Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Net speed decreased, but ok in speed test


  • This topic is locked This topic is locked
14 replies to this topic

#1 icebloodvs

icebloodvs

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:03:31 AM

Posted 27 March 2014 - 08:22 AM

Hi guys,

 

I am new comer here in this forum, i was hoping someone could help me.

 

So here is the problem, i cant remember what i did, but my internet speed has gone down for some reason...i cant even read a manga properly, but when i run a speed test my DL speed is about 2.95MBps. I was wondering how can i know if i am infected or something? Please help

 

Thank you very much!



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:31 PM

Posted 27 March 2014 - 09:58 AM

Lets see what these say.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 icebloodvs

icebloodvs
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:03:31 AM

Posted 27 March 2014 - 10:07 AM

MiniToolBox Log

 

MiniToolBox by Farbar  Version: 23-01-2014
Ran by Aldrin Domingo (administrator) on 27-03-2014 at 23:06:49
Running from "C:\Users\Aldrin Domingo\Downloads\Programs"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
 
 
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : AldrinDomingo
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 50-E5-49-C8-B3-D0
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::cd15:1f28:4ea1:9645%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.33(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, 27 March, 2014 10:32:00 PM
   Lease Expires . . . . . . . . . . : Sunday, 30 March, 2014 10:33:00 PM
   Default Gateway . . . . . . . . . : fe80::fef5:28ff:fe40:b5c4%11
                                       192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 240182601
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-2F-E7-A3-50-E5-49-C8-B3-D0
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.{CDE4DCC1-60AD-49A4-8A05-91BAF9A47614}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:90d7:2c9f:adce:8f34:e6b2(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::2c9f:adce:8f34:e6b2%12(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  UnKnown
Address:  192.168.1.1
 
Name:    google.com
Addresses:  2607:f8b0:4005:802::100e
 74.125.239.39
 74.125.239.40
 74.125.239.41
 74.125.239.46
 74.125.239.32
 74.125.239.33
 74.125.239.34
 74.125.239.35
 74.125.239.36
 74.125.239.37
 74.125.239.38
 
 
Pinging google.com [74.125.239.136] with 32 bytes of data:
Reply from 74.125.239.136: bytes=32 time=177ms TTL=51
Reply from 74.125.239.136: bytes=32 time=172ms TTL=51
 
Ping statistics for 74.125.239.136:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 172ms, Maximum = 177ms, Average = 174ms
Server:  UnKnown
Address:  192.168.1.1
 
Name:    yahoo.com
Addresses:  98.138.253.109
 98.139.183.24
 206.190.36.45
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=206ms TTL=46
Reply from 206.190.36.45: bytes=32 time=206ms TTL=46
 
Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 206ms, Maximum = 206ms, Average = 206ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 11...50 e5 49 c8 b3 d0 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.33     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link      192.168.1.33    276
     192.168.1.33  255.255.255.255         On-link      192.168.1.33    276
    192.168.1.255  255.255.255.255         On-link      192.168.1.33    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.1.33    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.1.33    276
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 11    276 ::/0                     fe80::fef5:28ff:fe40:b5c4
 12     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 12     58 2001::/32                On-link
 12    306 2001:0:9d38:90d7:2c9f:adce:8f34:e6b2/128
                                    On-link
 11    276 fe80::/64                On-link
 12    306 fe80::/64                On-link
 12    306 fe80::2c9f:adce:8f34:e6b2/128
                                    On-link
 11    276 fe80::cd15:1f28:4ea1:9645/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    306 ff00::/8                 On-link
 11    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (03/27/2014 10:57:56 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -1023.
 
Error: (03/27/2014 10:57:56 PM) (Source: ESENT) (User: )
Description: Catalog Database (1284) Catalog Database: Error -1023 (0xfffffc01) occurred while opening logfile C:\Windows\system32\CatRoot2\edb.log.
 
Error: (03/27/2014 10:57:56 PM) (Source: ESENT) (User: )
Description: Catalog Database (1284) Catalog Database: Error -1023 (0xfffffc01) occurred while opening logfile C:\Windows\system32\CatRoot2\edb.log.
 
Error: (03/27/2014 10:32:52 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
 
Error: (03/27/2014 10:32:51 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
 
Error: (03/27/2014 10:15:02 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/27/2014 10:12:29 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]
 
Error: (03/27/2014 09:42:45 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x80040154, Class not registered
.
 
 
Operation:
   Instantiating VSS server
 
Error: (03/27/2014 09:42:45 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: A critical component required by the Volume Shadow Copy service is not registered.
This might happened if an error occurred during Windows setup or during installation of a Shadow Copy provider.
The error returned from CoCreateInstance on class with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and Name IVssCoordinatorEx2 is [0x80040154, Class not registered
].
 
 
Operation:
   Instantiating VSS server
 
Error: (03/27/2014 08:58:50 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (03/27/2014 10:26:18 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.167.1151.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.0.1526.00
 
Source Path: 4.0.1526.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (03/27/2014 10:26:18 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.167.1151.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.0.1526.00
 
Source Path: 4.0.1526.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (03/27/2014 09:42:47 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.167.1151.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.0.1526.00
 
Source Path: 4.0.1526.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (03/27/2014 09:42:47 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.167.1151.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.0.1526.00
 
Source Path: 4.0.1526.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (03/27/2014 08:50:30 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service failed to start due to the following error: 
%%1053
 
Error: (03/27/2014 08:50:30 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
 
Error: (03/27/2014 08:50:29 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service failed to start due to the following error: 
%%1053
 
Error: (03/27/2014 08:50:29 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
 
Error: (03/27/2014 08:50:10 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service failed to start due to the following error: 
%%1053
 
Error: (03/27/2014 08:50:10 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2014-03-27 20:37:18.740
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-03-27 20:37:18.735
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-03-27 20:37:18.728
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-03-27 20:37:18.722
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-08-11 14:29:06.281
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\temp\ncvet.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-08-11 14:29:06.270
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\temp\ncvet.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-08-11 14:29:01.242
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\temp\ncvet.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-08-11 14:29:01.232
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\temp\ncvet.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-08-11 14:28:56.209
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\temp\ncvet.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-08-11 14:28:56.202
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\temp\ncvet.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
=========================== Installed Programs ============================
 
@BIOS (Version: 2.20)
µTorrent (Version: 3.1.3)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
A4 TECH PC Camera H
A4 TECH PC Camera H (Version: 2007.11.12)
Adobe After Effects CS5.5 (Version: 10.5)
Adobe After Effects CS5.5 Third Party Content (Version: 10.5)
Adobe AIR (Version: 2.7.1.19610)
Adobe Community Help (Version: 3.4.980)
Adobe Download Assistant (Version: 1.2.6)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.257)
Adobe Media Player (Version: 1.8)
Adobe Photoshop CS5.1 (Version: 12.1)
Adobe Photoshop Lightroom 4.3 64-bit (Version: 4.3.1)
Adobe Reader XI (11.0.06) (Version: 11.0.06)
Adobe Story (Version: 1.0.571)
Akamai NetSession Interface
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
AVS Cover Editor 2.0.1.3
AVS Update Manager 1.0
AVS4YOU Software Navigator 1.4
CCleaner (Version: 3.17)
D3DX10 (Version: 15.4.2368.0902)
Dragon Nest SEA (Version: 1.113.0000)
EASEUS Data Recovery Wizard Professional 5.5.1
Easy Tune 6 B11.1206.1 (Version: 1.00.0000)
Facebook Video Calling 2.0.0.447 (Version: 2.0.447)
Garena - League of Legends
Garena Plus (Version: 2011)
GeForce Experience NvStream Client Components (Version: 1.6.28)
Google Chrome (Version: 33.0.1750.146)
Google Update Helper (Version: 1.3.23.0)
Install Supporter 1.80
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1118)
Internet Download Manager
Internet Explorer Toolbar 4.6 by SweetPacks (Version: 4.6.0004)
iTunes (Version: 10.7.0.21)
Java 7 Update 45 (Version: 7.0.450)
Java Auto Updater (Version: 2.1.9.8)
JavaFX 2.1.1 (Version: 2.1.1)
Junk Mail filter update (Version: 15.4.3502.0922)
K-Lite Mega Codec Pack 7.7.8 (Version: 7.7.8)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.88.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft VC90 CRT + OMP (Version: 1.0.0.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
Mozilla Firefox 15.0 (x86 en-US) (Version: 15.0)
Mozilla Firefox 23.0.1 (x86 en-US) (Version: 23.0.1)
Mozilla Maintenance Service (Version: 23.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT Redists (Version: 1.0)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nero 7 Ultra Edition (Version: 7.02.9753)
neroxml (Version: 1.0.0)
Notepad++ (Version: 6.1.5)
NVIDIA 3D Vision Controller Driver (Version: 280.19)
NVIDIA 3D Vision Controller Driver 332.21 (Version: 332.21)
NVIDIA 3D Vision Driver 332.21 (Version: 332.21)
NVIDIA Control Panel 332.21 (Version: 332.21)
NVIDIA GeForce Experience 1.8.1 (Version: 1.8.1)
NVIDIA Graphics Driver 332.21 (Version: 332.21)
NVIDIA HD Audio Driver 1.3.30.1 (Version: 1.3.30.1)
NVIDIA Install Application (Version: 2.1002.142.992)
NVIDIA LED Visualizer 1.0 (Version: 1.0)
NVIDIA Network Service (Version: 1.0)
NVIDIA PhysX (Version: 9.13.0725)
NVIDIA PhysX System Software 9.13.0725 (Version: 9.13.0725)
NVIDIA ShadowPlay 10.11.15 (Version: 10.11.15)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.3221)
NVIDIA Update 10.11.15 (Version: 10.11.15)
NVIDIA Update Core (Version: 10.11.15)
NVIDIA Virtual Audio 1.2.19 (Version: 1.2.19)
ON_OFF Charge B11.1102.1 (Version: 1.00.0001)
OpooSoft PDF To JPEG Converter v6.3
Pando Media Booster (Version: 2.6.0.7)
PandoraRecovery (Remove Only)
PDF Settings CS5 (Version: 10.0)
Photodex Presenter
Portrait Professional Studio 9.0 (Version: 9.0)
PowerISO
Print2PDF Server Edition (Version: 7.0.07.0803)
ProShow Gold
QuickTime (Version: 7.72.80.56)
Realtek Ethernet Controller Driver (Version: 7.48.823.2011)
Realtek High Definition Audio Driver (Version: 6.0.1.6662)
Samsung Kies (Version: 2.6.2.14014_5)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.33.0)
Secunia PSI (3.0.0.3001) (Version: 3.0.0.3001)
SHIELD Streaming (Version: 1.6.85)
Super Street Fighter IV: Arcade Edition (Version: 1.0.0000.129)
System Requirements Lab CYRI (Version: 6.0.8.0)
Trapcode Suite 64-bit (Version: 11.0.2)
Tweaking.com - Windows Repair (All in One) (Version: 2.5.1)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687400) 32-Bit Edition
Vegas Pro 11.0 (64-bit) (Version: 11.0.511)
VLC media player 2.0.1 (Version: 2.0.1)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR archiver
Xilisoft Video Converter Ultimate (Version: 7.7.3.20131014)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 28%
Total physical RAM: 8156.22 MB
Available physical RAM: 5848.68 MB
Total Pagefile: 16310.64 MB
Available Pagefile: 13726.02 MB
Total Virtual: 4095.88 MB
Available Virtual: 3953.84 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:341.8 GB) (Free:220.24 GB) NTFS
2 Drive d: () (Fixed) (Total:292.97 GB) (Free:279.79 GB) NTFS
3 Drive e: () (Fixed) (Total:296.65 GB) (Free:180.81 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\ALDRINDOMINGO
 
Administrator            Aldrin Domingo           Guest                    
 
 
**** End of log ****


#4 icebloodvs

icebloodvs
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:03:31 AM

Posted 27 March 2014 - 10:10 AM

TDSS log

 

23:09:19.0292 0x1740  TDSS rootkit removing tool 3.0.0.25 Feb 27 2014 15:23:02
23:09:28.0829 0x1740  ============================================================
23:09:28.0829 0x1740  Current date / time: 2014/03/27 23:09:28.0829
23:09:28.0829 0x1740  SystemInfo:
23:09:28.0829 0x1740  
23:09:28.0829 0x1740  OS Version: 6.1.7601 ServicePack: 1.0
23:09:28.0829 0x1740  Product type: Workstation
23:09:28.0829 0x1740  ComputerName: ALDRINDOMINGO
23:09:28.0829 0x1740  UserName: Aldrin Domingo
23:09:28.0830 0x1740  Windows directory: C:\Windows
23:09:28.0830 0x1740  System windows directory: C:\Windows
23:09:28.0830 0x1740  Running under WOW64
23:09:28.0830 0x1740  Processor architecture: Intel x64
23:09:28.0830 0x1740  Number of processors: 4
23:09:28.0830 0x1740  Page size: 0x1000
23:09:28.0830 0x1740  Boot type: Normal boot
23:09:28.0830 0x1740  ============================================================
23:09:29.0936 0x1740  KLMD registered as C:\Windows\system32\drivers\71999844.sys
23:09:30.0184 0x1740  System UUID: {3D787978-9145-40AD-D3E9-9539F7C1BFB3}
23:09:30.0769 0x1740  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:09:30.0772 0x1740  ============================================================
23:09:30.0772 0x1740  \Device\Harddisk0\DR0:
23:09:30.0772 0x1740  MBR partitions:
23:09:30.0772 0x1740  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
23:09:30.0772 0x1740  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x2AB98000
23:09:30.0772 0x1740  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x2ABCA800, BlocksNum 0x249F0000
23:09:30.0772 0x1740  \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x4F5BA800, BlocksNum 0x2514B800
23:09:30.0772 0x1740  ============================================================
23:09:30.0779 0x1740  C: <-> \Device\Harddisk0\DR0\Partition2
23:09:30.0813 0x1740  D: <-> \Device\Harddisk0\DR0\Partition3
23:09:30.0852 0x1740  E: <-> \Device\Harddisk0\DR0\Partition4
23:09:30.0853 0x1740  ============================================================
23:09:30.0853 0x1740  Initialize success
23:09:30.0853 0x1740  ============================================================
23:09:42.0494 0x17a0  ============================================================
23:09:42.0494 0x17a0  Scan started
23:09:42.0494 0x17a0  Mode: Manual; 
23:09:42.0494 0x17a0  ============================================================
23:09:42.0494 0x17a0  KSN ping started
23:09:45.0291 0x17a0  KSN ping finished: true
23:09:45.0692 0x17a0  ================ Scan system memory ========================
23:09:45.0692 0x17a0  System memory - ok
23:09:45.0692 0x17a0  ================ Scan services =============================
23:09:45.0798 0x17a0  1394hub - ok
23:09:45.0842 0x17a0  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
23:09:45.0850 0x17a0  1394ohci - ok
23:09:45.0924 0x17a0  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] 1a34a8e0        C:\Windows\system32\rundll32.exe
23:09:45.0928 0x17a0  1a34a8e0 - ok
23:09:45.0945 0x17a0  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
23:09:45.0954 0x17a0  ACPI - ok
23:09:45.0965 0x17a0  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
23:09:45.0967 0x17a0  AcpiPmi - ok
23:09:46.0076 0x17a0  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:09:46.0079 0x17a0  AdobeARMservice - ok
23:09:46.0147 0x17a0  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
23:09:46.0174 0x17a0  adp94xx - ok
23:09:46.0224 0x17a0  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
23:09:46.0236 0x17a0  adpahci - ok
23:09:46.0249 0x17a0  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
23:09:46.0253 0x17a0  adpu320 - ok
23:09:46.0270 0x17a0  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
23:09:46.0273 0x17a0  AeLookupSvc - ok
23:09:46.0319 0x17a0  [ 1C7857B62DE5994A75B054A9FD4C3825, 83F963D7E636532B1AD30B1E727EC429317CA540F6EB3BB268FCC0B163B67767 ] AFD             C:\Windows\system32\drivers\afd.sys
23:09:46.0334 0x17a0  AFD - ok
23:09:46.0342 0x17a0  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
23:09:46.0344 0x17a0  agp440 - ok
23:09:46.0370 0x17a0  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
23:09:46.0373 0x17a0  ALG - ok
23:09:46.0386 0x17a0  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
23:09:46.0388 0x17a0  aliide - ok
23:09:46.0392 0x17a0  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
23:09:46.0393 0x17a0  amdide - ok
23:09:46.0404 0x17a0  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
23:09:46.0407 0x17a0  AmdK8 - ok
23:09:46.0410 0x17a0  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
23:09:46.0411 0x17a0  AmdPPM - ok
23:09:46.0417 0x17a0  [ 6EC6D772EAE38DC17C14AED9B178D24B, B4FB936B31B1265B8CC6B426C64965C34D0CCF1638E645ACD65E88F4AFFC57A6 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
23:09:46.0420 0x17a0  amdsata - ok
23:09:46.0431 0x17a0  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
23:09:46.0435 0x17a0  amdsbs - ok
23:09:46.0445 0x17a0  [ 1142A21DB581A84EA5597B03A26EBAA0, F94EB140D0CD068760D7EB081FF75154C75DAC75E5E24B6DE4E4F9CE65A70343 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
23:09:46.0446 0x17a0  amdxata - ok
23:09:46.0455 0x17a0  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
23:09:46.0457 0x17a0  AppID - ok
23:09:46.0465 0x17a0  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
23:09:46.0467 0x17a0  AppIDSvc - ok
23:09:46.0478 0x17a0  [ 3977D4A871CA0D4F2ED1E7DB46829731, 2AF1C3225994769C3FD25CD7E9603964B035576F25B0B6D91545566E0722FFAA ] Appinfo         C:\Windows\System32\appinfo.dll
23:09:46.0480 0x17a0  Appinfo - ok
23:09:46.0523 0x17a0  [ A5299D04ED225D64CF07A568A3E1BF8C, 6F7E73893127BADC8C9815E9BCC0EB5F6584E254D0D09A0B6A680704C71E0A90 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:09:46.0526 0x17a0  Apple Mobile Device - ok
23:09:46.0565 0x17a0  [ BA957E7ACD2B44FA3B01FAA64F6A9060, 24824B5B50A0F4BD1E41C2A68682E072387E6E4743538A1C72B261430F743597 ] AppleCharger    C:\Windows\system32\DRIVERS\AppleCharger.sys
23:09:46.0576 0x17a0  AppleCharger - ok
23:09:46.0590 0x17a0  [ 95EF7247C50C7241FDAE39A9B3AFF4AE, 6E08FB095C04B2E217B139D6431336C0F24C128A2A83082A3085DC8C44AA247D ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe
23:09:46.0611 0x17a0  AppleChargerSrv - ok
23:09:46.0668 0x17a0  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
23:09:46.0675 0x17a0  AppMgmt - ok
23:09:46.0722 0x17a0  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
23:09:46.0726 0x17a0  arc - ok
23:09:46.0738 0x17a0  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
23:09:46.0744 0x17a0  arcsas - ok
23:09:46.0858 0x17a0  [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
23:09:46.0860 0x17a0  aspnet_state - ok
23:09:46.0886 0x17a0  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
23:09:46.0888 0x17a0  AsyncMac - ok
23:09:46.0899 0x17a0  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
23:09:46.0900 0x17a0  atapi - ok
23:09:46.0937 0x17a0  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:09:46.0953 0x17a0  AudioEndpointBuilder - ok
23:09:46.0969 0x17a0  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
23:09:46.0978 0x17a0  AudioSrv - ok
23:09:47.0032 0x17a0  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
23:09:47.0039 0x17a0  AxInstSV - ok
23:09:47.0090 0x17a0  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
23:09:47.0107 0x17a0  b06bdrv - ok
23:09:47.0154 0x17a0  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
23:09:47.0164 0x17a0  b57nd60a - ok
23:09:47.0182 0x17a0  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
23:09:47.0186 0x17a0  BDESVC - ok
23:09:47.0210 0x17a0  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
23:09:47.0212 0x17a0  Beep - ok
23:09:47.0243 0x17a0  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
23:09:47.0263 0x17a0  BFE - ok
23:09:47.0288 0x17a0  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
23:09:47.0304 0x17a0  BITS - ok
23:09:47.0310 0x17a0  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
23:09:47.0311 0x17a0  blbdrive - ok
23:09:47.0340 0x17a0  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
23:09:47.0352 0x17a0  bowser - ok
23:09:47.0371 0x17a0  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
23:09:47.0373 0x17a0  BrFiltLo - ok
23:09:47.0380 0x17a0  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
23:09:47.0382 0x17a0  BrFiltUp - ok
23:09:47.0409 0x17a0  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
23:09:47.0413 0x17a0  BridgeMP - ok
23:09:47.0432 0x17a0  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
23:09:47.0437 0x17a0  Browser - ok
23:09:47.0453 0x17a0  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
23:09:47.0460 0x17a0  Brserid - ok
23:09:47.0473 0x17a0  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
23:09:47.0476 0x17a0  BrSerWdm - ok
23:09:47.0485 0x17a0  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
23:09:47.0487 0x17a0  BrUsbMdm - ok
23:09:47.0495 0x17a0  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
23:09:47.0496 0x17a0  BrUsbSer - ok
23:09:47.0510 0x17a0  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
23:09:47.0513 0x17a0  BTHMODEM - ok
23:09:47.0526 0x17a0  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
23:09:47.0530 0x17a0  bthserv - ok
23:09:47.0537 0x17a0  catchme - ok
23:09:47.0552 0x17a0  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
23:09:47.0555 0x17a0  cdfs - ok
23:09:47.0582 0x17a0  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
23:09:47.0588 0x17a0  cdrom - ok
23:09:47.0631 0x17a0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
23:09:47.0636 0x17a0  CertPropSvc - ok
23:09:47.0651 0x17a0  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
23:09:47.0653 0x17a0  circlass - ok
23:09:47.0682 0x17a0  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
23:09:47.0691 0x17a0  CLFS - ok
23:09:47.0708 0x17a0  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:09:47.0710 0x17a0  clr_optimization_v2.0.50727_32 - ok
23:09:47.0753 0x17a0  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:09:47.0755 0x17a0  clr_optimization_v2.0.50727_64 - ok
23:09:47.0849 0x17a0  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:09:47.0854 0x17a0  clr_optimization_v4.0.30319_32 - ok
23:09:47.0945 0x17a0  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:09:47.0950 0x17a0  clr_optimization_v4.0.30319_64 - ok
23:09:47.0965 0x17a0  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
23:09:47.0968 0x17a0  CmBatt - ok
23:09:47.0980 0x17a0  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
23:09:47.0983 0x17a0  cmdide - ok
23:09:48.0021 0x17a0  [ 9AC4F97C2D3E93367E2148EA940CD2CD, 530E089E5CF868AECDB2B5548EBE76E0CA98FC74A72897292AB2485734402E3B ] CNG             C:\Windows\system32\Drivers\cng.sys
23:09:48.0037 0x17a0  CNG - ok
23:09:48.0056 0x17a0  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
23:09:48.0058 0x17a0  Compbatt - ok
23:09:48.0083 0x17a0  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
23:09:48.0085 0x17a0  CompositeBus - ok
23:09:48.0100 0x17a0  COMSysApp - ok
23:09:48.0122 0x17a0  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
23:09:48.0124 0x17a0  crcdisk - ok
23:09:48.0156 0x17a0  [ 4F5414602E2544A4554D95517948B705, 50121AD32ACF73F541DF3B655020F7B610B3E7B5E8C7B39D37D5958F28CB376E ] CryptSvc        C:\Windows\system32\cryptsvc.dll
23:09:48.0162 0x17a0  CryptSvc - ok
23:09:48.0191 0x17a0  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
23:09:48.0203 0x17a0  CSC - ok
23:09:48.0229 0x17a0  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
23:09:48.0243 0x17a0  CscService - ok
23:09:48.0314 0x17a0  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
23:09:48.0330 0x17a0  DcomLaunch - ok
23:09:48.0350 0x17a0  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
23:09:48.0356 0x17a0  defragsvc - ok
23:09:48.0398 0x17a0  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
23:09:48.0401 0x17a0  DfsC - ok
23:09:48.0453 0x17a0  [ E0FB647661B59632E3987D40D6F75281, D999CE7FDC788A217E128F059A05216BACD2FD26207362469C55D477C6E0A3EE ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
23:09:48.0458 0x17a0  dg_ssudbus - ok
23:09:48.0507 0x17a0  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
23:09:48.0519 0x17a0  Dhcp - ok
23:09:48.0532 0x17a0  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
23:09:48.0534 0x17a0  discache - ok
23:09:48.0544 0x17a0  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
23:09:48.0546 0x17a0  Disk - ok
23:09:48.0556 0x17a0  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
23:09:48.0558 0x17a0  dmvsc - ok
23:09:48.0595 0x17a0  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
23:09:48.0602 0x17a0  Dnscache - ok
23:09:48.0617 0x17a0  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
23:09:48.0623 0x17a0  dot3svc - ok
23:09:48.0657 0x17a0  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
23:09:48.0661 0x17a0  DPS - ok
23:09:48.0698 0x17a0  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
23:09:48.0699 0x17a0  drmkaud - ok
23:09:48.0744 0x17a0  [ F5BEE30450E18E6B83A5012C100616FD, 44D0577D159FC2BDF4EAD1DC2C7FD14925D075225EF97608CAC52DEE405B08FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
23:09:48.0766 0x17a0  DXGKrnl - ok
23:09:48.0808 0x17a0  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
23:09:48.0811 0x17a0  EapHost - ok
23:09:48.0880 0x17a0  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
23:09:48.0945 0x17a0  ebdrv - ok
23:09:48.0960 0x17a0  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] EFS             C:\Windows\System32\lsass.exe
23:09:48.0962 0x17a0  EFS - ok
23:09:49.0003 0x17a0  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
23:09:49.0013 0x17a0  ehRecvr - ok
23:09:49.0029 0x17a0  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
23:09:49.0031 0x17a0  ehSched - ok
23:09:49.0051 0x17a0  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
23:09:49.0061 0x17a0  elxstor - ok
23:09:49.0076 0x17a0  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
23:09:49.0077 0x17a0  ErrDev - ok
23:09:49.0104 0x17a0  [ 84486624268E078255BC7AA47F0960BC, EC2540698B974572F0AC4A93D57C63295BAF66BF50F7416B9DFF5DE790EBDBE7 ] etdrv           C:\Windows\etdrv.sys
23:09:49.0117 0x17a0  etdrv - ok
23:09:49.0148 0x17a0  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
23:09:49.0160 0x17a0  EventSystem - ok
23:09:49.0174 0x17a0  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
23:09:49.0179 0x17a0  exfat - ok
23:09:49.0191 0x17a0  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
23:09:49.0195 0x17a0  fastfat - ok
23:09:49.0221 0x17a0  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
23:09:49.0234 0x17a0  Fax - ok
23:09:49.0241 0x17a0  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
23:09:49.0243 0x17a0  fdc - ok
23:09:49.0276 0x17a0  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
23:09:49.0278 0x17a0  fdPHost - ok
23:09:49.0291 0x17a0  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
23:09:49.0293 0x17a0  FDResPub - ok
23:09:49.0305 0x17a0  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
23:09:49.0308 0x17a0  FileInfo - ok
23:09:49.0323 0x17a0  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
23:09:49.0326 0x17a0  Filetrace - ok
23:09:49.0334 0x17a0  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
23:09:49.0336 0x17a0  flpydisk - ok
23:09:49.0358 0x17a0  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
23:09:49.0365 0x17a0  FltMgr - ok
23:09:49.0404 0x17a0  [ B4447F606BB19FD8AD0BAFB59B90F5D9, 043E686029DE2710305852E3A416176E400F9FD5FB98E4F2A6F14C060FAABED5 ] FontCache       C:\Windows\system32\FntCache.dll
23:09:49.0433 0x17a0  FontCache - ok
23:09:49.0460 0x17a0  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:09:49.0461 0x17a0  FontCache3.0.0.0 - ok
23:09:49.0470 0x17a0  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
23:09:49.0472 0x17a0  FsDepends - ok
23:09:49.0503 0x17a0  [ 07DA62C960DDCCC2D35836AEAB4FC578, C67A29E928AF59BF7FB573FAC2176C5598F595406AA90DDB4A364A15BC89A6C4 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
23:09:49.0505 0x17a0  fssfltr - ok
23:09:49.0579 0x17a0  [ 28DDEEEC44E988657B732CF404D504CB, 47F83018E5449CDCED3DD447991788EBAAC92C418D4513FBA9408C45E9AB8E7E ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
23:09:49.0600 0x17a0  fsssvc - ok
23:09:49.0624 0x17a0  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
23:09:49.0625 0x17a0  Fs_Rec - ok
23:09:49.0641 0x17a0  [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
23:09:49.0645 0x17a0  fvevol - ok
23:09:49.0656 0x17a0  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
23:09:49.0659 0x17a0  gagp30kx - ok
23:09:49.0684 0x17a0  gdrv - ok
23:09:49.0709 0x17a0  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:09:49.0711 0x17a0  GEARAspiWDM - ok
23:09:49.0747 0x17a0  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
23:09:49.0762 0x17a0  gpsvc - ok
23:09:49.0794 0x17a0  [ 8126331FBD4ED29EB3B356F9C905064D, A58BCE904591DD762410E99960FD956FB579C2CE78FA7BF1406075D29537EF82 ] GVTDrv64        C:\Windows\GVTDrv64.sys
23:09:49.0801 0x17a0  GVTDrv64 - ok
23:09:49.0821 0x17a0  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
23:09:49.0822 0x17a0  hcw85cir - ok
23:09:49.0857 0x17a0  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:09:49.0870 0x17a0  HdAudAddService - ok
23:09:49.0916 0x17a0  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
23:09:49.0922 0x17a0  HDAudBus - ok
23:09:49.0933 0x17a0  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
23:09:49.0935 0x17a0  HidBatt - ok
23:09:49.0948 0x17a0  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
23:09:49.0953 0x17a0  HidBth - ok
23:09:49.0966 0x17a0  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
23:09:49.0968 0x17a0  HidIr - ok
23:09:49.0980 0x17a0  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
23:09:49.0983 0x17a0  hidserv - ok
23:09:50.0008 0x17a0  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
23:09:50.0010 0x17a0  HidUsb - ok
23:09:50.0025 0x17a0  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
23:09:50.0029 0x17a0  hkmsvc - ok
23:09:50.0051 0x17a0  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:09:50.0059 0x17a0  HomeGroupListener - ok
23:09:50.0083 0x17a0  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:09:50.0090 0x17a0  HomeGroupProvider - ok
23:09:50.0101 0x17a0  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
23:09:50.0105 0x17a0  HpSAMD - ok
23:09:50.0138 0x17a0  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
23:09:50.0156 0x17a0  HTTP - ok
23:09:50.0159 0x17a0  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
23:09:50.0160 0x17a0  hwpolicy - ok
23:09:50.0182 0x17a0  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
23:09:50.0188 0x17a0  i8042prt - ok
23:09:50.0207 0x17a0  [ 3DF4395A7CF8B7A72A5F4606366B8C2D, 483588B8FC6E05488ED631C4E1CFC398553FEBFA2CD2BB527B4DF12D19774F80 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
23:09:50.0216 0x17a0  iaStorV - ok
23:09:50.0268 0x17a0  [ 929DF302F15BFE24AC66EF45D858C413, 7FC0142EABEB74344D85D3912BC311F37D4136F24C93572E5199E25B40646615 ] IDMWFP          C:\Windows\system32\DRIVERS\idmwfp.sys
23:09:50.0274 0x17a0  IDMWFP - ok
23:09:50.0332 0x17a0  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
23:09:50.0335 0x17a0  IDriverT - ok
23:09:50.0389 0x17a0  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:09:50.0406 0x17a0  idsvc - ok
23:09:50.0420 0x17a0  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
23:09:50.0422 0x17a0  iirsp - ok
23:09:50.0478 0x17a0  [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT          C:\Windows\System32\ikeext.dll
23:09:50.0501 0x17a0  IKEEXT - ok
23:09:50.0639 0x17a0  [ C2F868881D48A568B525255F084EF063, EFB1704AE223CF886EDA5F1411C8178EDE4B5E1F7EE373E3DA89A6EA1A57D91D ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
23:09:50.0694 0x17a0  IntcAzAudAddService - ok
23:09:50.0707 0x17a0  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
23:09:50.0708 0x17a0  intelide - ok
23:09:50.0722 0x17a0  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
23:09:50.0723 0x17a0  intelppm - ok
23:09:50.0736 0x17a0  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
23:09:50.0739 0x17a0  IPBusEnum - ok
23:09:50.0748 0x17a0  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:09:50.0751 0x17a0  IpFilterDriver - ok
23:09:50.0812 0x17a0  [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
23:09:50.0829 0x17a0  iphlpsvc - ok
23:09:50.0840 0x17a0  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
23:09:50.0843 0x17a0  IPMIDRV - ok
23:09:50.0891 0x17a0  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
23:09:50.0896 0x17a0  IPNAT - ok
23:09:50.0978 0x17a0  [ 6E50CFA46527B39015B750AAD161C5CC, 93F99EF7771C56EBE41FBC0C668F686644FBDF94E31456D3F5A9A8AE2F70EAB6 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
23:09:50.0994 0x17a0  iPod Service - ok
23:09:51.0007 0x17a0  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
23:09:51.0009 0x17a0  IRENUM - ok
23:09:51.0015 0x17a0  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
23:09:51.0017 0x17a0  isapnp - ok
23:09:51.0027 0x17a0  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
23:09:51.0032 0x17a0  iScsiPrt - ok
23:09:51.0042 0x17a0  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
23:09:51.0043 0x17a0  kbdclass - ok
23:09:51.0079 0x17a0  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
23:09:51.0082 0x17a0  kbdhid - ok
23:09:51.0094 0x17a0  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] KeyIso          C:\Windows\system32\lsass.exe
23:09:51.0096 0x17a0  KeyIso - ok
23:09:51.0126 0x17a0  [ 97A7070AEA4C058B6418519E869A63B4, 15345C2D6CA159BD498002974A0BD21CAB611124D85E3320248B47652AEF23C8 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
23:09:51.0129 0x17a0  KSecDD - ok
23:09:51.0143 0x17a0  [ 26C43A7C2862447EC59DEDA188D1DA07, 5363BF87E650FE2010ACA9417D6920FF4ED752256FF47732882E9B2BA1ED154B ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
23:09:51.0148 0x17a0  KSecPkg - ok
23:09:51.0161 0x17a0  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
23:09:51.0162 0x17a0  ksthunk - ok
23:09:51.0207 0x17a0  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
23:09:51.0221 0x17a0  KtmRm - ok
23:09:51.0262 0x17a0  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
23:09:51.0272 0x17a0  LanmanServer - ok
23:09:51.0312 0x17a0  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:09:51.0318 0x17a0  LanmanWorkstation - ok
23:09:51.0333 0x17a0  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
23:09:51.0337 0x17a0  lltdio - ok
23:09:51.0371 0x17a0  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
23:09:51.0381 0x17a0  lltdsvc - ok
23:09:51.0388 0x17a0  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
23:09:51.0390 0x17a0  lmhosts - ok
23:09:51.0459 0x17a0  [ 0803906D607A9B83184447B75B60ECC2, A7A599C4CEDD4AC4196A558442E80B4F852AF6C6104A53C8819A79AA5D388DE8 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
23:09:51.0468 0x17a0  LMS - ok
23:09:51.0499 0x17a0  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
23:09:51.0503 0x17a0  LSI_FC - ok
23:09:51.0519 0x17a0  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
23:09:51.0523 0x17a0  LSI_SAS - ok
23:09:51.0528 0x17a0  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
23:09:51.0530 0x17a0  LSI_SAS2 - ok
23:09:51.0540 0x17a0  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
23:09:51.0544 0x17a0  LSI_SCSI - ok
23:09:51.0555 0x17a0  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
23:09:51.0558 0x17a0  luafv - ok
23:09:51.0599 0x17a0  [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
23:09:51.0600 0x17a0  MBAMProtector - ok
23:09:51.0688 0x17a0  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
23:09:51.0701 0x17a0  MBAMScheduler - ok
23:09:51.0764 0x17a0  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
23:09:51.0781 0x17a0  MBAMService - ok
23:09:51.0800 0x17a0  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
23:09:51.0807 0x17a0  Mcx2Svc - ok
23:09:51.0838 0x17a0  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
23:09:51.0841 0x17a0  megasas - ok
23:09:51.0862 0x17a0  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
23:09:51.0872 0x17a0  MegaSR - ok
23:09:51.0890 0x17a0  [ 1C6E73FC46B509EFF9D0086AA37132DF, B4FB5512D75112C553FC22593F6123A7C9B9B7825D40148F604CCEFEB149FD97 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
23:09:51.0892 0x17a0  MEIx64 - ok
23:09:51.0948 0x17a0  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
23:09:51.0951 0x17a0  Microsoft Office Groove Audit Service - ok
23:09:51.0957 0x17a0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
23:09:51.0961 0x17a0  MMCSS - ok
23:09:51.0975 0x17a0  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
23:09:51.0977 0x17a0  Modem - ok
23:09:52.0004 0x17a0  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
23:09:52.0053 0x17a0  monitor - ok
23:09:52.0072 0x17a0  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
23:09:52.0074 0x17a0  mouclass - ok
23:09:52.0109 0x17a0  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
23:09:52.0112 0x17a0  mouhid - ok
23:09:52.0120 0x17a0  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
23:09:52.0124 0x17a0  mountmgr - ok
23:09:52.0178 0x17a0  [ A35576A433F4AEB0D48976A004657CB6, F820A759119785C3FB10B0EDCF8EF9985886A9B0767ABD45B2ACAC03498B321E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:09:52.0181 0x17a0  MozillaMaintenance - ok
23:09:52.0218 0x17a0  [ 94C66EDEDCDB6A126880472F9A704D8E, 05CE09C82EC4DA26934888789837F0F1A58DB2D7CE3E073EFD48AB326A275F5A ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
23:09:52.0226 0x17a0  MpFilter - ok
23:09:52.0246 0x17a0  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
23:09:52.0252 0x17a0  mpio - ok
23:09:52.0309 0x17a0  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
23:09:52.0313 0x17a0  mpsdrv - ok
23:09:52.0395 0x17a0  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
23:09:52.0414 0x17a0  MpsSvc - ok
23:09:52.0431 0x17a0  [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
23:09:52.0434 0x17a0  MRxDAV - ok
23:09:52.0476 0x17a0  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
23:09:52.0482 0x17a0  mrxsmb - ok
23:09:52.0501 0x17a0  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:09:52.0512 0x17a0  mrxsmb10 - ok
23:09:52.0551 0x17a0  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:09:52.0557 0x17a0  mrxsmb20 - ok
23:09:52.0571 0x17a0  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
23:09:52.0574 0x17a0  msahci - ok
23:09:52.0586 0x17a0  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
23:09:52.0592 0x17a0  msdsm - ok
23:09:52.0605 0x17a0  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
23:09:52.0610 0x17a0  MSDTC - ok
23:09:52.0633 0x17a0  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
23:09:52.0635 0x17a0  Msfs - ok
23:09:52.0665 0x17a0  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
23:09:52.0667 0x17a0  mshidkmdf - ok
23:09:52.0675 0x17a0  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
23:09:52.0676 0x17a0  msisadrv - ok
23:09:52.0691 0x17a0  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
23:09:52.0695 0x17a0  MSiSCSI - ok
23:09:52.0698 0x17a0  msiserver - ok
23:09:52.0716 0x17a0  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
23:09:52.0717 0x17a0  MSKSSRV - ok
23:09:52.0795 0x17a0  [ 59FAAF2C83C8169EA20F9E335E418907, 019A5F7E68A62A6958525226ABB21CA3AEAF7CDD9332B199AF8EDE2528B348D3 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
23:09:52.0796 0x17a0  MsMpSvc - ok
23:09:52.0834 0x17a0  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
23:09:52.0835 0x17a0  MSPCLOCK - ok
23:09:52.0849 0x17a0  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
23:09:52.0850 0x17a0  MSPQM - ok
23:09:52.0868 0x17a0  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
23:09:52.0877 0x17a0  MsRPC - ok
23:09:52.0891 0x17a0  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
23:09:52.0892 0x17a0  mssmbios - ok
23:09:52.0898 0x17a0  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
23:09:52.0899 0x17a0  MSTEE - ok
23:09:52.0911 0x17a0  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
23:09:52.0913 0x17a0  MTConfig - ok
23:09:52.0923 0x17a0  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
23:09:52.0925 0x17a0  Mup - ok
23:09:52.0942 0x17a0  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
23:09:52.0952 0x17a0  napagent - ok
23:09:52.0967 0x17a0  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
23:09:52.0973 0x17a0  NativeWifiP - ok
23:09:53.0062 0x17a0  [ B498A14133BD09AD0817590ACE4470AD, 14CCC922C6596C97A5CF580209C4AFB6138A8FFD3A0E60CD506810DFCBC43A1A ] NBService       C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
23:09:53.0075 0x17a0  NBService - ok
23:09:53.0115 0x17a0  ncvet.dll - ok
23:09:53.0174 0x17a0  [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB55FD3EB992FF2D ] NDIS            C:\Windows\system32\drivers\ndis.sys
23:09:53.0192 0x17a0  NDIS - ok
23:09:53.0217 0x17a0  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
23:09:53.0219 0x17a0  NdisCap - ok
23:09:53.0229 0x17a0  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
23:09:53.0230 0x17a0  NdisTapi - ok
23:09:53.0246 0x17a0  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
23:09:53.0249 0x17a0  Ndisuio - ok
23:09:53.0260 0x17a0  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
23:09:53.0263 0x17a0  NdisWan - ok
23:09:53.0267 0x17a0  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
23:09:53.0268 0x17a0  NDProxy - ok
23:09:53.0281 0x17a0  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
23:09:53.0282 0x17a0  NetBIOS - ok
23:09:53.0295 0x17a0  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
23:09:53.0300 0x17a0  NetBT - ok
23:09:53.0319 0x17a0  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] Netlogon        C:\Windows\system32\lsass.exe
23:09:53.0320 0x17a0  Netlogon - ok
23:09:53.0348 0x17a0  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
23:09:53.0355 0x17a0  Netman - ok
23:09:53.0431 0x17a0  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:09:53.0435 0x17a0  NetMsmqActivator - ok
23:09:53.0442 0x17a0  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:09:53.0445 0x17a0  NetPipeActivator - ok
23:09:53.0470 0x17a0  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
23:09:53.0480 0x17a0  netprofm - ok
23:09:53.0505 0x17a0  netr28ux - ok
23:09:53.0510 0x17a0  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:09:53.0512 0x17a0  NetTcpActivator - ok
23:09:53.0516 0x17a0  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:09:53.0519 0x17a0  NetTcpPortSharing - ok
23:09:53.0539 0x17a0  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
23:09:53.0542 0x17a0  nfrd960 - ok
23:09:53.0590 0x17a0  [ 91B4E0273D2F6C24EF845F2B41311289, F88594C359A591935561D1ABB4E26B770EA509F0623C10D60D054BCCF8B84660 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
23:09:53.0600 0x17a0  NisDrv - ok
23:09:53.0618 0x17a0  [ 10A43829A9E606AF3EEF25A1C1665923, 84071155939CBE0DB3AD7BB2D916B47103333893258F1B64CAB82E61C6CEF79D ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
23:09:53.0626 0x17a0  NisSrv - ok
23:09:53.0648 0x17a0  [ 1EE99A89CC788ADA662441D1E9830529, 6B4FDD74BB81E12BD4B25A3E8AECB0FA77FA0075D454DD1D6DC1790ADF1F2AA8 ] NlaSvc          C:\Windows\System32\nlasvc.dll
23:09:53.0657 0x17a0  NlaSvc - ok
23:09:53.0691 0x17a0  [ A328A46D87BB92CE4D8A4528E9D84787, D3245ED700151111592BA82FB675B284DA7FCE52B07A7F68352F64A402CAB37C ] NMIndexingService C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
23:09:53.0696 0x17a0  NMIndexingService - ok
23:09:53.0700 0x17a0  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
23:09:53.0701 0x17a0  Npfs - ok
23:09:53.0704 0x17a0  npggsvc - ok
23:09:53.0716 0x17a0  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
23:09:53.0718 0x17a0  nsi - ok
23:09:53.0722 0x17a0  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
23:09:53.0723 0x17a0  nsiproxy - ok
23:09:53.0760 0x17a0  [ 05D78AA5CB5F3F5C31160BDB955D0B7C, E3CD3FAF52ED11A8FB96D667510F1EDCA49053705AA3A13F560F8F6EC995CA45 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
23:09:53.0794 0x17a0  Ntfs - ok
23:09:53.0807 0x17a0  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
23:09:53.0807 0x17a0  Null - ok
23:09:53.0848 0x17a0  [ E366A5681C50785D4ED04FCFD65C3415, 7FF7B4B8F09E773401AE879897E60BF494B57B9ACEE990204A4C98A3FB183A33 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
23:09:53.0851 0x17a0  NVHDA - ok
23:09:54.0137 0x17a0  [ 0218E1CE8F7B5D404980192B9112D03A, 30BFBDC8F4BFF9DCAE71940AFD3F3E8CCC71C950F3B4A9717A70FF667F6DDC9E ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:09:54.0307 0x17a0  nvlddmkm - ok
23:09:54.0441 0x17a0  [ 1C7C6D7481CABD4EF38A81F5B68F02E8, C4FBE81B8A3F280EEAC282D76626E849197EDEEC8C755B7B12E3594776390DE7 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
23:09:54.0461 0x17a0  NvNetworkService - ok
23:09:54.0506 0x17a0  [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48, 7738785DE8B50D69993F4408498B812D0283FEE5C04FF5B89C20F149B44E9737 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
23:09:54.0512 0x17a0  nvraid - ok
23:09:54.0551 0x17a0  [ F7CD50FE7139F07E77DA8AC8033D1832, DA96F4B15C8165E6AE1D00E03A062C66CA3A3089E4FF0E9E11CE00B154DD12EC ] nvstor          C:\Windows\system32\drivers\nvstor.sys
23:09:54.0558 0x17a0  nvstor - ok
23:09:54.0892 0x17a0  [ 7A03646D5330A790A9D47D9F9C38758D, D22F100BBB94C45468ADD301CC96C15365FEAEC9FE820AA4E7AB1A7AF486E3B0 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
23:09:55.0096 0x17a0  NvStreamSvc - ok
23:09:55.0156 0x17a0  [ B7973C405247C5A44BA46B12A4B7AEEA, DF25E4CB7093EFF528C47A51C68CD1B0A93AE273D078804B7E09E74163753AA8 ] nvsvc           C:\Windows\system32\nvvsvc.exe
23:09:55.0173 0x17a0  nvsvc - ok
23:09:55.0192 0x17a0  [ 09216A70CC364D0974F606F6F2109210, 60877154D4DF5287D1989CDAA9863CD6DACA528D06233238498854A10C868C20 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
23:09:55.0193 0x17a0  nvvad_WaveExtensible - ok
23:09:55.0220 0x17a0  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
23:09:55.0230 0x17a0  nv_agp - ok
23:09:55.0284 0x17a0  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:09:55.0298 0x17a0  odserv - ok
23:09:55.0337 0x17a0  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
23:09:55.0348 0x17a0  ohci1394 - ok
23:09:55.0396 0x17a0  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:09:55.0401 0x17a0  ose - ok
23:09:55.0426 0x17a0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
23:09:55.0437 0x17a0  p2pimsvc - ok
23:09:55.0455 0x17a0  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
23:09:55.0467 0x17a0  p2psvc - ok
23:09:55.0495 0x17a0  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
23:09:55.0499 0x17a0  Parport - ok
23:09:55.0533 0x17a0  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
23:09:55.0535 0x17a0  partmgr - ok
23:09:55.0546 0x17a0  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
23:09:55.0554 0x17a0  PcaSvc - ok
23:09:55.0575 0x17a0  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
23:09:55.0581 0x17a0  pci - ok
23:09:55.0593 0x17a0  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
23:09:55.0594 0x17a0  pciide - ok
23:09:55.0615 0x17a0  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
23:09:55.0622 0x17a0  pcmcia - ok
23:09:55.0631 0x17a0  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
23:09:55.0633 0x17a0  pcw - ok
23:09:55.0690 0x17a0  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
23:09:55.0705 0x17a0  PEAUTH - ok
23:09:55.0749 0x17a0  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
23:09:55.0782 0x17a0  PeerDistSvc - ok
23:09:55.0832 0x17a0  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
23:09:55.0833 0x17a0  PerfHost - ok
23:09:55.0875 0x17a0  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
23:09:55.0908 0x17a0  pla - ok
23:09:55.0954 0x17a0  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
23:09:55.0962 0x17a0  PlugPlay - ok
23:09:55.0976 0x17a0  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
23:09:55.0978 0x17a0  PNRPAutoReg - ok
23:09:55.0986 0x17a0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
23:09:55.0992 0x17a0  PNRPsvc - ok
23:09:56.0012 0x17a0  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
23:09:56.0022 0x17a0  PolicyAgent - ok
23:09:56.0037 0x17a0  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
23:09:56.0041 0x17a0  Power - ok
23:09:56.0088 0x17a0  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
23:09:56.0093 0x17a0  PptpMiniport - ok
23:09:56.0107 0x17a0  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
23:09:56.0111 0x17a0  Processor - ok
23:09:56.0141 0x17a0  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
23:09:56.0149 0x17a0  ProfSvc - ok
23:09:56.0161 0x17a0  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] ProtectedStorage C:\Windows\system32\lsass.exe
23:09:56.0163 0x17a0  ProtectedStorage - ok
23:09:56.0187 0x17a0  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
23:09:56.0192 0x17a0  Psched - ok
23:09:56.0214 0x17a0  [ FB46E9A827A8799EBD7BFA9128C91F37, 7C40E9C1720522D76AF45A588DFF47BDF0E2A99AF3A396854A00F1273EA13193 ] PSI             C:\Windows\system32\DRIVERS\psi_mf.sys
23:09:56.0223 0x17a0  PSI - ok
23:09:56.0298 0x17a0  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
23:09:56.0332 0x17a0  ql2300 - ok
23:09:56.0350 0x17a0  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
23:09:56.0353 0x17a0  ql40xx - ok
23:09:56.0369 0x17a0  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
23:09:56.0374 0x17a0  QWAVE - ok
23:09:56.0389 0x17a0  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
23:09:56.0391 0x17a0  QWAVEdrv - ok
23:09:56.0399 0x17a0  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
23:09:56.0401 0x17a0  RasAcd - ok
23:09:56.0420 0x17a0  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
23:09:56.0422 0x17a0  RasAgileVpn - ok
23:09:56.0430 0x17a0  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
23:09:56.0433 0x17a0  RasAuto - ok
23:09:56.0445 0x17a0  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
23:09:56.0448 0x17a0  Rasl2tp - ok
23:09:56.0465 0x17a0  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
23:09:56.0473 0x17a0  RasMan - ok
23:09:56.0498 0x17a0  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
23:09:56.0501 0x17a0  RasPppoe - ok
23:09:56.0515 0x17a0  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
23:09:56.0520 0x17a0  RasSstp - ok
23:09:56.0536 0x17a0  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
23:09:56.0543 0x17a0  rdbss - ok
23:09:56.0550 0x17a0  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
23:09:56.0552 0x17a0  rdpbus - ok
23:09:56.0595 0x17a0  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
23:09:56.0606 0x17a0  RDPCDD - ok
23:09:56.0697 0x17a0  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
23:09:56.0704 0x17a0  RDPDR - ok
23:09:56.0708 0x17a0  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
23:09:56.0709 0x17a0  RDPENCDD - ok
23:09:56.0734 0x17a0  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
23:09:56.0735 0x17a0  RDPREFMP - ok
23:09:56.0782 0x17a0  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
23:09:56.0790 0x17a0  RDPWD - ok
23:09:56.0810 0x17a0  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
23:09:56.0817 0x17a0  rdyboost - ok
23:09:56.0884 0x17a0  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
23:09:56.0890 0x17a0  RemoteAccess - ok
23:09:56.0906 0x17a0  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
23:09:56.0912 0x17a0  RemoteRegistry - ok
23:09:56.0927 0x17a0  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
23:09:56.0931 0x17a0  RpcEptMapper - ok
23:09:56.0934 0x17a0  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
23:09:56.0935 0x17a0  RpcLocator - ok
23:09:56.0959 0x17a0  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
23:09:56.0968 0x17a0  RpcSs - ok
23:09:57.0000 0x17a0  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
23:09:57.0002 0x17a0  rspndr - ok
23:09:57.0057 0x17a0  [ 9140DB0911DE035FED0A9A77A2D156EA, 07C9D7E2978062ABD84B58B390360D4C0F72C6A5A2310444579DC095943BD008 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
23:09:57.0073 0x17a0  RTL8167 - ok
23:09:57.0090 0x17a0  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
23:09:57.0091 0x17a0  s3cap - ok
23:09:57.0094 0x17a0  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] SamSs           C:\Windows\system32\lsass.exe
23:09:57.0095 0x17a0  SamSs - ok
23:09:57.0111 0x17a0  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
23:09:57.0113 0x17a0  sbp2port - ok
23:09:57.0128 0x17a0  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
23:09:57.0133 0x17a0  SCardSvr - ok
23:09:57.0157 0x17a0  [ 4B12E2E559641B0F26474BBC6D7CFAFF, 33DD2EE9CE8F2E7F387A24F1D680D064CD5ECF474AF3C31E2F9AE58570F4B133 ] SCDEmu          C:\Windows\system32\drivers\SCDEmu.sys
23:09:57.0171 0x17a0  SCDEmu - ok
23:09:57.0180 0x17a0  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
23:09:57.0182 0x17a0  scfilter - ok
23:09:57.0217 0x17a0  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
23:09:57.0242 0x17a0  Schedule - ok
23:09:57.0263 0x17a0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
23:09:57.0265 0x17a0  SCPolicySvc - ok
23:09:57.0329 0x17a0  [ 958E956E119EB7B9ABA142AFED1B5FF4, DB76B53124C91C959AF6F6E3FA8BEE4B74C1D7CB4684CD88380270CFF3C4469F ] ScsiAccess      C:\Program Files (x86)\Photodex\ProShow Gold\ScsiAccess.exe
23:09:57.0356 0x17a0  ScsiAccess - ok
23:09:57.0396 0x17a0  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
23:09:57.0402 0x17a0  SDRSVC - ok
23:09:57.0410 0x17a0  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
23:09:57.0412 0x17a0  secdrv - ok
23:09:57.0417 0x17a0  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
23:09:57.0420 0x17a0  seclogon - ok
23:09:57.0495 0x17a0  [ 9044795E9D1A912D5F1B8DF6211850FD, 9AFE4E9B5C3E7F911A3E0397678CB1783C99AFB0964D104676B71A0C46CB08A4 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
23:09:57.0561 0x17a0  Secunia PSI Agent - ok
23:09:57.0590 0x17a0  [ 8B1A72E4FB63A9C068B08E1F9B70482A, 32A529B3595C95A4306B7A4C199940F88D56B5563BE040478AF1963BBDED0394 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
23:09:57.0646 0x17a0  Secunia Update Agent - ok
23:09:57.0694 0x17a0  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
23:09:57.0698 0x17a0  SENS - ok
23:09:57.0711 0x17a0  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
23:09:57.0715 0x17a0  SensrSvc - ok
23:09:57.0734 0x17a0  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
23:09:57.0736 0x17a0  Serenum - ok
23:09:57.0771 0x17a0  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
23:09:57.0781 0x17a0  Serial - ok
23:09:57.0822 0x17a0  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
23:09:57.0823 0x17a0  sermouse - ok
23:09:57.0835 0x17a0  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
23:09:57.0839 0x17a0  SessionEnv - ok
23:09:57.0848 0x17a0  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
23:09:57.0850 0x17a0  sffdisk - ok
23:09:57.0857 0x17a0  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
23:09:57.0859 0x17a0  sffp_mmc - ok
23:09:57.0871 0x17a0  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
23:09:57.0873 0x17a0  sffp_sd - ok
23:09:57.0884 0x17a0  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
23:09:57.0885 0x17a0  sfloppy - ok
23:09:57.0943 0x17a0  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
23:09:57.0952 0x17a0  SharedAccess - ok
23:09:57.0965 0x17a0  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:09:57.0974 0x17a0  ShellHWDetection - ok
23:09:58.0024 0x17a0  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
23:09:58.0027 0x17a0  SiSRaid2 - ok
23:09:58.0045 0x17a0  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
23:09:58.0050 0x17a0  SiSRaid4 - ok
23:09:58.0088 0x17a0  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
23:09:58.0092 0x17a0  Smb - ok
23:09:58.0111 0x17a0  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
23:09:58.0114 0x17a0  SNMPTRAP - ok
23:09:58.0122 0x17a0  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
23:09:58.0123 0x17a0  spldr - ok
23:09:58.0147 0x17a0  [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler         C:\Windows\System32\spoolsv.exe
23:09:58.0161 0x17a0  Spooler - ok
23:09:58.0236 0x17a0  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
23:09:58.0309 0x17a0  sppsvc - ok
23:09:58.0320 0x17a0  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
23:09:58.0323 0x17a0  sppuinotify - ok
23:09:58.0360 0x17a0  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
23:09:58.0368 0x17a0  srv - ok
23:09:58.0383 0x17a0  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
23:09:58.0391 0x17a0  srv2 - ok
23:09:58.0405 0x17a0  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
23:09:58.0409 0x17a0  srvnet - ok
23:09:58.0423 0x17a0  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
23:09:58.0428 0x17a0  SSDPSRV - ok
23:09:58.0436 0x17a0  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
23:09:58.0438 0x17a0  SstpSvc - ok
23:09:58.0464 0x17a0  [ 6A87E01028D7594BD58EB47DABD8CEAE, 2D0B1E9CD01FB90B92F4D8C0AF878BBDD3D9F978E11C06D3C6E06B39F352B58B ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
23:09:58.0468 0x17a0  ssudmdm - ok
23:09:58.0534 0x17a0  [ EACEC497A6496E2A280348AD67ACF280, DAC7141A072FC83274612BC228DA6E014C371707FC76832470604ACDD5BF4BE3 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
23:09:58.0544 0x17a0  Stereo Service - ok
23:09:58.0551 0x17a0  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
23:09:58.0553 0x17a0  stexstor - ok
23:09:58.0582 0x17a0  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
23:09:58.0599 0x17a0  stisvc - ok
23:09:58.0615 0x17a0  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
23:09:58.0616 0x17a0  storflt - ok
23:09:58.0641 0x17a0  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
23:09:58.0645 0x17a0  StorSvc - ok
23:09:58.0659 0x17a0  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
23:09:58.0662 0x17a0  storvsc - ok
23:09:58.0665 0x17a0  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
23:09:58.0666 0x17a0  swenum - ok
23:09:58.0755 0x17a0  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
23:09:58.0766 0x17a0  SwitchBoard - ok
23:09:58.0847 0x17a0  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
23:09:58.0864 0x17a0  swprv - ok
23:09:58.0903 0x17a0  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
23:09:58.0945 0x17a0  SysMain - ok
23:09:58.0959 0x17a0  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:09:58.0963 0x17a0  TabletInputService - ok
23:09:58.0981 0x17a0  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
23:09:58.0988 0x17a0  TapiSrv - ok
23:09:58.0999 0x17a0  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
23:09:59.0001 0x17a0  TBS - ok
23:09:59.0080 0x17a0  [ ACB82BDA8F46C84F465C1AFA517DC4B9, DE785AC33A0D63699E5E3E85E4C33694A15FBC9B93D432E8865C88E44CDF3E17 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
23:09:59.0125 0x17a0  Tcpip - ok
23:09:59.0166 0x17a0  [ ACB82BDA8F46C84F465C1AFA517DC4B9, DE785AC33A0D63699E5E3E85E4C33694A15FBC9B93D432E8865C88E44CDF3E17 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
23:09:59.0192 0x17a0  TCPIP6 - ok
23:09:59.0199 0x17a0  [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
23:09:59.0200 0x17a0  tcpipreg - ok
23:09:59.0213 0x17a0  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
23:09:59.0215 0x17a0  TDPIPE - ok
23:09:59.0229 0x17a0  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
23:09:59.0230 0x17a0  TDTCP - ok
23:09:59.0244 0x17a0  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
23:09:59.0249 0x17a0  tdx - ok
23:09:59.0278 0x17a0  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
23:09:59.0281 0x17a0  TermDD - ok
23:09:59.0327 0x17a0  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
23:09:59.0344 0x17a0  TermService - ok
23:09:59.0360 0x17a0  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
23:09:59.0363 0x17a0  Themes - ok
23:09:59.0389 0x17a0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
23:09:59.0392 0x17a0  THREADORDER - ok
23:09:59.0405 0x17a0  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
23:09:59.0412 0x17a0  TrkWks - ok
23:09:59.0449 0x17a0  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:09:59.0455 0x17a0  TrustedInstaller - ok
23:09:59.0472 0x17a0  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30, CA302C2ED6A6BF4670BAAA4F5C14C0238CF0C80316856AA0DB053F4D593033AC ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
23:09:59.0474 0x17a0  tssecsrv - ok
23:09:59.0490 0x17a0  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
23:09:59.0494 0x17a0  TsUsbFlt - ok
23:09:59.0508 0x17a0  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
23:09:59.0511 0x17a0  TsUsbGD - ok
23:09:59.0538 0x17a0  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
23:09:59.0545 0x17a0  tunnel - ok
23:09:59.0557 0x17a0  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
23:09:59.0561 0x17a0  uagp35 - ok
23:09:59.0581 0x17a0  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
23:09:59.0591 0x17a0  udfs - ok
23:09:59.0608 0x17a0  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
23:09:59.0612 0x17a0  UI0Detect - ok
23:09:59.0635 0x17a0  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
23:09:59.0637 0x17a0  uliagpkx - ok
23:09:59.0641 0x17a0  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
23:09:59.0643 0x17a0  umbus - ok
23:09:59.0652 0x17a0  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
23:09:59.0653 0x17a0  UmPass - ok
23:09:59.0677 0x17a0  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
23:09:59.0683 0x17a0  UmRdpService - ok
23:09:59.0781 0x17a0  [ EB79C6C91A99930015EF29AE7FA802D1, 96D00BA330854C7763BF385D84D47C3D1B87C4085A91D73B558C86829930DC4B ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
23:09:59.0819 0x17a0  UNS - ok
23:09:59.0852 0x17a0  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
23:09:59.0859 0x17a0  upnphost - ok
23:09:59.0907 0x17a0  [ AF1B9474D67897D0C2CFF58E0ACEACCC, 5ED9836EC7BEEB6706C327EF199E9B674863ED8C83890DDE5E5A6554C2DA5288 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
23:09:59.0910 0x17a0  USBAAPL64 - ok
23:09:59.0934 0x17a0  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A, DE1CDDEEF2285CC8387E88ACB13C000576DC8819DF6DC648C988068B5C83BB15 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
23:09:59.0939 0x17a0  usbaudio - ok
23:09:59.0975 0x17a0  [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829, 5D6E404FE0AB875202CA1A3E8E9D2F4368DF6ACCFA1C872ECFAF8399CBA3A485 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
23:09:59.0979 0x17a0  usbccgp - ok
23:09:59.0994 0x17a0  [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
23:10:00.0004 0x17a0  usbcir - ok
23:10:00.0021 0x17a0  [ 74EE782B1D9C241EFE425565854C661C, E8258EA65B0FCAD4E077B176E9D9324646B652D6E651241E397346A39770D065 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
23:10:00.0024 0x17a0  usbehci - ok
23:10:00.0041 0x17a0  [ DC96BD9CCB8403251BCF25047573558E, 66EBF8A6B3BC0634F32DDCC8BA31F1EB5987E8C6853E1DC26005E3EED0945565 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
23:10:00.0051 0x17a0  usbhub - ok
23:10:00.0071 0x17a0  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
23:10:00.0073 0x17a0  usbohci - ok
23:10:00.0083 0x17a0  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
23:10:00.0085 0x17a0  usbprint - ok
23:10:00.0096 0x17a0  [ D76510CFA0FC09023077F22C2F979D86, 5662281C6D515423255D3C262EA368DBAFC250235E535FBFA3E59D3487695439 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:10:00.0107 0x17a0  USBSTOR - ok
23:10:00.0120 0x17a0  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
23:10:00.0122 0x17a0  usbuhci - ok
23:10:00.0133 0x17a0  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
23:10:00.0136 0x17a0  UxSms - ok
23:10:00.0144 0x17a0  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] VaultSvc        C:\Windows\system32\lsass.exe
23:10:00.0145 0x17a0  VaultSvc - ok
23:10:00.0154 0x17a0  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
23:10:00.0155 0x17a0  vdrvroot - ok
23:10:00.0177 0x17a0  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
23:10:00.0188 0x17a0  vds - ok
23:10:00.0196 0x17a0  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
23:10:00.0198 0x17a0  vga - ok
23:10:00.0211 0x17a0  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
23:10:00.0213 0x17a0  VgaSave - ok
23:10:00.0227 0x17a0  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
23:10:00.0232 0x17a0  vhdmp - ok
23:10:00.0239 0x17a0  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
23:10:00.0241 0x17a0  viaide - ok
23:10:00.0256 0x17a0  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
23:10:00.0260 0x17a0  vmbus - ok
23:10:00.0268 0x17a0  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
23:10:00.0269 0x17a0  VMBusHID - ok
23:10:00.0294 0x17a0  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
23:10:00.0296 0x17a0  volmgr - ok
23:10:00.0313 0x17a0  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
23:10:00.0320 0x17a0  volmgrx - ok
23:10:00.0334 0x17a0  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
23:10:00.0340 0x17a0  volsnap - ok
23:10:00.0356 0x17a0  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
23:10:00.0360 0x17a0  vsmraid - ok
23:10:00.0400 0x17a0  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
23:10:00.0433 0x17a0  VSS - ok
23:10:00.0497 0x17a0  [ B6B68B3CDA4DC22E25AD22C8CF5A5FE1, 8EA297177683D059780FD1C7225AFA0ED9D142A1BA04943A5BFF45F433C22CE4 ] vvftav303       C:\Windows\system32\drivers\vvftav303.sys
23:10:00.0509 0x17a0  vvftav303 - ok
23:10:00.0516 0x17a0  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
23:10:00.0518 0x17a0  vwifibus - ok
23:10:00.0540 0x17a0  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
23:10:00.0547 0x17a0  vwififlt - ok
23:10:00.0570 0x17a0  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
23:10:00.0579 0x17a0  W32Time - ok
23:10:00.0594 0x17a0  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
23:10:00.0601 0x17a0  WacomPen - ok
23:10:00.0616 0x17a0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
23:10:00.0619 0x17a0  WANARP - ok
23:10:00.0623 0x17a0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
23:10:00.0625 0x17a0  Wanarpv6 - ok
23:10:00.0680 0x17a0  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
23:10:00.0712 0x17a0  WatAdminSvc - ok
23:10:00.0826 0x17a0  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
23:10:00.0858 0x17a0  wbengine - ok
23:10:00.0874 0x17a0  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
23:10:00.0878 0x17a0  WbioSrvc - ok
23:10:00.0896 0x17a0  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
23:10:00.0904 0x17a0  wcncsvc - ok
23:10:00.0918 0x17a0  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:10:00.0921 0x17a0  WcsPlugInService - ok
23:10:00.0934 0x17a0  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
23:10:00.0936 0x17a0  Wd - ok
23:10:00.0959 0x17a0  [ 441BD2D7B4F98134C3A4F9FA570FD250, FF20815273014C5A27C2B75E2C70FE674809293627056199F502DFDF4CECFCA1 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
23:10:00.0971 0x17a0  Wdf01000 - ok
23:10:01.0010 0x17a0  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
23:10:01.0016 0x17a0  WdiServiceHost - ok
23:10:01.0022 0x17a0  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
23:10:01.0026 0x17a0  WdiSystemHost - ok
23:10:01.0045 0x17a0  [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient       C:\Windows\System32\webclnt.dll
23:10:01.0052 0x17a0  WebClient - ok
23:10:01.0066 0x17a0  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
23:10:01.0072 0x17a0  Wecsvc - ok
23:10:01.0079 0x17a0  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
23:10:01.0082 0x17a0  wercplsupport - ok
23:10:01.0115 0x17a0  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
23:10:01.0117 0x17a0  WerSvc - ok
23:10:01.0125 0x17a0  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
23:10:01.0127 0x17a0  WfpLwf - ok
23:10:01.0135 0x17a0  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
23:10:01.0137 0x17a0  WIMMount - ok
23:10:01.0140 0x17a0  WinDefend - ok
23:10:01.0147 0x17a0  WinHttpAutoProxySvc - ok
23:10:01.0201 0x17a0  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
23:10:01.0210 0x17a0  Winmgmt - ok
23:10:01.0274 0x17a0  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
23:10:01.0317 0x17a0  WinRM - ok
23:10:01.0352 0x17a0  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
23:10:01.0378 0x17a0  WinUsb - ok
23:10:01.0426 0x17a0  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
23:10:01.0450 0x17a0  Wlansvc - ok
23:10:01.0487 0x17a0  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
23:10:01.0490 0x17a0  wlcrasvc - ok
23:10:01.0587 0x17a0  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:10:01.0618 0x17a0  wlidsvc - ok
23:10:01.0648 0x17a0  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
23:10:01.0649 0x17a0  WmiAcpi - ok
23:10:01.0667 0x17a0  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
23:10:01.0675 0x17a0  wmiApSrv - ok
23:10:01.0703 0x17a0  WMPNetworkSvc - ok
23:10:01.0719 0x17a0  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
23:10:01.0723 0x17a0  WPCSvc - ok
23:10:01.0740 0x17a0  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
23:10:01.0747 0x17a0  WPDBusEnum - ok
23:10:01.0755 0x17a0  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
23:10:01.0757 0x17a0  ws2ifsl - ok
23:10:01.0794 0x17a0  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
23:10:01.0799 0x17a0  wscsvc - ok
23:10:01.0801 0x17a0  WSearch - ok
23:10:01.0859 0x17a0  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
23:10:01.0909 0x17a0  wuauserv - ok
23:10:01.0925 0x17a0  [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
23:10:01.0928 0x17a0  WudfPf - ok
23:10:01.0971 0x17a0  [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
23:10:01.0978 0x17a0  WUDFRd - ok
23:10:01.0995 0x17a0  [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
23:10:02.0000 0x17a0  wudfsvc - ok
23:10:02.0019 0x17a0  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
23:10:02.0027 0x17a0  WwanSvc - ok
23:10:02.0094 0x17a0  [ 24FB8DB6D1D55E2C5D0A53DFE48E6AF8, 967B7FA83171485DA1EEF51DB2A21FD17DFB4846E1F700C83E516BD40A542DCA ] Yontoo Desktop Updater C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe
23:10:02.0095 0x17a0  Yontoo Desktop Updater - ok
23:10:02.0150 0x17a0  [ EDD2DA8090C54935C92C4CC81EBA9FFF, 211AB8BC812A1B206CAC65F6AF813082CA677868E0098CD1B9A141F3C5514726 ] ZSMC0303        C:\Windows\system32\Drivers\usbVM303.sys
23:10:02.0183 0x17a0  ZSMC0303 - ok
23:10:02.0194 0x17a0  ================ Scan global ===============================
23:10:02.0214 0x17a0  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
23:10:02.0257 0x17a0  [ EB6A48CC998E1090E44E8E7F1009A640, 94001F8AEB2A398E7C267C90183ABED2AFA6FC4C219027C861C6C1329093464A ] C:\Windows\system32\winsrv.dll
23:10:02.0272 0x17a0  [ EB6A48CC998E1090E44E8E7F1009A640, 94001F8AEB2A398E7C267C90183ABED2AFA6FC4C219027C861C6C1329093464A ] C:\Windows\system32\winsrv.dll
23:10:02.0295 0x17a0  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
23:10:02.0320 0x17a0  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
23:10:02.0329 0x17a0  [ Global ] - ok
23:10:02.0329 0x17a0  ================ Scan MBR ==================================
23:10:02.0336 0x17a0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:10:02.0684 0x17a0  \Device\Harddisk0\DR0 - ok
23:10:02.0684 0x17a0  ================ Scan VBR ==================================
23:10:02.0699 0x17a0  [ EA6389EF67381A2C0FE7B285DA0D2173 ] \Device\Harddisk0\DR0\Partition1
23:10:02.0745 0x17a0  \Device\Harddisk0\DR0\Partition1 - ok
23:10:02.0749 0x17a0  [ 574F8CDE2E3E4B0B58B83FABFEDE3DE7 ] \Device\Harddisk0\DR0\Partition2
23:10:02.0789 0x17a0  \Device\Harddisk0\DR0\Partition2 - ok
23:10:02.0792 0x17a0  [ 792AEF8AA2FEBCA1360AC45947E26620 ] \Device\Harddisk0\DR0\Partition3
23:10:02.0794 0x17a0  \Device\Harddisk0\DR0\Partition3 - ok
23:10:02.0797 0x17a0  [ D18B8A3AA315B1A5686F4A8F95A1B980 ] \Device\Harddisk0\DR0\Partition4
23:10:02.0798 0x17a0  \Device\Harddisk0\DR0\Partition4 - ok
23:10:02.0799 0x17a0  Waiting for KSN requests completion. In queue: 321
23:10:03.0800 0x17a0  Waiting for KSN requests completion. In queue: 321
23:10:04.0800 0x17a0  Waiting for KSN requests completion. In queue: 321
23:10:05.0800 0x17a0  Waiting for KSN requests completion. In queue: 15
23:10:06.0815 0x17a0  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.0.1526.0 ), 0x61000 ( enabled : updated )
23:10:06.0819 0x17a0  Win FW state via NFP2: enabled
23:10:09.0787 0x17a0  ============================================================
23:10:09.0787 0x17a0  Scan finished
23:10:09.0787 0x17a0  ============================================================
23:10:09.0795 0x1794  Detected object count: 0
23:10:09.0795 0x1794  Actual detected object count: 0


#5 icebloodvs

icebloodvs
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:03:31 AM

Posted 27 March 2014 - 10:18 AM

AdwCleaner Logs

 

# AdwCleaner v3.022 - Report created 27/03/2014 at 23:15:30
# Updated 13/03/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Aldrin Domingo - ALDRINDOMINGO
# Running from : C:\Users\Aldrin Domingo\Downloads\Programs\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
Service Deleted : Yontoo Desktop Updater
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\SoftWarehouse
Folder Deleted : C:\ProgramData\StarApp
Folder Deleted : C:\ProgramData\saffe savve
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\DealPly
Folder Deleted : C:\Program Files (x86)\SweetIM
Folder Deleted : C:\Program Files (x86)\Yontoo
Folder Deleted : C:\Users\Aldrin Domingo\AppData\Local\b1e
Folder Deleted : C:\Users\Aldrin Domingo\AppData\Local\Conduit
Folder Deleted : C:\Users\Aldrin Domingo\AppData\Local\iLivid
Folder Deleted : C:\Users\Aldrin Domingo\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Aldrin Domingo\AppData\Local\torch
Folder Deleted : C:\Users\Aldrin Domingo\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\Aldrin Domingo\AppData\LocalLow\blekko
Folder Deleted : C:\Users\Aldrin Domingo\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Aldrin Domingo\AppData\LocalLow\Delta
Folder Deleted : C:\Users\Aldrin Domingo\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Aldrin Domingo\AppData\LocalLow\SweetIM
Folder Deleted : C:\Users\Aldrin Domingo\AppData\Roaming\B1Toolbar
Folder Deleted : C:\Users\Aldrin Domingo\AppData\Roaming\ExpressFiles
Folder Deleted : C:\Users\Aldrin Domingo\AppData\Roaming\Yontoo
Folder Deleted : C:\Users\Aldrin Domingo\AppData\Roaming\yourfiledownloader
Folder Deleted : C:\Users\Aldrin Domingo\AppData\Roaming\Mozilla\Firefox\Profiles\ks097q88.default\Smartbar
Folder Deleted : C:\Users\Aldrin Domingo\AppData\Roaming\Mozilla\Firefox\Profiles\ks097q88.default\SweetPacksToolbarData
Folder Deleted : C:\Users\Aldrin Domingo\AppData\Roaming\Mozilla\Firefox\Profiles\ks097q88.default\ValueApps
Folder Deleted : C:\Users\Aldrin Domingo\AppData\Roaming\Mozilla\Firefox\Profiles\ks097q88.default\CT3272126
Folder Deleted : C:\Users\Aldrin Domingo\AppData\Roaming\Mozilla\Firefox\Profiles\ks097q88.default\CT3176921
Folder Deleted : C:\Users\Aldrin Domingo\AppData\Roaming\Mozilla\Firefox\Profiles\ks097q88.default\Extensions\9hforhaviyf@kljmheeo.org
Folder Deleted : C:\Users\Aldrin Domingo\AppData\Roaming\Mozilla\Firefox\Profiles\ks097q88.default\Extensions\faqhss@kpab-.net
Folder Deleted : C:\Users\Aldrin Domingo\AppData\Roaming\Mozilla\Firefox\Profiles\ks097q88.default\Extensions\firefox@luckyleap.net
Folder Deleted : C:\Users\Aldrin Domingo\AppData\Roaming\Mozilla\Firefox\Profiles\ks097q88.default\Extensions\frekbf@iioie.co.uk
Folder Deleted : C:\Users\Aldrin Domingo\AppData\Roaming\Mozilla\Firefox\Profiles\ks097q88.default\Extensions\staged
Folder Deleted : C:\Users\Aldrin Domingo\AppData\Roaming\Mozilla\Firefox\Profiles\ks097q88.default\Extensions\{73d50225-04ec-4493-93c8-bf88be8dd196}
Folder Deleted : C:\Users\Aldrin Domingo\AppData\Roaming\Mozilla\Firefox\Profiles\ks097q88.default\Extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}
Folder Deleted : C:\Users\Aldrin Domingo\AppData\Roaming\Mozilla\Firefox\Profiles\ks097q88.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
Folder Deleted : C:\Users\Aldrin Domingo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hahpjplbmicfkmoccokbjejahjjpnena
Folder Deleted : C:\Users\Aldrin Domingo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Folder Deleted : C:\Users\Aldrin Domingo\AppData\Local\Google\Chrome\User Data\Default\Extensions\iibmmjhgclhlahmjniokmhleigemjpbh
File Deleted : C:\Users\Aldrin Domingo\AppData\Roaming\Mozilla\Firefox\Profiles\ks097q88.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
File Deleted : C:\Users\Aldrin Domingo\AppData\Roaming\Mozilla\Firefox\Profiles\ks097q88.default\Extensions\addon@defaulttab.com.xpi
File Deleted : C:\Users\Aldrin Domingo\AppData\Roaming\Mozilla\Firefox\Profiles\ks097q88.default\Extensions\OneClickDownload@OneClickDownload.com.xpi
File Deleted : C:\Program Files (x86)\Mozilla Firefox\Components\AskSearch.js
File Deleted : C:\Users\Aldrin Domingo\AppData\Roaming\Mozilla\Firefox\Profiles\ks097q88.default\invalidprefs.js
File Deleted : C:\Users\Aldrin Domingo\AppData\Roaming\Mozilla\Firefox\Profiles\ks097q88.default\searchplugins\delta.xml
File Deleted : C:\Users\Aldrin Domingo\AppData\Roaming\Mozilla\Firefox\Profiles\ks097q88.default\searchplugins\GadgetBox.xml
File Deleted : C:\Users\Aldrin Domingo\AppData\Roaming\Mozilla\Firefox\Profiles\ks097q88.default\searchplugins\spamfreesearch.xml
File Deleted : C:\Users\Aldrin Domingo\AppData\Roaming\Mozilla\Firefox\Profiles\ks097q88.default\searchplugins\SweetIm.xml
File Deleted : C:\Users\Aldrin Domingo\AppData\Roaming\Mozilla\Firefox\Profiles\ks097q88.default\searchplugins\WebSearch.xml
File Deleted : C:\Users\Aldrin Domingo\AppData\Roaming\Mozilla\Firefox\Profiles\ks097q88.default\user.js
File Deleted : C:\Windows\Tasks\Dealply.job
File Deleted : C:\Windows\System32\Tasks\Dealply
File Deleted : C:\Windows\System32\Tasks\Express FilesUpdate
File Deleted : C:\Windows\System32\Tasks\Your File Updater
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [12x3q@3244516.com]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [xz123@ya456.com]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dedmngkbaffkenlfdcbganndoghblmap
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hahpjplbmicfkmoccokbjejahjjpnena
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco
Key Deleted : HKCU\Software\Google\Chrome\Extensions\iibmmjhgclhlahmjniokmhleigemjpbh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\iibmmjhgclhlahmjniokmhleigemjpbh
Key Deleted : HKCU\Software\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\oneclick
Key Deleted : HKLM\SOFTWARE\Classes\oneclickmg
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\blekko_1311013_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\blekko_1311013_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\DEALPL~1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\DEALPL~1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFileUpdater_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFileUpdater_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe
Key Deleted : HKCU\Software\d53dd8ce035e940
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3176921
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3272126
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_zip-repair-tool_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_zip-repair-tool_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1005247F-A178-490A-8DC3-6BAF09EA427B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B0DE3308-5D5A-470D-81B9-634FC078393B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BAE35237-8D73-44D0-905C-8A95EA1E7E69}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EECF410C-006C-4A05-AD13-6741A0814DBF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\ExpressFiles
Key Deleted : HKCU\Software\filescout
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\YourFileDownloader
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\BetterSurf
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\ExpressFiles
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\Software\YourFileDownloader
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{c3e85ee9-5892-4142-b537-bceb3dac4c3d}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IM
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Deleted : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3
Key Deleted : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v9.0.8112.16448
 
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page Before]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
 
-\\ Mozilla Firefox v15.0 (en-US)
 
[ File : C:\Users\Aldrin Domingo\AppData\Roaming\Mozilla\Firefox\Profiles\ks097q88.default\prefs.js ]
 
Line Deleted : user_pref("CT3176921.1000082.isPlayDisplay", "true");
Line Deleted : user_pref("CT3176921.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description\":\"California Rock - Rock\",\"url\":\"hxxp://www.feedlive.net/california.asx\"}");
Line Deleted : user_pref("CT3176921.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3176921.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3176921.FF19Solved", "true");
Line Deleted : user_pref("CT3176921.FirstTime", "true");
Line Deleted : user_pref("CT3176921.FirstTimeFF3", "true");
Line Deleted : user_pref("CT3176921.PG_ENABLE", "dHJ1ZQ==");
Line Deleted : user_pref("CT3176921.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3176921&SearchSource=2&CUI=UN40576605879039198&UM=2&sspv=SP_FFNSP08&q=");
Line Deleted : user_pref("CT3176921.TopHitsConfig.enc", "ew0KICAgICJzcHJpdGVVcmwiOiAiaHR0cDovL3N0b3JhZ2UuY29uZHVpdC5jb20vcHMvVG9wSGl0c0dlbmVyaWNBcHAvY29uZmlncy9VUy1VSy1EYW5jZS1Sb2NrLVJhcC9zcHJpdGUucG5nIiwNCiAgICAiaX[...]
Line Deleted : user_pref("CT3176921.UserID", "UN40576605879039198");
Line Deleted : user_pref("CT3176921.addressBarTakeOverEnabledInHidden", "true");
Line Deleted : user_pref("CT3176921.autoDisableScopes", -1);
Line Deleted : user_pref("CT3176921.browser.search.defaultthis.engineName", "true");
Line Deleted : user_pref("CT3176921.cbfirsttime.enc", "U2F0IEp1biAwMSAyMDEzIDA4OjIyOjE3IEdNVCswODAwIChNYWxheSBQZW5pbnN1bGEgU3RhbmRhcmQgVGltZSk=");
Line Deleted : user_pref("CT3176921.countryCode", "PH");
Line Deleted : user_pref("CT3176921.defaultSearch", "true");
Line Deleted : user_pref("CT3176921.enableAlerts", "true");
Line Deleted : user_pref("CT3176921.enableFix404ByUser", "FALSE");
Line Deleted : user_pref("CT3176921.enableSearchFromAddressBar", "true");
Line Deleted : user_pref("CT3176921.firstTimeDialogOpened", "true");
Line Deleted : user_pref("CT3176921.fixPageNotFoundError", "true");
Line Deleted : user_pref("CT3176921.fixPageNotFoundErrorByUser", "true");
Line Deleted : user_pref("CT3176921.fixPageNotFoundErrorInHidden", "true");
Line Deleted : user_pref("CT3176921.fixUrls", true);
Line Deleted : user_pref("CT3176921.fullUserID", "UN40576605879039198.UP.2121");
Line Deleted : user_pref("CT3176921.installDate", "20/3/2013 16:55:25");
Line Deleted : user_pref("CT3176921.installId", "stub.exe");
Line Deleted : user_pref("CT3176921.installType", "conduitnsisintegration");
Line Deleted : user_pref("CT3176921.installUsage", "2013-05-13T11:26:27.5195185+03:00");
Line Deleted : user_pref("CT3176921.installUsageEarly", "2013-05-13T11:26:25.2886613+03:00");
Line Deleted : user_pref("CT3176921.installerVersion", "1.3.6.5");
Line Deleted : user_pref("CT3176921.isCheckedStartAsHidden", true);
Line Deleted : user_pref("CT3176921.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3176921.isFirstTimeToolbarLoading", "false");
Line Deleted : user_pref("CT3176921.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT3176921.keyword", "true");
Line Deleted : user_pref("CT3176921.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3176921&octid=CT3176921&SearchSource=15&CUI=UN40576605879039198&SSPV=&Lay=1&UM=2\"}");
Line Deleted : user_pref("CT3176921.lastVersion", "10.22.5.510");
Line Deleted : user_pref("CT3176921.mam_gk_appStateReportTime", "%B7%B9%BE%BC%BC%BD%BA%B7%BF%BA%B8%BB%BD");
Line Deleted : user_pref("CT3176921.mam_gk_appStateReportTime.enc", "MTM4NjY3NDE5NDI1Nw==");
Line Deleted : user_pref("CT3176921.mam_gk_appState_Clarity_Active", "%F5%F4");
Line Deleted : user_pref("CT3176921.mam_gk_appState_Clarity_Active.enc", "b24=");
Line Deleted : user_pref("CT3176921.mam_gk_appState_DealPly.enc", "b24=");
Line Deleted : user_pref("CT3176921.mam_gk_appState_eToro.enc", "b24=");
Line Deleted : user_pref("CT3176921.mam_gk_appsConfig.enc", "eyJBcHBzQ29uZmlndXJhdGlvbiI6W3siaWQiOiJDbGFyaXR5X0FjdGl2ZSIsInVybCI6Imh0dHA6Ly9zdG9yYWdlLmNvbmR1aXQuY29tL21hbS8zcmRwYXJ0eWFwcHMvY2xhcml0eVJheS9jcl9hY3Rpdm[...]
Line Deleted : user_pref("CT3176921.mam_gk_appsDefaultEnabled", "%F4%FB%F2%F2");
Line Deleted : user_pref("CT3176921.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");
Line Deleted : user_pref("CT3176921.mam_gk_currentVersion", "%B7%B4%B7%B8%B4%B6%B4%BB");
Line Deleted : user_pref("CT3176921.mam_gk_currentVersion.enc", "MS4xMi4wLjU=");
Line Deleted : user_pref("CT3176921.mam_gk_existingUsersRecoveryDone.enc", "MQ==");
Line Deleted : user_pref("CT3176921.mam_gk_first_time", "%B7");
Line Deleted : user_pref("CT3176921.mam_gk_first_time.enc", "MQ==");
Line Deleted : user_pref("CT3176921.mam_gk_installer_preapproved.enc", "dHJ1ZQ==");
Line Deleted : user_pref("CT3176921.mam_gk_lastLoginTime", "%B7%B9%BE%BC%BC%BD%BA%B7%BF%BA%BE%BC%BE");
Line Deleted : user_pref("CT3176921.mam_gk_lastLoginTime.enc", "MTM4NjY3NDE5NDg2OA==");
Line Deleted : user_pref("CT3176921.mam_gk_localization.enc", "eyJkaWFsb2dPSyI6eyJUZXh0IjoiT0sifSwiZG1ib3gxIjp7IlRleHQiOiJEZWFsXHJcbm9mIHRoZSBkYXkifSwiZG1ib3gyIjp7IlRleHQiOiJGcmVlXHJcblNoaXBtZW50In0sImRtYnVsbGV0MSI6[...]
Line Deleted : user_pref("CT3176921.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
Line Deleted : user_pref("CT3176921.mam_gk_settings1.10.4.0.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNTRfMCIsImlzVGVzdCI6dHJ1ZSwiVXNlckNvdW50cnlDb2RlIjoiUEgiLCJpc1dlbGNvbWVFeHBl[...]
Line Deleted : user_pref("CT3176921.mam_gk_settings1.12.0.5", "ā%A8%D9%FA%E7%FA%FB%F9%A8%C0%A8%F9%FB%E9%E9%EB%EB%EA%EB%EA%A8%B2%A8%CA%E7%FA%E7%A8%C0ā%A8%E9%FB%F8%F8%EB%F4%FA%CA%E7%FA%EB%A8%C0%A8%B8%B6%B7%B[...]
Line Deleted : user_pref("CT3176921.mam_gk_settings1.12.0.5.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImN1cnJlbnREYXRlIjoiMjAxMzEyMTAiLCJpbnRlcnZhbCI6MjQwLCJzdGFtcCI6IjU0XzAiLCJpc1Rlc3QiOnRydWUsIlVzZXJDb3VudHJ5[...]
Line Deleted : user_pref("CT3176921.mam_gk_settings1.4.4.6.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiMjUzXzAiLCJpc1Rlc3QiOnRydWUsImlzV2VsY29tZUV4cGVyaWVuY2VFbmFibGVkQnlEZWZhdWx0I[...]
Line Deleted : user_pref("CT3176921.mam_gk_settings1.6.0.1.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNjFfLTEiLCJpc1Rlc3QiOmZhbHNlLCJpc1dlbGNvbWVFeHBlcmllbmNlRW5hYmxlZEJ5RGVmYXVsd[...]
Line Deleted : user_pref("CT3176921.mam_gk_showCloseButton.enc", "dHJ1ZQ==");
Line Deleted : user_pref("CT3176921.mam_gk_showWelcomeGadget", "%EC%E7%F2%F9%EB");
Line Deleted : user_pref("CT3176921.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
Line Deleted : user_pref("CT3176921.mam_gk_stamp", "%BB%BA%E5%B6");
Line Deleted : user_pref("CT3176921.mam_gk_stamp.enc", "NTRfMA==");
Line Deleted : user_pref("CT3176921.mam_gk_userId", "%EA%E9%BC%BF%EC%EA%BE%EC%B3%BB%EC%BE%B7%B3%BA%BF%B7%BA%B3%E8%EB%BE%BA%B3%EA%B6%EA%BC%B9%B8%BB%E7%B9%EB%E9%B9");
Line Deleted : user_pref("CT3176921.mam_gk_userId.enc", "ZGM2OWZkOGYtNWY4MS00OTE0LWJlODQtZDBkNjMyNWEzZWMz");
Line Deleted : user_pref("CT3176921.mam_gk_user_approval_interacted", "%B7");
Line Deleted : user_pref("CT3176921.mam_gk_user_approval_interacted.enc", "MQ==");
Line Deleted : user_pref("CT3176921.mam_gk_welcomeDialogMode", "%B7");
Line Deleted : user_pref("CT3176921.mam_gk_welcomeDialogMode.enc", "MQ==");
Line Deleted : user_pref("CT3176921.migrateAppsAndComponents", true);
Line Deleted : user_pref("CT3176921.missingMachineIdSent", "true");
Line Deleted : user_pref("CT3176921.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fsearch.conduit.com%2F%3Fctid%3DCT3176921%26CUI%3DUN40576605879039198%26UM%3D2%26SearchSource[...]
Line Deleted : user_pref("CT3176921.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3176921.openThankYouPage", "false");
Line Deleted : user_pref("CT3176921.openUninstallPage", "true");
Line Deleted : user_pref("CT3176921.originalHomepage", "chrome://branding/locale/browserconfig.properties");
Line Deleted : user_pref("CT3176921.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3176921&SearchSource=2&CUI=UN40576605879039198&UM=2&sspv=SP_FFNSP08&q=");
Line Deleted : user_pref("CT3176921.originalSearchEngine", "GadgetBox");
Line Deleted : user_pref("CT3176921.originalSearchEngineName", "Delta Search");
Line Deleted : user_pref("CT3176921.revertSettingsEnabled", "false");
Line Deleted : user_pref("CT3176921.search.searchAppId", "10000002");
Line Deleted : user_pref("CT3176921.search.searchCount", "0");
Line Deleted : user_pref("CT3176921.searchFromAddressBarEnabledByUser", "true");
Line Deleted : user_pref("CT3176921.searchInNewTabEnabledByUser", "true");
Line Deleted : user_pref("CT3176921.searchInNewTabEnabledInHidden", "true");
Line Deleted : user_pref("CT3176921.searchSuggestEnabledByUser", "true");
Line Deleted : user_pref("CT3176921.searchUserMode", "2");
Line Deleted : user_pref("CT3176921.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3176921.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3176921.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Deleted : user_pref("CT3176921.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3176921\"}");
Line Deleted : user_pref("CT3176921.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://expressfiles.OurToolbar.com//xpi\"}");
Line Deleted : user_pref("CT3176921.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"express-files \"}");
Line Deleted : user_pref("CT3176921.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3176921.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Deleted : user_pref("CT3176921.serviceLayer_services_Configuration_lastUpdate", "1392418880134");
Line Deleted : user_pref("CT3176921.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1392296277344");
Line Deleted : user_pref("CT3176921.serviceLayer_services_appsMetadata_lastUpdate", "1392296274603");
Line Deleted : user_pref("CT3176921.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1392296274333");
Line Deleted : user_pref("CT3176921.serviceLayer_services_installUsage_ToolbarInstallEarly_lastUpdate", "1368433583876");
Line Deleted : user_pref("CT3176921.serviceLayer_services_installUsage_ToolbarInstall_lastUpdate", "1368433591005");
Line Deleted : user_pref("CT3176921.serviceLayer_services_location_lastUpdate", "1386674735937");
Line Deleted : user_pref("CT3176921.serviceLayer_services_login_10.14.370.25_lastUpdate", "1368586007657");
Line Deleted : user_pref("CT3176921.serviceLayer_services_login_10.16.2.509_lastUpdate", "1386674735968");
Line Deleted : user_pref("CT3176921.serviceLayer_services_login_10.22.5.510_lastUpdate", "1392418879326");
Line Deleted : user_pref("CT3176921.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1392296274377");
Line Deleted : user_pref("CT3176921.serviceLayer_services_searchAPI_lastUpdate", "1392418880125");
Line Deleted : user_pref("CT3176921.serviceLayer_services_serviceMap_lastUpdate", "1392418878719");
Line Deleted : user_pref("CT3176921.serviceLayer_services_toolbarContextMenu_lastUpdate", "1392296274844");
Line Deleted : user_pref("CT3176921.serviceLayer_services_toolbarSettings_lastUpdate", "1392418879315");
Line Deleted : user_pref("CT3176921.serviceLayer_services_translation_lastUpdate", "1392418878780");
Line Deleted : user_pref("CT3176921.settingsINI", true);
Line Deleted : user_pref("CT3176921.shouldFirstTimeDialog", "false");
Line Deleted : user_pref("CT3176921.showToolbarPermission", "false");
Line Deleted : user_pref("CT3176921.smartbar.CTID", "CT3176921");
Line Deleted : user_pref("CT3176921.smartbar.Uninstall", "0");
Line Deleted : user_pref("CT3176921.smartbar.homepage", "true");
Line Deleted : user_pref("CT3176921.smartbar.toolbarName", "express-files ");
Line Deleted : user_pref("CT3176921.startPage", "true");
Line Deleted : user_pref("CT3176921.toolbarBornServerTime", "13-5-2013");
Line Deleted : user_pref("CT3176921.toolbarCurrentServerTime", "15-2-2014");
Line Deleted : user_pref("CT3176921.toolbarLoginClientTime", "Mon May 13 2013 16:26:34 GMT+0800 (Malay Peninsula Standard Time)");
Line Deleted : user_pref("CT3176921.url_history0001.enc", "aHR0cDovL3d3dy5zdWxpdC5jb20ucGgvaW5kZXgucGhwL2ZvcnVtOjo6Y2xpY2toYW5kbGVyOjo6MTM3MDA0NjE0ODUwMg==");
Line Deleted : user_pref("CT3176921_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1392418875055,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("CT3272126.1000082.isDisplayHidden", "true");
Line Deleted : user_pref("CT3272126.1000082.isPlayDisplay", "true");
Line Deleted : user_pref("CT3272126.1000082.state", "{\"state\":\"stopped\",\"text\":\"DANCE rad...\",\"description\":\"DANCE radio\",\"url\":\"hxxp://www.abradio.cz/asx/danceradio32.asx\"}");
Line Deleted : user_pref("CT3272126.1000234.TWC_TMP_city", "PASAY");
Line Deleted : user_pref("CT3272126.1000234.TWC_TMP_country", "PH");
Line Deleted : user_pref("CT3272126.1000234.TWC_locId", "RPXX1256");
Line Deleted : user_pref("CT3272126.1000234.TWC_location", "Pasay, Philippines");
Line Deleted : user_pref("CT3272126.1000234.TWC_region", "OT");
Line Deleted : user_pref("CT3272126.1000234.TWC_temp_dis", "c");
Line Deleted : user_pref("CT3272126.1000234.TWC_wind_dis", "kmh");
Line Deleted : user_pref("CT3272126.1000234.weatherData", "{\"icon\":\"11.png\",\"temperature\":\"27°C\",\"temperatureClear\":\"27°C\",\"highTemperature\":\"27°C\",\"lowTemperature\":\"26°C\",\"feelsLike\":\"33°C\",[...]
Line Deleted : user_pref("CT3272126.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3272126.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3272126.FirstTime", "true");
Line Deleted : user_pref("CT3272126.FirstTimeFF3", "true");
Line Deleted : user_pref("CT3272126.LoginRevertSettingsEnabled", true);
Line Deleted : user_pref("CT3272126.PG_ENABLE", "dHJ1ZQ==");
Line Deleted : user_pref("CT3272126.RevertSettingsEnabled", true);
Line Deleted : user_pref("CT3272126.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3272126&SearchSource=2&CUI=SB_CUI&q=");
Line Deleted : user_pref("CT3272126.UserID", "UN66865234785347988");
Line Deleted : user_pref("CT3272126.addressBarTakeOverEnabledInHidden", "true");
Line Deleted : user_pref("CT3272126.autoDisableScopes", 14);
Line Deleted : user_pref("CT3272126.browser.search.defaultthis.engineName", true);
Line Deleted : user_pref("CT3272126.cb_experience_000.enc", "Mg==");
Line Deleted : user_pref("CT3272126.cb_user_id_000.enc", "Q0I1OTc2MDk5OTk1OTlfMTM4NzExMTkwNDM4Ml9GaXJlZm94");
Line Deleted : user_pref("CT3272126.cbfirsttime.enc", "RnJpIEZlYiAwMSAyMDEzIDIyOjQwOjQ1IEdNVCswODAwIChNYWxheSBQZW5pbnN1bGEgU3RhbmRhcmQgVGltZSk=");
Line Deleted : user_pref("CT3272126.countryCode", "PH");
Line Deleted : user_pref("CT3272126.defaultSearch", "true");
Line Deleted : user_pref("CT3272126.enableAlerts", "always");
Line Deleted : user_pref("CT3272126.enableFix404ByUser", "TRUE");
Line Deleted : user_pref("CT3272126.enableSearchFromAddressBar", "true");
Line Deleted : user_pref("CT3272126.firstTimeDialogOpened", "true");
Line Deleted : user_pref("CT3272126.fixPageNotFoundError", "true");
Line Deleted : user_pref("CT3272126.fixPageNotFoundErrorByUser", "true");
Line Deleted : user_pref("CT3272126.fixPageNotFoundErrorInHidden", "true");
Line Deleted : user_pref("CT3272126.fixUrls", true);
Line Deleted : user_pref("CT3272126.fullUserID", "UN66865234785347988.UP.2121");
Line Deleted : user_pref("CT3272126.installDate", "24/1/2013 10:07:18");
Line Deleted : user_pref("CT3272126.installId", "4sharedtlbr.exe");
Line Deleted : user_pref("CT3272126.installType", "conduitnsisintegration");
Line Deleted : user_pref("CT3272126.isCheckedStartAsHidden", true);
Line Deleted : user_pref("CT3272126.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3272126.isFirstTimeToolbarLoading", "false");
Line Deleted : user_pref("CT3272126.isNewTabEnabled", true);
Line Deleted : user_pref("CT3272126.isPerformedSmartBarTransition", "true");
Line Deleted : user_pref("CT3272126.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT3272126.keyword", true);
Line Deleted : user_pref("CT3272126.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3272126&octid=CT3272126&SearchSource=15&CUI=UN66865234785347988&SSPV=&Lay=1&UM=2\"}");
Line Deleted : user_pref("CT3272126.lastVersion", "10.22.5.510");
Line Deleted : user_pref("CT3272126.mam_gk_appStateReportTime", "%B7%B9%BE%BC%BC%BD%BA%BD%BA%B9%BE%B7%BC");
Line Deleted : user_pref("CT3272126.mam_gk_appStateReportTime.enc", "MTM4NjY3NDc0MzgxNg==");
Line Deleted : user_pref("CT3272126.mam_gk_appState_Clarity_Active", "%F5%F4");
Line Deleted : user_pref("CT3272126.mam_gk_appState_Clarity_Active.enc", "b24=");
Line Deleted : user_pref("CT3272126.mam_gk_appState_CouponBuddy.enc", "b24=");
Line Deleted : user_pref("CT3272126.mam_gk_appState_Easytobook.enc", "b24=");
Line Deleted : user_pref("CT3272126.mam_gk_appState_Easytobook_targeted.enc", "b24=");
Line Deleted : user_pref("CT3272126.mam_gk_appsConfig.enc", "eyJBcHBzQ29uZmlndXJhdGlvbiI6W3siaWQiOiJDbGFyaXR5X0FjdGl2ZSIsInVybCI6Imh0dHA6Ly9zdG9yYWdlLmNvbmR1aXQuY29tL21hbS8zcmRwYXJ0eWFwcHMvY2xhcml0eVJheS9jcl9hY3Rpdm[...]
Line Deleted : user_pref("CT3272126.mam_gk_appsDefaultEnabled", "%F4%FB%F2%F2");
Line Deleted : user_pref("CT3272126.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");
Line Deleted : user_pref("CT3272126.mam_gk_calledSetupService.enc", "MQ==");
Line Deleted : user_pref("CT3272126.mam_gk_currentVersion", "%B7%B4%B7%B8%B4%B6%B4%BB");
Line Deleted : user_pref("CT3272126.mam_gk_currentVersion.enc", "MS4xMi4wLjU=");
Line Deleted : user_pref("CT3272126.mam_gk_existingUsersRecoveryDone.enc", "MQ==");
Line Deleted : user_pref("CT3272126.mam_gk_first_time", "%B7");
Line Deleted : user_pref("CT3272126.mam_gk_first_time.enc", "MQ==");
Line Deleted : user_pref("CT3272126.mam_gk_lastLoginTime", "%B7%B9%BE%BC%BC%BD%BA%BD%BA%BC%B9%BB%BA");
Line Deleted : user_pref("CT3272126.mam_gk_lastLoginTime.enc", "MTM4NjY3NDc0NjM1NA==");
Line Deleted : user_pref("CT3272126.mam_gk_localization.enc", "eyJkaWFsb2dPSyI6eyJUZXh0IjoiT0sifSwiZG1ib3gxIjp7IlRleHQiOiJEZWFsXHJcbm9mIHRoZSBkYXkifSwiZG1ib3gyIjp7IlRleHQiOiJGcmVlXHJcblNoaXBtZW50In0sImRtYnVsbGV0MSI6[...]
Line Deleted : user_pref("CT3272126.mam_gk_mamEnabled.enc", "ZmFsc2U=");
Line Deleted : user_pref("CT3272126.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
Line Deleted : user_pref("CT3272126.mam_gk_settings1.10.4.0.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNTRfMCIsImlzVGVzdCI6dHJ1ZSwiVXNlckNvdW50cnlDb2RlIjoiUEgiLCJpc1dlbGNvbWVFeHBl[...]
Line Deleted : user_pref("CT3272126.mam_gk_settings1.12.0.5", "ā%A8%D9%FA%E7%FA%FB%F9%A8%C0%A8%F9%FB%E9%E9%EB%EB%EA%EB%EA%A8%B2%A8%CA%E7%FA%E7%A8%C0ā%A8%E9%FB%F8%F8%EB%F4%FA%CA%E7%FA%EB%A8%C0%A8%B8%B6%B7%B[...]
Line Deleted : user_pref("CT3272126.mam_gk_settings1.12.0.5.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImN1cnJlbnREYXRlIjoiMjAxMzEyMTAiLCJpbnRlcnZhbCI6MjQwLCJzdGFtcCI6IjU0XzAiLCJpc1Rlc3QiOnRydWUsIlVzZXJDb3VudHJ5[...]
Line Deleted : user_pref("CT3272126.mam_gk_settings1.4.4.6.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNjFfLTEiLCJpc1Rlc3QiOmZhbHNlLCJpc1dlbGNvbWVFeHBlcmllbmNlRW5hYmxlZEJ5RGVmYXVsd[...]
Line Deleted : user_pref("CT3272126.mam_gk_settings1.6.0.1.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNjFfLTEiLCJpc1Rlc3QiOmZhbHNlLCJpc1dlbGNvbWVFeHBlcmllbmNlRW5hYmxlZEJ5RGVmYXVsd[...]
Line Deleted : user_pref("CT3272126.mam_gk_showCloseButton.enc", "dHJ1ZQ==");
Line Deleted : user_pref("CT3272126.mam_gk_showWelcomeGadget", "%EC%E7%F2%F9%EB");
Line Deleted : user_pref("CT3272126.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
Line Deleted : user_pref("CT3272126.mam_gk_stamp", "%BB%BA%E5%B6");
Line Deleted : user_pref("CT3272126.mam_gk_stamp.enc", "NTRfMA==");
Line Deleted : user_pref("CT3272126.mam_gk_userId", "%BB%BA%BB%B8%BB%B7%EC%BB%B3%E9%BA%BE%BA%B3%BA%E8%BC%EA%B3%E8%BB%B7%B8%B3%EB%B7%BD%E7%B7%BB%BB%B9%EA%EA%B6%E9");
Line Deleted : user_pref("CT3272126.mam_gk_userId.enc", "NTQ1MjUxZjUtYzQ4NC00YjZkLWI1MTItZTE3YTE1NTNkZDBj");
Line Deleted : user_pref("CT3272126.mam_gk_user_approval_interacted", "%B7");
Line Deleted : user_pref("CT3272126.mam_gk_user_approval_interacted.enc", "MQ==");
Line Deleted : user_pref("CT3272126.mam_gk_welcomeDialogMode", "%B7");
Line Deleted : user_pref("CT3272126.mam_gk_welcomeDialogMode.enc", "MQ==");
Line Deleted : user_pref("CT3272126.migrateAppsAndComponents", true);
Line Deleted : user_pref("CT3272126.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fsearch.conduit.com%2F%3Fctid%3DCT3176921%26CUI%3DUN40576605879039198%26UM%3D2%26SearchSource%3D13%26sspv%3DSP_FFNSP0[...]
Line Deleted : user_pref("CT3272126.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3272126.openThankYouPage", "false");
Line Deleted : user_pref("CT3272126.openUninstallPage", "true");
Line Deleted : user_pref("CT3272126.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3176921&SearchSource=2&CUI=UN40576605879039198&UM=2&q=");
Line Deleted : user_pref("CT3272126.price-gong.bornDate", "{\"dataType\":\"string\",\"data\":\"{\\\"Response\\\":\\\"02\\\\/01\\\\/2013 17\\\"}\"}");
Line Deleted : user_pref("CT3272126.revertSettingsEnabled", "TRUE");
Line Deleted : user_pref("CT3272126.search.searchAppId", "130002905994662058");
Line Deleted : user_pref("CT3272126.search.searchCount", "0");
Line Deleted : user_pref("CT3272126.searchInNewTabEnabledByUser", "true");
Line Deleted : user_pref("CT3272126.searchInNewTabEnabledInHidden", "true");
Line Deleted : user_pref("CT3272126.searchSuggestEnabledByUser", "false");
Line Deleted : user_pref("CT3272126.searchUserMode", "2");
Line Deleted : user_pref("CT3272126.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3272126.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3272126.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Deleted : user_pref("CT3272126.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3272126\"}");
Line Deleted : user_pref("CT3272126.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://4sharedcomWI2.OurToolbar.com//xpi\"}");
Line Deleted : user_pref("CT3272126.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"4shared.com WI2 \"}");
Line Deleted : user_pref("CT3272126.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3272126.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Deleted : user_pref("CT3272126.serviceLayer_services_Configuration_lastUpdate", "1392418879816");
Line Deleted : user_pref("CT3272126.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1392296275318");
Line Deleted : user_pref("CT3272126.serviceLayer_services_appsMetadata_lastUpdate", "1392296274599");
Line Deleted : user_pref("CT3272126.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1392296274262");
Line Deleted : user_pref("CT3272126.serviceLayer_services_location_lastUpdate", "1386674737855");
Line Deleted : user_pref("CT3272126.serviceLayer_services_login_10.13.40.15_lastUpdate", "1368586007580");
Line Deleted : user_pref("CT3272126.serviceLayer_services_login_10.15.2.523_lastUpdate", "1386674737633");
Line Deleted : user_pref("CT3272126.serviceLayer_services_login_10.22.5.510_lastUpdate", "1392418879242");
Line Deleted : user_pref("CT3272126.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1392296274798");
Line Deleted : user_pref("CT3272126.serviceLayer_services_searchAPI_lastUpdate", "1392418880238");
Line Deleted : user_pref("CT3272126.serviceLayer_services_serviceMap_lastUpdate", "1392418878399");
Line Deleted : user_pref("CT3272126.serviceLayer_services_toolbarContextMenu_lastUpdate", "1392296275092");
Line Deleted : user_pref("CT3272126.serviceLayer_services_toolbarSettings_lastUpdate", "1392418880183");
Line Deleted : user_pref("CT3272126.serviceLayer_services_translation_lastUpdate", "1392418878442");
Line Deleted : user_pref("CT3272126.serviceLayer_services_userApps_lastUpdate", "1362830721421");
Line Deleted : user_pref("CT3272126.settingsINI", true);
Line Deleted : user_pref("CT3272126.shouldFirstTimeDialog", "false");
Line Deleted : user_pref("CT3272126.showToolbarPermission", "false");
Line Deleted : user_pref("CT3272126.smartbar.CTID", "CT3272126");
Line Deleted : user_pref("CT3272126.smartbar.Uninstall", "0");
Line Deleted : user_pref("CT3272126.smartbar.homepage", true);
Line Deleted : user_pref("CT3272126.smartbar.toolbarName", "4shared.com WI2 ");
Line Deleted : user_pref("CT3272126.toolbarBornServerTime", "1-2-2013");
Line Deleted : user_pref("CT3272126.toolbarCurrentServerTime", "15-2-2014");
Line Deleted : user_pref("CT3272126.toolbarLoginClientTime", "Sun May 19 2013 07:35:39 GMT+0800 (Malay Peninsula Standard Time)");
Line Deleted : user_pref("CT3272126.url_history0001.enc", "aHR0cDovL2RuLmNoZXJyeWNyZWRpdHMuY29tL2Rvd25sb2FkX2dhbWUucGhwP3NvdXJjZT1nbG9iYWxfMTEzX3N0YWh1Yjo6OmNsaWNraGFuZGxlcjo6OjEzOTIyOTYzNTA4NDQsLCxodHRwOi8vZG4uY2hl[...]
Line Deleted : user_pref("CT3272126_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1392418874886,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3176921&CUI=UN40576605879039198&UM=2&SearchSource=13&sspv=SP_FFNSP08");
Line Deleted : user_pref("Smartbar.ConduitSearchEngineList", "express-files Customized Web Search");
Line Deleted : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3176921&SearchSource=2&CUI=UN40576605879039198&UM=2&sspv=SP_FFNSP08&q=");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://home.gamesgofree.com/results.php?utm_medium=abs3&category=web&s=");
Line Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3176921");
Line Deleted : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Line Deleted : user_pref("browser.newtab.url", "hxxp://home.sweetim.com/?src=97&barid={D6784685-FA51-11E1-B7D7-50E549C8B3D0}");
Line Deleted : user_pref("browser.search.defaultenginename", "express-files Customized Web Search");
Line Deleted : user_pref("browser.search.defaultenginename,S", "GadgetBox");
Line Deleted : user_pref("browser.search.defaultthis.engineName", "express-files Customized Web Search");
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://search.gboxapp.com/?pid=2109&src=ff2&r=2014/01/13&hid=14549507976177205514&lg=EN&cc=PH&q=");
Line Deleted : user_pref("browser.search.order.1", "GadgetBox");
Line Deleted : user_pref("browser.search.order.1,S", "GadgetBox");
Line Deleted : user_pref("browser.search.selectedEngine", "express-files Customized Web Search");
Line Deleted : user_pref("browser.search.selectedEngine,S", "GadgetBox");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3176921&CUI=UN40576605879039198&UM=2&SearchSource=13&sspv=SP_FFNSP08");
Line Deleted : user_pref("extensions.51ed3efb9258a.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.match(/[...]
Line Deleted : user_pref("extensions.51ed3faf2eae8.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.match(/[...]
Line Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Line Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
Line Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=112558&tt=060612_7_");
Line Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "fe3ed95100000000000050e549c8b3d0");
Line Deleted : user_pref("extensions.BabylonToolbar_i.id", "fe3ed95100000000000050e549c8b3d0");
Line Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15536");
Line Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Line Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true);
Line Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://www.delta-search.com/?affID=119816&babsrc=NT_ss&mntrId=fe3ed95100000000000050e549c8b3d0");
Line Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Line Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Line Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Line Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Line Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1713:30:16");
Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Line Deleted : user_pref("extensions.Y84APRwPZBVC.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.match(/r[...]
Line Deleted : user_pref("extensions.delta.admin", false);
Line Deleted : user_pref("extensions.delta.aflt", "babsst");
Line Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Line Deleted : user_pref("extensions.delta.autoRvrt", "false");
Line Deleted : user_pref("extensions.delta.bbDpng", "8");
Line Deleted : user_pref("extensions.delta.cntry", "PH");
Line Deleted : user_pref("extensions.delta.dfltLng", "en");
Line Deleted : user_pref("extensions.delta.excTlbr", false);
Line Deleted : user_pref("extensions.delta.ffxUnstlRst", true);
Line Deleted : user_pref("extensions.delta.hdrMd5", "555A10E00207FBC76777A044660DF735");
Line Deleted : user_pref("extensions.delta.id", "fe3ed95100000000000050e549c8b3d0");
Line Deleted : user_pref("extensions.delta.instlDay", "15943");
Line Deleted : user_pref("extensions.delta.instlRef", "sst");
Line Deleted : user_pref("extensions.delta.lastVrsnTs", "1.8.24.68:20:44");
Line Deleted : user_pref("extensions.delta.newTab", false);
Line Deleted : user_pref("extensions.delta.prdct", "delta");
Line Deleted : user_pref("extensions.delta.prtnrId", "delta");
Line Deleted : user_pref("extensions.delta.rvrt", "false");
Line Deleted : user_pref("extensions.delta.sg", "azb");
Line Deleted : user_pref("extensions.delta.smplGrp", "none");
Line Deleted : user_pref("extensions.delta.tlbrId", "base");
Line Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");
Line Deleted : user_pref("extensions.delta.vrsn", "1.8.24.6");
Line Deleted : user_pref("extensions.delta.vrsnTs", "1.8.24.68:20:44");
Line Deleted : user_pref("extensions.delta.vrsni", "1.8.24.6");
Line Deleted : user_pref("extensions.delta_i.babExt", "");
Line Deleted : user_pref("extensions.delta_i.babTrack", "affID=123621&tsp=4986");
Line Deleted : user_pref("extensions.delta_i.srcExt", "ss");
Line Deleted : user_pref("extensions.spamfreesearch.hmpgUrl", "hxxp://blekko.com/ws/?source=5f97ddbe&tbp=homepage&u=fe3ed95100000000000050e549c8b3d0");
Line Deleted : user_pref("extensions.spamfreesearch.keyWordUrl", "hxxp://blekko.com/ws/?source=5f97ddbe&tbp=rbox&u=fe3ed95100000000000050e549c8b3d0&q=");
Line Deleted : user_pref("extensions.spamfreesearch.prtnrId", "blekko");
Line Deleted : user_pref("extensions.spamfreesearch.srchPrvdr", "blekko");
Line Deleted : user_pref("extensions.spamfreesearch.tlbrSrchUrl", "hxxp://blekko.com/ws/?source=5f97ddbe&tbp=main&u=fe3ed95100000000000050e549c8b3d0&q=");
Line Deleted : user_pref("extentions.y2layers.defaultEnableAppsList", "DropDownDeals,buzzdock,YontooNewOffers");
Line Deleted : user_pref("extentions.y2layers.installId", "d045051a-245c-4451-ac1f-51010fc365fa");
Line Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3176921&SearchSource=2&CUI=UN40576605879039198&UM=2&q=");
Line Deleted : user_pref("plugin.state.npconduitfirefoxplugin", 2);
Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3176921");
Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3272126&SearchSource=13&CUI=SB_CUI,hxxp://search.conduit.com/?ctid=CT3176921&CUI=UN40576605879039198&UM=2&SearchSource=13&s[...]
Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3272126&SearchSource=2&CUI=SB_CUI&q=,hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3176921&Search[...]
Line Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT3176921");
Line Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3176921");
Line Deleted : user_pref("smartbar.machineId", "GECKSOS2EUV7MAWD5C7QMGNBM2YZMOAN3KZDWDP0KUP+P+UW5BMKS7YKAGFA82WU0COLCVQKOZG1EDA+UIHIVQ");
Line Deleted : user_pref("smartbar.originalHomepage", "hxxp://home.gamesgofree.com/?utm_source=hpe&utm_medium=hp3");
Line Deleted : user_pref("smartbar.originalSearchAddressUrl", "hxxp://home.gamesgofree.com/results.php?utm_medium=abs3&category=web&s=");
Line Deleted : user_pref("smartbar.originalSearchEngine", "GamesGoFree Search");
Line Deleted : user_pref("sweetim.toolbar.RevertDialog.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true");
Line Deleted : user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "1392296307784");
Line Deleted : user_pref("sweetim.toolbar.Visibility.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.Visibility.intervaldays", "7");
Line Deleted : user_pref("sweetim.toolbar.cargo", "3.1010000.10011");
Line Deleted : user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.cda.HideOveride.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.cda.returnValue", "hide");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-handler.js");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.height", "335");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote_ff.asp?lang=$locale_id;&toolbar_version=$ITEM_VERSION;&crg=$cargo;");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.width", "761");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-handler.js");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.height", "300");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.width", "500");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handler.js");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.height", "150");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.width", "530");
Line Deleted : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.google.com/.*|.*.google.co.in/.*|.*.google.com.br/.*|.*.google.es/.*|.*.youtube.com/.*|.*.yahoo.com/.*|.[...]
Line Deleted : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Line Deleted : user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Line Deleted : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Line Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Line Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Line Deleted : user_pref("sweetim.toolbar.mode.debug", "false");
Line Deleted : user_pref("sweetim.toolbar.newtab.created", "true");
Line Deleted : user_pref("sweetim.toolbar.newtab.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "www.google.com");
Line Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Line Deleted : user_pref("sweetim.toolbar.rc.url", "hxxp://www.sweetim.com/simffbar/rc.html?toolbar_version=$ITEM_VERSION;&crg=$cargo;");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.callback", "simVerification");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "hxxps://(www.|apps.)?facebook\\.com.*");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_hxxpS");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.callback", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..*|.*.yahoo..*|.*.youtube.com.*|.*ask.com.*|.*.sweetim.com.*");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?si=3104&tid=chff1");
Line Deleted : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.yahoo.com/*\" param=\"[...]
Line Deleted : user_pref("sweetim.toolbar.search.history.capacity", "10");
Line Deleted : user_pref("sweetim.toolbar.searchguard.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");
Line Deleted : user_pref("sweetim.toolbar.simapp_id", "{D6784685-FA51-11E1-B7D7-50E549C8B3D0}");
Line Deleted : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={D6784685-FA51-11E1-B7D7-50E549C8B3D0}");
Line Deleted : user_pref("sweetim.toolbar.version", "1.9.0.0");
Line Deleted : user_pref("valueApps.CT3176921./9B+7E+x305", "2423");
Line Deleted : user_pref("valueApps.CT3176921./9B+7E+x305.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921./9B+7E,x305", "2423");
Line Deleted : user_pref("valueApps.CT3176921./9B+7E,x305.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921./9B+7E-x305", "2423");
Line Deleted : user_pref("valueApps.CT3176921./9B+7E-x305.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921./9B+7E.:2z527", "2423");
Line Deleted : user_pref("valueApps.CT3176921./9B+7E.:2z527.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921./9B+7E.x305", "2423");
Line Deleted : user_pref("valueApps.CT3176921./9B+7E.x305.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921./9B+7E/x305", "2423");
Line Deleted : user_pref("valueApps.CT3176921./9B+7E/x305.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921./9B+7E06CG5EL8:", "6E6D696B7273746E6F72");
Line Deleted : user_pref("valueApps.CT3176921./9B+7E06CG5EL8:.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921./9B+7E06CG5EL;8I:K", "247E2D2F226A74736F7178797A747578242F4B49474F42357D5D5C3D");
Line Deleted : user_pref("valueApps.CT3176921./9B+7E06CG5EL;8I:K.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921./9B+7E0x305", "2423");
Line Deleted : user_pref("valueApps.CT3176921./9B+7E0x305.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921./9B+7E1x305", "2423");
Line Deleted : user_pref("valueApps.CT3176921./9B+7E1x305.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921./9B+7E2x305", "2423");
Line Deleted : user_pref("valueApps.CT3176921./9B+7E2x305.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921./9B+7E3x305", "2423");
Line Deleted : user_pref("valueApps.CT3176921./9B+7E3x305.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921./9B+7E4x305", "2423");
Line Deleted : user_pref("valueApps.CT3176921./9B+7E4x305.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921./9B+7E5x305", "2423");
Line Deleted : user_pref("valueApps.CT3176921./9B+7E5x305.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921./9B+7E6x305", "2423");
Line Deleted : user_pref("valueApps.CT3176921./9B+7E6x305.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921./9B+7E7x305", "2423");
Line Deleted : user_pref("valueApps.CT3176921./9B+7E7x305.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921./9B+7E8x305", "2423");
Line Deleted : user_pref("valueApps.CT3176921./9B+7E8x305.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921./9B+7E9x305", "2423");
Line Deleted : user_pref("valueApps.CT3176921./9B+7E9x305.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921./9B+7E:x305", "2423");
Line Deleted : user_pref("valueApps.CT3176921./9B+7E:x305.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921./9B+7E;x305", "2423");
Line Deleted : user_pref("valueApps.CT3176921./9B+7E;x305.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921./9B+7E<x305", "2423");
Line Deleted : user_pref("valueApps.CT3176921./9B+7E<x305.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921./9B+7E=x305", "2423");
Line Deleted : user_pref("valueApps.CT3176921./9B+7E=x305.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921./9B+7E>x305", "2423");
Line Deleted : user_pref("valueApps.CT3176921./9B+7E>x305.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921./9B+7E?x305", "2423");
Line Deleted : user_pref("valueApps.CT3176921./9B+7E?x305.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921./9B+7E@x305", "2423");
Line Deleted : user_pref("valueApps.CT3176921./9B+7E@x305.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921./9B+7EAx305", "2423");
Line Deleted : user_pref("valueApps.CT3176921./9B+7EAx305.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921./9B+7EBE3G=;D9N9=D", "372C2D326975762E3A3C7B3A39434A494841434B265146492965504656496571734D337D56545138505C");
Line Deleted : user_pref("valueApps.CT3176921./9B+7EBE3G=;D9N9=D.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921./9B+7EBx305", "2423");
Line Deleted : user_pref("valueApps.CT3176921./9B+7EBx305.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921./9B+7ECx305", "2423");
Line Deleted : user_pref("valueApps.CT3176921./9B+7ECx305.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921./9B+7EDx305", "2423");
Line Deleted : user_pref("valueApps.CT3176921./9B+7EDx305.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921./9B+7Etx305", "2423");
Line Deleted : user_pref("valueApps.CT3176921./9B+7Etx305.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921./9B-0?3G>D", "6D686A693D7371717A7843734A204976207A25217D21252A5453242757595A58592A3131");
Line Deleted : user_pref("valueApps.CT3176921./9B-0?3G>D.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921./9B-0?3G@6:5;", "");
Line Deleted : user_pref("valueApps.CT3176921./9B-0?3G@6:5;.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921./9B-0?3GFA7EF", "2B2E2C3D");
Line Deleted : user_pref("valueApps.CT3176921./9B-0?3GFA7EF.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921./9B-3=3ECCJA=F>", "247E333D2C452F4135276F292A212C393D44307832332A354448584C3A23282E2E3132333435363B466068576C5E6857705A6C60606B6668563F73796F697861");
Line Deleted : user_pref("valueApps.CT3176921./9B-3=3ECCJA=F>.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921./9B/>01=9A6K6<IM;KRIE@PDAWM", "6E6A68707374757677");
Line Deleted : user_pref("valueApps.CT3176921./9B/>01=9A6K6<IM;KRIE@PDAWM.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921./9B3=>@44I48?", "372C2D3269757633423633414847203E3D474E4D4C45474F2A554A4D2D5858585E4B554E366352564F");
Line Deleted : user_pref("valueApps.CT3176921./9B3=>@44I48?.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921./9B5BA==9CJAG", "3B3A713E73706C427A764548494A49777A7B20204D");
Line Deleted : user_pref("valueApps.CT3176921./9B5BA==9CJAG.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921./9B6B11G4C56B>F;P;ANR@P", "6E6D6870716B6F746F70747676");
Line Deleted : user_pref("valueApps.CT3176921./9B6B11G4C56B>F;P;ANR@P.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921./9B90E@.3C;7B=?OFB>>RHIQS", "393F352F3E");
Line Deleted : user_pref("valueApps.CT3176921./9B90E@.3C;7B=?OFB>>RHIQS.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921./9B9643G3/9E", "6A");
Line Deleted : user_pref("valueApps.CT3176921./9B9643G3/9E.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921./9B;45>:BI9I7IE", "2B2E2C3D");
Line Deleted : user_pref("valueApps.CT3176921./9B;45>:BI9I7IE.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921./9B<:222H64<", "393F352F3E");
Line Deleted : user_pref("valueApps.CT3176921./9B<:222H64<.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921./9B<:222H64<L8DAJ", "6D70706F7673737976732A797972787D757E7B");
Line Deleted : user_pref("valueApps.CT3176921./9B<:222H64<L8DAJ.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921./9B=+03EH8H8J?:", "4443");
Line Deleted : user_pref("valueApps.CT3176921./9B=+03EH8H8J?:.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921./9B?+E2A52D8", "372C2D326975762E3A3C7B3A39434A494841434B2651464929655046566470727951555E5E52");
Line Deleted : user_pref("valueApps.CT3176921./9B?+E2A52D8.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921./9B?B0D:8AJ62<H", "6D");
Line Deleted : user_pref("valueApps.CT3176921./9B?B0D:8AJ62<H.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921./9BA@0<0BI6A7GN:6@L?", "6C");
Line Deleted : user_pref("valueApps.CT3176921./9BA@0<0BI6A7GN:6@L?.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921.PG_ENABLE", "74727565");
Line Deleted : user_pref("valueApps.CT3176921.PG_ENABLE.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921._key_cl_active", "61346662613337342D376435392D343736332D616132632D633132333933323338613761");
Line Deleted : user_pref("valueApps.CT3176921._key_cl_active.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921.cb_experience_000", "31");
Line Deleted : user_pref("valueApps.CT3176921.cb_experience_000.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921.cb_user_id_000", "43423139363430303336363532385F313338373131313838353635325F46697265666F78");
Line Deleted : user_pref("valueApps.CT3176921.cb_user_id_000.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921.cbfirsttime", "53756E2044656320313520323031332032303A35313A323520474D542B3038303020284D616C61792050656E696E73756C61205374616E646172642054696D6529");
Line Deleted : user_pref("valueApps.CT3176921.cbfirsttime.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921.mam_gk_appStateReportTime", "31333932333235333030363730");
Line Deleted : user_pref("valueApps.CT3176921.mam_gk_appStateReportTime.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921.mam_gk_appState_Clarity_Active", "6F6E");
Line Deleted : user_pref("valueApps.CT3176921.mam_gk_appState_Clarity_Active.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921.mam_gk_appsConfig.storedInFile", true);
Line Deleted : user_pref("valueApps.CT3176921.mam_gk_appsDefaultEnabled", "6E756C6C");
Line Deleted : user_pref("valueApps.CT3176921.mam_gk_appsDefaultEnabled.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921.mam_gk_currentVersion", "312E31332E302E3137");
Line Deleted : user_pref("valueApps.CT3176921.mam_gk_currentVersion.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921.mam_gk_existingUsersRecoveryDone", "31");
Line Deleted : user_pref("valueApps.CT3176921.mam_gk_existingUsersRecoveryDone.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921.mam_gk_first_time", "31");
Line Deleted : user_pref("valueApps.CT3176921.mam_gk_first_time.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921.mam_gk_installer_preapproved", "74727565");
Line Deleted : user_pref("valueApps.CT3176921.mam_gk_installer_preapproved.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921.mam_gk_lastLoginTime", "31333932333235333032353033");
Line Deleted : user_pref("valueApps.CT3176921.mam_gk_lastLoginTime.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921.mam_gk_localization.storedInFile", true);
Line Deleted : user_pref("valueApps.CT3176921.mam_gk_migrated_from_ls", "31");
Line Deleted : user_pref("valueApps.CT3176921.mam_gk_migrated_from_ls.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921.mam_gk_settings1.10.4.0.storedInFile", true);
Line Deleted : user_pref("valueApps.CT3176921.mam_gk_settings1.12.0.5.storedInFile", true);
Line Deleted : user_pref("valueApps.CT3176921.mam_gk_settings1.13.0.17.storedInFile", true);
Line Deleted : user_pref("valueApps.CT3176921.mam_gk_showWelcomeGadget", "66616C7365");
Line Deleted : user_pref("valueApps.CT3176921.mam_gk_showWelcomeGadget.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921.mam_gk_stamp", "35345F30");
Line Deleted : user_pref("valueApps.CT3176921.mam_gk_stamp.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921.mam_gk_userBornDate", "4E2F41");
Line Deleted : user_pref("valueApps.CT3176921.mam_gk_userBornDate.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921.mam_gk_userId", "64633639666438662D356638312D343931342D626538342D643064363332356133656333");
Line Deleted : user_pref("valueApps.CT3176921.mam_gk_userId.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921.mam_gk_user_approval_interacted", "31");
Line Deleted : user_pref("valueApps.CT3176921.mam_gk_user_approval_interacted.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921.mam_gk_welcomeDialogMode", "31");
Line Deleted : user_pref("valueApps.CT3176921.mam_gk_welcomeDialogMode.storedInFile", false);
Line Deleted : user_pref("valueApps.CT3176921.url_history0001", "687474703A2F2F646E2E636865727279637265646974732E636F6D2F646F776E6C6F61645F67616D652E7068703F736F757263653D676C6F62616C5F3131335F7374616875623A3A3A636C[...]
Line Deleted : user_pref("valueApps.CT3176921.url_history0001.storedInFile", true);
 
-\\ Google Chrome v
 
[ File : C:\Users\Aldrin Domingo\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted : keyword
Deleted : search_url
 
*************************
 
AdwCleaner[R0].txt - [70427 octets] - [27/03/2014 23:14:49]
AdwCleaner[S0].txt - [70590 octets] - [27/03/2014 23:15:30]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [70651 octets] ##########


#6 icebloodvs

icebloodvs
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:03:31 AM

Posted 27 March 2014 - 10:25 AM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Professional x64
Ran by Aldrin Domingo on Thu 27/03/2014 at 23:19:23.40
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1411974016-386534107-1247840307-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskHomePage_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskHomePage_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetup (1)_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetup (1)_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskHomePage_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskHomePage_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividSetup (1)_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividSetup (1)_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{00BD9D43-ADBE-48DC-A18E-5069EE444CE9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{859521D7-A23B-4D46-BAFB-8BF48885405B}
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Users\Aldrin Domingo\appdata\local\cre"
Successfully deleted: [Empty Folder] C:\Users\Aldrin Domingo\appdata\local\{4FD1E667-C29B-4B8A-9AF6-159CD5AAE62E}
Successfully deleted: [Empty Folder] C:\Users\Aldrin Domingo\appdata\local\{D3BB710B-EB90-4E71-938C-509DB94505E8}
 
 
 
~~~ FireFox
 
Successfully deleted: [File] C:\user.js
Emptied folder: C:\Users\Aldrin Domingo\AppData\Roaming\mozilla\firefox\profiles\ks097q88.default\minidumps [12 files]
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 27/03/2014 at 23:24:29.78
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#7 icebloodvs

icebloodvs
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:03:31 AM

Posted 27 March 2014 - 04:06 PM

ESET Scan
 
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe.vir Win32/AdWare.Yontoo.F application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Yontoo\YontooIEClient_2.dll.vir a variant of Win32/Adware.Yontoo.A application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Aldrin Domingo\AppData\Roaming\Mozilla\Firefox\Profiles\ks097q88.default\Extensions\9hforhaviyf@kljmheeo.org\content\bg.js.vir Win32/Adware.MultiPlug.H application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Aldrin Domingo\AppData\Roaming\Mozilla\Firefox\Profiles\ks097q88.default\Extensions\frekbf@iioie.co.uk\content\bg.js.vir Win32/Adware.MultiPlug.H application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Users\Aldrin Domingo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kblfmbmlcibhnfninciihdnkpegknbia\1\51ed3efb924250.26087532.js.vir Win32/Adware.MultiPlug.H application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Users\Aldrin Domingo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pofbnhpoaeoalnoigiebdkecmaolbpok\1\51ed3faf2e9787.32358294.js.vir Win32/Adware.MultiPlug.H application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Users\Aldrin Domingo\AppData\Roaming\Mozilla\Firefox\Profiles\ks097q88.default\extensions\9hforhaviyf@kljmheeo.org\content\bg.js.vir Win32/Adware.MultiPlug.H application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Users\Aldrin Domingo\AppData\Roaming\Mozilla\Firefox\Profiles\ks097q88.default\extensions\frekbf@iioie.co.uk\content\bg.js.vir Win32/Adware.MultiPlug.H application cleaned by deleting - quarantined


#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:31 PM

Posted 28 March 2014 - 02:24 PM

Hello that a lot of adware that can slow things down.. Did you run ComboFix recently or a while ago?

How is it now?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 icebloodvs

icebloodvs
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:03:31 AM

Posted 28 March 2014 - 05:30 PM

I know i havent, should i run ComboFix?



#10 icebloodvs

icebloodvs
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:03:31 AM

Posted 28 March 2014 - 05:55 PM

and any settings on ComboFix? or things to turn off?



#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:31 PM

Posted 28 March 2014 - 08:21 PM

Well the problem here is we cannot go over your ComboFix log in this forum to see if it is responsible. That's partly why we ask folks not to run it on their own.

If this is still an issue... Net speed decreased, but ok in speed test
Then we need to start a new topic with the CF log and a DDS log.

Please follow this Preparation Guide, do steps 6,7 and 8 and post in a new topic.
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 icebloodvs

icebloodvs
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:03:31 AM

Posted 28 March 2014 - 09:10 PM

I created the topic, here is the link:

http://www.bleepingcomputer.com/forums/t/529174/infected-slow-net-speed-but-ok-in-speed-test/



#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:31 PM

Posted 28 March 2014 - 09:18 PM

Can you add your ComboFix log?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 icebloodvs

icebloodvs
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:03:31 AM

Posted 01 April 2014 - 04:24 PM

ComboFix log moved

Edited by boopme, 01 April 2014 - 09:36 PM.


#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:31 PM

Posted 01 April 2014 - 09:35 PM

Reposted the CF log in MRL topic
 
 
Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.
From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.
Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.
The current wait time is 1 - 5 days and ALL logs are answered.
If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.
To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users