Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Please help me


  • This topic is locked This topic is locked
14 replies to this topic

#1 clefty123

clefty123

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:07:22 PM

Posted 20 May 2014 - 05:19 PM

I've recently noticed my hard drive C disk space keeps getting smaller and smaller even when I am not doing anything.

 

I don't know what to do.  The space keeps shrinking and shrinking.  I am down to 8 GB of free space.

 

I am on an Asus laptop Asus Notebook K52F/K62F Series.  Windows Home 7 Premium.

 

Someone please help me.  I don't know what to do.

 

 



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,329 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:22 PM

Posted 21 May 2014 - 08:01 PM

Hello clefty. let's start here.. as you are infected.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 clefty123

clefty123
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:07:22 PM

Posted 21 May 2014 - 08:19 PM

Thanks for your reply and help.

 

I will reply as I complete the steps.

 

Here are the results of step 1:

 

MiniToolBox by Farbar  Version: 23-01-2014
Ran by Derek (administrator) on 21-05-2014 at 21:12:42
Running from "C:\Users\Derek\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
ProxyServer: http=127.0.0.1:8555;https=127.0.0.1:8555
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
"network.proxy.type", 4
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
 
127.0.0.1 m6.xilisoft.com
127.0.0.1 www.xilisoft.com
127.0.0.1 www.xilisoft.net
127.0.0.1 xilisoft.com
127.0.0.1 xilisoft.net
127.0.0.1 cms.olym.xilisoft.net
127.0.0.1 online.xilisoft.com
127.0.0.1 online.xilisoft.net
127.0.0.1 service2.xilisoft.net
127.0.0.1 www.xilimobile.com
127.0.0.1 xilimobile.com
127.0.0.1 crm.xilisoft.com
127.0.0.1 onlinevideoconverter.xilisoft.com
127.0.0.1 m1.xilisoft.com
127.0.0.1 m2.xilisoft.com
127.0.0.1 m3.xilisoft.com
127.0.0.1 m4.xilisoft.com
127.0.0.1 m5.xilisoft.com
127.0.0.1 m6.xilisoft.com
 
========================= IP Configuration: ================================
 
Atheros AR9285 Wireless Network Adapter = Wireless Network Connection (Connected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
JMicron PCI Express Gigabit Ethernet Adapter = Local Area Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Derek-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : Belkin
 
Ethernet adapter Local Area Connection* 9:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Anchorfree HSS VPN Adapter
   Physical Address. . . . . . . . . : 00-FF-A7-74-C7-9A
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 6A-5D-60-3B-84-57
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : JMicron PCI Express Gigabit Ethernet Adapter
   Physical Address. . . . . . . . . : 20-CF-30-60-75-43
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Bluetooth Network Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : 74-F0-6D-A3-F3-E4
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : Belkin
   Description . . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter
   Physical Address. . . . . . . . . : 48-5D-60-3B-84-57
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::79b2:a86d:be1e:af92%10(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.2.3(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Tuesday, May 20, 2014 4:57:47 PM
   Lease Expires . . . . . . . . . . : Sunday, June 28, 2150 3:41:08 AM
   Default Gateway . . . . . . . . . : 192.168.2.1
   DHCP Server . . . . . . . . . . . : 192.168.2.1
   DHCPv6 IAID . . . . . . . . . . . : 239623520
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-30-AF-98-48-5D-60-3B-84-57
   DNS Servers . . . . . . . . . . . : 8.8.8.8
                                       8.8.4.4
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.{4E567C17-0E5A-438C-BA41-91196AB24BD9}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.Belkin:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : Belkin
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{DE6540EF-3716-45A0-A4C6-75A17EE1CA54}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:47c:a3e:3f57:fdfc(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::47c:a3e:3f57:fdfc%14(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter isatap.{1A093C94-B78E-4D21-B382-47BA1F9DEE50}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{A774C79A-46C3-4AF6-9271-6C073C0D2EEC}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  google-public-dns-a.google.com
Address:  8.8.8.8
 
Name:    google.com
Addresses:  2607:f8b0:4004:807::100e
 74.125.228.231
 74.125.228.228
 74.125.228.230
 74.125.228.233
 74.125.228.224
 74.125.228.232
 74.125.228.238
 74.125.228.227
 74.125.228.226
 74.125.228.229
 74.125.228.225
 
 
Pinging google.com [74.125.228.231] with 32 bytes of data:
Reply from 74.125.228.231: bytes=32 time=20ms TTL=55
Reply from 74.125.228.231: bytes=32 time=59ms TTL=55
 
Ping statistics for 74.125.228.231:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 20ms, Maximum = 59ms, Average = 39ms
Server:  google-public-dns-a.google.com
Address:  8.8.8.8
 
Name:    yahoo.com
Addresses:  206.190.36.45
 98.138.253.109
 98.139.183.24
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=91ms TTL=48
Reply from 206.190.36.45: bytes=32 time=115ms TTL=48
 
Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 91ms, Maximum = 115ms, Average = 103ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 19...00 ff a7 74 c7 9a ......Anchorfree HSS VPN Adapter
 15...6a 5d 60 3b 84 57 ......Microsoft Virtual WiFi Miniport Adapter
 13...20 cf 30 60 75 43 ......JMicron PCI Express Gigabit Ethernet Adapter
 11...74 f0 6d a3 f3 e4 ......Bluetooth Device (Personal Area Network)
 10...48 5d 60 3b 84 57 ......Atheros AR9285 Wireless Network Adapter
  1...........................Software Loopback Interface 1
 22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
 20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.2.1      192.168.2.3     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.2.0    255.255.255.0         On-link       192.168.2.3    281
      192.168.2.3  255.255.255.255         On-link       192.168.2.3    281
    192.168.2.255  255.255.255.255         On-link       192.168.2.3    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.2.3    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.2.3    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 14     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 14     58 2001::/32                On-link
 14    306 2001:0:9d38:6abd:47c:a3e:3f57:fdfc/128
                                    On-link
 10    281 fe80::/64                On-link
 14    306 fe80::/64                On-link
 14    306 fe80::47c:a3e:3f57:fdfc/128
                                    On-link
 10    281 fe80::79b2:a86d:be1e:af92/128
                                    On-link
  1    306 ff00::/8                 On-link
 14    306 ff00::/8                 On-link
 10    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (05/21/2014 04:48:41 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 50465793
 
Error: (05/21/2014 04:48:41 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 50465793
 
Error: (05/21/2014 04:48:41 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (05/21/2014 04:48:40 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 50464779
 
Error: (05/21/2014 04:48:40 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 50464779
 
Error: (05/21/2014 04:48:40 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (05/21/2014 04:48:39 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 50463780
 
Error: (05/21/2014 04:48:39 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 50463780
 
Error: (05/21/2014 04:48:39 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (05/21/2014 04:48:38 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 50462782
 
 
System errors:
=============
Error: (05/20/2014 04:30:26 AM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070005
 
Error: (05/20/2014 04:30:26 AM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070005
 
Error: (05/20/2014 04:30:26 AM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070005
 
Error: (05/20/2014 04:30:26 AM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070005
 
Error: (05/20/2014 04:30:05 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (05/20/2014 04:29:54 AM) (Source: Service Control Manager) (User: )
Description: The MBAMService service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (05/20/2014 04:29:19 AM) (Source: Service Control Manager) (User: )
Description: The MBAMScheduler service failed to start due to the following error: 
%%1053
 
Error: (05/20/2014 04:29:19 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the MBAMScheduler service to connect.
 
Error: (05/20/2014 04:26:18 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (05/20/2014 04:26:18 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
 
Microsoft Office Sessions:
=========================
Error: (05/21/2014 04:48:41 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 50465793
 
Error: (05/21/2014 04:48:41 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 50465793
 
Error: (05/21/2014 04:48:41 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (05/21/2014 04:48:40 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 50464779
 
Error: (05/21/2014 04:48:40 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 50464779
 
Error: (05/21/2014 04:48:40 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (05/21/2014 04:48:39 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 50463780
 
Error: (05/21/2014 04:48:39 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 50463780
 
Error: (05/21/2014 04:48:39 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (05/21/2014 04:48:38 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 50462782
 
 
=========================== Installed Programs ============================
 
µTorrent (Version: 3.1.2)
Adobe AIR (Version: 1.5.3.9130)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.2.202.233)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Reader 9.5.5 MUI (Version: 9.5.5)
AOL Messaging Toolbar
Apple Application Support (Version: 3.0.1)
Apple Mobile Device Support (Version: 7.1.1.3)
Apple Software Update (Version: 2.1.3.127)
ArcSoft TotalMedia Extreme (Version: 2.0.45.11)
ASUS AI Recovery (Version: 1.0.10)
ASUS CopyProtect (Version: 1.0.0015)
ASUS Data Security Manager (Version: 1.00.0014)
ASUS FancyStart (Version: 1.0.8)
ASUS Live Update (Version: 2.5.9)
ASUS MultiFrame (Version: 1.0.0021)
ASUS Power4Gear Hybrid (Version: 1.1.37)
ASUS SmartLogon (Version: 1.0.0008)
ASUS Splendid Video Enhancement Technology (Version: 1.02.0028)
ASUS Virtual Camera (Version: 1.0.20)
ASUS WebStorage (Version: 2.0.46.1429)
ATK Package (Version: 1.0.0006)
Boingo Wi-Fi (Version: 1.7.0048)
Bonjour (Version: 3.0.0.10)
Canon MP560 series MP Drivers
CCleaner (Version: 4.13)
Choice Guard (Version: 1.2.87.0)
Conexant HD Audio (Version: 4.111.0.63)
ControlDeck (Version: 1.0.8)
Coupon Printer for Windows (Version: 5.0.0.2)
CyberLink Power2Go (Version: 6.1.3602c)
Download Updater (AOL LLC)
ESET NOD32 Antivirus (Version: 4.2.58.3)
ESET Online Scanner v3
ETDWare PS/2-x64 7.0.5.13_WHQL (Version: 7.0.5.13)
Fast Boot (Version: 1.0.6)
GOM Player (Version: 2.1.33.5071)
Google Chrome (Version: 34.0.1847.137)
Google Update Helper (Version: 1.3.24.7)
Hauppauge HDPVR Scheduler
Hauppauge WinTV IR Blaster (Version: 7.4.29102)
Hauppauge WinTV Scheduler
Hotspot Shield 3.23 (Version: 3.23)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2125)
Intel® Management Engine Components (Version: 6.0.0.1179)
iTunes (Version: 11.1.5.5)
Java 7 Update 45 (Version: 7.0.450)
Java™ 6 Update 30 (64-bit) (Version: 6.0.300)
Java™ 6 Update 30 (Version: 6.0.300)
JMicron Ethernet Adapter NDIS Driver (Version: 6.0.17.1)
JMicron Flash Media Controller Driver (Version: 1.0.33.2)
Junk Mail filter update (Version: 14.0.8050.1202)
K_Series_ScreenSaver_EN
Keynote Connector
K-Lite Codec Pack 8.4.0 (Full) (Version: 8.4.0)
Malwarebytes Anti-Malware version 2.0.1.1004 (Version: 2.0.1.1004)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Mouse and Keyboard Center (Version: 2.1.177.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.1.30214.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft VC9 runtime libraries (Version: 1.0.0)
Microsoft VC9 runtime libraries (Version: 2.0.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Mozilla Firefox 29.0.1 (x86 en-US) (Version: 29.0.1)
Mozilla Maintenance Service (Version: 29.0.1)
MSVCRT (Version: 14.0.1468.721)
MSVCRT Redists (Version: 1.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
QuickTime 7 (Version: 7.75.80.95)
RoboForm 7-2-8 (All Users) (Version: 7-2-8)
Sandboxie 3.46 (64-bit)
TuneUp Utilities 2011 (Version: 10.0.4500.46)
TuneUp Utilities Language Pack (en-US) (Version: 10.0.4500.46)
Ulead GIF Animator 5 ESD
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
USB 2.0 VGA UVC WebCam
Vegas Pro 11.0 (64-bit) (Version: 11.0.425)
VideoAvatar
Windows Driver Package - Broadcom (BTHUSB) Bluetooth  (02/25/2010 6.2.0.9419) (Version: 02/25/2010 6.2.0.9419)
Windows Driver Package - Broadcom Bluetooth  (01/19/2010 6.2.0.1417) (Version: 01/19/2010 6.2.0.1417)
Windows Driver Package - Broadcom Bluetooth  (07/29/2009 6.1.7100.0) (Version: 07/29/2009 6.1.7100.0)
Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405) (Version: 07/30/2009 6.2.0.9405)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (Version: 07/28/2009 6.2.0.9800)
Windows Live Call (Version: 14.0.8050.1202)
Windows Live Communications Platform (Version: 14.0.8050.1202)
Windows Live Essentials (Version: 14.0.8050.1202)
Windows Live Family Safety (Version: 14.0.8052.1208)
Windows Live Mail (Version: 14.0.8050.1202)
Windows Live Photo Gallery (Version: 14.0.8051.1204)
Windows Live Sign-in Assistant (Version: 5.000.818.6)
Windows Live Sync (Version: 14.0.8050.1202)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8050.1202)
WinFlash (Version: 2.30.3)
WinRAR 4.01 (64-bit) (Version: 4.01.0)
Wireless Console 3 (Version: 3.0.18)
Xilisoft Video Converter Ultimate (Version: 7.1.0.20120222)
Yahoo! Install Manager
Yahoo! Widgets (Version: 4.5.2.0)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 54%
Total physical RAM: 3884.57 MB
Available physical RAM: 1769.74 MB
Total Pagefile: 7767.32 MB
Available Pagefile: 4688.66 MB
Total Virtual: 4095.88 MB
Available Virtual: 3959.37 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OS) (Fixed) (Total:74.52 GB) (Free:7.98 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:204.03 GB) (Free:184.56 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\DEREK-PC
 
Administrator            Derek                    every1 else              
fbwuser                  Guest                    
 
 
**** End of log ****


#4 clefty123

clefty123
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:07:22 PM

Posted 21 May 2014 - 08:21 PM

step 2:

 

21:16:41.0694 0x13b0  TDSS rootkit removing tool 3.0.0.34 Apr 29 2014 18:20:10
21:16:45.0106 0x13b0  ============================================================
21:16:45.0106 0x13b0  Current date / time: 2014/05/21 21:16:45.0106
21:16:45.0106 0x13b0  SystemInfo:
21:16:45.0106 0x13b0  
21:16:45.0106 0x13b0  OS Version: 6.1.7601 ServicePack: 1.0
21:16:45.0106 0x13b0  Product type: Workstation
21:16:45.0106 0x13b0  ComputerName: DEREK-PC
21:16:45.0107 0x13b0  UserName: Derek
21:16:45.0107 0x13b0  Windows directory: C:\Windows
21:16:45.0107 0x13b0  System windows directory: C:\Windows
21:16:45.0107 0x13b0  Running under WOW64
21:16:45.0107 0x13b0  Processor architecture: Intel x64
21:16:45.0107 0x13b0  Number of processors: 2
21:16:45.0107 0x13b0  Page size: 0x1000
21:16:45.0107 0x13b0  Boot type: Normal boot
21:16:45.0107 0x13b0  ============================================================
21:16:45.0443 0x13b0  KLMD registered as C:\Windows\system32\drivers\39918376.sys
21:16:45.0829 0x13b0  System UUID: {2D20B5E6-0819-E47B-7B72-C2C7CD4EFEF6}
21:16:46.0847 0x13b0  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:16:46.0882 0x13b0  ============================================================
21:16:46.0882 0x13b0  \Device\Harddisk0\DR0:
21:16:46.0883 0x13b0  MBR partitions:
21:16:46.0883 0x13b0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2711676, BlocksNum 0x950A408
21:16:46.0901 0x13b0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xBC1C800, BlocksNum 0x19811800
21:16:46.0901 0x13b0  ============================================================
21:16:46.0941 0x13b0  C: <-> \Device\Harddisk0\DR0\Partition1
21:16:46.0989 0x13b0  D: <-> \Device\Harddisk0\DR0\Partition2
21:16:46.0990 0x13b0  ============================================================
21:16:46.0990 0x13b0  Initialize success
21:16:46.0990 0x13b0  ============================================================
21:16:51.0008 0x0c0c  ============================================================
21:16:51.0008 0x0c0c  Scan started
21:16:51.0008 0x0c0c  Mode: Manual; 
21:16:51.0008 0x0c0c  ============================================================
21:16:51.0008 0x0c0c  KSN ping started
21:16:53.0853 0x0c0c  KSN ping finished: true
21:16:54.0446 0x0c0c  ================ Scan system memory ========================
21:16:54.0446 0x0c0c  System memory - ok
21:16:54.0447 0x0c0c  ================ Scan services =============================
21:16:54.0727 0x0c0c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
21:16:54.0750 0x0c0c  1394ohci - ok
21:16:54.0848 0x0c0c  ACDaemon - ok
21:16:54.0880 0x0c0c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:16:54.0890 0x0c0c  ACPI - ok
21:16:54.0910 0x0c0c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
21:16:54.0913 0x0c0c  AcpiPmi - ok
21:16:55.0047 0x0c0c  [ 476BB014F3F68C0C15EDDD5B444DA8FF, 94E8FDC4390672C31081EACF3B3AE57486ED06669C4120F139DB3A62AAE77071 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:16:55.0062 0x0c0c  AdobeFlashPlayerUpdateSvc - ok
21:16:55.0157 0x0c0c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
21:16:55.0214 0x0c0c  adp94xx - ok
21:16:55.0252 0x0c0c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
21:16:55.0265 0x0c0c  adpahci - ok
21:16:55.0293 0x0c0c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
21:16:55.0301 0x0c0c  adpu320 - ok
21:16:55.0360 0x0c0c  [ C0BF554D2277F7A4C735D475ADE2E3B2, 58ED620CD73239A6AB8F993492494AB0F09705B25E671A842D5163B13F452B15 ] ADSMService     C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
21:16:55.0379 0x0c0c  ADSMService - ok
21:16:55.0400 0x0c0c  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:16:55.0422 0x0c0c  AeLookupSvc - ok
21:16:55.0468 0x0c0c  [ 734D1BA96BE6AD8D04E6AFEAD569EA8A, 9F8311A85F1695E3BF02D9AB5DDF193EEA945F7C0F9FB00A506B23850ED05C7C ] AFBAgent        C:\Windows\system32\FBAgent.exe
21:16:55.0652 0x0c0c  AFBAgent - ok
21:16:55.0713 0x0c0c  [ 0D0E5281784C2C526BA43C2ECD374288, BE4B16E08A96A24BEB904A2216A538340FD91A11E0CAB43BF8788C35DAD2D2B5 ] Afc             C:\Windows\syswow64\drivers\Afc.sys
21:16:55.0717 0x0c0c  Afc - ok
21:16:55.0799 0x0c0c  [ 1C7857B62DE5994A75B054A9FD4C3825, 83F963D7E636532B1AD30B1E727EC429317CA540F6EB3BB268FCC0B163B67767 ] AFD             C:\Windows\system32\drivers\afd.sys
21:16:55.0825 0x0c0c  AFD - ok
21:16:55.0867 0x0c0c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
21:16:55.0870 0x0c0c  agp440 - ok
21:16:55.0900 0x0c0c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
21:16:55.0905 0x0c0c  ALG - ok
21:16:55.0932 0x0c0c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:16:55.0934 0x0c0c  aliide - ok
21:16:55.0948 0x0c0c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
21:16:55.0951 0x0c0c  amdide - ok
21:16:55.0977 0x0c0c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
21:16:55.0981 0x0c0c  AmdK8 - ok
21:16:55.0996 0x0c0c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
21:16:55.0999 0x0c0c  AmdPPM - ok
21:16:56.0025 0x0c0c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:16:56.0030 0x0c0c  amdsata - ok
21:16:56.0058 0x0c0c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
21:16:56.0066 0x0c0c  amdsbs - ok
21:16:56.0085 0x0c0c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:16:56.0089 0x0c0c  amdxata - ok
21:16:56.0111 0x0c0c  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
21:16:56.0114 0x0c0c  AppID - ok
21:16:56.0138 0x0c0c  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:16:56.0141 0x0c0c  AppIDSvc - ok
21:16:56.0172 0x0c0c  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
21:16:56.0175 0x0c0c  Appinfo - ok
21:16:56.0245 0x0c0c  [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:16:56.0306 0x0c0c  Apple Mobile Device - ok
21:16:56.0338 0x0c0c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
21:16:56.0346 0x0c0c  arc - ok
21:16:56.0373 0x0c0c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
21:16:56.0382 0x0c0c  arcsas - ok
21:16:56.0409 0x0c0c  [ 88FBC8BEBFD38566235EAA5E4DBC4E05, E714D913BA9786BD536F9D99E3510C489CA32F646044718394CEE65247941288 ] AsDsm           C:\Windows\system32\drivers\AsDsm.sys
21:16:56.0415 0x0c0c  AsDsm - ok
21:16:56.0468 0x0c0c  [ 18E5C2F937F9DEB8C282DF66A3761925, 30294C381F8C7DCB45EF9BCF572F410FF47630E12D5AA02259C6C80F07BEF495 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
21:16:56.0473 0x0c0c  ASLDRService - ok
21:16:56.0496 0x0c0c  [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
21:16:56.0499 0x0c0c  ASMMAP64 - ok
21:16:56.0520 0x0c0c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:16:56.0522 0x0c0c  AsyncMac - ok
21:16:56.0553 0x0c0c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
21:16:56.0556 0x0c0c  atapi - ok
21:16:56.0699 0x0c0c  [ A5E770426D18F8EF332A593F3289DA91, 87AC97758618765814B630CB1A189CD690DC6B0EAAE93D80EDE7771FB362C9AF ] athr            C:\Windows\system32\DRIVERS\athrx.sys
21:16:56.0845 0x0c0c  athr - ok
21:16:56.0879 0x0c0c  [ 7910158929571214A959D5A6D16DD9C0, 9B4F8A3AF9E09B2F772EEF1CB8F7EAB8A226068784837F375AE97B89B0B3A383 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
21:16:56.0883 0x0c0c  ATKGFNEXSrv - ok
21:16:56.0943 0x0c0c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:16:56.0977 0x0c0c  AudioEndpointBuilder - ok
21:16:57.0027 0x0c0c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
21:16:57.0043 0x0c0c  AudioSrv - ok
21:16:57.0096 0x0c0c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:16:57.0106 0x0c0c  AxInstSV - ok
21:16:57.0184 0x0c0c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
21:16:57.0218 0x0c0c  b06bdrv - ok
21:16:57.0251 0x0c0c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
21:16:57.0261 0x0c0c  b57nd60a - ok
21:16:57.0290 0x0c0c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
21:16:57.0295 0x0c0c  BDESVC - ok
21:16:57.0310 0x0c0c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:16:57.0313 0x0c0c  Beep - ok
21:16:57.0364 0x0c0c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
21:16:57.0398 0x0c0c  BFE - ok
21:16:57.0442 0x0c0c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
21:16:57.0665 0x0c0c  BITS - ok
21:16:57.0702 0x0c0c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
21:16:57.0706 0x0c0c  blbdrive - ok
21:16:57.0790 0x0c0c  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:16:57.0821 0x0c0c  Bonjour Service - ok
21:16:57.0848 0x0c0c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:16:57.0852 0x0c0c  bowser - ok
21:16:57.0878 0x0c0c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:16:57.0881 0x0c0c  BrFiltLo - ok
21:16:57.0894 0x0c0c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:16:57.0896 0x0c0c  BrFiltUp - ok
21:16:57.0928 0x0c0c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
21:16:57.0932 0x0c0c  Browser - ok
21:16:57.0956 0x0c0c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
21:16:57.0966 0x0c0c  Brserid - ok
21:16:57.0983 0x0c0c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:16:57.0986 0x0c0c  BrSerWdm - ok
21:16:58.0002 0x0c0c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:16:58.0004 0x0c0c  BrUsbMdm - ok
21:16:58.0018 0x0c0c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:16:58.0020 0x0c0c  BrUsbSer - ok
21:16:58.0039 0x0c0c  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
21:16:58.0043 0x0c0c  BthEnum - ok
21:16:58.0060 0x0c0c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
21:16:58.0063 0x0c0c  BTHMODEM - ok
21:16:58.0085 0x0c0c  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
21:16:58.0090 0x0c0c  BthPan - ok
21:16:58.0128 0x0c0c  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
21:16:58.0158 0x0c0c  BTHPORT - ok
21:16:58.0192 0x0c0c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
21:16:58.0197 0x0c0c  bthserv - ok
21:16:58.0218 0x0c0c  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
21:16:58.0223 0x0c0c  BTHUSB - ok
21:16:58.0257 0x0c0c  [ A72A9101F9730DB7332714E566614E4D, 7C75772EA40EAEDDE2565E5FF901B17EA9B748563B8CE40062D86D4B0F1DBF0C ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
21:16:58.0263 0x0c0c  btwaudio - ok
21:16:58.0285 0x0c0c  [ 5CEEC634B617525F2B6AD29F871033F7, 0A48E08FB3C3384860783F72C85022F6AD11D8F7023580D007478AA94F6F41C5 ] btwavdt         C:\Windows\system32\DRIVERS\btwavdt.sys
21:16:58.0292 0x0c0c  btwavdt - ok
21:16:58.0299 0x0c0c  [ 6149301DC3F81D6F9667A3FBAC410975, 120E201AFB07054C7F6321461D194843C695012431DBD791E36BBF73FDD41E8A ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
21:16:58.0302 0x0c0c  btwl2cap - ok
21:16:58.0317 0x0c0c  [ 2AF5604D28BEF77B7CF4B9D232FE7CD3, 758524012FE284EDFC27DF095A2DD5853A0F084999F14DA66784103176E938E4 ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
21:16:58.0320 0x0c0c  btwrchid - ok
21:16:58.0339 0x0c0c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:16:58.0345 0x0c0c  cdfs - ok
21:16:58.0384 0x0c0c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\drivers\cdrom.sys
21:16:58.0391 0x0c0c  cdrom - ok
21:16:58.0425 0x0c0c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
21:16:58.0431 0x0c0c  CertPropSvc - ok
21:16:58.0456 0x0c0c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
21:16:58.0460 0x0c0c  circlass - ok
21:16:58.0499 0x0c0c  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
21:16:58.0511 0x0c0c  CLFS - ok
21:16:58.0568 0x0c0c  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:16:58.0600 0x0c0c  clr_optimization_v2.0.50727_32 - ok
21:16:58.0651 0x0c0c  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:16:58.0670 0x0c0c  clr_optimization_v2.0.50727_64 - ok
21:16:58.0734 0x0c0c  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:16:58.0776 0x0c0c  clr_optimization_v4.0.30319_32 - ok
21:16:58.0846 0x0c0c  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:16:58.0900 0x0c0c  clr_optimization_v4.0.30319_64 - ok
21:16:58.0933 0x0c0c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
21:16:58.0937 0x0c0c  CmBatt - ok
21:16:58.0972 0x0c0c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:16:58.0994 0x0c0c  cmdide - ok
21:16:59.0052 0x0c0c  [ 9AC4F97C2D3E93367E2148EA940CD2CD, 530E089E5CF868AECDB2B5548EBE76E0CA98FC74A72897292AB2485734402E3B ] CNG             C:\Windows\system32\Drivers\cng.sys
21:16:59.0089 0x0c0c  CNG - ok
21:16:59.0164 0x0c0c  [ 7247A4D0875F5F28919E0787E11B7B57, 9F79077619E626A8DAE74D9EF819BF1D061455CBCAD23C491EC595A2F6C21DED ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
21:16:59.0218 0x0c0c  CnxtHdAudService - ok
21:16:59.0233 0x0c0c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
21:16:59.0236 0x0c0c  Compbatt - ok
21:16:59.0257 0x0c0c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
21:16:59.0260 0x0c0c  CompositeBus - ok
21:16:59.0265 0x0c0c  COMSysApp - ok
21:16:59.0284 0x0c0c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
21:16:59.0287 0x0c0c  crcdisk - ok
21:16:59.0320 0x0c0c  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:16:59.0327 0x0c0c  CryptSvc - ok
21:16:59.0357 0x0c0c  [ BA25D4B9B067248F7CAC416E855D706B, EB00FEC005863284D25AC708CEF65D945A1599801A3FDE4B992C1AD4593E2036 ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
21:16:59.0361 0x0c0c  dc3d - ok
21:16:59.0397 0x0c0c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:16:59.0453 0x0c0c  DcomLaunch - ok
21:16:59.0501 0x0c0c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
21:16:59.0525 0x0c0c  defragsvc - ok
21:16:59.0557 0x0c0c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:16:59.0562 0x0c0c  DfsC - ok
21:16:59.0598 0x0c0c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:16:59.0608 0x0c0c  Dhcp - ok
21:16:59.0636 0x0c0c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
21:16:59.0638 0x0c0c  discache - ok
21:16:59.0645 0x0c0c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
21:16:59.0649 0x0c0c  Disk - ok
21:16:59.0653 0x0c0c  dlea_device - ok
21:16:59.0688 0x0c0c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:16:59.0695 0x0c0c  Dnscache - ok
21:16:59.0731 0x0c0c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:16:59.0742 0x0c0c  dot3svc - ok
21:16:59.0788 0x0c0c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
21:16:59.0795 0x0c0c  DPS - ok
21:16:59.0822 0x0c0c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:16:59.0824 0x0c0c  drmkaud - ok
21:16:59.0885 0x0c0c  [ AF2E16242AA723F68F461B6EAE2EAD3D, 3973633C6D231DB8D92DE310D3A0836C64639B9A20C6C56385FB218A707C1BC3 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:16:59.0949 0x0c0c  DXGKrnl - ok
21:16:59.0994 0x0c0c  [ 29B06C2346FC6C39D073391F73FC4BB0, 047D4FB92FE358A6396FAF75B501AE4F66155FF707071FC9B2D6DE8D3CCB3A37 ] eamonm          C:\Windows\system32\DRIVERS\eamonm.sys
21:17:00.0019 0x0c0c  eamonm - ok
21:17:00.0064 0x0c0c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
21:17:00.0070 0x0c0c  EapHost - ok
21:17:00.0236 0x0c0c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
21:17:00.0378 0x0c0c  ebdrv - ok
21:17:00.0408 0x0c0c  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] EFS             C:\Windows\System32\lsass.exe
21:17:00.0413 0x0c0c  EFS - ok
21:17:00.0439 0x0c0c  [ 4B52CF6D057A1B8A751A5475C126933F, 1CCAC47946CFEF65C9A336144AEDB02BCF1B49E5C33BFF6C29235D23234BD8BA ] ehdrv           C:\Windows\system32\DRIVERS\ehdrv.sys
21:17:00.0447 0x0c0c  ehdrv - ok
21:17:00.0545 0x0c0c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:17:00.0629 0x0c0c  ehRecvr - ok
21:17:00.0655 0x0c0c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
21:17:00.0660 0x0c0c  ehSched - ok
21:17:00.0704 0x0c0c  [ F196BB73B7B8B2E4CA456DAF1C60E2C9, 1A5F614E48CB5DA836B3418DDCCA65718E8A1723DEE5F1A71F7543C18D09357F ] EhttpSrv        C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
21:17:00.0707 0x0c0c  EhttpSrv - ok
21:17:00.0789 0x0c0c  [ 4032F381C6A7D396D62A4F5219585A46, 7E1E63D2E8B5E864386AA3811A51AD00D3882E403A2DFFDA6EEA9B3DF91DD60F ] ekrn            C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
21:17:00.0819 0x0c0c  ekrn - ok
21:17:00.0864 0x0c0c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
21:17:00.0886 0x0c0c  elxstor - ok
21:17:00.0910 0x0c0c  [ 3F3593EC3610AF2753B1D122FEB75F4F, 08FC87BC2DC7551FAECE70CBA9D61682184247E8C8930FB4732E28DCB84353FC ] epfwwfpr        C:\Windows\system32\DRIVERS\epfwwfpr.sys
21:17:00.0916 0x0c0c  epfwwfpr - ok
21:17:00.0938 0x0c0c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:17:00.0940 0x0c0c  ErrDev - ok
21:17:00.0964 0x0c0c  [ 38B0A3E42DE9B36AA56F72A5ECB62331, 3FADF2264C031E65BFF1460440C0D9532C05EBF656DD5EDD4592F437CAF40B7E ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
21:17:00.0969 0x0c0c  ETD - ok
21:17:01.0041 0x0c0c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
21:17:01.0065 0x0c0c  EventSystem - ok
21:17:01.0090 0x0c0c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
21:17:01.0098 0x0c0c  exfat - ok
21:17:01.0125 0x0c0c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:17:01.0134 0x0c0c  fastfat - ok
21:17:01.0204 0x0c0c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
21:17:01.0260 0x0c0c  Fax - ok
21:17:01.0281 0x0c0c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
21:17:01.0284 0x0c0c  fdc - ok
21:17:01.0314 0x0c0c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
21:17:01.0319 0x0c0c  fdPHost - ok
21:17:01.0337 0x0c0c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:17:01.0342 0x0c0c  FDResPub - ok
21:17:01.0368 0x0c0c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:17:01.0372 0x0c0c  FileInfo - ok
21:17:01.0390 0x0c0c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:17:01.0393 0x0c0c  Filetrace - ok
21:17:01.0409 0x0c0c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
21:17:01.0412 0x0c0c  flpydisk - ok
21:17:01.0447 0x0c0c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:17:01.0455 0x0c0c  FltMgr - ok
21:17:01.0533 0x0c0c  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
21:17:01.0598 0x0c0c  FontCache - ok
21:17:01.0664 0x0c0c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:17:01.0670 0x0c0c  FontCache3.0.0.0 - ok
21:17:01.0697 0x0c0c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:17:01.0703 0x0c0c  FsDepends - ok
21:17:01.0732 0x0c0c  [ 5814011B2F6E088E29D689B5FCD49B8F, 15C09FB9A80FDDB65FB831944BEC1B81743E0B7E4469F35E9FD4142FBB673C0E ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
21:17:01.0738 0x0c0c  fssfltr - ok
21:17:01.0802 0x0c0c  [ F6717211C1EC2CDDAA81B97B0727C2E9, C1FD5A389167A826C002E28339BFCF7DC8851652647016D0DCF8585EB0B8FB28 ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
21:17:01.0816 0x0c0c  fsssvc - ok
21:17:01.0843 0x0c0c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:17:01.0847 0x0c0c  Fs_Rec - ok
21:17:01.0874 0x0c0c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:17:01.0883 0x0c0c  fvevol - ok
21:17:01.0908 0x0c0c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
21:17:01.0912 0x0c0c  gagp30kx - ok
21:17:01.0930 0x0c0c  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:17:01.0934 0x0c0c  GEARAspiWDM - ok
21:17:01.0988 0x0c0c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
21:17:02.0037 0x0c0c  gpsvc - ok
21:17:02.0143 0x0c0c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:17:02.0162 0x0c0c  gupdate - ok
21:17:02.0195 0x0c0c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:17:02.0202 0x0c0c  gupdatem - ok
21:17:02.0228 0x0c0c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:17:02.0233 0x0c0c  hcw85cir - ok
21:17:02.0266 0x0c0c  [ 8D7F985CE023640B8D24EAC045D7BABE, 8B3A2CBDA0D48D74519CB3B5928F77D65730D38E50D59995F2167C741F42FEC0 ] hcwhdpvr        C:\Windows\system32\DRIVERS\hcwhdpvr.sys
21:17:02.0278 0x0c0c  hcwhdpvr - ok
21:17:02.0319 0x0c0c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:17:02.0332 0x0c0c  HdAudAddService - ok
21:17:02.0368 0x0c0c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
21:17:02.0378 0x0c0c  HDAudBus - ok
21:17:02.0402 0x0c0c  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
21:17:02.0405 0x0c0c  HECIx64 - ok
21:17:02.0425 0x0c0c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
21:17:02.0428 0x0c0c  HidBatt - ok
21:17:02.0444 0x0c0c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
21:17:02.0449 0x0c0c  HidBth - ok
21:17:02.0462 0x0c0c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
21:17:02.0466 0x0c0c  HidIr - ok
21:17:02.0494 0x0c0c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
21:17:02.0500 0x0c0c  hidserv - ok
21:17:02.0527 0x0c0c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:17:02.0531 0x0c0c  HidUsb - ok
21:17:02.0559 0x0c0c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:17:02.0567 0x0c0c  hkmsvc - ok
21:17:02.0629 0x0c0c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:17:02.0663 0x0c0c  HomeGroupListener - ok
21:17:02.0705 0x0c0c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:17:02.0727 0x0c0c  HomeGroupProvider - ok
21:17:02.0752 0x0c0c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:17:02.0760 0x0c0c  HpSAMD - ok
21:17:02.0912 0x0c0c  [ 911961244D2CE9F1A16737862AE7BF73, 3F12FEF50AF7CF0F47CE2184402654782A8BB5E31BADC788F6E3BB49C37E2A29 ] hshld           C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
21:17:02.0974 0x0c0c  hshld - ok
21:17:03.0058 0x0c0c  [ AFA58B8A623CD458EF40CFB398AC28E2, 3D82091777BFEBFD431CEFB14C4697888606DEA26D356862B951936975F7CAC1 ] HssDRV6         C:\Windows\system32\DRIVERS\hssdrv6.sys
21:17:03.0061 0x0c0c  HssDRV6 - ok
21:17:03.0092 0x0c0c  [ 5510086FE07E4BBFB3FF9769D9C75150, 0F4B87014F33A588375CF88C51517C7929F22246A67FD16C8223B17D179A4D47 ] HssTrayService  C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
21:17:03.0097 0x0c0c  HssTrayService - ok
21:17:03.0168 0x0c0c  [ 704EE8EA4A9993E3FD57EC20268CF537, 2A65EDAFC261865D8E12FA765E81AB4CD1094419BDCFCB12D08C324BF25D6730 ] HssWd           C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
21:17:03.0205 0x0c0c  HssWd - ok
21:17:03.0260 0x0c0c  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:17:03.0290 0x0c0c  HTTP - ok
21:17:03.0314 0x0c0c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:17:03.0315 0x0c0c  hwpolicy - ok
21:17:03.0339 0x0c0c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
21:17:03.0344 0x0c0c  i8042prt - ok
21:17:03.0376 0x0c0c  [ BBB3B6DF1ABB0FE35802EDE85CC1C011, 6E1FA8519A7D417969244E807D2863B39656169A925966045036A989A5EB611D ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
21:17:03.0385 0x0c0c  iaStor - ok
21:17:03.0431 0x0c0c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:17:03.0453 0x0c0c  iaStorV - ok
21:17:03.0540 0x0c0c  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:17:03.0595 0x0c0c  idsvc - ok
21:17:04.0087 0x0c0c  [ F4F91789C7C7A159CE8215C1F69F2A85, E60155402FB647B55EAD6B090204A1AA497294D473A7CCF850BB21C0DCCCB49C ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
21:17:04.0613 0x0c0c  igfx - ok
21:17:04.0679 0x0c0c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
21:17:04.0685 0x0c0c  iirsp - ok
21:17:04.0773 0x0c0c  [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT          C:\Windows\System32\ikeext.dll
21:17:04.0813 0x0c0c  IKEEXT - ok
21:17:04.0846 0x0c0c  [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
21:17:04.0853 0x0c0c  Impcd - ok
21:17:04.0882 0x0c0c  [ 58CF58DEE26C909BD6F977B61D246295, 0CE27B81C091961A22B75478449D654F9C1A68E43DF80C699DB8DD3D1B288461 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
21:17:04.0892 0x0c0c  IntcDAud - ok
21:17:04.0927 0x0c0c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
21:17:04.0929 0x0c0c  intelide - ok
21:17:04.0946 0x0c0c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:17:04.0949 0x0c0c  intelppm - ok
21:17:04.0969 0x0c0c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:17:04.0976 0x0c0c  IPBusEnum - ok
21:17:05.0003 0x0c0c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:17:05.0007 0x0c0c  IpFilterDriver - ok
21:17:05.0051 0x0c0c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:17:05.0085 0x0c0c  iphlpsvc - ok
21:17:05.0105 0x0c0c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
21:17:05.0109 0x0c0c  IPMIDRV - ok
21:17:05.0134 0x0c0c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:17:05.0139 0x0c0c  IPNAT - ok
21:17:05.0227 0x0c0c  [ 842D1EDD0F2A6E0E6631BB96BAAA01DE, 9CDD0B99F2C5DAD573A9EA8D5AB2DBFD7A941454CBBA5BFE34E49F2D4EE96A90 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
21:17:05.0280 0x0c0c  iPod Service - ok
21:17:05.0292 0x0c0c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:17:05.0295 0x0c0c  IRENUM - ok
21:17:05.0321 0x0c0c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:17:05.0324 0x0c0c  isapnp - ok
21:17:05.0370 0x0c0c  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
21:17:05.0421 0x0c0c  iScsiPrt - ok
21:17:05.0459 0x0c0c  [ DB917B998CBC15A153C00DD6EFC34C13, 5FF4DA2C2D567AAD435730EA910016F2E9DE8BDF0A414A477B72248D16A47115 ] JMCR            C:\Windows\system32\DRIVERS\jmcr.sys
21:17:05.0471 0x0c0c  JMCR - ok
21:17:05.0511 0x0c0c  [ DE4B2249D95C7815D06A39EA5FF4EE53, 66D5404721A733BB4DA1D517819BCE66550FB3884F2C061E11B5C58DC6CE43CC ] JME             C:\Windows\system32\DRIVERS\JME.sys
21:17:05.0518 0x0c0c  JME - ok
21:17:05.0528 0x0c0c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:17:05.0537 0x0c0c  kbdclass - ok
21:17:05.0549 0x0c0c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
21:17:05.0563 0x0c0c  kbdhid - ok
21:17:05.0586 0x0c0c  [ E63EF8C3271D014F14E2469CE75FECB4, 3A8DFA4B446AFDC35F01FD5218D0BEBC510A1E3DE9976210F00D19767D0F9069 ] kbfiltr         C:\Windows\system32\DRIVERS\kbfiltr.sys
21:17:05.0589 0x0c0c  kbfiltr - ok
21:17:05.0608 0x0c0c  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] KeyIso          C:\Windows\system32\lsass.exe
21:17:05.0612 0x0c0c  KeyIso - ok
21:17:05.0647 0x0c0c  [ 97A7070AEA4C058B6418519E869A63B4, 15345C2D6CA159BD498002974A0BD21CAB611124D85E3320248B47652AEF23C8 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:17:05.0653 0x0c0c  KSecDD - ok
21:17:05.0681 0x0c0c  [ 26C43A7C2862447EC59DEDA188D1DA07, 5363BF87E650FE2010ACA9417D6920FF4ED752256FF47732882E9B2BA1ED154B ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:17:05.0690 0x0c0c  KSecPkg - ok
21:17:05.0706 0x0c0c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
21:17:05.0709 0x0c0c  ksthunk - ok
21:17:05.0752 0x0c0c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:17:05.0775 0x0c0c  KtmRm - ok
21:17:05.0827 0x0c0c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:17:05.0901 0x0c0c  LanmanServer - ok
21:17:05.0943 0x0c0c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:17:05.0992 0x0c0c  LanmanWorkstation - ok
21:17:06.0013 0x0c0c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:17:06.0018 0x0c0c  lltdio - ok
21:17:06.0055 0x0c0c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:17:06.0079 0x0c0c  lltdsvc - ok
21:17:06.0098 0x0c0c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:17:06.0104 0x0c0c  lmhosts - ok
21:17:06.0169 0x0c0c  [ A1C148801B4AF64847AEB9F3AD9594EF, FF6ED89EA47DF74C33CD8BFAC48FAED1B979348ABA6B6D94EE07CBD21810F37B ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
21:17:06.0180 0x0c0c  LMS - ok
21:17:06.0217 0x0c0c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
21:17:06.0223 0x0c0c  LSI_FC - ok
21:17:06.0239 0x0c0c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
21:17:06.0245 0x0c0c  LSI_SAS - ok
21:17:06.0265 0x0c0c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:17:06.0270 0x0c0c  LSI_SAS2 - ok
21:17:06.0278 0x0c0c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:17:06.0284 0x0c0c  LSI_SCSI - ok
21:17:06.0305 0x0c0c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
21:17:06.0311 0x0c0c  luafv - ok
21:17:06.0324 0x0c0c  [ 085435AE1A124361304044029B5CC644, FEEDB68A3A31B31DD2550591E220A25FCAA8EF1A4BC87EA2750E73E2BE56848D ] lullaby         C:\Windows\system32\DRIVERS\lullaby.sys
21:17:06.0327 0x0c0c  lullaby - ok
21:17:06.0373 0x0c0c  [ FD5465B876D55534117963FAAA4B9DFC, 63A822A1EEEC42C30CCC9477431E310E3D360489A68BBCD805124681F21C0B6B ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
21:17:06.0376 0x0c0c  MBAMProtector - ok
21:17:06.0560 0x0c0c  [ 0E08BDD7326E657D59DB40BAD23D8169, 428C6CCCC0BB540DFD35847776140D60C186B9D2D14F0ACCD1A4D42A8877BD98 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
21:17:06.0687 0x0c0c  MBAMScheduler - ok
21:17:06.0729 0x0c0c  [ A8E7F3DB083EB0839DFC1C763CDD2594, BDF416E360A52130B23B029C89E6406A97FB0516C52C7E63B94CAECEEB431A2E ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
21:17:06.0770 0x0c0c  MBAMService - ok
21:17:06.0831 0x0c0c  [ 6140163BFE9D8F2DFDBA088ED5521C13, B7B501F0D1527A15B1610D133E97AB431574502F0553734009627488D0007595 ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
21:17:06.0836 0x0c0c  MBAMSwissArmy - ok
21:17:06.0852 0x0c0c  [ C49915271600CFC2305FAA4271D0002F, 8412989C50579C79F27E4F9B178B2FF944C8F221AD70D213279D888F5449F868 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
21:17:06.0857 0x0c0c  MBAMWebAccessControl - ok
21:17:06.0887 0x0c0c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:17:06.0895 0x0c0c  Mcx2Svc - ok
21:17:06.0920 0x0c0c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
21:17:06.0923 0x0c0c  megasas - ok
21:17:06.0952 0x0c0c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
21:17:06.0963 0x0c0c  MegaSR - ok
21:17:07.0003 0x0c0c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
21:17:07.0010 0x0c0c  MMCSS - ok
21:17:07.0030 0x0c0c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
21:17:07.0034 0x0c0c  Modem - ok
21:17:07.0055 0x0c0c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:17:07.0058 0x0c0c  monitor - ok
21:17:07.0107 0x0c0c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:17:07.0113 0x0c0c  mouclass - ok
21:17:07.0135 0x0c0c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:17:07.0140 0x0c0c  mouhid - ok
21:17:07.0174 0x0c0c  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:17:07.0180 0x0c0c  mountmgr - ok
21:17:07.0248 0x0c0c  [ E1B6FCAE82474FC071155263E2841D54, 341E2CEB1A86586730130311C4FAF86851151D5F08EF915A5F89B6C4094AE1F4 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:17:07.0258 0x0c0c  MozillaMaintenance - ok
21:17:07.0312 0x0c0c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:17:07.0324 0x0c0c  mpio - ok
21:17:07.0361 0x0c0c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:17:07.0369 0x0c0c  mpsdrv - ok
21:17:07.0445 0x0c0c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:17:07.0499 0x0c0c  MpsSvc - ok
21:17:07.0531 0x0c0c  [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:17:07.0539 0x0c0c  MRxDAV - ok
21:17:07.0576 0x0c0c  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:17:07.0584 0x0c0c  mrxsmb - ok
21:17:07.0609 0x0c0c  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:17:07.0622 0x0c0c  mrxsmb10 - ok
21:17:07.0630 0x0c0c  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:17:07.0637 0x0c0c  mrxsmb20 - ok
21:17:07.0665 0x0c0c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:17:07.0668 0x0c0c  msahci - ok
21:17:07.0696 0x0c0c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:17:07.0703 0x0c0c  msdsm - ok
21:17:07.0720 0x0c0c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
21:17:07.0730 0x0c0c  MSDTC - ok
21:17:07.0745 0x0c0c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:17:07.0748 0x0c0c  Msfs - ok
21:17:07.0760 0x0c0c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:17:07.0763 0x0c0c  mshidkmdf - ok
21:17:07.0784 0x0c0c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:17:07.0786 0x0c0c  msisadrv - ok
21:17:07.0816 0x0c0c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:17:07.0825 0x0c0c  MSiSCSI - ok
21:17:07.0829 0x0c0c  msiserver - ok
21:17:07.0871 0x0c0c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:17:07.0874 0x0c0c  MSKSSRV - ok
21:17:07.0883 0x0c0c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:17:07.0886 0x0c0c  MSPCLOCK - ok
21:17:07.0896 0x0c0c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:17:07.0898 0x0c0c  MSPQM - ok
21:17:07.0948 0x0c0c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:17:07.0961 0x0c0c  MsRPC - ok
21:17:07.0990 0x0c0c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
21:17:07.0993 0x0c0c  mssmbios - ok
21:17:08.0013 0x0c0c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:17:08.0015 0x0c0c  MSTEE - ok
21:17:08.0036 0x0c0c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
21:17:08.0038 0x0c0c  MTConfig - ok
21:17:08.0066 0x0c0c  [ 032D35C996F21D19A205A7C8F0B76F3C, 1A1C5BD7204BB937A05E201BCC0840B2C8E4B273D8E1D6D9407264FB4C57F014 ] MTsensor        C:\Windows\system32\DRIVERS\ATK64AMD.sys
21:17:08.0069 0x0c0c  MTsensor - ok
21:17:08.0089 0x0c0c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
21:17:08.0094 0x0c0c  Mup - ok
21:17:08.0134 0x0c0c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
21:17:08.0166 0x0c0c  napagent - ok
21:17:08.0202 0x0c0c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:17:08.0213 0x0c0c  NativeWifiP - ok
21:17:08.0286 0x0c0c  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:17:08.0344 0x0c0c  NDIS - ok
21:17:08.0360 0x0c0c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:17:08.0363 0x0c0c  NdisCap - ok
21:17:08.0382 0x0c0c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:17:08.0385 0x0c0c  NdisTapi - ok
21:17:08.0415 0x0c0c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:17:08.0419 0x0c0c  Ndisuio - ok
21:17:08.0439 0x0c0c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:17:08.0446 0x0c0c  NdisWan - ok
21:17:08.0478 0x0c0c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:17:08.0482 0x0c0c  NDProxy - ok
21:17:08.0507 0x0c0c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:17:08.0511 0x0c0c  NetBIOS - ok
21:17:08.0544 0x0c0c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:17:08.0552 0x0c0c  NetBT - ok
21:17:08.0563 0x0c0c  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] Netlogon        C:\Windows\system32\lsass.exe
21:17:08.0568 0x0c0c  Netlogon - ok
21:17:08.0602 0x0c0c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
21:17:08.0626 0x0c0c  Netman - ok
21:17:08.0663 0x0c0c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
21:17:08.0681 0x0c0c  netprofm - ok
21:17:08.0708 0x0c0c  [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:17:08.0712 0x0c0c  NetTcpPortSharing - ok
21:17:08.0734 0x0c0c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
21:17:08.0738 0x0c0c  nfrd960 - ok
21:17:08.0764 0x0c0c  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:17:08.0784 0x0c0c  NlaSvc - ok
21:17:08.0797 0x0c0c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:17:08.0801 0x0c0c  Npfs - ok
21:17:08.0820 0x0c0c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
21:17:08.0826 0x0c0c  nsi - ok
21:17:08.0845 0x0c0c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:17:08.0847 0x0c0c  nsiproxy - ok
21:17:08.0935 0x0c0c  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:17:09.0032 0x0c0c  Ntfs - ok
21:17:09.0055 0x0c0c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
21:17:09.0057 0x0c0c  Null - ok
21:17:09.0096 0x0c0c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:17:09.0103 0x0c0c  nvraid - ok
21:17:09.0116 0x0c0c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:17:09.0124 0x0c0c  nvstor - ok
21:17:09.0148 0x0c0c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:17:09.0153 0x0c0c  nv_agp - ok
21:17:09.0187 0x0c0c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:17:09.0191 0x0c0c  ohci1394 - ok
21:17:09.0229 0x0c0c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:17:09.0243 0x0c0c  p2pimsvc - ok
21:17:09.0289 0x0c0c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
21:17:09.0311 0x0c0c  p2psvc - ok
21:17:09.0336 0x0c0c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
21:17:09.0340 0x0c0c  Parport - ok
21:17:09.0368 0x0c0c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:17:09.0373 0x0c0c  partmgr - ok
21:17:09.0391 0x0c0c  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:17:09.0401 0x0c0c  PcaSvc - ok
21:17:09.0422 0x0c0c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
21:17:09.0430 0x0c0c  pci - ok
21:17:09.0434 0x0c0c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
21:17:09.0437 0x0c0c  pciide - ok
21:17:09.0459 0x0c0c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
21:17:09.0468 0x0c0c  pcmcia - ok
21:17:09.0474 0x0c0c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:17:09.0478 0x0c0c  pcw - ok
21:17:09.0522 0x0c0c  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:17:09.0559 0x0c0c  PEAUTH - ok
21:17:09.0649 0x0c0c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:17:09.0658 0x0c0c  PerfHost - ok
21:17:09.0753 0x0c0c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
21:17:09.0831 0x0c0c  pla - ok
21:17:09.0893 0x0c0c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:17:09.0938 0x0c0c  PlugPlay - ok
21:17:09.0967 0x0c0c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:17:09.0974 0x0c0c  PNRPAutoReg - ok
21:17:09.0995 0x0c0c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:17:10.0007 0x0c0c  PNRPsvc - ok
21:17:10.0034 0x0c0c  [ 34A8FAE065249F85A67A3215FF5ECB34, 913297755C1046BA004E79660B7DA5BBE5E92B96AAA83D78AE3FF379371950D5 ] Point64         C:\Windows\system32\DRIVERS\point64.sys
21:17:10.0037 0x0c0c  Point64 - ok
21:17:10.0080 0x0c0c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:17:10.0101 0x0c0c  PolicyAgent - ok
21:17:10.0130 0x0c0c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
21:17:10.0142 0x0c0c  Power - ok
21:17:10.0167 0x0c0c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:17:10.0173 0x0c0c  PptpMiniport - ok
21:17:10.0205 0x0c0c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
21:17:10.0210 0x0c0c  Processor - ok
21:17:10.0237 0x0c0c  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
21:17:10.0248 0x0c0c  ProfSvc - ok
21:17:10.0263 0x0c0c  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] ProtectedStorage C:\Windows\system32\lsass.exe
21:17:10.0267 0x0c0c  ProtectedStorage - ok
21:17:10.0298 0x0c0c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:17:10.0303 0x0c0c  Psched - ok
21:17:10.0381 0x0c0c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
21:17:10.0457 0x0c0c  ql2300 - ok
21:17:10.0505 0x0c0c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
21:17:10.0515 0x0c0c  ql40xx - ok
21:17:10.0575 0x0c0c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
21:17:10.0616 0x0c0c  QWAVE - ok
21:17:10.0628 0x0c0c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:17:10.0632 0x0c0c  QWAVEdrv - ok
21:17:10.0654 0x0c0c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:17:10.0657 0x0c0c  RasAcd - ok
21:17:10.0692 0x0c0c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:17:10.0696 0x0c0c  RasAgileVpn - ok
21:17:10.0717 0x0c0c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
21:17:10.0726 0x0c0c  RasAuto - ok
21:17:10.0742 0x0c0c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:17:10.0749 0x0c0c  Rasl2tp - ok
21:17:10.0778 0x0c0c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
21:17:10.0800 0x0c0c  RasMan - ok
21:17:10.0815 0x0c0c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:17:10.0820 0x0c0c  RasPppoe - ok
21:17:10.0827 0x0c0c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:17:10.0831 0x0c0c  RasSstp - ok
21:17:10.0862 0x0c0c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:17:10.0873 0x0c0c  rdbss - ok
21:17:10.0891 0x0c0c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
21:17:10.0893 0x0c0c  rdpbus - ok
21:17:10.0913 0x0c0c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:17:10.0915 0x0c0c  RDPCDD - ok
21:17:10.0923 0x0c0c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:17:10.0924 0x0c0c  RDPENCDD - ok
21:17:10.0930 0x0c0c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:17:10.0932 0x0c0c  RDPREFMP - ok
21:17:10.0962 0x0c0c  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:17:10.0971 0x0c0c  RDPWD - ok
21:17:11.0017 0x0c0c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:17:11.0041 0x0c0c  rdyboost - ok
21:17:11.0105 0x0c0c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:17:11.0118 0x0c0c  RemoteAccess - ok
21:17:11.0157 0x0c0c  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
21:17:11.0169 0x0c0c  RFCOMM - ok
21:17:11.0203 0x0c0c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:17:11.0218 0x0c0c  RpcEptMapper - ok
21:17:11.0240 0x0c0c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
21:17:11.0249 0x0c0c  RpcLocator - ok
21:17:11.0298 0x0c0c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
21:17:11.0332 0x0c0c  RpcSs - ok
21:17:11.0347 0x0c0c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:17:11.0353 0x0c0c  rspndr - ok
21:17:11.0363 0x0c0c  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] SamSs           C:\Windows\system32\lsass.exe
21:17:11.0369 0x0c0c  SamSs - ok
21:17:11.0441 0x0c0c  [ 035DD5D74ED74DE036113CAE60FE55B3, 8AD2151CA39423CF7AD627A331C551B9C4C77C7D037F200DD08000D9952A1636 ] SbieDrv         C:\Program Files\Sandboxie\SbieDrv.sys
21:17:11.0451 0x0c0c  SbieDrv - ok
21:17:11.0469 0x0c0c  [ 6EEE34E7F3C46C0111EE16DB30D289D1, 060B91CF6455C2FECC3AFAF58CF9C23C3FF14D6C3BD0836BAEC56F61D3AD112B ] SbieSvc         C:\Program Files\Sandboxie\SbieSvc.exe
21:17:11.0481 0x0c0c  SbieSvc - ok
21:17:11.0502 0x0c0c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:17:11.0508 0x0c0c  sbp2port - ok
21:17:11.0539 0x0c0c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:17:11.0553 0x0c0c  SCardSvr - ok
21:17:11.0590 0x0c0c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:17:11.0593 0x0c0c  scfilter - ok
21:17:11.0680 0x0c0c  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
21:17:11.0735 0x0c0c  Schedule - ok
21:17:11.0757 0x0c0c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:17:11.0760 0x0c0c  SCPolicySvc - ok
21:17:11.0787 0x0c0c  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\drivers\sdbus.sys
21:17:11.0793 0x0c0c  sdbus - ok
21:17:11.0821 0x0c0c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:17:11.0832 0x0c0c  SDRSVC - ok
21:17:11.0861 0x0c0c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:17:11.0864 0x0c0c  secdrv - ok
21:17:11.0885 0x0c0c  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
21:17:11.0893 0x0c0c  seclogon - ok
21:17:11.0919 0x0c0c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
21:17:11.0926 0x0c0c  SENS - ok
21:17:11.0941 0x0c0c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:17:11.0948 0x0c0c  SensrSvc - ok
21:17:11.0965 0x0c0c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
21:17:11.0968 0x0c0c  Serenum - ok
21:17:11.0988 0x0c0c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
21:17:11.0993 0x0c0c  Serial - ok
21:17:12.0013 0x0c0c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
21:17:12.0016 0x0c0c  sermouse - ok
21:17:12.0044 0x0c0c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
21:17:12.0053 0x0c0c  SessionEnv - ok
21:17:12.0086 0x0c0c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:17:12.0090 0x0c0c  sffdisk - ok
21:17:12.0108 0x0c0c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:17:12.0111 0x0c0c  sffp_mmc - ok
21:17:12.0126 0x0c0c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:17:12.0129 0x0c0c  sffp_sd - ok
21:17:12.0159 0x0c0c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
21:17:12.0161 0x0c0c  sfloppy - ok
21:17:12.0225 0x0c0c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:17:12.0262 0x0c0c  SharedAccess - ok
21:17:12.0302 0x0c0c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:17:12.0324 0x0c0c  ShellHWDetection - ok
21:17:12.0351 0x0c0c  [ 1BC348CF6BAA90EC8E533EF6E6A69933, 2B26F6EB701F48E092DED6A7B888F24736F2899EE81D54DD4B1E9DF7CFD36E7A ] SiSGbeLH        C:\Windows\system32\DRIVERS\SiSG664.sys
21:17:12.0355 0x0c0c  SiSGbeLH - ok
21:17:12.0375 0x0c0c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:17:12.0378 0x0c0c  SiSRaid2 - ok
21:17:12.0399 0x0c0c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
21:17:12.0404 0x0c0c  SiSRaid4 - ok
21:17:12.0417 0x0c0c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:17:12.0421 0x0c0c  Smb - ok
21:17:12.0458 0x0c0c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:17:12.0465 0x0c0c  SNMPTRAP - ok
21:17:12.0572 0x0c0c  [ 1D8474722CDFFBB8FCA5FA12C50A05A2, C0B8B8DDDC1CEDD92FE6DA4DF4FBE036D3C71822128C417B7B978E7B86C6C29D ] SNP2UVC         C:\Windows\system32\DRIVERS\snp2uvc.sys
21:17:12.0715 0x0c0c  SNP2UVC - ok
21:17:12.0730 0x0c0c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:17:12.0733 0x0c0c  spldr - ok
21:17:12.0782 0x0c0c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
21:17:12.0816 0x0c0c  Spooler - ok
21:17:12.0996 0x0c0c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
21:17:13.0190 0x0c0c  sppsvc - ok
21:17:13.0231 0x0c0c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:17:13.0239 0x0c0c  sppuinotify - ok
21:17:13.0279 0x0c0c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:17:13.0300 0x0c0c  srv - ok
21:17:13.0316 0x0c0c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:17:13.0330 0x0c0c  srv2 - ok
21:17:13.0340 0x0c0c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:17:13.0348 0x0c0c  srvnet - ok
21:17:13.0369 0x0c0c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:17:13.0381 0x0c0c  SSDPSRV - ok
21:17:13.0421 0x0c0c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:17:13.0430 0x0c0c  SstpSvc - ok
21:17:13.0456 0x0c0c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
21:17:13.0459 0x0c0c  stexstor - ok
21:17:13.0515 0x0c0c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
21:17:13.0561 0x0c0c  stisvc - ok
21:17:13.0588 0x0c0c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
21:17:13.0591 0x0c0c  swenum - ok
21:17:13.0629 0x0c0c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
21:17:13.0666 0x0c0c  swprv - ok
21:17:13.0790 0x0c0c  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
21:17:13.0889 0x0c0c  SysMain - ok
21:17:14.0003 0x0c0c  [ C7A3D0DA9A546B9127A88CDFC514A531, 7234E42EC90A393626B5F528151952F248F790AD40BB6B966EC4FB5D9BB6059C ] SystemStoreService C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe
21:17:14.0018 0x0c0c  SystemStoreService - ok
21:17:14.0058 0x0c0c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:17:14.0068 0x0c0c  TabletInputService - ok
21:17:14.0095 0x0c0c  [ 83C57F165F0216E5CE40D7E4E00DC76D, F3740283A5DB8EF69A6A2AC52D6506FBA5423C6548AAF3A272A13F9F582A2792 ] taphss6         C:\Windows\system32\DRIVERS\taphss6.sys
21:17:14.0111 0x0c0c  taphss6 - ok
21:17:14.0140 0x0c0c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:17:14.0164 0x0c0c  TapiSrv - ok
21:17:14.0218 0x0c0c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
21:17:14.0235 0x0c0c  TBS - ok
21:17:14.0351 0x0c0c  [ DB74544B75566C974815E79A62433F29, 035EBF70FDA28CF2B6C1FD7EE0ED703DB4B647064B5DBA6E258878A19B1BCCA4 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:17:14.0461 0x0c0c  Tcpip - ok
21:17:14.0541 0x0c0c  [ DB74544B75566C974815E79A62433F29, 035EBF70FDA28CF2B6C1FD7EE0ED703DB4B647064B5DBA6E258878A19B1BCCA4 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:17:14.0585 0x0c0c  TCPIP6 - ok
21:17:14.0627 0x0c0c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:17:14.0631 0x0c0c  tcpipreg - ok
21:17:14.0662 0x0c0c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:17:14.0665 0x0c0c  TDPIPE - ok
21:17:14.0691 0x0c0c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:17:14.0695 0x0c0c  TDTCP - ok
21:17:14.0728 0x0c0c  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:17:14.0734 0x0c0c  tdx - ok
21:17:14.0767 0x0c0c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
21:17:14.0772 0x0c0c  TermDD - ok
21:17:14.0811 0x0c0c  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
21:17:14.0857 0x0c0c  TermService - ok
21:17:14.0880 0x0c0c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
21:17:14.0888 0x0c0c  Themes - ok
21:17:14.0925 0x0c0c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
21:17:14.0930 0x0c0c  THREADORDER - ok
21:17:14.0955 0x0c0c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
21:17:14.0966 0x0c0c  TrkWks - ok
21:17:15.0013 0x0c0c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:17:15.0054 0x0c0c  TrustedInstaller - ok
21:17:15.0095 0x0c0c  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:17:15.0102 0x0c0c  tssecsrv - ok
21:17:15.0129 0x0c0c  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:17:15.0135 0x0c0c  TsUsbFlt - ok
21:17:15.0291 0x0c0c  [ 535A376629A37E03F993D769490E8EED, 07EFAC0F88B5784AEDFA55746A49D720AE6F328FB3ABBB89CD9E5B9EEEE80EDA ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
21:17:15.0404 0x0c0c  TuneUp.UtilitiesSvc - ok
21:17:15.0427 0x0c0c  [ DCC94C51D27C7EC0DADECA8F64C94FCF, 90C978C2284C9BDE3EFA1124616D824E0C361C388293FA22DBC8C3B70C920574 ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys
21:17:15.0430 0x0c0c  TuneUpUtilitiesDrv - ok
21:17:15.0461 0x0c0c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:17:15.0467 0x0c0c  tunnel - ok
21:17:15.0505 0x0c0c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
21:17:15.0511 0x0c0c  uagp35 - ok
21:17:15.0554 0x0c0c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:17:15.0578 0x0c0c  udfs - ok
21:17:15.0629 0x0c0c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:17:15.0644 0x0c0c  UI0Detect - ok
21:17:15.0681 0x0c0c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:17:15.0686 0x0c0c  uliagpkx - ok
21:17:15.0706 0x0c0c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
21:17:15.0710 0x0c0c  umbus - ok
21:17:15.0733 0x0c0c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
21:17:15.0736 0x0c0c  UmPass - ok
21:17:15.0881 0x0c0c  [ 41118D920B2B268C0ADC36421248CDCF, 4F99C4913DCFE02B0783FD97F02558E4DD4D7C98553D95A8E26FAAA0C0D67616 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
21:17:16.0009 0x0c0c  UNS - ok
21:17:16.0071 0x0c0c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
21:17:16.0112 0x0c0c  upnphost - ok
21:17:16.0147 0x0c0c  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
21:17:16.0153 0x0c0c  USBAAPL64 - ok
21:17:16.0176 0x0c0c  [ 6F1A3157A1C89435352CEB543CDB359C, 325B46220779C5FE3B6F19FF794474837FAB9675D9C98ACB68CCE47B1CFE5F12 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:17:16.0185 0x0c0c  usbccgp - ok
21:17:16.0215 0x0c0c  [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:17:16.0222 0x0c0c  usbcir - ok
21:17:16.0247 0x0c0c  [ C025055FE7B87701EB042095DF1A2D7B, D7B34B6C2C5BD3C8141895AC21BB637EA5E3C4F7A85EEF4C4C36E6BB2045A3D9 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
21:17:16.0252 0x0c0c  usbehci - ok
21:17:16.0288 0x0c0c  [ 287C6C9410B111B68B52CA298F7B8C24, 98900C08FE662A00DF8B37837B2BEBF9ACB7989C387AF36B2109B05A4F462D4E ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:17:16.0314 0x0c0c  usbhub - ok
21:17:16.0332 0x0c0c  [ 9840FC418B4CBD632D3D0A667A725C31, 776D86A032DCA2842EF7AADB35473193CA80547223EFAA7F110F296C377077B0 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
21:17:16.0336 0x0c0c  usbohci - ok
21:17:16.0361 0x0c0c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
21:17:16.0365 0x0c0c  usbprint - ok
21:17:16.0402 0x0c0c  [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
21:17:16.0407 0x0c0c  usbscan - ok
21:17:16.0428 0x0c0c  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:17:16.0435 0x0c0c  USBSTOR - ok
21:17:16.0456 0x0c0c  [ 62069A34518BCF9C1FD9E74B3F6DB7CD, C58E21424718729324B285BEE1C96551540FCC3FD650B2D10895EBA48D981E25 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
21:17:16.0473 0x0c0c  usbuhci - ok
21:17:16.0517 0x0c0c  [ 454800C2BC7F3927CE030141EE4F4C50, 10901E62DAA70657C499AD590DECCCA6E46FDDF4A193B2F19279E1B8ED7B1E44 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
21:17:16.0528 0x0c0c  usbvideo - ok
21:17:16.0560 0x0c0c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
21:17:16.0572 0x0c0c  UxSms - ok
21:17:16.0591 0x0c0c  [ 6F10C7FF1F1E3F45D7E20DD6E398682E, 81A16C59CB5EF949C62A3327AE721A0AE79A72B50150CC5EA521A78C6D01A0AE ] UxTuneUp        C:\Windows\System32\uxtuneup.dll
21:17:16.0600 0x0c0c  UxTuneUp - ok
21:17:16.0608 0x0c0c  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] VaultSvc        C:\Windows\system32\lsass.exe
21:17:16.0612 0x0c0c  VaultSvc - ok
21:17:16.0635 0x0c0c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:17:16.0639 0x0c0c  vdrvroot - ok
21:17:16.0677 0x0c0c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
21:17:16.0713 0x0c0c  vds - ok
21:17:16.0753 0x0c0c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:17:16.0756 0x0c0c  vga - ok
21:17:16.0767 0x0c0c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:17:16.0771 0x0c0c  VgaSave - ok
21:17:16.0818 0x0c0c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
21:17:16.0828 0x0c0c  vhdmp - ok
21:17:16.0860 0x0c0c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:17:16.0863 0x0c0c  viaide - ok
21:17:16.0893 0x0c0c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:17:16.0897 0x0c0c  volmgr - ok
21:17:16.0927 0x0c0c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:17:16.0938 0x0c0c  volmgrx - ok
21:17:16.0960 0x0c0c  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:17:16.0971 0x0c0c  volsnap - ok
21:17:17.0004 0x0c0c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
21:17:17.0016 0x0c0c  vsmraid - ok
21:17:17.0140 0x0c0c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
21:17:17.0260 0x0c0c  VSS - ok
21:17:17.0273 0x0c0c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
21:17:17.0276 0x0c0c  vwifibus - ok
21:17:17.0287 0x0c0c  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
21:17:17.0291 0x0c0c  vwififlt - ok
21:17:17.0319 0x0c0c  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
21:17:17.0322 0x0c0c  vwifimp - ok
21:17:17.0359 0x0c0c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
21:17:17.0381 0x0c0c  W32Time - ok
21:17:17.0396 0x0c0c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
21:17:17.0399 0x0c0c  WacomPen - ok
21:17:17.0419 0x0c0c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:17:17.0424 0x0c0c  WANARP - ok
21:17:17.0429 0x0c0c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:17:17.0433 0x0c0c  Wanarpv6 - ok
21:17:17.0547 0x0c0c  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
21:17:17.0644 0x0c0c  WatAdminSvc - ok
21:17:17.0733 0x0c0c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
21:17:17.0812 0x0c0c  wbengine - ok
21:17:17.0853 0x0c0c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:17:17.0867 0x0c0c  WbioSrvc - ok
21:17:17.0908 0x0c0c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:17:17.0930 0x0c0c  wcncsvc - ok
21:17:17.0953 0x0c0c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:17:17.0961 0x0c0c  WcsPlugInService - ok
21:17:17.0983 0x0c0c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
21:17:17.0986 0x0c0c  Wd - ok
21:17:18.0058 0x0c0c  [ 442783E2CB0DA19873B7A63833FF4CB4, 09254970265476214F3187CC22A4F9C7C2769D419600E83FBE302C3A103E527F ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:17:18.0126 0x0c0c  Wdf01000 - ok
21:17:18.0181 0x0c0c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:17:18.0197 0x0c0c  WdiServiceHost - ok
21:17:18.0207 0x0c0c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:17:18.0215 0x0c0c  WdiSystemHost - ok
21:17:18.0259 0x0c0c  [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient       C:\Windows\System32\webclnt.dll
21:17:18.0284 0x0c0c  WebClient - ok
21:17:18.0322 0x0c0c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:17:18.0337 0x0c0c  Wecsvc - ok
21:17:18.0348 0x0c0c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:17:18.0357 0x0c0c  wercplsupport - ok
21:17:18.0367 0x0c0c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:17:18.0377 0x0c0c  WerSvc - ok
21:17:18.0394 0x0c0c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:17:18.0397 0x0c0c  WfpLwf - ok
21:17:18.0426 0x0c0c  [ 52DED146E4797E6CCF94799E8E22BB2A, 57A29260D81AA3AD3F8C29E9CFA7CE3970D7A8BF673ADD9B256EE76C7DEC080E ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
21:17:18.0435 0x0c0c  WimFltr - ok
21:17:18.0464 0x0c0c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:17:18.0467 0x0c0c  WIMMount - ok
21:17:18.0497 0x0c0c  WinDefend - ok
21:17:18.0516 0x0c0c  WinHttpAutoProxySvc - ok
21:17:18.0609 0x0c0c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:17:18.0666 0x0c0c  Winmgmt - ok
21:17:18.0800 0x0c0c  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
21:17:18.0931 0x0c0c  WinRM - ok
21:17:18.0983 0x0c0c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
21:17:18.0986 0x0c0c  WinUsb - ok
21:17:19.0074 0x0c0c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:17:19.0119 0x0c0c  Wlansvc - ok
21:17:19.0149 0x0c0c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
21:17:19.0151 0x0c0c  WmiAcpi - ok
21:17:19.0182 0x0c0c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:17:19.0191 0x0c0c  wmiApSrv - ok
21:17:19.0210 0x0c0c  WMPNetworkSvc - ok
21:17:19.0234 0x0c0c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:17:19.0243 0x0c0c  WPCSvc - ok
21:17:19.0277 0x0c0c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:17:19.0288 0x0c0c  WPDBusEnum - ok
21:17:19.0317 0x0c0c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:17:19.0320 0x0c0c  ws2ifsl - ok
21:17:19.0339 0x0c0c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
21:17:19.0348 0x0c0c  wscsvc - ok
21:17:19.0369 0x0c0c  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
21:17:19.0372 0x0c0c  WSDPrintDevice - ok
21:17:19.0382 0x0c0c  [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys
21:17:19.0385 0x0c0c  WSDScan - ok
21:17:19.0389 0x0c0c  WSearch - ok
21:17:19.0546 0x0c0c  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:17:19.0689 0x0c0c  wuauserv - ok
21:17:19.0720 0x0c0c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:17:19.0725 0x0c0c  WudfPf - ok
21:17:19.0759 0x0c0c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:17:19.0768 0x0c0c  WUDFRd - ok
21:17:19.0818 0x0c0c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:17:19.0827 0x0c0c  wudfsvc - ok
21:17:19.0868 0x0c0c  [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:17:19.0890 0x0c0c  WwanSvc - ok
21:17:19.0957 0x0c0c  [ 2EE48CFCE7CA8E0DB4C44C7476C0943B, 2C324592F3F2D50BABA7123B6F9FC922667CC132777E019FF615F2D6F273A45E ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
21:17:19.0965 0x0c0c  xusb21 - ok
21:17:19.0984 0x0c0c  ================ Scan global ===============================
21:17:20.0039 0x0c0c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
21:17:20.0068 0x0c0c  [ 0C27239FEA4DB8A2AAC9E502186B7264, 102AA14D7A3CCCE913D9887AF4CCE87EA649A21BEF5196DFFCAD7E8F0B6A7293 ] C:\Windows\system32\winsrv.dll
21:17:20.0101 0x0c0c  [ 0C27239FEA4DB8A2AAC9E502186B7264, 102AA14D7A3CCCE913D9887AF4CCE87EA649A21BEF5196DFFCAD7E8F0B6A7293 ] C:\Windows\system32\winsrv.dll
21:17:20.0138 0x0c0c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
21:17:20.0177 0x0c0c  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
21:17:20.0199 0x0c0c  [ Global ] - ok
21:17:20.0199 0x0c0c  ================ Scan MBR ==================================
21:17:20.0214 0x0c0c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:17:20.0523 0x0c0c  \Device\Harddisk0\DR0 - ok
21:17:20.0524 0x0c0c  ================ Scan VBR ==================================
21:17:20.0527 0x0c0c  [ 66D6EF12E8D2BD328F35869E8BE4FC3B ] \Device\Harddisk0\DR0\Partition1
21:17:20.0528 0x0c0c  \Device\Harddisk0\DR0\Partition1 - ok
21:17:20.0562 0x0c0c  [ 1A1F9245FDCA1EE5949DEEFF9E4994A4 ] \Device\Harddisk0\DR0\Partition2
21:17:20.0563 0x0c0c  \Device\Harddisk0\DR0\Partition2 - ok
21:17:20.0564 0x0c0c  Waiting for KSN requests completion. In queue: 76
21:17:21.0564 0x0c0c  Waiting for KSN requests completion. In queue: 76
21:17:22.0564 0x0c0c  Waiting for KSN requests completion. In queue: 76
21:17:23.0634 0x0c0c  AV detected via SS2: ESET NOD32 Antivirus 4.2, C:\Program Files\ESET\ESET NOD32 Antivirus\ecmd.exe ( 4.2.58.3 ), 0x41010 ( enabled : outofdate )
21:17:23.0642 0x0c0c  Win FW state via NFP2: enabled
21:17:26.0144 0x0c0c  ============================================================
21:17:26.0144 0x0c0c  Scan finished
21:17:26.0144 0x0c0c  ============================================================
21:17:26.0159 0x17a0  Detected object count: 0
21:17:26.0159 0x17a0  Actual detected object count: 0


#5 clefty123

clefty123
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:07:22 PM

Posted 21 May 2014 - 08:31 PM

step 3:

 

# AdwCleaner v3.210 - Report created 21/05/2014 at 21:25:37
# Updated 19/05/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Derek - DEREK-PC
# Running from : C:\Users\Derek\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
Service Deleted : hshld
[#] Service Deleted : hsstrayservice
Service Deleted : hsswd
[#] Service Deleted : SystemStoreService
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\hotspot shield
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\ProgramData\VisualBee
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hotspot shield
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\hotspot shield
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\SoftwareUpdater
Folder Deleted : C:\Program Files (x86)\Common Files\Software Update Utility
Folder Deleted : C:\Windows\SysWOW64\hotspot shield
Folder Deleted : C:\Users\Derek\AppData\Local\Conduit
Folder Deleted : C:\Users\Derek\AppData\Local\DownloadGuide
Folder Deleted : C:\Users\Derek\AppData\Local\SearchProtect
Folder Deleted : C:\Users\Derek\AppData\Local\Software_Updater
Folder Deleted : C:\Users\Derek\AppData\Local\SoftwareUpdater
Folder Deleted : C:\Users\Derek\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Derek\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Derek\AppData\Roaming\hotspot shield
Folder Deleted : C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\18tc0293.default\ConduitCommon
Folder Deleted : C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\51i6fgnl.default-1382170315327\Extensions\staged\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Folder Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\afurladvisor@anchorfree.com
File Deleted : C:\END
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.xpt
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.xpt
File Deleted : C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\18tc0293.default\user.js
File Deleted : C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\51i6fgnl.default-1382170315327\user.js
File Deleted : C:\Windows\System32\Tasks\Freemium1ClickMaint
File Deleted : C:\Windows\System32\Tasks\Software Updater Ui
File Deleted : C:\Windows\System32\Tasks\Software Updater
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3287804
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1F02FB61-2BE5-4C16-8199-AEAA16EB0342}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DB507187-9746-458C-97DA-C458131EEDE7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1185823F-F22F-4027-80E5-4F68ACD5DE5E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4B5C-9287-DA72D38F4FE6}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4B5C-9287-DA72D38F4FE6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{01947140-417F-46B6-8751-A3A2B8345E1A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{819FFE21-35C7-4925-8CDA-4E0E2DB94302}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DB507187-9746-458C-97DA-C458131EEDE7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\anchorfree
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\distromatic
Key Deleted : HKCU\Software\hotspotshield
Key Deleted : HKCU\Software\visualbee
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\hotspotshield
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\visualbee
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hotspotshield
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16660
 
 
-\\ Mozilla Firefox v29.0.1 (en-US)
 
[ File : C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\18tc0293.default\prefs.js ]
 
Line Deleted : user_pref("CT2260173..clientLogIsEnabled", false);
Line Deleted : user_pref("CT2260173..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT2260173..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CT2260173.1000082.isPlayDisplay", "true");
Line Deleted : user_pref("CT2260173.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description\":\"California Rock - Rock\",\"url\":\"hxxp://www.feedlive.net/california.asx\"}");
Line Deleted : user_pref("CT2260173.1000234.TWC_locId", "USPA0037");
Line Deleted : user_pref("CT2260173.1000234.TWC_temp_dis", "f");
Line Deleted : user_pref("CT2260173.1000234.weatherData", "{\"icon\":\"27.png\",\"temperature\":\"73°F\",\"temperatureClear\":\"73°F\",\"highTemperature\":\"73°F\",\"lowTemperature\":\"65°F\",\"feelsLike\":\"73°F\",[...]
Line Deleted : user_pref("CT2260173.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Line Deleted : user_pref("CT2260173.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Deleted : user_pref("CT2260173.AppTrackingLastCheckTime", "Mon Jul 09 2012 06:56:29 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT2260173.CT2260173", "CT2260173");
Line Deleted : user_pref("CT2260173.CurrentServerDate", "16-7-2013");
Line Deleted : user_pref("CT2260173.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT2260173.DialogsGetterLastCheckTime", "Wed Jul 10 2013 05:20:27 GMT-0400 (Eastern Standard Time)");
Line Deleted : user_pref("CT2260173.DownloadReferralCookieData", "{\"BannerName\":\"\",\"BannerTypeId\":\"\",\"BannerCulture\":\"\",\"DownloadTime\":\"9/9/2011 4:10:40 AM\",\"SourceId\":0,\"OriginSource\":0,\"Referr[...]
Line Deleted : user_pref("CT2260173.EMailNotifierPollDate", "Sun Jun 30 2013 23:44:41 GMT-0400 (Eastern Standard Time)");
Line Deleted : user_pref("CT2260173.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2260173.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2260173.FF19Solved", "true");
Line Deleted : user_pref("CT2260173.FeedLastCount128940659599556287", 0);
Line Deleted : user_pref("CT2260173.FeedPollDate128940659196275477", "Sun Jun 30 2013 23:44:41 GMT-0400 (Eastern Standard Time)");
Line Deleted : user_pref("CT2260173.FeedPollDate128940659574712536", "Sun Jun 30 2013 23:31:15 GMT-0400 (Eastern Standard Time)");
Line Deleted : user_pref("CT2260173.FeedTTL128940659574712536", 40);
Line Deleted : user_pref("CT2260173.FirstServerDate", "9-9-2011");
Line Deleted : user_pref("CT2260173.FirstTime", true);
Line Deleted : user_pref("CT2260173.FirstTimeFF3", true);
Line Deleted : user_pref("CT2260173.FixPageNotFoundErrors", false);
Line Deleted : user_pref("CT2260173.GroupingServerCheckInterval", 1440);
Line Deleted : user_pref("CT2260173.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Deleted : user_pref("CT2260173.HasUserGlobalKeys", true);
Line Deleted : user_pref("CT2260173.HomePageProtectorEnabled", false);
Line Deleted : user_pref("CT2260173.Initialize", true);
Line Deleted : user_pref("CT2260173.InitializeCommonPrefs", true);
Line Deleted : user_pref("CT2260173.InstallationAndCookieDataSentCount", 3);
Line Deleted : user_pref("CT2260173.InstallationType", "DirectDownload");
Line Deleted : user_pref("CT2260173.InstalledDate", "Thu Sep 08 2011 21:10:59 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT2260173.InvalidateCache", false);
Line Deleted : user_pref("CT2260173.IsAlertDBUpdated", true);
Line Deleted : user_pref("CT2260173.IsGrouping", false);
Line Deleted : user_pref("CT2260173.IsInitSetupIni", true);
Line Deleted : user_pref("CT2260173.IsMulticommunity", false);
Line Deleted : user_pref("CT2260173.IsOpenThankYouPage", true);
Line Deleted : user_pref("CT2260173.IsOpenUninstallPage", true);
Line Deleted : user_pref("CT2260173.IsProtectorsInit", true);
Line Deleted : user_pref("CT2260173.LanguagePackLastCheckTime", "Tue Jun 25 2013 23:03:35 GMT-0400 (Eastern Standard Time)");
Line Deleted : user_pref("CT2260173.LanguagePackReloadIntervalMM", 1440);
Line Deleted : user_pref("CT2260173.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Deleted : user_pref("CT2260173.LastLogin_3.10.0.1", "Thu Apr 19 2012 18:36:43 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT2260173.LastLogin_3.12.0.7", "Wed Apr 25 2012 03:10:45 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT2260173.LastLogin_3.12.2.3", "Sat Jun 09 2012 13:17:32 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT2260173.LastLogin_3.13.0.6", "Tue Jul 24 2012 03:03:01 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT2260173.LastLogin_3.14.1.0", "Sun Aug 26 2012 11:15:21 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT2260173.LastLogin_3.15.1.0", "Fri Nov 09 2012 14:50:20 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT2260173.LastLogin_3.16.0.3", "Sat Feb 09 2013 18:04:17 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT2260173.LastLogin_3.18.0.7", "Sat Jul 13 2013 15:38:49 GMT-0400 (Eastern Standard Time)");
Line Deleted : user_pref("CT2260173.LastLogin_3.19.0.3", "Tue Jul 16 2013 11:48:58 GMT-0400 (Eastern Standard Time)");
Line Deleted : user_pref("CT2260173.LastLogin_3.6.0.10", "Thu Sep 29 2011 23:02:26 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT2260173.LastLogin_3.7.0.6", "Tue Nov 15 2011 21:53:33 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT2260173.LastLogin_3.8.0.8", "Thu Dec 08 2011 23:12:37 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT2260173.LastLogin_3.8.1.0", "Mon Jan 09 2012 04:29:29 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT2260173.LastLogin_3.9.0.3", "Tue Mar 06 2012 21:08:30 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT2260173.LatestVersion", "3.19.0.3");
Line Deleted : user_pref("CT2260173.Locale", "en");
Line Deleted : user_pref("CT2260173.MCDetectTooltipHeight", "83");
Line Deleted : user_pref("CT2260173.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Deleted : user_pref("CT2260173.MCDetectTooltipWidth", "295");
Line Deleted : user_pref("CT2260173.MyStuffEnabledAtInstallation", true);
Line Deleted : user_pref("CT2260173.OriginalFirstVersion", "3.6.0.10");
Line Deleted : user_pref("CT2260173.RadioIsPodcast", false);
Line Deleted : user_pref("CT2260173.RadioLastCheckTime", "Sun Jun 30 2013 23:31:15 GMT-0400 (Eastern Standard Time)");
Line Deleted : user_pref("CT2260173.RadioLastUpdateIPServer", "3");
Line Deleted : user_pref("CT2260173.RadioLastUpdateServer", "130071331476930000");
Line Deleted : user_pref("CT2260173.RadioMediaID", "9909");
Line Deleted : user_pref("CT2260173.RadioMediaType", "Media Player");
Line Deleted : user_pref("CT2260173.RadioMenuSelectedID", "EBRadioMenu_CT22601739909");
Line Deleted : user_pref("CT2260173.RadioShrinkedFromSetup", false);
Line Deleted : user_pref("CT2260173.RadioStationName", "WQXR-FM%20NYC%20(Classical)");
Line Deleted : user_pref("CT2260173.RadioStationURL", "hxxp://htc-01.media.globix.net/COMP005996MOD1/meta/wqxr_live_high.asx");
Line Deleted : user_pref("CT2260173.SHRINK_TOOLBAR", 1);
Line Deleted : user_pref("CT2260173.SearchEngineBeforeUnload", "Swag Bucks Customized Web Search");
Line Deleted : user_pref("CT2260173.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("CT2260173.SearchInNewTabEnabled", true);
Line Deleted : user_pref("CT2260173.SearchInNewTabIntervalMM", 1440);
Line Deleted : user_pref("CT2260173.SearchInNewTabLastCheckTime", "Tue Jul 16 2013 11:48:57 GMT-0400 (Eastern Standard Time)");
Line Deleted : user_pref("CT2260173.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");
Line Deleted : user_pref("CT2260173.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usage.ashx?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT2260173.SearchProtectorEnabled", false);
Line Deleted : user_pref("CT2260173.SearchProtectorToolbarDisabled", false);
Line Deleted : user_pref("CT2260173.ServiceMapLastCheckTime", "Tue Jul 16 2013 11:48:57 GMT-0400 (Eastern Standard Time)");
Line Deleted : user_pref("CT2260173.SettingsLastCheckTime", "Tue Jul 16 2013 11:48:57 GMT-0400 (Eastern Standard Time)");
Line Deleted : user_pref("CT2260173.SettingsLastUpdate", "1373959823");
Line Deleted : user_pref("CT2260173.ThirdPartyComponentsInterval", 504);
Line Deleted : user_pref("CT2260173.ThirdPartyComponentsLastCheck", "Thu May 23 2013 23:53:29 GMT-0400 (Eastern Standard Time)");
Line Deleted : user_pref("CT2260173.ThirdPartyComponentsLastUpdate", "1331805997");
Line Deleted : user_pref("CT2260173.ToolbarShrinkedFromSetup", false);
Line Deleted : user_pref("CT2260173.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]
Line Deleted : user_pref("CT2260173.UserID", "UN39211541821057594");
Line Deleted : user_pref("CT2260173.ValidationData_Search", 2);
Line Deleted : user_pref("CT2260173.ValidationData_Toolbar", 2);
Line Deleted : user_pref("CT2260173.WeatherNetwork", "");
Line Deleted : user_pref("CT2260173.WeatherPollDate", "Sun Jun 30 2013 23:31:16 GMT-0400 (Eastern Standard Time)");
Line Deleted : user_pref("CT2260173.WeatherUnit", "F");
Line Deleted : user_pref("CT2260173.addressBarTakeOverEnabledInHidden", "true");
Line Deleted : user_pref("CT2260173.addressUrlXPETakeover", "true");
Line Deleted : user_pref("CT2260173.alertChannelId", "657446");
Line Deleted : user_pref("CT2260173.autoDisableScopes", 0);
Line Deleted : user_pref("CT2260173.backendstorage.sbmemberinfo", "7B22737461747573223A312C2273627476223A747275652C226461696C795362223A312C22616C6C6F7753686F704561726E223A747275652C226861735072666C223A747275652C2273[...]
Line Deleted : user_pref("CT2260173.backendstorage.welcome_screen_gk", "74727565");
Line Deleted : user_pref("CT2260173.components.1000034", true);
Line Deleted : user_pref("CT2260173.components.1000082", true);
Line Deleted : user_pref("CT2260173.components.1000234", true);
Line Deleted : user_pref("CT2260173.countryCode", "US");
Line Deleted : user_pref("CT2260173.defaultSearch", "false");
Line Deleted : user_pref("CT2260173.embeddedsData", "[{\"appId\":\"128848965243869715\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
Line Deleted : user_pref("CT2260173.enableAlerts", "always");
Line Deleted : user_pref("CT2260173.enableFix404ByUser", "FALSE");
Line Deleted : user_pref("CT2260173.enableSearchFromAddressBar", "true");
Line Deleted : user_pref("CT2260173.firstTimeDialogOpened", true);
Line Deleted : user_pref("CT2260173.fixPageNotFoundErrorByUser", "TRUE");
Line Deleted : user_pref("CT2260173.fixPageNotFoundErrorInHidden", "true");
Line Deleted : user_pref("CT2260173.fixUrls", true);
Line Deleted : user_pref("CT2260173.fullUserID", "UN39211541821057594.UP.20130721233748");
Line Deleted : user_pref("CT2260173.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
Line Deleted : user_pref("CT2260173.globalFirstTimeInfoLastCheckTime", "Thu May 23 2013 23:53:30 GMT-0400 (Eastern Standard Time)");
Line Deleted : user_pref("CT2260173.homepageProtectorEnableByLogin", true);
Line Deleted : user_pref("CT2260173.initDone", true);
Line Deleted : user_pref("CT2260173.installDate", "21/07/2013 23:37:48");
Line Deleted : user_pref("CT2260173.installId", "dm");
Line Deleted : user_pref("CT2260173.installSessionId", "31775829-00A2-4117-8D7B-A0BEE1F5EF69");
Line Deleted : user_pref("CT2260173.installSp", "true");
Line Deleted : user_pref("CT2260173.installType", "xpe");
Line Deleted : user_pref("CT2260173.installUsage", "2013-07-22T06:43:47.9942249+03:00");
Line Deleted : user_pref("CT2260173.installUsageEarly", "2013-07-22T06:43:48.0281974+03:00");
Line Deleted : user_pref("CT2260173.installerVersion", "1.5.4.4");
Line Deleted : user_pref("CT2260173.isAppTrackingManagerOn", false);
Line Deleted : user_pref("CT2260173.isCheckedStartAsHidden", true);
Line Deleted : user_pref("CT2260173.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2260173.isFirstRadioInstallation", false);
Line Deleted : user_pref("CT2260173.isFirstTimeToolbarLoading", "false");
Line Deleted : user_pref("CT2260173.isPerformedSmartBarTransition", "true");
Line Deleted : user_pref("CT2260173.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT2260173.keyword", "true");
Line Deleted : user_pref("CT2260173.lastVersion", "10.16.4.19");
Line Deleted : user_pref("CT2260173.mam_gk_installer_preapproved.enc", "dHJ1ZQ==");
Line Deleted : user_pref("CT2260173.migrateAppsAndComponents", true);
Line Deleted : user_pref("CT2260173.myStuffEnabled", true);
Line Deleted : user_pref("CT2260173.myStuffPublihserMinWidth", 400);
Line Deleted : user_pref("CT2260173.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Deleted : user_pref("CT2260173.myStuffServiceIntervalMM", 1440);
Line Deleted : user_pref("CT2260173.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Deleted : user_pref("CT2260173.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"about%3Ablank\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://SwagBucks.OurToolbar.com/[...]
Line Deleted : user_pref("CT2260173.oldAppsList", "128848965243869714,128848965243869715,111,128958821111237507,128940706283150316,129441809115231739,128940706522681543,128940651219556906,128941656432219667,12894165[...]
Line Deleted : user_pref("CT2260173.openThankYouPage", "true");
Line Deleted : user_pref("CT2260173.openUninstallPage", "true");
Line Deleted : user_pref("CT2260173.originalHomepage", "hxxp://slickdeals.net/");
Line Deleted : user_pref("CT2260173.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2260173&SearchSource=2&q=");
Line Deleted : user_pref("CT2260173.revertSettingsEnabled", false);
Line Deleted : user_pref("CT2260173.sbmemberinfo", "eyJzdGF0dXMiOjEsInNidHYiOnRydWUsImRhaWx5U2IiOjEsImFsbG93U2hvcEVhcm4iOnRydWUsImhhc1ByZmwiOnRydWUsInNCcyI6IjI5MCIsIm1lbWJlcklEIjo3MTc5MzEsImZOYW1lIjoiRGVyZWsiLCJjb3V[...]
Line Deleted : user_pref("CT2260173.search.searchAppId", "128848965243869715");
Line Deleted : user_pref("CT2260173.search.searchCount", 2);
Line Deleted : user_pref("CT2260173.searchInNewTabEnabledByUser", "true");
Line Deleted : user_pref("CT2260173.searchInNewTabEnabledInHidden", "true");
Line Deleted : user_pref("CT2260173.searchProtectorDialogDelayInSec", 10);
Line Deleted : user_pref("CT2260173.searchProtectorEnableByLogin", true);
Line Deleted : user_pref("CT2260173.searchRevert", "false");
Line Deleted : user_pref("CT2260173.searchSuggestEnabledByUser", "true");
Line Deleted : user_pref("CT2260173.searchUserMode", "2");
Line Deleted : user_pref("CT2260173.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2260173.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2260173.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Deleted : user_pref("CT2260173.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2260173\"}");
Line Deleted : user_pref("CT2260173.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://SwagBucks.OurToolbar.com//xpi\"}");
Line Deleted : user_pref("CT2260173.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"Swag Bucks\"}");
Line Deleted : user_pref("CT2260173.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2260173.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Deleted : user_pref("CT2260173.serviceLayer_services_Configuration_lastUpdate", "1374464369333");
Line Deleted : user_pref("CT2260173.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1374464371035");
Line Deleted : user_pref("CT2260173.serviceLayer_services_appsMetadata_lastUpdate", "1374464371028");
Line Deleted : user_pref("CT2260173.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1374464370926");
Line Deleted : user_pref("CT2260173.serviceLayer_services_installUsage_ToolbarInstallEarly_lastUpdate", "1374464369364");
Line Deleted : user_pref("CT2260173.serviceLayer_services_installUsage_ToolbarInstall_lastUpdate", "1374464369360");
Line Deleted : user_pref("CT2260173.serviceLayer_services_login_10.16.4.19_lastUpdate", "1374464421060");
Line Deleted : user_pref("CT2260173.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1374464370980");
Line Deleted : user_pref("CT2260173.serviceLayer_services_searchAPI_lastUpdate", "1374464369339");
Line Deleted : user_pref("CT2260173.serviceLayer_services_serviceMap_lastUpdate", "1374464368305");
Line Deleted : user_pref("CT2260173.serviceLayer_services_toolbarContextMenu_lastUpdate", "1374464370881");
Line Deleted : user_pref("CT2260173.serviceLayer_services_toolbarSettings_lastUpdate", "1374464369202");
Line Deleted : user_pref("CT2260173.settingsINI", true);
Line Deleted : user_pref("CT2260173.shouldFirstTimeDialog", "false");
Line Deleted : user_pref("CT2260173.showToolbarPermission", "false");
Line Deleted : user_pref("CT2260173.smartbar.CTID", "CT2260173");
Line Deleted : user_pref("CT2260173.smartbar.Uninstall", "0");
Line Deleted : user_pref("CT2260173.smartbar.homepage", true);
Line Deleted : user_pref("CT2260173.smartbar.isHidden", true);
Line Deleted : user_pref("CT2260173.smartbar.toolbarName", "Swag Bucks ");
Line Deleted : user_pref("CT2260173.startPage", "false");
Line Deleted : user_pref("CT2260173.testingCtid", "");
Line Deleted : user_pref("CT2260173.toolbarAppMetaDataLastCheckTime", "Tue Jul 16 2013 11:48:58 GMT-0400 (Eastern Standard Time)");
Line Deleted : user_pref("CT2260173.toolbarBornServerTime", "9-9-2011");
Line Deleted : user_pref("CT2260173.toolbarContextMenuLastCheckTime", "Thu May 23 2013 23:53:30 GMT-0400 (Eastern Standard Time)");
Line Deleted : user_pref("CT2260173.toolbarCurrentServerTime", "22-7-2013");
Line Deleted : user_pref("CT2260173.toolbarDisabled", "true");
Line Deleted : user_pref("CT2260173.toolbarLoginClientTime", "Sun Jul 21 2013 23:39:30 GMT-0400 (Eastern Standard Time)");
Line Deleted : user_pref("CT2260173.usagesFlag", 2);
Line Deleted : user_pref("CT2260173.versionFromInstaller", "10.16.4.19");
Line Deleted : user_pref("CT2260173.welcome_screen_gk", "dHJ1ZQ==");
Line Deleted : user_pref("CT2260173.xpeMode", "3");
Line Deleted : user_pref("CT2260173_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1374464367305,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("CT3244149_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1347581381635,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("CT3287804_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1367985045337,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("CommunityToolbar.ConduitSearchList", "Swag Bucks Customized Web Search");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2260173/CT2260173", "\"9f4b89dcfa13d0f626907f50cf192c493\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/657446/653307/US", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2260173", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "C5ZJe6gL80JBW5CuLy+wkg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en&ctid=CT2260173", "C5ZJe6gL80JBW5CuLy+wkg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "mfQ70fvlD2zuBxSBj8rQqA==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en&ctid=CT2260173", "mfQ70fvlD2zuBxSBj8rQqA==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "k9un27OkAvkwB2ZmvXxTnA==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en&ctid=CT2260173", "k9un27OkAvkwB2ZmvXxTnA==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "FqddrIU7eyJgaaLyHDeVMQ==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en&ctid=CT2260173", "ZU6zjERHpZr7lBpInn+HyA==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"0ea11bd291bce1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10.0.1", "\"4ead38b3e6bcd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.0.7", "\"4ead38b3e6bcd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.2.3", "\"4ead38b3e6bcd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13.0.6", "\"0d648794549cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14.1.0", "\"0e0a4327275cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15.1.0", "\"0343677cfb1cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16.0.3", "\"0343677cfb1cd1:15ff\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.18.0.7", "\"0343677cfb1cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.0.10", "\"0ee90707f77cc1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.7.0.6", "\"6a637346d78ccc1:1254\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.0.8", "\"6a637346d78ccc1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.1.0", "\"6a637346d78ccc1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.0.3", "\"801a319dd78ccc1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2260173", "\"f7aa16e1e9f6cc7b2a903a6f1c877dc1\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2260173&octid=CT2260173", "\"1322481066\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"5b02faa969d7eb612666c4fc9456833b\"");
Line Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Derek\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\18tc0293.default\\conduitCommon\\modules\\3.19.0.3");
Line Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.19.0.3");
Line Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2260173");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2260173");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2260173");
Line Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sun Jun 30 2013 23:31:15 GMT-0400 (Eastern Standard Time)");
Line Deleted : user_pref("CommunityToolbar.globalUserId", "b09f8420-aef8-4592-bfdf-70dfdf7ae663");
Line Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2260173");
Line Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sun Jul 14 2013 23:31:19 GMT-0400 (Eastern Standard Time)");
Line Deleted : user_pref("CommunityToolbar.notifications.alertEnabled", true);
Line Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Line Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sun Jul 14 2013 23:21:37 GMT-0400 (Eastern Standard Time)");
Line Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Line Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Jul 14 2013 23:21:29 GMT-0400 (Eastern Standard Time)");
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Line Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Line Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Line Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Line Deleted : user_pref("CommunityToolbar.notifications.userId", "d1d5b4b7-442c-430e-a073-7b5e0f6bfad8");
Line Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3287804&CUI=UN94426890936861081&UM=2&SearchSource=13");
Line Deleted : user_pref("Smartbar.ConduitSearchEngineList", "VisualBee V.5 Customized Web Search");
Line Deleted : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3287804&SearchSource=2&CUI=UN94426890936861081&UM=2&q=");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties");
Line Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT2260173");
Line Deleted : user_pref("browser.search.defaultthis.engineName", "VisualBee V.5 Customized Web Search");
Line Deleted : user_pref("dom.ipc.plugins.enabled.npmywebs.dll", false);
Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT2260173");
Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3287804&CUI=UN94426890936861081&UM=2&SearchSource=13,hxxp://search.conduit.com/?ctid=CT2260173&SearchSource=13");
Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3287804&SearchSource=2&CUI=UN94426890936861081&UM=2&q=,hxxp://search.conduit.com/ResultsExt.aspx?cti[...]
Line Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT2260173");
Line Deleted : user_pref("smartbar.homePageOwnerCTID", "CT2260173");
Line Deleted : user_pref("smartbar.machineId", "QY56CBY4ZHBSYS1P8QI17IIY1NLL1DD/BHE2NJFC30V/+IOZKHRYE9OD//JK5OKA5BOV5MPLOUGODWVBFVNPFW");
Line Deleted : user_pref("smartbar.originalHomepage", "hxxp://slickdeals.net/");
Line Deleted : user_pref("smartbar.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2260173&SearchSource=2&q=");
Line Deleted : user_pref("smartbar.originalSearchEngine", "Google");
Line Deleted : user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_WSG_blackList", "form=CONTLB|babsrc=toolbar|babsrc=tb_ss|invocationType=tb50-ie-aolsoftonic-tbsbox-en-us|invocationType=tb50-ff-aolsoftonic[...]
 
-\\ Google Chrome v34.0.1847.137
 
[ File : C:\Users\Derek\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [36819 octets] - [21/05/2014 21:23:11]
AdwCleaner[S0].txt - [37167 octets] - [21/05/2014 21:25:37]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [37228 octets] ##########


#6 clefty123

clefty123
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:07:22 PM

Posted 21 May 2014 - 08:52 PM

step 4:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Derek on Wed 05/21/2014 at 21:33:19.84
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2755677096-3906864890-1869976462-1001\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{180780f0-b348-4b44-8210-94a8f3ee15b2}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{56F5A99A-3C24-4D71-8C8F-287C0468F114}
 
 
 
~~~ Files
 
Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npcouponprinter.dll"
Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npmozcouponprinter.dll"
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Program Files (x86)\coupons"
Successfully deleted: [Folder] "C:\ai_recyclebin"
 
 
 
~~~ FireFox
 
Successfully deleted: [File] C:\Users\Derek\AppData\Roaming\mozilla\firefox\profiles\18tc0293.default\searchplugins\youtube-video-search.xml
Successfully deleted the following from C:\Users\Derek\AppData\Roaming\mozilla\firefox\profiles\18tc0293.default\prefs.js
 
user_pref("extensions.AMAZONNEW_NS_PH.searchconf", "{\n  \"google\" : {\n    \"urlexp\" : \"hxxp(s)?:\\\\/\\\\/www\\\\.google\\\\..*\\\\/.*[?#&]q=([^&]+)\",\n    \"rankometer\
Emptied folder: C:\Users\Derek\AppData\Roaming\mozilla\firefox\profiles\18tc0293.default\minidumps [93 files]
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 05/21/2014 at 21:42:48.92
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#7 clefty123

clefty123
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:07:22 PM

Posted 22 May 2014 - 01:20 AM

last step:

 

i ran the ESET scan and it said "No Threats Found" and did not create a log.



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,329 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:22 PM

Posted 22 May 2014 - 10:26 AM

Lets look at one more here...

Download RogueKiller from one of the following links and save it to your desktop:
  • Link 1
  • Link 2
    • Close all programs and disconnect any USB or external drives before running the tool.
    • Double-click RogueKiller.exe to run the tool (Vista or 7 users: Right-click and select Run As Administrator).
    • Once the Prescan has finished, click Scan.
    • Once the Status box shows "Scan Finished", just close the program. <--Don't fix anything!
    • Copy and paste the report that opens into your next reply.
      • The log can also be found on your desktop labeled (RKreport[X]_S_xxdatexx_xtimex)
      • The highest number of [X], is the most recent Scan

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 clefty123

clefty123
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:07:22 PM

Posted 22 May 2014 - 12:19 PM

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Derek [Admin rights]
Mode : Scan -- Date : 05/22/2014 13:17:54
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Registry Entries : 4 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
 
¤¤¤ Scheduled tasks : 1 ¤¤¤
[V2][SUSP PATH] PeriodicScanRetry : %windir%\ehome\MCUpdate.exe - -pscn 0 [7][-] -> FOUND
 
¤¤¤ Startup Entries : 0 ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ Browser Addons : 0 ¤¤¤
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
 
¤¤¤ External Hives: ¤¤¤
 
¤¤¤ Infection :  ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
 
 
127.0.0.1 www.xilisoft.com
127.0.0.1 www.xilisoft.net
127.0.0.1 xilisoft.com
127.0.0.1 xilisoft.net
127.0.0.1 cms.olym.xilisoft.net
127.0.0.1 online.xilisoft.com
127.0.0.1 online.xilisoft.net
127.0.0.1 service2.xilisoft.net
127.0.0.1 www.xilimobile.com
127.0.0.1 xilimobile.com
127.0.0.1 crm.xilisoft.com
127.0.0.1 onlinevideoconverter.xilisoft.com
127.0.0.1 m1.xilisoft.com
127.0.0.1 m2.xilisoft.com
127.0.0.1 m3.xilisoft.com
127.0.0.1 m4.xilisoft.com
127.0.0.1 m5.xilisoft.com
127.0.0.1 m6.xilisoft.com
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD3200BEVT-80A0RT0 +++++
--- User ---
[MBR] 9c74ec6845edc4dedb4f6b88d7719492
[BSP] b8e681ec20f3f51e484d81d4ade624cc : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 63 | Size: 20002 MB
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 40965750 | Size: 76308 MB
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 197246976 | Size: 208932 MB
User = LL1 ... OK!
User = LL2 ... OK!
 
Finished : << RKreport[0]_S_05222014_131754.txt >>


#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,329 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:22 PM

Posted 22 May 2014 - 12:56 PM

That was good, how is the hard drive space?


Empty your temp folders using TFC (Temporary File Cleaner)
  • Please download TFC by Old Timer and save it to your desktop.
    alternate download link
  • Save any unsaved work. (TFC will close ALL open programs including your browser!)
  • Double-click on TFC.exe to run it. (If you are using Vista, right-click on the file and choose "Run As Administrator".)
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 clefty123

clefty123
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:07:22 PM

Posted 22 May 2014 - 04:00 PM

hard drive space

 

7.93 GB free of 74.5 GB

 

Total Files Cleaned - 432 MB


Edited by clefty123, 22 May 2014 - 09:02 PM.


#12 clefty123

clefty123
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:07:22 PM

Posted 23 May 2014 - 05:22 PM

That was good, how is the hard drive space?


Empty your temp folders using TFC (Temporary File Cleaner)

  • Please download TFC by Old Timer and save it to your desktop.
    alternate download link
  • Save any unsaved work. (TFC will close ALL open programs including your browser!)
  • Double-click on TFC.exe to run it. (If you are using Vista, right-click on the file and choose "Run As Administrator".)
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.

 

Any more help for me?  My hard drive space is still decreasing..



#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,329 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:22 PM

Posted 23 May 2014 - 08:35 PM

Ok. you have a deeper infection . We can get it but we need a new topic with a DDS log (see guide).

Please follow this Preparation Guide, do steps 6,7 and 8 and post in a new topic.
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 clefty123

clefty123
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:07:22 PM

Posted 26 May 2014 - 03:56 AM

Ok. you have a deeper infection . We can get it but we need a new topic with a DDS log (see guide).

Please follow this Preparation Guide, do steps 6,7 and 8 and post in a new topic.
Let me know if all went well.

I posted the new topic here

http://www.bleepingcomputer.com/forums/t/535549/hard-drive-disk-space-c-is-decreasing/

 

Sorry for the kind of late reply.  I was making sure the disk space is still decreasing, and it is.  I hope someone can help me.



#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,329 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:22 PM

Posted 27 May 2014 - 11:22 AM

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.
From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.
Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.
The current wait time is 1 - 3 days and ALL logs are answered.
If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.
To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users