18c4  Compbatt - ok
21:35:29.0792 0x18c4  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
21:35:29.0796 0x18c4  CompositeBus - ok
21:35:29.0806 0x18c4  COMSysApp - ok
21:35:29.0825 0x18c4  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
21:35:29.0828 0x18c4  crcdisk - ok
21:35:29.0907 0x18c4  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:35:29.0917 0x18c4  CryptSvc - ok
21:35:30.0064 0x18c4  [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
21:35:30.0107 0x18c4  cvhsvc - ok
21:35:30.0190 0x18c4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:35:30.0220 0x18c4  DcomLaunch - ok
21:35:30.0287 0x18c4  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
21:35:30.0304 0x18c4  defragsvc - ok
21:35:30.0358 0x18c4  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:35:30.0365 0x18c4  DfsC - ok
21:35:30.0437 0x18c4  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:35:30.0455 0x18c4  Dhcp - ok
21:35:30.0479 0x18c4  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
21:35:30.0482 0x18c4  discache - ok
21:35:30.0518 0x18c4  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
21:35:30.0524 0x18c4  Disk - ok
21:35:30.0584 0x18c4  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:35:30.0595 0x18c4  Dnscache - ok
21:35:30.0664 0x18c4  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:35:30.0680 0x18c4  dot3svc - ok
21:35:30.0734 0x18c4  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
21:35:30.0744 0x18c4  DPS - ok
21:35:30.0783 0x18c4  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:35:30.0785 0x18c4  drmkaud - ok
21:35:30.0868 0x18c4  [ 1FCA854CEDFC2CCD0C22E46EA4EA18F1, 3508547FCE3B6ACA34511BB2C50A375E3894EBFAC656B9D1C82EA8439EFD8846 ] DsiWMIService   C:\Program Files (x86)\Launch Manager\dsiwmis.exe
21:35:30.0886 0x18c4  DsiWMIService - ok
21:35:30.0986 0x18c4  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:35:31.0039 0x18c4  DXGKrnl - ok
21:35:31.0097 0x18c4  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
21:35:31.0104 0x18c4  EapHost - ok
21:35:31.0350 0x18c4  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
21:35:31.0539 0x18c4  ebdrv - ok
21:35:31.0585 0x18c4  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
21:35:31.0590 0x18c4  EFS - ok
21:35:31.0689 0x18c4  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:35:31.0726 0x18c4  ehRecvr - ok
21:35:31.0758 0x18c4  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
21:35:31.0766 0x18c4  ehSched - ok
21:35:31.0842 0x18c4  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
21:35:31.0877 0x18c4  elxstor - ok
21:35:32.0044 0x18c4  [ 3EA2C4F68A782839D97B3C83595575B6, D4C3BFD0B6817B73BE9F2378FA946BD1C213A4FB9EB3F7D2C79E9B6D9F895106 ] ePowerSvc       C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
21:35:32.0090 0x18c4  ePowerSvc - ok
21:35:32.0133 0x18c4  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:35:32.0135 0x18c4  ErrDev - ok
21:35:32.0181 0x18c4  [ 0975BF32399A24117E317B5BF1D5D0AA, 850217D920BB6E524C08C11A9806B8B148E9CF6CEBED9481BF7C9F07BCA918D5 ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
21:35:32.0189 0x18c4  ETD - ok
21:35:32.0249 0x18c4  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
21:35:32.0272 0x18c4  EventSystem - ok
21:35:32.0300 0x18c4  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
21:35:32.0311 0x18c4  exfat - ok
21:35:32.0339 0x18c4  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:35:32.0351 0x18c4  fastfat - ok
21:35:32.0437 0x18c4  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
21:35:32.0475 0x18c4  Fax - ok
21:35:32.0505 0x18c4  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
21:35:32.0508 0x18c4  fdc - ok
21:35:32.0544 0x18c4  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
21:35:32.0548 0x18c4  fdPHost - ok
21:35:32.0567 0x18c4  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:35:32.0571 0x18c4  FDResPub - ok
21:35:32.0593 0x18c4  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:35:32.0598 0x18c4  FileInfo - ok
21:35:32.0618 0x18c4  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:35:32.0627 0x18c4  Filetrace - ok
21:35:32.0645 0x18c4  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
21:35:32.0648 0x18c4  flpydisk - ok
21:35:32.0703 0x18c4  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:35:32.0718 0x18c4  FltMgr - ok
21:35:32.0819 0x18c4  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
21:35:32.0882 0x18c4  FontCache - ok
21:35:32.0960 0x18c4  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:35:32.0963 0x18c4  FontCache3.0.0.0 - ok
21:35:32.0999 0x18c4  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:35:33.0004 0x18c4  FsDepends - ok
21:35:33.0043 0x18c4  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:35:33.0046 0x18c4  Fs_Rec - ok
21:35:33.0106 0x18c4  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:35:33.0119 0x18c4  fvevol - ok
21:35:33.0141 0x18c4  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
21:35:33.0151 0x18c4  gagp30kx - ok
21:35:33.0200 0x18c4  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:35:33.0203 0x18c4  GEARAspiWDM - ok
21:35:33.0289 0x18c4  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
21:35:33.0332 0x18c4  gpsvc - ok
21:35:33.0434 0x18c4  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:35:33.0442 0x18c4  gupdate - ok
21:35:33.0490 0x18c4  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:35:33.0497 0x18c4  gupdatem - ok
21:35:33.0525 0x18c4  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:35:33.0528 0x18c4  hcw85cir - ok
21:35:33.0594 0x18c4  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:35:33.0614 0x18c4  HdAudAddService - ok
21:35:33.0650 0x18c4  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
21:35:33.0658 0x18c4  HDAudBus - ok
21:35:33.0711 0x18c4  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
21:35:33.0714 0x18c4  HECIx64 - ok
21:35:33.0751 0x18c4  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
21:35:33.0754 0x18c4  HidBatt - ok
21:35:33.0775 0x18c4  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
21:35:33.0781 0x18c4  HidBth - ok
21:35:33.0800 0x18c4  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
21:35:33.0804 0x18c4  HidIr - ok
21:35:33.0828 0x18c4  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
21:35:33.0832 0x18c4  hidserv - ok
21:35:33.0893 0x18c4  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
21:35:33.0896 0x18c4  HidUsb - ok
21:35:33.0940 0x18c4  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:35:33.0947 0x18c4  hkmsvc - ok
21:35:34.0001 0x18c4  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:35:34.0016 0x18c4  HomeGroupListener - ok
21:35:34.0062 0x18c4  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:35:34.0075 0x18c4  HomeGroupProvider - ok
21:35:34.0122 0x18c4  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:35:34.0127 0x18c4  HpSAMD - ok
21:35:34.0220 0x18c4  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:35:34.0261 0x18c4  HTTP - ok
21:35:34.0306 0x18c4  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:35:34.0308 0x18c4  hwpolicy - ok
21:35:34.0378 0x18c4  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
21:35:34.0385 0x18c4  i8042prt - ok
21:35:34.0457 0x18c4  [ 1384872112E8E7FD5786ECEB8BDDF4C9, DC7844691740805A94F2901F8CB56F1591AF4F0F9C6D92D6B8595F89E6FA5F02 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
21:35:34.0484 0x18c4  iaStor - ok
21:35:34.0556 0x18c4  [ 6B24D1C3096DE796D15571079EA5E98C, 89566A7BDEDA7A663110F72B6301998651937E1E3E541EAB054169CEC8C7353F ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
21:35:34.0558 0x18c4  IAStorDataMgrSvc - ok
21:35:34.0622 0x18c4  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:35:34.0645 0x18c4  iaStorV - ok
21:35:34.0753 0x18c4  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:35:34.0800 0x18c4  idsvc - ok
21:35:35.0642 0x18c4  [ F4F91789C7C7A159CE8215C1F69F2A85, E60155402FB647B55EAD6B090204A1AA497294D473A7CCF850BB21C0DCCCB49C ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
21:35:36.0455 0x18c4  igfx - ok
21:35:36.0570 0x18c4  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
21:35:36.0574 0x18c4  iirsp - ok
21:35:36.0660 0x18c4  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
21:35:36.0707 0x18c4  IKEEXT - ok
21:35:36.0763 0x18c4  [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
21:35:36.0773 0x18c4  Impcd - ok
21:35:37.0063 0x18c4  [ 5F6A3EA5BD7CA861863A3A06CECC115C, 312B27BB6664A2DFF3B48CF9DA04511AAB281A2521A6140C7DB1613DC6562D59 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:35:37.0314 0x18c4  IntcAzAudAddService - ok
21:35:37.0380 0x18c4  [ 58CF58DEE26C909BD6F977B61D246295, 0CE27B81C091961A22B75478449D654F9C1A68E43DF80C699DB8DD3D1B288461 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
21:35:37.0395 0x18c4  IntcDAud - ok
21:35:37.0431 0x18c4  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
21:35:37.0433 0x18c4  intelide - ok
21:35:37.0468 0x18c4  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:35:37.0473 0x18c4  intelppm - ok
21:35:37.0514 0x18c4  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:35:37.0521 0x18c4  IPBusEnum - ok
21:35:37.0561 0x18c4  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:35:37.0566 0x18c4  IpFilterDriver - ok
21:35:37.0630 0x18c4  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:35:37.0663 0x18c4  iphlpsvc - ok
21:35:37.0713 0x18c4  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
21:35:37.0718 0x18c4  IPMIDRV - ok
21:35:37.0754 0x18c4  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:35:37.0761 0x18c4  IPNAT - ok
21:35:37.0854 0x18c4  [ B6E8B931EFEF4112C6A401931627DC6B, 89A0745360928F7DD0A522FF5FBFEED4FC831F37D6CF88D5E66FA91FD6F0A1DF ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
21:35:37.0895 0x18c4  iPod Service - ok
21:35:37.0937 0x18c4  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:35:37.0940 0x18c4  IRENUM - ok
21:35:37.0977 0x18c4  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:35:37.0980 0x18c4  isapnp - ok
21:35:38.0043 0x18c4  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
21:35:38.0059 0x18c4  iScsiPrt - ok
21:35:38.0124 0x18c4  [ 37E053A2CF8F0082B689ED74106E0CEC, 431D3A3212152A76878C9CA347056B62B2A5A3E0211C4D930639C426EE73A0B7 ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
21:35:38.0145 0x18c4  k57nd60a - ok
21:35:38.0194 0x18c4  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
21:35:38.0198 0x18c4  kbdclass - ok
21:35:38.0254 0x18c4  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
21:35:38.0257 0x18c4  kbdhid - ok
21:35:38.0275 0x18c4  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
21:35:38.0279 0x18c4  KeyIso - ok
21:35:38.0334 0x18c4  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:35:38.0341 0x18c4  KSecDD - ok
21:35:38.0363 0x18c4  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:35:38.0373 0x18c4  KSecPkg - ok
21:35:38.0419 0x18c4  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
21:35:38.0422 0x18c4  ksthunk - ok
21:35:38.0468 0x18c4  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:35:38.0490 0x18c4  KtmRm - ok
21:35:38.0570 0x18c4  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
21:35:38.0585 0x18c4  LanmanServer - ok
21:35:38.0632 0x18c4  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:35:38.0675 0x18c4  LanmanWorkstation - ok
21:35:38.0730 0x18c4  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:35:38.0734 0x18c4  lltdio - ok
21:35:38.0787 0x18c4  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:35:38.0806 0x18c4  lltdsvc - ok
21:35:38.0824 0x18c4  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:35:38.0828 0x18c4  lmhosts - ok
21:35:38.0921 0x18c4  [ DBC1136A62BD4DECC3632DF650284C2E, 2D6344357D21A9062019C7DDF3DB440ABC724CDA925471BBFA8CCAC65E6A2C80 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
21:35:38.0936 0x18c4  LMS - ok
21:35:38.0987 0x18c4  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
21:35:38.0994 0x18c4  LSI_FC - ok
21:35:39.0018 0x18c4  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
21:35:39.0024 0x18c4  LSI_SAS - ok
21:35:39.0044 0x18c4  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:35:39.0049 0x18c4  LSI_SAS2 - ok
21:35:39.0084 0x18c4  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:35:39.0091 0x18c4  LSI_SCSI - ok
21:35:39.0132 0x18c4  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
21:35:39.0139 0x18c4  luafv - ok
21:35:39.0204 0x18c4  [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
21:35:39.0207 0x18c4  MBAMProtector - ok
21:35:39.0301 0x18c4  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
21:35:39.0324 0x18c4  MBAMScheduler - ok
21:35:39.0424 0x18c4  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
21:35:39.0461 0x18c4  MBAMService - ok
21:35:39.0505 0x18c4  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:35:39.0512 0x18c4  Mcx2Svc - ok
21:35:39.0534 0x18c4  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
21:35:39.0538 0x18c4  megasas - ok
21:35:39.0567 0x18c4  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
21:35:39.0583 0x18c4  MegaSR - ok
21:35:39.0614 0x18c4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
21:35:39.0620 0x18c4  MMCSS - ok
21:35:39.0636 0x18c4  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
21:35:39.0639 0x18c4  Modem - ok
21:35:39.0665 0x18c4  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:35:39.0667 0x18c4  monitor - ok
21:35:39.0691 0x18c4  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:35:39.0695 0x18c4  mouclass - ok
21:35:39.0739 0x18c4  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:35:39.0742 0x18c4  mouhid - ok
21:35:39.0785 0x18c4  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:35:39.0791 0x18c4  mountmgr - ok
21:35:39.0866 0x18c4  [ 5E0686615A80A6279B2314E13CD23F6E, 659931AB2DD395FAA2E5036D02BC6AAE8A7E4C9FF1A902B1FF9C15E878C89E77 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:35:39.0876 0x18c4  MozillaMaintenance - ok
21:35:39.0909 0x18c4  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:35:39.0918 0x18c4  mpio - ok
21:35:39.0959 0x18c4  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:35:39.0964 0x18c4  mpsdrv - ok
21:35:40.0061 0x18c4  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:35:40.0106 0x18c4  MpsSvc - ok
21:35:40.0158 0x18c4  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:35:40.0167 0x18c4  MRxDAV - ok
21:35:40.0203 0x18c4  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:35:40.0213 0x18c4  mrxsmb - ok
21:35:40.0269 0x18c4  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:35:40.0285 0x18c4  mrxsmb10 - ok
21:35:40.0321 0x18c4  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:35:40.0329 0x18c4  mrxsmb20 - ok
21:35:40.0367 0x18c4  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:35:40.0370 0x18c4  msahci - ok
21:35:40.0414 0x18c4  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:35:40.0423 0x18c4  msdsm - ok
21:35:40.0470 0x18c4  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
21:35:40.0481 0x18c4  MSDTC - ok
21:35:40.0519 0x18c4  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:35:40.0522 0x18c4  Msfs - ok
21:35:40.0544 0x18c4  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:35:40.0546 0x18c4  mshidkmdf - ok
21:35:40.0586 0x18c4  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:35:40.0589 0x18c4  msisadrv - ok
21:35:40.0632 0x18c4  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:35:40.0643 0x18c4  MSiSCSI - ok
21:35:40.0650 0x18c4  msiserver - ok
21:35:40.0692 0x18c4  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:35:40.0695 0x18c4  MSKSSRV - ok
21:35:40.0713 0x18c4  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:35:40.0715 0x18c4  MSPCLOCK - ok
21:35:40.0730 0x18c4  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:35:40.0732 0x18c4  MSPQM - ok
21:35:40.0791 0x18c4  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:35:40.0811 0x18c4  MsRPC - ok
21:35:40.0862 0x18c4  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
21:35:40.0865 0x18c4  mssmbios - ok
21:35:40.0908 0x18c4  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:35:40.0910 0x18c4  MSTEE - ok
21:35:40.0934 0x18c4  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
21:35:40.0936 0x18c4  MTConfig - ok
21:35:40.0964 0x18c4  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
21:35:40.0969 0x18c4  Mup - ok
21:35:41.0042 0x18c4  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
21:35:41.0070 0x18c4  napagent - ok
21:35:41.0130 0x18c4  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:35:41.0148 0x18c4  NativeWifiP - ok
21:35:41.0261 0x18c4  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:35:41.0311 0x18c4  NDIS - ok
21:35:41.0352 0x18c4  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:35:41.0355 0x18c4  NdisCap - ok
21:35:41.0386 0x18c4  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:35:41.0389 0x18c4  NdisTapi - ok
21:35:41.0435 0x18c4  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:35:41.0440 0x18c4  Ndisuio - ok
21:35:41.0487 0x18c4  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:35:41.0497 0x18c4  NdisWan - ok
21:35:41.0534 0x18c4  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:35:41.0538 0x18c4  NDProxy - ok
21:35:41.0649 0x18c4  [ 7D2633295EB6FF2B938185874884059D, B3A4E52ABCB2E2720D8ADB0B68C222D4AB98E838D40B6A731D15EB1D6C9DEA15 ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
21:35:41.0703 0x18c4  Nero BackItUp Scheduler 4.0 - ok
21:35:41.0745 0x18c4  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:35:41.0749 0x18c4  NetBIOS - ok
21:35:41.0810 0x18c4  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:35:41.0826 0x18c4  NetBT - ok
21:35:41.0842 0x18c4  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
21:35:41.0845 0x18c4  Netlogon - ok
21:35:41.0897 0x18c4  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
21:35:41.0917 0x18c4  Netman - ok
21:35:41.0955 0x18c4  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
21:35:41.0981 0x18c4  netprofm - ok
21:35:42.0012 0x18c4  [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:35:42.0019 0x18c4  NetTcpPortSharing - ok
21:35:42.0056 0x18c4  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
21:35:42.0060 0x18c4  nfrd960 - ok
21:35:42.0126 0x18c4  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:35:42.0144 0x18c4  NlaSvc - ok
21:35:42.0163 0x18c4  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:35:42.0167 0x18c4  Npfs - ok
21:35:42.0194 0x18c4  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
21:35:42.0199 0x18c4  nsi - ok
21:35:42.0214 0x18c4  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:35:42.0217 0x18c4  nsiproxy - ok
21:35:42.0360 0x18c4  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:35:42.0455 0x18c4  Ntfs - ok
21:35:42.0526 0x18c4  [ 6FD534EDE2905D3C3257CFDD881F9705, 4055EFA3B75D6E0CE5F8E6AAE7DC8856D757CDBD4BD0FB6690F8837364F207D9 ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
21:35:42.0540 0x18c4  NTI IScheduleSvc - ok
21:35:42.0570 0x18c4  [ 64DDD0DEE976302F4BD93E5EFCC2F013, 19F54B4549999EF96FAE1B2B97973F281304843ADE0CF5823574453AB41E3E9C ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys
21:35:42.0573 0x18c4  NTIDrvr - ok
21:35:42.0589 0x18c4  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
21:35:42.0591 0x18c4  Null - ok
21:35:42.0643 0x18c4  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:35:42.0652 0x18c4  nvraid - ok
21:35:42.0679 0x18c4  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:35:42.0689 0x18c4  nvstor - ok
21:35:42.0729 0x18c4  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:35:42.0737 0x18c4  nv_agp - ok
21:35:42.0779 0x18c4  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:35:42.0785 0x18c4  ohci1394 - ok
21:35:42.0831 0x18c4  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:35:42.0840 0x18c4  ose - ok
21:35:43.0177 0x18c4  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:35:43.0529 0x18c4  osppsvc - ok
21:35:43.0592 0x18c4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:35:43.0612 0x18c4  p2pimsvc - ok
21:35:43.0650 0x18c4  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
21:35:43.0676 0x18c4  p2psvc - ok
21:35:43.0709 0x18c4  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
21:35:43.0715 0x18c4  Parport - ok
21:35:43.0758 0x18c4  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:35:43.0763 0x18c4  partmgr - ok
21:35:43.0793 0x18c4  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:35:43.0805 0x18c4  PcaSvc - ok
21:35:43.0829 0x18c4  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
21:35:43.0840 0x18c4  pci - ok
21:35:43.0885 0x18c4  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
21:35:43.0887 0x18c4  pciide - ok
21:35:43.0931 0x18c4  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
21:35:43.0943 0x18c4  pcmcia - ok
21:35:43.0966 0x18c4  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:35:43.0970 0x18c4  pcw - ok
21:35:44.0025 0x18c4  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:35:44.0060 0x18c4  PEAUTH - ok
21:35:44.0149 0x18c4  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:35:44.0152 0x18c4  PerfHost - ok
21:35:44.0295 0x18c4  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
21:35:44.0371 0x18c4  pla - ok
21:35:44.0455 0x18c4  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:35:44.0480 0x18c4  PlugPlay - ok
21:35:44.0507 0x18c4  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:35:44.0512 0x18c4  PNRPAutoReg - ok
21:35:44.0547 0x18c4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:35:44.0565 0x18c4  PNRPsvc - ok
21:35:44.0638 0x18c4  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:35:44.0666 0x18c4  PolicyAgent - ok
21:35:44.0714 0x18c4  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
21:35:44.0727 0x18c4  Power - ok
21:35:44.0780 0x18c4  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:35:44.0787 0x18c4  PptpMiniport - ok
21:35:44.0814 0x18c4  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
21:35:44.0818 0x18c4  Processor - ok
21:35:44.0868 0x18c4  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
21:35:44.0882 0x18c4  ProfSvc - ok
21:35:44.0897 0x18c4  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
21:35:44.0901 0x18c4  ProtectedStorage - ok
21:35:44.0966 0x18c4  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:35:44.0974 0x18c4  Psched - ok
21:35:45.0110 0x18c4  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
21:35:45.0191 0x18c4  ql2300 - ok
21:35:45.0220 0x18c4  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
21:35:45.0228 0x18c4  ql40xx - ok
21:35:45.0269 0x18c4  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
21:35:45.0303 0x18c4  QWAVE - ok
21:35:45.0336 0x18c4  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:35:45.0340 0x18c4  QWAVEdrv - ok
21:35:45.0364 0x18c4  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:35:45.0366 0x18c4  RasAcd - ok
21:35:45.0400 0x18c4  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:35:45.0405 0x18c4  RasAgileVpn - ok
21:35:45.0442 0x18c4  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
21:35:45.0451 0x18c4  RasAuto - ok
21:35:45.0506 0x18c4  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:35:45.0514 0x18c4  Rasl2tp - ok
21:35:45.0569 0x18c4  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
21:35:45.0590 0x18c4  RasMan - ok
21:35:45.0630 0x18c4  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:35:45.0636 0x18c4  RasPppoe - ok
21:35:45.0657 0x18c4  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:35:45.0663 0x18c4  RasSstp - ok
21:35:45.0716 0x18c4  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:35:45.0733 0x18c4  rdbss - ok
21:35:45.0753 0x18c4  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
21:35:45.0756 0x18c4  rdpbus - ok
21:35:45.0771 0x18c4  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:35:45.0772 0x18c4  RDPCDD - ok
21:35:45.0799 0x18c4  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:35:45.0801 0x18c4  RDPENCDD - ok
21:35:45.0841 0x18c4  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:35:45.0843 0x18c4  RDPREFMP - ok
21:35:45.0907 0x18c4  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:35:45.0910 0x18c4  RdpVideoMiniport - ok
21:35:45.0956 0x18c4  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:35:45.0968 0x18c4  RDPWD - ok
21:35:46.0028 0x18c4  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:35:46.0040 0x18c4  rdyboost - ok
21:35:46.0125 0x18c4  [ A0FF419B61AE47E26ADF3BB15DB4F2FE, 974FF9751D123E212BD3CE8DAE70D4BCCC988A01431A1BD91A532849E492BBD8 ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
21:35:46.0128 0x18c4  RealNetworks Downloader Resolver Service - ok
21:35:46.0166 0x18c4  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:35:46.0174 0x18c4  RemoteAccess - ok
21:35:46.0211 0x18c4  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:35:46.0223 0x18c4  RemoteRegistry - ok
21:35:46.0243 0x18c4  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:35:46.0249 0x18c4  RpcEptMapper - ok
21:35:46.0278 0x18c4  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
21:35:46.0282 0x18c4  RpcLocator - ok
21:35:46.0370 0x18c4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
21:35:46.0398 0x18c4  RpcSs - ok
21:35:46.0440 0x18c4  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:35:46.0445 0x18c4  rspndr - ok
21:35:46.0486 0x18c4  [ 44ED82612403021E36998E1ECB1198F1, 3AD488ED116C61E26B6D857494CFA80E3F99565C2D7C88C1C95DD2C6B6355BF0 ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
21:35:46.0499 0x18c4  RSUSBSTOR - ok
21:35:46.0520 0x18c4  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe
21:35:46.0523 0x18c4  SamSs - ok
21:35:46.0576 0x18c4  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:35:46.0583 0x18c4  sbp2port - ok
21:35:46.0622 0x18c4  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:35:46.0635 0x18c4  SCardSvr - ok
21:35:46.0681 0x18c4  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:35:46.0684 0x18c4  scfilter - ok
21:35:46.0787 0x18c4  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
21:35:46.0849 0x18c4  Schedule - ok
21:35:46.0899 0x18c4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:35:46.0903 0x18c4  SCPolicySvc - ok
21:35:46.0928 0x18c4  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:35:46.0940 0x18c4  SDRSVC - ok
21:35:46.0984 0x18c4  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:35:46.0987 0x18c4  secdrv - ok
21:35:47.0034 0x18c4  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
21:35:47.0039 0x18c4  seclogon - ok
21:35:47.0068 0x18c4  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
21:35:47.0074 0x18c4  SENS - ok
21:35:47.0094 0x18c4  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:35:47.0099 0x18c4  SensrSvc - ok
21:35:47.0141 0x18c4  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
21:35:47.0143 0x18c4  Serenum - ok
21:35:47.0196 0x18c4  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
21:35:47.0203 0x18c4  Serial - ok
21:35:47.0260 0x18c4  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
21:35:47.0263 0x18c4  sermouse - ok
21:35:47.0325 0x18c4  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
21:35:47.0334 0x18c4  SessionEnv - ok
21:35:47.0386 0x18c4  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:35:47.0388 0x18c4  sffdisk - ok
21:35:47.0400 0x18c4  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:35:47.0402 0x18c4  sffp_mmc - ok
21:35:47.0417 0x18c4  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:35:47.0419 0x18c4  sffp_sd - ok
21:35:47.0454 0x18c4  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
21:35:47.0456 0x18c4  sfloppy - ok
21:35:47.0555 0x18c4  [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
21:35:47.0597 0x18c4  Sftfs - ok
21:35:47.0713 0x18c4  [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
21:35:47.0741 0x18c4  sftlist - ok
21:35:47.0812 0x18c4  [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
21:35:47.0828 0x18c4  Sftplay - ok
21:35:47.0846 0x18c4  [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
21:35:47.0849 0x18c4  Sftredir - ok
21:35:47.0860 0x18c4  [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
21:35:47.0862 0x18c4  Sftvol - ok
21:35:47.0923 0x18c4  [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
21:35:47.0935 0x18c4  sftvsa - ok
21:35:47.0990 0x18c4  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:35:48.0011 0x18c4  SharedAccess - ok
21:35:48.0075 0x18c4  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:35:48.0098 0x18c4  ShellHWDetection - ok
21:35:48.0127 0x18c4  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:35:48.0131 0x18c4  SiSRaid2 - ok
21:35:48.0156 0x18c4  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
21:35:48.0161 0x18c4  SiSRaid4 - ok
21:35:48.0550 0x18c4  [ 9F712B26EE3B0242DE997A42FD302E2C, 12663EB108F158282A965EE70980627C2F2332BA7944D7DE03B78E18BEB87D26 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
21:35:48.0723 0x18c4  Skype C2C Service - ok
21:35:48.0883 0x18c4  [ 8C4F0DCC6A5100D48F9B2F950CDD220F, 7B66C259BEBFEA527BFEC2B69E8224EE2277CB736EF9E0F5A92C932657EC8351 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
21:35:48.0891 0x18c4  SkypeUpdate - ok
21:35:48.0935 0x18c4  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:35:48.0941 0x18c4  Smb - ok
21:35:48.0979 0x18c4  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:35:48.0984 0x18c4  SNMPTRAP - ok
21:35:48.0997 0x18c4  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:35:48.0999 0x18c4  spldr - ok
21:35:49.0071 0x18c4  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
21:35:49.0103 0x18c4  Spooler - ok
21:35:49.0354 0x18c4  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
21:35:49.0545 0x18c4  sppsvc - ok
21:35:49.0618 0x18c4  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:35:49.0626 0x18c4  sppuinotify - ok
21:35:49.0682 0x18c4  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:35:49.0708 0x18c4  srv - ok
21:35:49.0758 0x18c4  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:35:49.0781 0x18c4  srv2 - ok
21:35:49.0813 0x18c4  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:35:49.0823 0x18c4  srvnet - ok
21:35:49.0863 0x18c4  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:35:49.0876 0x18c4  SSDPSRV - ok
21:35:49.0901 0x18c4  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:35:49.0909 0x18c4  SstpSvc - ok
21:35:49.0941 0x18c4  Steam Client Service - ok
21:35:49.0972 0x18c4  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
21:35:49.0975 0x18c4  stexstor - ok
21:35:50.0057 0x18c4  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
21:35:50.0091 0x18c4  stisvc - ok
21:35:50.0137 0x18c4  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
21:35:50.0139 0x18c4  swenum - ok
21:35:50.0216 0x18c4  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
21:35:50.0247 0x18c4  swprv - ok
21:35:50.0297 0x18c4  [ 52EB25BD8AB4E331028C48B178441B36, 72A907F447ADB4EF307A06D2BC1052BB2F3ED0F10DC13391DB8B43665F81FD74 ] sxuptp          C:\Windows\system32\DRIVERS\sxuptp.sys
21:35:50.0314 0x18c4  sxuptp - ok
21:35:50.0456 0x18c4  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
21:35:50.0553 0x18c4  SysMain - ok
21:35:50.0600 0x18c4  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:35:50.0609 0x18c4  TabletInputService - ok
21:35:50.0640 0x18c4  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:35:50.0660 0x18c4  TapiSrv - ok
21:35:50.0697 0x18c4  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
21:35:50.0704 0x18c4  TBS - ok
21:35:50.0855 0x18c4  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:35:50.0956 0x18c4  Tcpip - ok
21:35:51.0079 0x18c4  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:35:51.0176 0x18c4  TCPIP6 - ok
21:35:51.0223 0x18c4  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:35:51.0227 0x18c4  tcpipreg - ok
21:35:51.0263 0x18c4  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:35:51.0265 0x18c4  TDPIPE - ok
21:35:51.0303 0x18c4  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:35:51.0306 0x18c4  TDTCP - ok
21:35:51.0367 0x18c4  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:35:51.0375 0x18c4  tdx - ok
21:35:51.0420 0x18c4  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
21:35:51.0424 0x18c4  TermDD - ok
21:35:51.0482 0x18c4  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
21:35:51.0522 0x18c4  TermService - ok
21:35:51.0553 0x18c4  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
21:35:51.0559 0x18c4  Themes - ok
21:35:51.0593 0x18c4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
21:35:51.0599 0x18c4  THREADORDER - ok
21:35:51.0621 0x18c4  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
21:35:51.0633 0x18c4  TrkWks - ok
21:35:51.0704 0x18c4  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:35:51.0715 0x18c4  TrustedInstaller - ok
21:35:51.0760 0x18c4  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:35:51.0764 0x18c4  tssecsrv - ok
21:35:51.0819 0x18c4  [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:35:51.0824 0x18c4  TsUsbFlt - ok
21:35:51.0891 0x18c4  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:35:51.0899 0x18c4  tunnel - ok
21:35:51.0935 0x18c4  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
21:35:51.0940 0x18c4  uagp35 - ok
21:35:51.0955 0x18c4  [ 2E22C1FD397A5A9FFEF55E9D1FC96C00, 4646712B3F3AF6188DBCE1A95D92261E8B15E9583FE5DD538EC884F48B51759D ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
21:35:51.0958 0x18c4  UBHelper - ok
21:35:52.0018 0x18c4  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:35:52.0036 0x18c4  udfs - ok
21:35:52.0088 0x18c4  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:35:52.0094 0x18c4  UI0Detect - ok
21:35:52.0125 0x18c4  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:35:52.0130 0x18c4  uliagpkx - ok
21:35:52.0182 0x18c4  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
21:35:52.0186 0x18c4  umbus - ok
21:35:52.0222 0x18c4  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
21:35:52.0224 0x18c4  UmPass - ok
21:35:52.0456 0x18c4  [ 7466809E6DA561D60C2F1CE8EDE3C73F, A3185049282A51B17C3DA839AF7E90F1CD395B2FB5587514EB2D65CB22854E2C ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
21:35:52.0578 0x18c4  UNS - ok
21:35:52.0664 0x18c4  [ F9EC9ACD504D823D9B9CA98A4F8D3CA2, 58DAD5111C598F14CB199FE6A61FA5918F29513B778A8664FD05EFAB3C665D4F ] Updater Service C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
21:35:52.0677 0x18c4  Updater Service - ok
21:35:52.0728 0x18c4  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
21:35:52.0750 0x18c4  upnphost - ok
21:35:52.0801 0x18c4  [ AA33FC47ED58C34E6E9261E4F850B7EB, C6388127CAA695434ABFB6C59A53C8544E67E414012DE5F21B36D035BB1BACC8 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
21:35:52.0805 0x18c4  USBAAPL64 - ok
21:35:52.0879 0x18c4  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
21:35:52.0886 0x18c4  usbaudio - ok
21:35:52.0921 0x18c4  [ ACCEA6BC68D0C9A78EB97EE159028B4E, 132F7A543C1DA9456FBABA50552B37E3162ACA612A8567BB3FF0F7DA84231419 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:35:52.0927 0x18c4  usbccgp - ok
21:35:52.0963 0x18c4  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:35:52.0970 0x18c4  usbcir - ok
21:35:53.0004 0x18c4  [ 311C1DD1088E55BEAE15954D17F50646, A663344ABD1414D570617F59CC00020640F31DB34265142EFCA8817328DB842A ] usbehci         C:\Windows\system32\drivers\usbehci.sys
21:35:53.0009 0x18c4  usbehci - ok
21:35:53.0054 0x18c4  [ 280E90CBF4B2DDD169F0728CB44D726F, 2B39666C022A4F7338BDDB4CB0D7B4D0CC6B398298D29E38826F27FADF4C29DD ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:35:53.0074 0x18c4  usbhub - ok
21:35:53.0104 0x18c4  [ 9406D801042FAF859CF81B2C886413DC, D16536EC05260D7A2902314E1AA5E5F73533483B9967739C381FD41B6192B92F ] usbohci         C:\Windows\system32\drivers\usbohci.sys
21:35:53.0106 0x18c4  usbohci - ok
21:35:53.0147 0x18c4  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
21:35:53.0150 0x18c4  usbprint - ok
21:35:53.0195 0x18c4  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
21:35:53.0199 0x18c4  usbscan - ok
21:35:53.0237 0x18c4  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:35:53.0243 0x18c4  USBSTOR - ok
21:35:53.0276 0x18c4  [ A83D0EC9AE4C31704442099D40BA2471, A29D714FCDF10DF7A2A17D54B131AEFDA61AED988CF8B99C7B30728C50130DCE ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
21:35:53.0283 0x18c4  usbuhci - ok
21:35:53.0376 0x18c4  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
21:35:53.0387 0x18c4  usbvideo - ok
21:35:53.0423 0x18c4  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
21:35:53.0429 0x18c4  UxSms - ok
21:35:53.0443 0x18c4  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
21:35:53.0447 0x18c4  VaultSvc - ok
21:35:53.0497 0x18c4  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:35:53.0500 0x18c4  vdrvroot - ok
21:35:53.0589 0x18c4  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
21:35:53.0621 0x18c4  vds - ok
21:35:53.0661 0x18c4  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:35:53.0664 0x18c4  vga - ok
21:35:53.0686 0x18c4  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:35:53.0688 0x18c4  VgaSave - ok
21:35:53.0741 0x18c4  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
21:35:53.0754 0x18c4  vhdmp - ok
21:35:53.0789 0x18c4  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:35:53.0792 0x18c4  viaide - ok
21:35:53.0811 0x18c4  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:35:53.0816 0x18c4  volmgr - ok
21:35:53.0876 0x18c4  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:35:53.0897 0x18c4  volmgrx - ok
21:35:53.0952 0x18c4  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:35:53.0968 0x18c4  volsnap - ok
21:35:54.0005 0x18c4  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
21:35:54.0015 0x18c4  vsmraid - ok
21:35:54.0198 0x18c4  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
21:35:54.0286 0x18c4  VSS - ok
21:35:54.0314 0x18c4  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
21:35:54.0317 0x18c4  vwifibus - ok
21:35:54.0330 0x18c4  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
21:35:54.0335 0x18c4  vwififlt - ok
21:35:54.0371 0x18c4  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
21:35:54.0374 0x18c4  vwifimp - ok
21:35:54.0431 0x18c4  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
21:35:54.0455 0x18c4  W32Time - ok
21:35:54.0487 0x18c4  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
21:35:54.0490 0x18c4  WacomPen - ok
21:35:54.0553 0x18c4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:35:54.0560 0x18c4  WANARP - ok
21:35:54.0569 0x18c4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:35:54.0574 0x18c4  Wanarpv6 - ok
21:35:54.0697 0x18c4  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
21:35:54.0764 0x18c4  WatAdminSvc - ok
21:35:54.0899 0x18c4  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
21:35:54.0982 0x18c4  wbengine - ok
21:35:55.0066 0x18c4  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:35:55.0081 0x18c4  WbioSrvc - ok
21:35:55.0145 0x18c4  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:35:55.0168 0x18c4  wcncsvc - ok
21:35:55.0202 0x18c4  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:35:55.0209 0x18c4  WcsPlugInService - ok
21:35:55.0248 0x18c4  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
21:35:55.0251 0x18c4  Wd - ok
21:35:55.0359 0x18c4  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:35:55.0401 0x18c4  Wdf01000 - ok
21:35:55.0454 0x18c4  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:35:55.0462 0x18c4  WdiServiceHost - ok
21:35:55.0472 0x18c4  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:35:55.0480 0x18c4  WdiSystemHost - ok
21:35:55.0536 0x18c4  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
21:35:55.0554 0x18c4  WebClient - ok
21:35:55.0586 0x18c4  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:35:55.0603 0x18c4  Wecsvc - ok
21:35:55.0624 0x18c4  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:35:55.0632 0x18c4  wercplsupport - ok
21:35:55.0703 0x18c4  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:35:55.0712 0x18c4  WerSvc - ok
21:35:55.0758 0x18c4  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:35:55.0761 0x18c4  WfpLwf - ok
21:35:55.0789 0x18c4  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:35:55.0792 0x18c4  WIMMount - ok
21:35:55.0820 0x18c4  WinDefend - ok
21:35:55.0844 0x18c4  WinHttpAutoProxySvc - ok
21:35:55.0907 0x18c4  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:35:55.0921 0x18c4  Winmgmt - ok
21:35:56.0106 0x18c4  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
21:35:56.0215 0x18c4  WinRM - ok
21:35:56.0273 0x18c4  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
21:35:56.0277 0x18c4  WinUsb - ok
21:35:56.0361 0x18c4  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:35:56.0411 0x18c4  Wlansvc - ok
21:35:56.0616 0x18c4  [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:35:56.0737 0x18c4  wlidsvc - ok
21:35:56.0792 0x18c4  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
21:35:56.0795 0x18c4  WmiAcpi - ok
21:35:56.0839 0x18c4  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:35:56.0851 0x18c4  wmiApSrv - ok
21:35:56.0884 0x18c4  WMPNetworkSvc - ok
21:35:57.0006 0x18c4  [ 83B6CA03C846FCD47F9883D77D1EB27B, 1616DBBC95085B6618B7F884383507E2A54D561A41288E79FA6DC99218C02802 ] WMZuneComm      C:\Program Files\Zune\WMZuneComm.exe
21:35:57.0024 0x18c4  WMZuneComm - ok
21:35:57.0049 0x18c4  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:35:57.0055 0x18c4  WPCSvc - ok
21:35:57.0108 0x18c4  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:35:57.0118 0x18c4  WPDBusEnum - ok
21:35:57.0153 0x18c4  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:35:57.0156 0x18c4  ws2ifsl - ok
21:35:57.0174 0x18c4  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
21:35:57.0183 0x18c4  wscsvc - ok
21:35:57.0190 0x18c4  WSearch - ok
21:35:57.0409 0x18c4  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:35:57.0539 0x18c4  wuauserv - ok
21:35:57.0588 0x18c4  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:35:57.0594 0x18c4  WudfPf - ok
21:35:57.0636 0x18c4  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:35:57.0648 0x18c4  WUDFRd - ok
21:35:57.0699 0x18c4  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:35:57.0708 0x18c4  wudfsvc - ok
21:35:57.0771 0x18c4  [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:35:57.0788 0x18c4  WwanSvc - ok
21:35:58.0465 0x18c4  [ 67B787C34FB2888D01B130AE007042D8, E44878E53F265C89F271B08B81C129105E42D1C78C14467B2D96E28A9A428B1A ] ZuneNetworkSvc  C:\Program Files\Zune\ZuneNss.exe
21:35:59.0025 0x18c4  ZuneNetworkSvc - ok
21:35:59.0190 0x18c4  [ 4D89FC1C20CF655739EFAC5DA81A67BC, 788D0A5B9972ED6D80242C0C5E80AB0FAB44A708B896D5F724AC1559A291C8DD ] ZuneWlanCfgSvc  C:\Program Files\Zune\ZuneWlanCfgSvc.exe
21:35:59.0216 0x18c4  ZuneWlanCfgSvc - ok
21:35:59.0240 0x18c4  ================ Scan global ===============================
21:35:59.0273 0x18c4  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
21:35:59.0337 0x18c4  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
21:35:59.0367 0x18c4  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
21:35:59.0405 0x18c4  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
21:35:59.0458 0x18c4  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
21:35:59.0478 0x18c4  [ Global ] - ok
21:35:59.0478 0x18c4  ================ Scan MBR ==================================
21:35:59.0498 0x18c4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:35:59.0712 0x18c4  \Device\Harddisk0\DR0 - ok
21:35:59.0713 0x18c4  ================ Scan VBR ==================================
21:35:59.0717 0x18c4  [ 335DDC9D0A21C7926414F048F984F1D0 ] \Device\Harddisk0\DR0\Partition1
21:35:59.0720 0x18c4  \Device\Harddisk0\DR0\Partition1 - ok
21:35:59.0739 0x18c4  [ 6939CB5CB83C9C36D9C04EE6311CB549 ] \Device\Harddisk0\DR0\Partition2
21:35:59.0742 0x18c4  \Device\Harddisk0\DR0\Partition2 - ok
21:35:59.0743 0x18c4  Waiting for KSN requests completion. In queue: 238
21:36:00.0743 0x18c4  Waiting for KSN requests completion. In queue: 238
21:36:01.0743 0x18c4  Waiting for KSN requests completion. In queue: 238
21:36:02.0958 0x18c4  Win FW state via NFP2: enabled
21:36:05.0470 0x18c4  ============================================================
21:36:05.0470 0x18c4  Scan finished
21:36:05.0470 0x18c4  ============================================================
21:36:05.0487 0x19fc  Detected object count: 0
21:36:05.0487 0x19fc  Actual detected object count: 0
21:37:50.0415 0x1374  Deinitialize success


#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,430 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:07 AM

Posted 09 December 2013 - 12:33 PM

Were you able to run the other scans>

This needs to be uninstalled as its old and exploitable by malware.

Java™ 6 Update 26 (Version: 6.0.260)

The local Group Policy database file appears corrupt but have to wait until after other scans to see if it is corrected.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 mllewis

mllewis
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:07 AM

Posted 09 December 2013 - 11:42 PM

Here is the Adwcleaner scan.  I also uninstalled Java 6. When the computer had to restart after the adwcleaner, I had some trouble turning back on my  wireless radio. Not sure if related or not...

 

# AdwCleaner v3.014 - Report created 09/12/2013 at 21:20:46
# Updated 01/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : John and Melanie - JOHNANDMELANIE
# Running from : C:\Users\John and Melanie\Desktop\bleeping computer\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\ProgramData\SpeedyPC Software
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\InfoAtoms
Folder Deleted : C:\Users\John and Melanie\AppData\Local\PackageAware
Folder Deleted : C:\Users\John and Melanie\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\John's Dongxi\AppData\Local\Conduit
Folder Deleted : C:\Users\John's Dongxi\AppData\Local\getsavin
Folder Deleted : C:\Users\John's Dongxi\AppData\Local\strongvault
Folder Deleted : C:\Users\John's Dongxi\AppData\Local\TBHostSupport
Folder Deleted : C:\Users\John's Dongxi\AppData\Local\WhiteListing
Folder Deleted : C:\Users\John's Dongxi\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\John's Dongxi\AppData\Roaming\DriverCure
Folder Deleted : C:\Users\John's Dongxi\AppData\Roaming\SpeedyPC Software
Folder Deleted : C:\Users\John's Dongxi\AppData\Roaming\Mozilla\Firefox\Profiles
 
\vh9hszp1.default\ConduitCommon
Folder Deleted : C:\Users\John's Dongxi\AppData\Roaming\Mozilla\Firefox\Profiles
 
\vh9hszp1.default\Smartbar
Folder Deleted : C:\Users\John's Dongxi\AppData\Roaming\Mozilla\Firefox\Profiles
 
\vh9hszp1.default\CT3072253
Folder Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\infoatoms@infoatoms.com
Folder Deleted : C:\Users\John's Dongxi\AppData\Roaming\Mozilla\Firefox\Profiles
 
\vh9hszp1.default\Extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
Folder Deleted : C:\Users\John and Melanie\AppData\Local\Google\Chrome\User Data\Default
 
\Extensions\hhbgpoakplhahbklhkcfbpicgjcaoglk
Folder Deleted : C:\Users\John's Dongxi\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\hhbgpoakplhahbklhkcfbpicgjcaoglk
Folder Deleted : C:\Users\John's Dongxi\AppData\Local\Google\Chrome\User Data\Default\Extensions
 
\pacgpkgadgmibnhpdidcnfafllnmeomc
File Deleted : C:\END
File Deleted : C:\Users\John's Dongxi\AppData\Roaming\Mozilla\Firefox\Profiles\vh9hszp1.default
 
\searchplugins\Conduit.xml
File Deleted : C:\Users\John's Dongxi\AppData\Local\Google\Chrome\User Data\Default\Local 
 
Storage\hxxp_app.mam.conduit.com_0.localstorage
File Deleted : C:\Users\John's Dongxi\AppData\Local\Google\Chrome\User Data\Default\Local 
 
Storage\hxxp_app.mam.conduit.com_0.localstorage-journal
File Deleted : C:\Users\John's Dongxi\AppData\Local\Google\Chrome\User Data\Default\Local 
 
Storage\hxxp_facebook.conduitapps.com_0.localstorage
File Deleted : C:\Users\John's Dongxi\AppData\Local\Google\Chrome\User Data\Default\Local 
 
Storage\hxxp_facebook.conduitapps.com_0.localstorage-journal
File Deleted : C:\Users\John's Dongxi\AppData\Local\Google\Chrome\user data\default\local 
 
storage\hxxp_pricegong.conduitapps.com_0.localstorage
File Deleted : C:\Users\John's Dongxi\AppData\Local\Google\Chrome\user data\default\local 
 
storage\hxxp_pricegong.conduitapps.com_0.localstorage-journal
File Deleted : C:\Users\John's Dongxi\AppData\Local\Google\Chrome\User Data\Default\Local 
 
Storage\hxxp_search.conduit.com_0.localstorage
File Deleted : C:\Users\John's Dongxi\AppData\Local\Google\Chrome\User Data\Default\Local 
 
Storage\hxxp_search.conduit.com_0.localstorage-journal
File Deleted : C:\Users\John's Dongxi\AppData\Local\Google\Chrome\User Data\Default\Local 
 
Storage\hxxp_storage.conduit.com_0.localstorage
File Deleted : C:\Users\John's Dongxi\AppData\Local\Google\Chrome\User Data\Default\Local 
 
Storage\hxxp_storage.conduit.com_0.localstorage-journal
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [infoatoms@infoatoms.com]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hhbgpoakplhahbklhkcfbpicgjcaoglk
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
 
\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-
 
F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-
 
8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-
 
185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-
 
185A7020515B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper 
 
Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\InfoAtoms
Key Deleted : HKLM\Software\InstallIQ
Key Deleted : HKLM\Software\SpeedyPC Software
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InfoAtoms
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16736
 
 
-\\ Mozilla Firefox v25.0.1 (en-US)
 
[ File : C:\Users\John and Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\u1orjwk1.default
 
\prefs.js ]
 
Line Deleted : user_pref("browser.startup.homepage", "hxxps://mail.google.com/mail/?
 
shva=1#inbox");
 
[ File : C:\Users\John's Dongxi\AppData\Roaming\Mozilla\Firefox\Profiles\vh9hszp1.default
 
\prefs.js ]
 
Line Deleted : user_pref("CT3072253..clientLogIsEnabled", false);
Line Deleted : user_pref("CT3072253..clientLogServiceUrl", 
 
"hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT3072253..uninstallLogServiceUrl", 
 
"hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CT3072253.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Line Deleted : user_pref("CT3072253.AboutPrivacyUrl", 
 
"hxxp://www.conduit.com/privacy/Default.aspx");
Line Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_129572937280362976", true);
Line Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_129573915102477663", true);
Line Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_129749445530228833", true);
Line Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_129749445881800338", true);
Line Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_129805375651312503", true);
Line Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_130067979083742856", true);
Line Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_1359634299000", true);
Line Deleted : user_pref("CT3072253.CT3072253.lastNewTabSettings", "{\"isEnabled\":true,
 
\"newTabUrl\":\"hxxp://search.conduit.com/?
 
ctid=CT3072253&octid=CT3072253&SearchSource=15&CUI=SB_CUI&SSPV=EB_SSPV&Lay=1&UM=UM_I[...]
Line Deleted : user_pref("CT3072253.CTID", "CT3072253");
Line Deleted : user_pref("CT3072253.ConfigurationLastCheckTime", "Fri Nov 08 2013 07:50:50 GMT-
 
0700 (Mountain Standard Time)");
Line Deleted : user_pref("CT3072253.CurrentServerDate", "7-11-2013");
Line Deleted : user_pref("CT3072253.DSInstall", true);
Line Deleted : user_pref("CT3072253.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT3072253.DialogsGetterLastCheckTime", "Tue Nov 05 2013 09:14:28 GMT-
 
0700 (Mountain Standard Time)");
Line Deleted : user_pref("CT3072253.DownloadReferralCookieData", "");
Line Deleted : user_pref("CT3072253.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true
 
\"}");
Line Deleted : user_pref("CT3072253.FirstServerDate", "7-2-2012");
Line Deleted : user_pref("CT3072253.FirstTime", true);
Line Deleted : user_pref("CT3072253.FirstTimeFF3", true);
Line Deleted : user_pref("CT3072253.FixPageNotFoundErrors", true);
Line Deleted : user_pref("CT3072253.GroupingServerCheckInterval", 1440);
Line Deleted : user_pref("CT3072253.GroupingServiceUrl", 
 
"hxxp://grouping.services.conduit.com/");
Line Deleted : user_pref("CT3072253.HPInstall", true);
Line Deleted : user_pref("CT3072253.HasUserGlobalKeys", true);
Line Deleted : user_pref("CT3072253.HomePageProtectorEnabled", false);
Line Deleted : user_pref("CT3072253.HomepageBeforeUnload", "hxxp://search.conduit.com/?
 
ctid=CT3072253&SearchSource=13");
Line Deleted : user_pref("CT3072253.Initialize", true);
Line Deleted : user_pref("CT3072253.InitializeCommonPrefs", true);
Line Deleted : user_pref("CT3072253.InstallationAndCookieDataSentCount", 3);
Line Deleted : user_pref("CT3072253.InstallationId", "ConduitXPEIntegration");
Line Deleted : user_pref("CT3072253.InstallationType", "ConduitXPEIntegration");
Line Deleted : user_pref("CT3072253.InstalledDate", "Mon Feb 06 2012 18:47:02 GMT-0700 (Mountain 
 
Standard Time)");
Line Deleted : user_pref("CT3072253.IsAlertDBUpdated", true);
Line Deleted : user_pref("CT3072253.IsGrouping", false);
Line Deleted : user_pref("CT3072253.IsInitSetupIni", true);
Line Deleted : user_pref("CT3072253.IsMulticommunity", false);
Line Deleted : user_pref("CT3072253.IsOpenThankYouPage", true);
Line Deleted : user_pref("CT3072253.IsOpenUninstallPage", false);
Line Deleted : user_pref("CT3072253.IsProtectorsInit", true);
Line Deleted : user_pref("CT3072253.LanguagePackLastCheckTime", "Thu Nov 07 2013 09:15:33 GMT-
 
0700 (Mountain Standard Time)");
Line Deleted : user_pref("CT3072253.LanguagePackReloadIntervalMM", 1440);
Line Deleted : user_pref("CT3072253.LanguagePackServiceUrl", 
 
"hxxp://translation.users.conduit.com/Translation.ashx");
Line Deleted : user_pref("CT3072253.LastLogin_3.12.0.7", "Thu Apr 26 2012 20:04:38 GMT-0600 
 
(Mountain Daylight Time)");
Line Deleted : user_pref("CT3072253.LastLogin_3.12.2.3", "Sun Jun 03 2012 06:59:04 GMT-0600 
 
(Mountain Daylight Time)");
Line Deleted : user_pref("CT3072253.LastLogin_3.13.0.6", "Tue Jul 17 2012 22:59:28 GMT-0600 
 
(Mountain Daylight Time)");
Line Deleted : user_pref("CT3072253.LastLogin_3.14.1.0", "Wed Aug 29 2012 20:10:55 GMT-0600 
 
(Mountain Daylight Time)");
Line Deleted : user_pref("CT3072253.LastLogin_3.15.1.0", "Sat Nov 10 2012 15:10:20 GMT-0700 
 
(Mountain Standard Time)");
Line Deleted : user_pref("CT3072253.LastLogin_3.16.0.3", "Sun Feb 10 2013 10:07:04 GMT-0700 
 
(Mountain Standard Time)");
Line Deleted : user_pref("CT3072253.LastLogin_3.18.0.7", "Sun Jul 21 2013 12:50:55 GMT-0600 
 
(Mountain Standard Time)");
Line Deleted : user_pref("CT3072253.LastLogin_3.19.0.3", "Wed Sep 11 2013 09:19:03 GMT-0600 
 
(Mountain Standard Time)");
Line Deleted : user_pref("CT3072253.LastLogin_3.20.0.4", "Fri Nov 08 2013 07:50:50 GMT-0700 
 
(Mountain Standard Time)");
Line Deleted : user_pref("CT3072253.LastLogin_3.9.0.3", "Mon Feb 06 2012 18:47:04 GMT-0700 
 
(Mountain Standard Time)");
Line Deleted : user_pref("CT3072253.LatestVersion", "3.20.0.4");
Line Deleted : user_pref("CT3072253.Locale", "en");
Line Deleted : user_pref("CT3072253.MCDetectTooltipHeight", "83");
Line Deleted : user_pref("CT3072253.MCDetectTooltipShow", false);
Line Deleted : user_pref("CT3072253.MCDetectTooltipUrl", 
 
"hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Deleted : user_pref("CT3072253.MCDetectTooltipWidth", "295");
Line Deleted : user_pref("CT3072253.MyStuffEnabledAtInstallation", true);
Line Deleted : user_pref("CT3072253.OriginalFirstVersion", "3.9.0.3");
Line Deleted : user_pref("CT3072253.SHRINK_TOOLBAR", 1);
Line Deleted : user_pref("CT3072253.SavedHomepage", "hxxp://www.yahoo.com/");
Line Deleted : user_pref("CT3072253.SearchAPILastCheckTime", "Wed Nov 06 2013 08:26:38 GMT-0700 
 
(Mountain Standard Time)");
Line Deleted : user_pref("CT3072253.SearchCaption", "uTorrentControl2 Customized Web Search");
Line Deleted : user_pref("CT3072253.SearchEngineBeforeUnload", "uTorrentControl2 Customized Web 
 
Search");
Line Deleted : user_pref("CT3072253.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("CT3072253.SearchFromAddressBarUrl", 
 
"hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q=");
Line Deleted : user_pref("CT3072253.SearchInNewTabEnabled", true);
Line Deleted : user_pref("CT3072253.SearchInNewTabIntervalMM", 1440);
Line Deleted : user_pref("CT3072253.SearchInNewTabLastCheckTime", "Tue Sep 10 2013 21:54:48 GMT-
 
0600 (Mountain Standard Time)");
Line Deleted : user_pref("CT3072253.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-
 
hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");
Line Deleted : user_pref("CT3072253.SearchInNewTabURLFromSearchAPI", 
 
"hxxp://search.conduit.com/?
 
ctid=CT3072253&octid=CT3072253&SearchSource=15&CUI=SB_CUI&SSPV=EB_SSPV&Lay=1&UM=UM_ID");
Line Deleted : user_pref("CT3072253.SearchProtectorEnabled", true);
Line Deleted : user_pref("CT3072253.SearchProtectorToolbarDisabled", false);
Line Deleted : user_pref("CT3072253.SendProtectorDataViaLogin", true);
Line Deleted : user_pref("CT3072253.ServiceMapLastCheckTime", "Wed Nov 06 2013 08:26:37 GMT-0700 
 
(Mountain Standard Time)");
Line Deleted : user_pref("CT3072253.SettingsLastCheckTime", "Wed Nov 06 2013 21:15:15 GMT-0700 
 
(Mountain Standard Time)");
Line Deleted : user_pref("CT3072253.SettingsLastUpdate", "1383743536");
Line Deleted : user_pref("CT3072253.TBHomePageUrl", "hxxp://search.conduit.com/?
 
ctid=CT3072253&SearchSource=13");
Line Deleted : user_pref("CT3072253.ThirdPartyComponentsInterval", 504);
Line Deleted : user_pref("CT3072253.ThirdPartyComponentsLastCheck", "Mon Feb 06 2012 18:47:01 
 
GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("CT3072253.ThirdPartyComponentsLastUpdate", "1312887586");
Line Deleted : user_pref("CT3072253.ToolbarShrinkedFromSetup", false);
Line Deleted : user_pref("CT3072253.TrustedApiDomains", "conduit.com,conduit-
 
hosting.com,conduit-services.com,client.conduit-
 
storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]
Line Deleted : user_pref("CT3072253.UserID", "UN44917687448223629");
Line Deleted : user_pref("CT3072253.ValidationData_Search", 2);
Line Deleted : user_pref("CT3072253.ValidationData_Toolbar", 2);
Line Deleted : user_pref("CT3072253.addressBarTakeOverEnabledInHidden", "true");
Line Deleted : user_pref("CT3072253.alertChannelId", "1463702");
Line Deleted : user_pref("CT3072253.approveUntrustedApps", false);
Line Deleted : user_pref("CT3072253.autoDisableScopes", -1);
Line Deleted : user_pref("CT3072253.backendstorage.cbfirsttime", 
 
"4D6F6E2046656220303620323031322031383A34373A303720474D542D3037303020284D6F756E7461696E205374616E
 
646172642054696D6529");
Line Deleted : user_pref("CT3072253.backendstorage.facebook_mode", "32");
Line Deleted : user_pref("CT3072253.backendstorage.facebook_user_locale", "656E");
Line Deleted : user_pref("CT3072253.cbfirsttime.from_oldbar.enc", 
 
"TW9uIEZlYiAwNiAyMDEyIDE4OjQ3OjA3IEdNVC0wNzAwIChNb3VudGFpbiBTdGFuZGFyZCBUaW1lKQ==");
Line Deleted : user_pref("CT3072253.components.129572937280362976", false);
Line Deleted : user_pref("CT3072253.components.129572937422272723", false);
Line Deleted : user_pref("CT3072253.components.129573915102477663", false);
Line Deleted : user_pref("CT3072253.components.129593762370823811", false);
Line Deleted : user_pref("CT3072253.countryCode", "US");
Line Deleted : user_pref("CT3072253.facebook_mode.from_oldbar.enc", "Mg==");
Line Deleted : user_pref("CT3072253.facebook_user_locale.from_oldbar.enc", "ZW4=");
Line Deleted : user_pref("CT3072253.firstTimeDialogOpened", true);
Line Deleted : user_pref("CT3072253.fixPageNotFoundErrorByUser", "TRUE");
Line Deleted : user_pref("CT3072253.fixPageNotFoundErrorInHidden", "true");
Line Deleted : user_pref("CT3072253.fullUserID", "UN44917687448223629.UP.202408092927");
Line Deleted : user_pref("CT3072253.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",
 
\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",
 
\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
Line Deleted : user_pref("CT3072253.globalFirstTimeInfoLastCheckTime", "Mon Feb 06 2012 18:47:02 
 
GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("CT3072253.homepageProtectorEnableByLogin", true);
Line Deleted : user_pref("CT3072253.initDone", true);
Line Deleted : user_pref("CT3072253.installId", "ConduitXPEIntegration");
Line Deleted : user_pref("CT3072253.installType", "ConduitXPEIntegration");
Line Deleted : user_pref("CT3072253.isAppTrackingManagerOn", true);
Line Deleted : user_pref("CT3072253.isCheckedStartAsHidden", true);
Line Deleted : user_pref("CT3072253.isEnableAllDialogs", "{\"dataType\":\"string\",\"data
 
\":true}");
Line Deleted : user_pref("CT3072253.isFirstTimeToolbarLoading", "false");
Line Deleted : user_pref("CT3072253.isPerformedSmartBarTransition", "true");
Line Deleted : user_pref("CT3072253.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":
 
\"false\"}");
Line Deleted : user_pref("CT3072253.keyword", true);
Line Deleted : user_pref("CT3072253.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":
 
\"hxxp://search.conduit.com/?
 
ctid=CT3072253&octid=CT3072253&SearchSource=15&CUI=UN44917687448223629&SSPV=&Lay=1&UM=\"}");
Line Deleted : user_pref("CT3072253.lastVersion", "10.20.101.5");
Line Deleted : user_pref("CT3072253.myStuffEnabled", true);
Line Deleted : user_pref("CT3072253.myStuffPublihserMinWidth", 400);
Line Deleted : user_pref("CT3072253.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?
 
q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Deleted : user_pref("CT3072253.myStuffServiceIntervalMM", 1440);
Line Deleted : user_pref("CT3072253.myStuffServiceUrl", "hxxp://mystuff.conduit-
 
services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Deleted : user_pref("CT3072253.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",
 
\"EB_MAIN_FRAME_URL\":\"hxxps%3A%2F%2Foutlook.office365.com%2Fowa%2F%3Frealm%3Dbgcmd.org%26wa
 
%3Dwsignin1.0%26ver%3D15.0.837.10%26[...]
Line Deleted : user_pref("CT3072253.originalHomepage", "hxxp://www.yahoo.com/");
Line Deleted : user_pref("CT3072253.originalSearchAddressUrl", "");
Line Deleted : user_pref("CT3072253.originalSearchEngine", "chrome://browser-
 
region/locale/region.properties");
Line Deleted : user_pref("CT3072253.revertSettingsEnabled", true);
Line Deleted : user_pref("CT3072253.search.searchCount", 2);
Line Deleted : user_pref("CT3072253.searchFromAddressBarEnabledByUser", "true");
Line Deleted : user_pref("CT3072253.searchInNewTabEnabledByUser", "true");
Line Deleted : user_pref("CT3072253.searchInNewTabEnabledInHidden", "true");
Line Deleted : user_pref("CT3072253.searchProtectorDialogDelayInSec", 10);
Line Deleted : user_pref("CT3072253.searchProtectorEnableByLogin", true);
Line Deleted : user_pref("CT3072253.searchSuggestEnabledByUser", "true");
Line Deleted : user_pref("CT3072253.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data
 
\":\"true\"}");
Line Deleted : user_pref("CT3072253.serviceLayer_service_login_isFirstLoginInvoked", 
 
"{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3072253.serviceLayer_service_login_loginCount", "{\"dataType\":
 
\"number\",\"data\":\"4\"}");
Line Deleted : user_pref("CT3072253.serviceLayer_service_toolbarGrouping_activeCTID", 
 
"{\"dataType\":\"string\",\"data\":\"CT3072253\"}");
Line Deleted : user_pref("CT3072253.serviceLayer_service_toolbarGrouping_activeDownloadUrl", 
 
"{\"dataType\":\"string\",\"data\":\"hxxp://uTorrentControl2.OurToolbar.com//xpi\"}");
Line Deleted : user_pref("CT3072253.serviceLayer_service_toolbarGrouping_activeToolbarName", 
 
"{\"dataType\":\"string\",\"data\":\"uTorrentControl2 \"}");
Line Deleted : user_pref("CT3072253.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType
 
\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3072253.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType
 
\":\"number\",\"data\":\"2\"}");
Line Deleted : user_pref("CT3072253.serviceLayer_services_Configuration_lastUpdate", 
 
"1386126818967");
Line Deleted : user_pref("CT3072253.serviceLayer_services_login_10.20.101.5_lastUpdate", 
 
"1386165524056");
Line Deleted : user_pref("CT3072253.serviceLayer_services_searchAPI_lastUpdate", 
 
"1386126818856");
Line Deleted : user_pref("CT3072253.serviceLayer_services_serviceMap_lastUpdate", 
 
"1386126818282");
Line Deleted : user_pref("CT3072253.serviceLayer_services_toolbarSettings_lastUpdate", 
 
"1386172723463");
Line Deleted : user_pref("CT3072253.serviceLayer_services_translation_lastUpdate", 
 
"1386126818182");
Line Deleted : user_pref("CT3072253.settingsINI", true);
Line Deleted : user_pref("CT3072253.showToolbarPermission", "false");
Line Deleted : user_pref("CT3072253.smartbar.CTID", "CT3072253");
Line Deleted : user_pref("CT3072253.smartbar.Uninstall", "0");
Line Deleted : user_pref("CT3072253.smartbar.toolbarName", "uTorrentControl2 ");
Line Deleted : user_pref("CT3072253.testingCtid", "");
Line Deleted : user_pref("CT3072253.toolbarAppMetaDataLastCheckTime", "Wed Nov 06 2013 08:26:38 
 
GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("CT3072253.toolbarBornServerTime", "7-2-2012");
Line Deleted : user_pref("CT3072253.toolbarContextMenuLastCheckTime", "Mon Feb 06 2012 18:47:05 
 
GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("CT3072253.toolbarCurrentServerTime", "4-12-2013");
Line Deleted : user_pref("CT3072253.toolbarDisabled", "true");
Line Deleted : user_pref("CT3072253.toolbarLoginClientTime", "Fri Nov 08 2013 09:29:32 GMT-0700 
 
(Mountain Standard Time)");
Line Deleted : user_pref("CT3072253.upgradeFromOBVersion", true);
Line Deleted : user_pref("CT3072253.usagesFlag", 2);
Line Deleted : user_pref("CT3072253_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading 
 
toolbar\",\"time\":1386126816132,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?
 
ctid=CT3072253&SearchSource=13");
Line Deleted : user_pref("CommunityToolbar.ConduitSearchList", "uTorrentControl2 Customized Web 
 
Search");
Line Deleted : user_pref
 
("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3072253/CT3072253", 
 
"\"44e823ea7a93de2f7dd19d80a1d5095a3\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-
 
services.com/root/1463702/1459356/US", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-
 
services.com/?ctid=CT3072253", "\"1362324308\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-
 
services.com/?name=GottenApps&locale=en", "wVmmvqqOMqrv5xct1cJIHg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-
 
services.com/?name=OtherApps&locale=en", "0uSPYx+Kl2jpu8sJZMeHjw==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-
 
services.com/?name=SharedApps&locale=en", "Dclc8oo4TTv7+mAkSlUSWg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-
 
services.com/?name=Toolbar&locale=en", "K4Vqu91uAzWURlxJRdXJOg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-
 
services.com/alert/dlg.pkg", "\"d229fa25f6c9cc1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-
 
services.com/DLG.pkg?ver=3.12.0.7", "\"4ead38b3e6bcd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-
 
services.com/DLG.pkg?ver=3.12.2.3", "\"4ead38b3e6bcd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-
 
services.com/DLG.pkg?ver=3.13.0.6", "\"0d648794549cd1:14f1\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-
 
services.com/DLG.pkg?ver=3.14.1.0", "\"0e0a4327275cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-
 
services.com/DLG.pkg?ver=3.15.1.0", "\"0343677cfb1cd1:155b\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-
 
services.com/DLG.pkg?ver=3.16.0.3", "\"0343677cfb1cd1:15ff\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-
 
services.com/DLG.pkg?ver=3.18.0.7", "\"0343677cfb1cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-
 
services.com/DLG.pkg?ver=3.19.0.3", "\"23c5489aa686ce1:16c0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-
 
services.com/DLG.pkg?ver=3.20.0.4", "\"f414eeaa6bece1:16f8\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-
 
services.com/DLG.pkg?ver=3.9.0.3", "\"801a319dd78ccc1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://newtab.conduit-hosting.com/newtab/?
 
ctid=CT3072253", "\"6901b7-fd-4ad5176fb9cc0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?
 
ownerId=CT3072253", "\"07766f5592f76b152ec9246ce6a0b574\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-
 
services.com/?locale=en", "\"6d6e7780368a6882a638d6dae05b7497\"");
Line Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\John's Dongxi\
 
\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\vh9hszp1.default\\conduitCommon\\modules\
 
\3.9.0.3");
Line Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.9.0.3");
Line Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT3072253");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT3072253");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT3072253");
Line Deleted : user_pref("CommunityToolbar.globalUserId", "fd7cefee-d638-4aa9-bedc-
 
25a538d00630");
Line Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT3072253");
Line Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Mon 
 
Feb 06 2012 18:47:06 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Line Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Mon Feb 06 
 
2012 19:47:14 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", 
 
"hxxp://alert.client.conduit.com");
Line Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Line Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Mon Feb 06 2012 
 
18:47:02 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Line Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Line Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", 
 
"hxxp://alert.services.conduit.com");
Line Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Line Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Line Deleted : user_pref("CommunityToolbar.notifications.userId", "31448ade-8dfd-4e9f-bcdb-
 
4beb98bee7df");
Line Deleted : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.yahoo.com/");
Line Deleted : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-
 
region/locale/region.properties");
Line Deleted : user_pref("Smartbar.ConduitSearchEngineList", "uTorrentControl2 Customized Web 
 
Search");
Line Deleted : user_pref("Smartbar.ConduitSearchUrlList", 
 
"hxxp://search.conduit.com/ResultsExt.aspx?
 
CUI=UN44917687448223629&ctid=CT3072253&SearchSource=3&q={searchTerms}");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
Line Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3072253");
Line Deleted : user_pref("browser.search.defaultthis.engineName", "uTorrentControl2 Customized 
 
Web Search");
Line Deleted : user_pref("browser.search.defaulturl", 
 
"hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms}");
Line Deleted : user_pref("browser.startup.homepage", "hxxps://mail.google.com/mail/u/0/?
 
shva=1#inbox");
Line Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?
 
ctid=CT3072253&SearchSource=2&CUI=UN44917687448223629&UM=&q=");
Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3072253");
Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?
 
ctid=CT3072253&SearchSource=13");
Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", 
 
"hxxp://search.conduit.com/ResultsExt.aspx?
 
ctid=CT3072253&SearchSource=2&q=,hxxp://search.conduit.com/ResultsExt.aspx?
 
ctid=CT3072253&SearchSource=2&CU[...]
Line Deleted : user_pref("smartbar.machineId", 
 
"WLG0RUJGBSGYEDWY4ZNAABYJSYPMY9/GGTQZFIVLNRHXS3TEIVAV9DOIAMEP+5NDUERB9LHR2KNUQPJ9P/N7XA");
 
-\\ Google Chrome v31.0.1650.63
 
[ File : C:\Users\John and Melanie\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\John's Dongxi\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted : homepage
Deleted : icon_url
Deleted : search_url
Deleted : suggest_url
Deleted : keyword
Deleted : urls_to_restore_on_startup
 
*************************
 
AdwCleaner[R0].txt - [30276 octets] - [09/12/2013 21:18:53]
AdwCleaner[S0].txt - [30454 octets] - [09/12/2013 21:20:46]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [30515 octets] ##########


#7 mllewis

mllewis
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:07 AM

Posted 10 December 2013 - 12:03 AM

Here is the JRT scan:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by John and Melanie on Mon 12/09/2013 at 21:45:41.47
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SMessaging [Strongvault]
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
Successfully deleted: [File] "C:\users\default user\start menu\programs\startup\best buy pc app.lnk"
Successfully deleted: [File] C:\Windows\syswow64\sho138D.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoE276.tmp
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\ProgramData\best buy pc app"
Successfully deleted: [Folder] "C:\Users\John and Melanie\appdata\local\best buy pc app"
Successfully deleted: [Folder] "C:\ai_recyclebin"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
 
 
 
~~~ FireFox
 
Emptied folder: C:\Users\John and Melanie\AppData\Roaming\mozilla\firefox\profiles\u1orjwk1.default\minidumps [144 files]
 
 
 
~~~ Chrome
 
Dumping contents of C:\Users\John and Melanie\appdata\local\Google\Chrome\User Data\Default\Default
C:\Users\John and Melanie\appdata\local\Google\Chrome\User Data\Default\Default\nonafimbnagfgenfgognalgdchebjlmm
C:\Users\John and Melanie\appdata\local\Google\Chrome\User Data\Default\Default\nonafimbnagfgenfgognalgdchebjlmm\manifest.json
 
Successfully deleted: [Folder] C:\Users\John and Melanie\appdata\local\Google\Chrome\User Data\Default\Default [Default Extension 1.0]
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 12/09/2013 at 21:55:08.60
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#8 mllewis

mllewis
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:07 AM

Posted 10 December 2013 - 09:06 AM

I ran the eset scan and it ran all night. When I came back to the computer just now it looked like the computer had restarted and I didn't see any log. I saw last night it was definitely finding threats. I can try to run that scan again later today. 



#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,430 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:07 AM

Posted 10 December 2013 - 11:04 AM

The ESET Online Scanner saves a log file after running, which can be examined or sent in to ESET for further analysis. The path to the log file is "C:\Program Files\ESET\EsetOnlineScanner\log.txt" (on 64-bit systems this directory will be "C:\Program Files (x86)\ESET\Esetonlinescanner\log.txt"). You can view this file by navigating to the directory and double-clicking it in Windows Explorer, or by copying and pasting the path specification above (including the quotation marks) into the Start > Run dialog box from the Start Menu on the desktop.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 mllewis

mllewis
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:07 AM

Posted 10 December 2013 - 08:00 PM

ESET log:
 
 
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=36f52e2429d37b49823ca84241c70e7b
# engine=16202
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-12-10 07:53:22
# local_time=2013-12-10 12:53:22 (-0700, Mountain Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 0 138205452 0 0
# scanned=234856
# found=6
# cleaned=6
# scan_time=8504
sh=28B29A0AA2F451EC3837933CE5B1BD353CF0DF3E ft=1 fh=d9a532cac918a019 vn="MSIL/Adware.StrongVault.A application (cleaned by deleting - quarantined)" ac=C fn="C:\MATS\{59DB31A9-BCB0-4985-ACA6-F6477C7BE367}\FileBackup\C\Users\John's Dongxi\AppData\Local\Strongvault\StrongVaultApp.exe"
sh=EBEAFE724CB934442795775B3AF373C6C25B2F52 ft=1 fh=ded36d5ce8d1ab8d vn="a variant of Win32/Toolbar.Conduit.B application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\John and Melanie\AppData\Local\Temp\tbuTor.dll"
sh=CDF66B8C6CC63352B760B29C4EDCAEC1DDCEAA26 ft=1 fh=fcede97463fd7929 vn="MSIL/Adware.StrongVault.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\John's Dongxi\AppData\Local\temp\Strongvault.exe"
sh=16783FE1EC203A04887F5FF1EFCE06FA89BA1E95 ft=1 fh=cfb550e7a8f0c48e vn="a variant of Win32/Toolbar.Conduit.P application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\John's Dongxi\AppData\LocalLow\uTorrentControl2\ldrtbuTo0.dll"
sh=1E00782FEC3CA539AE30F866502633FF550356C6 ft=1 fh=46da0b21d76c5220 vn="a variant of Win32/Toolbar.Conduit.P application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\John's Dongxi\AppData\LocalLow\uTorrentControl2\ldrtbuTor.dll"
sh=EBEAFE724CB934442795775B3AF373C6C25B2F52 ft=1 fh=ded36d5ce8d1ab8d vn="a variant of Win32/Toolbar.Conduit.B application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\John's Dongxi\AppData\LocalLow\uTorrentControl2\tbuTor.dll"


#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,430 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:07 AM

Posted 10 December 2013 - 11:37 PM

Looks like we pulled a lot of junk off here. How is t running?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users