Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malwarebytes Anti Malware blocks several sites


  • Please log in to reply
19 replies to this topic

#1 stimpsonthecat

stimpsonthecat

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:03 AM

Posted 04 January 2015 - 09:23 AM

I have got a computer with Vista on it from a friend because the browsers were being hijacked and being redirected to other pages.

Her Norton 360 was expired, so I uninstalled it and installed Avast Free and purchased Malwarebytes Anti Malware software for her computer.

Malwarebytes Anti Malware found a bunch of stuff and removed it.  The computer re-installed some of the bad stuff all over again.

Internetupdater.exe and something called conduit.

I kept running Malwarebytes Anti Malware and it seems to have removed most of the nasty stuff but Malwarebytes Anti Malware keeps popping up

that it is blocking outgoing attempts to the following.

Detection, 04/01/2015 8:00:34 AM, SYSTEM, JULIE-PC, Protection, Malicious Website Protection, IP, 119.145.147.181, mama.cn, 0, Outbound,
Detection, 04/01/2015 8:00:37 AM, SYSTEM, JULIE-PC, Protection, Malicious Website Protection, IP, 91.202.63.7, cy-pr.com, 0, Outbound,
 

Internet explorer also will stall displaying certain pages even from the Bleepingcomputer website, but any of these websites will work perfectly fine on any other browser.

 

Please can someone assist me...

Thanks

Stimpsonthecat



BC AdBot (Login to Remove)

 


#2 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:04:03 AM

Posted 04 January 2015 - 10:40 AM

Hello,

We will be helping you with your problems. Please be patient while we assist you.

Some points for you to keep in mind while we are helping you to make things go easier and faster for both of us:
  • Please do NOT run, install or uninstall any programs, unless instructed to do so.
    We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.
- Do NOT backup any unknown files ending in .exe, .com, .scr, .pif, and .bat since files of these types are more likely to be infected.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to

For Win 7 and Vista: "Windows Orb"> Programs > Accessories > Notepad
For Win XP: Start Menu > All Programs > Accessories > Notepad.

Please remember to copy the entire post so you do not miss any instructions.

----------------------------------------------

Please do the following:

:step1:

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
  • Double-click on TDSSKiller.exe on your desktop to run the tool for known TDSS variants.
  • Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click on change parameters
  • Under Objects to scan, check the boxes next to Verify file digital signatures, Detect TDLFS file system, then click OK.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • Note: If Cure is not an option, Skip instead, do NOT choose Delete or Quarantine unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the full contents of that file in your next reply. - If the log is too long, then split it into multiple posts.
:step2:

Please download AdwCleaner by Xplode onto your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.
:step3:

Please download Farbar Service Scanner to the Desktop of the computer with the issue, and run it.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press Scan.
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the full contents of the log in your next reply.
:step4:

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (Only Problems)
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore points
NOTE: When using "Reset FF Proxy Settings" option Firefox should be closed.

Click Go and post the full contents of the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#3 stimpsonthecat

stimpsonthecat
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:03 AM

Posted 04 January 2015 - 11:35 AM

11:29:12.0167 0x13a4  TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
11:29:19.0203 0x13a4  ============================================================
11:29:19.0203 0x13a4  Current date / time: 2015/01/04 11:29:19.0203
11:29:19.0203 0x13a4  SystemInfo:
11:29:19.0203 0x13a4  
11:29:19.0203 0x13a4  OS Version: 6.0.6002 ServicePack: 2.0
11:29:19.0203 0x13a4  Product type: Workstation
11:29:19.0203 0x13a4  ComputerName: JULIEGREEN-PC
11:29:19.0203 0x13a4  UserName: Julie Green
11:29:19.0203 0x13a4  Windows directory: C:\Windows
11:29:19.0203 0x13a4  System windows directory: C:\Windows
11:29:19.0203 0x13a4  Processor architecture: Intel x86
11:29:19.0203 0x13a4  Number of processors: 2
11:29:19.0203 0x13a4  Page size: 0x1000
11:29:19.0203 0x13a4  Boot type: Normal boot
11:29:19.0203 0x13a4  ============================================================
11:29:19.0718 0x13a4  KLMD registered as C:\Windows\system32\drivers\22600614.sys
11:29:20.0498 0x13a4  System UUID: {C941CA69-2BAB-0717-7747-C30029D11632}
11:29:21.0730 0x13a4  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
11:29:21.0855 0x13a4  ============================================================
11:29:21.0855 0x13a4  \Device\Harddisk0\DR0:
11:29:21.0855 0x13a4  MBR partitions:
11:29:21.0855 0x13a4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1385000, BlocksNum 0x12096800
11:29:21.0855 0x13a4  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1341B800, BlocksNum 0x12012800
11:29:21.0855 0x13a4  ============================================================
11:29:21.0902 0x13a4  C: <-> \Device\Harddisk0\DR0\Partition1
11:29:22.0042 0x13a4  H: <-> \Device\Harddisk0\DR0\Partition2
11:29:22.0042 0x13a4  ============================================================
11:29:22.0042 0x13a4  Initialize success
11:29:22.0042 0x13a4  ============================================================
11:29:57.0393 0x13a4  ============================================================
11:29:57.0393 0x13a4  Scan started
11:29:57.0393 0x13a4  Mode: Manual; SigCheck; TDLFS;
11:29:57.0393 0x13a4  ============================================================
11:29:57.0393 0x13a4  KSN ping started
11:30:03.0196 0x13a4  KSN ping finished: true
11:30:03.0960 0x13a4  ================ Scan system memory ========================
11:30:03.0960 0x13a4  System memory - ok
11:30:03.0960 0x13a4  ================ Scan services =============================
11:30:04.0038 0x13a4  [ 72D6D8E2D4F82C6E829125C7EC2A88F9, F357CFC3D04EB3F8E1A504D531D099698C6E2B29EB6CEDF75C08BF8917C46573 ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
11:30:04.0304 0x13a4  !SASCORE - ok
11:30:04.0444 0x13a4  [ E91F2444DF54E725DDBBDDB7FBCE71F5, 28895DF44A4E7D959ACBBAA6AFC4B70515D87D40F5F74EB296BB2D5FFC5C2765 ] AcerMemUsageCheckService C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
11:30:04.0553 0x13a4  AcerMemUsageCheckService - detected UnsignedFile.Multi.Generic ( 1 )
11:30:06.0924 0x13a4  Detect skipped due to KSN trusted
11:30:06.0924 0x13a4  AcerMemUsageCheckService - ok
11:30:07.0080 0x13a4  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
11:30:07.0174 0x13a4  ACPI - ok
11:30:07.0236 0x13a4  [ 4E48A7DF7ECACB38C686B2BEBAA687A3, D4DEE6BD464855B24A6D40BC6A9279B2041099615C6A319D869DA113AD896EA3 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:30:07.0330 0x13a4  AdobeFlashPlayerUpdateSvc - ok
11:30:07.0392 0x13a4  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
11:30:07.0486 0x13a4  adp94xx - ok
11:30:07.0533 0x13a4  [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
11:30:07.0611 0x13a4  adpahci - ok
11:30:07.0642 0x13a4  [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
11:30:07.0704 0x13a4  adpu160m - ok
11:30:07.0736 0x13a4  [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
11:30:07.0767 0x13a4  adpu320 - ok
11:30:07.0798 0x13a4  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:30:07.0954 0x13a4  AeLookupSvc - ok
11:30:08.0016 0x13a4  [ F5272A105F59A7B3B345D9D6D87DA7AD, 9E84776994D04240BF2537330DBB555EDE16DFCFC59DEDCBA05A44ED7F70BEFA ] AFD             C:\Windows\system32\drivers\afd.sys
11:30:08.0141 0x13a4  AFD - ok
11:30:08.0204 0x13a4  [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440          C:\Windows\system32\drivers\agp440.sys
11:30:08.0250 0x13a4  agp440 - ok
11:30:08.0282 0x13a4  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
11:30:08.0328 0x13a4  aic78xx - ok
11:30:08.0360 0x13a4  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
11:30:08.0469 0x13a4  ALG - ok
11:30:08.0484 0x13a4  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91, 0EADB6AE21FEDAB55D41F41B638198B556CC2BE2EE57F6C8B40EB044A318319F ] aliide          C:\Windows\system32\drivers\aliide.sys
11:30:08.0531 0x13a4  aliide - ok
11:30:08.0562 0x13a4  [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
11:30:08.0609 0x13a4  amdagp - ok
11:30:08.0640 0x13a4  [ 9B78A39A4C173FDBC1321E0DD659B34C, 2CA66EB68AD7A317D91C13B8CFD4E8CA985926A610D19595B613F5553B145C7B ] amdide          C:\Windows\system32\drivers\amdide.sys
11:30:08.0687 0x13a4  amdide - ok
11:30:08.0718 0x13a4  [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
11:30:08.0796 0x13a4  AmdK7 - ok
11:30:08.0828 0x13a4  [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
11:30:08.0921 0x13a4  AmdK8 - ok
11:30:08.0968 0x13a4  [ 8F7D200717A58E9800D391F4C2101577, F07CF0F5636F46D8F3D5133284943E991E8739E5A644BCA5F18BB896B374620D ] Appinfo         C:\Windows\System32\appinfo.dll
11:30:09.0093 0x13a4  Appinfo - ok
11:30:09.0218 0x13a4  [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:30:09.0280 0x13a4  Apple Mobile Device - ok
11:30:09.0311 0x13a4  [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc             C:\Windows\system32\drivers\arc.sys
11:30:09.0374 0x13a4  arc - ok
11:30:09.0420 0x13a4  [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
11:30:09.0483 0x13a4  arcsas - ok
11:30:09.0592 0x13a4  [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
11:30:09.0686 0x13a4  aspnet_state - ok
11:30:09.0732 0x13a4  [ 9D23DE88C3B18BA87CD4587177CA6CEA, 46DBB867FC73E30320852F744F38B66906DD5B96C4EBB03F504CF33E867A8470 ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
11:30:09.0873 0x13a4  aswHwid - ok
11:30:09.0904 0x13a4  [ 73A9014A9C4B19AA093DA05ED4246E27, F03C8433EB00229490BCD293CC97EF72452E156212D56C24BBA95C8E1B207D1A ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
11:30:09.0966 0x13a4  aswMonFlt - ok
11:30:09.0998 0x13a4  [ 0926775B8C3B32EE99921CCB0F85378E, 21A46B124B3E9F2569030E2DF591858B85AA640DDBB5C994B5C00A1E78C9EF67 ] aswRdr          C:\Windows\system32\drivers\aswRdr.sys
11:30:10.0044 0x13a4  aswRdr - ok
11:30:10.0091 0x13a4  [ 6544697080421E62E97AAFBD0A8AA391, BB3F492BF828A147B82FDD1FC9EB9867D96DE0481554A59745D41C6BAB551700 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
11:30:10.0154 0x13a4  aswRvrt - ok
11:30:10.0247 0x13a4  [ E73CBE3420ECFA8FF7D0467E170E335D, B994342C92AE9167908B8CA3D03DC278E919C7073512461AFFD4C25E8D2D8D66 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
11:30:10.0403 0x13a4  aswSnx - ok
11:30:10.0466 0x13a4  [ 1624D5AD126B8AFE2B2E85E5B8364EB6, AB97A74C1CA9921F7753D98516D7E11750D5D3ACD143C83273B0B295625440A0 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
11:30:10.0559 0x13a4  aswSP - ok
11:30:10.0606 0x13a4  [ 4C0ECF1AFA6992904814C74B99DD36F9, AA0D9BA7FE829888C636EC9D72E8E2D987A1C3FF092F95A38EC607CEE25A91F8 ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
11:30:10.0668 0x13a4  aswTdi - ok
11:30:10.0700 0x13a4  [ 0EFBC2962B156E8AC267F96D4D93EF06, 8A69672CE8B68A0A683D583287473BFAB7CF8B9771C22E398607CF2A151C7124 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
11:30:10.0778 0x13a4  aswVmm - ok
11:30:10.0809 0x13a4  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:30:10.0871 0x13a4  AsyncMac - ok
11:30:10.0918 0x13a4  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi           C:\Windows\system32\drivers\atapi.sys
11:30:10.0980 0x13a4  atapi - ok
11:30:11.0027 0x13a4  [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:30:11.0136 0x13a4  AudioEndpointBuilder - ok
11:30:11.0152 0x13a4  [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
11:30:11.0199 0x13a4  Audiosrv - ok
11:30:11.0324 0x13a4  [ E3F7EC811923F3F1A77B185F22638E5E, 324041256314C1471B5F123FA8DECC8F374A6B497A6419D4CAF61E68E1733265 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
11:30:11.0386 0x13a4  avast! Antivirus - ok
11:30:11.0433 0x13a4  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
11:30:11.0495 0x13a4  Beep - ok
11:30:11.0542 0x13a4  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll
11:30:11.0651 0x13a4  BFE - ok
11:30:11.0729 0x13a4  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\System32\qmgr.dll
11:30:11.0901 0x13a4  BITS - ok
11:30:11.0932 0x13a4  [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
11:30:12.0026 0x13a4  blbdrive - ok
11:30:12.0088 0x13a4  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:30:12.0182 0x13a4  Bonjour Service - ok
11:30:12.0228 0x13a4  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:30:12.0306 0x13a4  bowser - ok
11:30:12.0338 0x13a4  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
11:30:12.0431 0x13a4  BrFiltLo - ok
11:30:12.0447 0x13a4  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
11:30:12.0540 0x13a4  BrFiltUp - ok
11:30:12.0587 0x13a4  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
11:30:12.0665 0x13a4  Browser - ok
11:30:12.0696 0x13a4  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
11:30:12.0915 0x13a4  Brserid - ok
11:30:12.0946 0x13a4  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
11:30:13.0086 0x13a4  BrSerWdm - ok
11:30:13.0118 0x13a4  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
11:30:13.0242 0x13a4  BrUsbMdm - ok
11:30:13.0258 0x13a4  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
11:30:13.0383 0x13a4  BrUsbSer - ok
11:30:13.0414 0x13a4  [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
11:30:13.0539 0x13a4  BTHMODEM - ok
11:30:13.0586 0x13a4  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:30:13.0679 0x13a4  cdfs - ok
11:30:13.0726 0x13a4  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
11:30:13.0820 0x13a4  cdrom - ok
11:30:13.0882 0x13a4  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll
11:30:13.0960 0x13a4  CertPropSvc - ok
11:30:13.0976 0x13a4  [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass        C:\Windows\system32\drivers\circlass.sys
11:30:14.0069 0x13a4  circlass - ok
11:30:14.0132 0x13a4  [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS            C:\Windows\system32\CLFS.sys
11:30:14.0210 0x13a4  CLFS - ok
11:30:14.0272 0x13a4  [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:30:14.0319 0x13a4  clr_optimization_v2.0.50727_32 - ok
11:30:14.0366 0x13a4  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:30:14.0428 0x13a4  clr_optimization_v4.0.30319_32 - ok
11:30:14.0459 0x13a4  [ 0CA25E686A4928484E9FDABD168AB629, C2CB2333CAB40CDF93219870E66700F957188C86A1B1A004BC4652953091E5C5 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
11:30:14.0506 0x13a4  cmdide - ok
11:30:14.0537 0x13a4  [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
11:30:14.0568 0x13a4  Compbatt - ok
11:30:14.0584 0x13a4  COMSysApp - ok
11:30:14.0615 0x13a4  [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
11:30:14.0646 0x13a4  crcdisk - ok
11:30:14.0678 0x13a4  [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
11:30:14.0756 0x13a4  Crusoe - ok
11:30:14.0818 0x13a4  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:30:14.0896 0x13a4  CryptSvc - ok
11:30:14.0974 0x13a4  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:30:15.0146 0x13a4  DcomLaunch - ok
11:30:15.0192 0x13a4  [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
11:30:15.0286 0x13a4  DfsC - ok
11:30:15.0426 0x13a4  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
11:30:15.0957 0x13a4  DFSR - ok
11:30:16.0019 0x13a4  [ 54D0B8343CE8C22412A5F29D32EFD211, D78BF09680FF19523C84E862593B45637D91A079C79CAB63A13726E7ACA8ABBF ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
11:30:16.0082 0x13a4  dg_ssudbus - ok
11:30:16.0191 0x13a4  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
11:30:16.0316 0x13a4  Dhcp - ok
11:30:16.0362 0x13a4  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
11:30:16.0409 0x13a4  disk - ok
11:30:16.0456 0x13a4  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:30:16.0550 0x13a4  Dnscache - ok
11:30:16.0596 0x13a4  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll
11:30:16.0690 0x13a4  dot3svc - ok
11:30:16.0737 0x13a4  [ 4F59C172C094E1A1D46463A8DC061CBD, CE09A4ED1F8BA6242E152C384AFF5C3C95FBB8556DAE23765272F13BF158D8F9 ] dot4            C:\Windows\system32\DRIVERS\Dot4.sys
11:30:16.0815 0x13a4  dot4 - ok
11:30:16.0846 0x13a4  [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5, 69BB5B07D03FA9F28591012F2AA4A583D3F086644C136D63A56D1A827121CC19 ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
11:30:16.0924 0x13a4  Dot4Print - ok
11:30:16.0971 0x13a4  [ A84D8A9006B1AE515CC7B6B3586C295A, 6B69D1723296FEFC751A415BAA1F8AD070CC19B84599964148A9D834B78CD617 ] Dot4Scan        C:\Windows\system32\DRIVERS\Dot4Scan.sys
11:30:17.0033 0x13a4  Dot4Scan - ok
11:30:17.0049 0x13a4  [ C55004CA6B419B6695970DFE849B122F, 6E0C4A9E24DD09E9389E097AF63E7F5040A0658DDCEBBE963968B7118CFE9AB8 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
11:30:17.0127 0x13a4  dot4usb - ok
11:30:17.0174 0x13a4  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
11:30:17.0267 0x13a4  DPS - ok
11:30:17.0298 0x13a4  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:30:17.0392 0x13a4  drmkaud - ok
11:30:17.0454 0x13a4  [ 5C2C209CDEFBC51D83D66E8A53B2BE89, 7AE68672A6BEEF601017BE28AA0BF3673318EFE97AA08E70F58A9391C54DF71F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:30:17.0579 0x13a4  DXGKrnl - ok
11:30:17.0626 0x13a4  [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
11:30:17.0735 0x13a4  E1G60 - ok
11:30:17.0766 0x13a4  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
11:30:17.0860 0x13a4  EapHost - ok
11:30:17.0907 0x13a4  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache          C:\Windows\system32\drivers\ecache.sys
11:30:17.0985 0x13a4  Ecache - ok
11:30:18.0063 0x13a4  [ B7DC2580425225C320CEDA78DE55A3D0, 93D05D3743416442ED1378FE8A6F107F74B963781A61A36DF072E05228B2F030 ] eDataSecurity Service C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
11:30:18.0188 0x13a4  eDataSecurity Service - ok
11:30:18.0250 0x13a4  [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
11:30:18.0344 0x13a4  elxstor - ok
11:30:18.0406 0x13a4  [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
11:30:18.0563 0x13a4  EMDMgmt - ok
11:30:18.0625 0x13a4  [ 59FCCAF915BA89DD98CADF08DA91AFEE, 1286481DF42EBBE13C0FC18ABA514393544CDA17420E71518EF87ADD82D224CB ] eRecoveryService C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
11:30:18.0688 0x13a4  eRecoveryService - detected UnsignedFile.Multi.Generic ( 1 )
11:30:21.0311 0x13a4  Detect skipped due to KSN trusted
11:30:21.0311 0x13a4  eRecoveryService - ok
11:30:21.0342 0x13a4  [ 3DB974F3935483555D7148663F726C61, C288CFC04213B0340ABEC752C0A7B308B29122B5F51E68387BA1D9E9D7166FDD ] ErrDev          C:\Windows\system32\drivers\errdev.sys
11:30:21.0420 0x13a4  ErrDev - ok
11:30:21.0467 0x13a4  [ A9745687A57CDD71237915859ABA8DAC, DE21C397EBC822622B61189EC6CCF720C76AB6A249188987A10086252A9F26FD ] eSettingsService C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
11:30:21.0513 0x13a4  eSettingsService - detected UnsignedFile.Multi.Generic ( 1 )
11:30:24.0416 0x13a4  Detect skipped due to KSN trusted
11:30:24.0416 0x13a4  eSettingsService - ok
11:30:24.0463 0x13a4  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll
11:30:24.0588 0x13a4  EventSystem - ok
11:30:24.0634 0x13a4  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys
11:30:24.0759 0x13a4  exfat - ok
11:30:24.0806 0x13a4  [ 4E404505B3F62ECFBDBCBBCF0A72DBC5, 9F446ED06A31BFE52C4F1E8ACC400B8E3F47A3CC02FFC950DB861B2B3BA4C5B9 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:30:24.0900 0x13a4  fastfat - ok
11:30:24.0931 0x13a4  [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
11:30:25.0009 0x13a4  fdc - ok
11:30:25.0056 0x13a4  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
11:30:25.0149 0x13a4  fdPHost - ok
11:30:25.0165 0x13a4  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
11:30:25.0290 0x13a4  FDResPub - ok
11:30:25.0321 0x13a4  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:30:25.0368 0x13a4  FileInfo - ok
11:30:25.0383 0x13a4  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:30:25.0477 0x13a4  Filetrace - ok
11:30:25.0508 0x13a4  [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
11:30:25.0586 0x13a4  flpydisk - ok
11:30:25.0617 0x13a4  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:30:25.0680 0x13a4  FltMgr - ok
11:30:25.0758 0x13a4  [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache       C:\Windows\system32\FntCache.dll
11:30:25.0929 0x13a4  FontCache - ok
11:30:25.0992 0x13a4  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
11:30:26.0054 0x13a4  FontCache3.0.0.0 - ok
11:30:26.0085 0x13a4  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:30:26.0210 0x13a4  Fs_Rec - ok
11:30:26.0241 0x13a4  [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
11:30:26.0304 0x13a4  gagp30kx - ok
11:30:26.0335 0x13a4  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:30:26.0397 0x13a4  GEARAspiWDM - ok
11:30:26.0444 0x13a4  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc           C:\Windows\System32\gpsvc.dll
11:30:26.0647 0x13a4  gpsvc - ok
11:30:26.0787 0x13a4  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
11:30:26.0865 0x13a4  gupdate - ok
11:30:26.0881 0x13a4  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
11:30:26.0943 0x13a4  gupdatem - ok
11:30:27.0006 0x13a4  [ CB04C744BE0A61B1D648FAED182C3B59, 61DC0FF94325DAFCCB7B3980A48727EFBF1283FCF753EC16EF04C730525994C0 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:30:27.0146 0x13a4  HdAudAddService - ok
11:30:27.0193 0x13a4  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
11:30:27.0349 0x13a4  HDAudBus - ok
11:30:27.0364 0x13a4  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
11:30:27.0458 0x13a4  HidBth - ok
11:30:27.0489 0x13a4  [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys
11:30:27.0583 0x13a4  HidIr - ok
11:30:27.0614 0x13a4  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\system32\hidserv.dll
11:30:27.0708 0x13a4  hidserv - ok
11:30:27.0739 0x13a4  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
11:30:27.0817 0x13a4  HidUsb - ok
11:30:27.0848 0x13a4  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:30:27.0942 0x13a4  hkmsvc - ok
11:30:27.0973 0x13a4  [ 16EE7B23A009E00D835CDB79574A91A6, 964AFE7D2F7E48C7DE7FDAB48F57ADC4AD44A0B2A9A03071E0E8D334007E5572 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
11:30:28.0020 0x13a4  HpCISSs - ok
11:30:28.0066 0x13a4  [ 0EEECA26C8D4BDE2A4664DB058A81937, 6F88567A116B1420BE1C9C8888F34D05F51378092C805EF4E489635CF92D416B ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:30:28.0207 0x13a4  HTTP - ok
11:30:28.0222 0x13a4  [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
11:30:28.0269 0x13a4  i2omp - ok
11:30:28.0300 0x13a4  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
11:30:28.0410 0x13a4  i8042prt - ok
11:30:28.0441 0x13a4  [ 580BFEC487C55264BFE3D60C3C24EEE1, 0EA6D0C92C94E9597F3C063F7636710CC1CBECE5A57A5B1C463B2BA5ACB4F061 ] iaStor          C:\Windows\system32\drivers\iastor.sys
11:30:28.0534 0x13a4  iaStor - ok
11:30:28.0581 0x13a4  [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
11:30:28.0659 0x13a4  iaStorV - ok
11:30:28.0753 0x13a4  [ DD386C45D2B5863740166783448A2E7A, 10B912BA70306644BE73A53AF4DCDFF63880C4C5860FF6DBA92B0914EB566718 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:30:28.0924 0x13a4  idsvc - ok
11:30:28.0971 0x13a4  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
11:30:29.0034 0x13a4  iirsp - ok
11:30:29.0080 0x13a4  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT          C:\Windows\System32\ikeext.dll
11:30:29.0236 0x13a4  IKEEXT - ok
11:30:29.0283 0x13a4  [ C6E5276C00EBDEB096BB5EF4B797D1B6, 2620D2F7B5242E9DD0217FB4E0CBACF1DB8AB1B92187AD2847904948E1ABFEC1 ] int15           C:\Acer\Empowering Technology\eRecovery\int15.sys
11:30:29.0330 0x13a4  int15 - ok
11:30:29.0455 0x13a4  [ F6E17C275666A4402588A30E36565910, 708438A37C8E1FD5107224494FE31A3571347471E5EDB812C7A50A8858F62606 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
11:30:29.0720 0x13a4  IntcAzAudAddService - ok
11:30:29.0767 0x13a4  [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide        C:\Windows\system32\drivers\intelide.sys
11:30:29.0829 0x13a4  intelide - ok
11:30:29.0860 0x13a4  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
11:30:29.0970 0x13a4  intelppm - ok
11:30:30.0001 0x13a4  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
11:30:30.0094 0x13a4  IPBusEnum - ok
11:30:30.0126 0x13a4  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:30:30.0219 0x13a4  IpFilterDriver - ok
11:30:30.0250 0x13a4  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:30:30.0375 0x13a4  iphlpsvc - ok
11:30:30.0391 0x13a4  IpInIp - ok
11:30:30.0422 0x13a4  [ B25AAF203552B7B3491139D582B39AD1, EA9C38F512F40FF12975A6719E6FE4D7EA93A4B2497103E0FDA5A4CD6033C0A6 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
11:30:30.0531 0x13a4  IPMIDRV - ok
11:30:30.0547 0x13a4  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
11:30:30.0640 0x13a4  IPNAT - ok
11:30:30.0703 0x13a4  [ 4D800977F7EB0C310AF04BF5B517985A, DD4EC347D4759AC401BD08739DE012E5F1903DF2EDEBEA17CCD3C19FF1F6005E ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
11:30:30.0828 0x13a4  iPod Service - ok
11:30:30.0859 0x13a4  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:30:30.0937 0x13a4  IRENUM - ok
11:30:30.0968 0x13a4  [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:30:30.0999 0x13a4  isapnp - ok
11:30:31.0046 0x13a4  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
11:30:31.0108 0x13a4  iScsiPrt - ok
11:30:31.0140 0x13a4  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
11:30:31.0155 0x13a4  iteatapi - ok
11:30:31.0186 0x13a4  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
11:30:31.0233 0x13a4  iteraid - ok
11:30:31.0249 0x13a4  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
11:30:31.0296 0x13a4  kbdclass - ok
11:30:31.0342 0x13a4  [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
11:30:31.0405 0x13a4  kbdhid - ok
11:30:31.0452 0x13a4  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso          C:\Windows\system32\lsass.exe
11:30:31.0530 0x13a4  KeyIso - ok
11:30:31.0576 0x13a4  [ 4A1445EFA932A3BAF5BDB02D7131EE20, 9DD262ED72DF268FE024063788F54124E320D0775D8DC0C5CAD099CD5F655DA2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:30:31.0623 0x13a4  KSecDD - ok
11:30:31.0686 0x13a4  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:30:31.0764 0x13a4  KtmRm - ok
11:30:31.0795 0x13a4  [ DC5F81EB7DEB90D42B62E9E2B5BCA674, 384D54C68C7A91AFE5C2C7EFD7BDCCEDD52D94DA97FA183883B81730D81DFDC1 ] L8042Kbd        C:\Windows\system32\DRIVERS\L8042Kbd.sys
11:30:31.0842 0x13a4  L8042Kbd - ok
11:30:31.0873 0x13a4  [ D19CAC0E843975D6413775D7ED71B108, 3070F34F4C851E1628D1DA5F884F9B88F302DF4D3AE60A499A91470CE8E7E914 ] L8042mou        C:\Windows\system32\DRIVERS\L8042mou.Sys
11:30:31.0935 0x13a4  L8042mou - ok
11:30:31.0966 0x13a4  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\system32\srvsvc.dll
11:30:32.0091 0x13a4  LanmanServer - ok
11:30:32.0122 0x13a4  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:30:32.0263 0x13a4  LanmanWorkstation - ok
11:30:32.0341 0x13a4  [ FF9E074CCC950398C7D293E1D4D003B3, 542104549F47BB99E9B93503485E7FDA50CAECB6B8C05D00752446DBE69A006B ] LBTServ         C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
11:30:32.0419 0x13a4  LBTServ - ok
11:30:32.0466 0x13a4  [ 74EA099C3D9DAD3A657BD89ED4A81C6D, AE0AED792857458CBBEDAD02462FDB5B687D06F5A33547A3EBB39812513BCEDA ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
11:30:32.0528 0x13a4  LHidFilt - ok
11:30:32.0590 0x13a4  [ 793FF718477345CD5D232C50BED1E452, 1D39CF9F10742C79FF99B9B4E0361EAEA63B4FC545C58B54B55537D18C802941 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
11:30:32.0653 0x13a4  LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
11:30:35.0695 0x13a4  Detect skipped due to KSN trusted
11:30:35.0695 0x13a4  LightScribeService - ok
11:30:35.0726 0x13a4  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:30:35.0820 0x13a4  lltdio - ok
11:30:35.0866 0x13a4  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:30:35.0991 0x13a4  lltdsvc - ok
11:30:36.0007 0x13a4  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:30:36.0132 0x13a4  lmhosts - ok
11:30:36.0178 0x13a4  [ E9D42CDD5BD22BE28247B77953735650, A3CB9B62278830A40150C079370431B71BF5D04240CCE48D116D467D94006402 ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
11:30:36.0225 0x13a4  LMouFilt - ok
11:30:36.0256 0x13a4  [ 5E7144BA124FB4B2F93298B05F255975, 783D1F1674D14EE4EE3935672CAF5A792613DB82DCC895D52F7B4BF934FFCB53 ] LMouKE          C:\Windows\system32\DRIVERS\LMouKE.Sys
11:30:36.0288 0x13a4  LMouKE - ok
11:30:36.0319 0x13a4  [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
11:30:36.0350 0x13a4  LSI_FC - ok
11:30:36.0381 0x13a4  [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
11:30:36.0428 0x13a4  LSI_SAS - ok
11:30:36.0459 0x13a4  [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
11:30:36.0506 0x13a4  LSI_SCSI - ok
11:30:36.0537 0x13a4  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
11:30:36.0615 0x13a4  luafv - ok
11:30:36.0662 0x13a4  [ A3F4391DFDF2F9E9FE4EAD193265A5AD, A60A1A345622F4758181FB0B6EE784B0B718105FEE7B0F6FEDE5AD59FE448EE1 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
11:30:36.0709 0x13a4  MBAMProtector - ok
11:30:36.0834 0x13a4  [ 0BB29DE40C9D9529793DCDB59A43CF5B, 251001A407D32EF22F64915EEFFAAEC229073C4549BF7D9D1D4209B7D15B4681 ] MBAMScheduler   C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
11:30:37.0021 0x13a4  MBAMScheduler - ok
11:30:37.0083 0x13a4  [ 5F82D8188B370B0CF185D4AE2B9B4A0E, 549B53DD989A069E1C38347C4CEF5283DF9B428CE102799B06A20D3D8F23825F ] MBAMService     C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
11:30:37.0192 0x13a4  MBAMService - ok
11:30:37.0239 0x13a4  [ 8E2E9CCD873ABF180F48BCAEEEBE347D, 35DBBB8E63B480151EA5701D9DB7C90642FA2391D044DB400D3644F3E21BB0C1 ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
11:30:37.0317 0x13a4  MBAMSwissArmy - ok
11:30:37.0333 0x13a4  [ 6D2DB74A8CF2DDFE372FFF9C73E8F0EF, D18E800D46932795FD0169B5F9A2AAED5684977D0D78B2D1178C9906491CEC7A ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
11:30:37.0364 0x13a4  MBAMWebAccessControl - ok
11:30:37.0395 0x13a4  [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas         C:\Windows\system32\drivers\megasas.sys
11:30:37.0442 0x13a4  megasas - ok
11:30:37.0473 0x13a4  [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
11:30:37.0536 0x13a4  MegaSR - ok
11:30:37.0567 0x13a4  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
11:30:37.0614 0x13a4  MMCSS - ok
11:30:37.0660 0x13a4  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
11:30:37.0692 0x13a4  Modem - ok
11:30:37.0723 0x13a4  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
11:30:37.0801 0x13a4  monitor - ok
11:30:37.0832 0x13a4  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
11:30:37.0894 0x13a4  mouclass - ok
11:30:37.0926 0x13a4  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
11:30:37.0988 0x13a4  mouhid - ok
11:30:38.0019 0x13a4  [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
11:30:38.0066 0x13a4  MountMgr - ok
11:30:38.0160 0x13a4  [ B4E9C7383A705628AD491CF0F87D901F, 5C0CD7133D4F5B1E0466CDB2A2210ECA57206A8BC41F37BC6324120AE5501C70 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
11:30:38.0238 0x13a4  MozillaMaintenance - ok
11:30:38.0269 0x13a4  [ 511D011289755DD9F9A7579FB0B064E6, 1FD0D0D5B6E08FE06F7A5D0821BCD859B0F98A6DEA58AAB7FB6C95B64212FFC8 ] mpio            C:\Windows\system32\drivers\mpio.sys
11:30:38.0316 0x13a4  mpio - ok
11:30:38.0362 0x13a4  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:30:38.0456 0x13a4  mpsdrv - ok
11:30:38.0503 0x13a4  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:30:38.0612 0x13a4  MpsSvc - ok
11:30:38.0643 0x13a4  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
11:30:38.0706 0x13a4  Mraid35x - ok
11:30:38.0737 0x13a4  [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:30:38.0799 0x13a4  MRxDAV - ok
11:30:38.0830 0x13a4  [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:30:38.0940 0x13a4  mrxsmb - ok
11:30:38.0971 0x13a4  [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:30:39.0064 0x13a4  mrxsmb10 - ok
11:30:39.0096 0x13a4  [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:30:39.0158 0x13a4  mrxsmb20 - ok
11:30:39.0205 0x13a4  [ 28023E86F17001F7CD9B15A5BC9AE07D, FC7EAA592C5F796E3BCD7F7EF261709CD899B33FC8486E594A480F143D0D6320 ] msahci          C:\Windows\system32\drivers\msahci.sys
11:30:39.0236 0x13a4  msahci - ok
11:30:39.0267 0x13a4  [ 4468B0F385A86ECDDAF8D3CA662EC0E7, EAEDC9CDD2EEC5000AF8190A4BE7729282576C3F88E64FDF57F455F5CECC81C9 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
11:30:39.0330 0x13a4  msdsm - ok
11:30:39.0361 0x13a4  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
11:30:39.0470 0x13a4  MSDTC - ok
11:30:39.0517 0x13a4  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:30:39.0610 0x13a4  Msfs - ok
11:30:39.0657 0x13a4  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:30:39.0688 0x13a4  msisadrv - ok
11:30:39.0735 0x13a4  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:30:39.0829 0x13a4  MSiSCSI - ok
11:30:39.0829 0x13a4  msiserver - ok
11:30:39.0876 0x13a4  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:30:39.0922 0x13a4  MSKSSRV - ok
11:30:39.0938 0x13a4  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:30:40.0016 0x13a4  MSPCLOCK - ok
11:30:40.0032 0x13a4  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:30:40.0110 0x13a4  MSPQM - ok
11:30:40.0156 0x13a4  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:30:40.0188 0x13a4  MsRPC - ok
11:30:40.0219 0x13a4  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
11:30:40.0297 0x13a4  mssmbios - ok
11:30:40.0312 0x13a4  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:30:40.0390 0x13a4  MSTEE - ok
11:30:40.0406 0x13a4  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys
11:30:40.0468 0x13a4  Mup - ok
11:30:40.0562 0x13a4  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
11:30:40.0671 0x13a4  napagent - ok
11:30:40.0702 0x13a4  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:30:40.0812 0x13a4  NativeWifiP - ok
11:30:40.0905 0x13a4  [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:30:41.0030 0x13a4  NDIS - ok
11:30:41.0077 0x13a4  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:30:41.0170 0x13a4  NdisTapi - ok
11:30:41.0186 0x13a4  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:30:41.0280 0x13a4  Ndisuio - ok
11:30:41.0326 0x13a4  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:30:41.0436 0x13a4  NdisWan - ok
11:30:41.0467 0x13a4  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:30:41.0545 0x13a4  NDProxy - ok
11:30:41.0576 0x13a4  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:30:41.0670 0x13a4  NetBIOS - ok
11:30:41.0701 0x13a4  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
11:30:41.0794 0x13a4  netbt - ok
11:30:41.0826 0x13a4  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon        C:\Windows\system32\lsass.exe
11:30:41.0904 0x13a4  Netlogon - ok
11:30:41.0935 0x13a4  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
11:30:42.0075 0x13a4  Netman - ok
11:30:42.0106 0x13a4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:30:42.0200 0x13a4  NetMsmqActivator - ok
11:30:42.0216 0x13a4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:30:42.0278 0x13a4  NetPipeActivator - ok
11:30:42.0325 0x13a4  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
11:30:42.0450 0x13a4  netprofm - ok
11:30:42.0465 0x13a4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:30:42.0528 0x13a4  NetTcpActivator - ok
11:30:42.0543 0x13a4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:30:42.0574 0x13a4  NetTcpPortSharing - ok
11:30:42.0606 0x13a4  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
11:30:42.0652 0x13a4  nfrd960 - ok
11:30:42.0684 0x13a4  [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:30:42.0793 0x13a4  NlaSvc - ok
11:30:42.0824 0x13a4  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:30:42.0886 0x13a4  Npfs - ok
11:30:42.0902 0x13a4  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
11:30:42.0964 0x13a4  nsi - ok
11:30:42.0996 0x13a4  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:30:43.0089 0x13a4  nsiproxy - ok
11:30:43.0167 0x13a4  [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:30:43.0401 0x13a4  Ntfs - ok
11:30:43.0448 0x13a4  [ 7F1C1F78D709C4A54CBB46EDE7E0B48D, 52135D41983A9E9E1DCA250A63017076AE22AA06D77CCF2E5EF41154F958584A ] NTIDrvr         C:\Windows\system32\DRIVERS\NTIDrvr.sys
11:30:43.0464 0x13a4  NTIDrvr - detected UnsignedFile.Multi.Generic ( 1 )
11:30:46.0084 0x13a4  Detect skipped due to KSN trusted
11:30:46.0084 0x13a4  NTIDrvr - ok
11:30:46.0116 0x13a4  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
11:30:46.0240 0x13a4  ntrigdigi - ok
11:30:46.0256 0x13a4  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
11:30:46.0318 0x13a4  Null - ok
11:30:46.0381 0x13a4  [ D958A2B5F6AD5C3B8CCDC4D7DA62466C, 574DC2C4C1C46E3B6F53E0A14E0595493E73EEE03EA1FF9DD1D3266B414B9941 ] NVENETFD        C:\Windows\system32\DRIVERS\nvmfdx32.sys
11:30:46.0521 0x13a4  NVENETFD - ok
11:30:46.0568 0x13a4  [ F3EF6CB754C908C5E79FE5BB4A7E39BA, CE41E0FBEA6E8D4A659A2B1D38E6C76BF4A195A1D86DE825879F5A69D7A857D4 ] NVHDA           C:\Windows\system32\drivers\nvhda32v.sys
11:30:46.0615 0x13a4  NVHDA - ok
11:30:47.0052 0x13a4  [ 9A77B1C13BCCEDDF78DFD7AFC25B4F5E, 88FA632754A20025F03FE0970C93F572055919F53C8A50E5DB6CF1EF7B00B7FD ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:30:48.0081 0x13a4  nvlddmkm - ok
11:30:48.0175 0x13a4  [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:30:48.0206 0x13a4  nvraid - ok
11:30:48.0253 0x13a4  [ 6F5BB0B40D251351A913B61BA9D64B3F, 69004AA640F59FF44F3EEAD3A0F9BF50850B161675BA9B837299649F92FBC0F6 ] nvrd32          C:\Windows\system32\drivers\nvrd32.sys
11:30:48.0284 0x13a4  nvrd32 - ok
11:30:48.0300 0x13a4  [ 7EC12A73067BACA25A8E3E2A58AE83D8, CB562872E951B599FDCCE27727F2329DC1031574A5A5CEF238D3DF1786E7D12A ] nvsmu           C:\Windows\system32\DRIVERS\nvsmu.sys
11:30:48.0346 0x13a4  nvsmu - ok
11:30:48.0378 0x13a4  [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:30:48.0424 0x13a4  nvstor - ok
11:30:48.0424 0x13a4  [ 689A2160B851F8BF88F20728FD2F30BD, 9038C4B036EBD93E9150FA39165DB1E829A1018298BACF920FFD65B53A30EFD5 ] nvstor32        C:\Windows\system32\drivers\nvstor32.sys
11:30:48.0471 0x13a4  nvstor32 - ok
11:30:48.0549 0x13a4  [ 31B8835B003CAA6D31BEAD83DDBF98E5, FB7C7BD1E95BEFB9A8FFEB3FB1B6D9BCD923E48498CB23169EDAA025C84CDD33 ] nvsvc           C:\Windows\system32\nvvsvc.exe
11:30:48.0643 0x13a4  nvsvc - ok
11:30:48.0736 0x13a4  [ 0629259E3AF6BB0534FCECA208973404, E5DDA62D5D21D5D11A711BBFC5B839B59E336997C0C9A32A0B04AC9FBB6472D4 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
11:30:48.0924 0x13a4  nvUpdatusService - ok
11:30:48.0955 0x13a4  [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:30:49.0002 0x13a4  nv_agp - ok
11:30:49.0002 0x13a4  NwlnkFlt - ok
11:30:49.0017 0x13a4  NwlnkFwd - ok
11:30:49.0095 0x13a4  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:30:49.0158 0x13a4  odserv - ok
11:30:49.0204 0x13a4  [ 6F310E890D46E246E0E261A63D9B36B4, 7050B0C43CC0DF2DDAD3EB8D2FF9EEE425A627C68654CBB154D55A4B1A47AA08 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
11:30:49.0282 0x13a4  ohci1394 - ok
11:30:49.0329 0x13a4  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:30:49.0376 0x13a4  ose - ok
11:30:49.0423 0x13a4  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
11:30:49.0548 0x13a4  p2pimsvc - ok
11:30:49.0579 0x13a4  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
11:30:49.0672 0x13a4  p2psvc - ok
11:30:49.0704 0x13a4  [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport         C:\Windows\system32\drivers\parport.sys
11:30:49.0797 0x13a4  Parport - ok
11:30:49.0828 0x13a4  [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:30:49.0844 0x13a4  partmgr - ok
11:30:49.0860 0x13a4  [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
11:30:49.0938 0x13a4  Parvdm - ok
11:30:49.0953 0x13a4  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:30:50.0031 0x13a4  PcaSvc - ok
11:30:50.0078 0x13a4  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys
11:30:50.0109 0x13a4  pci - ok
11:30:50.0125 0x13a4  [ 1636D43F10416AEB483BC6001097B26C, 36E61A993693A46538FE0F726D67BB28886F61D53384AD600D1282296A27662E ] pciide          C:\Windows\system32\drivers\pciide.sys
11:30:50.0172 0x13a4  pciide - ok
11:30:50.0218 0x13a4  [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
11:30:50.0250 0x13a4  pcmcia - ok
11:30:50.0296 0x13a4  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:30:50.0452 0x13a4  PEAUTH - ok
11:30:50.0562 0x13a4  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
11:30:50.0780 0x13a4  pla - ok
11:30:50.0827 0x13a4  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:30:50.0920 0x13a4  PlugPlay - ok
11:30:50.0967 0x13a4  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
11:30:51.0092 0x13a4  PNRPAutoReg - ok
11:30:51.0123 0x13a4  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
11:30:51.0217 0x13a4  PNRPsvc - ok
11:30:51.0264 0x13a4  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:30:51.0388 0x13a4  PolicyAgent - ok
11:30:51.0435 0x13a4  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:30:51.0576 0x13a4  PptpMiniport - ok
11:30:51.0622 0x13a4  [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor       C:\Windows\system32\drivers\processr.sys
11:30:51.0700 0x13a4  Processor - ok
11:30:51.0747 0x13a4  [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc         C:\Windows\system32\profsvc.dll
11:30:51.0856 0x13a4  ProfSvc - ok
11:30:51.0872 0x13a4  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
11:30:51.0934 0x13a4  ProtectedStorage - ok
11:30:51.0966 0x13a4  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
11:30:52.0044 0x13a4  PSched - ok
11:30:52.0075 0x13a4  [ AB94285FF6C6BC5433407D8D182A4BB4, FEEED76008F5FFE3E55791B4EF96FF5D7A81151E406AFF0C353343CABFBA4038 ] PSDFilter       C:\Windows\system32\DRIVERS\psdfilter.sys
11:30:52.0122 0x13a4  PSDFilter - ok
11:30:52.0153 0x13a4  [ 2AAF9A5D7A63D26BFAEA853C5F2292BC, EF5CB105F487F3AECC83C743D77CE4CCFD8D4DFD342DE696B89250A65C654307 ] PSDNServ        C:\Windows\system32\DRIVERS\PSDNServ.sys
11:30:52.0215 0x13a4  PSDNServ - ok
11:30:52.0246 0x13a4  [ 0EB8CEC99855BEAE5B0D02C2302619EF, E708FCAEA004D61AA107A392F637CF564F25634BC483134FC79032D0E17F5FEF ] psdvdisk        C:\Windows\system32\DRIVERS\PSDVdisk.sys
11:30:52.0293 0x13a4  psdvdisk - ok
11:30:52.0324 0x13a4  [ 153D02480A0A2F45785522E814C634B6, 02B7590F2F4A8FA0B031CDA7A28BD55E7C04A080C1EA810BF3AC3212A62153A6 ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
11:30:52.0402 0x13a4  PxHelp20 - ok
11:30:52.0496 0x13a4  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300          C:\Windows\system32\drivers\ql2300.sys
11:30:52.0668 0x13a4  ql2300 - ok
11:30:52.0714 0x13a4  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
11:30:52.0792 0x13a4  ql40xx - ok
11:30:52.0839 0x13a4  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
11:30:52.0964 0x13a4  QWAVE - ok
11:30:52.0995 0x13a4  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:30:53.0058 0x13a4  QWAVEdrv - ok
11:30:53.0089 0x13a4  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:30:53.0167 0x13a4  RasAcd - ok
11:30:53.0182 0x13a4  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
11:30:53.0276 0x13a4  RasAuto - ok
11:30:53.0292 0x13a4  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
11:30:53.0338 0x13a4  Rasl2tp - ok
11:30:53.0385 0x13a4  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
11:30:53.0463 0x13a4  RasMan - ok
11:30:53.0494 0x13a4  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:30:53.0557 0x13a4  RasPppoe - ok
11:30:53.0604 0x13a4  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
11:30:53.0635 0x13a4  RasSstp - ok
11:30:53.0682 0x13a4  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:30:53.0775 0x13a4  rdbss - ok
11:30:53.0806 0x13a4  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
11:30:53.0884 0x13a4  RDPCDD - ok
11:30:53.0916 0x13a4  [ FBC0BACD9C3D7F6956853F64A66E252D, 7672B10C7039295B152C02C96903E869FF2C0A88A2C3FA89BAE9F1D593B43569 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
11:30:53.0994 0x13a4  rdpdr - ok
11:30:54.0009 0x13a4  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
11:30:54.0087 0x13a4  RDPENCDD - ok
11:30:54.0134 0x13a4  [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
11:30:54.0228 0x13a4  RDPWD - ok
11:30:54.0274 0x13a4  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:30:54.0337 0x13a4  RemoteAccess - ok
11:30:54.0368 0x13a4  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:30:54.0462 0x13a4  RemoteRegistry - ok
11:30:54.0524 0x13a4  [ 17E0BEF5CA5C9CE52CC8082AC6EBC449, F05A32DA0A62144AAE78A3A9173F21F52FAED4E39F9250B3E1B11066760B2576 ] RichVideo       C:\Program Files\CyberLink\Shared Files\RichVideo.exe
11:30:54.0586 0x13a4  RichVideo - ok
11:30:54.0618 0x13a4  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
11:30:54.0696 0x13a4  RpcLocator - ok
11:30:54.0742 0x13a4  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs           C:\Windows\system32\rpcss.dll
11:30:54.0836 0x13a4  RpcSs - ok
11:30:54.0852 0x13a4  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:30:54.0945 0x13a4  rspndr - ok
11:30:54.0961 0x13a4  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs           C:\Windows\system32\lsass.exe
11:30:55.0024 0x13a4  SamSs - ok
11:30:55.0071 0x13a4  [ 39763504067962108505BFF25F024345, 73C9710B61EDC7FBEDE1D7A767AA3D3A169E7AD012494D05CB5EE7E5C5752BB9 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
11:30:55.0118 0x13a4  SASDIFSV - ok
11:30:55.0133 0x13a4  [ 77B9FC20084B48408AD3E87570EB4A85, B5BC5FEC1356DECB66A7A671DB67112BDAC8F942BF1C4B986B1805B41EF362B1 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
11:30:55.0165 0x13a4  SASKUTIL - ok
11:30:55.0196 0x13a4  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:30:55.0243 0x13a4  sbp2port - ok
11:30:55.0289 0x13a4  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:30:55.0367 0x13a4  SCardSvr - ok
11:30:55.0414 0x13a4  [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule        C:\Windows\system32\schedsvc.dll
11:30:55.0617 0x13a4  Schedule - ok
11:30:55.0648 0x13a4  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:30:55.0711 0x13a4  SCPolicySvc - ok
11:30:55.0742 0x13a4  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:30:55.0882 0x13a4  SDRSVC - ok
11:30:55.0991 0x13a4  [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
11:30:56.0257 0x13a4  SDScannerService - ok
11:30:56.0381 0x13a4  [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
11:30:56.0725 0x13a4  SDUpdateService - ok
11:30:56.0787 0x13a4  [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService    C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
11:30:56.0865 0x13a4  SDWSCService - ok
11:30:56.0896 0x13a4  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:30:57.0021 0x13a4  secdrv - ok
11:30:57.0052 0x13a4  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll
11:30:57.0177 0x13a4  seclogon - ok
11:30:57.0193 0x13a4  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\System32\sens.dll
11:30:57.0286 0x13a4  SENS - ok
11:30:57.0302 0x13a4  [ CE9EC966638EF0B10B864DDEDF62A099, 2DEC5A8C947D87C12B342F15B8A552A0D49B979A2AC32D2C97FC7A3A76C34524 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
11:30:57.0395 0x13a4  Serenum - ok
11:30:57.0411 0x13a4  [ 6D663022DB3E7058907784AE14B69898, 54263888C64A7F010D3B5E399369B0F3FF3AF0A0DE8ADB502B98277533E4D45F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
11:30:57.0489 0x13a4  Serial - ok
11:30:57.0505 0x13a4  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
11:30:57.0583 0x13a4  sermouse - ok
11:30:57.0614 0x13a4  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
11:30:57.0676 0x13a4  SessionEnv - ok
11:30:57.0692 0x13a4  [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
11:30:57.0739 0x13a4  sffdisk - ok
11:30:57.0754 0x13a4  [ E95D451F7EA3E583AEC75F3B3EE42DC5, B014BE4F9B0C79ECCE2537D1CF4AAD48ACB4C5AD3DACAC4444F0F465B9689921 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
11:30:57.0801 0x13a4  sffp_mmc - ok
11:30:57.0817 0x13a4  [ 3D0EA348784B7AC9EA9BD9F317980979, 2500CE188C9B71C50E966FA575303AEFE50934E376C530AECEC7C7533C15EF08 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
11:30:57.0879 0x13a4  sffp_sd - ok
11:30:57.0910 0x13a4  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
11:30:57.0973 0x13a4  sfloppy - ok
11:30:58.0004 0x13a4  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:30:58.0097 0x13a4  SharedAccess - ok
11:30:58.0129 0x13a4  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:30:58.0253 0x13a4  ShellHWDetection - ok
11:30:58.0269 0x13a4  [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
11:30:58.0316 0x13a4  sisagp - ok
11:30:58.0347 0x13a4  [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
11:30:58.0394 0x13a4  SiSRaid2 - ok
11:30:58.0425 0x13a4  [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
11:30:58.0472 0x13a4  SiSRaid4 - ok
11:30:58.0643 0x13a4  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe
11:30:59.0111 0x13a4  slsvc - ok
11:30:59.0174 0x13a4  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
11:30:59.0267 0x13a4  SLUINotify - ok
11:30:59.0330 0x13a4  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys
11:30:59.0423 0x13a4  Smb - ok
11:30:59.0470 0x13a4  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:30:59.0548 0x13a4  SNMPTRAP - ok
11:30:59.0579 0x13a4  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
11:30:59.0642 0x13a4  spldr - ok
11:30:59.0689 0x13a4  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe
11:30:59.0813 0x13a4  Spooler - ok
11:30:59.0860 0x13a4  [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:30:59.0954 0x13a4  srv - ok
11:30:59.0985 0x13a4  [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:31:00.0110 0x13a4  srv2 - ok
11:31:00.0141 0x13a4  [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:31:00.0188 0x13a4  srvnet - ok
11:31:00.0219 0x13a4  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:31:00.0313 0x13a4  SSDPSRV - ok
11:31:00.0359 0x13a4  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:31:00.0437 0x13a4  SstpSvc - ok
11:31:00.0500 0x13a4  [ D2C02234E3E87EA5FE420F045068099B, A5BFB342FFF50E6EAF5586A72BCBE56E9DA4F7AE612EDE7D20D77DB59472D3FE ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
11:31:00.0547 0x13a4  ssudmdm - ok
11:31:00.0593 0x13a4  [ EF70B3D22B4BFFDA6EA851ECB063EFAA, 1666572F8F988805C3A2E949FA6B060B35B72DBB115B86F4CFC710FB6A86C3E3 ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
11:31:00.0640 0x13a4  StillCam - ok
11:31:00.0687 0x13a4  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
11:31:00.0827 0x13a4  stisvc - ok
11:31:00.0859 0x13a4  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
11:31:00.0905 0x13a4  swenum - ok
11:31:00.0952 0x13a4  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll
11:31:01.0093 0x13a4  swprv - ok
11:31:01.0124 0x13a4  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
11:31:01.0171 0x13a4  Symc8xx - ok
11:31:01.0186 0x13a4  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
11:31:01.0233 0x13a4  Sym_hi - ok
11:31:01.0280 0x13a4  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
11:31:01.0327 0x13a4  Sym_u3 - ok
11:31:01.0389 0x13a4  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll
11:31:01.0545 0x13a4  SysMain - ok
11:31:01.0576 0x13a4  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:31:01.0639 0x13a4  TabletInputService - ok
11:31:01.0685 0x13a4  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:31:01.0763 0x13a4  TapiSrv - ok
11:31:01.0795 0x13a4  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
11:31:01.0888 0x13a4  TBS - ok
11:31:01.0951 0x13a4  [ A4196D394207369E1431E8681B373312, BEF96BAB70FDF94F8CB2942BDEA9B4D934443E5305E3FD737809C3F7524B1E8E ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:31:02.0107 0x13a4  Tcpip - ok
11:31:02.0185 0x13a4  [ A4196D394207369E1431E8681B373312, BEF96BAB70FDF94F8CB2942BDEA9B4D934443E5305E3FD737809C3F7524B1E8E ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
11:31:02.0309 0x13a4  Tcpip6 - ok
11:31:02.0341 0x13a4  [ 95389980F70FC4990A4395A0B8BBE1D6, FB5CBC85733A4EC4FB9F210A5D4E5989F6A3F2995D895F5B41163CDFC04DB82C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:31:02.0434 0x13a4  tcpipreg - ok
11:31:02.0450 0x13a4  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
11:31:02.0528 0x13a4  TDPIPE - ok
11:31:02.0559 0x13a4  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
11:31:02.0653 0x13a4  TDTCP - ok
11:31:02.0684 0x13a4  [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:31:02.0762 0x13a4  tdx - ok
11:31:02.0793 0x13a4  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
11:31:02.0855 0x13a4  TermDD - ok
11:31:02.0918 0x13a4  [ DBD84E59D631569EC3E756EF144E8431, 9E58629EC762584A2D294A619593620626F7CBE467045AD0F920B6CF1D4B4724 ] TermService     C:\Windows\System32\termsrv.dll
11:31:03.0074 0x13a4  TermService - ok
11:31:03.0105 0x13a4  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
11:31:03.0214 0x13a4  Themes - ok
11:31:03.0230 0x13a4  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
11:31:03.0308 0x13a4  THREADORDER - ok
11:31:03.0339 0x13a4  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
11:31:03.0401 0x13a4  TrkWks - ok
11:31:03.0448 0x13a4  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:31:03.0511 0x13a4  TrustedInstaller - ok
11:31:03.0542 0x13a4  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
11:31:03.0589 0x13a4  tssecsrv - ok
11:31:03.0604 0x13a4  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
11:31:03.0698 0x13a4  tunmp - ok
11:31:03.0745 0x13a4  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:31:03.0791 0x13a4  tunnel - ok
11:31:03.0823 0x13a4  [ 97DD70FECA64FB4F63DE7BB7E66A80B1, 3C045B227C1D3AC7DE68D666CE51A0BB18226683AE40AACCBF4CE74152C33CAC ] tvicport        C:\Windows\system32\drivers\tvicport.sys
11:31:03.0854 0x13a4  tvicport - detected UnsignedFile.Multi.Generic ( 1 )
11:31:06.0506 0x13a4  Detect skipped due to KSN trusted
11:31:06.0506 0x13a4  tvicport - ok
11:31:06.0521 0x13a4  [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
11:31:06.0568 0x13a4  uagp35 - ok
11:31:06.0615 0x13a4  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:31:06.0724 0x13a4  udfs - ok
11:31:06.0771 0x13a4  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:31:06.0880 0x13a4  UI0Detect - ok
11:31:06.0911 0x13a4  [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:31:06.0989 0x13a4  uliagpkx - ok
11:31:07.0021 0x13a4  [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
11:31:07.0099 0x13a4  uliahci - ok
11:31:07.0130 0x13a4  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
11:31:07.0192 0x13a4  UlSata - ok
11:31:07.0208 0x13a4  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
11:31:07.0286 0x13a4  ulsata2 - ok
11:31:07.0301 0x13a4  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
11:31:07.0411 0x13a4  umbus - ok
11:31:07.0473 0x13a4  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
11:31:07.0598 0x13a4  upnphost - ok
11:31:07.0645 0x13a4  [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
11:31:07.0691 0x13a4  USBAAPL - detected UnsignedFile.Multi.Generic ( 1 )
11:31:10.0063 0x13a4  Detect skipped due to KSN trusted
11:31:10.0063 0x13a4  USBAAPL - ok
11:31:10.0109 0x13a4  [ 1114579556DB85E9FAF9590DBC64CD62, 10479A3C12BBBB9B5759082358FE11AC20BAEFA6B4977C8AE6E60AA17BE6C7FA ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
11:31:10.0203 0x13a4  usbaudio - ok
11:31:10.0250 0x13a4  [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
11:31:10.0312 0x13a4  usbccgp - ok
11:31:10.0343 0x13a4  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
11:31:10.0453 0x13a4  usbcir - ok
11:31:10.0484 0x13a4  [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
11:31:10.0546 0x13a4  usbehci - ok
11:31:10.0577 0x13a4  [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
11:31:10.0624 0x13a4  usbhub - ok
11:31:10.0655 0x13a4  [ D457EBD0C3A8B3A3A144355B5EE91CBC, 6AD52BDBB1607A48F0B02E663B97C3A00E3345B1B12C259608A5AE728C1C06B2 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
11:31:10.0687 0x13a4  usbohci - ok
11:31:10.0718 0x13a4  [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
11:31:10.0811 0x13a4  usbprint - ok
11:31:10.0843 0x13a4  [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
11:31:10.0905 0x13a4  usbscan - ok
11:31:10.0921 0x13a4  [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:31:10.0999 0x13a4  USBSTOR - ok
11:31:11.0045 0x13a4  [ 814D653EFC4D48BE3B04A307ECEFF56F, D73D62F51AEFE2F8F2B938B20107C246F2AC2F62ED49112DBD092A5D2E4024B3 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
11:31:11.0092 0x13a4  usbuhci - ok
11:31:11.0108 0x13a4  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll
11:31:11.0170 0x13a4  UxSms - ok
11:31:11.0217 0x13a4  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe
11:31:11.0311 0x13a4  vds - ok
11:31:11.0326 0x13a4  [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
11:31:11.0420 0x13a4  vga - ok
11:31:11.0451 0x13a4  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
11:31:11.0513 0x13a4  VgaSave - ok
11:31:11.0529 0x13a4  [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
11:31:11.0591 0x13a4  viaagp - ok
11:31:11.0607 0x13a4  [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
11:31:11.0685 0x13a4  ViaC7 - ok
11:31:11.0716 0x13a4  [ AADF5587A4063F52C2C3FED7887426FC, 0A74791A236FDAFCD045CFB79A159245B94F7C2033E0CD830C1B76F0F994E06D ] viaide          C:\Windows\system32\drivers\viaide.sys
11:31:11.0763 0x13a4  viaide - ok
11:31:11.0794 0x13a4  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:31:11.0841 0x13a4  volmgr - ok
11:31:11.0872 0x13a4  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:31:11.0950 0x13a4  volmgrx - ok
11:31:12.0013 0x13a4  [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
11:31:12.0075 0x13a4  volsnap - ok
11:31:12.0106 0x13a4  [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
11:31:12.0137 0x13a4  vsmraid - ok
11:31:12.0215 0x13a4  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe
11:31:12.0449 0x13a4  VSS - ok
11:31:12.0496 0x13a4  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll
11:31:12.0605 0x13a4  W32Time - ok
11:31:12.0637 0x13a4  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
11:31:12.0715 0x13a4  WacomPen - ok
11:31:12.0730 0x13a4  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
11:31:12.0793 0x13a4  Wanarp - ok
11:31:12.0793 0x13a4  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:31:12.0839 0x13a4  Wanarpv6 - ok
11:31:12.0886 0x13a4  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:31:13.0027 0x13a4  wcncsvc - ok
11:31:13.0058 0x13a4  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:31:13.0105 0x13a4  WcsPlugInService - ok
11:31:13.0136 0x13a4  [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd              C:\Windows\system32\drivers\wd.sys
11:31:13.0167 0x13a4  Wd - ok
11:31:13.0198 0x13a4  [ D6EFAF429FD30C5DF613D220E344CCE7, 807D4563E8AD4073688691078EB13AF240E14BA5E0C8506A48B3060A20B90082 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam.sys
11:31:13.0262 0x13a4  WDC_SAM - ok
11:31:13.0324 0x13a4  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:31:13.0464 0x13a4  Wdf01000 - ok
11:31:13.0496 0x13a4  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:31:13.0589 0x13a4  WdiServiceHost - ok
11:31:13.0589 0x13a4  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:31:13.0652 0x13a4  WdiSystemHost - ok
11:31:13.0698 0x13a4  [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient       C:\Windows\System32\webclnt.dll
11:31:13.0776 0x13a4  WebClient - ok
11:31:13.0808 0x13a4  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:31:13.0917 0x13a4  Wecsvc - ok
11:31:13.0964 0x13a4  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:31:14.0057 0x13a4  wercplsupport - ok
11:31:14.0088 0x13a4  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
11:31:14.0166 0x13a4  WerSvc - ok
11:31:14.0213 0x13a4  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
11:31:14.0308 0x13a4  WinDefend - ok
11:31:14.0323 0x13a4  WinHttpAutoProxySvc - ok
11:31:14.0386 0x13a4  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
11:31:14.0479 0x13a4  Winmgmt - ok
11:31:14.0557 0x13a4  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll
11:31:14.0807 0x13a4  WinRM - ok
11:31:14.0869 0x13a4  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll
11:31:14.0979 0x13a4  Wlansvc - ok
11:31:15.0010 0x13a4  [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
11:31:15.0057 0x13a4  WmiAcpi - ok
11:31:15.0088 0x13a4  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:31:15.0166 0x13a4  wmiApSrv - ok
11:31:15.0228 0x13a4  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
11:31:15.0448 0x13a4  WMPNetworkSvc - ok
11:31:15.0479 0x13a4  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:31:15.0572 0x13a4  WPCSvc - ok
11:31:15.0604 0x13a4  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:31:15.0666 0x13a4  WPDBusEnum - ok
11:31:15.0744 0x13a4  [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
11:31:15.0869 0x13a4  WpdUsb - ok
11:31:15.0994 0x13a4  [ F8D3544ACBCE9110362119F7C10D848E, 31C49201A931751A36286874AC0B929D886F490D7CE48CCC9283850A56AD9FD9 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
11:31:16.0150 0x13a4  WPFFontCache_v0400 - ok
11:31:16.0196 0x13a4  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
11:31:16.0306 0x13a4  ws2ifsl - ok
11:31:16.0337 0x13a4  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\System32\wscsvc.dll
11:31:16.0415 0x13a4  wscsvc - ok
11:31:16.0430 0x13a4  WSearch - ok
11:31:16.0462 0x13a4  [ 2584DF81CC9F7E7BD3545691106F8CAE, 1278F9727730075BAC87BB76800BB3533B9C929F66CDFEAC669931A3F4211A48 ] WSVD            C:\Windows\system32\drivers\WSVD.sys
11:31:16.0540 0x13a4  WSVD - ok
11:31:16.0664 0x13a4  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
11:31:16.0930 0x13a4  wuauserv - ok
11:31:16.0961 0x13a4  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:31:17.0054 0x13a4  WudfPf - ok
11:31:17.0086 0x13a4  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
11:31:17.0148 0x13a4  WUDFRd - ok
11:31:17.0195 0x13a4  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
11:31:17.0257 0x13a4  wudfsvc - ok
11:31:17.0305 0x13a4  [ 40AC8590CC9006DBB99FFCB37879D4C6, 3EBC1379503C1E65034A25660FB634813926B0918FCB6A3E6F36CEBB57DA9E20 ] zntport         C:\Windows\system32\drivers\zntport.sys
11:31:17.0321 0x13a4  zntport - detected UnsignedFile.Multi.Generic ( 1 )
11:31:19.0910 0x13a4  Detect skipped due to KSN trusted
11:31:19.0910 0x13a4  zntport - ok
11:31:19.0910 0x13a4  ================ Scan global ===============================
11:31:19.0941 0x13a4  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
11:31:19.0988 0x13a4  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
11:31:20.0051 0x13a4  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
11:31:20.0097 0x13a4  [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
11:31:20.0129 0x13a4  [ Global ] - ok
11:31:20.0129 0x13a4  ================ Scan MBR ==================================
11:31:20.0144 0x13a4  [ A863475757CC50891AA8458C415E4B25 ] \Device\Harddisk0\DR0
11:31:23.0531 0x13a4  \Device\Harddisk0\DR0 - ok
11:31:23.0531 0x13a4  ================ Scan VBR ==================================
11:31:23.0547 0x13a4  [ 34D4DE0EF639CAB0E22DAB027439EE8E ] \Device\Harddisk0\DR0\Partition1
11:31:23.0625 0x13a4  \Device\Harddisk0\DR0\Partition1 - ok
11:31:23.0656 0x13a4  [ 08D8427DD34C9055A6F5648F33FC9529 ] \Device\Harddisk0\DR0\Partition2
11:31:23.0734 0x13a4  \Device\Harddisk0\DR0\Partition2 - ok
11:31:23.0734 0x13a4  ================ Scan generic autorun ======================
11:31:23.0812 0x13a4  [ 0D392EDE3B97E0B3131B2F63EF1DB94E, 3EDA280F91097293E00BF984D377E1111CFDE1FC81B30A3FDEB38F321EF82BB6 ] C:\Program Files\Windows Defender\MSASCui.exe
11:31:23.0937 0x13a4  Windows Defender - ok
11:31:24.0155 0x13a4  [ 905A44230F1A7CFF23BBA670B247E6AA, 0A63A42F4942E1E9D568186F07F2EA3AB377132E075B18C486BD746DE6E0F419 ] C:\Windows\RtHDVCpl.exe
11:31:24.0610 0x13a4  RtHDVCpl - ok
11:31:24.0813 0x13a4  [ 712FC805D0DD5C41A0C364BF5B49AA91, 30CF527DBE1B2070BBB19BA4BE058ED95B99841301470413A6301D74A338AE75 ] C:\Acer\Empowering Technology\SysMonitor.exe
11:31:24.0844 0x13a4  Acer Empowering Technology Monitor - ok
11:31:25.0062 0x13a4  [ 4BC8167722B6C79B1B13F1F2076B9EEC, 662E214F02735D40C0DB00AFB9FB943F93FCFD739779340C3B87E140B8AD2384 ] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
11:31:25.0140 0x13a4  eDataSecurity Loader - ok
11:31:25.0187 0x13a4  [ D052D08AB41265E728AF24308646969F, C85B2181971BD841F35FE552C6FFC49938897B6AC947EE2C3C8BA52343980D7A ] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
11:31:25.0234 0x13a4  RemoteControl - detected UnsignedFile.Multi.Generic ( 1 )
11:31:27.0589 0x13a4  Detect skipped due to KSN trusted
11:31:27.0589 0x13a4  RemoteControl - ok
11:31:27.0636 0x13a4  [ A4E85BDA66CF4DE8070D6F744D181C12, ACF577B0CE6EA1E167389BB32E7F07E0D8CF487B22828455698B042A37CF15B4 ] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe
11:31:27.0699 0x13a4  LanguageShortcut - detected UnsignedFile.Multi.Generic ( 1 )
11:31:30.0070 0x13a4  Detect skipped due to KSN trusted
11:31:30.0070 0x13a4  LanguageShortcut - ok
11:31:30.0117 0x13a4  [ 488DFCA5BB51550681AE88BA7907AD7E, 07DE8F00D646E95C26FA51F8C5DEC1124FEB48C6A1F42C9727C422B175F4A8A0 ] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
11:31:30.0179 0x13a4  Adobe Reader Speed Launcher - ok
11:31:30.0351 0x13a4  [ 213345608B35B2C603CD46E7E4292275, C61EA5D77916C0C7A0007D1397DF489D1DAD2F88BC8E1FA9763D3CEEBAB3274B ] C:\Program Files\Acer Registration\ACE1.exe
11:31:30.0647 0x13a4  Acer Product Registration - detected UnsignedFile.Multi.Generic ( 1 )
11:31:32.0987 0x13a4  Detect skipped due to KSN trusted
11:31:32.0987 0x13a4  Acer Product Registration - ok
11:31:33.0034 0x13a4  [ 4F42FAB0A6E4A9AD8606AEF8C4D78722, 2264D01EC2E315038AD72C4B01847A9FEFD2C25DFA760C8D00D9633BD756DB8E ] C:\Windows\system32\nvraidservice.exe
11:31:33.0096 0x13a4  NVRaidService - ok
11:31:33.0190 0x13a4  [ EADFA0AA83007B95A815A158709DE6AE, 9F6DCC6173C795425F0A37AD1D934504B268BFF58FD48E593A1E28B6F2F4C652 ] C:\Program Files\Microsoft Money\System\Activation.exe
11:31:33.0268 0x13a4  MoneyStartUp10.0 - detected UnsignedFile.Multi.Generic ( 1 )
11:31:35.0623 0x13a4  Detect skipped due to KSN trusted
11:31:35.0623 0x13a4  MoneyStartUp10.0 - ok
11:31:35.0701 0x13a4  [ 558EE2F28964940587544D2C322023EE, AA668D5F21D9DEC633D275553A3EE9E28252D0B2C9707933A3297A4923C78552 ] C:\PROGRA~1\Eraser\Eraser.exe
11:31:35.0857 0x13a4  Eraser - ok
11:31:35.0935 0x13a4  [ 09E60B4FE341A94A300830C008907099, 5F07868953FAA8FFA9E6477F6BAC52DEEDF3EA4A3F8AF5B4E15878D8240223AB ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
11:31:35.0982 0x13a4  APSDaemon - ok
11:31:36.0138 0x13a4  [ 8AFA9E689D0517A7F99928C62880A1D0, EE8425858198D345262F8F75DF6082422A3487A2A6DECEA9FAAFBED9603D8163 ] C:\Program Files\Logitech\SetPointP\SetPoint.exe
11:31:36.0435 0x13a4  EvtMgr6 - ok
11:31:36.0528 0x13a4  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
11:31:36.0559 0x13a4  HP Software Update - ok
11:31:36.0747 0x13a4  [ 7EE68A122ED08E4AAD8DA551E34D2515, B3C9AB270AF595D3DBAFBF4A312B96CBF00C16F0A03CCC86BE56825CD1EB7143 ] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
11:31:37.0090 0x13a4  SDTray - ok
11:31:37.0152 0x13a4  [ 0EF0822810009D58118CCDFD098FA9F4, 9FAA263057898BCDBCB0A064C463F48D149474AA339A3C4C47626CC118750D2D ] C:\Program Files\iTunes\iTunesHelper.exe
11:31:37.0215 0x13a4  iTunesHelper - ok
11:31:37.0277 0x13a4  [ 271B0D188430670509CB9943D5229205, 74CB5A9D8B5988AE08C0F65C601FC54F8745BAB6825B6FEEFBA8F068D656D8D7 ] C:\Program Files\QuickTime\QTTask.exe
11:31:37.0386 0x13a4  QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
11:31:39.0726 0x13a4  Detect skipped due to KSN trusted
11:31:39.0726 0x13a4  QuickTime Task - ok
11:31:40.0054 0x13a4  [ FFB8CB731D62EC434A552680E0F8EC1A, 7738881188FF99820F6FD667E32FE73E63260289188C449D3462F8B19C48D3FA ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
11:31:40.0631 0x13a4  AvastUI.exe - ok
11:31:40.0740 0x13a4  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
11:31:40.0927 0x13a4  Sidebar - ok
11:31:40.0943 0x13a4  WindowsWelcomeCenter - ok
11:31:41.0005 0x13a4  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
11:31:41.0177 0x13a4  Sidebar - ok
11:31:41.0177 0x13a4  WindowsWelcomeCenter - ok
11:31:41.0224 0x13a4  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\sidebar.exe
11:31:41.0411 0x13a4  Sidebar - ok
11:31:41.0676 0x13a4  [ 796B7EA3D8D1677EBA3710EC60400748, 2AC9DA53F56B633A561078850D037807AC7A0D74C7B8E2F92F397EDF45574369 ] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
11:31:42.0285 0x13a4  SUPERAntiSpyware - ok
11:31:42.0331 0x13a4  [ 35937EAD711207544E219C2A19A78A7D, EE6E5EAE00F577D7C3FFB8C0D8EE484552A337CEAA27FCB107174A9879FE7362 ] C:\Program Files\Windows Media Player\WMPNSCFG.exe
11:31:42.0378 0x13a4  WMPNSCFG - ok
11:31:42.0503 0x13a4  [ 395BCC9122E705F6586217E32CD01CC9, 0A2E3BF0E626A65B9FF1BEFB35FFBC9CCAA3C75DB395D175AAE2DD014A8E8A34 ] C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe
11:31:42.0721 0x13a4  HP Officejet 4620 series (NET) - ok
11:31:42.0909 0x13a4  [ B1949628130F192DA27FDBAEA516BB6E, 13E5A2EBF0FDAB29CEA1E7FAEB3141233198D9A28353BDBB6FDB03602BE32AC6 ] C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe
11:31:43.0314 0x13a4  Spybot-S&D Cleaning - ok
11:31:43.0579 0x13a4  [ 805210C8DB11D5799E7172923959BF98, A8DCB8A6FDE5ED583D329D6D8A5979FFD3E844046335529BB2E81A5D310E5894 ] C:\Program Files\CCleaner\CCleaner.exe
11:31:44.0250 0x13a4  CCleaner Monitoring - ok
11:31:44.0469 0x13a4  [ 805210C8DB11D5799E7172923959BF98, A8DCB8A6FDE5ED583D329D6D8A5979FFD3E844046335529BB2E81A5D310E5894 ] C:\Program Files\CCleaner\CCleaner.exe
11:31:44.0905 0x13a4  CCleaner - ok
11:31:44.0983 0x13a4  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
11:31:45.0186 0x13a4  Sidebar - ok
11:31:45.0202 0x13a4  WindowsWelcomeCenter - ok
11:31:45.0202 0x13a4  RUN - ok
11:31:45.0202 0x13a4  Waiting for KSN requests completion. In queue: 18
11:31:46.0216 0x13a4  Waiting for KSN requests completion. In queue: 18
11:31:47.0230 0x13a4  Waiting for KSN requests completion. In queue: 18
11:31:48.0354 0x13a4  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.0.2208.712 ), 0x41000 ( enabled : updated )
11:31:48.0463 0x13a4  Win FW state via NFP2: enabled
11:31:51.0068 0x13a4  ============================================================
11:31:51.0068 0x13a4  Scan finished
11:31:51.0068 0x13a4  ============================================================
11:31:51.0084 0x15e8  Detected object count: 0
11:31:51.0084 0x15e8  Actual detected object count: 0
11:32:08.0972 0x1194  Deinitialize success
 



#4 stimpsonthecat

stimpsonthecat
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:03 AM

Posted 04 January 2015 - 12:20 PM

# AdwCleaner v4.106 - Report created 04/01/2015 at 12:06:39
# Updated 21/12/2014 by Xplode
# Database : 2015-01-03.1 [Live]
# Operating System : Windows Vista ™ Home Basic Service Pack 2 (32 bits)
# Username : Julie Green - JULIEGREEN-PC
# Running from : C:\Users\Julie Green\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Program Files\Mozilla Firefox\nsprotector.js
File Found : C:\Users\Julie Green\AppData\Roaming\Mozilla\Firefox\Profiles\q2o99llo.default\searchplugins\safesearch.xml
Folder Found : C:\Program Files\CLickFOrSSale
Folder Found : C:\Program Files\Conduit
Folder Found : C:\Program Files\PrrinnceCCouupon
Folder Found : C:\Program Files\ShhopperMasTEr
Folder Found : C:\ProgramData\21f2272e40d7c978
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\BEttErPriiiceCehec
Folder Found : C:\ProgramData\CLickFOrSSale
Folder Found : C:\ProgramData\PrrinnceCCouupon
Folder Found : C:\ProgramData\savInishhop
Folder Found : C:\ProgramData\ShhopperMasTEr
Folder Found : C:\ProgramData\Updater
Folder Found : C:\SearchProtect
Folder Found : C:\Users\Julie Green\AppData\LocalLow\AskToolbar
Folder Found : C:\Users\Julie Green\AppData\LocalLow\Conduit
Folder Found : C:\Users\Julie Green\AppData\LocalLow\iac
Folder Found : C:\Windows\system32\SearchProtect

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\Smartbar
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{23B38049-323F-443D-9732-F454E5B15B72}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC7E25D7-4681-46A3-AF5A-9A1B865783ED}
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3196716
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3201318
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3282134
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3282137
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3297951
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5a1d0d31-749c-4186-a295-4106e6e7b26a}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{35E0D123-1F22-9AE6-F973-B7ECA46E8BFE}

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16599


-\\ Mozilla Firefox v34.0.5 (x86 en-US)

[q2o99llo.default] - Line Found : user_pref("extensions.Jyobn3X.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorobo[...]
[q2o99llo.default] - Line Found : user_pref("extensions.UO44.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorobo.ne[...]
[q2o99llo.default] - Line Found : user_pref("extensions.nMwj5rnQgMe.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumo[...]
[q2o99llo.default] - Line Found : user_pref("extensions.v4jj.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorobo.ne[...]
[q2o99llo.default] - Line Found : user_pref("extensions.yFfg0Yz.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorobo[...]

-\\ Google Chrome v39.0.2171.95

[C:\Users\Julie Green\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

*************************

AdwCleaner[R0].txt - [4423 octets] - [04/01/2015 12:06:39]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [4483 octets] ##########
 



#5 stimpsonthecat

stimpsonthecat
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:03 AM

Posted 04 January 2015 - 12:27 PM

Farbar Service Scanner Version: 21-07-2014
Ran by Julie Green (administrator) on 04-01-2015 at 12:26:34
Running from "C:\Users\Julie Green\Desktop"
Microsoft® Windows Vista™ Home Basic  Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is unreachable
Attempt to access Google.com returned error: Google.com is unreachable
Attempt to access Yahoo.com returned error: Yahoo.com is unreachable


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => File is digitally signed
C:\Windows\system32\Drivers\nsiproxy.sys => File is digitally signed
C:\Windows\system32\dhcpcsvc.dll => File is digitally signed
C:\Windows\system32\Drivers\afd.sys => File is digitally signed
C:\Windows\system32\Drivers\tdx.sys => File is digitally signed
C:\Windows\system32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\system32\dnsrslvr.dll => File is digitally signed
C:\Windows\system32\mpssvc.dll => File is digitally signed
C:\Windows\system32\bfe.dll => File is digitally signed
C:\Windows\system32\Drivers\mpsdrv.sys => File is digitally signed
C:\Windows\system32\SDRSVC.dll => File is digitally signed
C:\Windows\system32\vssvc.exe => File is digitally signed
C:\Windows\system32\wscsvc.dll => File is digitally signed
C:\Windows\system32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\system32\wuaueng.dll => File is digitally signed
C:\Windows\system32\qmgr.dll => File is digitally signed
C:\Windows\system32\es.dll => File is digitally signed
C:\Windows\system32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\system32\ipnathlp.dll => File is digitally signed
C:\Windows\system32\iphlpsvc.dll => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed


**** End of log ****



#6 stimpsonthecat

stimpsonthecat
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:03 AM

Posted 04 January 2015 - 12:52 PM

MiniToolBox by Farbar  Version: 30-11-2014
Ran by Julie Green (administrator) on 04-01-2015 at 12:41:06
Running from "C:\Users\Julie Green\Desktop"
Microsoft® Windows Vista™ Home Basic  Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1             localhost

127.0.0.1       localhost
127.0.0.1    www.007guard.com
127.0.0.1    007guard.com
127.0.0.1    008i.com
127.0.0.1    www.008k.com
127.0.0.1    008k.com
127.0.0.1    www.00hq.com
127.0.0.1    00hq.com
127.0.0.1    010402.com
127.0.0.1    www.032439.com
127.0.0.1    032439.com
127.0.0.1    www.0scan.com
127.0.0.1    0scan.com
127.0.0.1    www.1000gratisproben.com
127.0.0.1    1000gratisproben.com
127.0.0.1    1001namen.com
127.0.0.1    www.1001namen.com
127.0.0.1    100888290cs.com
127.0.0.1    www.100888290cs.com

There are 15176 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

NVIDIA nForce 10/100/1000 Mbps Ethernet  = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : JulieGreen-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : NVIDIA nForce 10/100/1000 Mbps Ethernet
   Physical Address. . . . . . . . . : 00-21-85-00-66-32
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::8163:6c9c:346e:2cae%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.143(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : January-04-15 11:06:18 AM
   Lease Expires . . . . . . . . . . : January-05-15 11:06:19 AM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 218111378
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-E4-10-C2-00-21-85-00-66-32
   DNS Servers . . . . . . . . . . . : 208.67.222.222
                                       208.67.220.220
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 7:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:c23:2765:3f57:fe70(Preferred)
   Link-local IPv6 Address . . . . . : fe80::c23:2765:3f57:fe70%11(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{A59D3306-21E6-47A9-A64F-2FCDBCD6CA56}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  resolver1.opendns.com
Address:  208.67.222.222

Name:    google.com
Addresses:  2607:f8b0:400b:80a::1003
      74.125.226.128
      74.125.226.135
      74.125.226.129
      74.125.226.130
      74.125.226.134
      74.125.226.131
      74.125.226.137
      74.125.226.142
      74.125.226.136
      74.125.226.133
      74.125.226.132



Pinging google.com [173.194.43.104] with 32 bytes of data:

General failure.

Reply from 173.194.43.104: bytes=32 time=9ms TTL=56



Ping statistics for 173.194.43.104:

    Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),

Approximate round trip times in milli-seconds:

    Minimum = 9ms, Maximum = 9ms, Average = 9ms

Server:  resolver1.opendns.com
Address:  208.67.222.222

Name:    yahoo.com
Addresses:  206.190.36.45
      98.139.183.24
      98.138.253.109



Pinging yahoo.com [206.190.36.45] with 32 bytes of data:

General failure.

Reply from 206.190.36.45: bytes=32 time=106ms TTL=49



Ping statistics for 206.190.36.45:

    Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),

Approximate round trip times in milli-seconds:

    Minimum = 106ms, Maximum = 106ms, Average = 106ms



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
 10 ...00 21 85 00 66 32 ...... NVIDIA nForce 10/100/1000 Mbps Ethernet
  1 ........................... Software Loopback Interface 1
 11 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
 12 ...00 00 00 00 00 00 00 e0  isatap.{A59D3306-21E6-47A9-A64F-2FCDBCD6CA56}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.143     10
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.143    266
    192.168.1.143  255.255.255.255         On-link     192.168.1.143    266
    192.168.1.255  255.255.255.255         On-link     192.168.1.143    266
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.143    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.143    266
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 11     38 ::/0                     On-link
  1    306 ::1/128                  On-link
 11     38 2001::/32                On-link
 11    286 2001:0:9d38:6abd:c23:2765:3f57:fe70/128
                                    On-link
 10    266 fe80::/64                On-link
 11    286 fe80::/64                On-link
 11    286 fe80::c23:2765:3f57:fe70/128
                                    On-link
 10    266 fe80::8163:6c9c:346e:2cae/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    286 ff00::/8                 On-link
 10    266 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/04/2015 11:07:18 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/04/2015 07:50:52 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/03/2015 00:19:04 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15756

Error: (01/03/2015 00:19:04 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15756

Error: (01/03/2015 00:19:04 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/03/2015 00:12:27 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/02/2015 03:10:29 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {601ab548-5787-4454-a17b-3121f0bc7e44}

Error: (01/02/2015 03:04:34 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\JULIE GREEN\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK POWERDVD\UNINSTALL POWERDVD.LNK> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (01/02/2015 03:04:34 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\JULIE GREEN\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK POWERDVD\UNINSTALL POWERDVD.LNK> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (01/02/2015 03:04:34 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\JULIE GREEN\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK POWERDVD\READ ME.LNK> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)


System errors:
=============
Error: (01/04/2015 11:09:19 AM) (Source: Service Control Manager) (User: )
Description: NVIDIA Update Service Daemon%%1069

Error: (01/04/2015 11:09:19 AM) (Source: Service Control Manager) (User: )
Description: nvUpdatusService.\UpdatusUser%%1330

Error: (01/04/2015 11:05:54 AM) (Source: ACPI) (User: )
Description: AMLI: ACPI BIOS is attempting to read from an illegal IO port address (0x71), which lies in the 0x70 - 0x71 protected
address range. This could lead to system instability. Please contact your system vendor for technical assistance.

Error: (01/04/2015 11:05:54 AM) (Source: ACPI) (User: )
Description: AMLI: ACPI BIOS is attempting to write to an illegal IO port address (0x70), which lies in the 0x70 - 0x71 protected
address range. This could lead to system instability. Please contact your system vendor for technical assistance.

Error: (01/04/2015 07:52:55 AM) (Source: Service Control Manager) (User: )
Description: NVIDIA Update Service Daemon%%1069

Error: (01/04/2015 07:52:55 AM) (Source: Service Control Manager) (User: )
Description: nvUpdatusService.\UpdatusUser%%1330

Error: (01/04/2015 07:49:55 AM) (Source: ACPI) (User: )
Description: AMLI: ACPI BIOS is attempting to read from an illegal IO port address (0x71), which lies in the 0x70 - 0x71 protected
address range. This could lead to system instability. Please contact your system vendor for technical assistance.

Error: (01/04/2015 07:49:55 AM) (Source: ACPI) (User: )
Description: AMLI: ACPI BIOS is attempting to write to an illegal IO port address (0x70), which lies in the 0x70 - 0x71 protected
address range. This could lead to system instability. Please contact your system vendor for technical assistance.

Error: (01/03/2015 00:14:42 AM) (Source: Service Control Manager) (User: )
Description: NVIDIA Update Service Daemon%%1069

Error: (01/03/2015 00:14:42 AM) (Source: Service Control Manager) (User: )
Description: nvUpdatusService.\UpdatusUser%%1330


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2015-01-04 11:37:34.979
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-04 11:07:37.799
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-04 09:47:16.478
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-04 09:47:15.932
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-04 08:37:35.220
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-04 07:51:06.384
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-03 17:27:22.939
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SPPD.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-03 17:27:21.909
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SPPD.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-03 17:27:21.020
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SPPD.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-03 17:27:20.178
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SPPD.sys because the set of per-page image hashes could not be found on the system.



 Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
=========================== Installed Programs ============================
Acer eDataSecurity Management (HKLM\...\{A5633652-3795-4829-BB0B-644F0279E279}) (Version: 2.8.4360 - Egis Inc.)
Acer Empowering Technology (HKLM\...\{AB6097D9-D722-4987-BD9E-A076E2848EE2}) (Version: 2.5.4301 - Acer Inc.)
Acer ePerformance Management (HKLM\...\{D462BF9E-0C35-4705-BF9B-3DF9F3816643}) (Version: 2.5.4002 - Acer Inc.)
Acer eSettings Management (HKLM\...\{CE65A9A0-9686-45C6-9098-3C9543A412F0}) (Version: 2.5.4302 - Acer Inc.)
Acer Registration (HKLM\...\Acer Registration) (Version:  - Acer - Leader Technologies)
Adblock Plus for IE (32-bit) (HKLM\...\{80D9592D-BB3F-42A0-9907-C0C5A26BB43A}) (Version: 1.3 - Eyeo GmbH)
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader 8.1.0 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A81000000003}) (Version: 8.1.0 - Adobe Systems Incorporated)
Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{01358C56-44F4-B8B3-8757-06F2A864A863}) (Version: 3.0.634.0 - ATI Technologies, Inc.)
Audacity 1.2.6 (HKLM\...\Audacity_is1) (Version:  - )
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.0.2208 - AVAST Software)
Belarc Advisor 8.3 (HKLM\...\Belarc Advisor) (Version: 8.3.0.0 - Belarc Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Eraser 6.0.9.2343 (HKLM\...\{18026153-83A4-40E0-96B6-41E441607518}) (Version: 6.0.2343 - The Eraser Project)
eReg (Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
FinePixViewer Ver.4.1 (HKLM\...\{24ED4D80-8294-11D5-96CD-0040266301AD}) (Version:  - )
Google Chrome (HKLM\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
HP FWUpdateEDO2 (HKLM\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet 4620 series Basic Device Software (HKLM\...\{C4E2A2F2-2A53-42C7-920A-169713776631}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 4620 series Help (HKLM\...\{606C37AB-EB04-4270-A592-201A03C2DB36}) (Version: 6.0.0 - Hewlett Packard)
HP Officejet 4620 series Product Improvement Study (HKLM\...\{5696CE5E-FD09-4DFF-82CE-DB87229F03DD}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iCloud (HKLM\...\{79BD66B2-4DAE-4C3B-B08E-DC72E507C163}) (Version: 2.1.3.25 - Apple Inc.)
ImageMixer VCD2 for FinePix (HKLM\...\{934E9442-D305-4ACF-AD87-A6C11D677CB9}) (Version:  - )
iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.)
IZArc 4.1.6 (HKLM\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1) (Version: 4.1.6 - Ivan Zahariev)
LightScribe  1.4.142.1 (Version: 1.4.142.1 - http://www.lightscribe.com) Hidden
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Money 2002 (HKLM\...\{E7298FD5-1386-11D5-8D6C-0050DAD32D95}) (Version: 10.0.50 - Microsoft)
Microsoft Money 2002 System Pack (HKLM\...\{CF5193F7-6B37-11D5-B7D2-00AA00A204F1}) (Version: 10.0.80 - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works 7.0 (HKLM\...\{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}) (Version: 07.02.0620 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Music Transfer (HKLM\...\{CE2121C6-C94D-4A73-8EA4-6943F33EE335}) (Version: 1.3.00.11130 - Sony Corporation)
NTI Backup NOW! 4.7 (HKLM\...\InstallShield_{1598034D-7147-432C-8CA8-888E0632D124}) (Version: 1.00.0000 - NewTech Infosystems)
NTI Backup NOW! 4.7 (Version: 1.00.0000 - NewTech Infosystems) Hidden
NTI CD & DVD-Maker (HKLM\...\InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}) (Version: 7 - NewTech Infosystems)
NTI CD & DVD-Maker (Version: 7 - NewTech Infosystems) Hidden
NVIDIA Control Panel 307.83 (Version: 307.83 - NVIDIA Corporation) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )
NVIDIA Graphics Driver 307.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 307.83 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.706 - NVIDIA Corporation) Hidden
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
OE Backup 5.0 (HKLM\...\OE Backup) (Version: 5.0 - TopLang Software)
OJ4620FWUpdateAlert (Version: 1.00.0000 - HP) Hidden
PowerDVD 7.0 with 5.1ch (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.2802b - CyberLink Corporation)
Primo (Version: 1.00.0000 - Your Company Name) Hidden
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5497 - Realtek Semiconductor Corp.)
Runtime (Version: 1.00.0000 - Your Company Name) Hidden
Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Sony Picture Utility (HKLM\...\{D5068583-D569-468B-9755-5FBF5848F46F}) (Version: 4.2.02.15040 - Sony Corporation)
Sophos Virus Removal Tool (HKLM\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.4 - Sophos Limited)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SpywareBlaster 4.6 (HKLM\...\SpywareBlaster_is1) (Version: 4.6.0 - Javacool Software LLC)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.0.1146 - SUPERAntiSpyware.com)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office PowerPoint 2007 (KB2597972) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7B9D2746-D03B-442B-A691-90B748E316B4}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
WOT for Internet Explorer (HKLM\...\{373B90E1-A28C-434C-92B6-7281AFA6115A}) (Version: 13.9.2.0 - WOT Services Oy)

========================= Devices: ================================

Name: PS/2 Compatible Mouse
Description: PS/2 Compatible Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Logitech
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


========================= Memory info: ===================================

Percentage of memory in use: 44%
Total physical RAM: 1790.51 MB
Available physical RAM: 987.73 MB
Total Pagefile: 3830.51 MB
Available Pagefile: 2100.34 MB
Total Virtual: 2047.88 MB
Available Virtual: 1950.79 MB

========================= Partitions: =====================================

1 Drive c: (ACER) (Fixed) (Total:144.29 GB) (Free:67.28 GB) NTFS
6 Drive h: (DATA) (Fixed) (Total:144.04 GB) (Free:56.9 GB) NTFS

========================= Users: ========================================

User accounts for \\JULIEGREEN-PC

Administrator            Guest                    Julie Green              
UpdatusUser              

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

20-12-2014 05:00:14 Scheduled Checkpoint
21-12-2014 05:17:58 Scheduled Checkpoint
22-12-2014 05:00:11 Scheduled Checkpoint
23-12-2014 05:00:15 Scheduled Checkpoint
24-12-2014 05:00:13 Scheduled Checkpoint
25-12-2014 05:00:10 Scheduled Checkpoint
27-12-2014 04:00:03 Scheduled Checkpoint
02-01-2015 04:06:20 Windows Update
02-01-2015 11:55:35 Device Driver Package Install: Panda Security, S.L. Network Service
02-01-2015 12:31:13 Installed WOT for Internet Explorer
02-01-2015 13:58:56 Installed Adblock Plus for IE (32-bit)
02-01-2015 18:11:37 Installed Sophos Virus Removal Tool.
02-01-2015 20:10:32 avast! antivirus system restore point
02-01-2015 20:35:28 Windows Update
02-01-2015 20:46:13 Device Driver Package Install: SAMSUNG Electronics Co., Ltd.  Modems
03-01-2015 04:48:26 Windows Update
03-01-2015 21:24:21 Scheduled Checkpoint
04-01-2015 14:55:21 Scheduled Checkpoint

**** End of log ****
 



#7 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:04:03 AM

Posted 05 January 2015 - 07:38 PM

Hi

Please do the following next:

:step1:

We need to disable Spybot S&D's "TeaTimer"
TeaTimer works by preventing ANY changes to the system. It will attempt to undo any fixes we run, because it blocks these fixes from running.
 
In order to safeguard your system from problems that can be brought on by a half finished fix, we need to disable TeaTimer. We can reenable it when we're done if you like.

  • Open SpyBot Search and Destroy by going to Start -> All Programs -> Spybot Search and Destroy -> Spybot Search and Destroy.
  • If prompted with a legal dialog, accept the warning.
  • Click Mode > Advanced Mode.
    spybotmode.png
  • You may be presented with a warning dialog. If so, click Yes
  • Click on Tools and then Resident
    spybottools.png
  • Uncheck this checkbox: "Resident TeaTimer {protection of over-all system settings) active"
  • Close/Exit Spybot Search and Destroy

:step2:

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Clean.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

:step3:

  • Launch Malwarebytes' Anti-Malware (MBAM)
  • Click on the tab update, then click Check for Updates
  • If an update is found, it will download and install the latest version.
  • Then on the Scanner tab select Perform full scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad.
  • Post the full contents of the log in your next reply.

 
Note: Be sure to restart the computer.
 
The log can also be found here:
C:\Users\<Username>\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt

:step4:

I'd like us to scan your machine with ESET Online Scanner:
 
Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.
 
Note: Vista / Windows 7 / Windows 8 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.
 

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png  button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png  
       icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • On ESET: Click the Back button, then the Finish button.

Note: Do not forget to re-enable your Anti-Virus application after running the above scan!

 


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#8 stimpsonthecat

stimpsonthecat
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:03 AM

Posted 06 January 2015 - 10:14 AM

I have a problem

Your instructions seem to be for an old version of the spybot program.!?

The menus do not match so I'm not sure how to do what you are instructing.

See below.

Any ideas of what to do next?

  • Open SpyBot Search and Destroy by going to Start -> All Programs -> Spybot Search and Destroy -> Spybot Search and Destroy

This does not exist.

I tried to post a pic but wasn't allowed.



#9 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:04:03 AM

Posted 06 January 2015 - 07:09 PM

Hi I have asked for assistance with this and will be back once I've got updated instructions.


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#10 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:04:03 AM

Posted 07 January 2015 - 03:35 PM

Hi
 
Please uninstall Spybot S&D - I've been advised it's no longer as effective as it used to be.
 
Then follow steps 2, 3, and 4 from my earlier post here

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#11 stimpsonthecat

stimpsonthecat
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:03 AM

Posted 07 January 2015 - 07:52 PM

# AdwCleaner v4.106 - Report created 07/01/2015 at 19:31:33
# Updated 21/12/2014 by Xplode
# Database : 2015-01-03.1 [Live]
# Operating System : Windows Vista ™ Home Basic Service Pack 2 (32 bits)
# Username : Julie Green - JULIEGREEN-PC
# Running from : C:\Users\Julie Green\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\SearchProtect
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Updater
Folder Deleted : C:\ProgramData\BEttErPriiiceCehec
Folder Deleted : C:\ProgramData\CLickFOrSSale
Folder Deleted : C:\ProgramData\PrrinnceCCouupon
Folder Deleted : C:\ProgramData\savInishhop
Folder Deleted : C:\ProgramData\ShhopperMasTEr
Folder Deleted : C:\ProgramData\21f2272e40d7c978
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\CLickFOrSSale
Folder Deleted : C:\Program Files\PrrinnceCCouupon
Folder Deleted : C:\Program Files\ShhopperMasTEr
Folder Deleted : C:\Windows\system32\SearchProtect
Folder Deleted : C:\Users\Julie Green\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Julie Green\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Julie Green\AppData\LocalLow\iac
File Deleted : C:\Program Files\Mozilla Firefox\nsprotector.js
File Deleted : C:\Users\Julie Green\AppData\Roaming\Mozilla\Firefox\Profiles\q2o99llo.default\searchplugins\safesearch.xml

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3196716
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3201318
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3282134
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3282137
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3297951
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{23B38049-323F-443D-9732-F454E5B15B72}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC7E25D7-4681-46A3-AF5A-9A1B865783ED}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5a1d0d31-749c-4186-a295-4106e6e7b26a}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{35E0D123-1F22-9AE6-F973-B7ECA46E8BFE}

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16599


-\\ Mozilla Firefox v34.0.5 (x86 en-US)

[q2o99llo.default\prefs.js] - Line Deleted : user_pref("extensions.Jyobn3X.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.indexOf(\"sumorobo[...]
[q2o99llo.default\prefs.js] - Line Deleted : user_pref("extensions.UO44.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.indexOf(\"sumorobo.ne[...]
[q2o99llo.default\prefs.js] - Line Deleted : user_pref("extensions.nMwj5rnQgMe.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.indexOf(\"sumo[...]
[q2o99llo.default\prefs.js] - Line Deleted : user_pref("extensions.v4jj.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.indexOf(\"sumorobo.ne[...]
[q2o99llo.default\prefs.js] - Line Deleted : user_pref("extensions.yFfg0Yz.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.indexOf(\"sumorobo[...]

-\\ Google Chrome v39.0.2171.95

[C:\Users\Julie Green\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

*************************

AdwCleaner[R1].txt - [4539 octets] - [07/01/2015 19:28:55]
AdwCleaner[S0].txt - [4513 octets] - [07/01/2015 19:31:33]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4573 octets] ##########
 



#12 stimpsonthecat

stimpsonthecat
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:03 AM

Posted 07 January 2015 - 08:41 PM

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 07/01/2015
Scan Time: 8:24:32 PM
Logfile:
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.01.07.21
Rootkit Database: v2015.01.07.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows Vista Service Pack 2
CPU: x86
File System: NTFS
User: Julie Green

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 352634
Time Elapsed: 15 min, 32 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)



#13 stimpsonthecat

stimpsonthecat
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:03 AM

Posted 07 January 2015 - 11:57 PM

C:\AdwCleaner\Quarantine\C\Program Files\Mozilla Firefox\nsprotector.js.vir    Win32/Conduit.SearchProtect.A potentially unwanted application    deleted - quarantined
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\SPPD.sys-k.mbam    Win32/ClientConnect.B potentially unwanted application    deleted (after the next restart) - quarantined
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\SPPD.sys-r.mbam    Win32/ClientConnect.B potentially unwanted application    deleted (after the next restart) - quarantined
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\SPPD.sys-u.mbam    Win32/ClientConnect.B potentially unwanted application    deleted (after the next restart) - quarantined
C:\Users\All Users\Malwarebytes\Malwarebytes Anti-Malware\SPPD.sys-k.mbam    Win32/ClientConnect.B potentially unwanted application    deleted (after the next restart) - quarantined
C:\Users\All Users\Malwarebytes\Malwarebytes Anti-Malware\SPPD.sys-r.mbam    Win32/ClientConnect.B potentially unwanted application    deleted (after the next restart) - quarantined
C:\Users\All Users\Malwarebytes\Malwarebytes Anti-Malware\SPPD.sys-u.mbam    Win32/ClientConnect.B potentially unwanted application    deleted (after the next restart) - quarantined
H:\CARLS TEMP\DOWNLOADS\ccsetup315.exe    Win32/Bundled.Toolbar.Google.E potentially unsafe application    deleted - quarantined
H:\CARLS TEMP\DOWNLOADS\cpu-z_1.59-setup-en.exe    a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application    deleted - quarantined
H:\CARLS TEMP\DOWNLOADS\IZArc4.1.6.exe    Win32/OpenCandy potentially unsafe application    deleted - quarantined
 



#14 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:04:03 AM

Posted 08 January 2015 - 04:21 PM

How is the computer running now?

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#15 stimpsonthecat

stimpsonthecat
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:03 AM

Posted 09 January 2015 - 03:07 AM

After I ran AdwCleaner, The network connection Icon in the bottom right hand corner of the taskbar said the computer wasn't connected.

I went into the network stuff and it said I wasn't connected to the internet, but I could access the internet.

I told the computer to repair the connection but it said now I was connected but the Icon at the bottom still said no connection.

Do I need to delete the current connection and redo it?

 

Also should I uninstall java or disable it in all browsers?

 

Also do I need to delete all my computer backups and do a new backup because some of this nasty stuff is probably in my backups?

Do I need to do the same thing with the restore points?

 

Sorry about all the questions.....

 

Your help with these things have been greatly appreciated as this conduit stuff I could not get rid of and it's been a royal pain in my you know what.

Thanks again.

Your website and all the great people here are a godsend to us all.


Edited by stimpsonthecat, 09 January 2015 - 03:08 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users