Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HELP PLEASE There's a New Account I Did Not Make on my Start-Up!


  • This topic is locked This topic is locked
12 replies to this topic

#1 faye raye

faye raye

  • Members
  • 150 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:59 AM

Posted 02 March 2014 - 11:48 AM

Hello. Now, I seem to have been having problems for a bit before this already, like my PC displaying this very annoying tendency to sometimes lock up, leaving Taskbar and Task Manager unusable. But that seems to be happening way less lately, and instead my Internet (dial-up) randomly keeps getting this little box in the corner that says AOL is reconnecting; and another issue is the audio on music and such will get distorted every couple of moments while you're listening.

But now, just earlier I restarted my PC, and there beneath the accounts at the Sign-In menu was a fourth account with the name Pearl! I looked in the folders and it seems to have just been made this morning. When I tried to enter it it took longer to start up than the other accounts, and it just remained on a blank blue screen when a box appeared in the corner saying it was setting up Internet Explorer. I restarted in the middle of this and went back to my account, and deleted the folders for this Pearl account. Yesterday a Download Accelerator program was downloaded from Softonic , I don't know if if had anything to do with that, or with the problems I've been having already. Please help, I'm very, very nervous about this.. I run on an XP PC that just turned nine, but it's all I have so help is very appreciated.


Edited by faye raye, 02 March 2014 - 11:51 AM.


BC AdBot (Login to Remove)

 


#2 faye raye

faye raye
  • Topic Starter

  • Members
  • 150 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:59 AM

Posted 02 March 2014 - 11:36 PM

IAlso, there was a program running called "Pcreg", I deleted the Program Files for it and uninstalled it, I don't know if maybe that had anything to do with it or might have been something bundled with the DownloadAccelerator download..



#3 faye raye

faye raye
  • Topic Starter

  • Members
  • 150 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:59 AM

Posted 03 March 2014 - 11:57 PM

UPDATE: Apparently another use of the PC was trying to download and set up programs to create  a Wi-Fi connection to a handheld gaming system. The game system's input name is Pearl, and apparently in June the other user set up a connection named Pearl or something. I admittedly don't know much about this, but I just wonder if that could have anything to do with it...



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:59 AM

Posted 06 March 2014 - 02:29 PM

Hello, please do these and lets se what we return.



Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.
  • [/list]
  • [/list]
  • [/list]

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 faye raye

faye raye
  • Topic Starter

  • Members
  • 150 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:59 AM

Posted 07 March 2014 - 10:37 AM

On ESET, should I put a check in "Remove all Quarantined Threats" before I click the "Finish" button?



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:59 AM

Posted 07 March 2014 - 04:16 PM

OK, Yes you can.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 faye raye

faye raye
  • Topic Starter

  • Members
  • 150 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:59 AM

Posted 07 March 2014 - 06:27 PM

All right, here's the results:

 

MiniToolBox:

 

MiniToolBox by Farbar  Version: 23-01-2014
Ran by Dashel R (administrator) on 06-03-2014 at 17:00:46
Running from "C:\Documents and Settings\Dashel R\My Documents\Downloads"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================
 Windows IP Configuration  Successfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1       localhost
127.0.0.1 4chan.org
127.0.0.1 chan.sankakucomplex.com
127.0.0.1 danbooru.donmai.us
127.0.0.1 fanfiction.net
127.0.0.1 g.e-hentai.org
127.0.0.1 http:/chan.sankakucomplex.com
127.0.0.1 ibsearch.i-forge.net
127.0.0.1 mangareader.net
127.0.0.1 pururin.com
127.0.0.1 rule34.paheal.net
127.0.0.1 www.fanfiction.net
127.0.0.1 www.g.e-hentai.org
127.0.0.1 www.mangareader.net
127.0.0.1 www.pururin.com

========================= IP Configuration: ================================

Intel® PRO/100 VE Network Connection = Local Area Connection (Media disconnected)


# ----------------------------------
# Interface IP Configuration         
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration


 Windows IP Configuration          Host Name . . . . . . . . . . . . : no1         Primary Dns Suffix  . . . . . . . :          Node Type . . . . . . . . . . . . : Unknown         IP Routing Enabled. . . . . . . . : Yes         WINS Proxy Enabled. . . . . . . . : Yes  Ethernet adapter Local Area Connection:          Media State . . . . . . . . . . . : Media disconnected         Description . . . . . . . . . . . : Intel® PRO/100 VE Network Connection         Physical Address. . . . . . . . . : 00-11-11-98-80-17  PPP adapter The Internet (1):          Connection-specific DNS Suffix  . :          Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface         Physical Address. . . . . . . . . : 00-53-45-00-00-00         Dhcp Enabled. . . . . . . . . . . : No         IP Address. . . . . . . . . . . . : 172.190.0.190         Subnet Mask . . . . . . . . . . . : 255.255.255.255         Default Gateway . . . . . . . . . : 172.190.0.190         DNS Servers . . . . . . . . . . . : 205.188.146.145         NetBIOS over Tcpip. . . . . . . . : Disabled Server:  nstot.proxy.aol.com
Address:  205.188.146.145

Name:    google.com
Addresses:  74.125.239.130, 74.125.239.128, 74.125.239.132, 74.125.239.131
      74.125.239.134, 74.125.239.133, 74.125.239.135, 74.125.239.142, 74.125.239.137
      74.125.239.136, 74.125.239.129

 Pinging google.com [74.125.239.137] with 32 bytes of data:  Reply from 74.125.239.137: bytes=32 time=225ms TTL=56 Reply from 74.125.239.137: bytes=32 time=191ms TTL=56  Ping statistics for 74.125.239.137:     Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Approximate round trip times in milli-seconds:     Minimum = 191ms, Maximum = 225ms, Average = 208ms Server:  nstot.proxy.aol.com
Address:  205.188.146.145

Name:    yahoo.com
Addresses:  98.139.183.24, 206.190.36.45, 98.138.253.109

 Pinging yahoo.com [98.138.253.109] with 32 bytes of data:  Reply from 98.138.253.109: bytes=32 time=295ms TTL=44 Reply from 98.138.253.109: bytes=32 time=293ms TTL=44  Ping statistics for 98.138.253.109:     Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Approximate round trip times in milli-seconds:     Minimum = 293ms, Maximum = 295ms, Average = 294ms  Pinging 127.0.0.1 with 32 bytes of data:  Reply from 127.0.0.1: bytes=32 time<1ms TTL=128 Reply from 127.0.0.1: bytes=32 time<1ms TTL=128  Ping statistics for 127.0.0.1:     Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Approximate round trip times in milli-seconds:     Minimum = 0ms, Maximum = 0ms, Average = 0ms ===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 11 11 98 80 17 ...... Intel® PRO/100 VE Network Connection - Packet Scheduler Miniport
0xa0004 ...00 53 45 00 00 00 ...... WAN (PPP/SLIP) Interface
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    172.190.0.190   172.190.0.190      1
      63.93.65.84  255.255.255.255    172.190.0.190   172.190.0.190      1
      64.236.18.1  255.255.255.255    172.190.0.191   172.190.0.190      1
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
    172.190.0.190  255.255.255.255        127.0.0.1       127.0.0.1      50
  172.190.255.255  255.255.255.255    172.190.0.190   172.190.0.190      50
        224.0.0.0        240.0.0.0    172.190.0.190   172.190.0.190      1
  255.255.255.255  255.255.255.255    172.190.0.190   172.190.0.190      1
  255.255.255.255  255.255.255.255    172.190.0.190               2      1
Default Gateway:     172.190.0.190
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Program Files\SpeedBit Video Accelerator\sblsp.dll [177320] (SPEEDbit)
Catalog9 02 C:\Program Files\SpeedBit Video Accelerator\sblsp.dll [177320] (SPEEDbit)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 19 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 20 C:\Program Files\SpeedBit Video Accelerator\sblsp.dll [177320] (SPEEDbit)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/05/2014 03:49:43 PM) (Source: Application Hang) (User: )
Description: Hanging application mspaint.exe, version 5.1.2600.5918, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (03/04/2014 03:26:20 PM) (Source: Application Hang) (User: )
Description: Hanging application explorer.exe, version 6.0.2900.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (03/03/2014 00:33:49 AM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 80070490, P2 remediation, P3 remediationfailuretelemetry, P4 1.1.10302.0, P5 mpengine, P6 0, P7 unspecified, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (03/02/2014 02:39:32 PM) (Source: .NET Runtime 2.0 Error Reporting) (User: )
Description: Faulting application dap.exe, version 10.0.5.9, stamp 52ee5984, faulting module dapremotecontrolplugin.dll, version 1.0.5.1, stamp 52ee5ac0, debug? 0, fault address 0x00004dab.

Error: (03/02/2014 00:02:12 PM) (Source: .NET Runtime 2.0 Error Reporting) (User: )
Description: Faulting application dap.exe, version 10.0.5.9, stamp 52ee5984, faulting module ntdll.dll, version 5.1.2600.6055, stamp 4d00f27d, debug? 0, fault address 0x0004487f.

Error: (03/02/2014 08:12:30 AM) (Source: Application Error) (User: )
Description: Faulting application sbu.exe, version 2.1.0.59, faulting module sbu.exe, version 2.1.0.59, fault address 0x000b328a.
Processing media-specific event for [sbu.exe!ws!]

Error: (03/02/2014 08:03:21 AM) (Source: Application Error) (User: )
Description: Faulting application sbu.exe, version 2.1.0.59, faulting module sbu.exe, version 2.1.0.59, fault address 0x000b328a.
Processing media-specific event for [sbu.exe!ws!]

Error: (03/02/2014 07:12:16 AM) (Source: Application Error) (User: )
Description: Faulting application sbu.exe, version 2.1.0.59, faulting module sbu.exe, version 2.1.0.59, fault address 0x000b328a.
Processing media-specific event for [sbu.exe!ws!]

Error: (03/02/2014 06:12:03 AM) (Source: Application Error) (User: )
Description: Faulting application sbu.exe, version 2.1.0.59, faulting module sbu.exe, version 2.1.0.59, fault address 0x000b328a.
Processing media-specific event for [sbu.exe!ws!]

Error: (03/02/2014 05:12:10 AM) (Source: Application Error) (User: )
Description: Faulting application sbu.exe, version 2.1.0.59, faulting module sbu.exe, version 2.1.0.59, fault address 0x000b328a.
Processing media-specific event for [sbu.exe!ws!]


System errors:
=============
Error: (03/05/2014 09:17:01 PM) (Source: Schedule) (User: )
Description: The At1.job command failed to start due to the following error:
%%2147942403

Error: (03/05/2014 06:05:51 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.167.1163.0

    Update Source: %NT AUTHORITY59

    Update Stage: 4.1.0522.00

    Source Path: 4.1.0522.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\SYSTEM

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

Error: (03/05/2014 06:05:27 PM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.167.1268.0).

Error: (03/04/2014 09:17:00 PM) (Source: Schedule) (User: )
Description: The At1.job command failed to start due to the following error:
%%2147942403

Error: (03/04/2014 05:42:21 PM) (Source: DCOM) (User: NO1)
Description: DCOM got error "%%1058" attempting to start the service WefiEngSvc with arguments "-Service"
in order to run the server:
{F4F730A7-8BAD-4368-A446-C20B58270834}

Error: (03/04/2014 05:29:55 PM) (Source: Service Control Manager) (User: )
Description: The StarOpen service failed to start due to the following error:
%%2

Error: (03/03/2014 09:17:00 PM) (Source: Schedule) (User: )
Description: The At1.job command failed to start due to the following error:
%%2147942403

Error: (03/03/2014 03:11:32 PM) (Source: DCOM) (User: NO1)
Description: DCOM got error "%%1058" attempting to start the service WefiEngSvc with arguments "-Service"
in order to run the server:
{F4F730A7-8BAD-4368-A446-C20B58270834}

Error: (03/03/2014 02:59:47 PM) (Source: Service Control Manager) (User: )
Description: The StarOpen service failed to start due to the following error:
%%2

Error: (03/03/2014 02:52:23 PM) (Source: Service Control Manager) (User: )
Description: The StarOpen service failed to start due to the following error:
%%2


Microsoft Office Sessions:
=========================
Error: (03/05/2014 03:49:43 PM) (Source: Application Hang)(User: )
Description: mspaint.exe5.1.2600.5918hungapp0.0.0.000000000

Error: (03/04/2014 03:26:20 PM) (Source: Application Hang)(User: )
Description: explorer.exe6.0.2900.5512hungapp0.0.0.000000000

Error: (03/03/2014 00:33:49 AM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry80070490remediationremediationfailuretelemetry1.1.10302.0mpengine0unspecifiedNILNILNIL

Error: (03/02/2014 02:39:32 PM) (Source: .NET Runtime 2.0 Error Reporting)(User: )
Description: dap.exe10.0.5.952ee5984dapremotecontrolplugin.dll1.0.5.152ee5ac0000004dab

Error: (03/02/2014 00:02:12 PM) (Source: .NET Runtime 2.0 Error Reporting)(User: )
Description: dap.exe10.0.5.952ee5984ntdll.dll5.1.2600.60554d00f27d00004487f

Error: (03/02/2014 08:12:30 AM) (Source: Application Error)(User: )
Description: sbu.exe2.1.0.59sbu.exe2.1.0.59000b328a

Error: (03/02/2014 08:03:21 AM) (Source: Application Error)(User: )
Description: sbu.exe2.1.0.59sbu.exe2.1.0.59000b328a

Error: (03/02/2014 07:12:16 AM) (Source: Application Error)(User: )
Description: sbu.exe2.1.0.59sbu.exe2.1.0.59000b328a

Error: (03/02/2014 06:12:03 AM) (Source: Application Error)(User: )
Description: sbu.exe2.1.0.59sbu.exe2.1.0.59000b328a

Error: (03/02/2014 05:12:10 AM) (Source: Application Error)(User: )
Description: sbu.exe2.1.0.59sbu.exe2.1.0.59000b328a


=========================== Installed Programs ============================

7-Zip 9.20
Ad-Aware SE Personal
Adobe Flash Player 12 ActiveX (Version: 12.0.0.70)
Adobe Flash Player 12 Plugin (Version: 12.0.0.70)
Adobe Photoshop CS (Version: CS)
Adobe Shockwave Player (Version: 11)
AFPL Ghostscript 8.53
AFPL Ghostscript Fonts
AIM Toolbar
America Online (Choose which version to remove)
AOL Coach Version 1.0(Build:20030807.3)
AOL Coach Version 2.0(Build:20041026.5 en)
AOL Deskbar
AOL Instant Messenger
AOL Toolbar
AOL You've Got Pictures Screensaver
Apple Application Support (Version: 3.0)
Apple Mobile Device Support (Version: 7.1.0.32)
Apple Software Update (Version: 2.1.3.127)
ArcSoft MediaImpression (Version: 1.2.19.330)
Artoonix 1.2
AutoUpdate (Version: 1.0)
Bonjour (Version: 3.0.0.10)
Camera Driver
CCleaner (Version: 3.28)
Cheat Engine 6.3
Conduit Engine (Version: )
Crash Analysis Tool (Version: 1.00.0001)
Delete Virtual-Mate Launcher (Version: 1.0.0)
Dell Digital Jukebox Driver
Dell Driver Reset Tool (Version: 1.02.0000)
Dell Media Experience
Dell Photo AIO Printer 922
Dell Support Center (Version: 2.0.07311)
Dell System Restore (Version: 2.00.0000)
DellSupport (Version: 6.0.3062)
DivX (Version: 5.2.1)
Download Accelerator Plus (DAP) (Version: 10059 (Build 2593))
FLAC Installer 1.1.2a (remove only) (Version: 1.1.2a)
FormatFactory 3.0.1 (Version: 3.0.1)
Free Audio Editor
Freecorder (Version: 4.1)
Freecorder Toolbar (Version: 6.2.2.4)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.1.2003.1856)
Google Update Helper (Version: 1.3.21.69)
Intel® 537EP V9x DF PCI Modem
Intel® Extreme Graphics 2 Driver (Version: 6.14.10.4396)
Intel® PRO Network Adapters and Drivers
Intel® PROSet for Wired Connections (Version: 8.00.5000)
InterAct DexPlorer
Internet Explorer Default Page (Version: 1.00.03)
iPod Agent 1.0.1.0 (Version: 1.0.1.0)
iPod for Windows 2005-02-07 (Version: 3.1.0)
iPod Reset Utility (Version: 1.0.4.71)
Itibiti RTC (Version: 0.0.1)
iTunes (Version: 11.1.4.62)
IZArc 4.1.8 (Version: 4.1.8)
Jiveshwar's Wi-Fi Hotspot Maker (Version: 1.1)
Learn2 Player (Uninstall Only)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Memeo AutoSync
Memeo Instant Backup (Version: 4.60.0.7923)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Plus! Digital Media Edition Installer (Version: 1.1.0.3514)
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft VC9 runtime libraries (Version: 1.0.0)
Microsoft VC9 runtime libraries (Version: 2.0.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Modem Event Monitor
Modem Helper (Version: 2.25)
Modem On Hold (Version: 1.12)
Mozilla Firefox 27.0.1 (x86 en-US) (Version: 27.0.1)
Mozilla Maintenance Service (Version: 27.0.1)
MSN
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6.0 Parser (Version: 6.00.3883.8)
msxml4 (Version: 1.0.0)
Musicmatch for Windows Media Player (Version: 0.00.000)
OpenOffice.org 2.0 (Version: 2.0.8990)
PAP project files
PDFill PDF Editor 4.1 with Writer and Tools (Unicode) (Version: 4.1)
PDFill PDF Writer
Pokémon Play It! v2
Pure Networks Port Magic (Version: 1.2.1393.0)
Qualxserve Service Agreement (Version: 1.10.0000)
Quick Site Blocker version 1.704 (Version: 1.704)
QuickTime (Version: 7.65.17.80)
RealPlayer
RPG MAKER VX Ace Lite (Version: 1.01b)
RPGC
Sandboxie 3.64 (32-bit) (Version: 3.64)
Seagate Dashboard (Version: 1.1.0.1421)
Search for the Secret Keys (Version: 1.0)
Sonic RecordNow! (Version: 7.3)
Sonic Update Manager (Version: 2.9)
SoundMAX (Version: 5.12.01.5211)
Spybot - Search & Destroy 1.3 (Version: 1.3)
Subtitle Edit v3.0 (Version: 3.0)
TigerGame Superjoy Box Series
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2492386) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB2808679) (Version: 1)
Update for Windows XP (KB2863058) (Version: 1)
Update for Windows XP (KB2904266) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
VideoPad Video Editor (Version: 3.22)
Viewpoint Media Player
WebFldrs XP (Version: 9.50.7523)
WeFi 4.0.1.0 (Version: 4.0.1.0)
WIFi Locator version 1.1 (Version: 1.1)
WinAce Archiver (Version: 2.594)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.5.0540.0)
Windows Genuine Advantage v1.3.0254.0 (Version: 1.3.0254.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format Runtime
Windows Media Player 10
Windows Media Player 10 (Version: 9.00.3636)
Winnie the Pooh Kindergarten Deluxe (Version: 1.0)
WordPerfect Office 12 (Version: 12.0.0.238)

========================= Memory info: ===================================

Percentage of memory in use: 43%
Total physical RAM: 509.98 MB
Available physical RAM: 290.07 MB
Total Pagefile: 1428.72 MB
Available Pagefile: 899.53 MB
Total Virtual: 2047.88 MB
Available Virtual: 1941.2 MB

========================= Partitions: =====================================

2 Drive c: (Local Disk) (Fixed) (Total:71.56 GB) (Free:26.43 GB) NTFS

========================= Users: ========================================

User accounts for \\NO1

Administrator            ASPNET                   C.O.    
D. R.               Guest                    HelpAssistant            
Others                   Pearl                    SUPPORT_388945a0         


**** End of log ****
 

 

TDDSSKiller:

 

17:30:51.0671 0x0d44  TDSS rootkit removing tool 3.0.0.25 Feb 27 2014 15:23:02
17:33:04.0546 0x0d44  ============================================================
17:33:04.0546 0x0d44  Current date / time: 2014/03/06 17:33:04.0546
17:33:04.0546 0x0d44  SystemInfo:
17:33:04.0546 0x0d44  
17:33:04.0546 0x0d44  OS Version: 5.1.2600 ServicePack: 3.0
17:33:04.0546 0x0d44  Product type: Workstation
17:33:04.0546 0x0d44  ComputerName: NO1
17:33:04.0546 0x0d44  UserName: D. R.
17:33:04.0546 0x0d44  Windows directory: C:\WINDOWS
17:33:04.0546 0x0d44  System windows directory: C:\WINDOWS
17:33:04.0546 0x0d44  Processor architecture: Intel x86
17:33:04.0546 0x0d44  Number of processors: 1
17:33:04.0546 0x0d44  Page size: 0x1000
17:33:04.0546 0x0d44  Boot type: Normal boot
17:33:04.0546 0x0d44  ============================================================
17:33:33.0421 0x0d44  KLMD registered as C:\WINDOWS\system32\drivers\01484418.sys
17:33:36.0218 0x0d44  System UUID: {196C1708-946C-CE70-7379-A90D497A66D6}
17:33:39.0812 0x0d44  Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
17:33:39.0812 0x0d44  ============================================================
17:33:39.0812 0x0d44  \Device\Harddisk0\DR0:
17:33:39.0812 0x0d44  MBR partitions:
17:33:39.0812 0x0d44  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xFB04, BlocksNum 0x8F206FE
17:33:39.0812 0x0d44  ============================================================
17:33:39.0859 0x0d44  C: <-> \Device\Harddisk0\DR0\Partition1
17:33:39.0859 0x0d44  ============================================================
17:33:39.0859 0x0d44  Initialize success
17:33:39.0859 0x0d44  ============================================================
17:34:31.0390 0x0a30  ============================================================
17:34:31.0390 0x0a30  Scan started
17:34:31.0390 0x0a30  Mode: Manual;
17:34:31.0390 0x0a30  ============================================================
17:34:31.0390 0x0a30  KSN ping started
17:34:33.0328 0x0a30  KSN ping finished: true
17:34:34.0875 0x0a30  ================ Scan system memory ========================
17:34:34.0875 0x0a30  System memory - ok
17:34:34.0890 0x0a30  ================ Scan services =============================
17:34:35.0140 0x0a30  0096561348771546mcinstcleanup - ok
17:34:35.0593 0x0a30  Abiosdsk - ok
17:34:35.0671 0x0a30  [ 6ABB91494FE6C59089B9336452AB2EA3, FA28396820E44F991891042E051A4414485B54D456F252E03E3FFE1B4B4CF843 ] abp480n5        C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
17:34:35.0671 0x0a30  abp480n5 - ok
17:34:36.0171 0x0a30  [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon        C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
17:34:36.0218 0x0a30  ACDaemon - ok
17:34:36.0359 0x0a30  [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:34:36.0421 0x0a30  ACPI - ok
17:34:36.0515 0x0a30  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
17:34:36.0671 0x0a30  ACPIEC - ok
17:34:36.0765 0x0a30  [ 5DDC0A8D2CD60BDA593DDAF45821CE08, 5A1599702C132C71F043576F50A4115647754FA5F7A01D17B72E147958A06383 ] Adobe LM Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
17:34:38.0218 0x0a30  Adobe LM Service - ok
17:34:38.0468 0x0a30  [ F7AB315A4D400CA876381D1E188A2E20, B6019C2E9B6801BB23C530C66D080F47330F48ADB0DD2813D50BE1408865BD91 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:34:38.0593 0x0a30  AdobeFlashPlayerUpdateSvc - ok
17:34:38.0687 0x0a30  [ 9A11864873DA202C996558B2106B0BBC, 4C68F1DBD1541291DD0FAB78DB42B25FA051CD9F55ED869173E3219CD31500C4 ] adpu160m        C:\WINDOWS\system32\DRIVERS\adpu160m.sys
17:34:38.0718 0x0a30  adpu160m - ok
17:34:38.0828 0x0a30  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
17:34:38.0890 0x0a30  aec - ok
17:34:38.0953 0x0a30  [ FE3EA6E9AFC1A78E6EDCA121E006AFB7, B596ABBAC058D93C505C9DBF8685049C88E4364195A4092DB580D2D44FA8C23C ] Afc             C:\WINDOWS\system32\drivers\Afc.sys
17:34:38.0968 0x0a30  Afc - ok
17:34:39.0078 0x0a30  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
17:34:39.0156 0x0a30  AFD - ok
17:34:39.0234 0x0a30  [ 08FD04AA961BDC77FB983F328334E3D7, A784EC8A9EDB579262366B5A9AB177DB7BEC0A421BDE85431D0AD4959D5AF5E7 ] agp440          C:\WINDOWS\system32\DRIVERS\agp440.sys
17:34:39.0265 0x0a30  agp440 - ok
17:34:39.0312 0x0a30  [ 03A7E0922ACFE1B07D5DB2EEB0773063, 93EEA872A5642C95FF19C81F8EFFB9B52742A14DBF138784F0F713AD18C413ED ] agpCPQ          C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
17:34:39.0328 0x0a30  agpCPQ - ok
17:34:39.0359 0x0a30  [ C23EA9B5F46C7F7910DB3EAB648FF013, 92C84E9AF278A3B55D56C4F8E6C10E3EF1F7B336A44A018AED6DC51A46671F0B ] Aha154x         C:\WINDOWS\system32\DRIVERS\aha154x.sys
17:34:39.0359 0x0a30  Aha154x - ok
17:34:39.0437 0x0a30  [ 19DD0FB48B0C18892F70E2E7D61A1529, 95BA1568E8E08314508CA0E1F95555891E70399AEC312C793B46A841F56FFDCF ] aic78u2         C:\WINDOWS\system32\DRIVERS\aic78u2.sys
17:34:39.0468 0x0a30  aic78u2 - ok
17:34:39.0531 0x0a30  [ B7FE594A7468AA0132DEB03FB8E34326, BF0DC2B8C474DB151589BA9968264413521DDD9E7316B752B2FA40C24200FBE0 ] aic78xx         C:\WINDOWS\system32\DRIVERS\aic78xx.sys
17:34:39.0562 0x0a30  aic78xx - ok
17:34:39.0625 0x0a30  [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
17:34:39.0718 0x0a30  Alerter - ok
17:34:39.0796 0x0a30  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             C:\WINDOWS\System32\alg.exe
17:34:39.0828 0x0a30  ALG - ok
17:34:39.0890 0x0a30  [ 1140AB9938809700B46BB88E46D72A96, 369379ECC5941ACE984A7F31EAABB66A2E693EDBADA639B86D26FD681D45608E ] AliIde          C:\WINDOWS\system32\DRIVERS\aliide.sys
17:34:39.0906 0x0a30  AliIde - ok
17:34:39.0984 0x0a30  [ CB08AED0DE2DD889A8A820CD8082D83C, B1A9D493390AEDF6EFF8BCAA3B33EC31758452AB497C34C0728CDDA1D8DCBF2A ] alim1541        C:\WINDOWS\system32\DRIVERS\alim1541.sys
17:34:40.0000 0x0a30  alim1541 - ok
17:34:40.0046 0x0a30  [ 95B4FB835E28AA1336CEEB07FD5B9398, 36CD3B14EF78B01FB653B78187FAA63C4DD5F4137AC3B91D81256A350EEDCBC1 ] amdagp          C:\WINDOWS\system32\DRIVERS\amdagp.sys
17:34:40.0078 0x0a30  amdagp - ok
17:34:40.0109 0x0a30  [ 79F5ADD8D24BD6893F2903A3E2F3FAD6, 9B179F0B6A559639D3AE3975CEBF2718294BE5743517BEE06586F0D258164C81 ] amsint          C:\WINDOWS\system32\DRIVERS\amsint.sys
17:34:40.0109 0x0a30  amsint - ok
17:34:40.0140 0x0a30  anvsnddrv - ok
17:34:40.0296 0x0a30  [ FA518140883112C54871F824097D262D, CAC064E3D9788A5BD3B5BD33E2091A1CF8F6C3BDE1F664791AC1AEBA8766EF8A ] AOL ACS         C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
17:34:40.0312 0x0a30  AOL ACS - ok
17:34:40.0437 0x0a30  [ 7FB54900AA9792AB6307C699EC1859D4, CDA8A505388A8873CFB6F7D793A807AE84B9EB7FA25414F0DCED6E6CD2924A33 ] AOL TopSpeedMonitor C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
17:34:40.0578 0x0a30  AOL TopSpeedMonitor - ok
17:34:40.0859 0x0a30  [ F518545E5B7623AD49ABE7F8776EFA46, CD39B6EC0D80C6DB857F34D4AC5C31085271B51B8851A56FEFC052B20B7CC40C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:34:42.0875 0x0a30  Apple Mobile Device - ok
17:34:42.0890 0x0a30  AppMgmt - ok
17:34:42.0968 0x0a30  [ 62D318E9A0C8FC9B780008E724283707, 1A69806AB2BDECCEB5EB23A80700B3F98983D5D67F78839CBF269087FA460757 ] asc             C:\WINDOWS\system32\DRIVERS\asc.sys
17:34:42.0984 0x0a30  asc - ok
17:34:43.0000 0x0a30  [ 69EB0CC7714B32896CCBFD5EDCBEA447, 1CB506B5F71F84EFD26961010681D0A79AA7B266573378E3D2755125DF5D6BB6 ] asc3350p        C:\WINDOWS\system32\DRIVERS\asc3350p.sys
17:34:43.0015 0x0a30  asc3350p - ok
17:34:43.0078 0x0a30  [ 5D8DE112AA0254B907861E9E9C31D597, 557C93E82A71131D226267151C84B197503831A16263DDFE040E996B605CA9E8 ] asc3550         C:\WINDOWS\system32\DRIVERS\asc3550.sys
17:34:43.0093 0x0a30  asc3550 - ok
17:34:43.0203 0x0a30  [ B979979AB8027F7F53FB16EC4229B7DB, 3D50396B13B494D0082266C29C40715981CA105F6E407288C71410D4B833BB10 ] ASPI32          C:\WINDOWS\system32\drivers\ASPI32.sys
17:34:43.0328 0x0a30  ASPI32 - ok
17:34:43.0562 0x0a30  [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
17:34:43.0625 0x0a30  aspnet_state - ok
17:34:43.0687 0x0a30  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:34:43.0687 0x0a30  AsyncMac - ok
17:34:43.0781 0x0a30  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
17:34:43.0796 0x0a30  atapi - ok
17:34:43.0828 0x0a30  Atdisk - ok
17:34:43.0921 0x0a30  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:34:43.0937 0x0a30  Atmarpc - ok
17:34:44.0015 0x0a30  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
17:34:44.0203 0x0a30  AudioSrv - ok
17:34:44.0281 0x0a30  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
17:34:44.0281 0x0a30  audstub - ok
17:34:44.0375 0x0a30  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
17:34:44.0468 0x0a30  Beep - ok
17:34:44.0671 0x0a30  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            C:\WINDOWS\system32\qmgr.dll
17:34:45.0062 0x0a30  BITS - ok
17:34:45.0296 0x0a30  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:34:45.0921 0x0a30  Bonjour Service - ok
17:34:46.0031 0x0a30  [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser         C:\WINDOWS\System32\browser.dll
17:34:46.0062 0x0a30  Browser - ok
17:34:46.0140 0x0a30  [ C915A416F265149471D74E0815C928B2, 7BD858209D007FE9DAB8E73AE01AE7B9A14408FA6C122B2069B9BEFB22C800EC ] bvrp_pci        C:\WINDOWS\system32\drivers\bvrp_pci.sys
17:34:46.0156 0x0a30  bvrp_pci - ok
17:34:46.0171 0x0a30  catchme - ok
17:34:46.0234 0x0a30  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf           C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
17:34:46.0234 0x0a30  cbidf - ok
17:34:46.0265 0x0a30  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
17:34:46.0265 0x0a30  cbidf2k - ok
17:34:46.0296 0x0a30  CCCP106 - ok
17:34:46.0359 0x0a30  [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
17:34:46.0359 0x0a30  CCDECODE - ok
17:34:46.0437 0x0a30  [ F3EC03299634490E97BBCE94CD2954C7, CDC85ADA27E0D501581CE6F28D7E1941E90411FA8E8F2C43A68BAA8CB78E85DD ] cd20xrnt        C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
17:34:46.0437 0x0a30  cd20xrnt - ok
17:34:46.0515 0x0a30  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
17:34:46.0609 0x0a30  Cdaudio - ok
17:34:46.0687 0x0a30  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
17:34:46.0703 0x0a30  Cdfs - ok
17:34:46.0796 0x0a30  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:34:46.0812 0x0a30  Cdrom - ok
17:34:46.0843 0x0a30  Changer - ok
17:34:46.0921 0x0a30  [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
17:34:46.0921 0x0a30  CiSvc - ok
17:34:47.0000 0x0a30  [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
17:34:47.0015 0x0a30  ClipSrv - ok
17:34:47.0156 0x0a30  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:34:47.0484 0x0a30  clr_optimization_v2.0.50727_32 - ok
17:34:47.0609 0x0a30  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:34:47.0875 0x0a30  clr_optimization_v4.0.30319_32 - ok
17:34:47.0953 0x0a30  [ E5DCB56C533014ECBC556A8357C929D5, B2915C0C07EDBA59C5D02680804C4C2DE099D73DE0D0DD0CDA748F34F11057E0 ] CmdIde          C:\WINDOWS\system32\DRIVERS\cmdide.sys
17:34:47.0953 0x0a30  CmdIde - ok
17:34:47.0984 0x0a30  COMSysApp - ok
17:34:48.0046 0x0a30  [ 3EE529119EED34CD212A215E8C40D4B6, A6B71F3D4EE7358CA85F010E6271A6B72226D25DF30ED331DA830639ED3E9903 ] Cpqarray        C:\WINDOWS\system32\DRIVERS\cpqarray.sys
17:34:48.0046 0x0a30  Cpqarray - ok
17:34:48.0093 0x0a30  cpuz136 - ok
17:34:48.0187 0x0a30  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
17:34:48.0328 0x0a30  CryptSvc - ok
17:34:48.0468 0x0a30  [ E550E7418984B65A78299D248F0A7F36, 52F6BD1027E91F9A90AFAB82C7F2A0314B7E55262F5293D5F9F8F12135EDD88C ] dac2w2k         C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
17:34:48.0546 0x0a30  dac2w2k - ok
17:34:48.0562 0x0a30  [ 683789CAA3864EB46125AE86FF677D34, B725D026E069AD253192E21245260CBA44EF3C72781616A2CAD0BF0E2D86D510 ] dac960nt        C:\WINDOWS\system32\DRIVERS\dac960nt.sys
17:34:48.0578 0x0a30  dac960nt - ok
17:34:48.0765 0x0a30  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
17:34:48.0921 0x0a30  DcomLaunch - ok
17:34:49.0031 0x0a30  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
17:34:49.0078 0x0a30  Dhcp - ok
17:34:49.0140 0x0a30  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
17:34:49.0156 0x0a30  Disk - ok
17:34:49.0187 0x0a30  dlbt_device - ok
17:34:49.0203 0x0a30  dmadmin - ok
17:34:49.0562 0x0a30  [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
17:34:49.0968 0x0a30  dmboot - ok
17:34:50.0187 0x0a30  [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
17:34:50.0328 0x0a30  dmio - ok
17:34:50.0390 0x0a30  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
17:34:50.0406 0x0a30  dmload - ok
17:34:50.0468 0x0a30  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        C:\WINDOWS\System32\dmserver.dll
17:34:50.0640 0x0a30  dmserver - ok
17:34:50.0875 0x0a30  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
17:34:50.0890 0x0a30  DMusic - ok
17:34:50.0968 0x0a30  [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
17:34:51.0000 0x0a30  Dnscache - ok
17:34:51.0109 0x0a30  [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
17:34:51.0484 0x0a30  Dot3svc - ok
17:34:51.0578 0x0a30  [ 40F3B93B4E5B0126F2F5C0A7A5E22660, 8AFFF28903037F5E36BB5352F2B236A217558FCC0146B23C787606C3F21243DB ] dpti2o          C:\WINDOWS\system32\DRIVERS\dpti2o.sys
17:34:51.0609 0x0a30  dpti2o - ok
17:34:51.0671 0x0a30  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
17:34:51.0671 0x0a30  drmkaud - ok
17:34:51.0765 0x0a30  [ E814854E6B246CCF498874839AB64D77, D7BD17AD9709DA8305FF58710EE5EAA14BA5857F4B64C1CBDD21751625BFF2A3 ] drvmcdb         C:\WINDOWS\system32\drivers\drvmcdb.sys
17:34:51.0796 0x0a30  drvmcdb - ok
17:34:51.0859 0x0a30  [ EE83A4EBAE70BC93CF14879D062F548B, CCA423C19BC8A6807EE29DA7FA9F545FDF2D0AAA8D4556E13B864ED6F6683827 ] drvnddm         C:\WINDOWS\system32\drivers\drvnddm.sys
17:34:51.0875 0x0a30  drvnddm - ok
17:34:52.0031 0x0a30  [ FE80901578E7E3DA70299A5AEB2B7FBD, E68E8BAAA37AE26318BE8C084CFDD9040E97714C75EAA64B9720AB41FB1C9EF5 ] DSBrokerService C:\Program Files\DellSupport\brkrsvc.exe
17:34:52.0390 0x0a30  DSBrokerService - ok
17:34:52.0484 0x0a30  [ 413F2D5F9D802688242C23B38F767ECB, 6D5B6B8FC6E8E45555C444D3E881D3E44DE4C6F2602ADBB4D0E8E9F834089827 ] DSproct         C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
17:34:52.0500 0x0a30  DSproct - ok
17:34:52.0562 0x0a30  [ DFEABB7CFFFADEA4A912AB95BDC3177A, 9A93956CF826F419ACB2B3CA8809917E345ACFD43B102EAB18DB46F49859D1C7 ] dsunidrv        C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
17:34:52.0562 0x0a30  dsunidrv - ok
17:34:52.0687 0x0a30  [ 7D91DC6342248369F94D6EBA0CF42E99, 3A0B94862AF1E085F1FD9B8B96FC1F7BD6FF00342AC04D697AB65BC686F7BC2F ] E100B           C:\WINDOWS\system32\DRIVERS\e100b325.sys
17:34:52.0750 0x0a30  E100B - ok
17:34:52.0828 0x0a30  [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         C:\WINDOWS\System32\eapsvc.dll
17:34:52.0953 0x0a30  EapHost - ok
17:34:53.0000 0x0a30  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
17:34:53.0109 0x0a30  ERSvc - ok
17:34:53.0218 0x0a30  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog        C:\WINDOWS\system32\services.exe
17:34:53.0250 0x0a30  Eventlog - ok
17:34:53.0437 0x0a30  [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem     C:\WINDOWS\system32\es.dll
17:34:53.0531 0x0a30  EventSystem - ok
17:34:53.0640 0x0a30  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
17:34:53.0703 0x0a30  Fastfat - ok
17:34:53.0828 0x0a30  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
17:34:53.0875 0x0a30  FastUserSwitchingCompatibility - ok
17:34:54.0062 0x0a30  [ E97D6A8684466DF94FF3BC24FB787A07, 89E5A6889E3C5AB9AD3E80FFC16DD608278F3ADC282048B40B60196336A5CBEB ] Fax             C:\WINDOWS\system32\fxssvc.exe
17:34:54.0171 0x0a30  Fax - ok
17:34:54.0250 0x0a30  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
17:34:54.0250 0x0a30  Fdc - ok
17:34:54.0328 0x0a30  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
17:34:54.0421 0x0a30  Fips - ok
17:34:54.0500 0x0a30  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
17:34:54.0500 0x0a30  Flpydisk - ok
17:34:54.0609 0x0a30  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
17:34:54.0671 0x0a30  FltMgr - ok
17:34:54.0765 0x0a30  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
17:34:54.0796 0x0a30  FontCache3.0.0.0 - ok
17:34:54.0859 0x0a30  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:34:54.0921 0x0a30  Fs_Rec - ok
17:34:55.0031 0x0a30  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:34:55.0078 0x0a30  Ftdisk - ok
17:34:55.0140 0x0a30  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
17:34:55.0156 0x0a30  GEARAspiWDM - ok
17:34:55.0218 0x0a30  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:34:55.0265 0x0a30  Gpc - ok
17:34:55.0359 0x0a30  gupdate - ok
17:34:55.0375 0x0a30  gupdatem - ok
17:34:55.0515 0x0a30  [ CC839E8D766CC31A7710C9F38CF3E375, 327D57F18B4A2D1CB06C5682D3364097ECD3CF40C2719AA1F41D0B49A26003E4 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
17:34:55.0828 0x0a30  gusvc - ok
17:34:55.0968 0x0a30  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:34:56.0078 0x0a30  helpsvc - ok
17:34:56.0109 0x0a30  HidServ - ok
17:34:56.0171 0x0a30  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:34:56.0187 0x0a30  HidUsb - ok
17:34:56.0281 0x0a30  [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
17:34:56.0421 0x0a30  hkmsvc - ok
17:34:56.0500 0x0a30  [ B028377DEA0546A5FCFBA928A8AEFAE0, FD7B34A6036AD443014B16394A5F051A298CEE4276D50525FB9F15A0D2684C8B ] hpn             C:\WINDOWS\system32\DRIVERS\hpn.sys
17:34:56.0515 0x0a30  hpn - ok
17:34:56.0671 0x0a30  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
17:34:56.0765 0x0a30  HTTP - ok
17:34:56.0828 0x0a30  [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
17:34:56.0859 0x0a30  HTTPFilter - ok
17:34:56.0953 0x0a30  [ 9368670BD426EBEA5E8B18A62416EC28, 0ED865F8FB79F0B6309521925280E8640DB5CA6F75377434830536899734B6EE ] i2omgmt         C:\WINDOWS\system32\drivers\i2omgmt.sys
17:34:57.0000 0x0a30  i2omgmt - ok
17:34:57.0062 0x0a30  [ F10863BF1CCC290BABD1A09188AE49E0, BC038EAE6C8A76D56A5AD27035DC0369D6E766711E9FAA7467144370851F1615 ] i2omp           C:\WINDOWS\system32\DRIVERS\i2omp.sys
17:34:57.0078 0x0a30  i2omp - ok
17:34:57.0171 0x0a30  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:34:57.0187 0x0a30  i8042prt - ok
17:34:57.0781 0x0a30  [ 9A883C3C4D91292C0D09DE7C728E781C, 34DD9E781C42FF55BF83F62DFE7B0F4FE3CAEF19B517245BA004C2C641493A98 ] ialm            C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
17:34:58.0312 0x0a30  ialm - ok
17:34:58.0500 0x0a30  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
17:34:58.0671 0x0a30  IDriverT - ok
17:34:59.0093 0x0a30  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:35:00.0203 0x0a30  idsvc - ok
17:35:00.0265 0x0a30  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
17:35:00.0281 0x0a30  Imapi - ok
17:35:00.0390 0x0a30  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    C:\WINDOWS\system32\imapi.exe
17:35:00.0453 0x0a30  ImapiService - ok
17:35:00.0531 0x0a30  [ 4A40E045FAEE58631FD8D91AFC620719, 7A2FD81BD483821B3DA01B1CD7215423EDD719CBE3862C0342FF7D21A17AF437 ] ini910u         C:\WINDOWS\system32\DRIVERS\ini910u.sys
17:35:00.0578 0x0a30  ini910u - ok
17:35:01.0312 0x0a30  [ 7509C548400F4C9E0211E3F6E66ABBE6, 10884F759DE3EE38F93EF74202B0DBDA3CC5D5E7532E361DC33385D4CC18B659 ] IntelC51        C:\WINDOWS\system32\DRIVERS\IntelC51.sys
17:35:01.0812 0x0a30  IntelC51 - ok
17:35:02.0140 0x0a30  [ 9584FFDD41D37F2C239681D0DAC2513E, AB48DA5AA95C2D1F6C06EEF6635CC7DBCA64F90A5219E0A1501D46D5CD2944FA ] IntelC52        C:\WINDOWS\system32\DRIVERS\IntelC52.sys
17:35:02.0406 0x0a30  IntelC52 - ok
17:35:02.0468 0x0a30  [ CF0B937710CEC6EF39416EDECD803CBB, 45929596C8E8D47809065F3B690E26E93B66206390447292801CF2985C05289D ] IntelC53        C:\WINDOWS\system32\DRIVERS\IntelC53.sys
17:35:02.0500 0x0a30  IntelC53 - ok
17:35:02.0562 0x0a30  [ B5466A9250342A7AA0CD1FBA13420678, 87E735C4E8924A883AB692D387A83BCBFAE6E165688336AE7AB488F7CA8D339E ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
17:35:02.0562 0x0a30  IntelIde - ok
17:35:02.0640 0x0a30  [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
17:35:02.0656 0x0a30  intelppm - ok
17:35:02.0734 0x0a30  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
17:35:02.0750 0x0a30  Ip6Fw - ok
17:35:02.0812 0x0a30  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:35:02.0828 0x0a30  IpFilterDriver - ok
17:35:02.0875 0x0a30  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:35:02.0890 0x0a30  IpInIp - ok
17:35:03.0015 0x0a30  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:35:03.0078 0x0a30  IpNat - ok
17:35:03.0390 0x0a30  [ 9AE882A67F019CF30E8C9D7D60B05DDA, FB5D71F94529F37C8B45A5B4FBD15C66AECBFABB7E51C3B9BF63AEAFBE89F8BC ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
17:35:04.0171 0x0a30  iPod Service - ok
17:35:04.0281 0x0a30  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:35:04.0312 0x0a30  IPSec - ok
17:35:04.0375 0x0a30  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
17:35:04.0390 0x0a30  IRENUM - ok
17:35:04.0453 0x0a30  [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:35:04.0468 0x0a30  isapnp - ok
17:35:04.0546 0x0a30  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:35:04.0562 0x0a30  Kbdclass - ok
17:35:04.0687 0x0a30  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
17:35:04.0750 0x0a30  kmixer - ok
17:35:04.0828 0x0a30  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
17:35:04.0859 0x0a30  KSecDD - ok
17:35:04.0937 0x0a30  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
17:35:04.0984 0x0a30  lanmanserver - ok
17:35:05.0109 0x0a30  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
17:35:05.0156 0x0a30  lanmanworkstation - ok
17:35:05.0171 0x0a30  lbrtfdc - ok
17:35:05.0250 0x0a30  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
17:35:05.0328 0x0a30  LmHosts - ok
17:35:05.0390 0x0a30  [ 4A5FFDF0FE830C448830BD4B02B02B4B, 777603317D35A1FEDFF985A6387A5C9C5E1C42C35513699BCD70A0C7AE762600 ] mbamchameleon   C:\WINDOWS\system32\drivers\mbamchameleon.sys
17:35:05.0406 0x0a30  mbamchameleon - ok
17:35:05.0546 0x0a30  [ 0DB7527DB188C7D967A37BB51BBF3963, 3812E26626EC49BE61B0B8DA5FE6E838C0FEF8A08363C239F64E6CCA0BA949D5 ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\mbamswissarmy.sys
17:35:05.0578 0x0a30  MBAMSwissArmy - ok
17:35:05.0593 0x0a30  mcdbus - ok
17:35:05.0718 0x0a30  [ 671A03CA9CD0259CCBB7B78A9CE234EC, 2AE33C27EED4CE47BC6129DE6DB98E250CACABFFAE35F500B683EC131A8AC18D ] MemeoBackgroundService C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
17:35:05.0734 0x0a30  MemeoBackgroundService - ok
17:35:05.0812 0x0a30  [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
17:35:05.0906 0x0a30  Messenger - ok
17:35:05.0921 0x0a30  mfeavfk06 - ok
17:35:05.0937 0x0a30  mfebopk26 - ok
17:35:06.0046 0x0a30  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
17:35:06.0062 0x0a30  mnmdd - ok
17:35:06.0125 0x0a30  [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
17:35:06.0140 0x0a30  mnmsrvc - ok
17:35:06.0203 0x0a30  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
17:35:06.0218 0x0a30  Modem - ok
17:35:06.0281 0x0a30  [ 1992E0D143B09653AB0F9C5E04B0FD65, 1431EC53A65F561C235A08F926C5348A6B21B06A08C075DE8172A88EE0AA634E ] MODEMCSA        C:\WINDOWS\system32\drivers\MODEMCSA.sys
17:35:06.0281 0x0a30  MODEMCSA - ok
17:35:06.0359 0x0a30  [ 59B8B11FF70728EEC60E72131C58B716, EB001E1FC17D57AE2A9D4CC7B6C45DC5C6869D3602C1B86F5D4940B11AAECA0A ] mohfilt         C:\WINDOWS\system32\DRIVERS\mohfilt.sys
17:35:06.0390 0x0a30  mohfilt - ok
17:35:06.0421 0x0a30  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:35:06.0437 0x0a30  Mouclass - ok
17:35:06.0500 0x0a30  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:35:06.0500 0x0a30  mouhid - ok
17:35:06.0578 0x0a30  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
17:35:06.0593 0x0a30  MountMgr - ok
17:35:06.0718 0x0a30  [ 338037EFA0E8E8699B2667D57B751574, 59E0D39806D0C4EB57913AA013242837FD39AD378726AEE42D250CBA87C1C3BF ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:35:06.0937 0x0a30  MozillaMaintenance - ok
17:35:07.0109 0x0a30  [ EE728AF83850DDAD9A3FCAC0AAB3AD97, F392EA3B26974593512F7441E8BC4DA91DD771216DB908F005D844C513A2DDB7 ] MpFilter        C:\WINDOWS\system32\DRIVERS\MpFilter.sys
17:35:07.0171 0x0a30  MpFilter - ok
17:35:07.0296 0x0a30  [ 1AAE79A4176A957BF2BB679812F04655, 4E435A9F1197415CEAE572DD7535C57FD372F3547AF74B2D2A26AC5EF40B552E ] MR97310_USB_DUAL_CAMERA C:\WINDOWS\system32\DRIVERS\mr97310c.sys
17:35:07.0343 0x0a30  MR97310_USB_DUAL_CAMERA - ok
17:35:07.0406 0x0a30  [ 3F4BB95E5A44F3BE34824E8E7CAF0737, 9A4F9E63AA55B779AF3563C66C8E40D9C42FF3BB5F533F70905ADC7A44EA7DAD ] mraid35x        C:\WINDOWS\system32\DRIVERS\mraid35x.sys
17:35:07.0421 0x0a30  mraid35x - ok
17:35:07.0515 0x0a30  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:35:07.0593 0x0a30  MRxDAV - ok
17:35:07.0812 0x0a30  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:35:08.0000 0x0a30  MRxSmb - ok
17:35:08.0046 0x0a30  [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
17:35:08.0046 0x0a30  MSDTC - ok
17:35:08.0125 0x0a30  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
17:35:08.0140 0x0a30  Msfs - ok
17:35:08.0140 0x0a30  MSIServer - ok
17:35:08.0218 0x0a30  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:35:08.0218 0x0a30  MSKSSRV - ok
17:35:08.0312 0x0a30  [ E077FCA2A7E79FB9BF67D3E30B5CE593, B01A1C00E6467E1DF5ABA2C6F957BA0E2A3691BB2C5BCDC0F089ED7553BCC235 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
17:35:08.0328 0x0a30  MsMpSvc - ok
17:35:08.0375 0x0a30  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:35:08.0375 0x0a30  MSPCLOCK - ok
17:35:08.0406 0x0a30  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
17:35:08.0406 0x0a30  MSPQM - ok
17:35:08.0453 0x0a30  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:35:08.0484 0x0a30  mssmbios - ok
17:35:08.0531 0x0a30  [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
17:35:08.0546 0x0a30  MSTEE - ok
17:35:08.0640 0x0a30  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
17:35:08.0671 0x0a30  Mup - ok
17:35:08.0765 0x0a30  [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
17:35:08.0796 0x0a30  NABTSFEC - ok
17:35:08.0984 0x0a30  [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        C:\WINDOWS\System32\qagentrt.dll
17:35:09.0250 0x0a30  napagent - ok
17:35:09.0375 0x0a30  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
17:35:09.0437 0x0a30  NDIS - ok
17:35:09.0500 0x0a30  [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
17:35:09.0531 0x0a30  NdisIP - ok
17:35:09.0593 0x0a30  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:35:09.0593 0x0a30  NdisTapi - ok
17:35:09.0656 0x0a30  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:35:09.0671 0x0a30  Ndisuio - ok
17:35:09.0765 0x0a30  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:35:09.0812 0x0a30  NdisWan - ok
17:35:09.0875 0x0a30  [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
17:35:09.0890 0x0a30  NDProxy - ok
17:35:09.0968 0x0a30  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
17:35:09.0968 0x0a30  NetBIOS - ok
17:35:10.0109 0x0a30  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
17:35:10.0171 0x0a30  NetBT - ok
17:35:10.0250 0x0a30  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          C:\WINDOWS\system32\netdde.exe
17:35:10.0296 0x0a30  NetDDE - ok
17:35:10.0359 0x0a30  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
17:35:10.0359 0x0a30  NetDDEdsdm - ok
17:35:10.0437 0x0a30  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        C:\WINDOWS\system32\lsass.exe
17:35:10.0437 0x0a30  Netlogon - ok
17:35:10.0578 0x0a30  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          C:\WINDOWS\System32\netman.dll
17:35:10.0656 0x0a30  Netman - ok
17:35:11.0046 0x0a30  [ 02D0798F376FCBD0210EDA58476D0B1B, 7658BFBF216FC92C27A60D7E6FF105E89AF2C125519174F27AC73D2E9F397E4C ] NetSvc          C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
17:35:11.0109 0x0a30  NetSvc - ok
17:35:11.0234 0x0a30  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:35:11.0359 0x0a30  NetTcpPortSharing - ok
17:35:11.0500 0x0a30  [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla             C:\WINDOWS\System32\mswsock.dll
17:35:11.0609 0x0a30  Nla - ok
17:35:11.0671 0x0a30  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
17:35:11.0687 0x0a30  Npfs - ok
17:35:11.0953 0x0a30  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
17:35:12.0187 0x0a30  Ntfs - ok
17:35:12.0234 0x0a30  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
17:35:12.0234 0x0a30  NtLmSsp - ok
17:35:12.0453 0x0a30  [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
17:35:13.0015 0x0a30  NtmsSvc - ok
17:35:13.0046 0x0a30  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
17:35:13.0062 0x0a30  Null - ok
17:35:13.0828 0x0a30  [ 2B298519EDBFCF451D43E0F1E8F1006D, 67F3F2001F4C8DABD253D60AB3222793635532DC51AD977954286F8A246F5592 ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
17:35:14.0546 0x0a30  nv - ok
17:35:14.0609 0x0a30  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:35:14.0625 0x0a30  NwlnkFlt - ok
17:35:14.0656 0x0a30  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:35:14.0671 0x0a30  NwlnkFwd - ok
17:35:14.0734 0x0a30  [ F5CF06754AE54D9D3353FC9C59BC4E04, 27D35486E5810AC173A0A2938CC6A0BCCE851E550AAF8E08C77532CFF90B382C ] papycpu2        C:\WINDOWS\System32\DRIVERS\papycpu2.sys
17:35:14.0750 0x0a30  papycpu2 - ok
17:35:14.0796 0x0a30  [ B09A71E8E1E127455F3A2FE83D38851F, 75C860E727B07F6FE4F8DF77E034DF443C81534D0FD163B9EDA56866198B1E26 ] papyjoy         C:\WINDOWS\System32\DRIVERS\papyjoy.sys
17:35:14.0796 0x0a30  papyjoy - ok
17:35:14.0890 0x0a30  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
17:35:14.0921 0x0a30  Parport - ok
17:35:14.0984 0x0a30  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
17:35:14.0984 0x0a30  PartMgr - ok
17:35:15.0046 0x0a30  [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
17:35:15.0062 0x0a30  ParVdm - ok
17:35:15.0125 0x0a30  [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
17:35:15.0156 0x0a30  PCI - ok
17:35:15.0187 0x0a30  PCIDump - ok
17:35:15.0250 0x0a30  [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
17:35:15.0250 0x0a30  PCIIde - ok
17:35:15.0359 0x0a30  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
17:35:15.0468 0x0a30  Pcmcia - ok
17:35:15.0484 0x0a30  pcregservice - ok
17:35:15.0515 0x0a30  PDCOMP - ok
17:35:15.0546 0x0a30  PDFRAME - ok
17:35:15.0578 0x0a30  PDRELI - ok
17:35:15.0609 0x0a30  PDRFRAME - ok
17:35:15.0703 0x0a30  [ 6C14B9C19BA84F73D3A86DBA11133101, 2CFB7E027E43C1B3890985DFD7987B23E4E3CC003E3FD2583E4A8AC1F8A13B26 ] perc2           C:\WINDOWS\system32\DRIVERS\perc2.sys
17:35:15.0703 0x0a30  perc2 - ok
17:35:15.0750 0x0a30  [ F50F7C27F131AFE7BEBA13E14A3B9416, C0498EA65B908C07A734324ED70DB27F434FAAA815DD02F1BC429A3AB6C663D5 ] perc2hib        C:\WINDOWS\system32\DRIVERS\perc2hib.sys
17:35:15.0750 0x0a30  perc2hib - ok
17:35:15.0812 0x0a30  pgfilter - ok
17:35:15.0890 0x0a30  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay        C:\WINDOWS\system32\services.exe
17:35:15.0890 0x0a30  PlugPlay - ok
17:35:15.0937 0x0a30  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
17:35:15.0937 0x0a30  PolicyAgent - ok
17:35:16.0015 0x0a30  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:35:16.0062 0x0a30  PptpMiniport - ok
17:35:16.0078 0x0a30  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
17:35:16.0093 0x0a30  ProtectedStorage - ok
17:35:16.0156 0x0a30  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
17:35:16.0203 0x0a30  PSched - ok
17:35:16.0250 0x0a30  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:35:16.0265 0x0a30  Ptilink - ok
17:35:16.0343 0x0a30  [ DB3B30C3A4CDCF07E164C14584D9D0F2, 6999E7DCB12206BCFA575994F993D7B10192A1E2D8359D041238905B9E44BB9E ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
17:35:16.0343 0x0a30  PxHelp20 - ok
17:35:16.0406 0x0a30  [ 0A63FB54039EB5662433CABA3B26DBA7, A1FB923EB2D08D89D24E8AD7042BBED7CB1DBDA9A5B77BDD188E9913BADAB0EF ] ql1080          C:\WINDOWS\system32\DRIVERS\ql1080.sys
17:35:16.0421 0x0a30  ql1080 - ok
17:35:16.0468 0x0a30  [ 6503449E1D43A0FF0201AD5CB1B8C706, F1EFC2DE5998615CB182D7984366631FE956AE1ECA9AC777F26FCA2E6F2E05A6 ] Ql10wnt         C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
17:35:16.0484 0x0a30  Ql10wnt - ok
17:35:16.0531 0x0a30  [ 156ED0EF20C15114CA097A34A30D8A01, 7490B90D4C88B7A9BADB9473D4033535F054C797ABF6D542CB859DA5C9B2586A ] ql12160         C:\WINDOWS\system32\DRIVERS\ql12160.sys
17:35:16.0546 0x0a30  ql12160 - ok
17:35:16.0625 0x0a30  [ 70F016BEBDE6D29E864C1230A07CC5E6, 895BC2C888F6566086FC1399F499A401D447E57333BC9F9C6DBAFE0F117603D6 ] ql1240          C:\WINDOWS\system32\DRIVERS\ql1240.sys
17:35:16.0640 0x0a30  ql1240 - ok
17:35:16.0687 0x0a30  [ 907F0AEEA6BC451011611E732BD31FCF, F9E7023BD1042963110D0A613054D094437868B20779F23C316A38E4781A6152 ] ql1280          C:\WINDOWS\system32\DRIVERS\ql1280.sys
17:35:16.0703 0x0a30  ql1280 - ok
17:35:16.0781 0x0a30  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:35:16.0781 0x0a30  RasAcd - ok
17:35:16.0859 0x0a30  [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto         C:\WINDOWS\System32\rasauto.dll
17:35:17.0093 0x0a30  RasAuto - ok
17:35:17.0171 0x0a30  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:35:17.0203 0x0a30  Rasl2tp - ok
17:35:17.0328 0x0a30  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan          C:\WINDOWS\System32\rasmans.dll
17:35:17.0484 0x0a30  RasMan - ok
17:35:17.0546 0x0a30  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:35:17.0562 0x0a30  RasPppoe - ok
17:35:17.0609 0x0a30  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
17:35:17.0609 0x0a30  Raspti - ok
17:35:17.0734 0x0a30  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:35:17.0812 0x0a30  Rdbss - ok
17:35:17.0828 0x0a30  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:35:17.0828 0x0a30  RDPCDD - ok
17:35:17.0953 0x0a30  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:35:18.0031 0x0a30  rdpdr - ok
17:35:18.0140 0x0a30  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
17:35:18.0203 0x0a30  RDPWD - ok
17:35:18.0312 0x0a30  [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
17:35:18.0375 0x0a30  RDSessMgr - ok
17:35:18.0453 0x0a30  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
17:35:18.0468 0x0a30  redbook - ok
17:35:18.0546 0x0a30  [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
17:35:18.0812 0x0a30  RemoteAccess - ok
17:35:18.0875 0x0a30  [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7, CDF10D3D8ADA7ADB1CC1567BFA986557C6D69F4099B70FDFABD4C3D09E3CA778 ] ROOTMODEM       C:\WINDOWS\system32\Drivers\RootMdm.sys
17:35:18.0890 0x0a30  ROOTMODEM - ok
17:35:18.0984 0x0a30  [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator      C:\WINDOWS\system32\locator.exe
17:35:19.0015 0x0a30  RpcLocator - ok
17:35:19.0250 0x0a30  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs           C:\WINDOWS\System32\rpcss.dll
17:35:19.0265 0x0a30  RpcSs - ok
17:35:19.0375 0x0a30  [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            C:\WINDOWS\system32\rsvp.exe
17:35:19.0421 0x0a30  RSVP - ok
17:35:19.0484 0x0a30  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs           C:\WINDOWS\system32\lsass.exe
17:35:19.0484 0x0a30  SamSs - ok
17:35:19.0625 0x0a30  [ BA96AB2A659E4FEBF764BA820FD47694, 078AA0283333DF06307BD62252A0D4D153015BBA1CA85402CE7280D7C47CD6A8 ] SbieDrv         C:\Program Files\Sandboxie\SbieDrv.sys
17:35:19.0687 0x0a30  SbieDrv - ok
17:35:19.0734 0x0a30  [ 381A725D0CD34C42D0EB059F47FCE713, 28AB6A416035F9BF7A47FF06AF969120E90F2D57046FA44AFCA95E83EB6B9D4F ] SbieSvc         C:\Program Files\Sandboxie\SbieSvc.exe
17:35:19.0906 0x0a30  SbieSvc - ok
17:35:20.0000 0x0a30  SBUpd - ok
17:35:20.0062 0x0a30  SBUpdd - ok
17:35:20.0140 0x0a30  [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
17:35:20.0187 0x0a30  SCardSvr - ok
17:35:20.0312 0x0a30  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
17:35:20.0375 0x0a30  Schedule - ok
17:35:20.0421 0x0a30  SDDMI2 - ok
17:35:20.0515 0x0a30  [ 16B44D246835EAC156F8DAF0AA4F530C, F882BE1B27C0500AEE34BB9D9B69EBD258A19418475DB5552345DC844CDA1ECB ] SeagateDashboardService C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
17:35:20.0531 0x0a30  SeagateDashboardService - ok
17:35:20.0609 0x0a30  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:35:20.0609 0x0a30  Secdrv - ok
17:35:20.0875 0x0a30  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon        C:\WINDOWS\System32\seclogon.dll
17:35:20.0921 0x0a30  seclogon - ok
17:35:21.0187 0x0a30  [ 9A4C4A4B191200F12085D188BE70E4E3, A2607C0D42340BEC9E4ABC1A8DDC0DD8B1200AC3B2BC6C3206DE7173F9038214 ] senfilt         C:\WINDOWS\system32\drivers\senfilt.sys
17:35:21.0343 0x0a30  senfilt - ok
17:35:21.0406 0x0a30  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS            C:\WINDOWS\system32\sens.dll
17:35:21.0421 0x0a30  SENS - ok
17:35:21.0484 0x0a30  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
17:35:21.0500 0x0a30  serenum - ok
17:35:21.0593 0x0a30  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
17:35:21.0609 0x0a30  Serial - ok
17:35:21.0750 0x0a30  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
17:35:21.0812 0x0a30  Sfloppy - ok
17:35:22.0000 0x0a30  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
17:35:22.0390 0x0a30  SharedAccess - ok
17:35:22.0468 0x0a30  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:35:22.0468 0x0a30  ShellHWDetection - ok
17:35:22.0500 0x0a30  Simbad - ok
17:35:22.0578 0x0a30  [ 6B33D0EBD30DB32E27D1D78FE946A754, CDA3D082D370B079C06D943DA124D76BAF0C5DB264FB0C893148EF6322D2FABE ] sisagp          C:\WINDOWS\system32\DRIVERS\sisagp.sys
17:35:22.0593 0x0a30  sisagp - ok
17:35:22.0656 0x0a30  [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
17:35:22.0656 0x0a30  SLIP - ok
17:35:22.0843 0x0a30  [ 479533BACC58B1EDF916855BCD139556, 18451C4FE2CE46FE4200ED2D3D59CFF81BE1E5E6F5EBA3F45143A5E09D803569 ] smwdm           C:\WINDOWS\system32\drivers\smwdm.sys
17:35:22.0968 0x0a30  smwdm - ok
17:35:23.0015 0x0a30  [ 83C0F71F86D3BDAF915685F3D568B20E, 10B24723914A5A9E27A592FD58DAE2207B6E49F13A17CD2B1477C51D2D609D2E ] Sparrow         C:\WINDOWS\system32\DRIVERS\sparrow.sys
17:35:23.0031 0x0a30  Sparrow - ok
17:35:23.0109 0x0a30  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
17:35:23.0125 0x0a30  splitter - ok
17:35:23.0203 0x0a30  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
17:35:23.0218 0x0a30  Spooler - ok
17:35:23.0328 0x0a30  [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
17:35:23.0343 0x0a30  sr - ok
17:35:23.0453 0x0a30  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice       C:\WINDOWS\system32\srsvc.dll
17:35:23.0687 0x0a30  srservice - ok
17:35:23.0875 0x0a30  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
17:35:24.0015 0x0a30  Srv - ok
17:35:24.0109 0x0a30  [ D7968049BE0ADBB6A57CEE3960320911, 6FB6D7BE384324211DAEDCCD80BA983E32183D08DF6C5B5B5453773DCC0F4D5B ] sscdbhk5        C:\WINDOWS\system32\drivers\sscdbhk5.sys
17:35:24.0109 0x0a30  sscdbhk5 - ok
17:35:24.0203 0x0a30  [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
17:35:24.0296 0x0a30  SSDPSRV - ok
17:35:24.0375 0x0a30  [ C3FFD65ABFB6441E7606CF74F1155273, EFA481D5075A9C0490CEBA5F8223BE322EB3811465F41A1FB3386E30E8C81714 ] ssrtln          C:\WINDOWS\system32\drivers\ssrtln.sys
17:35:24.0390 0x0a30  ssrtln - ok
17:35:24.0406 0x0a30  StarOpen - ok
17:35:24.0609 0x0a30  [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
17:35:24.0828 0x0a30  stisvc - ok
17:35:24.0906 0x0a30  [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
17:35:24.0906 0x0a30  streamip - ok
17:35:24.0968 0x0a30  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
17:35:24.0968 0x0a30  swenum - ok
17:35:25.0046 0x0a30  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
17:35:25.0078 0x0a30  swmidi - ok
17:35:25.0125 0x0a30  SwPrv - ok
17:35:25.0203 0x0a30  [ 1FF3217614018630D0A6758630FC698C, 78A3075BBFF5D7ADEAC1527E65ACA8527BFC509DF124D44410BB46C4D96C96BB ] symc810         C:\WINDOWS\system32\DRIVERS\symc810.sys
17:35:25.0218 0x0a30  symc810 - ok
17:35:25.0281 0x0a30  [ 070E001D95CF725186EF8B20335F933C, B98B29FB01741AF3B4BB02C76A4D117EA04FE4CC4F8CDB491F9216931704A6D8 ] symc8xx         C:\WINDOWS\system32\DRIVERS\symc8xx.sys
17:35:25.0296 0x0a30  symc8xx - ok
17:35:25.0343 0x0a30  [ 80AC1C4ABBE2DF3B738BF15517A51F2C, CCF82D09C63F4FA98BCBEF3A1DC8C02D4269B78256D0B6213E815D9BBE174432 ] sym_hi          C:\WINDOWS\system32\DRIVERS\sym_hi.sys
17:35:25.0359 0x0a30  sym_hi - ok
17:35:25.0406 0x0a30  [ BF4FAB949A382A8E105F46EBB4937058, FE7C114A19D50E37463CDD3605C26105A779EEA79CB92BF98267C7BE809D853B ] sym_u3          C:\WINDOWS\system32\DRIVERS\sym_u3.sys
17:35:25.0421 0x0a30  sym_u3 - ok
17:35:25.0500 0x0a30  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
17:35:25.0531 0x0a30  sysaudio - ok
17:35:25.0625 0x0a30  [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
17:35:25.0671 0x0a30  SysmonLog - ok
17:35:25.0812 0x0a30  [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
17:35:25.0937 0x0a30  TapiSrv - ok
17:35:26.0031 0x0a30  [ A31C02A9BF05BCFF9004185CCC112008, FBC61FE05C1FAA1F9EFDEA2C15068F1F120E0013F364BA0D8E0DBF8F144AA0A2 ] tbhsd           C:\WINDOWS\system32\drivers\tbhsd.sys
17:35:26.0062 0x0a30  tbhsd - ok
17:35:26.0296 0x0a30  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:35:26.0437 0x0a30  Tcpip - ok
17:35:26.0515 0x0a30  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
17:35:26.0531 0x0a30  TDPIPE - ok
17:35:26.0562 0x0a30  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
17:35:26.0593 0x0a30  TDTCP - ok
17:35:26.0671 0x0a30  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
17:35:26.0687 0x0a30  TermDD - ok
17:35:26.0859 0x0a30  [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService     C:\WINDOWS\System32\termsrv.dll
17:35:27.0000 0x0a30  TermService - ok
17:35:27.0125 0x0a30  [ 75B30B9EA32FE7D8BBC332D3B944AD46, B9E7140A5C7CA228D07D1F616414FC1925B3286F8DCEF71542ED30CDF9E0EC5F ] tfsnboio        C:\WINDOWS\system32\dla\tfsnboio.sys
17:35:27.0140 0x0a30  tfsnboio - ok
17:35:27.0203 0x0a30  [ B811A431B14694D88EB5BEFAA55B4501, 0A6F5212C835621C6B3BDB279E1FC0B9F1624F91860F6128B8D2E473F45845C8 ] tfsncofs        C:\WINDOWS\system32\dla\tfsncofs.sys
17:35:27.0218 0x0a30  tfsncofs - ok
17:35:27.0281 0x0a30  [ F5E2CF2144F1FE51DADD6E9063D311EB, 5E9FFEBC60639A9E08F3C7493C5DDF0D757C527141EDFF8EE7BB8D1C148B112E ] tfsndrct        C:\WINDOWS\system32\dla\tfsndrct.sys
17:35:27.0281 0x0a30  tfsndrct - ok
17:35:27.0328 0x0a30  [ E32B32045B6B914FD4CAAE8BE6CA7E8A, A7C9309F5332D9682129C6FF80CA153DACE7D9671418B427C9CEE660761DB1B9 ] tfsndres        C:\WINDOWS\system32\dla\tfsndres.sys
17:35:27.0328 0x0a30  tfsndres - ok
17:35:27.0390 0x0a30  [ 43034B10A94D1C6F13A1A0E848F51226, 62B4410B6302F672444DF9BEC5D4207B7D4625F1EF50CC4BFDEE7A2751964780 ] tfsnifs         C:\WINDOWS\system32\dla\tfsnifs.sys
17:35:27.0437 0x0a30  tfsnifs - ok
17:35:27.0500 0x0a30  [ F5EE0FAAFDE37326EA35ACBFA5DEFD3D, 7755BC815049273BE5CF0994668B182AFE9E32DEDA848CB8B2FA3F1196F3A9C8 ] tfsnopio        C:\WINDOWS\system32\dla\tfsnopio.sys
17:35:27.0500 0x0a30  tfsnopio - ok
17:35:27.0546 0x0a30  [ 597348EB65B3E19709E9A45CA2B30B61, 013133476DB7546E69C94660D9E592F0B300E330F820C553A4CFF666B721D617 ] tfsnpool        C:\WINDOWS\system32\dla\tfsnpool.sys
17:35:27.0546 0x0a30  tfsnpool - ok
17:35:27.0625 0x0a30  [ 767AFFD52432A0F7E7D39F6FF64401F4, B92690B6969957F6532FF08B729D7AFC9FD51A4123DE838FEF9002AB7A6C5B57 ] tfsnudf         C:\WINDOWS\system32\dla\tfsnudf.sys
17:35:27.0671 0x0a30  tfsnudf - ok
17:35:27.0734 0x0a30  [ 2806B2FD00263CCD90CC0638C6139EB0, 23288616C01E4F758E580526AA1B171A5C68656FC68F86A5C95C75BC746B89A4 ] tfsnudfa        C:\WINDOWS\system32\dla\tfsnudfa.sys
17:35:27.0765 0x0a30  tfsnudfa - ok
17:35:27.0859 0x0a30  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes          C:\WINDOWS\System32\shsvcs.dll
17:35:27.0859 0x0a30  Themes - ok
17:35:27.0937 0x0a30  [ F2790F6AF01321B172AA62F8E1E187D9, 5644B5EFA0065C0CC9DB28E5520AAD2F4B3BCE48337F165BF9F166ECC164630C ] TosIde          C:\WINDOWS\system32\DRIVERS\toside.sys
17:35:27.0953 0x0a30  TosIde - ok
17:35:28.0015 0x0a30  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
17:35:28.0171 0x0a30  TrkWks - ok
17:35:28.0250 0x0a30  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
17:35:28.0328 0x0a30  Udfs - ok
17:35:28.0406 0x0a30  [ 1B698A51CD528D8DA4FFAED66DFC51B9, FC3F12D25EE0E99AFE056502FCCFC052854699C21B99D559FAF1244F206DFB4F ] ultra           C:\WINDOWS\system32\DRIVERS\ultra.sys
17:35:28.0421 0x0a30  ultra - ok
17:35:28.0484 0x0a30  [ C81B8635DEE0D3EF5F64B3DD643023A5, 6D7438A5FB7168352099F726BD0980AD398A7CFE929B8D2BD362B238C1540D85 ] UMWdf           C:\WINDOWS\system32\wdfmgr.exe
17:35:28.0500 0x0a30  UMWdf - ok
17:35:28.0718 0x0a30  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
17:35:28.0859 0x0a30  Update - ok
17:35:28.0984 0x0a30  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost        C:\WINDOWS\System32\upnphost.dll
17:35:29.0125 0x0a30  upnphost - ok
17:35:29.0187 0x0a30  [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS             C:\WINDOWS\System32\ups.exe
17:35:29.0203 0x0a30  UPS - ok
17:35:29.0281 0x0a30  [ 1DF89C499BF45D878B87EBD4421D462D, 37FE229C128DA2C3380944EDFA8E6117CB4B36D99EEFB2AEB1DD4E0890B49A17 ] USBAAPL         C:\WINDOWS\system32\Drivers\usbaapl.sys
17:35:29.0296 0x0a30  USBAAPL - ok
17:35:29.0375 0x0a30  [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:35:29.0390 0x0a30  usbccgp - ok
17:35:29.0453 0x0a30  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:35:29.0468 0x0a30  usbehci - ok
17:35:29.0531 0x0a30  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:35:29.0562 0x0a30  usbhub - ok
17:35:29.0609 0x0a30  [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:35:29.0625 0x0a30  usbprint - ok
17:35:29.0687 0x0a30  [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:35:29.0703 0x0a30  usbscan - ok
17:35:29.0765 0x0a30  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:35:29.0781 0x0a30  USBSTOR - ok
17:35:29.0812 0x0a30  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
17:35:29.0828 0x0a30  usbuhci - ok
17:35:29.0890 0x0a30  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
17:35:29.0906 0x0a30  VgaSave - ok
17:35:29.0984 0x0a30  [ 754292CE5848B3738281B4F3607EAEF4, B0DCC9E9F8F78671FF878B493264C3B1DD2ED4A7167E3F5495F66ABF5FACB86C ] viaagp          C:\WINDOWS\system32\DRIVERS\viaagp.sys
17:35:30.0000 0x0a30  viaagp - ok
17:35:30.0062 0x0a30  [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E, FC7FFD53FCC0F81587EFF26A43C141D25C43DBC68311520CE2BCDD739CA58CA9 ] ViaIde          C:\WINDOWS\system32\DRIVERS\viaide.sys
17:35:30.0078 0x0a30  ViaIde - ok
17:35:30.0171 0x0a30  VideoAcceleratorService - ok
17:35:30.0234 0x0a30  [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
17:35:30.0265 0x0a30  VolSnap - ok
17:35:30.0406 0x0a30  [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS             C:\WINDOWS\System32\vssvc.exe
17:35:30.0546 0x0a30  VSS - ok
17:35:30.0671 0x0a30  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] w32time         C:\WINDOWS\system32\w32time.dll
17:35:30.0781 0x0a30  w32time - ok
17:35:30.0984 0x0a30  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:35:31.0000 0x0a30  Wanarp - ok
17:35:31.0078 0x0a30  [ 0A716C08CB13C3A8F4F51E882DBF7416, 66FFDC9151CB3676B5DF073431DE055E7F2CDA5722F7EAAC6EC45F2CF9910882 ] wanatw          C:\WINDOWS\system32\DRIVERS\wanatw4.sys
17:35:31.0093 0x0a30  wanatw - ok
17:35:31.0187 0x0a30  [ 909F2DC0DA7F57D229A05EE90647B2C3, 55C2ABC4D79B6948D4D432EE8BBD3D4785CF81DDD53684A1E5C5BDB948033078 ] WANMiniportService C:\WINDOWS\wanmpsvc.exe
17:35:33.0937 0x0a30  WANMiniportService - ok
17:35:33.0953 0x0a30  WDICA - ok
17:35:34.0031 0x0a30  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
17:35:34.0078 0x0a30  wdmaud - ok
17:35:34.0171 0x0a30  [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient       C:\WINDOWS\System32\webclnt.dll
17:35:34.0250 0x0a30  WebClient - ok
17:35:34.0390 0x0a30  [ 64D42AB68067A07F8B4EBFC0D5BC848F, 177561597CC875805BAFA34F6DA02DE28C37C5A9E714675FED8C078AA9E3CD04 ] WefiEngSvc      C:\Program Files\WeFi\WefiEngSvc.exe
17:35:34.0562 0x0a30  WefiEngSvc - ok
17:35:34.0734 0x0a30  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
17:35:34.0921 0x0a30  winmgmt - ok
17:35:35.0046 0x0a30  [ A477391B7A8B0A0DAABADB17CF533A4B, 9B1929B5BBF2738BA3D402809FCB8DAA09EF4727F860567895D5E73EBE43E627 ] WmdmPmSN        C:\WINDOWS\system32\mspmsnsv.dll
17:35:35.0078 0x0a30  WmdmPmSN - ok
17:35:35.0218 0x0a30  [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
17:35:35.0265 0x0a30  WmiApSrv - ok
17:35:35.0656 0x0a30  [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
17:35:36.0078 0x0a30  WPFFontCache_v0400 - ok
17:35:36.0140 0x0a30  [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
17:35:36.0156 0x0a30  WS2IFSL - ok
17:35:36.0234 0x0a30  [ 4160CBE59D9B5BE22E4C3897E8DB9D56, 8E79ED5925A803225DF4AE069F3FEE606A48BB2526E994BF9C4947543A580211 ] WsAudio_DeviceS(1) C:\WINDOWS\system32\drivers\WsAudio_DeviceS(1).sys
17:35:36.0234 0x0a30  WsAudio_DeviceS(1) - ok
17:35:36.0312 0x0a30  [ 4160CBE59D9B5BE22E4C3897E8DB9D56, 8E79ED5925A803225DF4AE069F3FEE606A48BB2526E994BF9C4947543A580211 ] WsAudio_DeviceS(2) C:\WINDOWS\system32\drivers\WsAudio_DeviceS(2).sys
17:35:36.0312 0x0a30  WsAudio_DeviceS(2) - ok
17:35:36.0375 0x0a30  [ 4160CBE59D9B5BE22E4C3897E8DB9D56, 8E79ED5925A803225DF4AE069F3FEE606A48BB2526E994BF9C4947543A580211 ] WsAudio_DeviceS(3) C:\WINDOWS\system32\drivers\WsAudio_DeviceS(3).sys
17:35:36.0390 0x0a30  WsAudio_DeviceS(3) - ok
17:35:36.0421 0x0a30  [ 4160CBE59D9B5BE22E4C3897E8DB9D56, 8E79ED5925A803225DF4AE069F3FEE606A48BB2526E994BF9C4947543A580211 ] WsAudio_DeviceS(4) C:\WINDOWS\system32\drivers\WsAudio_DeviceS(4).sys
17:35:36.0437 0x0a30  WsAudio_DeviceS(4) - ok
17:35:36.0484 0x0a30  [ 4160CBE59D9B5BE22E4C3897E8DB9D56, 8E79ED5925A803225DF4AE069F3FEE606A48BB2526E994BF9C4947543A580211 ] WsAudio_DeviceS(5) C:\WINDOWS\system32\drivers\WsAudio_DeviceS(5).sys
17:35:36.0500 0x0a30  WsAudio_DeviceS(5) - ok
17:35:36.0593 0x0a30  [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
17:35:36.0765 0x0a30  wscsvc - ok
17:35:36.0843 0x0a30  [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
17:35:36.0859 0x0a30  WSTCODEC - ok
17:35:36.0906 0x0a30  [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
17:35:36.0953 0x0a30  wuauserv - ok
17:35:37.0234 0x0a30  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
17:35:37.0406 0x0a30  WZCSVC - ok
17:35:37.0515 0x0a30  [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
17:35:37.0593 0x0a30  xmlprov - ok
17:35:37.0671 0x0a30  [ F2478FFE3492B486ADBC0F21E3E0B51F, D10AF26409DFE9A80C5B97FA51FCC5AECEDB36325A278B0CB7AE629B2B3CBE46 ] {09BB444F-B2E2-4009-BAF2-7B727681223E} C:\Program Files\VMLaunch\BuddyVM.sys
17:35:37.0671 0x0a30  {09BB444F-B2E2-4009-BAF2-7B727681223E} - ok
17:35:37.0718 0x0a30  ================ Scan global ===============================
17:35:37.0812 0x0a30  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
17:35:38.0109 0x0a30  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
17:35:38.0406 0x0a30  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
17:35:38.0468 0x0a30  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
17:35:38.0484 0x0a30  [ Global ] - ok
17:35:38.0484 0x0a30  ================ Scan MBR ==================================
17:35:38.0546 0x0a30  [ B16A2359F4962B0C622D81A1C1F4B703 ] \Device\Harddisk0\DR0
17:35:38.0937 0x0a30  \Device\Harddisk0\DR0 - ok
17:35:38.0953 0x0a30  ================ Scan VBR ==================================
17:35:38.0968 0x0a30  [ 7D85E7CFB900DDEBEC96DC82A60975B8 ] \Device\Harddisk0\DR0\Partition1
17:35:38.0968 0x0a30  \Device\Harddisk0\DR0\Partition1 - ok
17:35:38.0968 0x0a30  Waiting for KSN requests completion. In queue: 258
17:35:39.0968 0x0a30  Waiting for KSN requests completion. In queue: 258
17:35:40.0968 0x0a30  Waiting for KSN requests completion. In queue: 258
17:35:41.0968 0x0a30  Waiting for KSN requests completion. In queue: 258
17:35:42.0968 0x0a30  Waiting for KSN requests completion. In queue: 68
17:35:44.0359 0x0a30  AV detected via SS1: Microsoft Security Essentials, 4.1.0522.0, enabled, updated
17:35:44.0406 0x0a30  Win FW state via NFM: enabled
17:35:45.0328 0x0a30  ============================================================
17:35:45.0328 0x0a30  Scan finished
17:35:45.0328 0x0a30  ============================================================
17:35:45.0359 0x10f0  Detected object count: 0
17:35:45.0359 0x10f0  Actual detected object count: 0
17:57:16.0500 0x0ee4  Deinitialize success

 

ADWCleaner:

 

# AdwCleaner v3.020 - Report created 06/03/2014 at 19:01:11
# Updated 27/02/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Dashel R - NO1
# Running from : C:\Documents and Settings\D.R.\My Documents\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

[x] Not Deleted : C:\Documents and Settings\All Users\Application Data\NCH Software
[x] Not Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Deleted : C:\Program Files\AOL Toolbar
[x] Not Deleted : C:\Program Files\Conduit
[x] Not Deleted : C:\Program Files\ConduitEngine
[x] Not Deleted : C:\Program Files\NCH Software
[x] Not Deleted : C:\Program Files\Viewpoint
[x] Not Deleted : C:\Program Files\Freecorder
[x] Not Deleted : C:\WINDOWS\Freecorder
[x] Not Deleted : C:\Documents and Settings\Dashel R\Local Settings\Application Data\Conduit
[x] Not Deleted : C:\Documents and Settings\Dashel R\Local Settings\Application Data\ConduitEngine
[x] Not Deleted : C:\Documents and Settings\Dashel R\Local Settings\Application Data\Freecorder
[x] Not Deleted : C:\Documents and Settings\Dashel R\Application Data\DefaultTab
Folder Deleted : C:\Documents and Settings\Dashel R\Application Data\goforfiles
[x] Not Deleted : C:\Documents and Settings\Dashel R\Application Data\NCH Software
Folder Deleted : C:\Documents and Settings\Dashel R\Application Data\PC Speed Maximizer
Folder Deleted : C:\Documents and Settings\Dashel R\Application Data\SearchProtect
Folder Deleted : C:\Documents and Settings\Dashel R\Application Data\Systweak
[x] Not Deleted : C:\Documents and Settings\Dashel R\Start Menu\Programs\Freecorder
File Deleted : C:\END
File Deleted : C:\Documents and Settings\Dashel R\Application Data\Mozilla\Firefox\Profiles\abg9ebcp.default\searchplugins\speedbit.xml
File Deleted : C:\Documents and Settings\Dashel R\Application Data\Mozilla\Firefox\Profiles\abg9ebcp.default\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\gkjoindjjcmbdpbfppabdgflnkgbbcli
Key Deleted : HKCU\Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\FTDownloader
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1060933
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2737658
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1663C10B-0D55-438D-8496-19A3DBAEC0E4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1392B8D2-5C05-419F-A8F6-B9F15A596612}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0D129D4A-68C3-4E8F-B9FF-AD77E056D820}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9DBB28C1-1925-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1392B8D2-5C05-419F-A8F6-B9F15A596612}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2974C985-8151-4DE5-B23C-B875F0A8522F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1392B8D2-5C05-419F-A8F6-B9F15A596612}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1392B8D2-5C05-419F-A8F6-B9F15A596612}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0D129D4A-68C3-4E8F-B9FF-AD77E056D820}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{221D4DC2-93CA-4F42-99B9-517B44194C43}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4140E15A-C0BD-4BAC-8EBA-77ABC57D3BC8}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458E-AE16-1C1D8255C28A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458E-AE16-1C1D8255C28A}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{1392B8D2-5C05-419F-A8F6-B9F15A596612}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{1392B8D2-5C05-419F-A8F6-B9F15A596612}]
Key Deleted : HKCU\Software\Ask&Record
Key Deleted : HKCU\Software\b1.org
[x] Not Deleted : HKCU\Software\Conduit
[x] Not Deleted : HKCU\Software\conduitEngine
Key Deleted : HKCU\Software\DefaultTab
Key Deleted : HKCU\Software\GoforFiles
Key Deleted : HKCU\Software\Nation Toolbar
[x] Not Deleted : HKCU\Software\NCH Software
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKCU\Software\conduitEngine
[x] Not Deleted : HKCU\Software\Freecorder
Key Deleted : HKCU\Software\AppDataLow\Software\simplytech
Key Deleted : HKLM\Software\b1.org
[x] Not Deleted : HKLM\Software\Conduit
[x] Not Deleted : HKLM\Software\conduitEngine
Key Deleted : HKLM\Software\GoforFiles
Key Deleted : HKLM\Software\InstallIQ
Key Deleted : HKLM\Software\MetaStream
Key Deleted : HKLM\Software\MyWaySA
Key Deleted : HKLM\Software\Nation Toolbar
Key Deleted : HKLM\Software\NCH Software
Key Deleted : HKLM\Software\Viewpoint
Key Deleted : HKLM\Software\conduitEngine
[x] Not Deleted : HKLM\Software\Freecorder
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Freecorder Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DefaultTab
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\RegClean Pro_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Freecorder Toolbar

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)]

-\\ Mozilla Firefox v27.0.1 (en-US)

[ File : C:\Documents and Settings\Dashel R\Application Data\Mozilla\Firefox\Profiles\abg9ebcp.default\prefs.js ]

Line Deleted : user_pref("CT2737658.1000082.isPlayDisplay", "true");
Line Deleted : user_pref("CT2737658.1000082.state", "{\"state\":\"stopped\",\"text\":\"Classic R...\",\"description\":\"Classic Rock\",\"url\":\"hxxp://www.gotradio.com/player/launch.asp?id=22&cr=lb\"}");
Line Deleted : user_pref("CT2737658.2737658a129531115111807042000000paramsGK0.enc", "eyJ1cGRhdGVSZXFUaW1lIjoxMzc4NjAzMzUzMTI2fQ==");
Line Deleted : user_pref("CT2737658.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2737658.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2737658.FF19Solved", "true");
Line Deleted : user_pref("CT2737658.FirstTime", "true");
Line Deleted : user_pref("CT2737658.FirstTimeFF3", "true");
Line Deleted : user_pref("CT2737658.PG_ENABLE", "dHJ1ZQ==");
Line Deleted : user_pref("CT2737658.SearchAppState.enc", "Mg==");
Line Deleted : user_pref("CT2737658.UserID", "UN21668833222002578");
Line Deleted : user_pref("CT2737658.acp_personal.appstate.enc", "ZW5hYmxl");
Line Deleted : user_pref("CT2737658.addressBarTakeOverEnabledInHidden", "true");
Line Deleted : user_pref("CT2737658.countryCode", "US");
Line Deleted : user_pref("CT2737658.defaultSearch", "false");
Line Deleted : user_pref("CT2737658.discover-experiments-photopop.enc", "eyJuYW1lIjoicGhvdG9wb3BfbmEiLCJ2ZXJzaW9uIjoxMH0=");
Line Deleted : user_pref("CT2737658.discover-periodic-reports.enc", "eyJwaW5nXzAiOlsxMzc4NjAwMjA1MTgwLDE0NDAwMDAwXX0=");
Line Deleted : user_pref("CT2737658.discover-user-id.enc", "Ijg1MzY4NGNlLTVlZjItNDlkNy1hMmFiLTdmNmE2NDUzNWM5ZCI=");
Line Deleted : user_pref("CT2737658.embeddedsData", "[{\"appId\":\"129258407936791975\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
Line Deleted : user_pref("CT2737658.enableAlerts", "false");
Line Deleted : user_pref("CT2737658.enableSearchFromAddressBar", "true");
Line Deleted : user_pref("CT2737658.firstTimeDialogOpened", "true");
Line Deleted : user_pref("CT2737658.fixPageNotFoundError", "true");
Line Deleted : user_pref("CT2737658.fixPageNotFoundErrorByUser", "true");
Line Deleted : user_pref("CT2737658.fixPageNotFoundErrorInHidden", "true");
Line Deleted : user_pref("CT2737658.fullUserID", "UN21668833222002578.IN.20130907161424");
Line Deleted : user_pref("CT2737658.ground-country-code.enc", "IlVTIg==");
Line Deleted : user_pref("CT2737658.installDate", "07/09/2013 16:14:41");
Line Deleted : user_pref("CT2737658.installId", "conduitnsisintegration");
Line Deleted : user_pref("CT2737658.installSessionId", "-1");
Line Deleted : user_pref("CT2737658.installSp", "TRUE");
Line Deleted : user_pref("CT2737658.installType", "conduitnsisintegration");
Line Deleted : user_pref("CT2737658.installUsage", "2013-09-08T03:25:58.3969658+03:00");
Line Deleted : user_pref("CT2737658.installUsageEarly", "2013-09-08T03:25:29.3348378+03:00");
Line Deleted : user_pref("CT2737658.installerVersion", "1.6.1.2");
Line Deleted : user_pref("CT2737658.isCheckedStartAsHidden", true);
Line Deleted : user_pref("CT2737658.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2737658.isFirstTimeToolbarLoading", "false");
Line Deleted : user_pref("CT2737658.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT2737658.keyword", "true");
Line Deleted : user_pref("CT2737658.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT2737658&octid=CT2737658&SearchSource=15&CUI=UN21668833222002578&SSPV=&Lay=1&UM=2\"}");
Line Deleted : user_pref("CT2737658.lastVersion", "10.19.2.505");
Line Deleted : user_pref("CT2737658.mam_gk_appStateReportTime.enc", "MTM3ODYwMDA0NDg1OQ==");
Line Deleted : user_pref("CT2737658.mam_gk_appState_ACplus.enc", "b24=");
Line Deleted : user_pref("CT2737658.mam_gk_appState_CouponBuddy.enc", "b24=");
Line Deleted : user_pref("CT2737658.mam_gk_appState_Discover.enc", "b24=");
Line Deleted : user_pref("CT2737658.mam_gk_appState_Easytobook.enc", "b24=");
Line Deleted : user_pref("CT2737658.mam_gk_appState_Easytobook_targeted.enc", "b24=");
Line Deleted : user_pref("CT2737658.mam_gk_appState_Find-a-Pro.enc", "b24=");
Line Deleted : user_pref("CT2737658.mam_gk_appState_PiclickV2-WebSearch.enc", "b24=");
Line Deleted : user_pref("CT2737658.mam_gk_appState_PriceGong.enc", "b24=");
Line Deleted : user_pref("CT2737658.mam_gk_appState_WindowShopper.enc", "b24=");
Line Deleted : user_pref("CT2737658.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9wcmljZWdvbmcuY29uZHVpdGFwcHMuY29tL01BTS92MS9odG1sX2NvbXAuaHRtbCIsInNjcmlwdFVybCI6bnVsbCwib3B0aW9uc0Rp[...]
Line Deleted : user_pref("CT2737658.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");
Line Deleted : user_pref("CT2737658.mam_gk_calledSetupService.enc", "MQ==");
Line Deleted : user_pref("CT2737658.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IlBpY2xpY2tWMi1XZWJTZWFyY2giLCJjcml0ZXJpYXMiOlt7ImNyaXRlcmlhSWQiOiJiOWYzZDA4NS0zNzI2LTRmNGEtYjQ2ZC1kYmNjZTg4YzQ5NGQiLCJ[...]
Line Deleted : user_pref("CT2737658.mam_gk_currentVersion.enc", "MS4xMC40LjA=");
Line Deleted : user_pref("CT2737658.mam_gk_existingUsersRecoveryDone.enc", "MQ==");
Line Deleted : user_pref("CT2737658.mam_gk_first_time.enc", "MQ==");
Line Deleted : user_pref("CT2737658.mam_gk_installer_preapproved.enc", "ZmFsc2U=");
Line Deleted : user_pref("CT2737658.mam_gk_lastLoginTime.enc", "MTM3ODYwMDA1NTM0Mw==");
Line Deleted : user_pref("CT2737658.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50IFBvbGljeSJ9LCJnYWRnZXREZXNjcmlwdGlvblByaW1hcnkiOnsiVGV4dCI6IlZhbHVlIEFwcHMgZW5yaWNoZXMgeW91ciB3ZWIg[...]
Line Deleted : user_pref("CT2737658.mam_gk_mamEnabled.enc", "dHJ1ZQ==");
Line Deleted : user_pref("CT2737658.mam_gk_new_welcome_experience.enc", "MQ==");
Line Deleted : user_pref("CT2737658.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
Line Deleted : user_pref("CT2737658.mam_gk_settings1.10.4.0.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiMzVfMCIsImlzVGVzdCI6dHJ1ZSwiVXNlckNvdW50cnlDb2RlIjoiVVMiLCJpc1dlbGNvbWVFeHBl[...]
Line Deleted : user_pref("CT2737658.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
Line Deleted : user_pref("CT2737658.mam_gk_userId.enc", "MzRkNzNmMWMtYmEwMi00NmFkLTk0OTYtYWE0ZWE2NzYwNGRk");
Line Deleted : user_pref("CT2737658.mam_gk_user_approval_interacted.enc", "MQ==");
Line Deleted : user_pref("CT2737658.mam_gk_welcomeDialogMode.enc", "MQ==");
Line Deleted : user_pref("CT2737658.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fwww.google.com%2Ffirefox\",\"EB_MAIN_FRAME_TITLE\":\"Problem%20loading%20page\",\"EB_SEARCH_TERM\":\"\",\"EB_TOOLBAR[...]
Line Deleted : user_pref("CT2737658.openThankYouPage", "false");
Line Deleted : user_pref("CT2737658.openUninstallPage", "true");
Line Deleted : user_pref("CT2737658.originalSearchAddressUrl", "");
Line Deleted : user_pref("CT2737658.price-gong.isManagedApp", "true");
Line Deleted : user_pref("CT2737658.revertSettingsEnabled", "false");
Line Deleted : user_pref("CT2737658.search.searchAppId", "129258407936791975");
Line Deleted : user_pref("CT2737658.search.searchCount", "0");
Line Deleted : user_pref("CT2737658.searchInNewTabEnabledByUser", "false");
Line Deleted : user_pref("CT2737658.searchInNewTabEnabledInHidden", "true");
Line Deleted : user_pref("CT2737658.searchRevert", "false");
Line Deleted : user_pref("CT2737658.searchSuggestEnabledByUser", "true");
Line Deleted : user_pref("CT2737658.searchUserMode", "2");
Line Deleted : user_pref("CT2737658.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2737658.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2737658.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Deleted : user_pref("CT2737658.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2737658\"}");
Line Deleted : user_pref("CT2737658.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://FreeOnlineRadioPlayerRecorder.OurToolbar.com//xpi\"}");
Line Deleted : user_pref("CT2737658.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"FreeOnlineRadioPlayerRecorder \"}");
Line Deleted : user_pref("CT2737658.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2737658.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Deleted : user_pref("CT2737658.serviceLayer_services_Configuration_lastUpdate", "1378599766633");
Line Deleted : user_pref("CT2737658.serviceLayer_services_app.twitter.user-cnet_lastUpdate", "1378599824092");
Line Deleted : user_pref("CT2737658.serviceLayer_services_app.twitter.user-cnnbrk_lastUpdate", "1378603357608");
Line Deleted : user_pref("CT2737658.serviceLayer_services_app.twitter.user-computeractive_lastUpdate", "1378603355578");
Line Deleted : user_pref("CT2737658.serviceLayer_services_app.twitter.user-dailymirror_lastUpdate", "1378599826907");
Line Deleted : user_pref("CT2737658.serviceLayer_services_app.twitter.user-google_lastUpdate", "1378603355580");
Line Deleted : user_pref("CT2737658.serviceLayer_services_app.twitter.user-techcrunch_lastUpdate", "1378603355276");
Line Deleted : user_pref("CT2737658.serviceLayer_services_app.twitter.user-time_lastUpdate", "1378599833137");
Line Deleted : user_pref("CT2737658.serviceLayer_services_app.twitter.user-wired_lastUpdate", "1378599828283");
Line Deleted : user_pref("CT2737658.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1378599797484");
Line Deleted : user_pref("CT2737658.serviceLayer_services_appsMetadata_lastUpdate", "1378599807955");
Line Deleted : user_pref("CT2737658.serviceLayer_services_clientErrorLog_lastUpdate", "1378599849647");
Line Deleted : user_pref("CT2737658.serviceLayer_services_getTwitterExtraInfo_lastUpdate", "1378599872213");
Line Deleted : user_pref("CT2737658.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1378599807540");
Line Deleted : user_pref("CT2737658.serviceLayer_services_installUsage_ToolbarInstallEarly_lastUpdate", "1378599768277");
Line Deleted : user_pref("CT2737658.serviceLayer_services_installUsage_ToolbarInstall_lastUpdate", "1378599808084");
Line Deleted : user_pref("CT2737658.serviceLayer_services_login_10.19.2.5_lastUpdate", "1378599849685");
Line Deleted : user_pref("CT2737658.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1378599807852");
Line Deleted : user_pref("CT2737658.serviceLayer_services_searchAPI_lastUpdate", "1378599769383");
Line Deleted : user_pref("CT2737658.serviceLayer_services_serviceMap_lastUpdate", "1378599765142");
Line Deleted : user_pref("CT2737658.serviceLayer_services_toolbarContextMenu_lastUpdate", "1378599806854");
Line Deleted : user_pref("CT2737658.serviceLayer_services_toolbarSettings_lastUpdate", "1378599787865");
Line Deleted : user_pref("CT2737658.serviceLayer_services_translation_lastUpdate", "1378599807980");
Line Deleted : user_pref("CT2737658.settingsINI", true);
Line Deleted : user_pref("CT2737658.shouldFirstTimeDialog", "false");
Line Deleted : user_pref("CT2737658.showToolbarPermission", "false");
Line Deleted : user_pref("CT2737658.smartbar.CTID", "CT2737658");
Line Deleted : user_pref("CT2737658.smartbar.Uninstall", "0");
Line Deleted : user_pref("CT2737658.smartbar.isHidden", false);
Line Deleted : user_pref("CT2737658.smartbar.toolbarName", "FreeOnlineRadioPlayerRecorder ");
Line Deleted : user_pref("CT2737658.startPage", "false");
Line Deleted : user_pref("CT2737658.toolbarBornServerTime", "8-9-2013");
Line Deleted : user_pref("CT2737658.toolbarCurrentServerTime", "8-9-2013");
Line Deleted : user_pref("CT2737658.toolbarLoginClientTime", "Sat Sep 07 2013 17:24:09 GMT-0700 (Pacific Standard Time)");
Line Deleted : user_pref("CT2737658.versionFromInstaller", "10.19.2.5");
Line Deleted : user_pref("CT2737658.xpeMode", "0");
Line Deleted : user_pref("CT2737658_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1378606203698,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("DownTangoFTToolbar_2937.global.ClearSearchHistoryOnClose", "false");
Line Deleted : user_pref("DownTangoFTToolbar_2937.global.CurrentLanguageSelection", "English");
Line Deleted : user_pref("DownTangoFTToolbar_2937.global.CurrentNavigationSelection", "Current window");
Line Deleted : user_pref("DownTangoFTToolbar_2937.global.CurrentSearchEngineSelection", "US: United States of America");
Line Deleted : user_pref("DownTangoFTToolbar_2937.global.DisplayRecentSearches", "true");
Line Deleted : user_pref("DownTangoFTToolbar_2937.global.ShowButtonText2", "true");
Line Deleted : user_pref("DownTangoFTToolbar_2937.global.UpdateTime", "1354148546347");
Line Deleted : user_pref("DownTangoFTToolbar_2937.global.setupExtension", "true");
Line Deleted : user_pref("DownTangoFTToolbar_2937.global.userEnable", true);
Line Deleted : user_pref("DownTangoFTToolbar_2937.global.userID", "5b598b185450a5acba02ca80347508cd");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
Line Deleted : user_pref("extensions.daplinkchecker@speedbit.com.install-event-fired", true);
Line Deleted : user_pref("extensions.enabledItems", "engine@conduit.com:3.3.3.2,firefox@ghostery.com:2.6.0.1,{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21,{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22,{CAFEEFAC-0016[...]
Line Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2737658&SearchSource=2&CUI=UN21668833222002578&UM=2&q=");
Line Deleted : user_pref("plugin.state.npviewpoint", 0);
Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT2737658");
Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2737658&SearchSource=2&CUI=UN21668833222002578&UM=2&q=");
Line Deleted : user_pref("smartbar.machineId", "Q0KPPBPT6APFG9JNPGTXV4BMCGI+ONFVTKEPT5GZ/OENDEBYE9LCIVG1AIG4UHPEA2L4IYEQY0PGJ0FC5N4+FG");

*************************

AdwCleaner[R0].txt - [23930 octets] - [23/02/2014 08:41:40]
AdwCleaner[R1].txt - [24524 octets] - [06/03/2014 17:56:18]
AdwCleaner[S0].txt - [24309 octets] - [06/03/2014 19:01:12]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [24370 octets] ##########


JRT:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Microsoft Windows XP x86
Ran by D.R. on Thu 03/06/2014 at 19:45:28.62
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctl
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctl.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctlsecondary
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctlsecondary.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitengine
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\viewpointmediaplayer
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{2B8B806F-3C77-460E-A910-689D01020085}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B178307D-694F-41A0-AA31-C0DA41E2216D}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{1C0A9D8F-DBDD-D292-72D5-646CEFA495BB}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\fighters"
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\viewpoint"
Successfully deleted: [Folder] "C:\Documents and Settings\D.R.\Application Data\defaulttab"
Successfully deleted: [Folder] "C:\Documents and Settings\D.R.\Application Data\getrighttogo"
Successfully deleted: [Folder] "C:\Documents and Settings\D.R.\Local Settings\Application Data\conduit"
Successfully deleted: [Folder] "C:\Documents and Settings\D.R.\Local Settings\Application Data\conduitengine"
Successfully deleted: [Folder] "C:\Program Files\conduit"
Successfully deleted: [Folder] "C:\Program Files\conduitengine"
Successfully deleted: [Folder] "C:\Program Files\viewpoint"
Successfully deleted: [Folder] "C:\WINDOWS\freecorder"



~~~ FireFox

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions\\{184aa5e6-741d-464a-820e-94b3abc2f3b4}
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{184aa5e6-741d-464a-820e-94b3abc2f3b4}
Successfully deleted the following from C:\Documents and Settings\D.R. \Application Data\mozilla\firefox\profiles\abg9ebcp.default\prefs.js

user_pref("arcadeparlor.settings.addon_data", "hxxp://tt.arcadeparlor.com/cmn?p=YTE5NzE4NjM1MzFIqBqtheA8HxNjxe8pNsXioFlPb7Oi1SfCxud5o1EbNOhG00J80C%2BVeBLU4%2BKDuG7fLns%2BjPWPX
user_pref("extensions.addon@defaulttab.com.install-event-fired", true);
user_pref("extensions.ghostery.blockingLog", "Blocked script: hxxp://www.google-analytics.com/ga.js origin: gmc.yoyogames.com\nBlocked frame: hxxp://googleads.g.doubleclick.ne
Emptied folder: C:\Documents and Settings\D.R.\Application Data\mozilla\firefox\profiles\abg9ebcp.default\minidumps [10 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 03/06/2014 at 19:55:07.56
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

ESETScan:

 

C:\Documents and Settings\D.R.\Local Settings\Application Data\Freecorder\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.6.12\bin\PriceGongIE.dll    a variant of Win32/PriceGong.A potentially unwanted application    deleted - quarantined
C:\Documents and Settings\D.R.\Local Settings\temp\pcspeedmaxsetup.exe    a variant of Win32/SpeedingUpMyPC.F application    cleaned by deleting - quarantined
C:\Documents and Settings\Dashel R\Local Settings\temp\Stub\136450764\sbw.exe    a variant of Win32/SBWatchman.A potentially unwanted application    deleted - quarantined
C:\Documents and Settings\Dashel R\Local Settings\temp\Stub\1827755278\sbw.exe    a variant of Win32/SBWatchman.A potentially unwanted application    deleted - quarantined
C:\Documents and Settings\Dashel R\My Documents\FFSetup3.0.1.exe    a variant of Win32/Hao123.A potentially unwanted application    deleted - quarantined
C:\Documents and Settings\Dashel R\My Documents\Downloads\avc-free.exe    Win32/OpenCandy potentially unsafe application    deleted - quarantined
C:\Documents and Settings\Dashel R\My Documents\Downloads\CheatEngine63.exe    Win32/OpenCandy potentially unsafe application    deleted - quarantined
C:\Documents and Settings\Dashel R\My Documents\Downloads\copy1-wajam_validate.exe    Win32/Wajam.F potentially unwanted application    deleted - quarantined
C:\Documents and Settings\Dashel R\My Documents\Downloads\copy2-wajam_validate.exe    Win32/Wajam.F potentially unwanted application    deleted - quarantined
C:\Documents and Settings\Dashel R\My Documents\Downloads\CR_Downloader_for_gilligan's-island.exe    a variant of Win32/InstallCore.JE.gen potentially unwanted application    deleted - quarantined
C:\Documents and Settings\Dashel R\My Documents\Downloads\FCTBSetup.exe    a variant of Win32/Toolbar.Conduit.B potentially unwanted application    deleted - quarantined
C:\Documents and Settings\Dashel R\My Documents\Downloads\FFSetup3.0.1.exe    a variant of Win32/Hao123.A potentially unwanted application    deleted - quarantined
C:\Documents and Settings\Dashel R\My Documents\Downloads\SoftonicDownloader_for_download-accelerator-plus.exe    a variant of Win32/SoftonicDownloader.E potentially unwanted application    deleted - quarantined
C:\Documents and Settings\Dashel R\My Documents\Downloads\spsetup125.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted - quarantined
C:\Documents and Settings\Dashel R\My Documents\Downloads\wajam_validate.exe    Win32/Wajam.F potentially unwanted application    deleted - quarantined
C:\Documents and Settings\Dashel R\My Documents\Downloads\wirelesskeyview.zip    a variant of Win32/WirelessKeyView.A potentially unsafe application    deleted - quarantined
C:\Documents and Settings\Dashel R\My Documents\My DAP Downloads\CR_Downloader_for_tales-of-phantasia.exe.dap    a variant of Win32/InstallCore.JE.gen potentially unwanted application    deleted - quarantined
C:\Program Files\Cheat Engine 6.3\cheatengine-i386.exe    a variant of Win32/HackTool.CheatEngine.AB potentially unsafe application    deleted - quarantined
C:\Program Files\Cheat Engine 6.3\standalonephase1.dat    a variant of Win32/HackTool.CheatEngine.AF potentially unsafe application    deleted - quarantined
C:\Program Files\Free Audio Editor\ConduitInstaller.exe    Win32/Toolbar.Conduit potentially unwanted application    deleted - quarantined
C:\Program Files\Freecorder\freecorder.exe    a variant of Win32/Toolbar.Conduit.B potentially unwanted application    deleted - quarantined
C:\Program Files\Freecorder\tbFree.dll    a variant of Win32/Toolbar.Conduit.B potentially unwanted application    deleted - quarantined
C:\Program Files\Google\New Folder\freecorder.exe    a variant of Win32/Toolbar.Conduit.B potentially unwanted application    deleted - quarantined
C:\Qoobox\Quarantine\C\Documents and Settings\Dashel R\Application Data\DefaultTab\DefaultTab\DefaultTabBHO.dll.vir    Win32/Toolbar.DefaultTab.A potentially unwanted application    deleted - quarantined
C:\Qoobox\Quarantine\C\Documents and Settings\Dashel R\Application Data\DefaultTab\DefaultTab\DefaultTabStart.exe.vir    Win32/Toolbar.DefaultTab.A potentially unwanted application    deleted - quarantined
C:\Qoobox\Quarantine\C\Documents and Settings\Dashel R\Application Data\DefaultTab\DefaultTab\DefaultTabStart64.exe.vir    Win64/Toolbar.DefaultTab.A potentially unwanted application    deleted - quarantined
C:\Qoobox\Quarantine\C\Documents and Settings\Dashel R\Application Data\DefaultTab\DefaultTab\DefaultTabWrap.dll.vir    Win32/Toolbar.DefaultTab.A potentially unwanted application    deleted - quarantined
C:\Qoobox\Quarantine\C\Documents and Settings\Dashel R\Application Data\DefaultTab\DefaultTab\DefaultTabWrap64.dll.vir    Win64/Toolbar.DefaultTab.A potentially unwanted application    deleted - quarantined
C:\Qoobox\Quarantine\C\Documents and Settings\Dashel R\Application Data\DefaultTab\DefaultTab\DTUpdate.exe.vir    Win32/Toolbar.DefaultTab.A potentially unwanted application    deleted - quarantined
C:\Qoobox\Quarantine\C\Program Files\Freecorder\freecorder.exe.vir    a variant of Win32/Toolbar.Conduit.B potentially unwanted application    deleted - quarantined
C:\RECYCLER\S-1-5-21-329806685-2581723038-1583669757-1007\Dc290.dll    a variant of Win32/SBWatchman.A potentially unwanted application    deleted - quarantined
C:\RECYCLER\S-1-5-21-329806685-2581723038-1583669757-1007\Dc292.dll    a variant of Win32/SBWatchman.A potentially unwanted application    deleted - quarantined
C:\RECYCLER\S-1-5-21-329806685-2581723038-1583669757-1007\Dc293.exe    a variant of Win32/SBWatchman.A potentially unwanted application    deleted - quarantined
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP374\A0122895.exe    probably a variant of Win32/InstallIQ.A potentially unwanted application    deleted - quarantined
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP396\A0130206.exe    a variant of Win32/CNETInstaller.B potentially unwanted application    deleted - quarantined
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP414\A0139721.exe    a variant of Win32/SoftonicDownloader.E potentially unwanted application    deleted - quarantined
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP414\A0139722.exe    a variant of Win32/SoftonicDownloader.E potentially unwanted application    deleted - quarantined
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP415\A0139757.exe    a variant of Win32/InstallCore.IJ potentially unwanted application    deleted - quarantined
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP424\A0141944.exe    a variant of Win32/InstallCore.IJ potentially unwanted application    deleted - quarantined
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP432\A0148911.exe    a variant of Win32/AdWare.AddLyrics.AF application    cleaned by deleting - quarantined
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP432\A0148913.exe    a variant of Win32/AdWare.AddLyrics.AE application    cleaned by deleting - quarantined
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP437\A0155575.exe    Win32/Conduit.SearchProtect.A potentially unwanted application    deleted - quarantined
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP455\A0167331.dll    Win32/Toolbar.Conduit.Y potentially unwanted application    deleted - quarantined
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP455\A0167332.dll    Win32/Toolbar.Conduit.Y potentially unwanted application    deleted - quarantined
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP455\A0167333.dll    a variant of Win32/Toolbar.Conduit.B potentially unwanted application    deleted - quarantined
 



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:59 AM

Posted 07 March 2014 - 08:19 PM

Please look in Control Panel , Add/Remove and remove this if it is there.
Conduit Engine (Version: )

When did you run ComboFix?

Pearl does exist so delete that account.. To delete a user account

 

Restart the machine.

And how is it


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 faye raye

faye raye
  • Topic Starter

  • Members
  • 150 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:59 AM

Posted 07 March 2014 - 11:29 PM

I don't see ConduitEngine in the Add/Remove Programs, and, when I try to delete the account, at this point: Computer Management > System Tools- Right here, I don't see this: > Local Users and Groups > Users  anywhere.

 

And I ran ComboFix around May, I think, last May or June... definitely not past October, though.



#10 faye raye

faye raye
  • Topic Starter

  • Members
  • 150 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:59 AM

Posted 08 March 2014 - 12:14 AM

UPDATE: ^ The above part about deleting the account is unnessecary now, I deleting it via Control Panel > User Accounts.

 

I restarted, and it's gone off the Sign-In.  The PC is still having the audio issue, and I will update you as time passes on whether it still has the AOL Re-connecting-every so often-error.



#11 faye raye

faye raye
  • Topic Starter

  • Members
  • 150 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:59 AM

Posted 08 March 2014 - 11:07 AM

I haven't seen the AOL issue, but the Internet does seem unusually slow.



#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:59 AM

Posted 08 March 2014 - 11:27 AM

There is probably something in here, perhaps a bootkit we cannot see causing the audio. We will need to get a deeper look.

Please follow this Preparation Guide, do steps 6,7 and 8 and post in a new topic.
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 Platypus

Platypus

  • Moderator
  • 14,495 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Australia
  • Local time:10:59 PM

Posted 09 March 2014 - 03:49 AM

Continued here:

 

http://www.bleepingcomputer.com/forums/t/526960/new-thread-for-dds-check/#entry3309942


Top 5 things that never get done:

1.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users