Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Slowness and high memory usuage
Message
<blockquote data-quote="jamjar" data-source="post: 336121" data-attributes="member: 33322"><p>MBAR LOG</p><p></p><p>Malwarebytes Anti-Rootkit BETA 1.08.2.1001</p><p><a href="http://www.malwarebytes.org" target="_blank">www.malwarebytes.org</a></p><p></p><p>Database version: v2015.01.19.09</p><p></p><p>Windows 8.1 x64 NTFS</p><p>Internet Explorer 11.0.9600.17498</p><p>James :: JAMES_CLARKE [administrator]</p><p></p><p>19/01/2015 16:37:04</p><p>mbar-log-2015-01-19 (16-37-04).txt</p><p></p><p>Scan type: Quick scan</p><p>Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken</p><p>Scan options disabled: </p><p>Objects scanned: 361541</p><p>Time elapsed: 13 minute(s), 17 second(s)</p><p></p><p>Memory Processes Detected: 0</p><p>(No malicious items detected)</p><p></p><p>Memory Modules Detected: 0</p><p>(No malicious items detected)</p><p></p><p>Registry Keys Detected: 1</p><p>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4820778D-AB0D-6D18-C316-52A6A0E1D507} (Trojan.Agent) -> Delete on reboot. [24217683c7c2dc5ae0d8da2709f9a858]</p><p></p><p>Registry Values Detected: 0</p><p>(No malicious items detected)</p><p></p><p>Registry Data Items Detected: 0</p><p>(No malicious items detected)</p><p></p><p>Folders Detected: 0</p><p>(No malicious items detected)</p><p></p><p>Files Detected: 2</p><p>C:\Program Files (x86)\youtubeadblocker\WBQbopbgJWETv8.exe (Trojan.Agent) -> Delete on reboot. [24217683c7c2dc5ae0d8da2709f9a858]</p><p>C:\Program Files (x86)\unisallEso\unisallEso.exe (Trojan.Agent) -> Delete on reboot. [d86da7526b1ea591bcfc49b82fd327d9]</p><p></p><p>Physical Sectors Detected: 0</p><p>(No malicious items detected)</p><p></p><p>(end)</p><p></p><p>SYSTEM LOG:</p><p></p><p>---------------------------------------</p><p>Malwarebytes Anti-Rootkit BETA 1.08.2.1001</p><p></p><p>(c) Malwarebytes Corporation 2011-2012</p><p></p><p>OS version: 6.3.9200 Windows 8.1 x64</p><p></p><p>Account is Administrative</p><p></p><p>Internet Explorer version: 11.0.9600.17498</p><p></p><p>File system is: NTFS</p><p>Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED, F:\ DRIVE_FIXED</p><p>CPU speed: 3.193000 GHz</p><p>Memory total: 12824092672, free: 9420955648</p><p></p><p>Downloaded database version: v2015.01.19.09</p><p>Downloaded database version: v2015.01.14.01</p><p>Downloaded database version: v2014.12.06.01</p><p>=======================================</p><p>Initializing...</p><p>------------ Kernel report ------------</p><p> 01/19/2015 16:36:59</p><p>------------ Loaded modules -----------</p><p>\SystemRoot\system32\ntoskrnl.exe</p><p>\SystemRoot\system32\hal.dll</p><p>\SystemRoot\system32\kd.dll</p><p>\SystemRoot\system32\mcupdate_GenuineIntel.dll</p><p>\SystemRoot\System32\drivers\werkernel.sys</p><p>\SystemRoot\System32\drivers\CLFS.SYS</p><p>\SystemRoot\System32\drivers\tm.sys</p><p>\SystemRoot\system32\PSHED.dll</p><p>\SystemRoot\system32\BOOTVID.dll</p><p>\SystemRoot\system32\CI.dll</p><p>\SystemRoot\System32\drivers\msrpc.sys</p><p>\SystemRoot\system32\drivers\Wdf01000.sys</p><p>\SystemRoot\system32\drivers\WDFLDR.SYS</p><p>\SystemRoot\System32\Drivers\acpiex.sys</p><p>\SystemRoot\System32\Drivers\WppRecorder.sys</p><p>\SystemRoot\System32\drivers\ACPI.sys</p><p>\SystemRoot\System32\drivers\WMILIB.SYS</p><p>\SystemRoot\System32\Drivers\cng.sys</p><p>\SystemRoot\System32\drivers\msisadrv.sys</p><p>\SystemRoot\System32\drivers\pci.sys</p><p>\SystemRoot\System32\drivers\vdrvroot.sys</p><p>\SystemRoot\system32\drivers\pdc.sys</p><p>\SystemRoot\System32\drivers\partmgr.sys</p><p>\SystemRoot\system32\DRIVERS\excsd.sys</p><p>\SystemRoot\System32\drivers\spaceport.sys</p><p>\SystemRoot\System32\drivers\volmgr.sys</p><p>\SystemRoot\System32\drivers\volmgrx.sys</p><p>\SystemRoot\System32\drivers\mountmgr.sys</p><p>\SystemRoot\System32\drivers\iaStorA.sys</p><p>\SystemRoot\System32\drivers\storport.sys</p><p>\SystemRoot\system32\drivers\fltmgr.sys</p><p>\SystemRoot\System32\drivers\fileinfo.sys</p><p>\SystemRoot\System32\Drivers\Wof.sys</p><p>\SystemRoot\System32\Drivers\Ntfs.sys</p><p>\SystemRoot\System32\Drivers\ksecdd.sys</p><p>\SystemRoot\System32\drivers\pcw.sys</p><p>\SystemRoot\System32\Drivers\Fs_Rec.sys</p><p>\SystemRoot\system32\drivers\ndis.sys</p><p>\SystemRoot\system32\drivers\NETIO.SYS</p><p>\SystemRoot\System32\Drivers\ksecpkg.sys</p><p>\SystemRoot\System32\drivers\tcpip.sys</p><p>\SystemRoot\System32\drivers\fwpkclnt.sys</p><p>\SystemRoot\system32\DRIVERS\wfplwfs.sys</p><p>\SystemRoot\system32\DRIVERS\avgloga.sys</p><p>\SystemRoot\system32\DRIVERS\avgmfx64.sys</p><p>\SystemRoot\System32\DRIVERS\fvevol.sys</p><p>\SystemRoot\system32\DRIVERS\avgidsha.sys</p><p>\SystemRoot\System32\drivers\volsnap.sys</p><p>\SystemRoot\System32\drivers\rdyboost.sys</p><p>\SystemRoot\System32\Drivers\mup.sys</p><p>\SystemRoot\System32\drivers\intelpep.sys</p><p>\SystemRoot\System32\drivers\disk.sys</p><p>\SystemRoot\System32\drivers\CLASSPNP.SYS</p><p>\SystemRoot\system32\DRIVERS\avgrkx64.sys</p><p>\SystemRoot\System32\Drivers\crashdmp.sys</p><p>\SystemRoot\System32\drivers\cdrom.sys</p><p>\SystemRoot\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys</p><p>\SystemRoot\system32\DRIVERS\mwlPSDFilter.sys</p><p>\SystemRoot\system32\DRIVERS\excfs.sys</p><p>\SystemRoot\System32\Drivers\Null.SYS</p><p>\SystemRoot\System32\Drivers\Beep.SYS</p><p>\SystemRoot\System32\drivers\BasicRender.sys</p><p>\SystemRoot\System32\drivers\dxgkrnl.sys</p><p>\SystemRoot\System32\drivers\watchdog.sys</p><p>\SystemRoot\System32\drivers\dxgmms1.sys</p><p>\SystemRoot\System32\drivers\BasicDisplay.sys</p><p>\SystemRoot\System32\Drivers\Npfs.SYS</p><p>\SystemRoot\System32\Drivers\Msfs.SYS</p><p>\SystemRoot\system32\DRIVERS\avgwfpa.sys</p><p>\SystemRoot\system32\DRIVERS\tdx.sys</p><p>\SystemRoot\system32\DRIVERS\TDI.SYS</p><p>\SystemRoot\System32\DRIVERS\netbt.sys</p><p>\SystemRoot\system32\drivers\afd.sys</p><p>\SystemRoot\system32\DRIVERS\pacer.sys</p><p>\SystemRoot\system32\DRIVERS\vwififlt.sys</p><p>\SystemRoot\system32\DRIVERS\netbios.sys</p><p>\SystemRoot\system32\DRIVERS\avgldx64.sys</p><p>\SystemRoot\system32\DRIVERS\rdbss.sys</p><p>\SystemRoot\system32\drivers\nsiproxy.sys</p><p>\SystemRoot\System32\drivers\npsvctrig.sys</p><p>\SystemRoot\system32\DRIVERS\mwlPSDVDisk.sys</p><p>\SystemRoot\system32\DRIVERS\mwlPSDNServ.sys</p><p>\SystemRoot\System32\drivers\mssmbios.sys</p><p>\SystemRoot\System32\Drivers\dfsc.sys</p><p>\SystemRoot\system32\DRIVERS\avgidsdrivera.sys</p><p>\SystemRoot\system32\DRIVERS\ahcache.sys</p><p>\SystemRoot\system32\DRIVERS\Neo_VPN.sys</p><p>\SystemRoot\System32\drivers\CompositeBus.sys</p><p>\SystemRoot\system32\DRIVERS\kdnic.sys</p><p>\SystemRoot\System32\drivers\umbus.sys</p><p>\SystemRoot\system32\DRIVERS\nvlddmkm.sys</p><p>\SystemRoot\System32\drivers\HDAudBus.sys</p><p>\SystemRoot\System32\drivers\USBXHCI.SYS</p><p>\SystemRoot\System32\drivers\ucx01000.sys</p><p>\SystemRoot\System32\drivers\HECIx64.sys</p><p>\SystemRoot\system32\DRIVERS\e1c63x64.sys</p><p>\SystemRoot\System32\drivers\usbehci.sys</p><p>\SystemRoot\System32\drivers\USBPORT.SYS</p><p>\SystemRoot\system32\DRIVERS\athw8x.sys</p><p>\SystemRoot\System32\drivers\vwifibus.sys</p><p>\SystemRoot\System32\drivers\intelppm.sys</p><p>\SystemRoot\System32\drivers\wmiacpi.sys</p><p>\SystemRoot\system32\drivers\nvvad64v.sys</p><p>\SystemRoot\system32\drivers\portcls.sys</p><p>\SystemRoot\system32\drivers\drmk.sys</p><p>\SystemRoot\system32\drivers\ks.sys</p><p>\SystemRoot\system32\drivers\ksthunk.sys</p><p>\SystemRoot\System32\drivers\NdisVirtualBus.sys</p><p>\SystemRoot\System32\drivers\swenum.sys</p><p>\SystemRoot\System32\drivers\btath_bus.sys</p><p>\SystemRoot\system32\drivers\LGBusEnum.sys</p><p>\SystemRoot\System32\drivers\rdpbus.sys</p><p>\SystemRoot\System32\drivers\usbhub.sys</p><p>\SystemRoot\System32\drivers\USBD.SYS</p><p>\SystemRoot\System32\drivers\UsbHub3.sys</p><p>\SystemRoot\system32\drivers\nvhda64v.sys</p><p>\SystemRoot\system32\drivers\RTKVHD64.sys</p><p>\SystemRoot\System32\drivers\USBSTOR.SYS</p><p>\SystemRoot\system32\DRIVERS\udfs.sys</p><p>\SystemRoot\System32\drivers\usbccgp.sys</p><p>\SystemRoot\System32\drivers\hidusb.sys</p><p>\SystemRoot\System32\drivers\HIDCLASS.SYS</p><p>\SystemRoot\System32\drivers\HIDPARSE.SYS</p><p>\SystemRoot\System32\drivers\kbdhid.sys</p><p>\SystemRoot\System32\drivers\kbdclass.sys</p><p>\SystemRoot\system32\DRIVERS\LGSHidFilt.Sys</p><p>\SystemRoot\System32\drivers\mouhid.sys</p><p>\SystemRoot\System32\drivers\mouclass.sys</p><p>\SystemRoot\system32\DRIVERS\btfilter.sys</p><p>\SystemRoot\System32\Drivers\BTHUSB.sys</p><p>\SystemRoot\System32\Drivers\bthport.sys</p><p>\SystemRoot\System32\Drivers\RtsUStor.sys</p><p>\SystemRoot\System32\drivers\BthLEEnum.sys</p><p>\SystemRoot\System32\drivers\rfcomm.sys</p><p>\SystemRoot\System32\drivers\BthEnum.sys</p><p>\SystemRoot\System32\drivers\btath_rcp.sys</p><p>\SystemRoot\system32\drivers\btath_avdt.sys</p><p>\SystemRoot\system32\drivers\btath_a2dp.sys</p><p>\SystemRoot\System32\drivers\btath_hcrp.sys</p><p>\SystemRoot\system32\DRIVERS\btath_flt.sys</p><p>\SystemRoot\system32\DRIVERS\btath_lwflt.sys</p><p>\SystemRoot\System32\Drivers\fastfat.SYS</p><p>\SystemRoot\System32\Drivers\dump_diskdump.sys</p><p>\SystemRoot\System32\Drivers\dump_iaStorA.sys</p><p>\SystemRoot\System32\Drivers\dump_dumpfve.sys</p><p>\SystemRoot\System32\win32k.sys</p><p>\SystemRoot\System32\drivers\monitor.sys</p><p>\SystemRoot\System32\TSDDD.dll</p><p>\SystemRoot\System32\ATMFD.DLL</p><p>\SystemRoot\system32\drivers\luafv.sys</p><p>\SystemRoot\system32\DRIVERS\lltdio.sys</p><p>\SystemRoot\system32\DRIVERS\nwifi.sys</p><p>\SystemRoot\system32\DRIVERS\ndisuio.sys</p><p>\SystemRoot\system32\DRIVERS\rspndr.sys</p><p>\SystemRoot\system32\drivers\HTTP.sys</p><p>\SystemRoot\system32\DRIVERS\vwifimp.sys</p><p>\SystemRoot\system32\DRIVERS\bowser.sys</p><p>\SystemRoot\System32\drivers\mpsdrv.sys</p><p>\SystemRoot\system32\DRIVERS\mrxsmb.sys</p><p>\SystemRoot\system32\DRIVERS\mrxsmb20.sys</p><p>\SystemRoot\system32\DRIVERS\mrxsmb10.sys</p><p>\SystemRoot\system32\drivers\Ndu.sys</p><p>\SystemRoot\system32\drivers\npf.sys</p><p>\SystemRoot\system32\drivers\peauth.sys</p><p>\SystemRoot\System32\Drivers\secdrv.SYS</p><p>\SystemRoot\System32\DRIVERS\srvnet.sys</p><p>\SystemRoot\System32\drivers\tcpipreg.sys</p><p>\SystemRoot\System32\DRIVERS\srv2.sys</p><p>\SystemRoot\System32\DRIVERS\srv.sys</p><p>\SystemRoot\system32\DRIVERS\tunnel.sys</p><p>\SystemRoot\system32\drivers\WudfPf.sys</p><p>\SystemRoot\System32\drivers\WUDFRd.sys</p><p>\SystemRoot\System32\drivers\WpdUpFltr.sys</p><p>\SystemRoot\System32\drivers\condrv.sys</p><p>\SystemRoot\system32\drivers\LGVirHid.sys</p><p>\??\C:\Users\James\AppData\Local\Temp\fwlyruog.sys</p><p>\SystemRoot\System32\cdd.dll</p><p>\SystemRoot\system32\drivers\cm11264.sys</p><p>\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys</p><p>\??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys</p><p>----------- End -----------</p><p>Done!</p><p><<<1>>></p><p>Upper Device Name: \Device\Harddisk3\DR3</p><p>Upper Device Object: 0xffffe0006e755060</p><p>Upper Device Driver Name: \Driver\disk\</p><p>Lower Device Name: \Device\00000087\</p><p>Lower Device Object: 0xffffe0006e7346d0</p><p>Lower Device Driver Name: \Driver\USBSTOR\</p><p><<<1>>></p><p>Upper Device Name: \Device\Harddisk2\DR2</p><p>Upper Device Object: 0xffffe00069d40060</p><p>Upper Device Driver Name: \Driver\disk\</p><p>Lower Device Name: \Device\0000003f\</p><p>Lower Device Object: 0xffffe000693b99e0</p><p>Lower Device Driver Name: \Driver\USBSTOR\</p><p><<<1>>></p><p>Upper Device Name: \Device\Harddisk1\DR1</p><p>Upper Device Object: 0xffffe0006794d060</p><p>Upper Device Driver Name: \Driver\disk\</p><p>Lower Device Name: \Device\00000030\</p><p>Lower Device Object: 0xffffe000656a3060</p><p>Lower Device Driver Name: \Driver\iaStorA\</p><p><<<1>>></p><p>Upper Device Name: \Device\Harddisk0\DR0</p><p>Upper Device Object: 0xffffe0006794f060</p><p>Upper Device Driver Name: \Driver\disk\</p><p>Lower Device Name: \Device\0000002f\</p><p>Lower Device Object: 0xffffe000656a54f0</p><p>Lower Device Driver Name: \Driver\iaStorA\</p><p><<<2>>></p><p>Physical Sector Size: 512</p><p>Drive: 0, DevicePointer: 0xffffe0006794f060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\</p><p>--------- Disk Stack ------</p><p>DevicePointer: 0xffffe0006794fb20, DeviceName: Unknown, DriverName: \Driver\partmgr\</p><p>DevicePointer: 0xffffe0006794e060, DeviceName: \Device\excsd0\, DriverName: \Driver\excsd\</p><p>DevicePointer: 0xffffe0006794f060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\</p><p>DevicePointer: 0xffffe000656a7e50, DeviceName: Unknown, DriverName: \Driver\ACPI\</p><p>DevicePointer: 0xffffe000656a54f0, DeviceName: \Device\0000002f\, DriverName: \Driver\iaStorA\</p><p>------------ End ----------</p><p>Alternate DeviceName: \Device\excsd0\, DriverName: \Driver\excsd\</p><p>Upper DeviceData: 0x0, 0x0, 0x0</p><p>Lower DeviceData: 0x0, 0x0, 0x0</p><p><<<3>>></p><p>Volume: C:</p><p>File system type: NTFS</p><p>SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes</p><p><<<2>>></p><p><<<3>>></p><p>Volume: C:</p><p>File system type: NTFS</p><p>SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes</p><p>Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...</p><p>File "C:\Windows\System32\drivers\1394ohci.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\1394ohci.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\acpi.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\acpi.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\acpipagr.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\acpipagr.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\acpipmi.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\acpipmi.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\acpitime.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\acpitime.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\AGP440.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\AGP440.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\amdk8.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\amdk8.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\amdppm.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\amdppm.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\atapi.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\atapi.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\ataport.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\ataport.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\BasicRender.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\BasicRender.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\battc.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\battc.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\BtaMPM.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\BtaMPM.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\errdev.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\errdev.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\fdc.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\fdc.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\flpydisk.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\flpydisk.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\fxppm.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\fxppm.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\hdaudbus.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\hdaudbus.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\hidbatt.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\hidbatt.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\hidbth.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\hidbth.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\hidclass.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\hidclass.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\hidi2c.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\hidi2c.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\hidparse.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\hidparse.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\hidusb.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\hidusb.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\i8042prt.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\i8042prt.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\intelpep.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\intelpep.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\intelppm.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\intelppm.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\isapnp.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\isapnp.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\kbdclass.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\kbdclass.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\kbdhid.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\kbdhid.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\kdnic.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\kdnic.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\msgpiowin32.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\msgpiowin32.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\msisadrv.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\msisadrv.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\msiscsi.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\msiscsi.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\BasicDisplay.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\BasicDisplay.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\CmBatt.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\CmBatt.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\usbccgp.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\usbccgp.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\npsvctrig.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\npsvctrig.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\parport.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\parport.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\pci.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\pci.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\pciide.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\pciide.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\pciidex.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\pciidex.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\pcmcia.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\pcmcia.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\portcls.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\portcls.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\processr.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\processr.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\rdpbus.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\rdpbus.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\rfcomm.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\rfcomm.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\sbp2port.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\sbp2port.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\stornvme.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\stornvme.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\swenum.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\swenum.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\terminpt.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\terminpt.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\tpm.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\tpm.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\TsUsbGD.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\TsUsbGD.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\uaspstor.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\uaspstor.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\UCX01000.SYS" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\UCX01000.SYS" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\uefi.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\uefi.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\umbus.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\umbus.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\umpass.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\umpass.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\USBAUDIO.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\USBAUDIO.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\usbcir.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\usbcir.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\usbd.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\usbd.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\usbehci.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\usbehci.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\usbhub.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\usbhub.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\USBHUB3.SYS" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\USBHUB3.SYS" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\usbohci.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\usbohci.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\usbport.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\usbport.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\usbprint.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\usbprint.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\USBSTOR.SYS" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\USBSTOR.SYS" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\usbuhci.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\usbuhci.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\USBXHCI.SYS" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\USBXHCI.SYS" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\vdrvroot.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\vdrvroot.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\vhdmp.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\vhdmp.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\volmgr.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\volmgr.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\volsnap.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\volsnap.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\vwifibus.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\vwifibus.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\wacompen.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\wacompen.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\CompositeBus.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\CompositeBus.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\disk.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\disk.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\drmk.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\drmk.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\drmkaud.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\drmkaud.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\dumpsd.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\dumpsd.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\sdbus.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\sdbus.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\sdstor.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\sdstor.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\serenum.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\serenum.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\serial.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\serial.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\sermouse.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\sermouse.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\sfloppy.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\sfloppy.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\spaceport.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\spaceport.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\mssmbios.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\mssmbios.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\MTConfig.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\MTConfig.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\BthA2DP.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\BthA2DP.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\BthAvrcpTg.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\BthAvrcpTg.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\bthenum.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\bthenum.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\BthHfAud.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\BthHfAud.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\bthhfenum.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\bthhfenum.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\BthhfHid.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\BthhfHid.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\BthLEEnum.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\BthLEEnum.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\bthmodem.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\bthmodem.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\bthpan.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\bthpan.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\bthport.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\bthport.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\BTHUSB.SYS" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\BTHUSB.SYS" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\cdrom.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\cdrom.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\circlass.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\circlass.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\winusb.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\winusb.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\wmiacpi.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\wmiacpi.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\monitor.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\monitor.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\mouclass.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\mouclass.sys" is compressed (flags = 1)</p><p>File "C:\Windows\System32\drivers\mouhid.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\mouhid.sys" is compressed (flags = 1)</p><p>Done!</p><p>Drive 0</p><p>This is a System drive</p><p>Scanning MBR on drive 0...</p><p>Inspecting partition table:</p><p>This drive is a GPT Drive.</p><p>MBR Signature: 55AA</p><p>Disk Signature: ED5D7F2A</p><p></p><p>GPT Protective MBR Partition information:</p><p></p><p> Partition 0 type is EFI-GPT (0xee)</p><p> Partition is NOT ACTIVE.</p><p> Partition starts at LBA: 1 Numsec = 4294967295</p><p></p><p> Partition 1 type is Empty (0x0)</p><p> Partition is NOT ACTIVE.</p><p> Partition starts at LBA: 0 Numsec = 0</p><p></p><p> Partition 2 type is Empty (0x0)</p><p> Partition is NOT ACTIVE.</p><p> Partition starts at LBA: 0 Numsec = 0</p><p></p><p> Partition 3 type is Empty (0x0)</p><p> Partition is NOT ACTIVE.</p><p> Partition starts at LBA: 0 Numsec = 0</p><p></p><p>GPT Partition information:</p><p></p><p> GPT Header Signature 4546492050415254</p><p> GPT Header Revision 65536 Size 92 CRC 1850830184</p><p> GPT Header CurrentLba = 1 BackupLba 1953525167</p><p> GPT Header FirstUsableLba 34 LastUsableLba 1953525134</p><p> GPT Header Guid d95d28-636e-497a-9a2f-dbee4cfea1e</p><p> GPT Header Contains 128 partition entries starting at LBA 2</p><p> GPT Header Partition entry size = 128</p><p></p><p> Backup GPT header Signature 4546492050415254</p><p> Backup GPT header Revision 65536 Size 92 CRC 1850830184</p><p> Backup GPT header CurrentLba = 1953525167 BackupLba 1</p><p> Backup GPT header FirstUsableLba 34 LastUsableLba 1953525134</p><p> Backup GPT header Guid d95d28-636e-497a-9a2f-dbee4cfea1e</p><p> Backup GPT header Contains 128 partition entries starting at LBA 1953525135</p><p> Backup GPT header Partition entry size = 128</p><p></p><p> Partition 0 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac</p><p> Partition ID 7913920c-c2f-4046-bf1a-d0ba823525b5</p><p> FirstLBA 2048 Last LBA 821247</p><p> Attributes 1</p><p> Partition Name Basic data partition</p><p></p><p> Partition 1 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b</p><p> Partition ID 51e99bbf-2c7f-4e8f-a84d-6fb27630d5f9</p><p> FirstLBA 821248 Last LBA 1435647</p><p> Attributes 0</p><p> Partition Name EFI system partition</p><p></p><p> GPT Partition 1 is bootable</p><p> Partition 2 Type e3c9e316-b5c-4db8-817d-f92df0215ae</p><p> Partition ID 2535b8f8-f2d2-4b6c-a3bd-ff83ca672b27</p><p> FirstLBA 1435648 Last LBA 1697791</p><p> Attributes 0</p><p> Partition Name Microsoft reserved partition</p><p></p><p> Partition 3 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7</p><p> Partition ID a6e64957-c180-442d-bcb4-dd75c1d01d7c</p><p> FirstLBA 1697792 Last LBA 947714047</p><p> Attributes 0</p><p> Partition Name Basic data partition</p><p></p><p> Partition 4 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7</p><p> Partition ID 74bb456a-66a0-4123-b283-208769eab4e9</p><p> FirstLBA 947714048 Last LBA 1894803455</p><p> Attributes 0</p><p> Partition Name Basic data partition</p><p></p><p> Partition 5 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac</p><p> Partition ID 42d6e897-e66f-4a6c-8eaf-cdada6f2399d</p><p> FirstLBA 1894803456 Last LBA 1953523711</p><p> Attributes 1</p><p> Partition Name Basic data partition</p><p></p><p>Disk Size: 1000204886016 bytes</p><p>Sector size: 512 bytes</p><p></p><p>Done!</p><p>Physical Sector Size: 512</p><p>Drive: 1, DevicePointer: 0xffffe0006794d060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\</p><p>--------- Disk Stack ------</p><p>DevicePointer: 0xffffe0006794db20, DeviceName: Unknown, DriverName: \Driver\partmgr\</p><p>DevicePointer: 0xffffe0006794e890, DeviceName: \Device\excsd1\, DriverName: \Driver\excsd\</p><p>DevicePointer: 0xffffe0006794d060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\</p><p>DevicePointer: 0xffffe000656a74b0, DeviceName: Unknown, DriverName: \Driver\ACPI\</p><p>DevicePointer: 0xffffe000656a3060, DeviceName: \Device\00000030\, DriverName: \Driver\iaStorA\</p><p>------------ End ----------</p><p>Alternate DeviceName: \Device\excsd1\, DriverName: \Driver\excsd\</p><p>Upper DeviceData: 0x0, 0x0, 0x0</p><p>Lower DeviceData: 0x0, 0x0, 0x0</p><p>Drive 1</p><p>Scanning MBR on drive 1...</p><p>Inspecting partition table:</p><p>MBR Signature: 55AA</p><p>Disk Signature: 74F02DEA</p><p></p><p>Partition information:</p><p></p><p> Partition 0 type is Other (0x73)</p><p> Partition is NOT ACTIVE.</p><p> Partition starts at LBA: 2048 Numsec = 31275008</p><p></p><p> Partition 1 type is Empty (0x0)</p><p> Partition is NOT ACTIVE.</p><p> Partition starts at LBA: 0 Numsec = 0</p><p></p><p> Partition 2 type is Empty (0x0)</p><p> Partition is NOT ACTIVE.</p><p> Partition starts at LBA: 0 Numsec = 0</p><p></p><p> Partition 3 type is Empty (0x0)</p><p> Partition is NOT ACTIVE.</p><p> Partition starts at LBA: 0 Numsec = 0</p><p></p><p>Disk Size: 16013942784 bytes</p><p>Sector size: 512 bytes</p><p></p><p>Done!</p><p>Physical Sector Size: 512</p><p>Drive: 2, DevicePointer: 0xffffe00069d40060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\</p><p>--------- Disk Stack ------</p><p>DevicePointer: 0xffffe00069d7a040, DeviceName: Unknown, DriverName: \Driver\partmgr\</p><p>DevicePointer: 0xffffe00069d40060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\</p><p>DevicePointer: 0xffffe000693b99e0, DeviceName: \Device\0000003f\, DriverName: \Driver\USBSTOR\</p><p>------------ End ----------</p><p>Alternate DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\</p><p>Upper DeviceData: 0x0, 0x0, 0x0</p><p>Lower DeviceData: 0x0, 0x0, 0x0</p><p>Drive 2</p><p>Scanning MBR on drive 2...</p><p>Inspecting partition table:</p><p>MBR Signature: 55AA</p><p>Disk Signature: AA89B90</p><p></p><p>Partition information:</p><p></p><p> Partition 0 type is Primary (0x7)</p><p> Partition is NOT ACTIVE.</p><p> Partition starts at LBA: 2048 Numsec = 1953519616</p><p></p><p> Partition 1 type is Empty (0x0)</p><p> Partition is NOT ACTIVE.</p><p> Partition starts at LBA: 0 Numsec = 0</p><p></p><p> Partition 2 type is Empty (0x0)</p><p> Partition is NOT ACTIVE.</p><p> Partition starts at LBA: 0 Numsec = 0</p><p></p><p> Partition 3 type is Empty (0x0)</p><p> Partition is NOT ACTIVE.</p><p> Partition starts at LBA: 0 Numsec = 0</p><p></p><p>Disk Size: 1000204883968 bytes</p><p>Sector size: 512 bytes</p><p></p><p>Done!</p><p>Physical Sector Size: 512</p><p>Drive: 3, DevicePointer: 0xffffe0006e755060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\disk\</p><p>--------- Disk Stack ------</p><p>DevicePointer: 0xffffe0006e755b20, DeviceName: Unknown, DriverName: \Driver\partmgr\</p><p>DevicePointer: 0xffffe0006e755060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\disk\</p><p>DevicePointer: 0xffffe0006e7346d0, DeviceName: \Device\00000087\, DriverName: \Driver\USBSTOR\</p><p>------------ End ----------</p><p>Alternate DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\disk\</p><p>Upper DeviceData: 0x0, 0x0, 0x0</p><p>Lower DeviceData: 0x0, 0x0, 0x0</p><p>Drive 3</p><p>Scanning MBR on drive 3...</p><p>Inspecting partition table:</p><p>MBR Signature: 55AA</p><p>Disk Signature: 1FDBDAFA</p><p></p><p>Partition information:</p><p></p><p> Partition 0 type is Other (0xc)</p><p> Partition is NOT ACTIVE.</p><p> Partition starts at LBA: 2048 Numsec = 625135297</p><p></p><p> Partition 1 type is Empty (0x0)</p><p> Partition is NOT ACTIVE.</p><p> Partition starts at LBA: 0 Numsec = 0</p><p></p><p> Partition 2 type is Empty (0x0)</p><p> Partition is NOT ACTIVE.</p><p> Partition starts at LBA: 0 Numsec = 0</p><p></p><p> Partition 3 type is Empty (0x0)</p><p> Partition is NOT ACTIVE.</p><p> Partition starts at LBA: 0 Numsec = 0</p><p></p><p>Disk Size: 320072933376 bytes</p><p>Sector size: 512 bytes</p><p></p><p>Done!</p><p>File "c:\programdata\avg2013\chjw\d6bef6d2bef6aa5f.dat:c8d6cb1d-511a-470f-966c-d86011109a5e" is sparse (flags = 32768)</p><p>Infected: C:\Program Files (x86)\youtubeadblocker\WBQbopbgJWETv8.exe --> [Trojan.Agent]</p><p>Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4820778D-AB0D-6D18-C316-52A6A0E1D507} --> [Trojan.Agent]</p><p>Infected: C:\Program Files (x86)\unisallEso\unisallEso.exe --> [Trojan.Agent]</p><p>Scan finished</p><p>Creating System Restore point...</p><p>Cleaning up...</p><p>Removal scheduling successful. System shutdown needed.</p><p>System shutdown occurred</p><p>=======================================</p><p></p><p>ADCLEANER:</p><p></p><p># AdwCleaner v4.108 - Report created 19/01/2015 at 17:24:02</p><p># Updated 17/01/2015 by Xplode</p><p># Database : 2015-01-18.1 [Live]</p><p># Operating System : Windows 8.1 (64 bits)</p><p># Username : James - JAMES_CLARKE</p><p># Running from : C:\Users\James\Downloads\AdwCleaner.exe</p><p># Option : Clean</p><p></p><p>***** [ Services ] *****</p><p></p><p></p><p>***** [ Files / Folders ] *****</p><p></p><p>Folder Deleted : C:\ProgramData\Ask</p><p>Folder Deleted : C:\ProgramData\Babylon</p><p>Folder Deleted : C:\ProgramData\SecTaskMan</p><p>Folder Deleted : C:\ProgramData\Tarma Installer</p><p>Folder Deleted : C:\ProgramData\ytd video downloader</p><p>Folder Deleted : C:\ProgramData\5803272844216781096</p><p>Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader</p><p>Folder Deleted : C:\Program Files (x86)\Application Updater</p><p>Folder Deleted : C:\Program Files (x86)\Bench</p><p>Folder Deleted : C:\Program Files (x86)\globalUpdate</p><p>Folder Deleted : C:\Program Files (x86)\GreenTree Applications</p><p>Folder Deleted : C:\Program Files (x86)\SoftwareUpdater</p><p>Folder Deleted : C:\Program Files (x86)\tuguu sl</p><p>Folder Deleted : C:\Program Files (x86)\YTD Toolbar</p><p>Folder Deleted : C:\Program Files (x86)\Common Files\Spigot</p><p>Folder Deleted : C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\Application Updater</p><p>Folder Deleted : C:\Program Files\DomaIQ Uninstaller</p><p>Folder Deleted : C:\Users\James\AppData\Local\globalUpdate</p><p>Folder Deleted : C:\Users\James\AppData\Local\SecTaskMan</p><p>Folder Deleted : C:\Users\James\AppData\Local\Slick Savings</p><p>Folder Deleted : C:\Users\James\AppData\Local\CrashRpt</p><p>Folder Deleted : C:\Users\James\AppData\LocalLow\Search Settings</p><p>Folder Deleted : C:\Users\James\AppData\Roaming\Babylon</p><p>Folder Deleted : C:\Users\James\AppData\Roaming\SendSpace</p><p>Folder Deleted : C:\Users\James\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect</p><p></p><p>***** [ Scheduled Tasks ] *****</p><p></p><p></p><p>***** [ Shortcuts ] *****</p><p></p><p>Shortcut Disinfected : C:\Users\James\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk</p><p></p><p>***** [ Registry ] *****</p><p></p><p>Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj</p><p>Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj</p><p>Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk</p><p>Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp</p><p>Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings</p><p>Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap</p><p>Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchSettings]</p><p>Key Deleted : HKCU\Software\f57d7dcb069e546</p><p>Key Deleted : HKLM\SOFTWARE\f57d7dcb069e546</p><p>Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436A-86E4-9690573BEE8A}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99E29823-2F67-41C3-8AA5-6425097A771F}</p><p>Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A}</p><p>Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F3FEE66E-E034-436A-86E4-9690573BEE8A}</p><p>Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]</p><p>Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{F3FEE66E-E034-436A-86E4-9690573BEE8A}]</p><p>Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{F3FEE66E-E034-436A-86E4-9690573BEE8A}]</p><p>Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}</p><p>Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436A-86E4-9690573BEE8A}</p><p>Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]</p><p>Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{F3FEE66E-E034-436A-86E4-9690573BEE8A}]</p><p>Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}</p><p>Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}</p><p>Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}</p><p>Key Deleted : HKCU\Software\DataMngr</p><p>Key Deleted : HKCU\Software\DataMngr_Toolbar</p><p>Key Deleted : HKCU\Software\GlobalUpdate</p><p>Key Deleted : HKCU\Software\Proxy</p><p>Key Deleted : HKCU\Software\Search Settings</p><p>Key Deleted : HKCU\Software\SmartBar</p><p>Key Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}</p><p>Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider</p><p>Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings</p><p>Key Deleted : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}</p><p>Key Deleted : HKLM\SOFTWARE\AdvertisingSupport</p><p>Key Deleted : HKLM\SOFTWARE\Application Updater</p><p>Key Deleted : HKLM\SOFTWARE\AVG Secure Search</p><p>Key Deleted : HKLM\SOFTWARE\Babylon</p><p>Key Deleted : HKLM\SOFTWARE\Bench</p><p>Key Deleted : HKLM\SOFTWARE\DataMngr</p><p>Key Deleted : HKLM\SOFTWARE\GlobalUpdate</p><p>Key Deleted : HKLM\SOFTWARE\Proxy</p><p>Key Deleted : HKLM\SOFTWARE\Search Settings</p><p>Key Deleted : HKLM\SOFTWARE\SoftwareUpdater</p><p>Key Deleted : HKLM\SOFTWARE\Vittalia</p><p>Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}</p><p>Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DomaIQ Uninstaller</p><p>Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdater</p><p>Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}</p><p>Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer</p><p>Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E</p><p>Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6</p><p>Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852</p><p>Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9</p><p>Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0</p><p>Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467</p><p>Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA</p><p>Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96</p><p>Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59</p><p>Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC</p><p>Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA</p><p>Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E</p><p>Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF</p><p>Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044</p><p>Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E</p><p></p><p>***** [ Browsers ] *****</p><p></p><p>-\\ Internet Explorer v11.0.9600.17416</p><p></p><p>Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]</p><p>Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]</p><p>Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]</p><p>Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]</p><p>Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]</p><p>Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]</p><p>Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]</p><p></p><p>-\\ Google Chrome v39.0.2171.95</p><p></p><p></p><p>*************************</p><p></p><p>AdwCleaner[R0].txt - [10505 octets] - [19/01/2015 17:22:28]</p><p>AdwCleaner[S0].txt - [8620 octets] - [19/01/2015 17:24:02]</p><p></p><p>########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8680 octets] ##########</p></blockquote><p></p>
[QUOTE="jamjar, post: 336121, member: 33322"] MBAR LOG Malwarebytes Anti-Rootkit BETA 1.08.2.1001 [URL="http://www.malwarebytes.org"]www.malwarebytes.org[/URL] Database version: v2015.01.19.09 Windows 8.1 x64 NTFS Internet Explorer 11.0.9600.17498 James :: JAMES_CLARKE [administrator] 19/01/2015 16:37:04 mbar-log-2015-01-19 (16-37-04).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 361541 Time elapsed: 13 minute(s), 17 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 1 HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4820778D-AB0D-6D18-C316-52A6A0E1D507} (Trojan.Agent) -> Delete on reboot. [24217683c7c2dc5ae0d8da2709f9a858] Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 2 C:\Program Files (x86)\youtubeadblocker\WBQbopbgJWETv8.exe (Trojan.Agent) -> Delete on reboot. [24217683c7c2dc5ae0d8da2709f9a858] C:\Program Files (x86)\unisallEso\unisallEso.exe (Trojan.Agent) -> Delete on reboot. [d86da7526b1ea591bcfc49b82fd327d9] Physical Sectors Detected: 0 (No malicious items detected) (end) SYSTEM LOG: --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.08.2.1001 (c) Malwarebytes Corporation 2011-2012 OS version: 6.3.9200 Windows 8.1 x64 Account is Administrative Internet Explorer version: 11.0.9600.17498 File system is: NTFS Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED, F:\ DRIVE_FIXED CPU speed: 3.193000 GHz Memory total: 12824092672, free: 9420955648 Downloaded database version: v2015.01.19.09 Downloaded database version: v2015.01.14.01 Downloaded database version: v2014.12.06.01 ======================================= Initializing... ------------ Kernel report ------------ 01/19/2015 16:36:59 ------------ Loaded modules ----------- \SystemRoot\system32\ntoskrnl.exe \SystemRoot\system32\hal.dll \SystemRoot\system32\kd.dll \SystemRoot\system32\mcupdate_GenuineIntel.dll \SystemRoot\System32\drivers\werkernel.sys \SystemRoot\System32\drivers\CLFS.SYS \SystemRoot\System32\drivers\tm.sys \SystemRoot\system32\PSHED.dll \SystemRoot\system32\BOOTVID.dll \SystemRoot\system32\CI.dll \SystemRoot\System32\drivers\msrpc.sys \SystemRoot\system32\drivers\Wdf01000.sys \SystemRoot\system32\drivers\WDFLDR.SYS \SystemRoot\System32\Drivers\acpiex.sys \SystemRoot\System32\Drivers\WppRecorder.sys \SystemRoot\System32\drivers\ACPI.sys \SystemRoot\System32\drivers\WMILIB.SYS \SystemRoot\System32\Drivers\cng.sys \SystemRoot\System32\drivers\msisadrv.sys \SystemRoot\System32\drivers\pci.sys \SystemRoot\System32\drivers\vdrvroot.sys \SystemRoot\system32\drivers\pdc.sys \SystemRoot\System32\drivers\partmgr.sys \SystemRoot\system32\DRIVERS\excsd.sys \SystemRoot\System32\drivers\spaceport.sys \SystemRoot\System32\drivers\volmgr.sys \SystemRoot\System32\drivers\volmgrx.sys \SystemRoot\System32\drivers\mountmgr.sys \SystemRoot\System32\drivers\iaStorA.sys \SystemRoot\System32\drivers\storport.sys \SystemRoot\system32\drivers\fltmgr.sys \SystemRoot\System32\drivers\fileinfo.sys \SystemRoot\System32\Drivers\Wof.sys \SystemRoot\System32\Drivers\Ntfs.sys \SystemRoot\System32\Drivers\ksecdd.sys \SystemRoot\System32\drivers\pcw.sys \SystemRoot\System32\Drivers\Fs_Rec.sys \SystemRoot\system32\drivers\ndis.sys \SystemRoot\system32\drivers\NETIO.SYS \SystemRoot\System32\Drivers\ksecpkg.sys \SystemRoot\System32\drivers\tcpip.sys \SystemRoot\System32\drivers\fwpkclnt.sys \SystemRoot\system32\DRIVERS\wfplwfs.sys \SystemRoot\system32\DRIVERS\avgloga.sys \SystemRoot\system32\DRIVERS\avgmfx64.sys \SystemRoot\System32\DRIVERS\fvevol.sys \SystemRoot\system32\DRIVERS\avgidsha.sys \SystemRoot\System32\drivers\volsnap.sys \SystemRoot\System32\drivers\rdyboost.sys \SystemRoot\System32\Drivers\mup.sys \SystemRoot\System32\drivers\intelpep.sys \SystemRoot\System32\drivers\disk.sys \SystemRoot\System32\drivers\CLASSPNP.SYS \SystemRoot\system32\DRIVERS\avgrkx64.sys \SystemRoot\System32\Drivers\crashdmp.sys \SystemRoot\System32\drivers\cdrom.sys \SystemRoot\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys \SystemRoot\system32\DRIVERS\mwlPSDFilter.sys \SystemRoot\system32\DRIVERS\excfs.sys \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \SystemRoot\System32\drivers\BasicRender.sys \SystemRoot\System32\drivers\dxgkrnl.sys \SystemRoot\System32\drivers\watchdog.sys \SystemRoot\System32\drivers\dxgmms1.sys \SystemRoot\System32\drivers\BasicDisplay.sys \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\system32\DRIVERS\avgwfpa.sys \SystemRoot\system32\DRIVERS\tdx.sys \SystemRoot\system32\DRIVERS\TDI.SYS \SystemRoot\System32\DRIVERS\netbt.sys \SystemRoot\system32\drivers\afd.sys \SystemRoot\system32\DRIVERS\pacer.sys \SystemRoot\system32\DRIVERS\vwififlt.sys \SystemRoot\system32\DRIVERS\netbios.sys \SystemRoot\system32\DRIVERS\avgldx64.sys \SystemRoot\system32\DRIVERS\rdbss.sys \SystemRoot\system32\drivers\nsiproxy.sys \SystemRoot\System32\drivers\npsvctrig.sys \SystemRoot\system32\DRIVERS\mwlPSDVDisk.sys \SystemRoot\system32\DRIVERS\mwlPSDNServ.sys \SystemRoot\System32\drivers\mssmbios.sys \SystemRoot\System32\Drivers\dfsc.sys \SystemRoot\system32\DRIVERS\avgidsdrivera.sys \SystemRoot\system32\DRIVERS\ahcache.sys \SystemRoot\system32\DRIVERS\Neo_VPN.sys \SystemRoot\System32\drivers\CompositeBus.sys \SystemRoot\system32\DRIVERS\kdnic.sys \SystemRoot\System32\drivers\umbus.sys \SystemRoot\system32\DRIVERS\nvlddmkm.sys \SystemRoot\System32\drivers\HDAudBus.sys \SystemRoot\System32\drivers\USBXHCI.SYS \SystemRoot\System32\drivers\ucx01000.sys \SystemRoot\System32\drivers\HECIx64.sys \SystemRoot\system32\DRIVERS\e1c63x64.sys \SystemRoot\System32\drivers\usbehci.sys \SystemRoot\System32\drivers\USBPORT.SYS \SystemRoot\system32\DRIVERS\athw8x.sys \SystemRoot\System32\drivers\vwifibus.sys \SystemRoot\System32\drivers\intelppm.sys \SystemRoot\System32\drivers\wmiacpi.sys \SystemRoot\system32\drivers\nvvad64v.sys \SystemRoot\system32\drivers\portcls.sys \SystemRoot\system32\drivers\drmk.sys \SystemRoot\system32\drivers\ks.sys \SystemRoot\system32\drivers\ksthunk.sys \SystemRoot\System32\drivers\NdisVirtualBus.sys \SystemRoot\System32\drivers\swenum.sys \SystemRoot\System32\drivers\btath_bus.sys \SystemRoot\system32\drivers\LGBusEnum.sys \SystemRoot\System32\drivers\rdpbus.sys \SystemRoot\System32\drivers\usbhub.sys \SystemRoot\System32\drivers\USBD.SYS \SystemRoot\System32\drivers\UsbHub3.sys \SystemRoot\system32\drivers\nvhda64v.sys \SystemRoot\system32\drivers\RTKVHD64.sys \SystemRoot\System32\drivers\USBSTOR.SYS \SystemRoot\system32\DRIVERS\udfs.sys \SystemRoot\System32\drivers\usbccgp.sys \SystemRoot\System32\drivers\hidusb.sys \SystemRoot\System32\drivers\HIDCLASS.SYS \SystemRoot\System32\drivers\HIDPARSE.SYS \SystemRoot\System32\drivers\kbdhid.sys \SystemRoot\System32\drivers\kbdclass.sys \SystemRoot\system32\DRIVERS\LGSHidFilt.Sys \SystemRoot\System32\drivers\mouhid.sys \SystemRoot\System32\drivers\mouclass.sys \SystemRoot\system32\DRIVERS\btfilter.sys \SystemRoot\System32\Drivers\BTHUSB.sys \SystemRoot\System32\Drivers\bthport.sys \SystemRoot\System32\Drivers\RtsUStor.sys \SystemRoot\System32\drivers\BthLEEnum.sys \SystemRoot\System32\drivers\rfcomm.sys \SystemRoot\System32\drivers\BthEnum.sys \SystemRoot\System32\drivers\btath_rcp.sys \SystemRoot\system32\drivers\btath_avdt.sys \SystemRoot\system32\drivers\btath_a2dp.sys \SystemRoot\System32\drivers\btath_hcrp.sys \SystemRoot\system32\DRIVERS\btath_flt.sys \SystemRoot\system32\DRIVERS\btath_lwflt.sys \SystemRoot\System32\Drivers\fastfat.SYS \SystemRoot\System32\Drivers\dump_diskdump.sys \SystemRoot\System32\Drivers\dump_iaStorA.sys \SystemRoot\System32\Drivers\dump_dumpfve.sys \SystemRoot\System32\win32k.sys \SystemRoot\System32\drivers\monitor.sys \SystemRoot\System32\TSDDD.dll \SystemRoot\System32\ATMFD.DLL \SystemRoot\system32\drivers\luafv.sys \SystemRoot\system32\DRIVERS\lltdio.sys \SystemRoot\system32\DRIVERS\nwifi.sys \SystemRoot\system32\DRIVERS\ndisuio.sys \SystemRoot\system32\DRIVERS\rspndr.sys \SystemRoot\system32\drivers\HTTP.sys \SystemRoot\system32\DRIVERS\vwifimp.sys \SystemRoot\system32\DRIVERS\bowser.sys \SystemRoot\System32\drivers\mpsdrv.sys \SystemRoot\system32\DRIVERS\mrxsmb.sys \SystemRoot\system32\DRIVERS\mrxsmb20.sys \SystemRoot\system32\DRIVERS\mrxsmb10.sys \SystemRoot\system32\drivers\Ndu.sys \SystemRoot\system32\drivers\npf.sys \SystemRoot\system32\drivers\peauth.sys \SystemRoot\System32\Drivers\secdrv.SYS \SystemRoot\System32\DRIVERS\srvnet.sys \SystemRoot\System32\drivers\tcpipreg.sys \SystemRoot\System32\DRIVERS\srv2.sys \SystemRoot\System32\DRIVERS\srv.sys \SystemRoot\system32\DRIVERS\tunnel.sys \SystemRoot\system32\drivers\WudfPf.sys \SystemRoot\System32\drivers\WUDFRd.sys \SystemRoot\System32\drivers\WpdUpFltr.sys \SystemRoot\System32\drivers\condrv.sys \SystemRoot\system32\drivers\LGVirHid.sys \??\C:\Users\James\AppData\Local\Temp\fwlyruog.sys \SystemRoot\System32\cdd.dll \SystemRoot\system32\drivers\cm11264.sys \??\C:\WINDOWS\system32\drivers\mbamchameleon.sys \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys ----------- End ----------- Done! <<<1>>> Upper Device Name: \Device\Harddisk3\DR3 Upper Device Object: 0xffffe0006e755060 Upper Device Driver Name: \Driver\disk\ Lower Device Name: \Device\00000087\ Lower Device Object: 0xffffe0006e7346d0 Lower Device Driver Name: \Driver\USBSTOR\ <<<1>>> Upper Device Name: \Device\Harddisk2\DR2 Upper Device Object: 0xffffe00069d40060 Upper Device Driver Name: \Driver\disk\ Lower Device Name: \Device\0000003f\ Lower Device Object: 0xffffe000693b99e0 Lower Device Driver Name: \Driver\USBSTOR\ <<<1>>> Upper Device Name: \Device\Harddisk1\DR1 Upper Device Object: 0xffffe0006794d060 Upper Device Driver Name: \Driver\disk\ Lower Device Name: \Device\00000030\ Lower Device Object: 0xffffe000656a3060 Lower Device Driver Name: \Driver\iaStorA\ <<<1>>> Upper Device Name: \Device\Harddisk0\DR0 Upper Device Object: 0xffffe0006794f060 Upper Device Driver Name: \Driver\disk\ Lower Device Name: \Device\0000002f\ Lower Device Object: 0xffffe000656a54f0 Lower Device Driver Name: \Driver\iaStorA\ <<<2>>> Physical Sector Size: 512 Drive: 0, DevicePointer: 0xffffe0006794f060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\ --------- Disk Stack ------ DevicePointer: 0xffffe0006794fb20, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xffffe0006794e060, DeviceName: \Device\excsd0\, DriverName: \Driver\excsd\ DevicePointer: 0xffffe0006794f060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\ DevicePointer: 0xffffe000656a7e50, DeviceName: Unknown, DriverName: \Driver\ACPI\ DevicePointer: 0xffffe000656a54f0, DeviceName: \Device\0000002f\, DriverName: \Driver\iaStorA\ ------------ End ---------- Alternate DeviceName: \Device\excsd0\, DriverName: \Driver\excsd\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes <<<2>>> <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers... File "C:\Windows\System32\drivers\1394ohci.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\1394ohci.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\acpi.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\acpi.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\acpipagr.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\acpipagr.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\acpipmi.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\acpipmi.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\acpitime.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\acpitime.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\AGP440.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\AGP440.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\amdk8.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\amdk8.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\amdppm.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\amdppm.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\atapi.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\atapi.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\ataport.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\ataport.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\BasicRender.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\BasicRender.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\battc.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\battc.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\BtaMPM.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\BtaMPM.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\errdev.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\errdev.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\fdc.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\fdc.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\flpydisk.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\flpydisk.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\fxppm.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\fxppm.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\hdaudbus.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\hdaudbus.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\hidbatt.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\hidbatt.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\hidbth.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\hidbth.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\hidclass.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\hidclass.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\hidi2c.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\hidi2c.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\hidparse.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\hidparse.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\hidusb.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\hidusb.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\i8042prt.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\i8042prt.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\intelpep.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\intelpep.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\intelppm.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\intelppm.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\isapnp.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\isapnp.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\kbdclass.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\kbdclass.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\kbdhid.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\kbdhid.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\kdnic.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\kdnic.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\msgpiowin32.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\msgpiowin32.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\msisadrv.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\msisadrv.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\msiscsi.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\msiscsi.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\BasicDisplay.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\BasicDisplay.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\CmBatt.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\CmBatt.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\usbccgp.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\usbccgp.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\npsvctrig.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\npsvctrig.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\parport.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\parport.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\pci.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\pci.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\pciide.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\pciide.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\pciidex.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\pciidex.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\pcmcia.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\pcmcia.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\portcls.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\portcls.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\processr.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\processr.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\rdpbus.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\rdpbus.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\rfcomm.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\rfcomm.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\sbp2port.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\sbp2port.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\stornvme.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\stornvme.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\swenum.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\swenum.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\terminpt.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\terminpt.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\tpm.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\tpm.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\TsUsbGD.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\TsUsbGD.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\uaspstor.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\uaspstor.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\UCX01000.SYS" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\UCX01000.SYS" is compressed (flags = 1) File "C:\Windows\System32\drivers\uefi.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\uefi.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\umbus.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\umbus.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\umpass.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\umpass.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\USBAUDIO.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\USBAUDIO.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\usbcir.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\usbcir.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\usbd.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\usbd.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\usbehci.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\usbehci.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\usbhub.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\usbhub.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\USBHUB3.SYS" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\USBHUB3.SYS" is compressed (flags = 1) File "C:\Windows\System32\drivers\usbohci.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\usbohci.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\usbport.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\usbport.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\usbprint.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\usbprint.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\USBSTOR.SYS" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\USBSTOR.SYS" is compressed (flags = 1) File "C:\Windows\System32\drivers\usbuhci.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\usbuhci.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\USBXHCI.SYS" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\USBXHCI.SYS" is compressed (flags = 1) File "C:\Windows\System32\drivers\vdrvroot.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\vdrvroot.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\vhdmp.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\vhdmp.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\volmgr.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\volmgr.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\volsnap.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\volsnap.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\vwifibus.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\vwifibus.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\wacompen.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\wacompen.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\CompositeBus.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\CompositeBus.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\disk.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\disk.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\drmk.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\drmk.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\drmkaud.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\drmkaud.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\dumpsd.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\dumpsd.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\sdbus.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\sdbus.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\sdstor.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\sdstor.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\serenum.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\serenum.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\serial.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\serial.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\sermouse.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\sermouse.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\sfloppy.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\sfloppy.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\spaceport.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\spaceport.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\mssmbios.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\mssmbios.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\MTConfig.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\MTConfig.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\BthA2DP.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\BthA2DP.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\BthAvrcpTg.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\BthAvrcpTg.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\bthenum.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\bthenum.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\BthHfAud.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\BthHfAud.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\bthhfenum.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\bthhfenum.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\BthhfHid.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\BthhfHid.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\BthLEEnum.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\BthLEEnum.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\bthmodem.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\bthmodem.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\bthpan.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\bthpan.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\bthport.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\bthport.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\BTHUSB.SYS" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\BTHUSB.SYS" is compressed (flags = 1) File "C:\Windows\System32\drivers\cdrom.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\cdrom.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\circlass.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\circlass.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\winusb.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\winusb.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\wmiacpi.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\wmiacpi.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\monitor.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\monitor.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\mouclass.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\mouclass.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\mouhid.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\mouhid.sys" is compressed (flags = 1) Done! Drive 0 This is a System drive Scanning MBR on drive 0... Inspecting partition table: This drive is a GPT Drive. MBR Signature: 55AA Disk Signature: ED5D7F2A GPT Protective MBR Partition information: Partition 0 type is EFI-GPT (0xee) Partition is NOT ACTIVE. Partition starts at LBA: 1 Numsec = 4294967295 Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 GPT Partition information: GPT Header Signature 4546492050415254 GPT Header Revision 65536 Size 92 CRC 1850830184 GPT Header CurrentLba = 1 BackupLba 1953525167 GPT Header FirstUsableLba 34 LastUsableLba 1953525134 GPT Header Guid d95d28-636e-497a-9a2f-dbee4cfea1e GPT Header Contains 128 partition entries starting at LBA 2 GPT Header Partition entry size = 128 Backup GPT header Signature 4546492050415254 Backup GPT header Revision 65536 Size 92 CRC 1850830184 Backup GPT header CurrentLba = 1953525167 BackupLba 1 Backup GPT header FirstUsableLba 34 LastUsableLba 1953525134 Backup GPT header Guid d95d28-636e-497a-9a2f-dbee4cfea1e Backup GPT header Contains 128 partition entries starting at LBA 1953525135 Backup GPT header Partition entry size = 128 Partition 0 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac Partition ID 7913920c-c2f-4046-bf1a-d0ba823525b5 FirstLBA 2048 Last LBA 821247 Attributes 1 Partition Name Basic data partition Partition 1 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b Partition ID 51e99bbf-2c7f-4e8f-a84d-6fb27630d5f9 FirstLBA 821248 Last LBA 1435647 Attributes 0 Partition Name EFI system partition GPT Partition 1 is bootable Partition 2 Type e3c9e316-b5c-4db8-817d-f92df0215ae Partition ID 2535b8f8-f2d2-4b6c-a3bd-ff83ca672b27 FirstLBA 1435648 Last LBA 1697791 Attributes 0 Partition Name Microsoft reserved partition Partition 3 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7 Partition ID a6e64957-c180-442d-bcb4-dd75c1d01d7c FirstLBA 1697792 Last LBA 947714047 Attributes 0 Partition Name Basic data partition Partition 4 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7 Partition ID 74bb456a-66a0-4123-b283-208769eab4e9 FirstLBA 947714048 Last LBA 1894803455 Attributes 0 Partition Name Basic data partition Partition 5 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac Partition ID 42d6e897-e66f-4a6c-8eaf-cdada6f2399d FirstLBA 1894803456 Last LBA 1953523711 Attributes 1 Partition Name Basic data partition Disk Size: 1000204886016 bytes Sector size: 512 bytes Done! Physical Sector Size: 512 Drive: 1, DevicePointer: 0xffffe0006794d060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\ --------- Disk Stack ------ DevicePointer: 0xffffe0006794db20, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xffffe0006794e890, DeviceName: \Device\excsd1\, DriverName: \Driver\excsd\ DevicePointer: 0xffffe0006794d060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\ DevicePointer: 0xffffe000656a74b0, DeviceName: Unknown, DriverName: \Driver\ACPI\ DevicePointer: 0xffffe000656a3060, DeviceName: \Device\00000030\, DriverName: \Driver\iaStorA\ ------------ End ---------- Alternate DeviceName: \Device\excsd1\, DriverName: \Driver\excsd\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 Drive 1 Scanning MBR on drive 1... Inspecting partition table: MBR Signature: 55AA Disk Signature: 74F02DEA Partition information: Partition 0 type is Other (0x73) Partition is NOT ACTIVE. Partition starts at LBA: 2048 Numsec = 31275008 Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 16013942784 bytes Sector size: 512 bytes Done! Physical Sector Size: 512 Drive: 2, DevicePointer: 0xffffe00069d40060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\ --------- Disk Stack ------ DevicePointer: 0xffffe00069d7a040, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xffffe00069d40060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\ DevicePointer: 0xffffe000693b99e0, DeviceName: \Device\0000003f\, DriverName: \Driver\USBSTOR\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 Drive 2 Scanning MBR on drive 2... Inspecting partition table: MBR Signature: 55AA Disk Signature: AA89B90 Partition information: Partition 0 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 2048 Numsec = 1953519616 Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 1000204883968 bytes Sector size: 512 bytes Done! Physical Sector Size: 512 Drive: 3, DevicePointer: 0xffffe0006e755060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\disk\ --------- Disk Stack ------ DevicePointer: 0xffffe0006e755b20, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xffffe0006e755060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\disk\ DevicePointer: 0xffffe0006e7346d0, DeviceName: \Device\00000087\, DriverName: \Driver\USBSTOR\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\disk\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 Drive 3 Scanning MBR on drive 3... Inspecting partition table: MBR Signature: 55AA Disk Signature: 1FDBDAFA Partition information: Partition 0 type is Other (0xc) Partition is NOT ACTIVE. Partition starts at LBA: 2048 Numsec = 625135297 Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 320072933376 bytes Sector size: 512 bytes Done! File "c:\programdata\avg2013\chjw\d6bef6d2bef6aa5f.dat:c8d6cb1d-511a-470f-966c-d86011109a5e" is sparse (flags = 32768) Infected: C:\Program Files (x86)\youtubeadblocker\WBQbopbgJWETv8.exe --> [Trojan.Agent] Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4820778D-AB0D-6D18-C316-52A6A0E1D507} --> [Trojan.Agent] Infected: C:\Program Files (x86)\unisallEso\unisallEso.exe --> [Trojan.Agent] Scan finished Creating System Restore point... Cleaning up... Removal scheduling successful. System shutdown needed. System shutdown occurred ======================================= ADCLEANER: # AdwCleaner v4.108 - Report created 19/01/2015 at 17:24:02 # Updated 17/01/2015 by Xplode # Database : 2015-01-18.1 [Live] # Operating System : Windows 8.1 (64 bits) # Username : James - JAMES_CLARKE # Running from : C:\Users\James\Downloads\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\Ask Folder Deleted : C:\ProgramData\Babylon Folder Deleted : C:\ProgramData\SecTaskMan Folder Deleted : C:\ProgramData\Tarma Installer Folder Deleted : C:\ProgramData\ytd video downloader Folder Deleted : C:\ProgramData\5803272844216781096 Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader Folder Deleted : C:\Program Files (x86)\Application Updater Folder Deleted : C:\Program Files (x86)\Bench Folder Deleted : C:\Program Files (x86)\globalUpdate Folder Deleted : C:\Program Files (x86)\GreenTree Applications Folder Deleted : C:\Program Files (x86)\SoftwareUpdater Folder Deleted : C:\Program Files (x86)\tuguu sl Folder Deleted : C:\Program Files (x86)\YTD Toolbar Folder Deleted : C:\Program Files (x86)\Common Files\Spigot Folder Deleted : C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\Application Updater Folder Deleted : C:\Program Files\DomaIQ Uninstaller Folder Deleted : C:\Users\James\AppData\Local\globalUpdate Folder Deleted : C:\Users\James\AppData\Local\SecTaskMan Folder Deleted : C:\Users\James\AppData\Local\Slick Savings Folder Deleted : C:\Users\James\AppData\Local\CrashRpt Folder Deleted : C:\Users\James\AppData\LocalLow\Search Settings Folder Deleted : C:\Users\James\AppData\Roaming\Babylon Folder Deleted : C:\Users\James\AppData\Roaming\SendSpace Folder Deleted : C:\Users\James\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect ***** [ Scheduled Tasks ] ***** ***** [ Shortcuts ] ***** Shortcut Disinfected : C:\Users\James\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchSettings] Key Deleted : HKCU\Software\f57d7dcb069e546 Key Deleted : HKLM\SOFTWARE\f57d7dcb069e546 Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436A-86E4-9690573BEE8A} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99E29823-2F67-41C3-8AA5-6425097A771F} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F3FEE66E-E034-436A-86E4-9690573BEE8A} Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{F3FEE66E-E034-436A-86E4-9690573BEE8A}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{F3FEE66E-E034-436A-86E4-9690573BEE8A}] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436A-86E4-9690573BEE8A} Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}] Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{F3FEE66E-E034-436A-86E4-9690573BEE8A}] Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} Key Deleted : HKCU\Software\DataMngr Key Deleted : HKCU\Software\DataMngr_Toolbar Key Deleted : HKCU\Software\GlobalUpdate Key Deleted : HKCU\Software\Proxy Key Deleted : HKCU\Software\Search Settings Key Deleted : HKCU\Software\SmartBar Key Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9} Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings Key Deleted : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9} Key Deleted : HKLM\SOFTWARE\AdvertisingSupport Key Deleted : HKLM\SOFTWARE\Application Updater Key Deleted : HKLM\SOFTWARE\AVG Secure Search Key Deleted : HKLM\SOFTWARE\Babylon Key Deleted : HKLM\SOFTWARE\Bench Key Deleted : HKLM\SOFTWARE\DataMngr Key Deleted : HKLM\SOFTWARE\GlobalUpdate Key Deleted : HKLM\SOFTWARE\Proxy Key Deleted : HKLM\SOFTWARE\Search Settings Key Deleted : HKLM\SOFTWARE\SoftwareUpdater Key Deleted : HKLM\SOFTWARE\Vittalia Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DomaIQ Uninstaller Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdater Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7} Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6 Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852 Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9 Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0 Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467 Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96 Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59 Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044 Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17416 Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant] Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default] Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default] -\\ Google Chrome v39.0.2171.95 ************************* AdwCleaner[R0].txt - [10505 octets] - [19/01/2015 17:22:28] AdwCleaner[S0].txt - [8620 octets] - [19/01/2015 17:24:02] ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8680 octets] ########## [/QUOTE]
Insert quotes…
Verification
Post reply
Top