Computer slow down overnight

[Kiasu]

i am having minimum knowledge in computer. Please help me.

 

[kuttus]

Hi and welcome to the malwaretips.com forums!

I'm Kuttus and I am going to try to assist you with your problem. Please take note of the below:

• I will start working on your malware issues, this may or may not, solve other issues you have with your machine.
• The fixes are specific to your problem and should only be used for this issue on this machine!
• The process is not instant. Please continue to review my answers until I tell you your machine is clear. Absence of symptoms does not mean that everything is clear.
• If you don't know, stop and ask! Don't keep going on.
• Please reply to this thread. Do not start a new topic.
• Refrain from running self fixes as this will hinder the malware removal process.
• It may prove beneficial if you print of the following instructions or save them to notepad as I post them.

Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.


Before we start:
Please be aware that removing malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.
<hr />


Please run the following utility so that I can get a log of your system...
STEP 1 : Run a scan with Combofix

Please read and follow very carefully the below instructions​

Download ComboFix from one of the following locations:

COMBOFIX DOWNLOAD LINK #1 (This link will automatically download Combofix on your computer)
COMBOFIX DOWNLOAD LINK #2 (This link will automatically download Combofix on your computer)
----------------------------------------------------------------
VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

<ul>
<li>Close any open browsers.</li>
<li>Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
<>Very Important!</> Temporarily <>disable</> your <>anti-virus</>, <>script blocking</> and any <>anti-malware</> real-time protection <em><>before</></em> performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause <em>"unpredictable results"</em>.</li>
<li><>WARNING: Combofix will disconnect your machine from the Internet as soon as it starts</>.Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
If there is no internet connection after running Combofix, then restart your computer to restore back your connection.</li>
</ul>
-----------------------------------------------------------------

How to run the Combofix scan :

1. Double click on ComboFix.exe & follow the prompts.
2. Accept the disclaimer and allow to update if it asks
3. When finished, it shall produce a log for you.
   [*]Please include the C:\ComboFix.txt in your next reply.

Additional notes:
<ol><li> Do not mouse-click Combofix's window while it is running. That may cause it to stall.</li>
<li> Do not "re-run" Combofix. If you have a problem, reply back for further instructions.</li>
<li> If after the reboot you get errors about programms being marked for deletion then reboot, that will cure it.</li></ol>



<hr />

STEP 2: Run a scan with RogueKiller
<ol>
<li>Please <>download the latest official version of </><>RogueKiller</>.
<a href="http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe" rel="nofollow" target="_blank">RogueKiller Download Link</a> (This link will automatically download RogueKiller on your computer)</li>
<li><>Double click on RogueKiller.exe</> to start this utility and then <>wait for the Prescan to complete</>.This should take only a few seconds and then you can <>click the Start button</> to perform a system scan.
<img title="Click on the Start button to perform a system scan" src="http://malwaretips.com/blogs/wp-content/uploads/2012/04/roguek-1.png" alt="[Image: roguekiller-1.png]" width="600" height="450" border="0" /></li>
<li>After the scan has completed, <>press the Delete button</> to remove any malicious registry keys.
<img title="Press Delete to remove the malicious registry keys" src="http://malwaretips.com/blogs/wp-content/uploads/2012/04/roguek-2.png" alt="[Image: roguekiller-2.png]" width="600" height="450" border="0" /></li>
<li>Next we will need to restore your shortcuts, <>so click on the ShortcutsFix button </>and allow the program to run.
<img title="Click on the Start button to perform a system scan" src="http://malwaretips.com/blogs/wp-content/uploads/2012/04/roguek-3.png" alt="[Image: roguekiller-1.png]" width="600" height="450" border="0" /></li>
</ol>

The report has been created on the desktop.In your next reply please post:

All RKreport.txt text files located on your desktop.

<hr />

 

[Kiasu]

Hi Kuttus,

I am sorry. How do I disable anti-virus, script blocking and anti-malware

 

[kuttus]

For MSE no need to do it... Download and Run the Combofix.....

 

[Kiasu]

Hi Kuttus,

@@@@@@ This is the COMBOFIX's report @@@@@@

ComboFix 13-03-05.01 - Kiasu 03/06/2013 15:37:16.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1791.949 [GMT 8:00]
Running from: c:\users\Kiasu\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Common Files\Acer GameZone online.ico
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((( Files Created from 2013-02-06 to 2013-03-06 )))))))))))))))))))))))))))))))
.
.
2013-03-06 07:42 . 2013-03-06 07:42 -------- d-----w- c:\users\Mike\AppData\Local\temp
2013-03-06 07:42 . 2013-03-06 07:42 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-03-06 07:42 . 2013-03-06 07:42 -------- d-----w- c:\users\Delphine\AppData\Local\temp
2013-02-25 05:01 . 2013-02-25 05:01 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-02-25 03:18 . 2013-02-25 03:18 -------- d-----w- c:\program files\iPod
2013-02-25 03:18 . 2013-02-25 03:18 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-02-25 03:18 . 2013-02-25 03:18 -------- d-----w- c:\program files\iTunes
2013-02-15 11:58 . 2013-02-15 11:58 106088 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
2013-02-14 02:48 . 2013-01-04 03:00 2347008 ----a-w- c:\windows\system32\win32k.sys
2013-02-14 02:48 . 2013-01-05 05:00 3967848 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-02-14 02:48 . 2013-01-05 05:00 3913064 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-14 02:48 . 2013-01-03 05:05 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-14 02:48 . 2013-01-03 05:04 187752 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-14 02:48 . 2013-01-04 04:50 169984 ----a-w- c:\windows\system32\winsrv.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-04 10:16 . 2012-06-12 09:18 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-04 10:16 . 2011-09-27 05:59 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-25 05:01 . 2012-07-11 05:17 861088 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-02-25 05:01 . 2010-08-25 03:24 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-01-30 10:53 . 2011-09-27 03:32 232336 ------w- c:\windows\system32\MpSigStub.exe
2012-12-16 14:13 . 2012-12-21 19:00 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-21 19:00 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-14 08:49 . 2012-05-23 04:25 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-07 12:26 . 2013-01-09 02:50 308736 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 12:20 . 2013-01-09 02:50 2576384 ----a-w- c:\windows\system32\gameux.dll
2012-12-07 10:46 . 2013-01-09 02:50 43520 ----a-w- c:\windows\system32\csrr.rs
2012-12-07 10:46 . 2013-01-09 02:50 30720 ----a-w- c:\windows\system32\usk.rs
2012-12-07 10:46 . 2013-01-09 02:50 45568 ----a-w- c:\windows\system32\oflc-nz.rs
2012-12-07 10:46 . 2013-01-09 02:50 44544 ----a-w- c:\windows\system32\pegibbfc.rs
2012-12-07 10:46 . 2013-01-09 02:50 20480 ----a-w- c:\windows\system32\pegi-pt.rs
2012-12-07 10:46 . 2013-01-09 02:50 23552 ----a-w- c:\windows\system32\oflc.rs
2012-12-07 10:46 . 2013-01-09 02:50 20480 ----a-w- c:\windows\system32\pegi-fi.rs
2012-12-07 10:46 . 2013-01-09 02:50 46592 ----a-w- c:\windows\system32\fpb.rs
2012-12-07 10:46 . 2013-01-09 02:50 20480 ----a-w- c:\windows\system32\pegi.rs
2012-12-07 10:46 . 2013-01-09 02:50 21504 ----a-w- c:\windows\system32\grb.rs
2012-12-07 10:46 . 2013-01-09 02:50 40960 ----a-w- c:\windows\system32\cob-au.rs
2012-12-07 10:46 . 2013-01-09 02:50 15360 ----a-w- c:\windows\system32\djctq.rs
2012-12-07 10:46 . 2013-01-09 02:50 55296 ----a-w- c:\windows\system32\cero.rs
2012-12-07 10:46 . 2013-01-09 02:50 51712 ----a-w- c:\windows\system32\esrb.rs
2013-03-01 09:44 . 2013-03-01 09:44 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2013-02-08 1520776]
"{1ddbf9f6-1744-43d1-8d64-bc4ec9475556}"= "c:\program files\Speed_eRealtor\prxtbSpe0.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_CLASSES_ROOT\clsid\{1ddbf9f6-1744-43d1-8d64-bc4ec9475556}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{1ddbf9f6-1744-43d1-8d64-bc4ec9475556}]
2011-05-09 09:49 176936 ----a-w- c:\program files\Speed_eRealtor\prxtbSpe0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{1ddbf9f6-1744-43d1-8d64-bc4ec9475556}"= "c:\program files\Speed_eRealtor\prxtbSpe0.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{1ddbf9f6-1744-43d1-8d64-bc4ec9475556}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{1DDBF9F6-1744-43D1-8D64-BC4EC9475556}"= "c:\program files\Speed_eRealtor\prxtbSpe0.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{1ddbf9f6-1744-43d1-8d64-bc4ec9475556}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Kiasu\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Kiasu\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Kiasu\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-05-22 39408]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"DuckCapture"="c:\program files\DuckLink\DuckCapture\DuckCapture.exe" [2011-11-03 436736]
"BIBLauncher"="c:\program files\Business-in-a-Box\BIBLauncher.exe" [2012-05-16 915248]
"Akamai NetSession Interface"="c:\users\Kiasu\AppData\Local\Akamai\netsession_win.exe" [2012-10-09 4441920]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Hotkey Utility"="c:\program files\Acer\Hotkey Utility\HotkeyUtility.exe" [2009-08-18 629280]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-12-19 41208]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-07-20 7625248]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-24 421888]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2013-02-08 1644680]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-02-20 152392]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
c:\users\Delphine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Kiasu\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-1-21 28539272]
.
c:\users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Kiasu\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-1-21 28539272]
.
c:\users\Kiasu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Kiasu\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-1-21 28539272]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [x]
S3 netr28u;RT2870 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr28u.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MPKSL46930012
*Deregistered* - MpKsl46930012
*Deregistered* - NisDrv
.
Contents of the 'Scheduled Tasks' folder
.
2013-03-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-12 10:16]
.
2013-03-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-05-22 02:41]
.
2013-03-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-05-22 02:41]
.
2013-03-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-220855331-1787636760-1700731604-1003Core.job
- c:\users\Kiasu\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-17 05:17]
.
2013-03-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-220855331-1787636760-1700731604-1003UA.job
- c:\users\Kiasu\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-17 05:17]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
mStart Page = hxxp://start.funmoods.com/?f=1&a=bf4&chnl=bf4&cd=2XzuyEtN2Y1L1QzutDtDtByEtBtCzztB0F0C0D0F0CtDzyyCtN0D0Tzu0CtBtDyBtN1L2XzutBtFtCtFtDtFtAtDtC&cr=20574634
uInternet Settings,ProxyOverride = <local>
IE: Download with &Media Finder - c:\program files\Media Finder\hook.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{1FA3BC6A-EB93-4CCF-8430-195513F81705}\2375942554532343: NameServer = 165.21.83.88,165.21.100.88
FF - ProfilePath - c:\users\Kiasu\AppData\Roaming\Mozilla\Firefox\Profiles\mowmpdha.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3203373&SearchSource=2&CUI=UN21648757804521285&UM=&q=
.
.
------- File Associations -------
.
.scr=DWGTrueViewScriptFile
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{50FAFAF0-70A9-419D-A109-FA4B4FFD4E37} - (no file)
HKCU-Run-MobileDocuments - c:\program files\Common Files\Apple\Internet Services\ubd.exe
HKCU-Run-Media Finder - c:\program files\Media Finder\Media Finder.exe
SafeBoot-mcmscsvc
SafeBoot-MCODS
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-03-06 15:44:09
ComboFix-quarantined-files.txt 2013-03-06 07:44
.
Pre-Run: 81,248,468,992 bytes free
Post-Run: 81,056,366,592 bytes free
.
- - End Of File - - 9EC72346817BC85F3C5674043A19F057




@@@@@@ This is the RKreport 1 @@@@@@

RogueKiller V8.5.2 [Feb 23 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : Kiasu [Admin rights]
Mode : Scan -- Date : 03/06/2013 15:51:58
| ARK || FAK || MBR |

¤¤¤ Bad processes : 1 ¤¤¤
[Microsoft][HJNAME] notepad.exe -- C:\Windows\System32\notepad.exe [7] -> KILLED [TermProc]

¤¤¤ Registry Entries : 7 ¤¤¤
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST332041 8AS SCSI Disk Device +++++
--- User ---
[MBR] 5d6e4671077dd0efc41e2850ff69a917
[BSP] c2302ee39dce0f36e854a1bcf2e178ff : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 15360 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 31459328 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 31664128 | Size: 144846 Mo
3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 328308736 | Size: 144937 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[1]_S_03062013_02d1551.txt >>
RKreport[1]_S_03062013_02d1551.txt




@@@@@@ This is the RKreport 2 @@@@@@

RogueKiller V8.5.2 [Feb 23 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : Kiasu [Admin rights]
Mode : Remove -- Date : 03/06/2013 15:53:03
| ARK || FAK || MBR |

¤¤¤ Bad processes : 1 ¤¤¤
[Microsoft][HJNAME] notepad.exe -- C:\Windows\System32\notepad.exe [7] -> KILLED [TermProc]

¤¤¤ Registry Entries : 7 ¤¤¤
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST332041 8AS SCSI Disk Device +++++
--- User ---
[MBR] 5d6e4671077dd0efc41e2850ff69a917
[BSP] c2302ee39dce0f36e854a1bcf2e178ff : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 15360 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 31459328 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 31664128 | Size: 144846 Mo
3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 328308736 | Size: 144937 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[2]_D_03062013_02d1553.txt >>
RKreport[1]_S_03062013_02d1551.txt ; RKreport[2]_D_03062013_02d1553.txt





@@@@@@ This is the RKreport 3 @@@@@@

RogueKiller V8.5.2 [Feb 23 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : Kiasu [Admin rights]
Mode : Shortcuts HJfix -- Date : 03/06/2013 15:53:55
| ARK || FAK || MBR |

¤¤¤ Bad processes : 1 ¤¤¤
[Microsoft][HJNAME] notepad.exe -- C:\Windows\System32\notepad.exe [7] -> KILLED [TermProc]

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ File attributes restored: ¤¤¤
Desktop: Success 19 / Fail 0
Quick launch: Success 1 / Fail 0
Programs: Success 8 / Fail 0
Start menu: Success 1 / Fail 0
User folder: Success 48 / Fail 0
My documents: Success 50 / Fail 50
My favorites: Success 0 / Fail 0
My pictures: Success 0 / Fail 0
My music: Success 232 / Fail 0
My videos: Success 0 / Fail 0
Local drives: Success 157 / Fail 0
Backup: [NOT FOUND]

Drives:
[C:] \Device\HarddiskVolume3 -- 0x3 --> Restored
[D:] \Device\HarddiskVolume4 -- 0x3 --> Restored
[E:] \Device\CdRom0 -- 0x5 --> Skipped
[F:] \Device\HarddiskVolume5 -- 0x2 --> Restored
[G:] \Device\HarddiskVolume6 -- 0x2 --> Restored
[H:] \Device\HarddiskVolume7 -- 0x2 --> Restored
[I:] \Device\HarddiskVolume8 -- 0x2 --> Restored
[J:] \Device\HarddiskVolume9 -- 0x2 --> Restored

Finished : << RKreport[3]_SC_03062013_02d1553.txt >>
RKreport[1]_S_03062013_02d1551.txt ; RKreport[2]_D_03062013_02d1553.txt ; RKreport[3]_SC_03062013_02d1553.txt



I have just re-start the computer. The speed seems ok now. Please let me know what I need to do further after you read the report. Thanks

 

[kuttus]

STEP 1: Run a scan with Junkware Removal Tool

Please download Junkware Removal Tool to your desktop from here

• Turn off your antivirus software now to avoid potential conflicts
• Double-click to run the tool. For Windows Vista or 7 users, right-click the file and select Run as Administrator
• The tool will open and start scanning your system
• Please be patient as this can take a while to complete depending on your system's specifications
• On completion, a log (JRT.txt) will be saved to your desktop and will automatically open
• Post the contents of JRT.txt into your next reply

---

STEP 2: Run a scan with AdwCleaner

<ol><li>Download AdwCleaner from the below link.
<><a href="http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner" target="_blank">ADWCLEANER DOWNLAOD LINK</a></> (This link will automatically download Security Check on your computer)</li>

<li>Close all open programs and internet browsers.</li>
<li>Double click on <>adwcleaner.exe</> to run the tool.</li>
<li>Click on <>Delete</>,then confirm each time with <>Ok</>.</li>
<li>Your computer will be rebooted automatically. A text file will open after the restart.</li>
<li>Please post the contents of that logfile with your next reply.</li>
<li>You can find the logfile at <>C:\AdwCleaner[S1].txt</> as well.</li>
</ol>
<hr/>
STEP 3 : Run a scan with Kaspersky TDSSKiller
<ol>
<li>Download Kaspersky TDSKiller from the below link.
<><a title="External link" href="http://support.kaspersky.com/downloads/utils/tdsskiller.exe" rel="external">KASPERKSY TDSSKILLER DOWNLOAD LINK</a></> <em>(This link will automatically download Kaspersky TDSSKiller on your computer)</em>
</li>
<li>Double-click on <>TDSSKiller.exe</> to run the application.
<img src="http://img4.imageshack.us/img4/1907/tdss1.png" alt="Posted Image" /></li>
<li>Click <>Change parameters</>
<img src="http://img593.imageshack.us/img593/288/tdss2.png" alt="Posted Image" /></li>
<li>Check the boxes next to <>Verify Driver Digital Signature</> and <>Detect TDLFS file system</>, then click <>OK</>
<img src="http://img521.imageshack.us/img521/1456/tdss3.png" alt="Posted Image" /></li>
<li>Click on the <>Start Scan</> button to begin the scan and wait for it to finish.
<>NOTE:</> Do not use the computer during the scan!</li>
<li>During the scan it will look similar to the image below:
<img src="http://img6.imageshack.us/img6/9136/tdss4.jpg" alt="Posted Image" /></li>
<li>When it finishes, you will either see a report that no threats were found like below:
<img src="http://img696.imageshack.us/img696/9898/tdss5.jpg" alt="Posted Image" />
If no threats are found at this point, just click the <>Report</> selection on the top right of the form to generate a log. A log file report will pop which you can just close since the report file is already saved.</li>
<li>If any infection or suspected items are found, you will see a window similar to below:
<img src="http://img854.imageshack.us/img854/905/tdss7.jpg" alt="Posted Image" />
<ul>
<li>If you have files that are shown to fail <em>signature check</em> do not take any action on these. Make sure you select <>Skip</>. I will tell you what to do with these later. They may not be issues at all.</li>
<li>If <em>Suspicious objects</em> are detected, the default action will be Skip. Leave the default set to Skip.</li>
<li>If <em>Malicious objects</em> are detected, they will show in the Scan results. TDSSKiller automatically selects an action (Cure or Delete) for malicious objects
Make sure that <>Cure</> is selected. <>VERY IMPORTANT!</> - If <em>Cure</em> is not available, please choose <>Skip</> instead. DO NOT choose Delete unless instructed to do so.</li>
</ul>
</li>
<li>Click <>Continue</> to apply selected actions.</li>
<li>A reboot may be required to complete disinfection. A window like the below will appear:
<img src="http://img828.imageshack.us/img828/4812/tdss6.jpg" alt="Posted Image" />
Reboot immediately if TDSSKiller states that one is needed.</li>
<li>Whether an infection is found or not, a log file should have already been created on your C: drive (or whatever drive you boot from) in the root folder named something like <>TDSSKiller.2.1.1_2.12.2012_14.17.04_log.txt</> which is based on the program version # and date and time run.</li>
<li>Attach this log to your next reply.</li>
</ol>
<hr />

 

[Kiasu]

i cannot run Junkware Removal Tool. It says "This file appears malicious" and wants me to discard. I am using MSE

 

[kuttus]

No need to worry. It is a Safe one.. You can Select Keep.

 

[Kiasu]

There is no other to select. Only "discard". I tried a couple of time

 

[Kiasu]

@@@@@@ This is from AdwCleaner[R1] @@@@@@

# AdwCleaner v2.114 - Logfile created 03/07/2013 at 15:07:10
# Updated 05/03/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)
# User : Kiasu - BDG-DT01
# Boot Mode : Normal
# Running from : C:\Users\Kiasu\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\user.js
File Found : C:\Users\Kiasu\AppData\Local\funmoods-speeddial.crx
File Found : C:\Users\Kiasu\AppData\Roaming\Mozilla\Firefox\Profiles\mowmpdha.default\searchplugins\Askcom.xml
Folder Found : C:\Program Files\Ask.com
Folder Found : C:\Program Files\Conduit
Folder Found : C:\Program Files\Speed_eRealtor
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\blekko toolbars
Folder Found : C:\ProgramData\InstallMate
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
Folder Found : C:\ProgramData\Partner
Folder Found : C:\ProgramData\Premium
Folder Found : C:\Users\Delphine\AppData\Local\Conduit
Folder Found : C:\Users\Delphine\AppData\LocalLow\Conduit
Folder Found : C:\Users\Kiasu\AppData\Local\APN
Folder Found : C:\Users\Kiasu\AppData\Local\Conduit
Folder Found : C:\Users\Kiasu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
Folder Found : C:\Users\Kiasu\AppData\Local\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Folder Found : C:\Users\Kiasu\AppData\Local\Google\Chrome\User Data\Default\Extensions\oldlepaalnnjmdjlcplcpmhaepdghkni
Folder Found : C:\Users\Kiasu\AppData\LocalLow\AskToolbar
Folder Found : C:\Users\Kiasu\AppData\LocalLow\Conduit
Folder Found : C:\Users\Kiasu\AppData\LocalLow\Speed_eRealtor
Folder Found : C:\Users\Kiasu\AppData\Roaming\Media Finder
Folder Found : C:\Users\Kiasu\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Folder Found : C:\Users\Kiasu\AppData\Roaming\Mozilla\Firefox\Profiles\mowmpdha.default\CT3203373
Folder Found : C:\Users\Kiasu\AppData\Roaming\Mozilla\Firefox\Profiles\mowmpdha.default\extensions\{1ddbf9f6-1744-43d1-8d64-bc4ec9475556}
Folder Found : C:\Users\Kiasu\AppData\Roaming\Mozilla\Firefox\Profiles\mowmpdha.default\extensions\toolbar@ask.com
Folder Found : C:\Users\Kiasu\AppData\Roaming\Mozilla\Firefox\Profiles\mowmpdha.default\Smartbar
Folder Found : C:\Users\Kiasu\AppData\Roaming\OpenCandy
Folder Found : C:\Users\Kiasu\AppData\Roaming\pdfforge
Folder Found : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Found : HKCU\Software\APN
Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Software\Speed_eRealtor
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\Ask.com
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Google\Chrome\Extensions\oldlepaalnnjmdjlcplcpmhaepdghkni
Key Found : HKCU\Software\MediaFinder
Key Found : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1DDBF9F6-1744-43D1-8D64-BC4EC9475556}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1DDBF9F6-1744-43D1-8D64-BC4EC9475556}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6FE3102A-3934-48DB-97E8-AF67A4848E1F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKLM\Software\APN
Key Found : HKLM\Software\AskToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1DDBF9F6-1744-43D1-8D64-BC4EC9475556}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6FE3102A-3934-48DB-97E8-AF67A4848E1F}
Key Found : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Key Found : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Key Found : HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Key Found : HKLM\SOFTWARE\Classes\MF
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3106777
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3203373
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\oldlepaalnnjmdjlcplcpmhaepdghkni
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{13EC1854-0936-4347-80B9-B0F2C430CE28}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7D76343B-68EE-4476-808C-1F8F6755868E}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DDBF9F6-1744-43D1-8D64-BC4EC9475556}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6FE3102A-3934-48DB-97E8-AF67A4848E1F}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Speed_eRealtor Toolbar
Key Found : HKLM\Software\Speed_eRealtor
Key Found : HKU\S-1-5-21-220855331-1787636760-1700731604-1003\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{1DDBF9F6-1744-43D1-8D64-BC4EC9475556}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{1DDBF9F6-1744-43D1-8D64-BC4EC9475556}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{1DDBF9F6-1744-43D1-8D64-BC4EC9475556}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{1DDBF9F6-1744-43D1-8D64-BC4EC9475556}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Found : HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16464

[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.funmoods.com/?f=1&a=bf4&chnl=bf4&cd=2XzuyEtN2Y1L1QzutDtDtByEtBtCzztB0F0C0D0F0CtDzyyCtN0D0Tzu0CtBtDyBtN1L2XzutBtFtCtFtDtFtAtDtC&cr=20574634

-\\ Mozilla Firefox v19.0 (en-US)

File : C:\Users\Kiasu\AppData\Roaming\Mozilla\Firefox\Profiles\mowmpdha.default\prefs.js

Found : user_pref("CT3203373.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT3203373.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Found : user_pref("CT3203373.FirstTime", "true");
Found : user_pref("CT3203373.FirstTimeFF3", "true");
Found : user_pref("CT3203373.LoginRevertSettingsEnabled", true);
Found : user_pref("CT3203373.RevertSettingsEnabled", true);
Found : user_pref("CT3203373.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT320[...]
Found : user_pref("CT3203373.UserID", "UN21648757804521285");
Found : user_pref("CT3203373.addressBarTakeOverEnabledInHidden", "true");
Found : user_pref("CT3203373.browser.search.defaultthis.engineName", true);
Found : user_pref("CT3203373.embeddedsData", "[{\"appId\":\"10000002\",\"apiPermissions\":{\"crossDomainAjax[...]
Found : user_pref("CT3203373.enableAlerts", "always");
Found : user_pref("CT3203373.enableFix404ByUser", "TRUE");
Found : user_pref("CT3203373.firstTimeDialogOpened", "true");
Found : user_pref("CT3203373.fixPageNotFoundErrorByUser", "TRUE");
Found : user_pref("CT3203373.fixPageNotFoundErrorInHidden", "true");
Found : user_pref("CT3203373.fixUrls", true);
Found : user_pref("CT3203373.installType", "DirectDownload");
Found : user_pref("CT3203373.isCheckedStartAsHidden", true);
Found : user_pref("CT3203373.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT3203373.isFirstTimeToolbarLoading", "false");
Found : user_pref("CT3203373.isNewTabEnabled", false);
Found : user_pref("CT3203373.isPerformedSmartBarTransition", "true");
Found : user_pref("CT3203373.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Found : user_pref("CT3203373.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Found : user_pref("CT3203373.keyword", true);
Found : user_pref("CT3203373.lastVersion", "10.14.350.531");
Found : user_pref("CT3203373.migrateAppsAndComponents", true);
Found : user_pref("CT3203373.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fwww.filehippo.co[...]
Found : user_pref("CT3203373.personalApps", "{\"dataType\":\"object\",\"data\":\"[\\\"EMAIL_NOTIFIER\\\",\\\[...]
Found : user_pref("CT3203373.search.searchAppId", "10000002");
Found : user_pref("CT3203373.search.searchCount", "0");
Found : user_pref("CT3203373.searchInNewTabEnabled", "false");
Found : user_pref("CT3203373.searchInNewTabEnabledByUser", "false");
Found : user_pref("CT3203373.searchInNewTabEnabledInHidden", "true");
Found : user_pref("CT3203373.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT3203373.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Found : user_pref("CT3203373.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Found : user_pref("CT3203373.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Found : user_pref("CT3203373.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Found : user_pref("CT3203373.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Found : user_pref("CT3203373.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Found : user_pref("CT3203373.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1362125686864");
Found : user_pref("CT3203373.serviceLayer_services_appsMetadata_lastUpdate", "1362550854757");
Found : user_pref("CT3203373.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1362126672148");
Found : user_pref("CT3203373.serviceLayer_services_location_lastUpdate", "1362298336483");
Found : user_pref("CT3203373.serviceLayer_services_login_10.13.1.89_lastUpdate", "1354752449700");
Found : user_pref("CT3203373.serviceLayer_services_login_10.13.40.15_lastUpdate", "1358491910067");
Found : user_pref("CT3203373.serviceLayer_services_login_10.14.40.128_lastUpdate", "1361147484786");
Found : user_pref("CT3203373.serviceLayer_services_login_10.14.65.43_lastUpdate", "1362356067338");
Found : user_pref("CT3203373.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1362126672187");
Found : user_pref("CT3203373.serviceLayer_services_searchAPI_lastUpdate", "1362298336514");
Found : user_pref("CT3203373.serviceLayer_services_serviceMap_lastUpdate", "1362298335793");
Found : user_pref("CT3203373.serviceLayer_services_setupAPI_lastUpdate", "1362298337000");
Found : user_pref("CT3203373.serviceLayer_services_toolbarContextMenu_lastUpdate", "1362126672106");
Found : user_pref("CT3203373.serviceLayer_services_toolbarSettings_lastUpdate", "1362550859473");
Found : user_pref("CT3203373.serviceLayer_services_translation_lastUpdate", "1362298457929");
Found : user_pref("CT3203373.settingsINI", true);
Found : user_pref("CT3203373.smartbar.CTID", "CT3203373");
Found : user_pref("CT3203373.smartbar.Uninstall", "0");
Found : user_pref("CT3203373.smartbar.toolbarName", "SpeedeRealtor ");
Found : user_pref("CT3203373.toolbarBornServerTime", "9-11-2012");
Found : user_pref("CT3203373.toolbarCurrentServerTime", "4-3-2013");
Found : user_pref("CT3203373_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Found : user_pref("Smartbar.ConduitSearchEngineList", "");
Found : user_pref("Smartbar.ConduitSearchUrlList", "");
Found : user_pref("Smartbar.keywordURLSelectedCTID", "CT3203373");
Found : user_pref("browser.search.defaultengine", "Ask.com");
Found : user_pref("browser.search.defaultenginename", "Ask.com");
Found : user_pref("browser.search.order.1", "Ask.com");
Found : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://search.conduit.com/ResultsExt.aspx?cti[...]
Found : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3203373&SearchSource=2&CU[...]
Found : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT[...]
Found : user_pref("smartbar.machineId", "O5FGWNKN1UGRNWG+/F7LEQXD5UCJXY1VJJ3+EVQRU7JRM5/XR8UAVL7LGRWEFIYGGMS[...]
Found : user_pref("smartbar.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT320[...]

-\\ Google Chrome v25.0.1364.152

File : C:\Users\Kiasu\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found [l.43] : icon_url = "hxxp://www.ask.com/favicon.ico",
Found [l.46] : keyword = "ask.com",
Found [l.49] : search_url = "hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=610C088E-5E2F-4712-93E9-B0EAE93C60FA&apn_ptnrs=U3&apn_sauid=5992F15E-5B92-45C1-9525-4259060C66AE&apn_dtid=OSJ000YYSG&q={searchTerms}",
Found [l.50] : suggest_url = "hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms}"

*************************

AdwCleaner[R1].txt - [19632 octets] - [07/03/2013 15:07:10]

########## EOF - C:\AdwCleaner[R1].txt - [19693 octets] ##########






@@@@@@ This is from AdwCleaner[S1] @@@@@@

# AdwCleaner v2.114 - Logfile created 03/07/2013 at 15:10:28
# Updated 05/03/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)
# User : Kiasu - BDG-DT01
# Boot Mode : Normal
# Running from : C:\Users\Kiasu\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\user.js
File Deleted : C:\Users\Kiasu\AppData\Local\funmoods-speeddial.crx
File Deleted : C:\Users\Kiasu\AppData\Roaming\Mozilla\Firefox\Profiles\mowmpdha.default\searchplugins\Askcom.xml
Folder Deleted : C:\Program Files\Ask.com
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\Speed_eRealtor
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\blekko toolbars
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\Users\Delphine\AppData\Local\Conduit
Folder Deleted : C:\Users\Delphine\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Kiasu\AppData\Local\APN
Folder Deleted : C:\Users\Kiasu\AppData\Local\Conduit
Folder Deleted : C:\Users\Kiasu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
Folder Deleted : C:\Users\Kiasu\AppData\Local\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Folder Deleted : C:\Users\Kiasu\AppData\Local\Google\Chrome\User Data\Default\Extensions\oldlepaalnnjmdjlcplcpmhaepdghkni
Folder Deleted : C:\Users\Kiasu\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Kiasu\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Kiasu\AppData\LocalLow\Speed_eRealtor
Folder Deleted : C:\Users\Kiasu\AppData\Roaming\Media Finder
Folder Deleted : C:\Users\Kiasu\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Folder Deleted : C:\Users\Kiasu\AppData\Roaming\Mozilla\Firefox\Profiles\mowmpdha.default\CT3203373
Folder Deleted : C:\Users\Kiasu\AppData\Roaming\Mozilla\Firefox\Profiles\mowmpdha.default\extensions\{1ddbf9f6-1744-43d1-8d64-bc4ec9475556}
Folder Deleted : C:\Users\Kiasu\AppData\Roaming\Mozilla\Firefox\Profiles\mowmpdha.default\extensions\toolbar@ask.com
Folder Deleted : C:\Users\Kiasu\AppData\Roaming\Mozilla\Firefox\Profiles\mowmpdha.default\Smartbar
Folder Deleted : C:\Users\Kiasu\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Kiasu\AppData\Roaming\pdfforge
Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\Speed_eRealtor
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Google\Chrome\Extensions\oldlepaalnnjmdjlcplcpmhaepdghkni
Key Deleted : HKCU\Software\MediaFinder
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1DDBF9F6-1744-43D1-8D64-BC4EC9475556}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1DDBF9F6-1744-43D1-8D64-BC4EC9475556}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6FE3102A-3934-48DB-97E8-AF67A4848E1F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1DDBF9F6-1744-43D1-8D64-BC4EC9475556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6FE3102A-3934-48DB-97E8-AF67A4848E1F}
Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Key Deleted : HKLM\SOFTWARE\Classes\MF
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3106777
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3203373
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\oldlepaalnnjmdjlcplcpmhaepdghkni
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{13EC1854-0936-4347-80B9-B0F2C430CE28}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7D76343B-68EE-4476-808C-1F8F6755868E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DDBF9F6-1744-43D1-8D64-BC4EC9475556}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6FE3102A-3934-48DB-97E8-AF67A4848E1F}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Speed_eRealtor Toolbar
Key Deleted : HKLM\Software\Speed_eRealtor
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{1DDBF9F6-1744-43D1-8D64-BC4EC9475556}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{1DDBF9F6-1744-43D1-8D64-BC4EC9475556}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{1DDBF9F6-1744-43D1-8D64-BC4EC9475556}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{1DDBF9F6-1744-43D1-8D64-BC4EC9475556}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Deleted : HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16464

Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.funmoods.com/?f=1&a=bf4&chnl=bf4&cd=2XzuyEtN2Y1L1QzutDtDtByEtBtCzztB0F0C0D0F0CtDzyyCtN0D0Tzu0CtBtDyBtN1L2XzutBtFtCtFtDtFtAtDtC&cr=20574634 --> hxxp://www.google.com

-\\ Mozilla Firefox v19.0 (en-US)

File : C:\Users\Kiasu\AppData\Roaming\Mozilla\Firefox\Profiles\mowmpdha.default\prefs.js

Deleted : user_pref("CT3203373.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3203373.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Deleted : user_pref("CT3203373.FirstTime", "true");
Deleted : user_pref("CT3203373.FirstTimeFF3", "true");
Deleted : user_pref("CT3203373.LoginRevertSettingsEnabled", true);
Deleted : user_pref("CT3203373.RevertSettingsEnabled", true);
Deleted : user_pref("CT3203373.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT320[...]
Deleted : user_pref("CT3203373.UserID", "UN21648757804521285");
Deleted : user_pref("CT3203373.addressBarTakeOverEnabledInHidden", "true");
Deleted : user_pref("CT3203373.browser.search.defaultthis.engineName", true);
Deleted : user_pref("CT3203373.embeddedsData", "[{\"appId\":\"10000002\",\"apiPermissions\":{\"crossDomainAjax[...]
Deleted : user_pref("CT3203373.enableAlerts", "always");
Deleted : user_pref("CT3203373.enableFix404ByUser", "TRUE");
Deleted : user_pref("CT3203373.firstTimeDialogOpened", "true");
Deleted : user_pref("CT3203373.fixPageNotFoundErrorByUser", "TRUE");
Deleted : user_pref("CT3203373.fixPageNotFoundErrorInHidden", "true");
Deleted : user_pref("CT3203373.fixUrls", true);
Deleted : user_pref("CT3203373.installType", "DirectDownload");
Deleted : user_pref("CT3203373.isCheckedStartAsHidden", true);
Deleted : user_pref("CT3203373.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3203373.isFirstTimeToolbarLoading", "false");
Deleted : user_pref("CT3203373.isNewTabEnabled", false);
Deleted : user_pref("CT3203373.isPerformedSmartBarTransition", "true");
Deleted : user_pref("CT3203373.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Deleted : user_pref("CT3203373.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Deleted : user_pref("CT3203373.keyword", true);
Deleted : user_pref("CT3203373.lastVersion", "10.14.350.531");
Deleted : user_pref("CT3203373.migrateAppsAndComponents", true);
Deleted : user_pref("CT3203373.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fwww.filehippo.co[...]
Deleted : user_pref("CT3203373.personalApps", "{\"dataType\":\"object\",\"data\":\"[\\\"EMAIL_NOTIFIER\\\",\\\[...]
Deleted : user_pref("CT3203373.search.searchAppId", "10000002");
Deleted : user_pref("CT3203373.search.searchCount", "0");
Deleted : user_pref("CT3203373.searchInNewTabEnabled", "false");
Deleted : user_pref("CT3203373.searchInNewTabEnabledByUser", "false");
Deleted : user_pref("CT3203373.searchInNewTabEnabledInHidden", "true");
Deleted : user_pref("CT3203373.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3203373.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Deleted : user_pref("CT3203373.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Deleted : user_pref("CT3203373.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Deleted : user_pref("CT3203373.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3203373.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3203373.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Deleted : user_pref("CT3203373.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1362125686864");
Deleted : user_pref("CT3203373.serviceLayer_services_appsMetadata_lastUpdate", "1362550854757");
Deleted : user_pref("CT3203373.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1362126672148");
Deleted : user_pref("CT3203373.serviceLayer_services_location_lastUpdate", "1362298336483");
Deleted : user_pref("CT3203373.serviceLayer_services_login_10.13.1.89_lastUpdate", "1354752449700");
Deleted : user_pref("CT3203373.serviceLayer_services_login_10.13.40.15_lastUpdate", "1358491910067");
Deleted : user_pref("CT3203373.serviceLayer_services_login_10.14.40.128_lastUpdate", "1361147484786");
Deleted : user_pref("CT3203373.serviceLayer_services_login_10.14.65.43_lastUpdate", "1362356067338");
Deleted : user_pref("CT3203373.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1362126672187");
Deleted : user_pref("CT3203373.serviceLayer_services_searchAPI_lastUpdate", "1362298336514");
Deleted : user_pref("CT3203373.serviceLayer_services_serviceMap_lastUpdate", "1362298335793");
Deleted : user_pref("CT3203373.serviceLayer_services_setupAPI_lastUpdate", "1362298337000");
Deleted : user_pref("CT3203373.serviceLayer_services_toolbarContextMenu_lastUpdate", "1362126672106");
Deleted : user_pref("CT3203373.serviceLayer_services_toolbarSettings_lastUpdate", "1362550859473");
Deleted : user_pref("CT3203373.serviceLayer_services_translation_lastUpdate", "1362298457929");
Deleted : user_pref("CT3203373.settingsINI", true);
Deleted : user_pref("CT3203373.smartbar.CTID", "CT3203373");
Deleted : user_pref("CT3203373.smartbar.Uninstall", "0");
Deleted : user_pref("CT3203373.smartbar.toolbarName", "SpeedeRealtor ");
Deleted : user_pref("CT3203373.toolbarBornServerTime", "9-11-2012");
Deleted : user_pref("CT3203373.toolbarCurrentServerTime", "4-3-2013");
Deleted : user_pref("CT3203373_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Deleted : user_pref("Smartbar.ConduitSearchEngineList", "");
Deleted : user_pref("Smartbar.ConduitSearchUrlList", "");
Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3203373");
Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Deleted : user_pref("browser.search.defaultenginename", "Ask.com");
Deleted : user_pref("browser.search.order.1", "Ask.com");
Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://search.conduit.com/ResultsExt.aspx?cti[...]
Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3203373&SearchSource=2&CU[...]
Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT[...]
Deleted : user_pref("smartbar.machineId", "O5FGWNKN1UGRNWG+/F7LEQXD5UCJXY1VJJ3+EVQRU7JRM5/XR8UAVL7LGRWEFIYGGMS[...]
Deleted : user_pref("smartbar.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT320[...]

-\\ Google Chrome v25.0.1364.152

File : C:\Users\Kiasu\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.43] : icon_url = "hxxp://www.ask.com/favicon.ico",
Deleted [l.46] : keyword = "ask.com",
Deleted [l.49] : search_url = "hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=61[...]
Deleted [l.50] : suggest_url = "hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms[...]

*************************

AdwCleaner[R1].txt - [19763 octets] - [07/03/2013 15:07:10]
AdwCleaner[S1].txt - [19758 octets] - [07/03/2013 15:10:28]

########## EOF - C:\AdwCleaner[S1].txt - [19819 octets] ##########





@@@@@@ This is from TDSSKiller.2.8.16.0_07.03.2013_15.40.03_log @@@@@@

15:40:03.0981 4052 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:40:04.0647 4052 ============================================================
15:40:04.0647 4052 Current date / time: 2013/03/07 15:40:04.0647
15:40:04.0647 4052 SystemInfo:
15:40:04.0647 4052
15:40:04.0648 4052 OS Version: 6.1.7601 ServicePack: 1.0
15:40:04.0648 4052 Product type: Workstation
15:40:04.0648 4052 ComputerName: BDG-DT01
15:40:04.0648 4052 UserName: Kiasu
15:40:04.0648 4052 Windows directory: C:\Windows
15:40:04.0648 4052 System windows directory: C:\Windows
15:40:04.0648 4052 Processor architecture: Intel x86
15:40:04.0648 4052 Number of processors: 2
15:40:04.0648 4052 Page size: 0x1000
15:40:04.0648 4052 Boot type: Normal boot
15:40:04.0648 4052 ============================================================
15:40:06.0458 4052 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:40:06.0498 4052 Drive \Device\Harddisk6\DR6 - Size: 0x736D10000 (28.86 Gb), SectorSize: 0x200, Cylinders: 0xEB6, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:40:06.0500 4052 ============================================================
15:40:06.0500 4052 \Device\Harddisk0\DR0:
15:40:06.0574 4052 MBR partitions:
15:40:06.0575 4052 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
15:40:06.0575 4052 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x11AE7000
15:40:06.0575 4052 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x13919800, BlocksNum 0x11B14800
15:40:06.0575 4052 \Device\Harddisk6\DR6:
15:40:06.0575 4052 MBR partitions:
15:40:06.0575 4052 \Device\Harddisk6\DR6\Partition1: MBR, Type 0xC, StartLBA 0x1F80, BlocksNum 0x39B4900
15:40:06.0575 4052 ============================================================
15:40:06.0618 4052 C: <-> \Device\Harddisk0\DR0\Partition2
15:40:06.0693 4052 D: <-> \Device\Harddisk0\DR0\Partition3
15:40:06.0726 4052 ============================================================
15:40:06.0726 4052 Initialize success
15:40:06.0726 4052 ============================================================
15:41:17.0000 2208 ============================================================
15:41:17.0000 2208 Scan started
15:41:17.0000 2208 Mode: Manual; SigCheck; TDLFS;
15:41:17.0000 2208 ============================================================
15:41:17.0229 2208 ================ Scan system memory ========================
15:41:17.0229 2208 System memory - ok
15:41:17.0229 2208 ================ Scan services =============================
15:41:17.0465 2208 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:41:17.0560 2208 1394ohci - ok
15:41:17.0581 2208 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:41:17.0595 2208 ACPI - ok
15:41:17.0621 2208 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:41:17.0692 2208 AcpiPmi - ok
15:41:17.0813 2208 [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:41:17.0834 2208 AdobeFlashPlayerUpdateSvc - ok
15:41:17.0873 2208 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:41:17.0894 2208 adp94xx - ok
15:41:17.0907 2208 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:41:17.0923 2208 adpahci - ok
15:41:17.0933 2208 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:41:17.0947 2208 adpu320 - ok
15:41:17.0971 2208 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:41:18.0021 2208 AeLookupSvc - ok
15:41:18.0064 2208 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
15:41:18.0103 2208 AFD - ok
15:41:18.0140 2208 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
15:41:18.0153 2208 agp440 - ok
15:41:18.0185 2208 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
15:41:18.0207 2208 aic78xx - ok
15:41:18.0243 2208 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
15:41:18.0289 2208 ALG - ok
15:41:18.0319 2208 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
15:41:18.0330 2208 aliide - ok
15:41:18.0349 2208 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
15:41:18.0361 2208 amdagp - ok
15:41:18.0378 2208 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
15:41:18.0388 2208 amdide - ok
15:41:18.0419 2208 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:41:18.0465 2208 AmdK8 - ok
15:41:18.0483 2208 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:41:18.0509 2208 AmdPPM - ok
15:41:18.0543 2208 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:41:18.0558 2208 amdsata - ok
15:41:18.0583 2208 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:41:18.0598 2208 amdsbs - ok
15:41:18.0617 2208 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:41:18.0627 2208 amdxata - ok
15:41:18.0670 2208 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
15:41:18.0761 2208 AppID - ok
15:41:18.0800 2208 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:41:18.0843 2208 AppIDSvc - ok
15:41:18.0896 2208 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
15:41:18.0934 2208 Appinfo - ok
15:41:19.0062 2208 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:41:19.0080 2208 Apple Mobile Device - ok
15:41:19.0127 2208 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
15:41:19.0139 2208 arc - ok
15:41:19.0161 2208 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:41:19.0174 2208 arcsas - ok
15:41:19.0278 2208 [ 2FE0D5DB69014980A970D3BF9A85D2B1 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
15:41:19.0311 2208 aspnet_state - ok
15:41:19.0346 2208 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:41:19.0418 2208 AsyncMac - ok
15:41:19.0455 2208 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
15:41:19.0465 2208 atapi - ok
15:41:19.0511 2208 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:41:19.0552 2208 AudioEndpointBuilder - ok
15:41:19.0562 2208 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
15:41:19.0586 2208 Audiosrv - ok
15:41:19.0632 2208 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:41:19.0677 2208 AxInstSV - ok
15:41:19.0706 2208 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
15:41:19.0753 2208 b06bdrv - ok
15:41:19.0787 2208 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
15:41:19.0799 2208 b57nd60x - ok
15:41:19.0838 2208 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
15:41:19.0862 2208 BDESVC - ok
15:41:19.0885 2208 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
15:41:19.0921 2208 Beep - ok
15:41:19.0975 2208 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
15:41:20.0017 2208 BFE - ok
15:41:20.0039 2208 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\system32\qmgr.dll
15:41:20.0087 2208 BITS - ok
15:41:20.0113 2208 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:41:20.0138 2208 blbdrive - ok
15:41:20.0221 2208 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:41:20.0242 2208 Bonjour Service - ok
15:41:20.0290 2208 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:41:20.0353 2208 bowser - ok
15:41:20.0372 2208 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:41:20.0423 2208 BrFiltLo - ok
15:41:20.0433 2208 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:41:20.0455 2208 BrFiltUp - ok
15:41:20.0481 2208 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
15:41:20.0513 2208 BridgeMP - ok
15:41:20.0547 2208 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
15:41:20.0596 2208 Browser - ok
15:41:20.0619 2208 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:41:20.0654 2208 Brserid - ok
15:41:20.0669 2208 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:41:20.0685 2208 BrSerWdm - ok
15:41:20.0747 2208 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:41:20.0778 2208 BrUsbMdm - ok
15:41:20.0799 2208 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:41:20.0840 2208 BrUsbSer - ok
15:41:20.0858 2208 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:41:20.0883 2208 BTHMODEM - ok
15:41:20.0916 2208 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
15:41:20.0949 2208 bthserv - ok
15:41:21.0061 2208 catchme - ok
15:41:21.0089 2208 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:41:21.0138 2208 cdfs - ok
15:41:21.0186 2208 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:41:21.0212 2208 cdrom - ok
15:41:21.0250 2208 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
15:41:21.0282 2208 CertPropSvc - ok
15:41:21.0312 2208 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:41:21.0324 2208 circlass - ok
15:41:21.0350 2208 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
15:41:21.0364 2208 CLFS - ok
15:41:21.0402 2208 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:41:21.0414 2208 clr_optimization_v2.0.50727_32 - ok
15:41:21.0456 2208 [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:41:21.0509 2208 clr_optimization_v4.0.30319_32 - ok
15:41:21.0541 2208 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:41:21.0566 2208 CmBatt - ok
15:41:21.0580 2208 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:41:21.0591 2208 cmdide - ok
15:41:21.0637 2208 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
15:41:21.0672 2208 CNG - ok
15:41:21.0689 2208 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:41:21.0699 2208 Compbatt - ok
15:41:21.0723 2208 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:41:21.0753 2208 CompositeBus - ok
15:41:21.0778 2208 COMSysApp - ok
15:41:21.0792 2208 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:41:21.0803 2208 crcdisk - ok
15:41:21.0849 2208 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:41:21.0892 2208 CryptSvc - ok
15:41:21.0937 2208 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
15:41:21.0996 2208 DcomLaunch - ok
15:41:22.0026 2208 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
15:41:22.0074 2208 defragsvc - ok
15:41:22.0107 2208 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:41:22.0146 2208 DfsC - ok
15:41:22.0195 2208 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
15:41:22.0242 2208 Dhcp - ok
15:41:22.0259 2208 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
15:41:22.0283 2208 discache - ok
15:41:22.0305 2208 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:41:22.0317 2208 Disk - ok
15:41:22.0355 2208 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:41:22.0375 2208 Dnscache - ok
15:41:22.0416 2208 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
15:41:22.0456 2208 dot3svc - ok
15:41:22.0499 2208 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
15:41:22.0541 2208 DPS - ok
15:41:22.0561 2208 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:41:22.0573 2208 drmkaud - ok
15:41:22.0627 2208 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:41:22.0656 2208 DXGKrnl - ok
15:41:22.0682 2208 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
15:41:22.0718 2208 EapHost - ok
15:41:22.0799 2208 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
15:41:22.0906 2208 ebdrv - ok
15:41:22.0942 2208 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
15:41:22.0981 2208 EFS - ok
15:41:23.0053 2208 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:41:23.0152 2208 ehRecvr - ok
15:41:23.0177 2208 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
15:41:23.0316 2208 ehSched - ok
15:41:23.0374 2208 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:41:23.0402 2208 elxstor - ok
15:41:23.0432 2208 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:41:23.0457 2208 ErrDev - ok
15:41:23.0499 2208 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
15:41:23.0535 2208 EventSystem - ok
15:41:23.0557 2208 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
15:41:23.0590 2208 exfat - ok
15:41:23.0609 2208 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:41:23.0634 2208 fastfat - ok
15:41:23.0679 2208 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
15:41:23.0726 2208 Fax - ok
15:41:23.0746 2208 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:41:23.0757 2208 fdc - ok
15:41:23.0786 2208 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
15:41:23.0808 2208 fdPHost - ok
15:41:23.0819 2208 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
15:41:23.0859 2208 FDResPub - ok
15:41:23.0880 2208 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:41:23.0891 2208 FileInfo - ok
15:41:23.0903 2208 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:41:23.0939 2208 Filetrace - ok
15:41:23.0995 2208 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
15:41:24.0116 2208 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
15:41:24.0116 2208 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
15:41:24.0131 2208 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:41:24.0152 2208 flpydisk - ok
15:41:24.0183 2208 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:41:24.0197 2208 FltMgr - ok
15:41:24.0255 2208 [ E12C4928B32ACE04610259647F072635 ] FontCache C:\Windows\system32\FntCache.dll
15:41:24.0347 2208 FontCache - ok
15:41:24.0396 2208 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:41:24.0411 2208 FontCache3.0.0.0 - ok
15:41:24.0478 2208 [ B53D64A7BA4BC661B0BAF6453F6FC743 ] ForceWare Intelligent Application Manager (IAM) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
15:41:24.0511 2208 ForceWare Intelligent Application Manager (IAM) - ok
15:41:24.0541 2208 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:41:24.0551 2208 FsDepends - ok
15:41:24.0588 2208 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:41:24.0599 2208 Fs_Rec - ok
15:41:24.0648 2208 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:41:24.0663 2208 fvevol - ok
15:41:24.0682 2208 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:41:24.0694 2208 gagp30kx - ok
15:41:24.0762 2208 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:41:24.0772 2208 GEARAspiWDM - ok
15:41:24.0813 2208 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
15:41:24.0859 2208 gpsvc - ok
15:41:24.0922 2208 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
15:41:24.0938 2208 gupdate - ok
15:41:24.0956 2208 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
15:41:24.0972 2208 gupdatem - ok
15:41:25.0000 2208 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
15:41:25.0018 2208 gusvc - ok
15:41:25.0048 2208 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:41:25.0085 2208 hcw85cir - ok
15:41:25.0121 2208 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:41:25.0145 2208 HdAudAddService - ok
15:41:25.0180 2208 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
15:41:25.0209 2208 HDAudBus - ok
15:41:25.0232 2208 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:41:25.0245 2208 HidBatt - ok
15:41:25.0307 2208 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:41:25.0326 2208 HidBth - ok
15:41:25.0333 2208 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:41:25.0359 2208 HidIr - ok
15:41:25.0390 2208 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll
15:41:25.0442 2208 hidserv - ok
15:41:25.0476 2208 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:41:25.0507 2208 HidUsb - ok
15:41:25.0540 2208 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:41:25.0564 2208 hkmsvc - ok
15:41:25.0605 2208 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:41:25.0661 2208 HomeGroupListener - ok
15:41:25.0699 2208 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:41:25.0725 2208 HomeGroupProvider - ok
15:41:25.0758 2208 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:41:25.0772 2208 HpSAMD - ok
15:41:25.0835 2208 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:41:25.0871 2208 HTTP - ok
15:41:25.0886 2208 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:41:25.0897 2208 hwpolicy - ok
15:41:25.0938 2208 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:41:25.0971 2208 i8042prt - ok
15:41:26.0007 2208 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:41:26.0026 2208 iaStorV - ok
15:41:26.0087 2208 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
15:41:26.0147 2208 IDriverT ( UnsignedFile.Multi.Generic ) - warning
15:41:26.0147 2208 IDriverT - detected UnsignedFile.Multi.Generic (1)
15:41:26.0207 2208 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:41:26.0244 2208 idsvc - ok
15:41:26.0275 2208 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:41:26.0287 2208 iirsp - ok
15:41:26.0341 2208 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
15:41:26.0381 2208 IKEEXT - ok
15:41:26.0467 2208 [ E345EC27C8DFF8728F5C6F0413699DC5 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
15:41:26.0551 2208 IntcAzAudAddService - ok
15:41:26.0579 2208 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
15:41:26.0590 2208 intelide - ok
15:41:26.0631 2208 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:41:26.0643 2208 intelppm - ok
15:41:26.0670 2208 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:41:26.0780 2208 IPBusEnum - ok
15:41:26.0817 2208 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:41:26.0862 2208 IpFilterDriver - ok
15:41:26.0917 2208 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:41:26.0949 2208 iphlpsvc - ok
15:41:26.0981 2208 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:41:27.0007 2208 IPMIDRV - ok
15:41:27.0038 2208 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:41:27.0084 2208 IPNAT - ok
15:41:27.0143 2208 [ E46B17060D3962A384AE484094614788 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:41:27.0163 2208 iPod Service - ok
15:41:27.0200 2208 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:41:27.0273 2208 IRENUM - ok
15:41:27.0298 2208 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:41:27.0314 2208 isapnp - ok
15:41:27.0344 2208 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:41:27.0358 2208 iScsiPrt - ok
15:41:27.0391 2208 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:41:27.0402 2208 kbdclass - ok
15:41:27.0424 2208 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:41:27.0448 2208 kbdhid - ok
15:41:27.0462 2208 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
15:41:27.0473 2208 KeyIso - ok
15:41:27.0503 2208 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:41:27.0514 2208 KSecDD - ok
15:41:27.0550 2208 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:41:27.0563 2208 KSecPkg - ok
15:41:27.0604 2208 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
15:41:27.0713 2208 KtmRm - ok
15:41:27.0751 2208 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\System32\srvsvc.dll
15:41:27.0805 2208 LanmanServer - ok
15:41:27.0844 2208 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:41:27.0900 2208 LanmanWorkstation - ok
15:41:27.0944 2208 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:41:27.0984 2208 lltdio - ok
15:41:28.0023 2208 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:41:28.0067 2208 lltdsvc - ok
15:41:28.0095 2208 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
15:41:28.0137 2208 lmhosts - ok
15:41:28.0181 2208 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:41:28.0197 2208 LSI_FC - ok
15:41:28.0217 2208 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:41:28.0229 2208 LSI_SAS - ok
15:41:28.0245 2208 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:41:28.0256 2208 LSI_SAS2 - ok
15:41:28.0264 2208 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:41:28.0277 2208 LSI_SCSI - ok
15:41:28.0300 2208 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
15:41:28.0343 2208 luafv - ok
15:41:28.0375 2208 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:41:28.0389 2208 Mcx2Svc - ok
15:41:28.0407 2208 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:41:28.0421 2208 megasas - ok
15:41:28.0449 2208 [ DCBAB2920C

 

[kuttus]

Please post the TDSSKiller Log once again.. I think it is cut off...

 

[Kiasu]

I am still unable to download Junkware Removal Tool

 

[Kiasu]

@@@@@@ Reposting of TDSSKiller.2.8.16.0_07.03.2013_15.40.03_log @@@@@@

15:40:03.0981 4052 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:40:04.0647 4052 ============================================================
15:40:04.0647 4052 Current date / time: 2013/03/07 15:40:04.0647
15:40:04.0647 4052 SystemInfo:
15:40:04.0647 4052
15:40:04.0648 4052 OS Version: 6.1.7601 ServicePack: 1.0
15:40:04.0648 4052 Product type: Workstation
15:40:04.0648 4052 ComputerName: BDG-DT01
15:40:04.0648 4052 UserName: Kiasu
15:40:04.0648 4052 Windows directory: C:\Windows
15:40:04.0648 4052 System windows directory: C:\Windows
15:40:04.0648 4052 Processor architecture: Intel x86
15:40:04.0648 4052 Number of processors: 2
15:40:04.0648 4052 Page size: 0x1000
15:40:04.0648 4052 Boot type: Normal boot
15:40:04.0648 4052 ============================================================
15:40:06.0458 4052 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:40:06.0498 4052 Drive \Device\Harddisk6\DR6 - Size: 0x736D10000 (28.86 Gb), SectorSize: 0x200, Cylinders: 0xEB6, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:40:06.0500 4052 ============================================================
15:40:06.0500 4052 \Device\Harddisk0\DR0:
15:40:06.0574 4052 MBR partitions:
15:40:06.0575 4052 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
15:40:06.0575 4052 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x11AE7000
15:40:06.0575 4052 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x13919800, BlocksNum 0x11B14800
15:40:06.0575 4052 \Device\Harddisk6\DR6:
15:40:06.0575 4052 MBR partitions:
15:40:06.0575 4052 \Device\Harddisk6\DR6\Partition1: MBR, Type 0xC, StartLBA 0x1F80, BlocksNum 0x39B4900
15:40:06.0575 4052 ============================================================
15:40:06.0618 4052 C: <-> \Device\Harddisk0\DR0\Partition2
15:40:06.0693 4052 D: <-> \Device\Harddisk0\DR0\Partition3
15:40:06.0726 4052 ============================================================
15:40:06.0726 4052 Initialize success
15:40:06.0726 4052 ============================================================
15:41:17.0000 2208 ============================================================
15:41:17.0000 2208 Scan started
15:41:17.0000 2208 Mode: Manual; SigCheck; TDLFS;
15:41:17.0000 2208 ============================================================
15:41:17.0229 2208 ================ Scan system memory ========================
15:41:17.0229 2208 System memory - ok
15:41:17.0229 2208 ================ Scan services =============================
15:41:17.0465 2208 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:41:17.0560 2208 1394ohci - ok
15:41:17.0581 2208 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:41:17.0595 2208 ACPI - ok
15:41:17.0621 2208 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:41:17.0692 2208 AcpiPmi - ok
15:41:17.0813 2208 [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:41:17.0834 2208 AdobeFlashPlayerUpdateSvc - ok
15:41:17.0873 2208 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:41:17.0894 2208 adp94xx - ok
15:41:17.0907 2208 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:41:17.0923 2208 adpahci - ok
15:41:17.0933 2208 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:41:17.0947 2208 adpu320 - ok
15:41:17.0971 2208 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:41:18.0021 2208 AeLookupSvc - ok
15:41:18.0064 2208 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
15:41:18.0103 2208 AFD - ok
15:41:18.0140 2208 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
15:41:18.0153 2208 agp440 - ok
15:41:18.0185 2208 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
15:41:18.0207 2208 aic78xx - ok
15:41:18.0243 2208 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
15:41:18.0289 2208 ALG - ok
15:41:18.0319 2208 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
15:41:18.0330 2208 aliide - ok
15:41:18.0349 2208 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
15:41:18.0361 2208 amdagp - ok
15:41:18.0378 2208 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
15:41:18.0388 2208 amdide - ok
15:41:18.0419 2208 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:41:18.0465 2208 AmdK8 - ok
15:41:18.0483 2208 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:41:18.0509 2208 AmdPPM - ok
15:41:18.0543 2208 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:41:18.0558 2208 amdsata - ok
15:41:18.0583 2208 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:41:18.0598 2208 amdsbs - ok
15:41:18.0617 2208 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:41:18.0627 2208 amdxata - ok
15:41:18.0670 2208 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
15:41:18.0761 2208 AppID - ok
15:41:18.0800 2208 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:41:18.0843 2208 AppIDSvc - ok
15:41:18.0896 2208 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
15:41:18.0934 2208 Appinfo - ok
15:41:19.0062 2208 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:41:19.0080 2208 Apple Mobile Device - ok
15:41:19.0127 2208 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
15:41:19.0139 2208 arc - ok
15:41:19.0161 2208 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:41:19.0174 2208 arcsas - ok
15:41:19.0278 2208 [ 2FE0D5DB69014980A970D3BF9A85D2B1 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
15:41:19.0311 2208 aspnet_state - ok
15:41:19.0346 2208 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:41:19.0418 2208 AsyncMac - ok
15:41:19.0455 2208 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
15:41:19.0465 2208 atapi - ok
15:41:19.0511 2208 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:41:19.0552 2208 AudioEndpointBuilder - ok
15:41:19.0562 2208 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
15:41:19.0586 2208 Audiosrv - ok
15:41:19.0632 2208 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:41:19.0677 2208 AxInstSV - ok
15:41:19.0706 2208 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
15:41:19.0753 2208 b06bdrv - ok
15:41:19.0787 2208 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
15:41:19.0799 2208 b57nd60x - ok
15:41:19.0838 2208 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
15:41:19.0862 2208 BDESVC - ok
15:41:19.0885 2208 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
15:41:19.0921 2208 Beep - ok
15:41:19.0975 2208 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
15:41:20.0017 2208 BFE - ok
15:41:20.0039 2208 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\system32\qmgr.dll
15:41:20.0087 2208 BITS - ok
15:41:20.0113 2208 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:41:20.0138 2208 blbdrive - ok
15:41:20.0221 2208 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:41:20.0242 2208 Bonjour Service - ok
15:41:20.0290 2208 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:41:20.0353 2208 bowser - ok
15:41:20.0372 2208 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:41:20.0423 2208 BrFiltLo - ok
15:41:20.0433 2208 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:41:20.0455 2208 BrFiltUp - ok
15:41:20.0481 2208 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
15:41:20.0513 2208 BridgeMP - ok
15:41:20.0547 2208 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
15:41:20.0596 2208 Browser - ok
15:41:20.0619 2208 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:41:20.0654 2208 Brserid - ok
15:41:20.0669 2208 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:41:20.0685 2208 BrSerWdm - ok
15:41:20.0747 2208 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:41:20.0778 2208 BrUsbMdm - ok
15:41:20.0799 2208 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:41:20.0840 2208 BrUsbSer - ok
15:41:20.0858 2208 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:41:20.0883 2208 BTHMODEM - ok
15:41:20.0916 2208 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
15:41:20.0949 2208 bthserv - ok
15:41:21.0061 2208 catchme - ok
15:41:21.0089 2208 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:41:21.0138 2208 cdfs - ok
15:41:21.0186 2208 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:41:21.0212 2208 cdrom - ok
15:41:21.0250 2208 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
15:41:21.0282 2208 CertPropSvc - ok
15:41:21.0312 2208 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:41:21.0324 2208 circlass - ok
15:41:21.0350 2208 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
15:41:21.0364 2208 CLFS - ok
15:41:21.0402 2208 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:41:21.0414 2208 clr_optimization_v2.0.50727_32 - ok
15:41:21.0456 2208 [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:41:21.0509 2208 clr_optimization_v4.0.30319_32 - ok
15:41:21.0541 2208 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:41:21.0566 2208 CmBatt - ok
15:41:21.0580 2208 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:41:21.0591 2208 cmdide - ok
15:41:21.0637 2208 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
15:41:21.0672 2208 CNG - ok
15:41:21.0689 2208 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:41:21.0699 2208 Compbatt - ok
15:41:21.0723 2208 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:41:21.0753 2208 CompositeBus - ok
15:41:21.0778 2208 COMSysApp - ok
15:41:21.0792 2208 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:41:21.0803 2208 crcdisk - ok
15:41:21.0849 2208 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:41:21.0892 2208 CryptSvc - ok
15:41:21.0937 2208 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
15:41:21.0996 2208 DcomLaunch - ok
15:41:22.0026 2208 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
15:41:22.0074 2208 defragsvc - ok
15:41:22.0107 2208 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:41:22.0146 2208 DfsC - ok
15:41:22.0195 2208 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
15:41:22.0242 2208 Dhcp - ok
15:41:22.0259 2208 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
15:41:22.0283 2208 discache - ok
15:41:22.0305 2208 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:41:22.0317 2208 Disk - ok
15:41:22.0355 2208 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:41:22.0375 2208 Dnscache - ok
15:41:22.0416 2208 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
15:41:22.0456 2208 dot3svc - ok
15:41:22.0499 2208 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
15:41:22.0541 2208 DPS - ok
15:41:22.0561 2208 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:41:22.0573 2208 drmkaud - ok
15:41:22.0627 2208 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:41:22.0656 2208 DXGKrnl - ok
15:41:22.0682 2208 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
15:41:22.0718 2208 EapHost - ok
15:41:22.0799 2208 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
15:41:22.0906 2208 ebdrv - ok
15:41:22.0942 2208 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
15:41:22.0981 2208 EFS - ok
15:41:23.0053 2208 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:41:23.0152 2208 ehRecvr - ok
15:41:23.0177 2208 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
15:41:23.0316 2208 ehSched - ok
15:41:23.0374 2208 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:41:23.0402 2208 elxstor - ok
15:41:23.0432 2208 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:41:23.0457 2208 ErrDev - ok
15:41:23.0499 2208 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
15:41:23.0535 2208 EventSystem - ok
15:41:23.0557 2208 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
15:41:23.0590 2208 exfat - ok
15:41:23.0609 2208 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:41:23.0634 2208 fastfat - ok
15:41:23.0679 2208 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
15:41:23.0726 2208 Fax - ok
15:41:23.0746 2208 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:41:23.0757 2208 fdc - ok
15:41:23.0786 2208 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
15:41:23.0808 2208 fdPHost - ok
15:41:23.0819 2208 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
15:41:23.0859 2208 FDResPub - ok
15:41:23.0880 2208 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:41:23.0891 2208 FileInfo - ok
15:41:23.0903 2208 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:41:23.0939 2208 Filetrace - ok
15:41:23.0995 2208 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
15:41:24.0116 2208 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
15:41:24.0116 2208 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
15:41:24.0131 2208 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:41:24.0152 2208 flpydisk - ok
15:41:24.0183 2208 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:41:24.0197 2208 FltMgr - ok
15:41:24.0255 2208 [ E12C4928B32ACE04610259647F072635 ] FontCache C:\Windows\system32\FntCache.dll
15:41:24.0347 2208 FontCache - ok
15:41:24.0396 2208 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:41:24.0411 2208 FontCache3.0.0.0 - ok
15:41:24.0478 2208 [ B53D64A7BA4BC661B0BAF6453F6FC743 ] ForceWare Intelligent Application Manager (IAM) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
15:41:24.0511 2208 ForceWare Intelligent Application Manager (IAM) - ok
15:41:24.0541 2208 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:41:24.0551 2208 FsDepends - ok
15:41:24.0588 2208 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:41:24.0599 2208 Fs_Rec - ok
15:41:24.0648 2208 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:41:24.0663 2208 fvevol - ok
15:41:24.0682 2208 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:41:24.0694 2208 gagp30kx - ok
15:41:24.0762 2208 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:41:24.0772 2208 GEARAspiWDM - ok
15:41:24.0813 2208 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
15:41:24.0859 2208 gpsvc - ok
15:41:24.0922 2208 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
15:41:24.0938 2208 gupdate - ok
15:41:24.0956 2208 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
15:41:24.0972 2208 gupdatem - ok
15:41:25.0000 2208 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
15:41:25.0018 2208 gusvc - ok
15:41:25.0048 2208 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:41:25.0085 2208 hcw85cir - ok
15:41:25.0121 2208 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:41:25.0145 2208 HdAudAddService - ok
15:41:25.0180 2208 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
15:41:25.0209 2208 HDAudBus - ok
15:41:25.0232 2208 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:41:25.0245 2208 HidBatt - ok
15:41:25.0307 2208 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:41:25.0326 2208 HidBth - ok
15:41:25.0333 2208 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:41:25.0359 2208 HidIr - ok
15:41:25.0390 2208 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll
15:41:25.0442 2208 hidserv - ok
15:41:25.0476 2208 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:41:25.0507 2208 HidUsb - ok
15:41:25.0540 2208 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:41:25.0564 2208 hkmsvc - ok
15:41:25.0605 2208 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:41:25.0661 2208 HomeGroupListener - ok
15:41:25.0699 2208 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:41:25.0725 2208 HomeGroupProvider - ok
15:41:25.0758 2208 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:41:25.0772 2208 HpSAMD - ok
15:41:25.0835 2208 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:41:25.0871 2208 HTTP - ok
15:41:25.0886 2208 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:41:25.0897 2208 hwpolicy - ok
15:41:25.0938 2208 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:41:25.0971 2208 i8042prt - ok
15:41:26.0007 2208 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:41:26.0026 2208 iaStorV - ok
15:41:26.0087 2208 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
15:41:26.0147 2208 IDriverT ( UnsignedFile.Multi.Generic ) - warning
15:41:26.0147 2208 IDriverT - detected UnsignedFile.Multi.Generic (1)
15:41:26.0207 2208 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:41:26.0244 2208 idsvc - ok
15:41:26.0275 2208 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:41:26.0287 2208 iirsp - ok
15:41:26.0341 2208 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
15:41:26.0381 2208 IKEEXT - ok
15:41:26.0467 2208 [ E345EC27C8DFF8728F5C6F0413699DC5 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
15:41:26.0551 2208 IntcAzAudAddService - ok
15:41:26.0579 2208 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
15:41:26.0590 2208 intelide - ok
15:41:26.0631 2208 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:41:26.0643 2208 intelppm - ok
15:41:26.0670 2208 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:41:26.0780 2208 IPBusEnum - ok
15:41:26.0817 2208 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:41:26.0862 2208 IpFilterDriver - ok
15:41:26.0917 2208 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:41:26.0949 2208 iphlpsvc - ok
15:41:26.0981 2208 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:41:27.0007 2208 IPMIDRV - ok
15:41:27.0038 2208 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:41:27.0084 2208 IPNAT - ok
15:41:27.0143 2208 [ E46B17060D3962A384AE484094614788 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:41:27.0163 2208 iPod Service - ok
15:41:27.0200 2208 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:41:27.0273 2208 IRENUM - ok
15:41:27.0298 2208 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:41:27.0314 2208 isapnp - ok
15:41:27.0344 2208 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:41:27.0358 2208 iScsiPrt - ok
15:41:27.0391 2208 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:41:27.0402 2208 kbdclass - ok
15:41:27.0424 2208 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:41:27.0448 2208 kbdhid - ok
15:41:27.0462 2208 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
15:41:27.0473 2208 KeyIso - ok
15:41:27.0503 2208 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:41:27.0514 2208 KSecDD - ok
15:41:27.0550 2208 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:41:27.0563 2208 KSecPkg - ok
15:41:27.0604 2208 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
15:41:27.0713 2208 KtmRm - ok
15:41:27.0751 2208 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\System32\srvsvc.dll
15:41:27.0805 2208 LanmanServer - ok
15:41:27.0844 2208 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:41:27.0900 2208 LanmanWorkstation - ok
15:41:27.0944 2208 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:41:27.0984 2208 lltdio - ok
15:41:28.0023 2208 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:41:28.0067 2208 lltdsvc - ok
15:41:28.0095 2208 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
15:41:28.0137 2208 lmhosts - ok
15:41:28.0181 2208 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:41:28.0197 2208 LSI_FC - ok
15:41:28.0217 2208 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:41:28.0229 2208 LSI_SAS - ok
15:41:28.0245 2208 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:41:28.0256 2208 LSI_SAS2 - ok
15:41:28.0264 2208 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:41:28.0277 2208 LSI_SCSI - ok
15:41:28.0300 2208 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
15:41:28.0343 2208 luafv - ok
15:41:28.0375 2208 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:41:28.0389 2208 Mcx2Svc - ok
15:41:28.0407 2208 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:41:28.0421 2208 megasas - ok
15:41:28.0449 2208 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:41:28.0464 2208 MegaSR - ok
15:41:28.0486 2208 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
15:41:28.0520 2208 MMCSS - ok
15:41:28.0532 2208 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
15:41:28.0569 2208 Modem - ok
15:41:28.0600 2208 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:41:28.0623 2208 monitor - ok
15:41:28.0643 2208 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:41:28.0654 2208 mouclass - ok
15:41:28.0679 2208 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:41:28.0691 2208 mouhid - ok
15:41:28.0721 2208 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:41:28.0733 2208 mountmgr - ok
15:41:28.0791 2208 [ 5C5E45DDABEFBC9F564F1D5C83258B8F ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
15:41:28.0807 2208 MozillaMaintenance - ok
15:41:28.0841 2208 [ CF105EE42E3F71E648CEBB3F666E1CF0 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
15:41:28.0858 2208 MpFilter - ok
15:41:28.0881 2208 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
15:41:28.0894 2208 mpio - ok
15:41:28.0999 2208 [ A69630D039C38018689190234F866D77 ] MpKsl88711535 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F9EBA8F0-1958-443B-918D-4C2B19656E6F}\MpKsl88711535.sys
15:41:29.0013 2208 MpKsl88711535 - ok
15:41:29.0046 2208 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:41:29.0089 2208 mpsdrv - ok
15:41:29.0149 2208 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:41:29.0225 2208 MpsSvc - ok
15:41:29.0252 2208 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:41:29.0277 2208 MRxDAV - ok
15:41:29.0301 2208 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:41:29.0341 2208 mrxsmb - ok
15:41:29.0386 2208 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:41:29.0400 2208 mrxsmb10 - ok
15:41:29.0418 2208 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:41:29.0430 2208 mrxsmb20 - ok
15:41:29.0450 2208 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
15:41:29.0463 2208 msahci - ok
15:41:29.0493 2208 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:41:29.0507 2208 msdsm - ok
15:41:29.0528 2208 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
15:41:29.0554 2208 MSDTC - ok
15:41:29.0595 2208 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:41:29.0617 2208 Msfs - ok
15:41:29.0631 2208 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:41:29.0670 2208 mshidkmdf - ok
15:41:29.0692 2208 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:41:29.0703 2208 msisadrv - ok
15:41:29.0731 2208 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:41:29.0764 2208 MSiSCSI - ok
15:41:29.0771 2208 msiserver - ok
15:41:29.0801 2208 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:41:29.0823 2208 MSKSSRV - ok
15:41:29.0879 2208 [ C1F19D2BACBEE9AB64D9AE69E9859AC0 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
15:41:29.0898 2208 MsMpSvc - ok
15:41:29.0912 2208 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:41:29.0942 2208 MSPCLOCK - ok
15:41:29.0962 2208 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:41:30.0002 2208 MSPQM - ok
15:41:30.0029 2208 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:41:30.0043 2208 MsRPC - ok
15:41:30.0078 2208 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:41:30.0089 2208 mssmbios - ok
15:41:30.0104 2208 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:41:30.0126 2208 MSTEE - ok
15:41:30.0141 2208 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:41:30.0165 2208 MTConfig - ok
15:41:30.0178 2208 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
15:41:30.0191 2208 Mup - ok
15:41:30.0232 2208 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
15:41:30.0260 2208 napagent - ok
15:41:30.0299 2208 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:41:30.0316 2208 NativeWifiP - ok
15:41:30.0356 2208 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:41:30.0379 2208 NDIS - ok
15:41:30.0399 2208 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:41:30.0447 2208 NdisCap - ok
15:41:30.0477 2208 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:41:30.0510 2208 NdisTapi - ok
15:41:30.0564 2208 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:41:30.0601 2208 Ndisuio - ok
15:41:30.0638 2208 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:41:30.0678 2208 NdisWan - ok
15:41:30.0705 2208 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:41:30.0726 2208 NDProxy - ok
15:41:30.0789 2208 [ B90E093E7A7250906F1054418B5339C0 ] Nero BackItUp Scheduler 4.0 C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
15:41:30.0821 2208 Nero BackItUp Scheduler 4.0 - ok
15:41:30.0869 2208 [ 1352E1648213551923A0A822E441553C ] Netaapl C:\Windows\system32\DRIVERS\netaapl.sys
15:41:30.0907 2208 Netaapl - ok
15:41:30.0940 2208 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:41:30.0970 2208 NetBIOS - ok
15:41:31.0007 2208 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:41:31.0030 2208 NetBT - ok
15:41:31.0041 2208 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
15:41:31.0054 2208 Netlogon - ok
15:41:31.0090 2208 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
15:41:31.0130 2208 Netman - ok
15:41:31.0217 2208 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:41:31.0256 2208 NetMsmqActivator - ok
15:41:31.0279 2208 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:41:31.0293 2208 NetPipeActivator - ok
15:41:31.0310 2208 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
15:41:31.0348 2208 netprofm - ok
15:41:31.0397 2208 [ 105A0947E6E01E5A6B76DAD87547CD89 ] netr28u C:\Windows\system32\DRIVERS\netr28u.sys
15:41:31.0453 2208 netr28u - ok
15:41:31.0470 2208 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:41:31.0485 2208 NetTcpActivator - ok
15:41:31.0493 2208 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:41:31.0510 2208 NetTcpPortSharing - ok
15:41:31.0530 2208 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:41:31.0541 2208 nfrd960 - ok
15:41:31.0582 2208 [ 832E098BCA8235436FE2D8AE50AC3718 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:41:31.0596 2208 NisDrv - ok
15:41:31.0626 2208 [ E570ECA850F30EB740C2E9699DF3D2BD ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
15:41:31.0645 2208 NisSrv - ok
15:41:31.0691 2208 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
15:41:31.0719 2208 NlaSvc - ok
15:41:31.0754 2208 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:41:31.0850 2208 Npfs - ok
15:41:31.0879 2208 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
15:41:31.0902 2208 nsi - ok
15:41:31.0914 2208 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:41:31.0942 2208 nsiproxy - ok
15:41:31.0973 2208 [ 168437A522D178DF6A372F09782B084F ] nSvcIp C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
15:41:31.0984 2208 nSvcIp - ok
15:41:32.0048 2208 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:41:32.0102 2208 Ntfs - ok
15:41:32.0135 2208 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
15:41:32.0173 2208 Null - ok
15:41:32.0222 2208 [ B5E37E31C053BC9950455A257526514B ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x32.sys
15:41:32.0240 2208 NVENETFD - ok
15:41:32.0485 2208 [ 377140A534D013BD661C69F1741DE43C ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:41:32.0789 2208 nvlddmkm - ok
15:41:32.0826 2208 [ C9C82E1A08955FDBDF92AAC55BC3A4E4 ] NVNET C:\Windows\system32\DRIVERS\nvmf6232.sys
15:41:32.0839 2208 NVNET - ok
15:41:32.0872 2208 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:41:32.0884 2208 nvraid - ok
15:41:32.0905 2208 [ A63CBAE79EA6B5C55A2325E570C12A5A ] nvrd32 C:\Windows\system32\DRIVERS\nvrd32.sys
15:41:32.0915 2208 nvrd32 - ok
15:41:32.0955 2208 [ F13618F0CB1E95232F4C2401592A59E9 ] nvsmu C:\Windows\system32\DRIVERS\nvsmu.sys
15:41:32.0994 2208 nvsmu - ok
15:41:33.0026 2208 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:41:33.0040 2208 nvstor - ok
15:41:33.0080 2208 [ 16810CEF5B0FF883CFB1CE492376D9B1 ] nvstor32 C:\Windows\system32\DRIVERS\nvstor32.sys
15:41:33.0090 2208 nvstor32 - ok
15:41:33.0105 2208 [ 4ED813EFD77A9B7E57E341CDC1C5CBC4 ] nvsvc C:\Windows\system32\nvvsvc.exe
15:41:33.0116 2208 nvsvc - ok
15:41:33.0143 2208 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:41:33.0155 2208 nv_agp - ok
15:41:33.0221 2208 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:41:33.0260 2208 odserv - ok
15:41:33.0278 2208 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:41:33.0298 2208 ohci1394 - ok
15:41:33.0321 2208 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:41:33.0333 2208 ose - ok
15:41:33.0370 2208 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:41:33.0432 2208 p2pimsvc - ok
15:41:33.0463 2208 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
15:41:33.0489 2208 p2psvc - ok
15:41:33.0513 2208 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:41:33.0524 2208 Parport - ok
15:41:33.0559 2208 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:41:33.0571 2208 partmgr - ok
15:41:33.0589 2208 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
15:41:33.0612 2208 Parvdm - ok
15:41:33.0639 2208 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:41:33.0655 2208 PcaSvc - ok
15:41:33.0674 2208 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
15:41:33.0688 2208 pci - ok
15:41:33.0709 2208 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
15:41:33.0719 2208 pciide - ok
15:41:33.0741 2208 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:41:33.0754 2208 pcmcia - ok
15:41:33.0774 2208 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
15:41:33.0785 2208 pcw - ok
15:41:33.0822 2208 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:41:33.0867 2208 PEAUTH - ok
15:41:33.0934 2208 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
15:41:34.0013 2208 pla - ok
15:41:34.0068 2208 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:41:34.0115 2208 PlugPlay - ok
15:41:34.0135 2208 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:41:34.0162 2208 PNRPAutoReg - ok
15:41:34.0186 2208 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:41:34.0201 2208 PNRPsvc - ok
15:41:34.0222 2208 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:41:34.0251 2208 PolicyAgent - ok
15:41:34.0273 2208 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
15:41:34.0296 2208 Power - ok
15:41:34.0321 2208 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:41:34.0357 2208 PptpMiniport - ok
15:41:34.0386 2208 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:41:34.0408 2208 Processor - ok
15:41:34.0448 2208 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
15:41:34.0494 2208 ProfSvc - ok
15:41:34.0513 2208 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:41:34.0524 2208 ProtectedStorage - ok
15:41:34.0549 2208 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:41:34.0574 2208 Psched - ok
15:41:34.0615 2208 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:41:34.0663 2208 ql2300 - ok
15:41:34.0678 2208 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:41:34.0690 2208 ql40xx - ok
15:41:34.0723 2208 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
15:41:34.0740 2208 QWAVE - ok
15:41:34.0754 2208 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:41:34.0767 2208 QWAVEdrv - ok
15:41:34.0783 2208 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:41:34.0838 2208 RasAcd - ok
15:41:34.0872 2208 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:41:34.0919 2208 RasAgileVpn - ok
15:41:34.0940 2208 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
15:41:34.0964 2208 RasAuto - ok
15:41:34.0978 2208 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:41:35.0012 2208 Rasl2tp - ok
15:41:35.0067 2208 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
15:41:35.0105 2208 RasMan - ok
15:41:35.0119 2208 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:41:35.0142 2208 RasPppoe - ok
15:41:35.0173 2208 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:41:35.0219 2208 RasSstp - ok
15:41:35.0242 2208 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:41:35.0277 2208 rdbss - ok
15:41:35.0297 2208 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:41:35.0310 2208 rdpbus - ok
15:41:35.0346 2208 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:41:35.0399 2208 RDPCDD - ok
15:41:35.0429 2208 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:41:35.0452 2208 RDPENCDD - ok
15:41:35.0466 2208 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:41:35.0503 2208 RDPREFMP - ok
15:41:35.0550 2208 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:41:35.0591 2208 RDPWD - ok
15:41:35.0642 2208 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:41:35.0663 2208 rdyboost - ok
15:41:35.0686 2208 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
15:41:35.0721 2208 RemoteAccess - ok
15:41:35.0759 2208 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:41:35.0807 2208 RemoteRegistry - ok
15:41:35.0826 2208 RimUsb - ok
15:41:35.0858 2208 [ D9B34325EE5DF78B8F28A3DE9F577C7D ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial.sys
15:41:35.0896 2208 RimVSerPort - ok
15:41:35.0928 2208 [ 564297827D213F52C7A3A2FF749568CA ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
15:41:35.0968 2208 ROOTMODEM - ok
15:41:36.0003 2208 RoxLiveShare9 - ok
15:41:36.0036 2208 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:41:36.0061 2208 RpcEptMapper - ok
15:41:36.0086 2208 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
15:41:36.0110 2208 RpcLocator - ok
15:41:36.0130 2208 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
15:41:36.0158 2208 RpcSs - ok
15:41:36.0177 2208 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:41:36.0218 2208 rspndr - ok
15:41:36.0244 2208 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
15:41:36.0256 2208 SamSs - ok
15:41:36.0288 2208 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:41:36.0300 2208 sbp2port - ok
15:41:36.0319 2208 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:41:36.0350 2208 SCardSvr - ok
15:41:36.0364 2208 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:41:36.0398 2208 scfilter - ok
15:41:36.0437 2208 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
15:41:36.0469 2208 Schedule - ok
15:41:36.0509 2208 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:41:36.0543 2208 SCPolicySvc - ok
15:41:36.0580 2208 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:41:36.0621 2208 SDRSVC - ok
15:41:36.0678 2208 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:41:36.0715 2208 secdrv - ok
15:41:36.0734 2208 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
15:41:36.0768 2208 seclogon - ok
15:41:36.0786 2208 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\system32\sens.dll
15:41:36.0810 2208 SENS - ok
15:41:36.0820 2208 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:41:36.0858 2208 SensrSvc - ok
15:41:36.0882 2208 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:41:36.0910 2208 Serenum - ok
15:41:36.0948 2208 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:41:36.0976 2208 Serial - ok
15:41:37.0012 2208 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:41:37.0042 2208 sermouse - ok
15:41:37.0090 2208 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
15:41:37.0125 2208 SessionEnv - ok
15:41:37.0147 2208 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:41:37.0198 2208 sffdisk - ok
15:41:37.0214 2208 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:41:37.0242 2208 sffp_mmc - ok
15:41:37.0269 2208 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:41:37.0291 2208 sffp_sd - ok
15:41:37.0322 2208 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:41:37.0351 2208 sfloppy - ok
15:41:37.0395 2208 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:41:37.0425 2208 SharedAccess - ok
15:41:37.0448 2208 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:41:37.0475 2208 ShellHWDetection - ok
15:41:37.0516 2208 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
15:41:37.0527 2208 sisagp - ok
15:41:37.0547 2208 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:41:37.0559 2208 SiSRaid2 - ok
15:41:37.0570 2208 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:41:37.0585 2208 SiSRaid4 - ok
15:41:37.0602 2208 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:41:37.0626 2208 Smb - ok
15:41:37.0666 2208 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:41:37.0679 2208 SNMPTRAP - ok
15:41:37.0690 2208 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
15:41:37.0701 2208 spldr - ok
15:41:37.0750 2208 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
15:41:37.0798 2208 Spooler - ok
15:41:37.0869 2208 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
15:41:37.0975 2208 sppsvc - ok
15:41:38.0012 2208 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:41:38.0056 2208 sppuinotify - ok
15:41:38.0087 2208 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
15:41:38.0118 2208 srv - ok
15:41:38.0160 2208 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:41:38.0184 2208 srv2 - ok
15:41:38.0197 2208 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:41:38.0210 2208 srvnet - ok
15:41:38.0242 2208 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:41:38.0267 2208 SSDPSRV - ok
15:41:38.0283 2208 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:41:38.0307 2208 SstpSvc - ok
15:41:38.0337 2208 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:41:38.0349 2208 stexstor - ok
15:41:38.0402 2208 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
15:41:38.0439 2208 StiSvc - ok
15:41:38.0468 2208 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
15:41:38.0479 2208 swenum - ok
15:41:38.0517 2208 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
15:41:38.0546 2208 swprv - ok
15:41:38.0600 2208 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
15:41:38.0645 2208 SysMain - ok
15:41:38.0685 2208 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:41:38.0718 2208 TabletInputService - ok
15:41:38.0761 2208 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
15:41:38.0814 2208 TapiSrv - ok
15:41:38.0831 2208 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
15:41:38.0865 2208 TBS - ok
15:41:38.0936 2208 [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:41:38.0982 2208 Tcpip - ok
15:41:39.0019 2208 [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:41:39.0045 2208 TCPIP6 - ok
15:41:39.0085 2208 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:41:39.0096 2208 tcpipreg - ok
15:41:39.0142 2208 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:41:39.0176 2208 TDPIPE - ok
15:41:39.0204 2208 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:41:39.0233 2208 TDTCP - ok
15:41:39.0268 2208 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:41:39.0307 2208 tdx - ok
15:41:39.0332 2208 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
15:41:39.0345 2208 TermDD - ok
15:41:39.0390 2208 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
15:41:39.0423 2208 TermService - ok
15:41:39.0459 2208 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
15:41:39.0475 2208 Themes - ok
15:41:39.0491 2208 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
15:41:39.0514 2208 THREADORDER - ok
15:41:39.0539 2208 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
15:41:39.0578 2208 TrkWks - ok
15:41:39.0634 2208 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:41:39.0684 2208 TrustedInstaller - ok
15:41:39.0696 2208 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:41:39.0717 2208 tssecsrv - ok
15:41:39.0794 2208 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:41:39.0817 2208 TsUsbFlt - ok
15:41:39.0867 2208 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:41:39.0918 2208 tunnel - ok
15:41:39.0953 2208 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:41:39.0964 2208 uagp35 - ok
15:41:39.0985 2208 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:41:40.0025 2208 udfs - ok
15:41:40.0055 2208 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:41:40.0075 2208 UI0Detect - ok
15:41:40.0105 2208 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:41:40.0117 2208 uliagpkx - ok
15:41:40.0139 2208 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:41:40.0153 2208 umbus - ok
15:41:40.0171 2208 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:41:40.0195 2208 UmPass - ok
15:41:40.0223 2208 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
15:41:40.0259 2208 upnphost - ok
15:41:40.0292 2208 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
15:41:40.0344 2208 USBAAPL ( UnsignedFile.Multi.Generic ) - warning
15:41:40.0344 2208 USBAAPL - detected UnsignedFile.Multi.Generic (1)
15:41:40.0375 2208 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:41:40.0404 2208 usbccgp - ok
15:41:40.0434 2208 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:41:40.0450 2208 usbcir - ok
15:41:40.0466 2208 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:41:40.0478 2208 usbehci - ok
15:41:40.0509 2208 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:41:40.0540 2208 usbhub - ok
15:41:40.0566 2208 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
15:41:40.0589 2208 usbohci - ok
15:41:40.0614 2208 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:41:40.0628 2208 usbprint - ok
15:41:40.0644 2208 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:41:40.0677 2208 USBSTOR - ok
15:41:40.0697 2208 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:41:40.0709 2208 usbuhci - ok
15:41:40.0735 2208 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
15:41:40.0757 2208 UxSms - ok
15:41:40.0773 2208 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
15:41:40.0784 2208 VaultSvc - ok
15:41:40.0810 2208 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:41:40.0822 2208 vdrvroot - ok
15:41:40.0869 2208 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
15:41:40.0913 2208 vds - ok
15:41:40.0938 2208 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:41:40.0951 2208 vga - ok
15:41:40.0965 2208 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
15:41:40.0986 2208 VgaSave - ok
15:41:41.0007 2208 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:41:41.0022 2208 vhdmp - ok
15:41:41.0050 2208 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
15:41:41.0060 2208 viaagp - ok
15:41:41.0081 2208 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
15:41:41.0108 2208 ViaC7 - ok
15:41:41.0131 2208 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
15:41:41.0142 2208 viaide - ok
15:41:41.0160 2208 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:41:41.0172 2208 volmgr - ok
15:41:41.0217 2208 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:41:41.0240 2208 volmgrx - ok
15:41:41.0262 2208 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:41:41.0276 2208 volsnap - ok
15:41:41.0297 2208 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:41:41.0310 2208 vsmraid - ok
15:41:41.0356 2208 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
15:41:41.0396 2208 VSS - ok
15:41:41.0423 2208 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:41:41.0449 2208 vwifibus - ok
15:41:41.0478 2208 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:41:41.0494 2208 vwififlt - ok
15:41:41.0526 2208 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
15:41:41.0540 2208 vwifimp - ok
15:41:41.0574 2208 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
15:41:41.0604 2208 W32Time - ok
15:41:41.0627 2208 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:41:41.0638 2208 WacomPen - ok
15:41:41.0678 2208 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:41:41.0729 2208 WANARP - ok
15:41:41.0735 2208 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:41:41.0757 2208 Wanarpv6 - ok
15:41:41.0823 2208 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:41:41.0875 2208 WatAdminSvc - ok
15:41:41.0932 2208 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
15:41:42.0015 2208 wbengine - ok
15:41:42.0049 2208 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:41:42.0095 2208 WbioSrvc - ok
15:41:42.0158 2208 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:41:42.0246 2208 wcncsvc - ok
15:41:42.0276 2208 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:41:42.0309 2208 WcsPlugInService - ok
15:41:42.0337 2208 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:41:42.0350 2208 Wd - ok
15:41:42.0397 2208 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam.sys
15:41:42.0455 2208 WDC_SAM - ok
15:41:42.0501 2208 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:41:42.0535 2208 Wdf01000 - ok
15:41:42.0552 2208 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:41:42.0608 2208 WdiServiceHost - ok
15:41:42.0613 2208 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:41:42.0629 2208 WdiSystemHost - ok
15:41:42.0665 2208 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
15:41:42.0731 2208 WebClient - ok
15:41:42.0761 2208 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:41:42.0785 2208 Wecsvc - ok
15:41:42.0797 2208 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:41:42.0831 2208 wercplsupport - ok
15:41:42.0868 2208 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
15:41:42.0908 2208 WerSvc - ok
15:41:42.0937 2208 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:41:42.0967 2208 WfpLwf - ok
15:41:42.0981 2208 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:41:42.0992 2208 WIMMount - ok
15:41:43.0044 2208 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
15:41:43.0079 2208 WinDefend - ok
15:41:43.0102 2208 WinHttpAutoProxySvc - ok
15:41:43.0153 2208 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:41:43.0208 2208 Winmgmt - ok
15:41:43.0255 2208 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
15:41:43.0320 2208 WinRM - ok
15:41:43.0366 2208 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:41:43.0383 2208 WinUsb - ok
15:41:43.0425 2208 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
15:41:43.0460 2208 Wlansvc - ok
15:41:43.0479 2208 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:41:43.0490 2208 WmiAcpi - ok
15:41:43.0517 2208 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:41:43.0587 2208 wmiApSrv - ok
15:41:43.0659 2208 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
15:41:43.0713 2208 WMPNetworkSvc - ok
15:41:43.0733 2208 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:41:43.0751 2208 WPCSvc - ok
15:41:43.0794 2208 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:41:43.0844 2208 WPDBusEnum - ok
15:41:43.0873 2208 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:41:43.0920 2208 ws2ifsl - ok
15:41:43.0930 2208 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\system32\wscsvc.dll
15:41:43.0948 2208 wscsvc - ok
15:41:43.0982 2208 [ 553F6CCD7C58EB98D4A8FBDAF283D7A9 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
15:41:44.0010 2208 WSDPrintDevice - ok
15:41:44.0017 2208 WSearch - ok
15:41:44.0087 2208 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
15:41:44.0150 2208 wuauserv - ok
15:41:44.0187 2208 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:41:44.0211 2208 WudfPf - ok
15:41:44.0248 2208 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:41:44.0268 2208 WUDFRd - ok
15:41:44.0294 2208 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:41:44.0307 2208 wudfsvc - ok
15:41:44.0332 2208 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
15:41:44.0366 2208 WwanSvc - ok
15:41:44.0397 2208 ================ Scan global ===============================
15:41:44.0431 2208 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
15:41:44.0468 2208 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
15:41:44.0476 2208 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
15:41:44.0504 2208 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
15:41:44.0519 2208 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
15:41:44.0524 2208 [Global] - ok
15:41:44.0524 2208 ================ Scan MBR ==================================
15:41:44.0539 2208 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:41:44.0755 2208 \Device\Harddisk0\DR0 - ok
15:41:44.0763 2208 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk6\DR6
15:41:45.0941 2208 \Device\Harddisk6\DR6 - ok
15:41:45.0942 2208 ================ Scan VBR ==================================
15:41:45.0947 2208 [ 245A343E80F0AEC5AC1BAFEBC895C4F3 ] \Device\Harddisk0\DR0\Partition1
15:41:45.0949 2208 \Device\Harddisk0\DR0\Partition1 - ok
15:41:45.0974 2208 [ C59E1DE3730D73A28D9756071CFA0450 ] \Device\Harddisk0\DR0\Partition2
15:41:45.0976 2208 \Device\Harddisk0\DR0\Partition2 - ok
15:41:45.0996 2208 [ B8A4769FC2CB1CB6941971007FDBE502 ] \Device\Harddisk0\DR0\Partition3
15:41:45.0998 2208 \Device\Harddisk0\DR0\Partition3 - ok
15:41:46.0005 2208 [ E0627192DCF027A01ECE153BB63731BF ] \Device\Harddisk6\DR6\Partition1
15:41:46.0007 2208 \Device\Harddisk6\DR6\Partition1 - ok
15:41:46.0007 2208 ============================================================
15:41:46.0010 2208 Scan finished
15:41:46.0010 2208 ============================================================
15:41:46.0030 2504 Detected object count: 3
15:41:46.0030 2504 Actual detected object count: 3
15:44:18.0315 2504 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
15:44:18.0315 2504 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:44:18.0319 2504 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
15:44:18.0320 2504 IDriverT ( UnsignedFile.Multi.Generic )

 

[kuttus]

I am still unable to download Junkware Removal Tool

Please try your other browser...

 

[Kiasu]

I managed to get done with IE

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.9 (03.06.2013:1)
OS: Windows 7 Home Premium x86
Ran by Kiasu on Thu 03/07/2013 at 16:20:10.38
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_local_machine\software\classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Failed to delete: [Registry Key] "hkey_local_machine\software\microsoft\windows nt\currentversion\schedule\taskcache\tree\scheduled update for ask toolbar"



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\optimizerpro"
Successfully deleted: [Folder] "C:\Users\Kiasu\AppData\Roaming\drivercure"
Successfully deleted: [Folder] "C:\Users\Kiasu\appdata\local\blekkotb_031"



~~~ Chrome

Successfully deleted: [Registry Key] hkey_local_machine\software\policies\google\chrome\extensioninstallforcelist



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 03/07/2013 at 16:22:05.08
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

[kuttus]

Okay Cool...... Now can you please run Autoruns and in that you can see a Tab called Scheduled Tasks and Logon. Got to that one and Send me a Screenshots of Scheduled Tasks & Logon. You can download it form here.

To Take Screen Of Your Screen.

1. Press PRINT SCREEN (Print Scr) key on Your Keyboard.
2. Now Open MS Paint
3. Open Paint by clicking the Start button
   
   , clicking All Programs, clicking Accessories, and then clicking Paint.
4. In MS Paint Click Edit, and then click Paste.
5. After this Save the File on your computer by Clicking on File --> Save

Add this Saved File in your next Replay

 

[Kiasu]

How to add the saved file? Sorry

 

[kuttus]

To Take Screen Of Your Screen.

1. Press PRINT SCREEN (Print Scr) key on Your Keyboard.
2. Now Open MS Paint
3. Open Paint by clicking the Start button
   
   , clicking All Programs, clicking Accessories, and then clicking Paint.
4. In MS Paint Click Edit, and then click Paste.
5. After this Save the File on your computer by Clicking on File --> Save

Add this Saved File in your next Replay

 

[Kiasu]

I have done that but how to put the saved copies into the reply box?

 

[kuttus]

In the bottom of the replay page you can see a New Attachment. Click on Choose File.... Select the Image file that you have saved... Then press on Add Attachment.