Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

This Program is blocked by group policy - posted in Windows Vista


  • Please log in to reply
15 replies to this topic

#1 DrgnHmcd

DrgnHmcd

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:10:10 AM

Posted 01 January 2015 - 10:30 AM

I cannot open some programs or uninstall some.  Every time i try to uncheck the group policy box in settings in reapplies itself.  I have run Antimalware i dont know what to do


Edited by hamluis, 01 January 2015 - 11:40 AM.
Moved from Vista to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:05:10 PM

Posted 01 January 2015 - 01:08 PM

Hi
Lets get some initial information firstly:
We will be helping you with your problems. Please be patient while we assist you.
Some points for you to keep in mind while we are helping you to make things go easier and faster for both of us
  • Please do NOT run, install or uninstall any programs, unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.
- Do NOT backup any unknown files ending in .exe, .com, .scr, .pif, and .bat since files of these types are more likely to be infected.NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.
----------------------------------------------
Please do the following:
:step1:
Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. Reboot now to finish the cleaning process.Note: If Cure is not an option, Skip instead, do NOT choose Delete or Quarantine unless instructed.A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).Copy and paste the full contents of that file in your next reply. - If the log is too long, then split it into multiple posts.
:step2:
Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.
:step3:
Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press Scan.
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the full contents of the log in your next reply.
:step4:
Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (Only Problems)
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore points
NOTE: When using "Reset FF Proxy Settings" option Firefox should be closed.
Click Go and post the full contents of the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#3 DrgnHmcd

DrgnHmcd
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:10:10 AM

Posted 01 January 2015 - 07:19 PM

17:09:37.0602 0x068c  TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
17:09:53.0639 0x068c  ============================================================
17:09:53.0639 0x068c  Current date / time: 2015/01/01 17:09:53.0639
17:09:53.0639 0x068c  SystemInfo:
17:09:53.0639 0x068c  
17:09:53.0639 0x068c  OS Version: 6.0.6002 ServicePack: 2.0
17:09:53.0639 0x068c  Product type: Workstation
17:09:53.0639 0x068c  ComputerName: DIMAIOFAMILY
17:09:53.0639 0x068c  UserName: Mike & Deb
17:09:53.0639 0x068c  Windows directory: C:\Windows
17:09:53.0639 0x068c  System windows directory: C:\Windows
17:09:53.0639 0x068c  Processor architecture: Intel x86
17:09:53.0639 0x068c  Number of processors: 2
17:09:53.0639 0x068c  Page size: 0x1000
17:09:53.0639 0x068c  Boot type: Normal boot
17:09:53.0639 0x068c  ============================================================
17:09:55.0667 0x068c  KLMD registered as C:\Windows\system32\drivers\92019365.sys
17:09:55.0870 0x068c  System UUID: {85EE7F49-7C9D-3CFE-86BF-0CDCD11CDFD0}
17:09:56.0431 0x068c  Drive \Device\Harddisk0\DR0 - Size: 0x2540BE4000 ( 149.01 Gb ), SectorSize: 0x200, Cylinders: 0x4BFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:09:56.0463 0x068c  ============================================================
17:09:56.0463 0x068c  \Device\Harddisk0\DR0:
17:09:56.0603 0x068c  MBR partitions:
17:09:56.0603 0x068c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x18000, BlocksNum 0x1400000
17:09:56.0603 0x068c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1418000, BlocksNum 0x115ED000
17:09:56.0603 0x068c  ============================================================
17:09:56.0697 0x068c  C: <-> \Device\Harddisk0\DR0\Partition2
17:09:56.0743 0x068c  D: <-> \Device\Harddisk0\DR0\Partition1
17:09:56.0743 0x068c  ============================================================
17:09:56.0743 0x068c  Initialize success
17:09:56.0743 0x068c  ============================================================
17:09:58.0436 0x08e4  ============================================================
17:09:58.0436 0x08e4  Scan started
17:09:58.0436 0x08e4  Mode: Manual; 
17:09:58.0436 0x08e4  ============================================================
17:09:58.0436 0x08e4  KSN ping started
17:09:59.0496 0x08e4  KSN ping finished: true
17:10:01.0103 0x08e4  ================ Scan system memory ========================
17:10:01.0103 0x08e4  System memory - ok
17:10:01.0103 0x08e4  ================ Scan services =============================
17:10:02.0055 0x08e4  [ 72D6D8E2D4F82C6E829125C7EC2A88F9, F357CFC3D04EB3F8E1A504D531D099698C6E2B29EB6CEDF75C08BF8917C46573 ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
17:10:02.0102 0x08e4  !SASCORE - ok
17:10:02.0757 0x08e4  [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon        C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
17:10:02.0757 0x08e4  ACDaemon - ok
17:10:03.0178 0x08e4  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
17:10:03.0194 0x08e4  ACPI - ok
17:10:03.0412 0x08e4  [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB, 0342700760874683A6DF4F149DACACEF0569D40C45FC5958C67100B3C5D9BBBC ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
17:10:03.0490 0x08e4  adp94xx - ok
17:10:03.0552 0x08e4  [ B84088CA3CDCA97DA44A984C6CE1CCAD, 87009809FB101BF51483FA32318CBCD209386582880C82417BE4FFAD1B04C8C1 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
17:10:03.0615 0x08e4  adpahci - ok
17:10:03.0693 0x08e4  [ 7880C67BCCC27C86FD05AA2AFB5EA469, C8B06E203EEA6EAD19651F212432005ABADFF21E2AA5699E34040527394F2677 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
17:10:03.0864 0x08e4  adpu160m - ok
17:10:04.0176 0x08e4  [ 9AE713F8E30EFC2ABCCD84904333DF4D, B0C7801AC6E0811C38F0474703F34283914C8873D851F59EE232834F7C0D8087 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
17:10:04.0332 0x08e4  adpu320 - ok
17:10:04.0941 0x08e4  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
17:10:04.0956 0x08e4  AeLookupSvc - ok
17:10:05.0237 0x08e4  [ FE3EA6E9AFC1A78E6EDCA121E006AFB7, B596ABBAC058D93C505C9DBF8685049C88E4364195A4092DB580D2D44FA8C23C ] Afc             C:\Windows\system32\drivers\Afc.sys
17:10:05.0268 0x08e4  Afc - ok
17:10:05.0471 0x08e4  [ 3911B972B55FEA0478476B2E777B29FA, 62545B90C7DD3F73777E62CD8264E611A4D71B6956CABFD2D820D25F41F471FD ] AFD             C:\Windows\system32\drivers\afd.sys
17:10:05.0596 0x08e4  AFD - ok
17:10:05.0627 0x08e4  [ 8B10CE1C1F9F1D47E4DEB1A547A00CD4, 2E89838BD068314F4BE59753486E5D666FE2A3DD0A616E00EED4E0F83DB87401 ] agp440          C:\Windows\system32\drivers\agp440.sys
17:10:05.0643 0x08e4  agp440 - ok
17:10:05.0674 0x08e4  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
17:10:05.0674 0x08e4  aic78xx - ok
17:10:05.0705 0x08e4  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
17:10:05.0721 0x08e4  ALG - ok
17:10:05.0736 0x08e4  [ DC67A153FDB8105B25D05334B5E1D8E2, 95CD9ABE73EC1E5111F5D599FE16EB1B3A6A87B7FC54922254769032CD2BEF0E ] aliide          C:\Windows\system32\drivers\aliide.sys
17:10:05.0752 0x08e4  aliide - ok
17:10:05.0768 0x08e4  [ 848F27E5B27C1C253F6CEFDC1A5D8F21, 0FE955D82CE68A1FC5DCA33626179005B90803821005A370EB36352817433089 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
17:10:05.0768 0x08e4  amdagp - ok
17:10:05.0768 0x08e4  [ 835C4C3355088298A5EBD818FA31430F, 947E587F016AD3B2B4606334E03372F34D806ED1AFF4860E7EA2E289D70FB79E ] amdide          C:\Windows\system32\drivers\amdide.sys
17:10:05.0783 0x08e4  amdide - ok
17:10:05.0799 0x08e4  [ DC487885BCEF9F28EECE6FAC0E5DDFC5, 24A62F6E628AD46273BC226F7BC3453A9C7B76F81ABB9FB801EBEFADB2AB7C9B ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
17:10:05.0799 0x08e4  AmdK7 - ok
17:10:05.0830 0x08e4  [ 0CA0071DA4315B00FC1328CA86B425DA, 4F816FA2197166A83A266084F9D5ED68876D0521D378F90F1314DD53C6FB8814 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
17:10:05.0830 0x08e4  AmdK8 - ok
17:10:05.0877 0x08e4  [ C6D704C7F0434DC791AAC37CAC4B6E14, 35CF7D1895F97637E0C678A39F3049B871BCA9526D379C7793ED33B87D2EAC4C ] Appinfo         C:\Windows\System32\appinfo.dll
17:10:05.0877 0x08e4  Appinfo - ok
17:10:05.0908 0x08e4  [ 5F673180268BB1FDB69C99B6619FE379, C4307A861163F96648109046A6C7D53AB1C9B10D0B841DD1A7D147D22F462649 ] arc             C:\Windows\system32\drivers\arc.sys
17:10:05.0924 0x08e4  arc - ok
17:10:05.0955 0x08e4  [ 957F7540B5E7F602E44648C7DE5A1C05, F03C7708A6C9D2579ECE5A7413AFA068E1067D7191EC653A78BA4FEDE76CFBD8 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
17:10:05.0955 0x08e4  arcsas - ok
17:10:12.0959 0x08e4  [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
17:10:14.0004 0x08e4  aspnet_state - ok
17:10:14.0348 0x08e4  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:10:14.0441 0x08e4  AsyncMac - ok
17:10:14.0738 0x08e4  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi           C:\Windows\system32\drivers\atapi.sys
17:10:14.0738 0x08e4  atapi - ok
17:10:15.0268 0x08e4  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:10:15.0284 0x08e4  AudioEndpointBuilder - ok
17:10:15.0299 0x08e4  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
17:10:15.0315 0x08e4  Audiosrv - ok
17:10:15.0471 0x08e4  [ CB2C2B24BD7E64CFB2B24D401FF5BBC0, F48ABD9F5BF91BF5F25E6D5EE02647F7DD8E1C1A11FEEE2C1C1B3BD34E3D0F85 ] Avgdiskx        C:\Windows\system32\DRIVERS\avgdiskx.sys
17:10:15.0471 0x08e4  Avgdiskx - ok
17:10:15.0502 0x08e4  avgfws - ok
17:10:18.0622 0x08e4  [ 4187E691A71B65955CA3DB9FBA31031C, CD765BBE166C457E08981A910D468886981508543E348FB8BA25941B7FB392FA ] AVGIDSAgent     C:\Program Files\AVG\AVG2015\avgidsagent.exe
17:10:18.0684 0x08e4  AVGIDSAgent - ok
17:10:19.0028 0x08e4  [ E3664FA6777A428C30F2EBB4C26C2D63, 7D8F15CDF7FB223462D30D49A09EE934D2365812E63825EFA8ED9AF8E220CB96 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdriverx.sys
17:10:19.0043 0x08e4  AVGIDSDriver - ok
17:10:19.0418 0x08e4  [ 6A019432682A6BD98B1548015CA7A4D4, B9C18B566754A06A0F2A7376885B4EA556F3C9182F2A76957DEDE399277C677E ] AVGIDSHX        C:\Windows\system32\DRIVERS\avgidshx.sys
17:10:19.0433 0x08e4  AVGIDSHX - ok
17:10:19.0698 0x08e4  [ 2429F7F025F63532B6B264D97E4ECA49, EDE2C88B3B4B2A3AC59A3AB0B2FEC1D2CC75AA8AFFF0F5011D07AB4F053390D9 ] AVGIDSShim      C:\Windows\system32\DRIVERS\avgidsshimx.sys
17:10:19.0698 0x08e4  AVGIDSShim - ok
17:10:20.0026 0x08e4  [ D3C8B449545ED1FEFA568AEF9482BD00, E03EFA58FF96B4EE3BBE9798F71F286F917D3E89F36392054C50E5CEB45F58D9 ] Avgldx86        C:\Windows\system32\DRIVERS\avgldx86.sys
17:10:20.0026 0x08e4  Avgldx86 - ok
17:10:20.0244 0x08e4  [ D94378757947E02AE9BC484DF196A44D, 91B711C07320EFFDB780356EF84D39A06673198C4E0B45EE1D1412B996CB9227 ] Avglogx         C:\Windows\system32\DRIVERS\avglogx.sys
17:10:20.0244 0x08e4  Avglogx - ok
17:10:20.0338 0x08e4  [ 23EB88D4FE226264953E2E7B89131A6B, 1B4EA36343319545AF81DDB48FA39F60F025C20E8BEB13663B08BD313F612578 ] Avgmfx86        C:\Windows\system32\DRIVERS\avgmfx86.sys
17:10:20.0338 0x08e4  Avgmfx86 - ok
17:10:20.0619 0x08e4  [ F016B95273E0B1961F204F7FD2FFD811, 9F89323177B68DEDE6B1F09790E6A978376B4FCBDC029283B297A3C4D9B242FF ] Avgrkx86        C:\Windows\system32\DRIVERS\avgrkx86.sys
17:10:20.0619 0x08e4  Avgrkx86 - ok
17:10:20.0806 0x08e4  [ A9BED659C31F0D43B606E82BDF84C674, 9C2F3B8679AC47E4641995C63217B24EB592A859AC0681A2637365DE6E08A35D ] Avgtdix         C:\Windows\system32\DRIVERS\avgtdix.sys
17:10:20.0806 0x08e4  Avgtdix - ok
17:10:21.0121 0x08e4  [ 3218AA21B739C1C338DC8A555A66B755, 389E09C2CB51524B985B53D81289BCFB1E9DB89C70650C6D5D276391E2B56BCB ] avgwd           C:\Program Files\AVG\AVG2015\avgwdsvc.exe
17:10:21.0127 0x08e4  avgwd - ok
17:10:21.0390 0x08e4  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:10:21.0437 0x08e4  Beep - ok
17:10:22.0186 0x08e4  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll
17:10:22.0193 0x08e4  BFE - ok
17:10:23.0204 0x08e4  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\system32\qmgr.dll
17:10:24.0149 0x08e4  BITS - ok
17:10:24.0156 0x08e4  blbdrive - ok
17:10:24.0294 0x08e4  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:10:24.0470 0x08e4  bowser - ok
17:10:24.0573 0x08e4  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
17:10:24.0635 0x08e4  BrFiltLo - ok
17:10:24.0704 0x08e4  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
17:10:24.0743 0x08e4  BrFiltUp - ok
17:10:24.0826 0x08e4  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
17:10:24.0829 0x08e4  Browser - ok
17:10:25.0047 0x08e4  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
17:10:25.0142 0x08e4  Brserid - ok
17:10:25.0245 0x08e4  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
17:10:25.0297 0x08e4  BrSerWdm - ok
17:10:25.0377 0x08e4  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
17:10:25.0379 0x08e4  BrUsbMdm - ok
17:10:25.0498 0x08e4  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
17:10:25.0551 0x08e4  BrUsbSer - ok
17:10:25.0613 0x08e4  BTCFilterService - ok
17:10:25.0755 0x08e4  [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
17:10:25.0830 0x08e4  BTHMODEM - ok
17:10:26.0623 0x08e4  catchme - ok
17:10:26.0768 0x08e4  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:10:26.0868 0x08e4  cdfs - ok
17:10:27.0015 0x08e4  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
17:10:27.0017 0x08e4  cdrom - ok
17:10:27.0136 0x08e4  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll
17:10:27.0138 0x08e4  CertPropSvc - ok
17:10:27.0252 0x08e4  [ DA8E0AFC7BAA226C538EF53AC2F90897, 2BBB9966671A3B8325D215DBC29FBD7D912C13ADC562A0D4521D1FF9A6F445C0 ] circlass        C:\Windows\system32\drivers\circlass.sys
17:10:27.0253 0x08e4  circlass - ok
17:10:27.0381 0x08e4  [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS            C:\Windows\system32\CLFS.sys
17:10:27.0451 0x08e4  CLFS - ok
17:10:27.0789 0x08e4  [ 8EE772032E2FE80A924F3B8DD5082194, B743DF91563A22CC15D9B44105804B5866A29D3DFC156DBE88DFAFEF903B94C0 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:10:28.0033 0x08e4  clr_optimization_v2.0.50727_32 - ok
17:10:28.0146 0x08e4  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:10:29.0470 0x08e4  clr_optimization_v4.0.30319_32 - ok
17:10:29.0525 0x08e4  [ E79CBB2195E965F6E3256E2C1B23FD1C, 176819CEDE1BC16499B0E67EBDB46D7A627189D6B0DAF733B10FBE0DD3E030A2 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
17:10:29.0611 0x08e4  cmdide - ok
17:10:29.0842 0x08e4  [ 722936AFB75A7F509662B69B5632F48A, C386EA5E933C5D3F3FE162AE91F7D81C7C0765A1F790B1FF7B396A9DBDB4AD33 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
17:10:29.0998 0x08e4  Compbatt - ok
17:10:30.0003 0x08e4  COMSysApp - ok
17:10:30.0031 0x08e4  [ 2A213AE086BBEC5E937553C7D9A2B22C, 1F91ACC0426E0ED1717555B282F65629EF15021375B24A63C29C89ADE916EE2A ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
17:10:30.0032 0x08e4  crcdisk - ok
17:10:30.0082 0x08e4  [ 22A7F883508176489F559EE745B5BF5D, D6341E3FBC8A46D2D1F0477FA60EC4828B585D35B14609CD02868FD04ECD14DB ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
17:10:30.0094 0x08e4  Crusoe - ok
17:10:30.0233 0x08e4  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:10:30.0237 0x08e4  CryptSvc - ok
17:10:30.0381 0x08e4  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:10:30.0399 0x08e4  DcomLaunch - ok
17:10:30.0451 0x08e4  [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:10:30.0470 0x08e4  DfsC - ok
17:10:31.0108 0x08e4  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
17:10:32.0332 0x08e4  DFSR - ok
17:10:32.0506 0x08e4  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
17:10:32.0515 0x08e4  Dhcp - ok
17:10:32.0579 0x08e4  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
17:10:32.0581 0x08e4  disk - ok
17:10:32.0687 0x08e4  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:10:32.0714 0x08e4  Dnscache - ok
17:10:32.0857 0x08e4  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll
17:10:32.0865 0x08e4  dot3svc - ok
17:10:33.0102 0x08e4  [ 4F59C172C094E1A1D46463A8DC061CBD, CE09A4ED1F8BA6242E152C384AFF5C3C95FBB8556DAE23765272F13BF158D8F9 ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
17:10:33.0108 0x08e4  Dot4 - ok
17:10:33.0147 0x08e4  [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5, 69BB5B07D03FA9F28591012F2AA4A583D3F086644C136D63A56D1A827121CC19 ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
17:10:33.0264 0x08e4  Dot4Print - ok
17:10:33.0332 0x08e4  [ C55004CA6B419B6695970DFE849B122F, 6E0C4A9E24DD09E9389E097AF63E7F5040A0658DDCEBBE963968B7118CFE9AB8 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
17:10:33.0380 0x08e4  dot4usb - ok
17:10:33.0589 0x08e4  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
17:10:33.0709 0x08e4  DPS - ok
17:10:33.0890 0x08e4  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
17:10:33.0924 0x08e4  drmkaud - ok
17:10:34.0207 0x08e4  [ 988670D8343EF9835FB3659DB71B2EFA, 5F5370FDD08C4BFF0828341952E98E95F722CB779EEC08C9DD6212C4DF3CD33B ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
17:10:34.0225 0x08e4  DXGKrnl - ok
17:10:34.0432 0x08e4  [ 04944F4FC4F0477185F5D26AE0DDB90E, 2D67A90905871A26FA227AF0B31F7A0026E100E3253BF3B6791F593E56619F9E ] e1express       C:\Windows\system32\DRIVERS\e1e6032.sys
17:10:34.0436 0x08e4  e1express - ok
17:10:34.0505 0x08e4  [ F88FB26547FD2CE6D0A5AF2985892C48, F02E06E16830F5D3FAF61991F5A91E54BB3461F58AFE3BFB7A9066CD302B879F ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
17:10:34.0551 0x08e4  E1G60 - ok
17:10:34.0863 0x08e4  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
17:10:34.0866 0x08e4  EapHost - ok
17:10:35.0373 0x08e4  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache          C:\Windows\system32\drivers\ecache.sys
17:10:35.0378 0x08e4  Ecache - ok
17:10:35.0614 0x08e4  [ E8F3F21A71720C84BCF423B80028359F, 63114E6120F634224A0E83A5047B37C7D6F26CF99FE3C01CFC0AB8B1763BB084 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
17:10:35.0924 0x08e4  elxstor - ok
17:10:36.0229 0x08e4  [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
17:10:36.0241 0x08e4  EMDMgmt - ok
17:10:36.0859 0x08e4  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll
17:10:37.0260 0x08e4  EventSystem - ok
17:10:37.0784 0x08e4  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys
17:10:38.0101 0x08e4  exfat - ok
17:10:38.0554 0x08e4  [ 1E9B9A70D332103C52995E957DC09EF8, 7E709D545D4025A2E9F3489CF2A231040904CB53E3E4EEAC15A22468FAB2A5B3 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
17:10:38.0770 0x08e4  fastfat - ok
17:10:38.0955 0x08e4  [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
17:10:39.0005 0x08e4  fdc - ok
17:10:39.0108 0x08e4  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
17:10:39.0110 0x08e4  fdPHost - ok
17:10:39.0167 0x08e4  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
17:10:39.0169 0x08e4  FDResPub - ok
17:10:39.0267 0x08e4  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:10:39.0269 0x08e4  FileInfo - ok
17:10:39.0356 0x08e4  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
17:10:39.0396 0x08e4  Filetrace - ok
17:10:39.0455 0x08e4  [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
17:10:39.0546 0x08e4  flpydisk - ok
17:10:39.0660 0x08e4  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:10:39.0664 0x08e4  FltMgr - ok
17:10:40.0025 0x08e4  [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache       C:\Windows\system32\FntCache.dll
17:10:40.0041 0x08e4  FontCache - ok
17:10:40.0119 0x08e4  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:10:40.0156 0x08e4  FontCache3.0.0.0 - ok
17:10:40.0361 0x08e4  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:10:40.0364 0x08e4  Fs_Rec - ok
17:10:40.0419 0x08e4  [ 4E1CD0A45C50A8882616CAE5BF82F3C5, 1B909AF150F7119A5685999451A85012F4A92F15F38390A281EA507E2D247BAE ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
17:10:40.0461 0x08e4  gagp30kx - ok
17:10:40.0538 0x08e4  [ AB8A6A87D9D7255C3884D5B9541A6E80, D073B5D8A06EFA6415E8F22DFE486DE913113AE23F59CFC5EEF1B3E694CE86F3 ] GEARAspiWDM     C:\Windows\system32\Drivers\GEARAspiWDM.sys
17:10:40.0551 0x08e4  GEARAspiWDM - ok
17:10:40.0799 0x08e4  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc           C:\Windows\System32\gpsvc.dll
17:10:40.0812 0x08e4  gpsvc - ok
17:10:41.0049 0x08e4  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
17:10:41.0066 0x08e4  gupdate - ok
17:10:41.0089 0x08e4  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
17:10:41.0092 0x08e4  gupdatem - ok
17:10:41.0306 0x08e4  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
17:10:41.0506 0x08e4  HDAudBus - ok
17:10:41.0574 0x08e4  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
17:10:41.0582 0x08e4  HidBth - ok
17:10:41.0629 0x08e4  [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys
17:10:41.0630 0x08e4  HidIr - ok
17:10:41.0752 0x08e4  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\System32\hidserv.dll
17:10:41.0754 0x08e4  hidserv - ok
17:10:41.0817 0x08e4  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
17:10:41.0818 0x08e4  HidUsb - ok
17:10:41.0865 0x08e4  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:10:41.0888 0x08e4  hkmsvc - ok
17:10:41.0938 0x08e4  [ DF353B401001246853763C4B7AAA6F50, 05C043493BDD99DEFBB0F5C3D8C475B06C2BF5629565ACF6F3B754002519B836 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
17:10:41.0939 0x08e4  HpCISSs - ok
17:10:42.0269 0x08e4  [ 53229DCF431D76434816CD29251168A0, F27EF06B23F14C1D041275E8C1F9238151D81CFDBB6D58B2657BA3303CDEB7E1 ] HSF_DPV         C:\Windows\system32\DRIVERS\HSX_DPV.sys
17:10:42.0291 0x08e4  HSF_DPV - ok
17:10:42.0776 0x08e4  [ 77ED10C64F9DE2BF3F4F0B92541422F6, ADC7DDA8CBA47E7EE17BAB9EAA5DD51EB86A4DDB402EF1F24F81ECCA990583A6 ] hshld           C:\Program Files\Hotspot Shield\bin\cmw_srv.exe
17:10:43.0284 0x08e4  hshld - ok
17:10:43.0328 0x08e4  [ 21E25622478BE3B4BECDF1213BA5CDC8, 452245E1B11218BC9C0ADC528FCE9B912BD16A8820F8DA46E17EBCE1B6E34A4B ] HssDRV6         C:\Windows\system32\DRIVERS\hssdrv6.sys
17:10:43.0330 0x08e4  HssDRV6 - ok
17:10:43.0709 0x08e4  [ 7A97848FE7C47F9390427EBDDD92F9F1, 2C053D1433585B3FA0ED839CDFC80CAB3A2D670F5B1F6E3D80BC31EB5CE0E948 ] HssTrayService  C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
17:10:43.0712 0x08e4  HssTrayService - ok
17:10:43.0906 0x08e4  [ 5CB01FD5AA4885BC4811433B54393AF2, 018AC4FDE8099731C3D9F77EE66B6EB902DC246D4E68DD20962CD2D7C48C2123 ] HssWd           C:\Program Files\Hotspot Shield\bin\hsswd.exe
17:10:44.0005 0x08e4  HssWd - ok
17:10:44.0079 0x08e4  [ ED98350ECD4A5A9C9F1E641C09872BB2, 6515D4DBCDC7CAAD84CAC4034F69EA389DA192FDD20D870C87822AA4EE19FF2C ] HSXHWBS2        C:\Windows\system32\DRIVERS\HSXHWBS2.sys
17:10:44.0167 0x08e4  HSXHWBS2 - ok
17:10:44.0344 0x08e4  [ 0EEECA26C8D4BDE2A4664DB058A81937, 6F88567A116B1420BE1C9C8888F34D05F51378092C805EF4E489635CF92D416B ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:10:44.0428 0x08e4  HTTP - ok
17:10:44.0459 0x08e4  [ 324C2152FF2C61ABAE92D09F3CCA4D63, 2D09964C8003277F7DB1FFAA0DAEF15B205F3C4100FF601950BC9E544DC0B91F ] i2omp           C:\Windows\system32\drivers\i2omp.sys
17:10:44.0472 0x08e4  i2omp - ok
17:10:44.0560 0x08e4  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
17:10:44.0587 0x08e4  i8042prt - ok
17:10:44.0693 0x08e4  [ 997E8F5939F2D12CD9F2E6B395724C16, C22F10BADE29DA6F7EB79D9F5D81D9FBEC17D4D4F8B25E0AF4E5CEAE28E8ABF6 ] iaStor          C:\Windows\system32\drivers\iastor.sys
17:10:44.0843 0x08e4  iaStor - ok
17:10:44.0939 0x08e4  [ C957BF4B5D80B46C5017BF0101E6C906, 6B9186335E50E7E0DBAF574A224E524EC526B57AA02F509E4A8D0F905C9CE880 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
17:10:44.0998 0x08e4  iaStorV - ok
17:10:45.0292 0x08e4  [ 98477B08E61945F974ED9FDC4CB6BDAB, C7E8F661F6FBF6AB493E950D2E70363496E155B1838CE7B490B981BD840B04FC ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:10:45.0591 0x08e4  idsvc - ok
17:10:46.0470 0x08e4  [ 9378D57E2B96C0A185D844770AD49948, AED244DDF125C867091D0A926B275EC1C60C89844C69595B1D1FC586F60F118A ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
17:10:48.0365 0x08e4  igfx - ok
17:10:48.0397 0x08e4  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
17:10:48.0462 0x08e4  iirsp - ok
17:10:49.0080 0x08e4  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT          C:\Windows\System32\ikeext.dll
17:10:50.0103 0x08e4  IKEEXT - ok
17:10:51.0438 0x08e4  [ 4EAE74C8BCBCA309A5D7CBAD7E231427, FA68A5B58FB0DA46946B1BE63E2C70820E3EBB4A2858F17DF8AE4EAA59F042FE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
17:10:51.0490 0x08e4  IntcAzAudAddService - ok
17:10:51.0577 0x08e4  [ 0084046C084D68E494F8CF36BCF08186, 1A40542A8E7ADE1944892F11DFA85307F342965A31D5697425E0BB86874D45F5 ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
17:10:51.0577 0x08e4  intelide - ok
17:10:51.0910 0x08e4  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
17:10:51.0987 0x08e4  intelppm - ok
17:10:52.0329 0x08e4  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
17:10:52.0333 0x08e4  IPBusEnum - ok
17:10:52.0473 0x08e4  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:10:52.0587 0x08e4  IpFilterDriver - ok
17:10:52.0850 0x08e4  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:10:52.0859 0x08e4  iphlpsvc - ok
17:10:52.0866 0x08e4  IpInIp - ok
17:10:53.0036 0x08e4  [ 40F34F8ABA2A015D780E4B09138B6C17, 22F86888C6B4F76836E863A90730D8F0DBD518305D87A399A159387E79E9D2F7 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
17:10:53.0081 0x08e4  IPMIDRV - ok
17:10:53.0182 0x08e4  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
17:10:53.0266 0x08e4  IPNAT - ok
17:10:53.0378 0x08e4  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:10:53.0398 0x08e4  IRENUM - ok
17:10:53.0513 0x08e4  [ 2F8ECE2699E7E2070545E9B0960A8ED2, 40214A9220C6EC232C245939E4F40A9FF6D30497E180EDC809B87938A922E52D ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:10:53.0562 0x08e4  isapnp - ok
17:10:53.0968 0x08e4  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
17:10:53.0972 0x08e4  iScsiPrt - ok
17:10:54.0074 0x08e4  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
17:10:54.0089 0x08e4  iteatapi - ok
17:10:54.0144 0x08e4  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
17:10:54.0213 0x08e4  iteraid - ok
17:10:54.0345 0x08e4  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
17:10:54.0347 0x08e4  kbdclass - ok
17:10:54.0506 0x08e4  [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
17:10:54.0577 0x08e4  kbdhid - ok
17:10:54.0684 0x08e4  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso          C:\Windows\system32\lsass.exe
17:10:54.0686 0x08e4  KeyIso - ok
17:10:54.0757 0x08e4  kpsokjcu - ok
17:10:55.0249 0x08e4  [ 4A1445EFA932A3BAF5BDB02D7131EE20, 9DD262ED72DF268FE024063788F54124E320D0775D8DC0C5CAD099CD5F655DA2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:10:55.0259 0x08e4  KSecDD - ok
17:10:55.0558 0x08e4  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
17:10:55.0827 0x08e4  KtmRm - ok
17:10:56.0002 0x08e4  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\System32\srvsvc.dll
17:10:56.0006 0x08e4  LanmanServer - ok
17:10:56.0172 0x08e4  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:10:56.0181 0x08e4  LanmanWorkstation - ok
17:10:56.0308 0x08e4  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:10:56.0309 0x08e4  lltdio - ok
17:10:56.0449 0x08e4  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
17:10:56.0984 0x08e4  lltdsvc - ok
17:10:57.0166 0x08e4  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
17:10:57.0169 0x08e4  lmhosts - ok
17:10:57.0231 0x08e4  [ A2262FB9F28935E862B4DB46438C80D2, 792684A68726BC007ACABB584682FDF4F059AE60888FB5B47ED68A97EA0BB5E6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
17:10:57.0321 0x08e4  LSI_FC - ok
17:10:57.0366 0x08e4  [ 30D73327D390F72A62F32C103DAF1D6D, 7BB5BFB0DCF33AF9907539B52DF7BA1943C1E75A17715B58DBC702ACA6D406EA ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
17:10:57.0455 0x08e4  LSI_SAS - ok
17:10:57.0627 0x08e4  [ E1E36FEFD45849A95F1AB81DE0159FE3, DA02B23A881D156A02D3874B41E6D042F84AD558B434280A6A6AC6B619668647 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
17:10:57.0699 0x08e4  LSI_SCSI - ok
17:10:57.0845 0x08e4  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
17:10:57.0847 0x08e4  luafv - ok
17:10:57.0981 0x08e4  [ 8E2E9CCD873ABF180F48BCAEEEBE347D, 35DBBB8E63B480151EA5701D9DB7C90642FA2391D044DB400D3644F3E21BB0C1 ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
17:10:58.0024 0x08e4  MBAMSwissArmy - ok
17:10:58.0102 0x08e4  [ 0CEA2D0D3FA284B85ED5B68365114F76, E6FF0EC98FDC3F628438B613C356C237E68686E3B5B17A58A60C16F4B9A2B968 ] mdmxsdk         C:\Windows\system32\DRIVERS\mdmxsdk.sys
17:10:58.0103 0x08e4  mdmxsdk - ok
17:10:58.0167 0x08e4  [ D153B14FC6598EAE8422A2037553ADCE, D5408B07B6EBA0146A605F11106497DC3DF8EC72E0DCC44BE1366A2A58ABE478 ] megasas         C:\Windows\system32\drivers\megasas.sys
17:10:58.0170 0x08e4  megasas - ok
17:10:58.0229 0x08e4  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
17:10:58.0231 0x08e4  MMCSS - ok
17:10:58.0284 0x08e4  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
17:10:58.0287 0x08e4  Modem - ok
17:10:58.0425 0x08e4  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
17:10:58.0426 0x08e4  monitor - ok
17:10:58.0571 0x08e4  motccgp - ok
17:10:58.0571 0x08e4  MotoSwitchService - ok
17:10:58.0587 0x08e4  Motousbnet - ok
17:10:58.0618 0x08e4  motusbdevice - ok
17:10:58.0758 0x08e4  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
17:10:58.0758 0x08e4  mouclass - ok
17:10:58.0852 0x08e4  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
17:10:58.0914 0x08e4  mouhid - ok
17:10:58.0992 0x08e4  [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
17:10:59.0297 0x08e4  MountMgr - ok
17:10:59.0390 0x08e4  [ 583A41F26278D9E0EA548163D6139397, 1F09D2FEEE1A8D4F1D9E53596158154099FD436A408F7E72E40F50778A3838A1 ] mpio            C:\Windows\system32\drivers\mpio.sys
17:10:59.0406 0x08e4  mpio - ok
17:10:59.0453 0x08e4  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:10:59.0468 0x08e4  mpsdrv - ok
17:10:59.0593 0x08e4  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:10:59.0640 0x08e4  MpsSvc - ok
17:10:59.0702 0x08e4  [ D805CC36F02AFE93E3236D5BF91A8DC7, E809D26BBF17C89BD2BC7F57B86A1E004D0A2E1CEA2A7F4448C29889F63CA9C6 ] mr7910          C:\Windows\system32\DRIVERS\mr7910.sys
17:10:59.0765 0x08e4  mr7910 - ok
17:10:59.0843 0x08e4  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
17:10:59.0858 0x08e4  Mraid35x - ok
17:10:59.0921 0x08e4  [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:10:59.0952 0x08e4  MRxDAV - ok
17:11:00.0050 0x08e4  [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:11:00.0082 0x08e4  mrxsmb - ok
17:11:00.0347 0x08e4  [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:11:00.0425 0x08e4  mrxsmb10 - ok
17:11:00.0456 0x08e4  [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:11:00.0487 0x08e4  mrxsmb20 - ok
17:11:00.0518 0x08e4  [ D420BC42A637AC3CC4F411220549C0DC, D991D19030D29D03BAFA846C095F460F2F31D19793E5582239964F66A837C562 ] msahci          C:\Windows\system32\drivers\msahci.sys
17:11:00.0518 0x08e4  msahci - ok
17:11:00.0550 0x08e4  [ 3FC82A2AE4CC149165A94699183D3028, 8575BE62A209672A5D8C68D75BBBB4FF06220CA73A939B0793442DAD2272598C ] msdsm           C:\Windows\system32\drivers\msdsm.sys
17:11:00.0565 0x08e4  msdsm - ok
17:11:00.0596 0x08e4  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
17:11:00.0596 0x08e4  MSDTC - ok
17:11:00.0628 0x08e4  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:11:00.0628 0x08e4  Msfs - ok
17:11:00.0674 0x08e4  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:11:00.0674 0x08e4  msisadrv - ok
17:11:00.0721 0x08e4  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
17:11:00.0721 0x08e4  MSiSCSI - ok
17:11:00.0737 0x08e4  msiserver - ok
17:11:01.0050 0x08e4  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
17:11:01.0081 0x08e4  MSKSSRV - ok
17:11:01.0175 0x08e4  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:11:01.0175 0x08e4  MSPCLOCK - ok
17:11:01.0175 0x08e4  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
17:11:01.0175 0x08e4  MSPQM - ok
17:11:01.0221 0x08e4  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
17:11:01.0221 0x08e4  MsRPC - ok
17:11:01.0268 0x08e4  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
17:11:01.0268 0x08e4  mssmbios - ok
17:11:01.0299 0x08e4  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
17:11:01.0331 0x08e4  MSTEE - ok
17:11:01.0362 0x08e4  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys
17:11:01.0393 0x08e4  Mup - ok
17:11:01.0471 0x08e4  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
17:11:01.0518 0x08e4  napagent - ok
17:11:01.0565 0x08e4  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
17:11:01.0596 0x08e4  NativeWifiP - ok
17:11:02.0005 0x08e4  [ 3BAE2BFCB6D69E19C8373F635DD544DC, A32DB5282ED5AFC1650883B1870E46FDC029EF9225075E6916D2E371F18D8B9E ] NBService       C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
17:11:02.0037 0x08e4  NBService - ok
17:11:02.0099 0x08e4  [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:11:02.0161 0x08e4  NDIS - ok
17:11:02.0177 0x08e4  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:11:02.0177 0x08e4  NdisTapi - ok
17:11:02.0208 0x08e4  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
17:11:02.0208 0x08e4  Ndisuio - ok
17:11:02.0255 0x08e4  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
17:11:02.0255 0x08e4  NdisWan - ok
17:11:02.0286 0x08e4  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
17:11:02.0302 0x08e4  NDProxy - ok
17:11:02.0317 0x08e4  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
17:11:02.0317 0x08e4  NetBIOS - ok
17:11:02.0349 0x08e4  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
17:11:02.0349 0x08e4  netbt - ok
17:11:02.0395 0x08e4  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon        C:\Windows\system32\lsass.exe
17:11:02.0395 0x08e4  Netlogon - ok
17:11:02.0442 0x08e4  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
17:11:02.0458 0x08e4  Netman - ok
17:11:02.0692 0x08e4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:11:02.0863 0x08e4  NetMsmqActivator - ok
17:11:02.0879 0x08e4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:11:02.0895 0x08e4  NetPipeActivator - ok
17:11:02.0941 0x08e4  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
17:11:02.0957 0x08e4  netprofm - ok
17:11:03.0051 0x08e4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:11:03.0066 0x08e4  NetTcpActivator - ok
17:11:03.0113 0x08e4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:11:03.0129 0x08e4  NetTcpPortSharing - ok
17:11:03.0207 0x08e4  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
17:11:03.0238 0x08e4  nfrd960 - ok
17:11:03.0331 0x08e4  [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:11:03.0347 0x08e4  NlaSvc - ok
17:11:03.0487 0x08e4  [ 193FA51DDDD0BFFDED1C340F0434999A, C05CA0A8568E9CBDA15633ED420C29F52082114B2B9F24EB61369E42C480C080 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
17:11:08.0928 0x08e4  NMIndexingService - ok
17:11:09.0022 0x08e4  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:11:09.0053 0x08e4  Npfs - ok
17:11:09.0116 0x08e4  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
17:11:09.0116 0x08e4  nsi - ok
17:11:09.0178 0x08e4  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:11:09.0287 0x08e4  nsiproxy - ok
17:11:09.0662 0x08e4  [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:11:09.0818 0x08e4  Ntfs - ok
17:11:09.0849 0x08e4  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
17:11:09.0864 0x08e4  ntrigdigi - ok
17:11:09.0896 0x08e4  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
17:11:09.0896 0x08e4  Null - ok
17:11:09.0927 0x08e4  [ E69E946F80C1C31C53003BFBF50CBB7C, A0A4BC57822B2CBC75602A969E28DCEDE04B41CC084E1EF1532B1BCDAEAA43BB ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:11:09.0942 0x08e4  nvraid - ok
17:11:09.0974 0x08e4  [ 9E0BA19A28C498A6D323D065DB76DFFC, EA9E33ED2820ED39932FAE114A9CF1D87780ED6605D0260A6F22F920B48F34E9 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:11:09.0989 0x08e4  nvstor - ok
17:11:10.0020 0x08e4  [ 055081FD5076401C1EE1BCAB08D81911, E6621F2D24E7E2544AFD249660F2D1026B94698CA841E79B3F1199ACB2203995 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:11:10.0020 0x08e4  nv_agp - ok
17:11:10.0020 0x08e4  NwlnkFlt - ok
17:11:10.0020 0x08e4  NwlnkFwd - ok
17:11:10.0057 0x08e4  nyiotn - ok
17:11:10.0088 0x08e4  [ BE32DA025A0BE1878F0EE8D6D9386CD5, B9D6CB4626FC67D108D713467C9ED8D0E2A071D98621B5531AD9D0C172FE7B89 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
17:11:10.0088 0x08e4  ohci1394 - ok
17:11:10.0244 0x08e4  [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:11:10.0291 0x08e4  ose - ok
17:11:10.0337 0x08e4  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
17:11:10.0369 0x08e4  p2pimsvc - ok
17:11:10.0431 0x08e4  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
17:11:10.0462 0x08e4  p2psvc - ok
17:11:10.0525 0x08e4  [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport         C:\Windows\system32\drivers\parport.sys
17:11:10.0540 0x08e4  Parport - ok
17:11:10.0618 0x08e4  [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr         C:\Windows\system32\drivers\partmgr.sys
17:11:10.0618 0x08e4  partmgr - ok
17:11:10.0649 0x08e4  [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
17:11:10.0649 0x08e4  Parvdm - ok
17:11:10.0681 0x08e4  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:11:10.0696 0x08e4  PcaSvc - ok
17:11:10.0712 0x08e4  PcdrNdisuio - ok
17:11:10.0774 0x08e4  [ 92FDDBED716BF5C3CB766101563CFCE5, BD77BEB532483FBDBE2D69A7D5193F1EB43514CA7A65934F17AE71DCF397CCD4 ] PCDSRVC{E9D79540-57D5953E-06020101}_0 c:\program files\dell support center\pcdsrvc.pkms
17:11:10.0868 0x08e4  PCDSRVC{E9D79540-57D5953E-06020101}_0 - ok
17:11:10.0899 0x08e4  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys
17:11:10.0899 0x08e4  pci - ok
17:11:10.0946 0x08e4  [ 1636D43F10416AEB483BC6001097B26C, 36E61A993693A46538FE0F726D67BB28886F61D53384AD600D1282296A27662E ] pciide          C:\Windows\system32\drivers\pciide.sys
17:11:10.0946 0x08e4  pciide - ok
17:11:11.0008 0x08e4  [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
17:11:11.0024 0x08e4  pcmcia - ok
17:11:11.0102 0x08e4  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:11:11.0133 0x08e4  PEAUTH - ok
17:11:11.0242 0x08e4  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
17:11:11.0305 0x08e4  pla - ok
17:11:11.0351 0x08e4  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:11:11.0351 0x08e4  PlugPlay - ok
17:11:11.0383 0x08e4  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
17:11:11.0398 0x08e4  PNRPAutoReg - ok
17:11:11.0445 0x08e4  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
17:11:11.0445 0x08e4  PNRPsvc - ok
17:11:11.0617 0x08e4  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
17:11:11.0632 0x08e4  PolicyAgent - ok
17:11:11.0788 0x08e4  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:11:11.0804 0x08e4  PptpMiniport - ok
17:11:11.0851 0x08e4  [ 0E3CEF5D28B40CF273281D620C50700A, 8ADA99B4563AE2129B95136295EE92A94102B035EBBC83D4C8587ECE8B0DEE60 ] Processor       C:\Windows\system32\drivers\processr.sys
17:11:11.0851 0x08e4  Processor - ok
17:11:11.0882 0x08e4  [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc         C:\Windows\system32\profsvc.dll
17:11:11.0882 0x08e4  ProfSvc - ok
17:11:11.0913 0x08e4  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
17:11:11.0913 0x08e4  ProtectedStorage - ok
17:11:11.0997 0x08e4  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
17:11:11.0999 0x08e4  PSched - ok
17:11:12.0162 0x08e4  [ EA735BF6DF13A857A83C99BF27A422AD, 026A57155FB9E01CFAFD8613980CDF0F3D744ABBBC66EFDC6C20B89980FB45CF ] PST Service     C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe
17:11:12.0193 0x08e4  PST Service - ok
17:11:12.0271 0x08e4  [ CCDAC889326317792480C0A67156A1EC, 3D3B561B6D4E12DE442C98993C929765F002AF5CFB5A00EFACE6ABE957F7E8AF ] ql2300          C:\Windows\system32\drivers\ql2300.sys
17:11:12.0334 0x08e4  ql2300 - ok
17:11:12.0365 0x08e4  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
17:11:12.0380 0x08e4  ql40xx - ok
17:11:12.0427 0x08e4  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
17:11:12.0443 0x08e4  QWAVE - ok
17:11:12.0490 0x08e4  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:11:12.0490 0x08e4  QWAVEdrv - ok
17:11:12.0755 0x08e4  [ E642B131FB74CAF4BB8A014F31113142, 18A81B27FB2DA556AC51DBA8956203A6E821D75B2B09F11049250E732318F573 ] R300            C:\Windows\system32\DRIVERS\atikmdag.sys
17:11:12.0864 0x08e4  R300 - ok
17:11:12.0926 0x08e4  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:11:12.0942 0x08e4  RasAcd - ok
17:11:12.0989 0x08e4  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
17:11:12.0989 0x08e4  RasAuto - ok
17:11:13.0036 0x08e4  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
17:11:13.0036 0x08e4  Rasl2tp - ok
17:11:13.0082 0x08e4  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
17:11:13.0082 0x08e4  RasMan - ok
17:11:13.0145 0x08e4  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:11:13.0145 0x08e4  RasPppoe - ok
17:11:13.0160 0x08e4  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
17:11:13.0176 0x08e4  RasSstp - ok
17:11:13.0223 0x08e4  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:11:13.0238 0x08e4  rdbss - ok
17:11:13.0254 0x08e4  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:11:13.0270 0x08e4  RDPCDD - ok
17:11:13.0301 0x08e4  [ 0245418224CFA77BF4B41C2FE0622258, 532A8ABB476A1723FDD25A12EA07C97F2588F24D0AE6F86C0105112A9AECCDB9 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
17:11:13.0301 0x08e4  rdpdr - ok
17:11:13.0332 0x08e4  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:11:13.0332 0x08e4  RDPENCDD - ok
17:11:13.0379 0x08e4  [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
17:11:13.0457 0x08e4  RDPWD - ok
17:11:13.0536 0x08e4  [ A0FF419B61AE47E26ADF3BB15DB4F2FE, 974FF9751D123E212BD3CE8DAE70D4BCCC988A01431A1BD91A532849E492BBD8 ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
17:11:13.0536 0x08e4  RealNetworks Downloader Resolver Service - ok
17:11:13.0570 0x08e4  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:11:13.0573 0x08e4  RemoteAccess - ok
17:11:13.0628 0x08e4  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:11:13.0628 0x08e4  RemoteRegistry - ok
17:11:13.0659 0x08e4  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
17:11:13.0675 0x08e4  RpcLocator - ok
17:11:13.0737 0x08e4  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs           C:\Windows\system32\rpcss.dll
17:11:13.0753 0x08e4  RpcSs - ok
17:11:13.0784 0x08e4  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:11:13.0784 0x08e4  rspndr - ok
17:11:13.0815 0x08e4  RTL8192cu - ok
17:11:13.0846 0x08e4  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs           C:\Windows\system32\lsass.exe
17:11:13.0846 0x08e4  SamSs - ok
17:11:13.0909 0x08e4  [ 39763504067962108505BFF25F024345, 73C9710B61EDC7FBEDE1D7A767AA3D3A169E7AD012494D05CB5EE7E5C5752BB9 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
17:11:13.0909 0x08e4  SASDIFSV - ok
17:11:13.0956 0x08e4  [ 77B9FC20084B48408AD3E87570EB4A85, B5BC5FEC1356DECB66A7A671DB67112BDAC8F942BF1C4B986B1805B41EF362B1 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
17:11:13.0956 0x08e4  SASKUTIL - ok
17:11:14.0034 0x08e4  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:11:14.0034 0x08e4  sbp2port - ok
17:11:14.0074 0x08e4  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:11:14.0074 0x08e4  SCardSvr - ok
17:11:14.0136 0x08e4  [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule        C:\Windows\system32\schedsvc.dll
17:11:14.0152 0x08e4  Schedule - ok
17:11:14.0245 0x08e4  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:11:14.0245 0x08e4  SCPolicySvc - ok
17:11:14.0277 0x08e4  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:11:14.0277 0x08e4  SDRSVC - ok
17:11:14.0292 0x08e4  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:11:14.0292 0x08e4  secdrv - ok
17:11:14.0323 0x08e4  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll
17:11:14.0339 0x08e4  seclogon - ok
17:11:14.0433 0x08e4  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\system32\sens.dll
17:11:14.0448 0x08e4  SENS - ok
17:11:14.0542 0x08e4  [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum         C:\Windows\system32\drivers\serenum.sys
17:11:14.0542 0x08e4  Serenum - ok
17:11:14.0557 0x08e4  [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial          C:\Windows\system32\drivers\serial.sys
17:11:14.0557 0x08e4  Serial - ok
17:11:14.0589 0x08e4  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
17:11:14.0620 0x08e4  sermouse - ok
17:11:14.0698 0x08e4  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
17:11:14.0698 0x08e4  SessionEnv - ok
17:11:14.0745 0x08e4  [ 51CF56AA8BCC241F134B420B8F850406, 41DA7438039C791C35BDA5BD255D2CCFA85E5250325FAE4D5A4182AD819E71F1 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
17:11:14.0760 0x08e4  sffdisk - ok
17:11:14.0807 0x08e4  [ 96DED8B20C734AC41641CE275250E55D, E88317D0B31A98917AD30AD9F8CF6B59C1141FFBF7A150D8675A29B95FF150F3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:11:14.0807 0x08e4  sffp_mmc - ok
17:11:14.0823 0x08e4  [ 8B08CAB1267B2C377883FC9E56981F90, 4444AC438E805129103FAA48F22D0D6893AC5BD8FCA2A6D4DA51EBD8C75B7529 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
17:11:14.0838 0x08e4  sffp_sd - ok
17:11:14.0869 0x08e4  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
17:11:14.0885 0x08e4  sfloppy - ok
17:11:14.0947 0x08e4  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:11:14.0963 0x08e4  SharedAccess - ok
17:11:15.0025 0x08e4  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:11:15.0041 0x08e4  ShellHWDetection - ok
17:11:15.0088 0x08e4  [ 08072B2FB92477FC813271A84B3A8698, A97ABDEB5E37F7B50DD6168FAAD524BE82418FC7818BB667C10951408FB6EB70 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
17:11:15.0103 0x08e4  sisagp - ok
17:11:15.0119 0x08e4  [ CEDD6F4E7D84E9F98B34B3FE988373AA, E102977E6FAC30B5ABEEC0B412A9F2A10C5C42F4D9C3AD69296BF9E1E88B6141 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
17:11:15.0123 0x08e4  SiSRaid2 - ok
17:11:15.0178 0x08e4  [ DF843C528C4F69D12CE41CE462E973A7, A2BEC74FCB8D8B6B9D8DD4746C013DFDF1DD662AEFE9B88CA495E5B83B4A76F9 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
17:11:15.0210 0x08e4  SiSRaid4 - ok
17:11:15.0512 0x08e4  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe
17:11:15.0574 0x08e4  slsvc - ok
17:11:15.0652 0x08e4  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
17:11:15.0652 0x08e4  SLUINotify - ok
17:11:15.0921 0x08e4  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys
17:11:15.0937 0x08e4  Smb - ok
17:11:15.0999 0x08e4  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:11:15.0999 0x08e4  SNMPTRAP - ok
17:11:16.0080 0x08e4  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
17:11:16.0081 0x08e4  spldr - ok
17:11:16.0159 0x08e4  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe
17:11:16.0159 0x08e4  Spooler - ok
17:11:16.0300 0x08e4  sprtsvc_dellsupportcenter - ok
17:11:16.0362 0x08e4  [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:11:16.0377 0x08e4  srv - ok
17:11:16.0524 0x08e4  [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:11:16.0539 0x08e4  srv2 - ok
17:11:16.0851 0x08e4  [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:11:16.0898 0x08e4  srvnet - ok
17:11:17.0076 0x08e4  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:11:17.0091 0x08e4  SSDPSRV - ok
17:11:17.0146 0x08e4  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:11:17.0146 0x08e4  SstpSvc - ok
17:11:17.0195 0x08e4  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
17:11:17.0228 0x08e4  stisvc - ok
17:11:17.0290 0x08e4  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
17:11:17.0290 0x08e4  swenum - ok
17:11:17.0465 0x08e4  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll
17:11:17.0480 0x08e4  swprv - ok
17:11:17.0574 0x08e4  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
17:11:17.0589 0x08e4  Symc8xx - ok
17:11:17.0848 0x08e4  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
17:11:17.0880 0x08e4  Sym_hi - ok
17:11:17.0881 0x08e4  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
17:11:17.0883 0x08e4  Sym_u3 - ok
17:11:17.0951 0x08e4  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll
17:11:17.0968 0x08e4  SysMain - ok
17:11:18.0014 0x08e4  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:11:18.0014 0x08e4  TabletInputService - ok
17:11:18.0047 0x08e4  [ 5E5CAB2BE8F078DCD0D3BFE6AE87AA2E, 9FA1F711BB7CA3E24F20C54953450BE2F31DCB49A475D97534CF41F358066450 ] taphss6         C:\Windows\system32\DRIVERS\taphss6.sys
17:11:18.0047 0x08e4  taphss6 - ok
17:11:18.0108 0x08e4  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:11:18.0123 0x08e4  TapiSrv - ok
17:11:18.0155 0x08e4  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
17:11:18.0155 0x08e4  TBS - ok
17:11:18.0311 0x08e4  [ A4196D394207369E1431E8681B373312, BEF96BAB70FDF94F8CB2942BDEA9B4D934443E5305E3FD737809C3F7524B1E8E ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:11:18.0326 0x08e4  Tcpip - ok
17:11:18.0576 0x08e4  [ A4196D394207369E1431E8681B373312, BEF96BAB70FDF94F8CB2942BDEA9B4D934443E5305E3FD737809C3F7524B1E8E ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
17:11:18.0591 0x08e4  Tcpip6 - ok
17:11:18.0638 0x08e4  [ 95389980F70FC4990A4395A0B8BBE1D6, FB5CBC85733A4EC4FB9F210A5D4E5989F6A3F2995D895F5B41163CDFC04DB82C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:11:18.0638 0x08e4  tcpipreg - ok
17:11:18.0669 0x08e4  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:11:18.0685 0x08e4  TDPIPE - ok
17:11:18.0716 0x08e4  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
17:11:18.0716 0x08e4  TDTCP - ok
17:11:18.0747 0x08e4  [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:11:18.0747 0x08e4  tdx - ok
17:11:18.0779 0x08e4  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
17:11:18.0794 0x08e4  TermDD - ok
17:11:18.0888 0x08e4  [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService     C:\Windows\System32\termsrv.dll
17:11:18.0903 0x08e4  TermService - ok
17:11:18.0935 0x08e4  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
17:11:18.0950 0x08e4  Themes - ok
17:11:18.0997 0x08e4  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
17:11:18.0997 0x08e4  THREADORDER - ok
17:11:19.0059 0x08e4  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
17:11:19.0075 0x08e4  TrkWks - ok
17:11:19.0137 0x08e4  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:11:19.0137 0x08e4  TrustedInstaller - ok
17:11:19.0184 0x08e4  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:11:19.0215 0x08e4  tssecsrv - ok
17:11:19.0247 0x08e4  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
17:11:19.0247 0x08e4  tunmp - ok
17:11:19.0278 0x08e4  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:11:19.0278 0x08e4  tunnel - ok
17:11:19.0325 0x08e4  [ C3ADE15414120033A36C0F293D4A4121, 74A002C4B5EBD94E33EDEACB6639AF44ED72A8DDE3083C6DE71C1EE937EF1A9C ] uagp35          C:\Windows\system32\drivers\uagp35.sys
17:11:19.0325 0x08e4  uagp35 - ok
17:11:19.0356 0x08e4  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:11:19.0371 0x08e4  udfs - ok
17:11:19.0403 0x08e4  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
17:11:19.0418 0x08e4  UI0Detect - ok
17:11:19.0449 0x08e4  [ 6D72EF05921ABDF59FC45C7EBFE7E8DD, 9102CB4B5E8B858B61DE1508C6A00D75584741891899966258E510173DBF7BB9 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:11:19.0481 0x08e4  uliagpkx - ok
17:11:19.0512 0x08e4  [ 3CD4EA35A6221B85DCC25DAA46313F8D, 100A7E12B8EA395F70A00874328E87B930CE88FF442F3576FE88B105A22E04C5 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
17:11:19.0512 0x08e4  uliahci - ok
17:11:19.0543 0x08e4  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
17:11:19.0543 0x08e4  UlSata - ok
17:11:19.0605 0x08e4  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
17:11:19.0621 0x08e4  ulsata2 - ok
17:11:19.0683 0x08e4  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
17:11:19.0683 0x08e4  umbus - ok
17:11:19.0730 0x08e4  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
17:11:19.0730 0x08e4  upnphost - ok
17:11:19.0793 0x08e4  [ 1114579556DB85E9FAF9590DBC64CD62, 10479A3C12BBBB9B5759082358FE11AC20BAEFA6B4977C8AE6E60AA17BE6C7FA ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
17:11:19.0793 0x08e4  usbaudio - ok
17:11:19.0839 0x08e4  [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
17:11:19.0855 0x08e4  usbccgp - ok
17:11:19.0886 0x08e4  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
17:11:19.0902 0x08e4  usbcir - ok
17:11:19.0918 0x08e4  [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
17:11:19.0921 0x08e4  usbehci - ok
17:11:19.0955 0x08e4  [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:11:19.0986 0x08e4  usbhub - ok
17:11:19.0989 0x08e4  [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci         C:\Windows\system32\drivers\usbohci.sys
17:11:19.0991 0x08e4  usbohci - ok
17:11:20.0043 0x08e4  [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
17:11:20.0043 0x08e4  usbprint - ok
17:11:20.0076 0x08e4  [ A508C9BD8724980512136B039BBA65E9, B39B72471C468AC997AEC528599EDC98A031F5A7EB91C4F9471402D48D2D4E3E ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
17:11:20.0076 0x08e4  usbscan - ok
17:11:20.0097 0x08e4  [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:11:20.0101 0x08e4  USBSTOR - ok
17:11:20.0135 0x08e4  [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
17:11:20.0135 0x08e4  usbuhci - ok
17:11:20.0168 0x08e4  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll
17:11:20.0184 0x08e4  UxSms - ok
17:11:20.0278 0x08e4  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe
17:11:20.0294 0x08e4  vds - ok
17:11:20.0454 0x08e4  [ 7D92BE0028ECDEDEC74617009084B5EF, D0749CE6FA3415BA4364299F8D6D53F133E8D2F44C6F1057996243415A540A53 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
17:11:20.0454 0x08e4  vga - ok
17:11:20.0501 0x08e4  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
17:11:20.0501 0x08e4  VgaSave - ok
17:11:20.0503 0x08e4  [ D5929A28BDFF4367A12CAF06AF901971, DE2A60A9EE1ABACEE6221E4AD5D4AA4CBA12FED448EB36CA3B7A9A5F09A8DC8C ] viaagp          C:\Windows\system32\drivers\viaagp.sys
17:11:20.0519 0x08e4  viaagp - ok
17:11:20.0525 0x08e4  [ 56A4DE5F02F2E88182B0981119B4DD98, 36FC94BCFD41907838DBCB02E6EA24065FDED4224239CD19E90D14433BE9108B ] ViaC7           C:\Windows\system32\drivers\viac7.sys
17:11:20.0527 0x08e4  ViaC7 - ok
17:11:20.0548 0x08e4  [ F3B4762EB85A2AFF4999401F14C3262B, 462B3A61AE82307292C8C75041514789AD2D1E3CF31A8A35E39A19989FD394C3 ] viaide          C:\Windows\system32\drivers\viaide.sys
17:11:20.0550 0x08e4  viaide - ok
17:11:20.0609 0x08e4  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:11:20.0609 0x08e4  volmgr - ok
17:11:20.0744 0x08e4  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
17:11:20.0744 0x08e4  volmgrx - ok
17:11:20.0760 0x08e4  [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
17:11:20.0792 0x08e4  volsnap - ok
17:11:20.0841 0x08e4  [ D984439746D42B30FC65A4C3546C6829, B134A9890638C2B4964A9C30812A2828A3E0CC641690CBF22D9FCE65EE3C2385 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
17:11:20.0904 0x08e4  vsmraid - ok
17:11:20.0983 0x08e4  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe
17:11:21.0006 0x08e4  VSS - ok
17:11:21.0075 0x08e4  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll
17:11:21.0091 0x08e4  W32Time - ok
17:11:21.0092 0x08e4  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
17:11:21.0115 0x08e4  WacomPen - ok
17:11:21.0153 0x08e4  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
17:11:21.0170 0x08e4  Wanarp - ok
17:11:21.0175 0x08e4  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:11:21.0178 0x08e4  Wanarpv6 - ok
17:11:21.0267 0x08e4  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
17:11:21.0282 0x08e4  wcncsvc - ok
17:11:21.0313 0x08e4  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:11:21.0318 0x08e4  WcsPlugInService - ok
17:11:21.0352 0x08e4  [ AFC5AD65B991C1E205CF25CFDBF7A6F4, 544173AE85A11B99B9221DB30B6803DAEB3EB7FCA57FE62F0D13EF70B9C69A89 ] Wd              C:\Windows\system32\drivers\wd.sys
17:11:21.0354 0x08e4  Wd - ok
17:11:21.0494 0x08e4  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:11:21.0505 0x08e4  Wdf01000 - ok
17:11:21.0554 0x08e4  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:11:21.0570 0x08e4  WdiServiceHost - ok
17:11:21.0768 0x08e4  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
17:11:21.0772 0x08e4  WdiSystemHost - ok
17:11:21.0876 0x08e4  [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient       C:\Windows\System32\webclnt.dll
17:11:21.0884 0x08e4  WebClient - ok
17:11:22.0029 0x08e4  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:11:22.0034 0x08e4  Wecsvc - ok
17:11:22.0086 0x08e4  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
17:11:22.0090 0x08e4  wercplsupport - ok
17:11:22.0123 0x08e4  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
17:11:22.0130 0x08e4  WerSvc - ok
17:11:22.0190 0x08e4  [ 6D2350BB6E77E800FC4BE4E5B7A2E89A, 5C70AA76991B85D4EA52C70A03C932B34B51133CC55B3F4CC25F4A7044574885 ] winachsf        C:\Windows\system32\DRIVERS\HSX_CNXT.sys
17:11:22.0240 0x08e4  winachsf - ok
17:11:22.0363 0x08e4  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
17:11:22.0511 0x08e4  WinDefend - ok
17:11:22.0552 0x08e4  WinHttpAutoProxySvc - ok
17:11:22.0687 0x08e4  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
17:11:22.0692 0x08e4  Winmgmt - ok
17:11:22.0779 0x08e4  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll
17:11:22.0809 0x08e4  WinRM - ok
17:11:23.0028 0x08e4  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll
17:11:23.0043 0x08e4  Wlansvc - ok
17:11:23.0589 0x08e4  [ 0A70F4022EC2E14C159EFC4F69AA2477, FF248136576F9803762C54DE5439D3411B52DCBC95B93176A5DAB857967D9AC4 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:11:23.0699 0x08e4  wlidsvc - ok
17:11:23.0808 0x08e4  [ 17EAC0D023A65FA9B02114CC2BAACAD5, CD5856326959DA58B18E2AFD235552E25A410AC6F23F437E7708350833AD8657 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
17:11:23.0808 0x08e4  WmiAcpi - ok
17:11:23.0886 0x08e4  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:11:23.0886 0x08e4  wmiApSrv - ok
17:11:24.0073 0x08e4  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
17:11:24.0089 0x08e4  WMPNetworkSvc - ok
17:11:24.0135 0x08e4  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:11:24.0151 0x08e4  WPCSvc - ok
17:11:24.0182 0x08e4  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:11:24.0182 0x08e4  WPDBusEnum - ok
17:11:24.0229 0x08e4  [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
17:11:24.0229 0x08e4  WpdUsb - ok
17:11:24.0854 0x08e4  [ F8D3544ACBCE9110362119F7C10D848E, 31C49201A931751A36286874AC0B929D886F490D7CE48CCC9283850A56AD9FD9 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
17:11:24.0870 0x08e4  WPFFontCache_v0400 - ok
17:11:24.0916 0x08e4  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
17:11:24.0916 0x08e4  ws2ifsl - ok
17:11:24.0963 0x08e4  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\system32\wscsvc.dll
17:11:24.0963 0x08e4  wscsvc - ok
17:11:24.0979 0x08e4  WSearch - ok
17:11:25.0416 0x08e4  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
17:11:25.0478 0x08e4  wuauserv - ok
17:11:25.0525 0x08e4  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:11:25.0525 0x08e4  WudfPf - ok
17:11:25.0556 0x08e4  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
17:11:25.0556 0x08e4  WUDFRd - ok
17:11:25.0603 0x08e4  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
17:11:25.0603 0x08e4  wudfsvc - ok
17:11:25.0650 0x08e4  [ 5A7FF9A18FF6D7E0527FE3ABF9204EF8, 3660379AADB6DB56E54D9C680929CD3882CDE4E6A8BB888FC892110D6B50C627 ] XAudio          C:\Windows\system32\DRIVERS\xaudio.sys
17:11:25.0665 0x08e4  XAudio - ok
17:11:25.0696 0x08e4  [ 28DC5D626E036A75A572556F0A6EB1F6, 9AE635C08B87AD85A552ADE0AF8BA10DC258E0DEFE133A2A74EFCD43B7A38A98 ] XAudioService   C:\Windows\system32\DRIVERS\xaudio.exe
17:11:25.0696 0x08e4  XAudioService - ok
17:11:25.0728 0x08e4  ================ Scan global ===============================
17:11:25.0821 0x08e4  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
17:11:25.0884 0x08e4  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
17:11:25.0915 0x08e4  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
17:11:26.0040 0x08e4  [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
17:11:26.0055 0x08e4  [ Global ] - ok
17:11:26.0055 0x08e4  ================ Scan MBR ==================================
17:11:26.0071 0x08e4  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
17:11:26.0445 0x08e4  \Device\Harddisk0\DR0 - ok
17:11:26.0445 0x08e4  ================ Scan VBR ==================================
17:11:26.0461 0x08e4  [ 2C5A33D146499639B4B6692F1DB3300E ] \Device\Harddisk0\DR0\Partition1
17:11:26.0492 0x08e4  \Device\Harddisk0\DR0\Partition1 - ok
17:11:26.0508 0x08e4  [ CD920C6AC2405D3674DF0DD3C774D22C ] \Device\Harddisk0\DR0\Partition2
17:11:26.0539 0x08e4  \Device\Harddisk0\DR0\Partition2 - ok
17:11:26.0539 0x08e4  ================ Scan generic autorun ======================
17:11:28.0114 0x08e4  [ 805210C8DB11D5799E7172923959BF98, A8DCB8A6FDE5ED583D329D6D8A5979FFD3E844046335529BB2E81A5D310E5894 ] C:\Program Files\CCleaner\CCleaner.exe
17:11:29.0113 0x08e4  CCleaner Monitoring - ok
17:11:29.0534 0x08e4  [ 796B7EA3D8D1677EBA3710EC60400748, 2AC9DA53F56B633A561078850D037807AC7A0D74C7B8E2F92F397EDF45574369 ] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
17:11:29.0815 0x08e4  SUPERAntiSpyware - ok
17:11:29.0830 0x08e4  Waiting for KSN requests completion. In queue: 180
17:11:30.0844 0x08e4  Waiting for KSN requests completion. In queue: 2
17:11:31.0858 0x08e4  Waiting for KSN requests completion. In queue: 2
17:11:32.0888 0x08e4  AV detected via SS2: AVG AntiVirus Free Edition 2015, C:\Program Files\AVG\AVG2015\avgwsc.exe ( 15.0.0.5315 ), 0x41010 ( enabled : outofdate )
17:11:32.0904 0x08e4  Win FW state via NFP2: disabled
17:11:34.0698 0x08e4  ============================================================
17:11:34.0698 0x08e4  Scan finished
17:11:34.0698 0x08e4  ============================================================
17:11:34.0698 0x0a78  Detected object count: 0
17:11:34.0698 0x0a78  Actual detected object count: 0


#4 DrgnHmcd

DrgnHmcd
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:10:10 AM

Posted 01 January 2015 - 07:24 PM

# AdwCleaner v4.106 - Report created 01/01/2015 at 17:20:18
# Updated 21/12/2014 by Xplode
# Database : 2015-01-01.1 [Live]
# Operating System : Windows Vista ™ Home Basic Service Pack 2 (32 bits)
# Username : Mike & Deb - DIMAIOFAMILY
# Running from : C:\Users\Mike & Deb\Desktop\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
Service Found : hshld
Service Found : hsstrayservice
Service Found : hsswd
 
***** [ Files / Folders ] *****
 
File Found : C:\Windows\system32\conduitEngine.tmp
Folder Found : C:\Program Files\Bench
Folder Found : C:\Program Files\hotspot shield
Folder Found : C:\ProgramData\Alawar Entertainment
Folder Found : C:\ProgramData\Alawar Stargaze
Folder Found : C:\ProgramData\AlawarEntertainment
Folder Found : C:\ProgramData\Conduit
Folder Found : C:\ProgramData\hotspot shield
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hotspot shield
Folder Found : C:\ProgramData\ParetoLogic
Folder Found : C:\ProgramData\Trymedia
Folder Found : C:\ProgramData\Yahoo! Companion
Folder Found : C:\Users\Mike & Deb\AppData\Local\BenchUpdater
Folder Found : C:\Users\Mike & Deb\AppData\LocalLow\Conduit
Folder Found : C:\Users\Mike & Deb\AppData\LocalLow\Delta
Folder Found : C:\Users\Mike & Deb\AppData\LocalLow\HPAppData
Folder Found : C:\Users\Mike & Deb\AppData\Roaming\Alawar Entertainment
Folder Found : C:\Users\Mike & Deb\AppData\Roaming\Alawar Stargaze
Folder Found : C:\Users\Mike & Deb\AppData\Roaming\AlawarEntertainment
Folder Found : C:\Users\Mike & Deb\AppData\Roaming\DriverCure
Folder Found : C:\Users\Mike & Deb\AppData\Roaming\hotspot shield
Folder Found : C:\Users\Mike & Deb\AppData\Roaming\iWin
Folder Found : C:\Users\Mike & Deb\AppData\Roaming\ParetoLogic
Folder Found : C:\Users\Mike & Deb\AppData\Roaming\quickclick
Folder Found : C:\Users\Mike & Deb\AppData\Roaming\RHEng
Folder Found : C:\Users\Mike & Deb\AppData\Roaming\WebCake
Folder Found : C:\Windows\system32\hotspot shield
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\anchorfree
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{877D0E59-6CBD-43C6-966F-1F4BA343AEEC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Boost
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BrowserSafeGuard
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DesktopWeatherAlerts
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\hotspotshield
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mywebsearch bar uninstall
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchProtect
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\wincheck
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Yahoo! Companion
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{87EAB409-97D7-4889-ACFA-C548FC6F3ECF}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\ParetoLogic
Key Found : HKCU\Software\powerpack
Key Found : HKCU\Software\USyndication
Key Found : HKCU\Software\usyndication.com
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Found : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1FCD7139-C2A3-49AD-8B9E-E82E48AE5DF6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{319FCB76-1568-4EFA-863B-B03A2B16EB5C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4796719D-2B92-47BC-920B-77BCDBDBCB6A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{64A66B25-A70F-4373-95EF-3A1DB6040B3A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6FC5F7E0-D65A-465C-B8EE-A5F8E008D6DF}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{731D436C-464C-4F29-BFB2-DE9C458535AE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7C89C8A6-991C-4626-9E26-B12EB4D89C04}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EEF00686-CAB8-4885-9CCB-78FF483041AA}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FDA55C78-736E-4E8A-996C-4A80FC0396FB}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT1561552
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3298566
Key Found : HKLM\SOFTWARE\CompeteInc
Key Found : HKLM\SOFTWARE\hotspotshield
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{362269bd-c93c-460f-9255-3bd667eb7f0a}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hotspotshield
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Toolbar
Key Found : HKLM\SOFTWARE\ParetoLogic
Key Found : HKLM\SOFTWARE\Solvusoft
Key Found : HKLM\SOFTWARE\Trymedia Systems
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v9.0.8112.16555
 
 
-\\ Google Chrome v39.0.2171.95
 
 
*************************
 
AdwCleaner[R0].txt - [7407 octets] - [01/01/2015 17:20:18]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [7467 octets] ##########


#5 DrgnHmcd

DrgnHmcd
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:10:10 AM

Posted 01 January 2015 - 07:26 PM

Farbar Service Scanner Version: 21-07-2014
Ran by Mike & Deb (administrator) on 01-01-2015 at 17:25:38
Running from "C:\Users\Mike & Deb\Desktop"
Microsoft® Windows Vista™ Home Basic  Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0
 
 
System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.
 
VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.
 
 
System Restore Disabled Policy: 
========================
 
 
Security Center:
============
 
Security Center Notification Icon =====> Unable to open HKLM\...\ShellServiceObjects\{FD6905CE-952F-41F1-9A6F-135D9C6622CC} key. The key does not exist.
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
 
RpcSs Service is not running. Checking service configuration:
The start type of RpcSs service is OK.
The ImagePath of RpcSs service is OK.
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\system32\nsisvc.dll => File is digitally signed
C:\Windows\system32\Drivers\nsiproxy.sys => File is digitally signed
C:\Windows\system32\dhcpcsvc.dll => File is digitally signed
C:\Windows\system32\Drivers\afd.sys => File is digitally signed
C:\Windows\system32\Drivers\tdx.sys => File is digitally signed
C:\Windows\system32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\system32\dnsrslvr.dll => File is digitally signed
C:\Windows\system32\mpssvc.dll => File is digitally signed
C:\Windows\system32\bfe.dll => File is digitally signed
C:\Windows\system32\Drivers\mpsdrv.sys => File is digitally signed
C:\Windows\system32\SDRSVC.dll => File is digitally signed
C:\Windows\system32\vssvc.exe => File is digitally signed
C:\Windows\system32\wscsvc.dll => File is digitally signed
C:\Windows\system32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\system32\wuaueng.dll => File is digitally signed
C:\Windows\system32\qmgr.dll => File is digitally signed
C:\Windows\system32\es.dll => File is digitally signed
C:\Windows\system32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\system32\ipnathlp.dll => File is digitally signed
C:\Windows\system32\iphlpsvc.dll => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
 
 
**** End of log ****


#6 DrgnHmcd

DrgnHmcd
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:10:10 AM

Posted 01 January 2015 - 07:43 PM

MiniToolBox by Farbar  Version: 30-11-2014
Ran by Mike & Deb (administrator) on 01-01-2015 at 17:39:23
Running from "C:\Users\Mike & Deb\Desktop"
Microsoft® Windows Vista™ Home Basic  Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
Intel® 82562V-2 10/100 Network Connection = Local Area Connection (Connected)
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
 
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (01/01/2015 05:38:52 PM) (Source: Application Hang) (User: )
Description: The program MiniToolBox.exe version 30.7.2014.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 15f4
Start Time: 01d026243626e278
Termination Time: 0
 
Error: (01/01/2015 05:36:53 PM) (Source: Application Hang) (User: )
Description: The program MiniToolBox.exe version 30.7.2014.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: b7c
Start Time: 01d02622caccd948
Termination Time: 0
 
Error: (01/01/2015 05:25:12 PM) (Source: Application Error) (User: )
Description: Faulting application hsswd.exe, version 0.0.0.0, time stamp 0x51087583, faulting module hsswd.exe, version 0.0.0.0, time stamp 0x51087583, exception code 0x40000015, fault offset 0x0002e394,
process id 0x2c8, application start time 0xhsswd.exe0.
 
Error: (01/01/2015 01:32:04 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 1330. SA_Error1330: StandardAction(0xC0070532): A file that is required cannot be installed because the cabinet file C:\ProgramData\AVG2015\SetupBackup\COREx.cab has an invalid digital signature. This may indicate that the cabinet file is corrupt.  Error 24577 was returned by WinVerifyTrust.
 
Error: (01/01/2015 01:32:04 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 1330. SA_Error1330: StandardAction(0xC0070532): A file that is required cannot be installed because the cabinet file C:\ProgramData\AVG2015\SetupBackup\COREx.cab has an invalid digital signature. This may indicate that the cabinet file is corrupt.  Error 24577 was returned by WinVerifyTrust.
 
Error: (12/31/2014 09:31:59 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 1330. SA_Error1330: StandardAction(0xC0070532): A file that is required cannot be installed because the cabinet file C:\ProgramData\AVG2015\SetupBackup\COREx.cab has an invalid digital signature. This may indicate that the cabinet file is corrupt.  Error 24577 was returned by WinVerifyTrust.
 
Error: (12/31/2014 09:31:59 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 1330. SA_Error1330: StandardAction(0xC0070532): A file that is required cannot be installed because the cabinet file C:\ProgramData\AVG2015\SetupBackup\COREx.cab has an invalid digital signature. This may indicate that the cabinet file is corrupt.  Error 24577 was returned by WinVerifyTrust.
 
Error: (12/31/2014 05:57:44 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 1330. SA_Error1330: StandardAction(0xC0070532): A file that is required cannot be installed because the cabinet file C:\ProgramData\AVG2015\SetupBackup\COREx.cab has an invalid digital signature. This may indicate that the cabinet file is corrupt.  Error 24577 was returned by WinVerifyTrust.
 
Error: (12/31/2014 05:57:44 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 1330. SA_Error1330: StandardAction(0xC0070532): A file that is required cannot be installed because the cabinet file C:\ProgramData\AVG2015\SetupBackup\COREx.cab has an invalid digital signature. This may indicate that the cabinet file is corrupt.  Error 24577 was returned by WinVerifyTrust.
 
Error: (12/31/2014 01:57:40 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 1330. SA_Error1330: StandardAction(0xC0070532): A file that is required cannot be installed because the cabinet file C:\ProgramData\AVG2015\SetupBackup\COREx.cab has an invalid digital signature. This may indicate that the cabinet file is corrupt.  Error 24577 was returned by WinVerifyTrust.
 
 
System errors:
=============
Error: (09/01/2010 06:55:21 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 6:05:08 PM on 9/1/2010 was unexpected.
 
Error: (08/30/2010 07:32:53 PM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueueKerberos
 
Error: (08/30/2010 07:32:51 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 7:20:04 PM on 8/30/2010 was unexpected.
 
Error: (08/30/2010 06:31:38 PM) (Source: Service Control Manager) (User: )
Description: 30000Netman
 
Error: (08/30/2010 03:36:42 PM) (Source: Service Control Manager) (User: )
Description: HP CUE DeviceDiscovery Service
 
Error: (08/30/2010 03:35:04 PM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueueKerberos
 
Error: (08/30/2010 03:35:01 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 11:31:04 PM on 8/29/2010 was unexpected.
 
Error: (08/29/2010 06:27:38 PM) (Source: Service Control Manager) (User: )
Description: HP CUE DeviceDiscovery Service
 
Error: (08/29/2010 06:25:52 PM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueueKerberos
 
Error: (08/29/2010 06:25:49 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 5:42:28 PM on 8/29/2010 was unexpected.
 
 
Microsoft Office Sessions:
=========================
Error: (01/01/2015 05:38:52 PM) (Source: Application Hang)(User: )
Description: MiniToolBox.exe30.7.2014.015f401d026243626e2780
 
Error: (01/01/2015 05:36:53 PM) (Source: Application Hang)(User: )
Description: MiniToolBox.exe30.7.2014.0b7c01d02622caccd9480
 
Error: (01/01/2015 05:25:12 PM) (Source: Application Error)(User: )
Description: hsswd.exe0.0.0.051087583hsswd.exe0.0.0.051087583400000150002e3942c801d026204aea64b8
 
Error: (01/01/2015 01:32:04 AM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 1330. SA_Error1330: StandardAction(0xC0070532): A file that is required cannot be installed because the cabinet file C:\ProgramData\AVG2015\SetupBackup\COREx.cab has an invalid digital signature. This may indicate that the cabinet file is corrupt.  Error 24577 was returned by WinVerifyTrust.(NULL)(NULL)(NULL)(NULL)
 
Error: (01/01/2015 01:32:04 AM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 1330. SA_Error1330: StandardAction(0xC0070532): A file that is required cannot be installed because the cabinet file C:\ProgramData\AVG2015\SetupBackup\COREx.cab has an invalid digital signature. This may indicate that the cabinet file is corrupt.  Error 24577 was returned by WinVerifyTrust.(NULL)(NULL)(NULL)(NULL)
 
Error: (12/31/2014 09:31:59 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 1330. SA_Error1330: StandardAction(0xC0070532): A file that is required cannot be installed because the cabinet file C:\ProgramData\AVG2015\SetupBackup\COREx.cab has an invalid digital signature. This may indicate that the cabinet file is corrupt.  Error 24577 was returned by WinVerifyTrust.(NULL)(NULL)(NULL)(NULL)
 
Error: (12/31/2014 09:31:59 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 1330. SA_Error1330: StandardAction(0xC0070532): A file that is required cannot be installed because the cabinet file C:\ProgramData\AVG2015\SetupBackup\COREx.cab has an invalid digital signature. This may indicate that the cabinet file is corrupt.  Error 24577 was returned by WinVerifyTrust.(NULL)(NULL)(NULL)(NULL)
 
Error: (12/31/2014 05:57:44 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 1330. SA_Error1330: StandardAction(0xC0070532): A file that is required cannot be installed because the cabinet file C:\ProgramData\AVG2015\SetupBackup\COREx.cab has an invalid digital signature. This may indicate that the cabinet file is corrupt.  Error 24577 was returned by WinVerifyTrust.(NULL)(NULL)(NULL)(NULL)
 
Error: (12/31/2014 05:57:44 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 1330. SA_Error1330: StandardAction(0xC0070532): A file that is required cannot be installed because the cabinet file C:\ProgramData\AVG2015\SetupBackup\COREx.cab has an invalid digital signature. This may indicate that the cabinet file is corrupt.  Error 24577 was returned by WinVerifyTrust.(NULL)(NULL)(NULL)(NULL)
 
Error: (12/31/2014 01:57:40 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 1330. SA_Error1330: StandardAction(0xC0070532): A file that is required cannot be installed because the cabinet file C:\ProgramData\AVG2015\SetupBackup\COREx.cab has an invalid digital signature. This may indicate that the cabinet file is corrupt.  Error 24577 was returned by WinVerifyTrust.(NULL)(NULL)(NULL)(NULL)
 
 
 
 Sansa Media Converter (HKLM\...\{FC053571-8507-44E4-8B6D-AACEAB8CA57C}) (Version: 1.0-B4.263 - )
=========================== Installed Programs ============================
32 Bit HP CIO Components Installer (Version: 2.1.5 - Hewlett-Packard) Hidden
32 bit Windows Card Reader Driver (HKLM\...\{CE6DEE87-1C87-42ED-A108-7369BFE9076F}) (Version: 1.1.0.0 - TEAC)
A Series of Unfortunate Events (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110250590}) (Version:  - Oberon Media)
A Series of Unfortunate Events (remove only) (HKLM\...\A Series of Unfortunate Events) (Version:  - )
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Reader 8.3.1 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A83000000003}) (Version: 8.3.1 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
Alice's Adventures in Wonderland (HKLM\...\BFG-Alice's Adventures in Wonderland) (Version:  - )
Apple Application Support (HKLM\...\{3FA365DF-2D68-45ED-8F83-8C8A33E65143}) (Version: 1.1.0 - Apple Inc.)
Apple Software Update (HKLM\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
ArcSoft MediaImpression (HKLM\...\{2C39F7CF-E022-4C0D-B1BA-AF6DDD931054}) (Version: 1.2.28.567 - ArcSoft)
ArcSoft TotalMedia Extreme (HKLM\...\{0B68672F-C64F-4D29-9EDC-ECDCBE3C5F19}) (Version: 1.0.3.30 - ArcSoft)
AVG 2014 (Version: 14.0.4744 - AVG Technologies) Hidden
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5315 - AVG Technologies)
AVG 2015 (Version: 15.0.4176 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5315 - AVG Technologies) Hidden
Big City Adventure: Rio de Janeiro (HKLM\...\BFG-Big City Adventure - Rio de Janeiro) (Version:  - )
Big Fish: Game Manager (HKLM\...\BFGC) (Version: 3.3.0.2 - )
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Christmas Eve: Midnight's Call (HKLM\...\BFG-Christmas Eve - Midnights Call) (Version:  - )
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant D850 PCI V.92 Modem (HKLM\...\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1) (Version:  - )
Crime Line (HKLM\...\BFG-Crime Line) (Version:  - )
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Dark Romance: Vampire in Love Collector's Edition (HKLM\...\BFG-Dark Romance - Vampire in Love Collector's Edition) (Version:  - )
Dell Getting Started Guide (HKLM\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.1.5907.39 - Dell Inc.)
Dell Support Center (Version: 3.1.5907.39 - PC-Doctor, Inc.) Hidden
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 3.3.2.1 - Dell)
Digital Line Detect (HKLM\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.21 - BVRP Software, Inc)
DVD Shrink 3.2 (HKLM\...\DVD Shrink_is1) (Version:  - DVD Shrink)
DVD43 v4.6.0 (HKLM\...\DVD43_is1) (Version:  - )
Frankenstein - The Dismembered Bride (HKCU\...\Frankenstein - The Dismembered Bride) (Version: 1.0.0.0 - eGames)
FrostWire 6.0.3 (HKLM\...\FrostWire 6) (Version: 6.0.3.1 - FrostWire LLC)
Gardenscapes: Mansion Makeover™ (HKLM\...\BFG-Gardenscapes - Mansion Makeover) (Version:  - )
GearDrvs (Version: 1.00.0000 - GEAR Software) Hidden
Ghost Whisperer™ (HKLM\...\BFG-Ghost Whisperer) (Version:  - )
Google Chrome (HKLM\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Havka FOkm (HKCU\...\Havka FOkm) (Version:  - Tanna OKf)
Hello Venice 2: New York Adventure (HKLM\...\BFG-Hello Venice 2 - New York Adventure) (Version:  - )
Heroes from the Past: Joan of Arc (HKLM\...\BFG-Heroes from the Past - Joan of Arc) (Version:  - )
Hotspot Shield 3.42 (HKLM\...\HotspotShield) (Version: 3.42 - AnchorFree Inc.)
HP Smart Web Printing (HKLM\...\HP Smart Web Printing) (Version: 3.5 - HP)
HP Update (HKLM\...\{FE57DE70-95DE-4B64-9266-84DA811053DB}) (Version: 4.000.012.001 - Hewlett-Packard)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - )
Intel® PRO Network Connections 12.1.11.0 (HKLM\...\PROSetDX) (Version:  - Intel)
Intel® PRO Network Connections 12.1.11.0 (Version:  - Intel) Hidden
Jack the Ripper - Letters from Hell (HKCU\...\Jack the Ripper - Letters from Hell) (Version: 1.0.0.0 - eGames)
Java Auto Updater (Version: 2.0.2.4 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 22 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.220 - Oracle)
Java™ 6 Update 7 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160070}) (Version: 1.6.0.70 - Sun Microsystems, Inc.)
Java™ SE Runtime Environment 6 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160000}) (Version: 1.6.0.0 - Sun Microsystems, Inc.)
Jigs@w Puzzle 2 (HKLM\...\BFG-Jigs@w Puzzle 2) (Version:  - )
Jigsaw World (HKLM\...\BFG-Jigsaw World) (Version:  - )
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kies Air Discovery Service (HKCU\...\Kies Air Discovery Service) (Version:  - Samsung)
Kies mini (HKLM\...\InstallShield_{EE43894E-FDCF-4A8C-BCD6-3AAA9A48B486}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Kies mini (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
Lost Secrets™: November 1963 (HKLM\...\BFG-Lost Secrets - November 1963) (Version:  - )
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Corporation (Version: 9.0.30729.1 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM\...\{6D52C408-B09A-4520-9B18-475B81D393F1}) (Version: 08.05.0818 - Microsoft Corporation)
Modem Diagnostic Tool (HKLM\...\{F63A3748-B93D-4360-9AD4-B064481A5C7B}) (Version: 1.0.17.8 - Dell)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Music, Photos & Videos Launcher (HKLM\...\{D7769185-9A7C-48D4-8874-5388743A1DE2}) (Version: 1.00.0000 - Dell Inc.)
Mystery Case Files &reg;: 13th Skull ™ (HKLM\...\BFG-Mystery Case Files - 13th Skull) (Version:  - )
Mystery Case Files&reg;: Escape from Ravenhearst™ Collector's Edition (HKLM\...\BFG-Mystery Case Files - Escape from Ravenhearst Collector's Edition) (Version:  - )
Mystery Case Files&reg;: Shadow Lake Collector's Edition (HKLM\...\BFG-Mystery Case Files - Shadow Lake Collector's Edition) (Version:  - )
Mystery Case Files: Dire Grove, Sacred Grove Collector's Edition (HKLM\...\BFG-MCF - Dire Grove Sacred Grove CE) (Version:  - )
Mystery Case Files: Fate's Carnival Collector's Edition (HKLM\...\BFG-Mystery Case Files - Fates Carnival Collectors Edition) (Version:  - )
Mystery Case Files: Madame Fate &reg; (HKLM\...\BFG-Mystery Case Files - Madame Fate) (Version:  - )
Mystery Case Files: Ravenhearst &reg; (HKLM\...\BFG-Mystery Case Files - Ravenhearst) (Version:  - )
Mystery Case Files: Return to Ravenhearst ™ (HKLM\...\BFG-Mystery Case Files - Return to Ravenhearst) (Version:  - )
Mystery P.I.: The Curious Case of Counterfeit Cove (HKLM\...\BFG-Mystery P.I. - The Curious Case of Counterfeit Cove) (Version:  - )
Mystery PI (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113069720}) (Version:  - Oberon Media)
Nancy Drew: Danger by Design (HKLM\...\{C3D82C0B-3592-4B03-A970-F84C081A8152}) (Version:  - )
Nancy Drew: The Creature of Kapu Cave (HKLM\...\{F4EC2FB1-4255-4040-8DE6-5D75FA9D039F}) (Version:  - )
Nero 7 Ultra Edition (HKLM\...\{98EFD8F0-08DE-48DB-B922-A2EBAB711033}) (Version: 7.03.1151 - Nero AG)
neroxml (Version: 1.0.0 - Nero AG) Hidden
Nevertales: The Beauty Within (HKLM\...\BFG-Nevertales - The Beauty Within) (Version:  - )
New York Mysteries: Secrets of the Mafia Collector's Edition (HKLM\...\BFG-New York Mysteries - Secrets of the Mafia Collectors Edition) (Version:  - )
OpenAL (HKLM\...\OpenAL) (Version:  - )
Paranormal Pursuit: The Gifted One Collector's Edition (HKLM\...\BFG-Paranormal Pursuit - The Gifted One Collectors Edition) (Version:  - )
Pokémon Trading Card Game Online (HKLM\...\{D81F39D4-FDA9-4356-92B1-16081D8BF71A}) (Version: 1.0.0 - The Pokémon Company International)
Public Enemies - Bonnie and Clyde (HKCU\...\Public Enemies - Bonnie and Clyde) (Version: 1.0.0.0 - eGames)
QuickTime (HKLM\...\{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}) (Version: 7.65.17.80 - Apple Inc.)
RealDownloader (Version: 1.3.0 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.0 - RealNetworks)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version:  - )
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Redemption Cemetery: Bitter Frost (HKLM\...\BFG-Redemption Cemetery - Bitter Frost) (Version:  - )
Redemption Cemetery: Curse of the Raven Collector's Edition (HKLM\...\BFG-Redemption Cemetery - Curse of the Raven Collector's Edition) (Version:  - )
Redemption Cemetery: Grave Testimony Collector’s Edition (HKLM\...\BFG-Redemption Cemetery - Grave Testimony Collector’s Edition) (Version:  - )
Redemption Cemetery: Salvation of the Lost Collector's Edition (HKLM\...\BFG-Redemption Cemetery - Salvation of the Lost Collectors Edition) (Version:  - )
Roxio Creator Audio (HKLM\...\{83FFCFC7-88C6-41c6-8752-958A45325C82}) (Version: 3.3.0 - Roxio)
Roxio Creator BDAV Plugin (HKLM\...\{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}) (Version: 3.3.0 - Roxio)
Roxio Creator Copy (HKLM\...\{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}) (Version: 3.3.0 - Roxio)
Roxio Creator Data (HKLM\...\{0D397393-9B50-4c52-84D5-77E344289F87}) (Version: 3.3.0 - Roxio)
Roxio Creator DE (HKLM\...\{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}) (Version: 3.3.0 - Roxio)
Roxio Creator Tools (HKLM\...\{0394CDC8-FABD-4ed8-B104-03393876DFDF}) (Version: 3.3.0 - Roxio)
Roxio Express Labeler (HKLM\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 2.1.0 - Roxio)
Roxio MyDVD DE (HKLM\...\{D639085F-4B6E-4105-9F37-A0DBB023E2FB}) (Version: 9.0.116 - Roxio, Inc.)
Roxio Update Manager (HKLM\...\{30465B6C-B53F-49A1-9EBA-A3F187AD502E}) (Version: 3.0.0 - Roxio)
Sansa Updater (HKCU\...\Sansa Updater) (Version: 1.304 - SanDisk Corporation)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Shadow Wolf Mysteries: Cursed Wedding (HKLM\...\BFG-Shadow Wolf Mysteries - Cursed Wedding) (Version:  - )
Shockwave (HKLM\...\Shockwave) (Version:  - )
SmartWebPrintingOC (Version: 100.0.189.000 - Hewlett-Packard) Hidden
Sonic Activation Module (Version: 1.0 - Sonic Solutions) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.0.1128 - SUPERAntiSpyware.com)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The Agency of Anomalies: Cinderstone Orphanage Collector's Edition (HKLM\...\BFG-The Agency of Anomalies - Cinderstone Orphanage Collector's Edition) (Version:  - )
Time Machine - Trapped in Time (HKCU\...\Time Machine - Trapped in Time) (Version: 1.0.0.0 - eGames)
Undiscovered (HKLM\...\BFG-Undiscovered) (Version:  - )
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
User's Guides (HKLM\...\{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}) (Version:  - )
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Vizzed Retro Game Room (HKLM\...\{6D9F35D2-1D6F-4E17-A79F-991A7BD24AAD}) (Version: 2.0.0 - Vizzed)
W Photo Studio (HKLM\...\{CBF3C503-946E-45EA-B347-EACC41781989}) (Version: 1.0.0.143 - Walgreens)
Weird Park: Broken Tune Collector's Edition (HKLM\...\BFG-Weird Park - Broken Tune Collectors Edition) (Version:  - )
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Yahoo! Toolbar (HKLM\...\Yahoo! Companion) (Version:  - )
 
========================= Devices: ================================
 
Name: Optiarc DVD+-RW AD-7200S ATA Device
Description: CD-ROM Drive
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 56%
Total physical RAM: 2036.45 MB
Available physical RAM: 895 MB
Total Pagefile: 4318.17 MB
Available Pagefile: 3003.21 MB
Total Virtual: 2047.88 MB
Available Virtual: 1937.2 MB
 
========================= Partitions: =====================================
And it keeps freezing


#7 DrgnHmcd

DrgnHmcd
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:10:10 AM

Posted 01 January 2015 - 07:49 PM

I would also like to thank you in advance for the help



#8 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:05:10 PM

Posted 03 January 2015 - 05:37 AM

Hi

Please do the following next:

:step1:
 

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Clean.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

:step2:



  • Launch Malwarebytes' Anti-Malware (MBAM)
  • Click on the tab update, then click Check for Updates
  • If an update is found, it will download and install the latest version.
  • Then on the Scanner tab select Perform full scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad.
  • Post the full contents of the log in your next reply.

Note: Be sure to restart the computer.

The log can also be found here:
C:\Users\<Username>\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt

:step3:

I'd like us to scan your machine with ESET Online Scanner:
 
Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.
 
Note: Vista / Windows 7 / Windows 8 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.
 


  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png  button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png  
       icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • On ESET: Click the Back button, then the Finish button.

Note: Do not forget to re-enable your Anti-Virus application after running the above scan!

:step4:

How is the computer running now?

 


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#9 DrgnHmcd

DrgnHmcd
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:10:10 AM

Posted 03 January 2015 - 01:23 PM

# AdwCleaner v4.106 - Report created 03/01/2015 at 11:09:00
# Updated 21/12/2014 by Xplode
# Database : 2015-01-03.1 [Live]
# Operating System : Windows Vista ™ Home Basic Service Pack 2 (32 bits)
# Username : Mike & Deb - DIMAIOFAMILY
# Running from : C:\Users\Mike & Deb\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
Service Deleted : hshld
[#] Service Deleted : hsstrayservice
[#] Service Deleted : hsswd
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\Conduit
Folder Deleted : C:\ProgramData\hotspot shield
Folder Deleted : C:\ProgramData\ParetoLogic
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\ProgramData\Yahoo! Companion
Folder Deleted : C:\ProgramData\Alawar Entertainment
Folder Deleted : C:\ProgramData\Alawar Stargaze
Folder Deleted : C:\ProgramData\AlawarEntertainment
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hotspot shield
Folder Deleted : C:\Program Files\Bench
Folder Deleted : C:\Program Files\hotspot shield
Folder Deleted : C:\Windows\system32\hotspot shield
Folder Deleted : C:\Users\Mike & Deb\AppData\Local\BenchUpdater
Folder Deleted : C:\Users\Mike & Deb\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Mike & Deb\AppData\LocalLow\Delta
Folder Deleted : C:\Users\Mike & Deb\AppData\LocalLow\HPAppData
Folder Deleted : C:\Users\Mike & Deb\AppData\Roaming\DriverCure
Folder Deleted : C:\Users\Mike & Deb\AppData\Roaming\hotspot shield
Folder Deleted : C:\Users\Mike & Deb\AppData\Roaming\iWin
Folder Deleted : C:\Users\Mike & Deb\AppData\Roaming\ParetoLogic
Folder Deleted : C:\Users\Mike & Deb\AppData\Roaming\quickclick
Folder Deleted : C:\Users\Mike & Deb\AppData\Roaming\WebCake
Folder Deleted : C:\Users\Mike & Deb\AppData\Roaming\RHEng
Folder Deleted : C:\Users\Mike & Deb\AppData\Roaming\Alawar Entertainment
Folder Deleted : C:\Users\Mike & Deb\AppData\Roaming\Alawar Stargaze
Folder Deleted : C:\Users\Mike & Deb\AppData\Roaming\AlawarEntertainment
File Deleted : C:\Windows\system32\conduitEngine.tmp
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1561552
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3298566
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1FCD7139-C2A3-49AD-8B9E-E82E48AE5DF6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{319FCB76-1568-4EFA-863B-B03A2B16EB5C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4796719D-2B92-47BC-920B-77BCDBDBCB6A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64A66B25-A70F-4373-95EF-3A1DB6040B3A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6FC5F7E0-D65A-465C-B8EE-A5F8E008D6DF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{731D436C-464C-4F29-BFB2-DE9C458535AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7C89C8A6-991C-4626-9E26-B12EB4D89C04}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEF00686-CAB8-4885-9CCB-78FF483041AA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FDA55C78-736E-4E8A-996C-4A80FC0396FB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{87EAB409-97D7-4889-ACFA-C548FC6F3ECF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{362269bd-c93c-460f-9255-3bd667eb7f0a}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Key Deleted : HKCU\Software\anchorfree
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\powerpack
Key Deleted : HKCU\Software\usyndication.com
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\USyndication
Key Deleted : HKLM\SOFTWARE\CompeteInc
Key Deleted : HKLM\SOFTWARE\hotspotshield
Key Deleted : HKLM\SOFTWARE\ParetoLogic
Key Deleted : HKLM\SOFTWARE\Solvusoft
Key Deleted : HKLM\SOFTWARE\Trymedia Systems
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hotspotshield
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Boost
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BrowserSafeGuard
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DesktopWeatherAlerts
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\hotspotshield
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mywebsearch bar uninstall
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchProtect
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{877D0E59-6CBD-43C6-966F-1F4BA343AEEC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Yahoo! Companion
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\wincheck
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v9.0.8112.16555
 
 
-\\ Google Chrome v39.0.2171.95
 
[C:\Users\Mike & Deb\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Mike & Deb\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3298566&CUI=UN23895048871453567&UM=2
[C:\Users\Mike & Deb\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3298566&CUI=UN23895048871453567&UM=2
[C:\Users\Mike & Deb\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZLxdm248YYUS&ptb=470BB38B-2320-4783-81B7-08BF227DC31E&psa=&ind=2010083105&ptnrS=ZLxdm248YYUS&si=fpopndrop2534&st=sb&n=77cf6f21&searchfor={searchTerms}
[C:\Users\Mike & Deb\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZLxdm248YYUS&ptb=470BB38B-2320-4783-81B7-08BF227DC31E&psa=&ind=2010083105&ptnrS=ZLxdm248YYUS&si=fpopndrop2534&st=sb&n=77cf6f21&searchfor={searchTerms}
[C:\Users\Mike & Deb\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3329900&octid=EB_ORIGINAL_CTID&ISID=M141FFAC9-9A61-446A-ABF2-7378725C4F5F&SearchSource=58&CUI=&UM=2&UP=SP3F9724B2-ECB9-4015-A129-ABE516C61D87&q={searchTerms}&SSPV=
[C:\Users\Mike & Deb\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3329900&octid=EB_ORIGINAL_CTID&ISID=M141FFAC9-9A61-446A-ABF2-7378725C4F5F&SearchSource=58&CUI=&UM=2&UP=SP3F9724B2-ECB9-4015-A129-ABE516C61D87&q={searchTerms}&SSPV=
[C:\Users\Mike & Deb\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [7547 octets] - [01/01/2015 17:20:18]
AdwCleaner[R1].txt - [9613 octets] - [03/01/2015 11:06:46]
AdwCleaner[S0].txt - [9740 octets] - [03/01/2015 11:09:00]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9800 octets] ##########


#10 DrgnHmcd

DrgnHmcd
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:10:10 AM

Posted 03 January 2015 - 02:08 PM

Malwarebytes Anti-Malware

www.malwarebytes.org
 
Scan Date: 1/3/2015
Scan Time: 11:25:49 AM
Logfile: MAMB.txt
Administrator: Yes
 
Version: 2.00.4.1028
Malware Database: v2015.01.03.08
Rootkit Database: v2014.12.30.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows Vista Service Pack 2
CPU: x86
File System: NTFS
User: Mike & Deb
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 323348
Time Elapsed: 35 min, 45 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 1
PUM.Bad.Proxy, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|ProxyServer, http=127.0.0.1:13081;https=127.0.0.1:8555, , [9f65d22131585bdbd74e5d05c1427e82]
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)


#11 DrgnHmcd

DrgnHmcd
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:10:10 AM

Posted 03 January 2015 - 09:06 PM

C:\Users\Mike & Deb\.frostwire5\updates\frostwire-6.0.3.windows.coc.premium.exe a variant of Win32/OpenCandy.C potentially unsafe application
C:\Users\Mike & Deb\AppData\Local\sowhat\shzgxtdv.dll a variant of Win32/Kryptik.CUHG trojan
C:\Users\Mike & Deb\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\3e0b32f-5454e934 multiple threats
C:\Users\Mike & Deb\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\529a3273-72b0c481 a variant of Java/Exploit.Agent.NEO trojan
C:\Users\Mike & Deb\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\1417c34-7c62d1dd multiple threats
C:\Users\Mike & Deb\Desktop\ccsetup501.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Mike & Deb\Downloads\DownloadManagerSetup_v1251ad.exe a variant of Win32/TinyExeGun.A potentially unwanted application
C:\Users\Mike & Deb\Downloads\Gorilla_Uninstaller_Download_File.exe a variant of Win32/AdWare.GorillaPrice.C application
C:\Users\Mike & Deb\Downloads\install-hss-upd.exe Win32/Toolbar.Conduit potentially unwanted application
C:\Users\Mike & Deb\Downloads\Shockwave_Installer_Slim(1).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Mike & Deb\Downloads\Shockwave_Installer_Slim.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Documents and Settings\Mike & Deb\.frostwire5\updates\frostwire-6.0.3.windows.coc.premium.exe a variant of Win32/OpenCandy.C potentially unsafe application deleted - quarantined
C:\Documents and Settings\Mike & Deb\AppData\Local\sowhat\shzgxtdv.dll a variant of Win32/Kryptik.CUHG trojan cleaned by deleting - quarantined
C:\Documents and Settings\Mike & Deb\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\3e0b32f-5454e934 multiple threats cleaned by deleting - quarantined
C:\Documents and Settings\Mike & Deb\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\529a3273-72b0c481 a variant of Java/Exploit.Agent.NEO trojan cleaned by deleting - quarantined
C:\Documents and Settings\Mike & Deb\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\1417c34-7c62d1dd multiple threats cleaned by deleting - quarantined
C:\Documents and Settings\Mike & Deb\Desktop\ccsetup501.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\Documents and Settings\Mike & Deb\Downloads\DownloadManagerSetup_v1251ad.exe a variant of Win32/TinyExeGun.A potentially unwanted application deleted - quarantined
C:\Documents and Settings\Mike & Deb\Downloads\Gorilla_Uninstaller_Download_File.exe a variant of Win32/AdWare.GorillaPrice.C application cleaned by deleting - quarantined
C:\Documents and Settings\Mike & Deb\Downloads\install-hss-upd.exe Win32/Toolbar.Conduit potentially unwanted application deleted - quarantined
C:\Documents and Settings\Mike & Deb\Downloads\Shockwave_Installer_Slim(1).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\Documents and Settings\Mike & Deb\Downloads\Shockwave_Installer_Slim.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\Program Files\Uninstall iWon Toolbar.dll a variant of Win32/Toolbar.MyWebSearch.W potentially unwanted application deleted - quarantined
C:\Program Files\iWonEI\Installr\1.bin\jfEIPlug.dll a variant of Win32/Toolbar.MyWebSearch potentially unwanted application deleted - quarantined
C:\Qoobox\Quarantine\C\Users\Mike & Deb\AppData\Roaming\Mozilla\Firefox\Profiles\4kckl16p.default\extensions\{658fb9c7-79f6-4a50-b8a7-2b0209229e2f}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Users\Mike & Deb\AppData\Roaming\Mozilla\Firefox\Profiles\4kckl16p.default\extensions\{91621eab-9987-4817-a128-fb96e0df13ef}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Users\Public\ccsetup500.exe.vir Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\System Volume Information\SystemRestore\FRStaging\$RECYCLE.BIN\S-1-5-21-3069903202-911295184-2383535342-1000\$R42HWRM\frostwire-6.0.2.windows.coc.premium.exe a variant of Win32/OpenCandy.C potentially unsafe application deleted - quarantined
C:\System Volume Information\SystemRestore\FRStaging\Program Files\FrostWire 6\frostwire-installer.exe a variant of Win32/OpenCandy.C potentially unsafe application deleted - quarantined
C:\System Volume Information\SystemRestore\FRStaging\Program Files\pcmax\pcmax.exe a variant of Win32/Conduit.SearchProtect.O potentially unwanted application deleted - quarantined
C:\Temp\launcher.exe Win32/Conduit.SearchProtect.M potentially unwanted application deleted - quarantined
C:\Temp\white.exe Win32/Conduit.SearchProtect.M potentially unwanted application deleted - quarantined
C:\Windows\Installer\MSI56AB.tmp a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined
C:\Windows\Installer\MSIA9EE.tmp-\Smartbar.Resources.HistoryAndStatsWrapper.dll a variant of MSIL/Toolbar.Linkury.I potentially unwanted application deleted - quarantined
C:\Windows\Installer\MSIA9EE.tmp-\spbe.dll a variant of MSIL/Toolbar.Linkury.I potentially unwanted application deleted - quarantined
C:\Windows\Installer\MSIA9EE.tmp-\sppsm.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application deleted - quarantined
C:\Windows\Installer\MSIA9EE.tmp-\srbs.dll a variant of MSIL/Toolbar.Linkury.C potentially unwanted application deleted - quarantined
C:\Windows\Installer\MSIEBDC.tmp-\Smartbar.Resources.HistoryAndStatsWrapper.dll a variant of MSIL/Toolbar.Linkury.I potentially unwanted application deleted - quarantined
C:\Windows\Installer\MSIEBDC.tmp-\sppsm.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application deleted - quarantined


#12 DrgnHmcd

DrgnHmcd
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:10:10 AM

Posted 03 January 2015 - 09:07 PM

I was not sure if you wanted me to quarantine the bad so i left them alone.  and i still get the group policy warning



#13 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:05:10 PM

Posted 04 January 2015 - 09:59 AM

IMPORTANT NOTE: One or more of the identified infections is a backdoor Trojan.  
 
Backdoor Trojans, Botnets, and IRCBots are very dangerous because they compromise system integrity by making changes that allow it to be used by the attacker for malicious purposes.  
They can disable your anti-virus and security tools to prevent detection and removal. Remote attackers use backdoors as a means of accessing and taking control of a computer that bypasses security mechanisms.  
This type of exploit allows them to steal sensitive information like passwords, personal and financial data which is then sent back to the hacker.  
Read Danger: Remote Access Trojans.
 
You should disconnect the computer from the Internet and from any networked computers until it is cleaned. If your computer was used for online banking, paying bills, has credit card information or other sensitive data on it, all passwords should be changed immediately to include those used for taxes, email, eBay, paypal and any other online activities.  
You should consider them to be compromised and change passwords from a clean computer, not the infected one. If not, an attacker may get the new passwords and transaction information.  
Banking and credit card institutions should be notified immediately of the possible security breach. Failure to notify your financial institution and local law enforcement can result in refusal to reimburse funds lost due to fraud or similar criminal activity.  
If using a router, you need to reset it with a strong logon/password before connecting again.
 
Although the infection has been identified and may be removed, your machine has likely been compromised and there is no way to be sure the computer can ever be trusted again. It is dangerous and incorrect to assume the computer is secure even if the malware appears to have been removed.  
In some instances an infection may have caused so much damage to your system that it cannot be successfully cleaned or repaired. The malware may leave so many remnants behind that security tools cannot find them.  
Many experts in the security community believe that once infected with this type of malware, the best course of action is to wipe the drive clean, reformat and reinstall the OS. Please read:

 

Whenever a system has been compromised by a backdoor payload, it is impossible to know if or how much the backdoor has been used to affect your system...There are only a few ways to return a compromised system to a confident security configuration. These include:

  • Reimaging the system
  • Restoring the entire system using a full system backup from before the backdoor infection
  • Reformatting and reinstalling the system

Backdoors and What They Mean to You
 
This is what Jesper M. Johansson, Security Program Manager at Microsoft TechNet has to say:  


The only way to clean a compromised system is to flatten and rebuild. That's right. If you have a system that has been completely compromised, the only thing you can do is to flatten the system (reformat the system disk) and rebuild it from scratch (reinstall Windows and your applications).

Help: I Got Hacked. Now What Do I Do?.
 
We will do our best to clean the computer of any infections seen on the log. However, because of the nature of this Trojan, I cannot offer a total
guarantee that there are no remnants left in the system, or that the computer will be trustworthy.
 
Many security experts believe that once infected with this type of Trojan, the best course of action is to reformat and reinstall the Operating System.
Making this decision is based on what the computer is used for, and what information can be accessed from it.
 
Knowing the above, do you wish to proceed with cleaning the malware from the computer?

 


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#14 DrgnHmcd

DrgnHmcd
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:10:10 AM

Posted 04 January 2015 - 11:31 PM

Yes

 i would love to proceed



#15 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:05:10 PM

Posted 05 January 2015 - 07:20 PM

With the information you have provided I believe you will need help from the malware removal team. I would like you to start a new thread HERE and include a link to this thread. Please make sure that you read the information about getting started before you start your thread.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient. Help is on the way!


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users