Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Been sluggish, had ads, keeps randomly clicking?


  • Please log in to reply
7 replies to this topic

#1 TNHawke

TNHawke

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:15 PM

Posted 06 August 2013 - 11:04 PM

I know just enough about computers to be dangerous...

I have a Dell Latitude D830 laptop that my brother put together for me last Christmas.  It recently occurred to me that I have no idea what AV he installed, or if it's just using what Windows comes with (which could be my problem right there).

I believe it's running on Windows 7, and I do let it do its updates on its own, daily, in the background.

 

The laptop has been sluggish and laggy as heck, and progressively getting worse over the past few months..  I haven't downloaded much of anything that I can recall, other than to save .jpg, .png and the occassional .gif to my external hard drive or desktop.  I play a couple of pixel pet games, but not much else, and I visit a few forums and web comics.  The lag is so bad that .gifs never play smoothly, and I've pretty much given up on watching any kind of youtube or vine videos.  Sometimes I can get smooth audio, but the video is always herky jerky at best, and everything often just stops.  Frequently, the audio and video aren't synced, the video lagging far behind the audio.

 

I use Firefox and have adblock plus on, it does a very good job most of the time.  A few weeks ago, I visited Craigslist and that was where I first noticed the ads from 'getsavin'. I right clicked and blocked everything from Getsavin.com.  I no longer saw the ads, but i would still have the line of text and sometimes a blank, white window- even on sites that are supposed to be completely ad free.

 

A friend advised me to look at the extensions on firefox and sure enough, there it was.  I used the remove button and got rid of the ads.  So that was one problem fixed.

 

However, the computer still runs extremely slowly, and it will randomly click when I haven't touched the mouse or touch pad.

 

To try to combat the slowness, I have run the Microsoft Security Essentials full scan, and it found nothing.  I installed and ran Spybot S&D, and it found nothing.  I have cleared temp files (a week or so ago, I forget now what method I used, advice for doing this again would be appreciated), and defragged.  Nothing seems to help.

The bootup isn't too long, but webpages tend to load slowly, and if I'm multi-tasking, which I usually am, I may have a website window up, a few IM windows open and either MS Paint, Open Office word documents, or Solitaire up.  Any of these may apparently randomly decide that it is "not responding", will often fade white, and sit there for a few seconds or minutes before continuing.

Additionally, the computer will randomly click where the arrow for the mouse is sitting, or will flip windows so that I'm looking at a different application than the one I'm trying to work on - this often happens while one is 'not responding'.  Sometimes when it does this random clicking, it will also highlight things.  It's not the mouse.  I unplugged it (*cough* and threw it across the room...) only to discover the issue continuing.  Sometimes it happens just once or twice an hour, and other times it's virtually impossible to type anything because it keeps clicking outside the dialog box, or back into the middle of my sentence or won't actually click into the dialog box so I can type anything.

Of course, it's not doing any of this right now, but yesterday morning it was so bad with clicking elsewhere and highlighting things that I had to force a reboot (held the power button until it shut down)

With the lagging... I type, on average, probably 50wpm, often less, as I pause to think, but sometimes upwards of 80wpm if I'm on a roll.  Frequently - and even as I'm typing here, I have to wait for the computer to catch up to me.  This is no good for an aspiring novelist!

 

After asking for some help from one of the forums I frequent, I got rid of the ads - as far as I know.  And, I was pointed over here for further help.  Based on another thread where someone was having ad problems, I have now installed and run Malware Bytes.  It found nothing, but I kept the log.

I have installed and run TDSSkiller.  It found nothing, and again, I kept the log.

And finally, I installed and ran ESET.  It found two things, but the log means jack diddly to me, so I haven't removed anything, but I did keep the log

 

So, I can post those logs if asked to, or I'm willing to install, scan, post logs whatever of what ever else may help.

 

Thank you in advance.


Edited by TNHawke, 07 August 2013 - 12:36 AM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:15 AM

Posted 11 August 2013 - 09:11 PM

Hello, please post the ESEt log.

Lets run these


Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


In case you ran it differently..
Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.



Please download AdwCleaner by Xplode onto your desktop.
Close all open programs and internet browsers.
Double click on adwcleaner.exe to run the tool.
Click on Delete.
Confirm each time with Ok.
You will be prompted to restart your computer. A text file will open after the restart.
Please post the contents of that logfile with your next reply.
You can find the logfile at C:\AdwCleaner[S1].txt as well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 TNHawke

TNHawke
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:15 PM

Posted 18 August 2013 - 07:08 PM

Ok.  I'm back from house sitting and can now get back to work on trying to fix this poor machine.  Thank you very much for your reply.

 

1st - ESET from August 6th

C:\Users\CJ\AppData\Local\getsavin\ie\getsavin_1364004601.dll    a variant of Win32/Adware.CouponAmazing.A application
C:\Users\CJ\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\7ff8dfd3-10e0f2d0    a variant of Java/JShrink.A application
 

 

Next Mini toolbox

MiniToolBox by Farbar  Version: 13-07-2013
Ran by CJ (administrator) on 18-08-2013 at 17:25:48
Running from "C:\Users\CJ\Desktop"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Dell Wireless 1390 WLAN Mini-Card = Wireless Network Connection (Connected)
Broadcom NetXtreme 57xx Gigabit Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : cjlaptop
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom NetXtreme 57xx Gigabit Controller
   Physical Address. . . . . . . . . : 00-1C-23-89-FC-AC
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Dell Wireless 1390 WLAN Mini-Card
   Physical Address. . . . . . . . . : 00-1B-FC-CA-7A-B5
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::95ad:7474:3fbf:15ff%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.3(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, August 18, 2013 11:30:51 AM
   Lease Expires . . . . . . . . . . : Sunday, August 18, 2013 6:01:31 PM
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 184556540
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-69-57-EA-00-1C-23-89-FC-AC
   DNS Servers . . . . . . . . . . . : 24.116.0.53
                                       24.116.2.50
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{8A5BA9EE-47C8-4DFB-B166-58C1189F1F35}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:3059:77c:5181:58c0(Preferred)
   Link-local IPv6 Address . . . . . : fe80::3059:77c:5181:58c0%13(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  c1dns.cableone.net
Address:  24.116.0.53

Name:    google.com
Addresses:  2001:4860:4007:801::1007
      74.125.224.201
      74.125.224.194
      74.125.224.193
      74.125.224.200
      74.125.224.196
      74.125.224.199
      74.125.224.195
      74.125.224.192
      74.125.224.197
      74.125.224.198
      74.125.224.206


Pinging google.com [74.125.224.199] with 32 bytes of data:
Reply from 74.125.224.199: bytes=32 time=53ms TTL=52
Reply from 74.125.224.199: bytes=32 time=49ms TTL=52

Ping statistics for 74.125.224.199:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 49ms, Maximum = 53ms, Average = 51ms
Server:  c1dns.cableone.net
Address:  24.116.0.53

Name:    yahoo.com
Addresses:  98.139.183.24
      206.190.36.45
      98.138.253.109


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=98ms TTL=51
Reply from 98.138.253.109: bytes=32 time=96ms TTL=51

Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 96ms, Maximum = 98ms, Average = 97ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 1ms, Average = 0ms
===========================================================================
Interface List
 12...00 1c 23 89 fc ac ......Broadcom NetXtreme 57xx Gigabit Controller
 11...00 1b fc ca 7a b5 ......Dell Wireless 1390 WLAN Mini-Card
  1...........................Software Loopback Interface 1
 15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1      192.168.0.3     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link       192.168.0.3    281
      192.168.0.3  255.255.255.255         On-link       192.168.0.3    281
    192.168.0.255  255.255.255.255         On-link       192.168.0.3    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.0.3    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.0.3    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 13     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 13     58 2001::/32                On-link
 13    306 2001:0:9d38:6abd:3059:77c:5181:58c0/128
                                    On-link
 11    281 fe80::/64                On-link
 13    306 fe80::/64                On-link
 13    306 fe80::3059:77c:5181:58c0/128
                                    On-link
 11    281 fe80::95ad:7474:3fbf:15ff/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    306 ff00::/8                 On-link
 11    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/18/2013 05:19:53 PM) (Source: Application Hang) (User: )
Description: The program MiniToolBox.exe version 3.3.8.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 640

Start Time: 01ce9c68ed86ca93

Termination Time: 78

Application Path: C:\Users\CJ\Desktop\MiniToolBox.exe

Report Id:

Error: (08/18/2013 11:31:10 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/17/2013 10:06:47 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/17/2013 08:00:34 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/17/2013 10:46:25 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/16/2013 06:53:06 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/16/2013 09:20:06 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/15/2013 07:34:47 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/15/2013 08:34:08 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/14/2013 07:18:20 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (08/18/2013 11:29:31 AM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (08/17/2013 11:58:59 PM) (Source: Microsoft-Windows-HAL) (User: )
Description: The platform firmware has corrupted memory across the previous system power transition.  Please check for updated firmware for your system.

Error: (08/17/2013 07:59:56 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 11:50:48 AM on ?8/?17/?2013 was unexpected.

Error: (08/15/2013 07:33:10 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (08/15/2013 10:47:50 AM) (Source: Microsoft-Windows-HAL) (User: )
Description: The platform firmware has corrupted memory across the previous system power transition.  Please check for updated firmware for your system.

Error: (08/15/2013 10:47:35 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (08/15/2013 10:47:33 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (08/14/2013 09:43:10 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (08/14/2013 09:43:10 AM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (08/14/2013 00:20:16 AM) (Source: Microsoft-Windows-HAL) (User: )
Description: The platform firmware has corrupted memory across the previous system power transition.  Please check for updated firmware for your system.


Microsoft Office Sessions:
=========================
Error: (08/18/2013 05:19:53 PM) (Source: Application Hang)(User: )
Description: MiniToolBox.exe3.3.8.164001ce9c68ed86ca9378C:\Users\CJ\Desktop\MiniToolBox.exe

Error: (08/18/2013 11:31:10 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/17/2013 10:06:47 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/17/2013 08:00:34 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/17/2013 10:46:25 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/16/2013 06:53:06 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/16/2013 09:20:06 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/15/2013 07:34:47 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/15/2013 08:34:08 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/14/2013 07:18:20 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 7.2.8)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Reader XI (11.0.03) (Version: 11.0.03)
AIM 7
AIM for Windows
AVG Security Toolbar (Version: 15.5.0.2)
BufferChm (Version: 140.0.212.000)
Copy (Version: 140.0.212.000)
Coupon Printer for Windows (Version: 5.0.0.0)
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition
Destinations (Version: 140.0.77.000)
DeviceDiscovery (Version: 140.0.212.000)
DJ_AIO_06_F4500_SW_MIN (Version: 140.0.690.000)
Download Updater (AOL Inc.)
ESET Online Scanner v3
F4500 (Version: 140.0.690.000)
Free Spider Solitaire 2012 v3.0
GetSavin (Version: 1.1364004616)
HP Deskjet F4500 All-in-One Driver Software 14.0 Rel. 6 (Version: 14.0)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP Photo Creations (Version: 1.0.0.2024)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Update (Version: 5.005.000.002)
HPDiagnosticAlert (Version: 1.00.0000)
HPPhotoGadget (Version: 140.0.524.000)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
KeyNote 1.6.5
MagicDisc 2.7.106
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Access MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft DCF MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Excel MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Groove MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Lync MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office 64-bit Components 2013 (Version: 15.0.4420.1017)
Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017)
Microsoft Office Proofing (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4420.1017)
Microsoft Office Shared 64-bit MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft OneNote MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Outlook MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Publisher MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Security Client (Version: 4.2.0223.1)
Microsoft Security Essentials (Version: 4.2.223.1)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Word MUI (English) 2013 (Version: 15.0.4420.1017)
Mozilla Firefox 18.0.2 (x86 en-US) (Version: 18.0.2)
Mozilla Maintenance Service (Version: 18.0.2)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Network64 (Version: 140.0.215.000)
Network64 (Version: 140.0.221.000)
NTI Backup Now EZ (Version: 2.5.2.56)
NVIDIA 3D Vision Driver 310.70 (Version: 310.70)
NVIDIA Control Panel 310.70 (Version: 310.70)
NVIDIA Graphics Driver 310.70 (Version: 310.70)
NVIDIA Install Application (Version: 2.1002.95.599)
NVIDIA nView 136.53 (Version: 136.53)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.1070)
OpenOffice.org 3.4.1 (Version: 3.41.9593)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017)
Scan (Version: 140.0.80.000)
SmartWebPrinting (Version: 140.0.186.000)
Spybot - Search & Destroy (Version: 2.1.21)
Status (Version: 140.0.212.000)
Toolbox (Version: 140.0.428.000)
TrayApp (Version: 140.0.212.000)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft Access 2013 (KB2760350) 32-Bit Edition
Update for Microsoft Excel 2013 (KB2760339) 32-Bit Edition
Update for Microsoft Lync 2013 (KB2768004) 32-Bit Edition
Update for Microsoft Office 2013 (KB2726954) 32-Bit Edition
Update for Microsoft Office 2013 (KB2726961) 32-Bit Edition
Update for Microsoft Office 2013 (KB2726996) 32-Bit Edition
Update for Microsoft Office 2013 (KB2737954) 32-Bit Edition
Update for Microsoft Office 2013 (KB2752025) 32-Bit Edition
Update for Microsoft Office 2013 (KB2752094) 32-Bit Edition
Update for Microsoft Office 2013 (KB2752101) 32-Bit Edition
Update for Microsoft Office 2013 (KB2760224) 32-Bit Edition
Update for Microsoft Office 2013 (KB2760538) 32-Bit Edition
Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition
Update for Microsoft Office 2013 (KB2767845) 32-Bit Edition
Update for Microsoft Office 2013 (KB2767860) 32-Bit Edition
Update for Microsoft Office 2013 (KB2768016) 32-Bit Edition
Update for Microsoft Office 2013 (KB2810010) 32-Bit Edition
Update for Microsoft Office 2013 (KB2810014) 32-Bit Edition
Update for Microsoft Office 2013 (KB2810017) 32-Bit Edition
Update for Microsoft Office 2013 (KB2810018) 32-Bit Edition
Update for Microsoft Office 2013 (KB2817320) 32-Bit Edition
Update for Microsoft OneNote 2013 (KB2760334) 32-Bit Edition
Update for Microsoft Outlook 2013 (KB2810015) 32-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2726947) 32-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2727013) 32-Bit Edition
Update for Microsoft SkyDrive Pro (KB2767865) 32-Bit Edition
Update for Microsoft SkyDrive Pro (KB2810019) 32-Bit Edition
Update for Microsoft Visio 2013 (KB2810008) 32-Bit Edition
Update for Microsoft Visio Viewer 2013 (KB2768338) 32-Bit Edition
Update for Microsoft Word 2013 (KB2768007) 32-Bit Edition
Update for Microsoft Word 2013 (KB2768337) 32-Bit Edition
WebReg (Version: 140.0.212.017)
WinZip 17.0 (Version: 17.0.10283)

========================= Memory info: ===================================

Percentage of memory in use: 31%
Total physical RAM: 4093.96 MB
Available physical RAM: 2791.05 MB
Total Pagefile: 8186.11 MB
Available Pagefile: 6742 MB
Total Virtual: 4095.88 MB
Available Virtual: 3982.95 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:111.69 GB) (Free:75.89 GB) NTFS
2 Drive d: (PHOTOS) (CDROM) (Total:0.55 GB) (Free:0 GB) UDF
3 Drive f: (TOSHIBA EXT) (Fixed) (Total:465.76 GB) (Free:407.63 GB) NTFS

========================= Users: ========================================

User accounts for \\CJLAPTOP

Administrator            CJ                       Guest                    


**** End of log ****
 

 

 

Now TDSSkiller - run on 8-18

17:47:50.0172 0x1370  TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29
17:47:51.0716 0x1370  ============================================================
17:47:51.0716 0x1370  Current date / time: 2013/08/18 17:47:51.0716
17:47:51.0716 0x1370  SystemInfo:
17:47:51.0732 0x1370  
17:47:51.0732 0x1370  OS Version: 6.1.7601 ServicePack: 1.0
17:47:51.0732 0x1370  Product type: Workstation
17:47:51.0732 0x1370  ComputerName: CJLAPTOP
17:47:51.0732 0x1370  UserName: CJ
17:47:51.0732 0x1370  Windows directory: C:\Windows
17:47:51.0732 0x1370  System windows directory: C:\Windows
17:47:51.0732 0x1370  Running under WOW64
17:47:51.0732 0x1370  Processor architecture: Intel x64
17:47:51.0732 0x1370  Number of processors: 2
17:47:51.0732 0x1370  Page size: 0x1000
17:47:51.0732 0x1370  Boot type: Normal boot
17:47:51.0732 0x1370  ============================================================
17:47:56.0942 0x1370  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:47:59.0813 0x1370  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:47:59.0828 0x1370  ============================================================
17:47:59.0828 0x1370  \Device\Harddisk0\DR0:
17:47:59.0875 0x1370  MBR partitions:
17:47:59.0875 0x1370  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:47:59.0875 0x1370  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61800
17:47:59.0875 0x1370  \Device\Harddisk1\DR1:
17:47:59.0875 0x1370  MBR partitions:
17:47:59.0875 0x1370  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385030
17:47:59.0875 0x1370  ============================================================
17:47:59.0906 0x1370  C: <-> \Device\Harddisk0\DR0\Partition2
17:48:00.0016 0x1370  F: <-> \Device\Harddisk1\DR1\Partition1
17:48:00.0016 0x1370  ============================================================
17:48:00.0016 0x1370  Initialize success
17:48:00.0016 0x1370  ============================================================
17:48:08.0081 0x13e0  ============================================================
17:48:08.0081 0x13e0  Scan started
17:48:08.0081 0x13e0  Mode: Manual;
17:48:08.0081 0x13e0  ============================================================
17:48:09.0968 0x13e0  ================ Scan system memory ========================
17:48:09.0968 0x13e0  System memory - ok
17:48:10.0000 0x13e0  ================ Scan services =============================
17:48:10.0421 0x13e0  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
17:48:10.0436 0x13e0  1394ohci - ok
17:48:10.0608 0x13e0  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
17:48:10.0639 0x13e0  ACPI - ok
17:48:10.0795 0x13e0  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
17:48:10.0858 0x13e0  AcpiPmi - ok
17:48:11.0045 0x13e0  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:48:11.0123 0x13e0  AdobeARMservice - ok
17:48:11.0435 0x13e0  [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:48:11.0450 0x13e0  AdobeFlashPlayerUpdateSvc - ok
17:48:11.0653 0x13e0  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
17:48:11.0716 0x13e0  adp94xx - ok
17:48:11.0856 0x13e0  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
17:48:11.0934 0x13e0  adpahci - ok
17:48:12.0106 0x13e0  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
17:48:12.0152 0x13e0  adpu320 - ok
17:48:12.0324 0x13e0  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
17:48:12.0340 0x13e0  AeLookupSvc - ok
17:48:12.0511 0x13e0  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
17:48:12.0542 0x13e0  AFD - ok
17:48:12.0636 0x13e0  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
17:48:12.0714 0x13e0  agp440 - ok
17:48:12.0823 0x13e0  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
17:48:12.0854 0x13e0  ALG - ok
17:48:13.0026 0x13e0  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
17:48:13.0088 0x13e0  aliide - ok
17:48:13.0151 0x13e0  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
17:48:13.0354 0x13e0  amdide - ok
17:48:13.0572 0x13e0  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
17:48:13.0603 0x13e0  AmdK8 - ok
17:48:13.0697 0x13e0  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
17:48:13.0775 0x13e0  AmdPPM - ok
17:48:13.0884 0x13e0  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
17:48:13.0931 0x13e0  amdsata - ok
17:48:14.0009 0x13e0  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
17:48:14.0118 0x13e0  amdsbs - ok
17:48:14.0196 0x13e0  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
17:48:14.0274 0x13e0  amdxata - ok
17:48:14.0399 0x13e0  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
17:48:14.0446 0x13e0  AppID - ok
17:48:14.0508 0x13e0  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
17:48:14.0633 0x13e0  AppIDSvc - ok
17:48:14.0726 0x13e0  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
17:48:14.0742 0x13e0  Appinfo - ok
17:48:14.0914 0x13e0  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
17:48:14.0976 0x13e0  AppMgmt - ok
17:48:15.0116 0x13e0  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
17:48:15.0163 0x13e0  arc - ok
17:48:15.0288 0x13e0  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
17:48:15.0319 0x13e0  arcsas - ok
17:48:15.0413 0x13e0  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:48:15.0475 0x13e0  AsyncMac - ok
17:48:15.0569 0x13e0  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
17:48:15.0584 0x13e0  atapi - ok
17:48:15.0803 0x13e0  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:48:15.0928 0x13e0  AudioEndpointBuilder - ok
17:48:16.0052 0x13e0  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
17:48:16.0208 0x13e0  AudioSrv - ok
17:48:16.0349 0x13e0  [ E647C4315F36756DF5FA38BDEB51F224 ] avgtp           C:\Windows\system32\drivers\avgtpx64.sys
17:48:16.0458 0x13e0  avgtp - ok
17:48:16.0536 0x13e0  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
17:48:16.0598 0x13e0  AxInstSV - ok
17:48:16.0801 0x13e0  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
17:48:16.0864 0x13e0  b06bdrv - ok
17:48:17.0004 0x13e0  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
17:48:17.0051 0x13e0  b57nd60a - ok
17:48:17.0363 0x13e0  [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
17:48:17.0472 0x13e0  BCM43XX - ok
17:48:17.0675 0x13e0  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
17:48:17.0722 0x13e0  BDESVC - ok
17:48:17.0800 0x13e0  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:48:17.0924 0x13e0  Beep - ok
17:48:18.0127 0x13e0  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
17:48:18.0190 0x13e0  BFE - ok
17:48:18.0408 0x13e0  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
17:48:18.0502 0x13e0  BITS - ok
17:48:18.0673 0x13e0  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
17:48:18.0673 0x13e0  blbdrive - ok
17:48:18.0798 0x13e0  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:48:18.0860 0x13e0  bowser - ok
17:48:18.0923 0x13e0  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
17:48:19.0016 0x13e0  BrFiltLo - ok
17:48:19.0110 0x13e0  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
17:48:19.0188 0x13e0  BrFiltUp - ok
17:48:19.0453 0x13e0  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
17:48:19.0484 0x13e0  Browser - ok
17:48:19.0578 0x13e0  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
17:48:19.0656 0x13e0  Brserid - ok
17:48:19.0781 0x13e0  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
17:48:19.0812 0x13e0  BrSerWdm - ok
17:48:19.0921 0x13e0  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
17:48:20.0015 0x13e0  BrUsbMdm - ok
17:48:20.0108 0x13e0  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
17:48:20.0155 0x13e0  BrUsbSer - ok
17:48:20.0296 0x13e0  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
17:48:20.0327 0x13e0  BTHMODEM - ok
17:48:20.0436 0x13e0  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
17:48:20.0576 0x13e0  bthserv - ok
17:48:20.0686 0x13e0  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:48:20.0732 0x13e0  cdfs - ok
17:48:20.0826 0x13e0  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
17:48:20.0904 0x13e0  cdrom - ok
17:48:20.0998 0x13e0  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
17:48:21.0076 0x13e0  CertPropSvc - ok
17:48:21.0200 0x13e0  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
17:48:21.0216 0x13e0  circlass - ok
17:48:21.0372 0x13e0  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
17:48:21.0403 0x13e0  CLFS - ok
17:48:21.0512 0x13e0  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:48:21.0559 0x13e0  clr_optimization_v2.0.50727_32 - ok
17:48:21.0653 0x13e0  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:48:21.0668 0x13e0  clr_optimization_v2.0.50727_64 - ok
17:48:21.0824 0x13e0  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:48:21.0856 0x13e0  clr_optimization_v4.0.30319_32 - ok
17:48:21.0949 0x13e0  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:48:21.0965 0x13e0  clr_optimization_v4.0.30319_64 - ok
17:48:22.0058 0x13e0  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
17:48:22.0121 0x13e0  CmBatt - ok
17:48:22.0168 0x13e0  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
17:48:22.0183 0x13e0  cmdide - ok
17:48:22.0308 0x13e0  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
17:48:22.0355 0x13e0  CNG - ok
17:48:22.0464 0x13e0  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
17:48:22.0480 0x13e0  Compbatt - ok
17:48:22.0526 0x13e0  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
17:48:22.0542 0x13e0  CompositeBus - ok
17:48:22.0620 0x13e0  COMSysApp - ok
17:48:22.0698 0x13e0  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
17:48:22.0714 0x13e0  crcdisk - ok
17:48:22.0870 0x13e0  [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:48:23.0182 0x13e0  CryptSvc - ok
17:48:23.0322 0x13e0  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
17:48:23.0353 0x13e0  CSC - ok
17:48:23.0478 0x13e0  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
17:48:23.0525 0x13e0  CscService - ok
17:48:23.0650 0x13e0  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:48:23.0696 0x13e0  DcomLaunch - ok
17:48:23.0790 0x13e0  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
17:48:23.0821 0x13e0  defragsvc - ok
17:48:23.0884 0x13e0  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:48:23.0915 0x13e0  DfsC - ok
17:48:24.0040 0x13e0  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
17:48:24.0071 0x13e0  Dhcp - ok
17:48:24.0164 0x13e0  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
17:48:24.0164 0x13e0  discache - ok
17:48:24.0274 0x13e0  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
17:48:24.0320 0x13e0  Disk - ok
17:48:24.0414 0x13e0  [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
17:48:24.0430 0x13e0  dmvsc - ok
17:48:24.0539 0x13e0  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:48:24.0586 0x13e0  Dnscache - ok
17:48:24.0679 0x13e0  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
17:48:24.0710 0x13e0  dot3svc - ok
17:48:24.0820 0x13e0  [ B42ED0320C6E41102FDE0005154849BB ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
17:48:24.0851 0x13e0  Dot4 - ok
17:48:24.0929 0x13e0  [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
17:48:24.0944 0x13e0  Dot4Print - ok
17:48:25.0022 0x13e0  [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
17:48:25.0038 0x13e0  dot4usb - ok
17:48:25.0163 0x13e0  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
17:48:25.0194 0x13e0  DPS - ok
17:48:25.0288 0x13e0  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
17:48:25.0319 0x13e0  drmkaud - ok
17:48:25.0522 0x13e0  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
17:48:25.0584 0x13e0  DXGKrnl - ok
17:48:25.0693 0x13e0  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
17:48:25.0740 0x13e0  EapHost - ok
17:48:26.0099 0x13e0  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
17:48:26.0364 0x13e0  ebdrv - ok
17:48:26.0504 0x13e0  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
17:48:26.0520 0x13e0  EFS - ok
17:48:26.0660 0x13e0  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
17:48:26.0707 0x13e0  ehRecvr - ok
17:48:26.0770 0x13e0  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
17:48:26.0801 0x13e0  ehSched - ok
17:48:26.0957 0x13e0  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
17:48:27.0035 0x13e0  elxstor - ok
17:48:27.0097 0x13e0  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
17:48:27.0113 0x13e0  ErrDev - ok
17:48:27.0331 0x13e0  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
17:48:27.0362 0x13e0  EventSystem - ok
17:48:27.0456 0x13e0  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
17:48:27.0518 0x13e0  exfat - ok
17:48:27.0596 0x13e0  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
17:48:27.0612 0x13e0  fastfat - ok
17:48:27.0737 0x13e0  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
17:48:27.0784 0x13e0  Fax - ok
17:48:27.0862 0x13e0  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
17:48:27.0862 0x13e0  fdc - ok
17:48:27.0971 0x13e0  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
17:48:27.0971 0x13e0  fdPHost - ok
17:48:28.0080 0x13e0  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
17:48:28.0127 0x13e0  FDResPub - ok
17:48:28.0205 0x13e0  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:48:28.0205 0x13e0  FileInfo - ok
17:48:28.0298 0x13e0  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
17:48:28.0314 0x13e0  Filetrace - ok
17:48:28.0361 0x13e0  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
17:48:28.0392 0x13e0  flpydisk - ok
17:48:28.0470 0x13e0  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:48:28.0501 0x13e0  FltMgr - ok
17:48:28.0657 0x13e0  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
17:48:28.0782 0x13e0  FontCache - ok
17:48:28.0876 0x13e0  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:48:28.0876 0x13e0  FontCache3.0.0.0 - ok
17:48:28.0954 0x13e0  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
17:48:28.0985 0x13e0  FsDepends - ok
17:48:29.0032 0x13e0  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:48:29.0078 0x13e0  Fs_Rec - ok
17:48:29.0172 0x13e0  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
17:48:29.0188 0x13e0  fvevol - ok
17:48:29.0281 0x13e0  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
17:48:29.0297 0x13e0  gagp30kx - ok
17:48:29.0453 0x13e0  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
17:48:29.0515 0x13e0  gpsvc - ok
17:48:29.0593 0x13e0  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
17:48:29.0609 0x13e0  hcw85cir - ok
17:48:29.0718 0x13e0  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:48:29.0749 0x13e0  HdAudAddService - ok
17:48:29.0827 0x13e0  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
17:48:29.0843 0x13e0  HDAudBus - ok
17:48:29.0905 0x13e0  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
17:48:29.0921 0x13e0  HidBatt - ok
17:48:30.0014 0x13e0  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
17:48:30.0030 0x13e0  HidBth - ok
17:48:30.0092 0x13e0  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
17:48:30.0124 0x13e0  HidIr - ok
17:48:30.0202 0x13e0  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
17:48:30.0217 0x13e0  hidserv - ok
17:48:30.0295 0x13e0  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
17:48:30.0295 0x13e0  HidUsb - ok
17:48:30.0373 0x13e0  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:48:30.0467 0x13e0  hkmsvc - ok
17:48:30.0576 0x13e0  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:48:30.0607 0x13e0  HomeGroupListener - ok
17:48:30.0732 0x13e0  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:48:30.0763 0x13e0  HomeGroupProvider - ok
17:48:30.0904 0x13e0  [ 5DA42D24712E00728CEA2342A65009B2 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
17:48:30.0935 0x13e0  hpqcxs08 - ok
17:48:30.0997 0x13e0  [ D86A39BF100069444D026D22D9A6E555 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
17:48:31.0824 0x13e0  hpqddsvc - ok
17:48:31.0949 0x13e0  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
17:48:31.0980 0x13e0  HpSAMD - ok
17:48:32.0167 0x13e0  [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
17:48:32.0230 0x13e0  HPSLPSVC - ok
17:48:32.0370 0x13e0  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:48:32.0417 0x13e0  HTTP - ok
17:48:32.0479 0x13e0  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
17:48:32.0495 0x13e0  hwpolicy - ok
17:48:32.0573 0x13e0  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
17:48:32.0635 0x13e0  i8042prt - ok
17:48:32.0760 0x13e0  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
17:48:32.0791 0x13e0  iaStorV - ok
17:48:32.0932 0x13e0  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:48:32.0994 0x13e0  idsvc - ok
17:48:33.0103 0x13e0  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
17:48:33.0119 0x13e0  iirsp - ok
17:48:33.0322 0x13e0  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
17:48:33.0384 0x13e0  IKEEXT - ok
17:48:33.0462 0x13e0  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
17:48:33.0478 0x13e0  intelide - ok
17:48:33.0571 0x13e0  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
17:48:33.0571 0x13e0  intelppm - ok
17:48:33.0649 0x13e0  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
17:48:33.0680 0x13e0  IPBusEnum - ok
17:48:33.0790 0x13e0  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:48:33.0821 0x13e0  IpFilterDriver - ok
17:48:33.0930 0x13e0  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:48:33.0992 0x13e0  iphlpsvc - ok
17:48:34.0070 0x13e0  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
17:48:34.0086 0x13e0  IPMIDRV - ok
17:48:34.0164 0x13e0  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
17:48:34.0180 0x13e0  IPNAT - ok
17:48:34.0289 0x13e0  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:48:34.0304 0x13e0  IRENUM - ok
17:48:34.0367 0x13e0  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:48:34.0382 0x13e0  isapnp - ok
17:48:34.0507 0x13e0  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
17:48:34.0538 0x13e0  iScsiPrt - ok
17:48:34.0632 0x13e0  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
17:48:34.0648 0x13e0  kbdclass - ok
17:48:34.0694 0x13e0  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
17:48:34.0710 0x13e0  kbdhid - ok
17:48:34.0788 0x13e0  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
17:48:34.0804 0x13e0  KeyIso - ok
17:48:34.0866 0x13e0  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:48:34.0882 0x13e0  KSecDD - ok
17:48:34.0960 0x13e0  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
17:48:34.0991 0x13e0  KSecPkg - ok
17:48:35.0131 0x13e0  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
17:48:35.0131 0x13e0  ksthunk - ok
17:48:35.0241 0x13e0  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
17:48:35.0287 0x13e0  KtmRm - ok
17:48:35.0381 0x13e0  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
17:48:35.0428 0x13e0  LanmanServer - ok
17:48:35.0521 0x13e0  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:48:35.0584 0x13e0  LanmanWorkstation - ok
17:48:35.0709 0x13e0  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:48:35.0740 0x13e0  lltdio - ok
17:48:35.0833 0x13e0  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
17:48:35.0896 0x13e0  lltdsvc - ok
17:48:35.0958 0x13e0  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
17:48:35.0989 0x13e0  lmhosts - ok
17:48:36.0114 0x13e0  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
17:48:36.0177 0x13e0  LSI_FC - ok
17:48:36.0270 0x13e0  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
17:48:36.0317 0x13e0  LSI_SAS - ok
17:48:36.0395 0x13e0  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
17:48:36.0395 0x13e0  LSI_SAS2 - ok
17:48:36.0489 0x13e0  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
17:48:36.0504 0x13e0  LSI_SCSI - ok
17:48:36.0598 0x13e0  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
17:48:36.0613 0x13e0  luafv - ok
17:48:36.0707 0x13e0  [ 79D51E7F5926E8CE1B3EBECEBAE28CFF ] mcdbus          C:\Windows\system32\DRIVERS\mcdbus.sys
17:48:36.0879 0x13e0  mcdbus - ok
17:48:36.0957 0x13e0  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
17:48:36.0988 0x13e0  Mcx2Svc - ok
17:48:37.0066 0x13e0  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
17:48:37.0113 0x13e0  megasas - ok
17:48:37.0222 0x13e0  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
17:48:37.0253 0x13e0  MegaSR - ok
17:48:37.0362 0x13e0  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
17:48:37.0378 0x13e0  MMCSS - ok
17:48:37.0440 0x13e0  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
17:48:37.0456 0x13e0  Modem - ok
17:48:37.0565 0x13e0  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
17:48:37.0581 0x13e0  monitor - ok
17:48:37.0643 0x13e0  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
17:48:37.0643 0x13e0  mouclass - ok
17:48:37.0705 0x13e0  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
17:48:37.0721 0x13e0  mouhid - ok
17:48:37.0783 0x13e0  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
17:48:37.0799 0x13e0  mountmgr - ok
17:48:37.0908 0x13e0  [ 51A84B690DF519DCF656F780243D953E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:48:37.0924 0x13e0  MozillaMaintenance - ok
17:48:37.0986 0x13e0  [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
17:48:38.0017 0x13e0  MpFilter - ok
17:48:38.0080 0x13e0  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
17:48:38.0111 0x13e0  mpio - ok
17:48:38.0173 0x13e0  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:48:38.0189 0x13e0  mpsdrv - ok
17:48:38.0329 0x13e0  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:48:38.0407 0x13e0  MpsSvc - ok
17:48:38.0485 0x13e0  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:48:38.0501 0x13e0  MRxDAV - ok
17:48:38.0595 0x13e0  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:48:38.0641 0x13e0  mrxsmb - ok
17:48:38.0735 0x13e0  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:48:38.0813 0x13e0  mrxsmb10 - ok
17:48:38.0907 0x13e0  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:48:38.0938 0x13e0  mrxsmb20 - ok
17:48:39.0000 0x13e0  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
17:48:39.0031 0x13e0  msahci - ok
17:48:39.0125 0x13e0  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
17:48:39.0141 0x13e0  msdsm - ok
17:48:39.0250 0x13e0  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
17:48:39.0312 0x13e0  MSDTC - ok
17:48:39.0515 0x13e0  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:48:39.0531 0x13e0  Msfs - ok
17:48:39.0609 0x13e0  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
17:48:39.0624 0x13e0  mshidkmdf - ok
17:48:39.0687 0x13e0  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:48:39.0702 0x13e0  msisadrv - ok
17:48:39.0796 0x13e0  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
17:48:39.0843 0x13e0  MSiSCSI - ok
17:48:39.0905 0x13e0  msiserver - ok
17:48:40.0014 0x13e0  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
17:48:40.0014 0x13e0  MSKSSRV - ok
17:48:40.0123 0x13e0  [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
17:48:40.0139 0x13e0  MsMpSvc - ok
17:48:40.0201 0x13e0  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:48:40.0217 0x13e0  MSPCLOCK - ok
17:48:40.0264 0x13e0  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
17:48:40.0295 0x13e0  MSPQM - ok
17:48:40.0389 0x13e0  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
17:48:40.0435 0x13e0  MsRPC - ok
17:48:40.0513 0x13e0  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
17:48:40.0513 0x13e0  mssmbios - ok
17:48:40.0576 0x13e0  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
17:48:40.0607 0x13e0  MSTEE - ok
17:48:40.0654 0x13e0  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
17:48:40.0669 0x13e0  MTConfig - ok
17:48:40.0747 0x13e0  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
17:48:40.0763 0x13e0  Mup - ok
17:48:40.0857 0x13e0  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
17:48:40.0919 0x13e0  napagent - ok
17:48:41.0013 0x13e0  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
17:48:41.0075 0x13e0  NativeWifiP - ok
17:48:41.0278 0x13e0  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:48:41.0340 0x13e0  NDIS - ok
17:48:41.0403 0x13e0  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
17:48:41.0418 0x13e0  NdisCap - ok
17:48:41.0481 0x13e0  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:48:41.0496 0x13e0  NdisTapi - ok
17:48:41.0559 0x13e0  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
17:48:41.0574 0x13e0  Ndisuio - ok
17:48:41.0652 0x13e0  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
17:48:41.0668 0x13e0  NdisWan - ok
17:48:41.0746 0x13e0  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
17:48:41.0761 0x13e0  NDProxy - ok
17:48:41.0871 0x13e0  [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
17:48:41.0886 0x13e0  Net Driver HPZ12 - ok
17:48:41.0933 0x13e0  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
17:48:41.0949 0x13e0  NetBIOS - ok
17:48:42.0011 0x13e0  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
17:48:42.0042 0x13e0  NetBT - ok
17:48:42.0105 0x13e0  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
17:48:42.0120 0x13e0  Netlogon - ok
17:48:42.0245 0x13e0  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
17:48:42.0292 0x13e0  Netman - ok
17:48:42.0401 0x13e0  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
17:48:42.0463 0x13e0  netprofm - ok
17:48:42.0573 0x13e0  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:48:42.0604 0x13e0  NetTcpPortSharing - ok
17:48:42.0682 0x13e0  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
17:48:42.0697 0x13e0  nfrd960 - ok
17:48:42.0869 0x13e0  [ 162100E0BC8377710F9D170631921C03 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
17:48:42.0931 0x13e0  NisDrv - ok
17:48:43.0041 0x13e0  [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
17:48:43.0072 0x13e0  NisSrv - ok
17:48:43.0150 0x13e0  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:48:43.0212 0x13e0  NlaSvc - ok
17:48:43.0306 0x13e0  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:48:43.0306 0x13e0  Npfs - ok
17:48:43.0384 0x13e0  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
17:48:43.0415 0x13e0  nsi - ok
17:48:43.0462 0x13e0  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:48:43.0462 0x13e0  nsiproxy - ok
17:48:43.0743 0x13e0  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:48:43.0867 0x13e0  Ntfs - ok
17:48:43.0945 0x13e0  [ 07953351A3424BAA50FC5C4A1434FB04 ] NTI BackupNowEZSvr C:\Program Files (x86)\NTI\NTI Backup Now EZ\BackupNowEZSvr.exe
17:48:44.0585 0x13e0  NTI BackupNowEZSvr - ok
17:48:44.0710 0x13e0  [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys
17:48:44.0710 0x13e0  NTIDrvr - ok
17:48:44.0788 0x13e0  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
17:48:44.0788 0x13e0  Null - ok
17:48:44.0866 0x13e0  [ 786DB821BFD57C0551DBBE4F75384A7D ] nusb3hub        C:\Windows\system32\drivers\nusb3hub.sys
17:48:44.0881 0x13e0  nusb3hub - ok
17:48:44.0975 0x13e0  [ DAA8005CAF745042BB427A1ED7433354 ] nusb3xhc        C:\Windows\system32\drivers\nusb3xhc.sys
17:48:44.0991 0x13e0  nusb3xhc - ok
17:48:46.0223 0x13e0  [ FE2909F7DFB12B9A20AD207FE23B7E96 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:48:47.0190 0x13e0  nvlddmkm - ok
17:48:47.0331 0x13e0  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:48:47.0377 0x13e0  nvraid - ok
17:48:47.0455 0x13e0  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:48:47.0471 0x13e0  nvstor - ok
17:48:47.0658 0x13e0  [ 3341D2C91989BC87C3C0BAA97C27253B ] nvsvc           C:\Windows\system32\nvvsvc.exe
17:48:47.0736 0x13e0  nvsvc - ok
17:48:47.0830 0x13e0  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:48:47.0861 0x13e0  nv_agp - ok
17:48:47.0923 0x13e0  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
17:48:47.0955 0x13e0  ohci1394 - ok
17:48:48.0095 0x13e0  [ 2B8E4C792BED0E5882702720BC528AE5 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:48:48.0111 0x13e0  ose - ok
17:48:48.0641 0x13e0  [ FE9C0029E1AF26350D9985D00520E5C8 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:48:48.0969 0x13e0  osppsvc - ok
17:48:49.0171 0x13e0  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
17:48:49.0234 0x13e0  p2pimsvc - ok
17:48:49.0343 0x13e0  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
17:48:49.0390 0x13e0  p2psvc - ok
17:48:49.0499 0x13e0  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
17:48:49.0530 0x13e0  Parport - ok
17:48:49.0624 0x13e0  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
17:48:49.0624 0x13e0  partmgr - ok
17:48:49.0717 0x13e0  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:48:49.0764 0x13e0  PcaSvc - ok
17:48:49.0842 0x13e0  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
17:48:49.0858 0x13e0  pci - ok
17:48:49.0920 0x13e0  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
17:48:49.0936 0x13e0  pciide - ok
17:48:50.0014 0x13e0  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
17:48:50.0045 0x13e0  pcmcia - ok
17:48:50.0139 0x13e0  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
17:48:50.0154 0x13e0  pcw - ok
17:48:50.0279 0x13e0  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:48:50.0326 0x13e0  PEAUTH - ok
17:48:50.0560 0x13e0  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
17:48:50.0685 0x13e0  PeerDistSvc - ok
17:48:50.0965 0x13e0  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
17:48:50.0981 0x13e0  PerfHost - ok
17:48:51.0246 0x13e0  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
17:48:51.0355 0x13e0  pla - ok
17:48:51.0605 0x13e0  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:48:51.0652 0x13e0  PlugPlay - ok
17:48:51.0777 0x13e0  [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
17:48:51.0808 0x13e0  Pml Driver HPZ12 - ok
17:48:51.0901 0x13e0  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
17:48:51.0917 0x13e0  PNRPAutoReg - ok
17:48:52.0026 0x13e0  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
17:48:52.0057 0x13e0  PNRPsvc - ok
17:48:52.0167 0x13e0  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
17:48:52.0213 0x13e0  PolicyAgent - ok
17:48:52.0463 0x13e0  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
17:48:52.0525 0x13e0  Power - ok
17:48:52.0619 0x13e0  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:48:52.0635 0x13e0  PptpMiniport - ok
17:48:52.0681 0x13e0  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
17:48:52.0713 0x13e0  Processor - ok
17:48:52.0837 0x13e0  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
17:48:52.0869 0x13e0  ProfSvc - ok
17:48:52.0931 0x13e0  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:48:52.0947 0x13e0  ProtectedStorage - ok
17:48:53.0087 0x13e0  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
17:48:53.0103 0x13e0  Psched - ok
17:48:53.0290 0x13e0  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
17:48:53.0399 0x13e0  ql2300 - ok
17:48:53.0493 0x13e0  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
17:48:53.0508 0x13e0  ql40xx - ok
17:48:53.0602 0x13e0  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
17:48:53.0664 0x13e0  QWAVE - ok
17:48:53.0758 0x13e0  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:48:53.0773 0x13e0  QWAVEdrv - ok
17:48:53.0836 0x13e0  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:48:53.0851 0x13e0  RasAcd - ok
17:48:53.0976 0x13e0  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
17:48:53.0976 0x13e0  RasAgileVpn - ok
17:48:54.0039 0x13e0  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
17:48:54.0070 0x13e0  RasAuto - ok
17:48:54.0163 0x13e0  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
17:48:54.0179 0x13e0  Rasl2tp - ok
17:48:54.0288 0x13e0  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
17:48:54.0319 0x13e0  RasMan - ok
17:48:54.0397 0x13e0  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:48:54.0413 0x13e0  RasPppoe - ok
17:48:54.0475 0x13e0  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
17:48:54.0491 0x13e0  RasSstp - ok
17:48:54.0585 0x13e0  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:48:54.0616 0x13e0  rdbss - ok
17:48:54.0741 0x13e0  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
17:48:54.0741 0x13e0  rdpbus - ok
17:48:54.0819 0x13e0  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:48:54.0834 0x13e0  RDPCDD - ok
17:48:55.0006 0x13e0  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
17:48:55.0021 0x13e0  RDPDR - ok
17:48:55.0099 0x13e0  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:48:55.0099 0x13e0  RDPENCDD - ok
17:48:55.0240 0x13e0  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
17:48:55.0240 0x13e0  RDPREFMP - ok
17:48:55.0380 0x13e0  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:48:55.0380 0x13e0  RdpVideoMiniport - ok
17:48:55.0458 0x13e0  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
17:48:55.0489 0x13e0  RDPWD - ok
17:48:55.0599 0x13e0  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
17:48:55.0614 0x13e0  rdyboost - ok
17:48:55.0723 0x13e0  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:48:55.0739 0x13e0  RemoteAccess - ok
17:48:55.0879 0x13e0  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:48:55.0911 0x13e0  RemoteRegistry - ok
17:48:55.0973 0x13e0  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
17:48:55.0989 0x13e0  RpcEptMapper - ok
17:48:56.0067 0x13e0  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
17:48:56.0082 0x13e0  RpcLocator - ok
17:48:56.0223 0x13e0  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
17:48:56.0269 0x13e0  RpcSs - ok
17:48:56.0379 0x13e0  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:48:56.0394 0x13e0  rspndr - ok
17:48:56.0472 0x13e0  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
17:48:56.0472 0x13e0  s3cap - ok
17:48:56.0519 0x13e0  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
17:48:56.0550 0x13e0  SamSs - ok
17:48:56.0613 0x13e0  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:48:56.0659 0x13e0  sbp2port - ok
17:48:56.0737 0x13e0  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:48:56.0784 0x13e0  SCardSvr - ok
17:48:56.0862 0x13e0  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
17:48:56.0878 0x13e0  scfilter - ok
17:48:57.0018 0x13e0  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
17:48:57.0112 0x13e0  Schedule - ok
17:48:57.0190 0x13e0  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:48:57.0205 0x13e0  SCPolicySvc - ok
17:48:57.0299 0x13e0  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:48:57.0346 0x13e0  SDRSVC - ok
17:48:57.0642 0x13e0  [ 95AA9E165C7DE1B64A11E8B18E91E499 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
17:48:57.0767 0x13e0  SDScannerService - ok
17:48:57.0970 0x13e0  [ D31398D4BB4907B517B6E784C2100C4A ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
17:48:58.0032 0x13e0  SDUpdateService - ok
17:48:58.0157 0x13e0  [ 6AE8E702D1027A9627DDE2B77BB9992B ] SDWSCService    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
17:48:58.0173 0x13e0  SDWSCService - ok
17:48:58.0251 0x13e0  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:48:58.0266 0x13e0  secdrv - ok
17:48:58.0407 0x13e0  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
17:48:58.0422 0x13e0  seclogon - ok
17:48:58.0485 0x13e0  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
17:48:58.0500 0x13e0  SENS - ok
17:48:58.0594 0x13e0  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
17:48:58.0609 0x13e0  SensrSvc - ok
17:48:58.0687 0x13e0  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
17:48:58.0687 0x13e0  Serenum - ok
17:48:58.0734 0x13e0  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
17:48:58.0750 0x13e0  Serial - ok
17:48:58.0859 0x13e0  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
17:48:58.0875 0x13e0  sermouse - ok
17:48:59.0140 0x13e0  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
17:48:59.0187 0x13e0  SessionEnv - ok
17:48:59.0280 0x13e0  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
17:48:59.0296 0x13e0  sffdisk - ok
17:48:59.0358 0x13e0  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:48:59.0374 0x13e0  sffp_mmc - ok
17:48:59.0421 0x13e0  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
17:48:59.0436 0x13e0  sffp_sd - ok
17:48:59.0530 0x13e0  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
17:48:59.0530 0x13e0  sfloppy - ok
17:48:59.0670 0x13e0  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:48:59.0701 0x13e0  SharedAccess - ok
17:48:59.0779 0x13e0  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:48:59.0826 0x13e0  ShellHWDetection - ok
17:48:59.0889 0x13e0  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
17:48:59.0904 0x13e0  SiSRaid2 - ok
17:48:59.0967 0x13e0  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
17:48:59.0998 0x13e0  SiSRaid4 - ok
17:49:00.0091 0x13e0  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
17:49:00.0107 0x13e0  Smb - ok
17:49:00.0372 0x13e0  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:49:00.0403 0x13e0  SNMPTRAP - ok
17:49:00.0497 0x13e0  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
17:49:00.0513 0x13e0  spldr - ok
17:49:00.0637 0x13e0  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
17:49:00.0715 0x13e0  Spooler - ok
17:49:01.0043 0x13e0  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
17:49:01.0308 0x13e0  sppsvc - ok
17:49:01.0464 0x13e0  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
17:49:01.0495 0x13e0  sppuinotify - ok
17:49:01.0636 0x13e0  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:49:01.0667 0x13e0  srv - ok
17:49:01.0761 0x13e0  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:49:01.0792 0x13e0  srv2 - ok
17:49:01.0901 0x13e0  [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
17:49:01.0932 0x13e0  SrvHsfHDA - ok
17:49:02.0135 0x13e0  [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
17:49:02.0244 0x13e0  SrvHsfV92 - ok
17:49:02.0463 0x13e0  [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
17:49:02.0509 0x13e0  SrvHsfWinac - ok
17:49:02.0603 0x13e0  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:49:02.0619 0x13e0  srvnet - ok
17:49:02.0743 0x13e0  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:49:02.0790 0x13e0  SSDPSRV - ok
17:49:02.0853 0x13e0  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:49:02.0884 0x13e0  SstpSvc - ok
17:49:02.0993 0x13e0  [ 0632004181860960CF6E10DE8DDEF78B ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:49:03.0024 0x13e0  Stereo Service - ok
17:49:03.0118 0x13e0  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
17:49:03.0133 0x13e0  stexstor - ok
17:49:03.0321 0x13e0  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
17:49:03.0383 0x13e0  stisvc - ok
17:49:03.0477 0x13e0  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
17:49:03.0492 0x13e0  storflt - ok
17:49:03.0555 0x13e0  [ C40841817EF57D491F22EB103DA587CC ] StorSvc         C:\Windows\system32\storsvc.dll
17:49:03.0586 0x13e0  StorSvc - ok
17:49:03.0695 0x13e0  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
17:49:03.0742 0x13e0  storvsc - ok
17:49:03.0820 0x13e0  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
17:49:03.0820 0x13e0  swenum - ok
17:49:03.0945 0x13e0  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
17:49:04.0023 0x13e0  swprv - ok
17:49:04.0381 0x13e0  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
17:49:04.0553 0x13e0  SysMain - ok
17:49:04.0709 0x13e0  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:49:04.0740 0x13e0  TabletInputService - ok
17:49:04.0849 0x13e0  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:49:04.0912 0x13e0  TapiSrv - ok
17:49:04.0990 0x13e0  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
17:49:05.0021 0x13e0  TBS - ok
17:49:05.0364 0x13e0  [ DB74544B75566C974815E79A62433F29 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:49:05.0489 0x13e0  Tcpip - ok
17:49:05.0754 0x13e0  [ DB74544B75566C974815E79A62433F29 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
17:49:05.0863 0x13e0  TCPIP6 - ok
17:49:06.0066 0x13e0  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:49:06.0066 0x13e0  tcpipreg - ok
17:49:06.0222 0x13e0  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:49:06.0222 0x13e0  TDPIPE - ok
17:49:06.0331 0x13e0  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
17:49:06.0347 0x13e0  TDTCP - ok
17:49:06.0441 0x13e0  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:49:06.0487 0x13e0  tdx - ok
17:49:06.0550 0x13e0  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
17:49:06.0565 0x13e0  TermDD - ok
17:49:06.0690 0x13e0  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
17:49:06.0768 0x13e0  TermService - ok
17:49:06.0846 0x13e0  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
17:49:06.0877 0x13e0  Themes - ok
17:49:06.0924 0x13e0  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
17:49:06.0940 0x13e0  THREADORDER - ok
17:49:07.0033 0x13e0  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
17:49:07.0080 0x13e0  TrkWks - ok
17:49:07.0205 0x13e0  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:49:07.0221 0x13e0  TrustedInstaller - ok
17:49:07.0314 0x13e0  [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:49:07.0455 0x13e0  tssecsrv - ok
17:49:07.0533 0x13e0  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
17:49:07.0579 0x13e0  TsUsbFlt - ok
17:49:07.0673 0x13e0  [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
17:49:07.0689 0x13e0  TsUsbGD - ok
17:49:07.0798 0x13e0  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:49:07.0813 0x13e0  tunnel - ok
17:49:07.0891 0x13e0  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
17:49:07.0891 0x13e0  uagp35 - ok
17:49:08.0001 0x13e0  [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
17:49:08.0016 0x13e0  UBHelper - ok
17:49:08.0125 0x13e0  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:49:08.0172 0x13e0  udfs - ok
17:49:08.0313 0x13e0  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
17:49:08.0344 0x13e0  UI0Detect - ok
17:49:08.0391 0x13e0  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:49:08.0406 0x13e0  uliagpkx - ok
17:49:08.0500 0x13e0  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
17:49:08.0515 0x13e0  umbus - ok
17:49:08.0562 0x13e0  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
17:49:08.0578 0x13e0  UmPass - ok
17:49:08.0718 0x13e0  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
17:49:08.0765 0x13e0  UmRdpService - ok
17:49:08.0937 0x13e0  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
17:49:09.0015 0x13e0  upnphost - ok
17:49:09.0124 0x13e0  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
17:49:09.0139 0x13e0  usbccgp - ok
17:49:09.0233 0x13e0  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
17:49:09.0249 0x13e0  usbcir - ok
17:49:09.0342 0x13e0  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
17:49:09.0342 0x13e0  usbehci - ok
17:49:09.0436 0x13e0  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:49:09.0467 0x13e0  usbhub - ok
17:49:09.0529 0x13e0  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
17:49:09.0545 0x13e0  usbohci - ok
17:49:09.0639 0x13e0  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
17:49:09.0639 0x13e0  usbprint - ok
17:49:09.0763 0x13e0  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
17:49:09.0779 0x13e0  usbscan - ok
17:49:09.0873 0x13e0  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:49:09.0888 0x13e0  USBSTOR - ok
17:49:09.0982 0x13e0  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
17:49:09.0982 0x13e0  usbuhci - ok
17:49:10.0060 0x13e0  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
17:49:10.0091 0x13e0  UxSms - ok
17:49:10.0138 0x13e0  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
17:49:10.0153 0x13e0  VaultSvc - ok
17:49:10.0278 0x13e0  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
17:49:10.0294 0x13e0  vdrvroot - ok
17:49:10.0403 0x13e0  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
17:49:10.0465 0x13e0  vds - ok
17:49:10.0512 0x13e0  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
17:49:10.0528 0x13e0  vga - ok
17:49:10.0637 0x13e0  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
17:49:10.0653 0x13e0  VgaSave - ok
17:49:10.0762 0x13e0  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
17:49:10.0777 0x13e0  vhdmp - ok
17:49:10.0840 0x13e0  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
17:49:10.0840 0x13e0  viaide - ok
17:49:10.0949 0x13e0  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
17:49:10.0965 0x13e0  vmbus - ok
17:49:11.0027 0x13e0  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
17:49:11.0043 0x13e0  VMBusHID - ok
17:49:11.0105 0x13e0  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:49:11.0152 0x13e0  volmgr - ok
17:49:11.0245 0x13e0  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
17:49:11.0292 0x13e0  volmgrx - ok
17:49:11.0386 0x13e0  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
17:49:11.0401 0x13e0  volsnap - ok
17:49:11.0511 0x13e0  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
17:49:11.0526 0x13e0  vsmraid - ok
17:49:11.0760 0x13e0  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
17:49:11.0885 0x13e0  VSS - ok
17:49:12.0135 0x13e0  [ EB94A2C1F99E9E1634683B916F4EB1A2 ] vToolbarUpdater15.5.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe
17:49:12.0259 0x13e0  vToolbarUpdater15.5.0 - ok
17:49:12.0415 0x13e0  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
17:49:12.0431 0x13e0  vwifibus - ok
17:49:12.0478 0x13e0  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
17:49:12.0525 0x13e0  vwififlt - ok
17:49:12.0603 0x13e0  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
17:49:12.0649 0x13e0  W32Time - ok
17:49:12.0743 0x13e0  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
17:49:12.0759 0x13e0  WacomPen - ok
17:49:12.0883 0x13e0  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
17:49:12.0899 0x13e0  WANARP - ok
17:49:12.0961 0x13e0  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:49:12.0977 0x13e0  Wanarpv6 - ok
17:49:13.0195 0x13e0  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
17:49:13.0289 0x13e0  WatAdminSvc - ok
17:49:13.0539 0x13e0  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
17:49:13.0695 0x13e0  wbengine - ok
17:49:13.0835 0x13e0  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
17:49:13.0897 0x13e0  WbioSrvc - ok
17:49:14.0007 0x13e0  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
17:49:14.0053 0x13e0  wcncsvc - ok
17:49:14.0163 0x13e0  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:49:14.0194 0x13e0  WcsPlugInService - ok
17:49:14.0272 0x13e0  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
17:49:14.0287 0x13e0  Wd - ok
17:49:14.0443 0x13e0  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:49:14.0521 0x13e0  Wdf01000 - ok
17:49:14.0615 0x13e0  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:49:14.0693 0x13e0  WdiServiceHost - ok
17:49:14.0787 0x13e0  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
17:49:14.0818 0x13e0  WdiSystemHost - ok
17:49:15.0021 0x13e0  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
17:49:15.0067 0x13e0  WebClient - ok
17:49:15.0177 0x13e0  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:49:15.0223 0x13e0  Wecsvc - ok
17:49:15.0489 0x13e0  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
17:49:15.0535 0x13e0  wercplsupport - ok
17:49:15.0613 0x13e0  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
17:49:15.0645 0x13e0  WerSvc - ok
17:49:15.0738 0x13e0  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
17:49:15.0738 0x13e0  WfpLwf - ok
17:49:15.0832 0x13e0  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
17:49:15.0847 0x13e0  WIMMount - ok
17:49:15.0941 0x13e0  WinDefend - ok
17:49:16.0066 0x13e0  WinHttpAutoProxySvc - ok
17:49:16.0222 0x13e0  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
17:49:16.0253 0x13e0  Winmgmt - ok
17:49:16.0471 0x13e0  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
17:49:16.0659 0x13e0  WinRM - ok
17:49:16.0893 0x13e0  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUSB.sys
17:49:16.0893 0x13e0  WinUsb - ok
17:49:17.0033 0x13e0  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
17:49:17.0111 0x13e0  Wlansvc - ok
17:49:17.0205 0x13e0  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
17:49:17.0220 0x13e0  WmiAcpi - ok
17:49:17.0329 0x13e0  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:49:17.0345 0x13e0  wmiApSrv - ok
17:49:17.0439 0x13e0  WMPNetworkSvc - ok
17:49:17.0532 0x13e0  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:49:17.0579 0x13e0  WPCSvc - ok
17:49:17.0688 0x13e0  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:49:17.0719 0x13e0  WPDBusEnum - ok
17:49:17.0829 0x13e0  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
17:49:17.0844 0x13e0  ws2ifsl - ok
17:49:17.0938 0x13e0  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
17:49:17.0969 0x13e0  wscsvc - ok
17:49:18.0031 0x13e0  WSearch - ok
17:49:18.0406 0x13e0  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
17:49:18.0609 0x13e0  wuauserv - ok
17:49:18.0827 0x13e0  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:49:18.0827 0x13e0  WudfPf - ok
17:49:18.0921 0x13e0  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
17:49:18.0936 0x13e0  WUDFRd - ok
17:49:19.0014 0x13e0  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
17:49:19.0061 0x13e0  wudfsvc - ok
17:49:19.0201 0x13e0  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
17:49:19.0248 0x13e0  WwanSvc - ok
17:49:19.0373 0x13e0  ================ Scan global ===============================
17:49:19.0482 0x13e0  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:49:19.0576 0x13e0  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
17:49:19.0669 0x13e0  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
17:49:19.0747 0x13e0  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:49:19.0841 0x13e0  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:49:19.0888 0x13e0  [Global] - ok
17:49:19.0903 0x13e0  ================ Scan MBR ==================================
17:49:19.0950 0x13e0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:49:20.0496 0x13e0  \Device\Harddisk0\DR0 - ok
17:49:20.0527 0x13e0  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR1
17:49:20.0605 0x13e0  \Device\Harddisk1\DR1 - ok
17:49:20.0605 0x13e0  ================ Scan VBR ==================================
17:49:20.0652 0x13e0  [ 8C626ECFE759A480F18D3EBA461B5FF1 ] \Device\Harddisk0\DR0\Partition1
17:49:20.0715 0x13e0  \Device\Harddisk0\DR0\Partition1 - ok
17:49:20.0793 0x13e0  [ FCC1DB26478E7D2AAF422B8EC3CF098E ] \Device\Harddisk0\DR0\Partition2
17:49:20.0808 0x13e0  \Device\Harddisk0\DR0\Partition2 - ok
17:49:20.0839 0x13e0  [ 220BA69A3EFE4B83927A7BC3B4C2A9B7 ] \Device\Harddisk1\DR1\Partition1
17:49:20.0871 0x13e0  \Device\Harddisk1\DR1\Partition1 - ok
17:49:20.0871 0x13e0  ============================================================
17:49:20.0871 0x13e0  Scan finished
17:49:20.0871 0x13e0  ============================================================
17:49:21.0073 0x0d84  Detected object count: 0
17:49:21.0073 0x0d84  Actual detected object count: 0
 

 

 

And, finally the AdwCleaner

# AdwCleaner v2.306 - Logfile created 08/18/2013 at 17:59:25
# Updated 19/07/2013 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : CJ - CJLAPTOP
# Boot Mode : Normal
# Running from : C:\Users\CJ\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\Program Files (x86)\Common Files\AVG Secure Search
File Deleted : C:\END
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Common Files\Software Update Utility
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\Users\CJ\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\CJ\AppData\Local\getsavin
Folder Deleted : C:\Users\CJ\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\CJ\AppData\Roaming\OpenCandy

***** [Registry] *****

Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Iminent
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_nonsearch_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_nonsearch_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16660

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0.2 (en-US)

File : C:\Users\CJ\AppData\Roaming\Mozilla\Firefox\Profiles\71gszilv.default\prefs.js

C:\Users\CJ\AppData\Roaming\Mozilla\Firefox\Profiles\71gszilv.default\user.js ... Deleted !

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [16356 octets] - [18/08/2013 17:59:25]

########## EOF - C:\AdwCleaner[S1].txt - [16417 octets] ##########

 

 

 

 

 

 

 

Edit:

I forgot to say that I also pulled all the buttons off my laptop keyboard and gave it a thorough cleaning.  I did find that one of the ctrl buttons is a tad broken, but getting all the hair and dust out from under everything did not fix the random clicking problem.

It may be too soon to say for sure, but after running that last tool, things DO seem to have sped up.
 


Edited by TNHawke, 18 August 2013 - 09:16 PM.


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:15 AM

Posted 19 August 2013 - 10:33 AM

The clicking may just be a mechanical issue, but we should run these tools also to get the rest and free space.

Empty your temp folders using TFC (Temporary File Cleaner)
  • Please download TFC by Old Timer and save it to your desktop.
    alternate download link
  • Save any unsaved work. (TFC will close ALL open programs including your browser!)
  • Double-click on TFC.exe to run it. (If you are using Vista, right-click on the file and choose "Run As Administrator".)
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.
  • Install your game.
thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 TNHawke

TNHawke
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:15 PM

Posted 21 August 2013 - 11:29 PM

Ok, I finally had a chance (and remembered) to do these next steps.

After running quickly for a few hours after I performed the last steps, the computer has been slowing down steadily again until just now I waited a solid minute for Firefox to start after I clicked the icon.

 

 

Clearing the temp files opened up less than 500mb (it was 430 or 480)

 

Here's the log for the JRT

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.2 (08.20.2013:1)
OS: Windows 7 Professional x64
Ran by CJ on Wed 08/21/2013 at 21:14:10.83
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\pricepeep_1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\pricepeep_1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\pricepeep_1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\pricepeep_1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5510730F-22D9-4C74-9FF5-74B8DF231548}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{5510730F-22D9-4C74-9FF5-74B8DF231548}



~~~ Files

Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npcouponprinter.dll"
Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npmozcouponprinter.dll"



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\coupons"



~~~ FireFox

Emptied folder: C:\Users\CJ\AppData\Roaming\mozilla\firefox\profiles\71gszilv.default\minidumps [189 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 08/21/2013 at 22:24:54.73
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:15 AM

Posted 22 August 2013 - 01:18 PM

Ok, Lets run this next as I feel it may not be Malware anymore.

 

Windows Repair (All In One)

skip the "Before you Download"

 


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 TNHawke

TNHawke
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:15 PM

Posted 23 August 2013 - 11:10 PM

Alrighty, did that.  Fell asleep while it was running the last step.  So far, no huge improvement, but it's not being horrible either.

 

Any ideas why after running AdwCleaner by Xplode the computer would have been fast and awesome for a few hours and then slowed back down to a crawl again afterwards?



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:15 AM

Posted 25 August 2013 - 09:52 PM

Lets see if we have hidden or protected malware. We need stronger tools. Start a new topic per this guide. You can use the same title.
 
Please follow this Preparation Guide and post in a new topic.
Let me know if all went well.

You can include this link back to here
http://www.bleepingcomputer.com/forums/t/503568/been-sluggish-had-ads-keeps-randomly-clicking/#entry3138338
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users