Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help mom ruined computer


  • Please log in to reply
11 replies to this topic

#1 orangezesty

orangezesty

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:08:47 PM

Posted 09 September 2014 - 08:55 PM

As the title says, this is my mother's desktop. She called me over to help fix a virus on her computer. However, it seems she has a plethora of viruses and other issues on her computer causing a multitude of problems such as: when trying to start up the computer, it goes into system recovery and loops around for about 5 tries before you can access actual desktop, and she has many different redirect viruses.
 
Any response for help will be greatly appreciated.
 
Thank you

Edit: Moved topic from Windfows 7 to the more appropriate forum.~ Animal

BC AdBot (Login to Remove)

 


#2 orangezesty

orangezesty
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:08:47 PM

Posted 10 September 2014 - 07:37 PM

since no response I'll try to go into more details,

The computer has ask.com redirect, when you first turn on the computer, rather than going to the login screen, it loops around system recovery screen 4 or 5 times even after selecting the option of going to the login screen. Also the computer is damn slow. She has a window 7 desktop. Any help would be greatly appreciated



#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:47 PM

Posted 10 September 2014 - 09:09 PM

Hello O Z lets run these and see if it's improved.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 orangezesty

orangezesty
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:08:47 PM

Posted 11 September 2014 - 10:16 AM

TDSSKILLEER REPORT:

00:11:43.0555 0x122c  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
00:11:49.0117 0x122c  ============================================================
00:11:49.0117 0x122c  Current date / time: 2014/09/11 00:11:49.0117
00:11:49.0117 0x122c  SystemInfo:
00:11:49.0117 0x122c  
00:11:49.0117 0x122c  OS Version: 6.1.7601 ServicePack: 1.0
00:11:49.0117 0x122c  Product type: Workstation
00:11:49.0117 0x122c  ComputerName: CAREINSURANCE
00:11:49.0117 0x122c  UserName: Kevin
00:11:49.0117 0x122c  Windows directory: C:\Windows
00:11:49.0117 0x122c  System windows directory: C:\Windows
00:11:49.0117 0x122c  Running under WOW64
00:11:49.0117 0x122c  Processor architecture: Intel x64
00:11:49.0117 0x122c  Number of processors: 2
00:11:49.0117 0x122c  Page size: 0x1000
00:11:49.0117 0x122c  Boot type: Normal boot
00:11:49.0117 0x122c  ============================================================
00:11:52.0246 0x122c  KLMD registered as C:\Windows\system32\drivers\77350151.sys
00:11:52.0928 0x122c  System UUID: {649C3CEC-6D30-3FB5-3010-9088D31A6FF5}
00:11:53.0627 0x122c  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
00:11:53.0714 0x122c  Drive \Device\Harddisk1\DR1 - Size: 0x774488000 ( 29.82 Gb ), SectorSize: 0x200, Cylinders: 0xF34, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
00:11:53.0727 0x122c  ============================================================
00:11:53.0727 0x122c  \Device\Harddisk0\DR0:
00:11:53.0736 0x122c  MBR partitions:
00:11:53.0736 0x122c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3893B161
00:11:53.0736 0x122c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3893B1A0, BlocksNum 0x1A496F0
00:11:53.0736 0x122c  \Device\Harddisk1\DR1:
00:11:53.0736 0x122c  MBR partitions:
00:11:53.0736 0x122c  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x20, BlocksNum 0x3BA2420
00:11:53.0736 0x122c  ============================================================
00:11:53.0758 0x122c  C: <-> \Device\Harddisk0\DR0\Partition1
00:11:53.0811 0x122c  D: <-> \Device\Harddisk0\DR0\Partition2
00:11:53.0813 0x122c  F: <-> \Device\Harddisk1\DR1\Partition1
00:11:53.0813 0x122c  ============================================================
00:11:53.0813 0x122c  Initialize success
00:11:53.0813 0x122c  ============================================================
00:11:57.0335 0x131c  ============================================================
00:11:57.0335 0x131c  Scan started
00:11:57.0335 0x131c  Mode: Manual;
00:11:57.0335 0x131c  ============================================================
00:11:57.0335 0x131c  KSN ping started
00:12:00.0130 0x131c  KSN ping finished: true
00:12:02.0931 0x131c  ================ Scan system memory ========================
00:12:02.0931 0x131c  System memory - ok
00:12:02.0932 0x131c  ================ Scan services =============================
00:12:03.0315 0x131c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
00:12:03.0322 0x131c  1394ohci - ok
00:12:03.0400 0x131c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
00:12:03.0417 0x131c  ACPI - ok
00:12:03.0471 0x131c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
00:12:03.0474 0x131c  AcpiPmi - ok
00:12:03.0659 0x131c  [ 62B7936F9036DD6ED36E6A7EFA805DC0, C58EA1B46CB3595386C9217A7785F2A436916FB1E0BDC0E4BE484292C55AA455 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
00:12:03.0662 0x131c  AdobeARMservice - ok
00:12:03.0896 0x131c  [ FBB312C9DA3863673EC18F4AE4101778, 4E9AAE7C700E485C17FDFCC9100A79784673B006D00D4D4CE8F1DB617D25C864 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
00:12:03.0970 0x131c  AdobeFlashPlayerUpdateSvc - ok
00:12:04.0117 0x131c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
00:12:04.0159 0x131c  adp94xx - ok
00:12:04.0232 0x131c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
00:12:04.0279 0x131c  adpahci - ok
00:12:04.0381 0x131c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
00:12:04.0430 0x131c  adpu320 - ok
00:12:04.0476 0x131c  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
00:12:04.0477 0x131c  AeLookupSvc - ok
00:12:04.0583 0x131c  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
00:12:04.0600 0x131c  AFD - ok
00:12:04.0669 0x131c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
00:12:04.0673 0x131c  agp440 - ok
00:12:04.0721 0x131c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
00:12:04.0739 0x131c  ALG - ok
00:12:04.0769 0x131c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
00:12:04.0772 0x131c  aliide - ok
00:12:04.0787 0x131c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
00:12:04.0790 0x131c  amdide - ok
00:12:04.0842 0x131c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
00:12:04.0846 0x131c  AmdK8 - ok
00:12:04.0867 0x131c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
00:12:04.0871 0x131c  AmdPPM - ok
00:12:04.0918 0x131c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
00:12:04.0923 0x131c  amdsata - ok
00:12:04.0950 0x131c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
00:12:04.0957 0x131c  amdsbs - ok
00:12:04.0965 0x131c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
00:12:04.0968 0x131c  amdxata - ok
00:12:05.0036 0x131c  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
00:12:05.0078 0x131c  AppID - ok
00:12:05.0135 0x131c  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
00:12:05.0153 0x131c  AppIDSvc - ok
00:12:05.0205 0x131c  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
00:12:05.0209 0x131c  Appinfo - ok
00:12:05.0295 0x131c  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
00:12:05.0302 0x131c  AppMgmt - ok
00:12:05.0357 0x131c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
00:12:05.0361 0x131c  arc - ok
00:12:05.0382 0x131c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
00:12:05.0406 0x131c  arcsas - ok
00:12:05.0598 0x131c  [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
00:12:05.0600 0x131c  aspnet_state - ok
00:12:05.0625 0x131c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
00:12:05.0650 0x131c  AsyncMac - ok
00:12:05.0750 0x131c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
00:12:05.0751 0x131c  atapi - ok
00:12:05.0891 0x131c  [ BCAA4D3EE176238C82D0D3207AB65290, C519554644C20A7076A5274716721C4936FC0DA066868283D42EE5494EDA56F1 ] atnthost        C:\ProgramData\webex\MyWebEx\319\atnthost.exe
00:12:05.0893 0x131c  atnthost - ok
00:12:05.0987 0x131c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
00:12:06.0012 0x131c  AudioEndpointBuilder - ok
00:12:06.0045 0x131c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
00:12:06.0058 0x131c  AudioSrv - ok
00:12:06.0207 0x131c  [ 7E91655B4947EC1B18B3BC1645839145, 4425326D019A7A6380B71D6710AD94D58A11E1BC5BA42159DD4A17437A296C48 ] AVP             C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
00:12:06.0213 0x131c  AVP - ok
00:12:06.0350 0x131c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
00:12:06.0564 0x131c  AxInstSV - ok
00:12:09.0325 0x131c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
00:12:09.0338 0x131c  b06bdrv - ok
00:12:09.0454 0x131c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
00:12:09.0537 0x131c  b57nd60a - ok
00:12:09.0595 0x131c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
00:12:09.0600 0x131c  BDESVC - ok
00:12:09.0619 0x131c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
00:12:09.0620 0x131c  Beep - ok
00:12:09.0784 0x131c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
00:12:09.0814 0x131c  BFE - ok
00:12:09.0858 0x131c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
00:12:09.0894 0x131c  BITS - ok
00:12:09.0936 0x131c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
00:12:09.0937 0x131c  blbdrive - ok
00:12:10.0015 0x131c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
00:12:10.0025 0x131c  bowser - ok
00:12:10.0051 0x131c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
00:12:10.0054 0x131c  BrFiltLo - ok
00:12:10.0075 0x131c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
00:12:10.0078 0x131c  BrFiltUp - ok
00:12:10.0134 0x131c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
00:12:10.0139 0x131c  Browser - ok
00:12:10.0173 0x131c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
00:12:10.0190 0x131c  Brserid - ok
00:12:10.0221 0x131c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
00:12:10.0225 0x131c  BrSerWdm - ok
00:12:10.0250 0x131c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
00:12:10.0253 0x131c  BrUsbMdm - ok
00:12:10.0263 0x131c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
00:12:10.0267 0x131c  BrUsbSer - ok
00:12:10.0291 0x131c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
00:12:10.0295 0x131c  BTHMODEM - ok
00:12:10.0374 0x131c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
00:12:10.0379 0x131c  bthserv - ok
00:12:10.0417 0x131c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
00:12:10.0422 0x131c  cdfs - ok
00:12:10.0621 0x131c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\drivers\cdrom.sys
00:12:10.0634 0x131c  cdrom - ok
00:12:10.0790 0x131c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
00:12:10.0816 0x131c  CertPropSvc - ok
00:12:10.0844 0x131c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
00:12:10.0849 0x131c  circlass - ok
00:12:10.0887 0x131c  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
00:12:10.0894 0x131c  CLFS - ok
00:12:11.0022 0x131c  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:12:11.0040 0x131c  clr_optimization_v2.0.50727_32 - ok
00:12:11.0115 0x131c  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
00:12:11.0119 0x131c  clr_optimization_v2.0.50727_64 - ok
00:12:11.0256 0x131c  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:12:11.0295 0x131c  clr_optimization_v4.0.30319_32 - ok
00:12:11.0326 0x131c  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
00:12:11.0332 0x131c  clr_optimization_v4.0.30319_64 - ok
00:12:11.0365 0x131c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
00:12:11.0368 0x131c  CmBatt - ok
00:12:11.0417 0x131c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
00:12:11.0420 0x131c  cmdide - ok
00:12:11.0473 0x131c  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
00:12:11.0490 0x131c  CNG - ok
00:12:11.0516 0x131c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
00:12:11.0524 0x131c  Compbatt - ok
00:12:11.0607 0x131c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
00:12:11.0611 0x131c  CompositeBus - ok
00:12:11.0650 0x131c  COMSysApp - ok
00:12:11.0678 0x131c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
00:12:11.0682 0x131c  crcdisk - ok
00:12:11.0790 0x131c  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
00:12:11.0797 0x131c  CryptSvc - ok
00:12:11.0866 0x131c  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
00:12:11.0934 0x131c  CSC - ok
00:12:12.0015 0x131c  [ 04199CA5C4A6F6E935906A74EAFCA8E7, F02E807E04DA16117E9E4D183186DF9425E9E1AD7CBC34AEED63A38F7D1E75E6 ] CSCrySec        C:\Windows\system32\DRIVERS\CSCrySec.sys
00:12:12.0020 0x131c  CSCrySec - ok
00:12:12.0124 0x131c  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
00:12:12.0151 0x131c  CscService - ok
00:12:12.0308 0x131c  [ 0B7E221689F370C87F640C6D2EED7D3F, 2EBA565DAC2DC7182C43174BAAA373610C7083B57279CAD5EA5765E25EA27BCF ] CSObjectsSrv    C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
00:12:12.0324 0x131c  CSObjectsSrv - ok
00:12:12.0391 0x131c  [ 7D7F90460F1309B5205BF8CDFAD63E42, 885B9EA530E7B6D51DC24A5009F37A2D4CCACAFCA0A7CB693F4320E110AFFA4F ] CSVirtualDiskDrv C:\Windows\system32\DRIVERS\CSVirtualDiskDrv.sys
00:12:12.0393 0x131c  CSVirtualDiskDrv - ok
00:12:12.0612 0x131c  [ 68E5B345CA5265632865DD2F8E27512B, BDBB64C08BB22E1EBC8F08F7451281813F4D041F053FFAF0253BB2F5F9F7C861 ] DatamngrCoordinator C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe
00:12:12.0798 0x131c  DatamngrCoordinator - ok
00:12:12.0886 0x131c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
00:12:12.0910 0x131c  DcomLaunch - ok
00:12:12.0968 0x131c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
00:12:12.0977 0x131c  defragsvc - ok
00:12:13.0032 0x131c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
00:12:13.0065 0x131c  DfsC - ok
00:12:13.0192 0x131c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
00:12:13.0234 0x131c  Dhcp - ok
00:12:13.0286 0x131c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
00:12:13.0288 0x131c  discache - ok
00:12:13.0389 0x131c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
00:12:13.0391 0x131c  Disk - ok
00:12:13.0492 0x131c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
00:12:13.0500 0x131c  Dnscache - ok
00:12:13.0551 0x131c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
00:12:13.0572 0x131c  dot3svc - ok
00:12:13.0662 0x131c  [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] dot4            C:\Windows\system32\DRIVERS\Dot4.sys
00:12:13.0667 0x131c  dot4 - ok
00:12:13.0760 0x131c  [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print       C:\Windows\system32\drivers\Dot4Prt.sys
00:12:13.0763 0x131c  Dot4Print - ok
00:12:13.0812 0x131c  [ 488669CD1CD3BDCFDD9A5FDA72209069, CCB6BCB23A30CFD016E4086ED010A0E9DA647D3FAD9724200A29938D2B79A3C0 ] Dot4Scan        C:\Windows\system32\DRIVERS\Dot4Scan.sys
00:12:13.0835 0x131c  Dot4Scan - ok
00:12:13.0880 0x131c  [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
00:12:13.0883 0x131c  dot4usb - ok
00:12:13.0965 0x131c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
00:12:13.0983 0x131c  DPS - ok
00:12:14.0096 0x131c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
00:12:14.0099 0x131c  drmkaud - ok
00:12:14.0221 0x131c  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
00:12:14.0241 0x131c  DXGKrnl - ok
00:12:14.0290 0x131c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
00:12:14.0292 0x131c  EapHost - ok
00:12:14.0577 0x131c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
00:12:14.0737 0x131c  ebdrv - ok
00:12:14.0838 0x131c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
00:12:14.0841 0x131c  EFS - ok
00:12:15.0154 0x131c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
00:12:15.0337 0x131c  ehRecvr - ok
00:12:15.0379 0x131c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
00:12:15.0384 0x131c  ehSched - ok
00:12:15.0457 0x131c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
00:12:15.0523 0x131c  elxstor - ok
00:12:15.0556 0x131c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
00:12:15.0568 0x131c  ErrDev - ok
00:12:15.0770 0x131c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
00:12:15.0778 0x131c  EventSystem - ok
00:12:15.0812 0x131c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
00:12:15.0819 0x131c  exfat - ok
00:12:16.0029 0x131c  [ 878883FDDD9ACC335725469A68E84BB1, 7BCC73701EBA0FB5E9C0812C46A1F8CB1E166F1127A6D232E8A37889170CE56B ] F06DEFF2-5B9C-490D-910F-35D3A91196222 C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\setmgrc1.cfg
00:12:16.0256 0x131c  F06DEFF2-5B9C-490D-910F-35D3A91196222 - ok
00:12:16.0273 0x131c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
00:12:16.0277 0x131c  fastfat - ok
00:12:16.0367 0x131c  [ 5CFDEABEE0664F36D6EA6A45A2F16FD7, EA6BBCB2375C2F5BB11B7388FBDDCA9A24D0BA1B19E905E50095BB14B4D5A9B6 ] FastFreeConverterUpdt C:\Program Files (x86)\Fast Free Converter\FastFreeConverterUpdt.exe
00:12:16.0371 0x131c  FastFreeConverterUpdt - ok
00:12:16.0450 0x131c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
00:12:16.0492 0x131c  Fax - ok
00:12:16.0546 0x131c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
00:12:16.0549 0x131c  fdc - ok
00:12:16.0617 0x131c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
00:12:16.0619 0x131c  fdPHost - ok
00:12:16.0633 0x131c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
00:12:16.0636 0x131c  FDResPub - ok
00:12:16.0704 0x131c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
00:12:16.0706 0x131c  FileInfo - ok
00:12:16.0723 0x131c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
00:12:16.0726 0x131c  Filetrace - ok
00:12:16.0741 0x131c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
00:12:16.0744 0x131c  flpydisk - ok
00:12:16.0817 0x131c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
00:12:16.0832 0x131c  FltMgr - ok
00:12:16.0917 0x131c  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
00:12:16.0954 0x131c  FontCache - ok
00:12:17.0052 0x131c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:12:17.0060 0x131c  FontCache3.0.0.0 - ok
00:12:17.0087 0x131c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
00:12:17.0090 0x131c  FsDepends - ok
00:12:17.0186 0x131c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
00:12:17.0187 0x131c  Fs_Rec - ok
00:12:17.0312 0x131c  [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
00:12:17.0321 0x131c  fvevol - ok
00:12:17.0337 0x131c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
00:12:17.0343 0x131c  gagp30kx - ok
00:12:17.0418 0x131c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
00:12:17.0478 0x131c  gpsvc - ok
00:12:17.0501 0x131c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
00:12:17.0504 0x131c  hcw85cir - ok
00:12:17.0624 0x131c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
00:12:17.0698 0x131c  HdAudAddService - ok
00:12:17.0764 0x131c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
00:12:17.0769 0x131c  HDAudBus - ok
00:12:17.0790 0x131c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
00:12:17.0793 0x131c  HidBatt - ok
00:12:17.0815 0x131c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
00:12:17.0821 0x131c  HidBth - ok
00:12:17.0853 0x131c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
00:12:17.0856 0x131c  HidIr - ok
00:12:17.0922 0x131c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
00:12:17.0923 0x131c  hidserv - ok
00:12:17.0995 0x131c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
00:12:17.0998 0x131c  HidUsb - ok
00:12:18.0049 0x131c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
00:12:18.0053 0x131c  hkmsvc - ok
00:12:18.0103 0x131c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
00:12:18.0112 0x131c  HomeGroupListener - ok
00:12:18.0153 0x131c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
00:12:18.0161 0x131c  HomeGroupProvider - ok
00:12:18.0283 0x131c  [ 16959F84844DC9B2CEF0D5B1A412370F, 60FAE3931AC8DB4B351F42AD49D1189D90BF037739BA02EBEBC2F24A22114D3A ] HP LaserJet Service C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
00:12:18.0286 0x131c  HP LaserJet Service - ok
00:12:18.0336 0x131c  [ E325F85012E793CEE74B73C4F22AE311, B427ACF55E9FFCC6275B1EA2A6120E8D7B5B589CBBE0D114BB1376CB988B8FFC ] HPFXBULKLEDM    C:\Windows\system32\drivers\hppdbulkio.sys
00:12:18.0339 0x131c  HPFXBULKLEDM - ok
00:12:18.0382 0x131c  [ AA2790DDA5EBE22FE5AAC11DA1103E5B, AC65B978CB5EC08703F2FC4D475B4D7CC44C05A36DCC5B79597E84A9A651E2BF ] HPFXFAX         C:\Windows\system32\drivers\hppdfaxio.sys
00:12:18.0384 0x131c  HPFXFAX - ok
00:12:18.0454 0x131c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
00:12:18.0462 0x131c  HpSAMD - ok
00:12:18.0541 0x131c  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
00:12:18.0568 0x131c  HTTP - ok
00:12:18.0625 0x131c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
00:12:18.0626 0x131c  hwpolicy - ok
00:12:18.0737 0x131c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
00:12:18.0742 0x131c  i8042prt - ok
00:12:18.0830 0x131c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
00:12:18.0847 0x131c  iaStorV - ok
00:12:18.0962 0x131c  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
00:12:18.0996 0x131c  idsvc - ok
00:12:19.0016 0x131c  IEEtwCollectorService - ok
00:12:19.0082 0x131c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
00:12:19.0085 0x131c  iirsp - ok
00:12:19.0169 0x131c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
00:12:19.0203 0x131c  IKEEXT - ok
00:12:19.0230 0x131c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
00:12:19.0236 0x131c  intelide - ok
00:12:19.0271 0x131c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
00:12:19.0272 0x131c  intelppm - ok
00:12:19.0324 0x131c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
00:12:19.0327 0x131c  IPBusEnum - ok
00:12:19.0379 0x131c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:12:19.0383 0x131c  IpFilterDriver - ok
00:12:19.0432 0x131c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
00:12:19.0458 0x131c  iphlpsvc - ok
00:12:19.0510 0x131c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
00:12:19.0514 0x131c  IPMIDRV - ok
00:12:19.0536 0x131c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
00:12:19.0541 0x131c  IPNAT - ok
00:12:19.0575 0x131c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
00:12:19.0578 0x131c  IRENUM - ok
00:12:19.0594 0x131c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
00:12:19.0597 0x131c  isapnp - ok
00:12:19.0655 0x131c  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
00:12:19.0666 0x131c  iScsiPrt - ok
00:12:19.0746 0x131c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
00:12:19.0749 0x131c  kbdclass - ok
00:12:19.0798 0x131c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
00:12:19.0801 0x131c  kbdhid - ok
00:12:19.0828 0x131c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
00:12:19.0829 0x131c  KeyIso - ok
00:12:19.0904 0x131c  [ 795EC29BA21F1D948FD6FD740C00B599, 780900717A812C5DB78C67057010BD62DF2C756C087599A6F8C67CB4EFA7518C ] kl1             C:\Windows\system32\DRIVERS\kl1.sys
00:12:19.0921 0x131c  kl1 - ok
00:12:20.0009 0x131c  [ 70D959CB6DC1F2AC6AFF3AC20891939D, 22EECAD6C8DD9C2691D707950FFCD5DBA929942450B7E2E69F5DDE9DD4E7DBFE ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
00:12:20.0023 0x131c  KLIF - ok
00:12:20.0090 0x131c  [ 31B69BFF28348503E4BD10C2A4F66D05, 891318C2DDF85E43DFCEE73717AEFCE79BC3DCD83FCD58E6F794AB6BF1739688 ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
00:12:20.0092 0x131c  KLIM6 - ok
00:12:20.0134 0x131c  [ AEB50941C6D67128B14F88DB9917C4E0, 2ACE46665DE298CC197660A442A3172B1FB460A40BD18AECEA786ACB011FDA43 ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys
00:12:20.0137 0x131c  klkbdflt - ok
00:12:20.0176 0x131c  [ 72CF64FBF38CD681FA7F37176047E967, BE5683C119DCEF7E678EE477D6CADF873E32D42372A253B7E86B8C335DF28E1C ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
00:12:20.0177 0x131c  klmouflt - ok
00:12:20.0211 0x131c  [ 45ECF097BC6330C2054D7D43B7AD822B, 41684ED54E75FE6BEEA322E7CE888DFDD53EE1F45016E01CE10B84ABB02CBDA8 ] kltdi           C:\Windows\system32\DRIVERS\kltdi.sys
00:12:20.0213 0x131c  kltdi - ok
00:12:20.0302 0x131c  [ 1FCB657B581CC4DF17FD6571F93602DE, D5D95773D19AA47BA619D149FD6068198E2AA05C219C3936E327B3DFFDE6B10C ] kneps           C:\Windows\system32\DRIVERS\kneps.sys
00:12:20.0306 0x131c  kneps - ok
00:12:20.0365 0x131c  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
00:12:20.0369 0x131c  KSecDD - ok
00:12:20.0390 0x131c  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
00:12:20.0395 0x131c  KSecPkg - ok
00:12:20.0465 0x131c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
00:12:20.0466 0x131c  ksthunk - ok
00:12:20.0602 0x131c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
00:12:20.0620 0x131c  KtmRm - ok
00:12:20.0728 0x131c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
00:12:20.0738 0x131c  LanmanServer - ok
00:12:20.0799 0x131c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
00:12:20.0805 0x131c  LanmanWorkstation - ok
00:12:20.0846 0x131c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
00:12:20.0847 0x131c  lltdio - ok
00:12:20.0906 0x131c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
00:12:20.0917 0x131c  lltdsvc - ok
00:12:20.0935 0x131c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
00:12:20.0937 0x131c  lmhosts - ok
00:12:20.0974 0x131c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
00:12:20.0979 0x131c  LSI_FC - ok
00:12:21.0011 0x131c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
00:12:21.0016 0x131c  LSI_SAS - ok
00:12:21.0044 0x131c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
00:12:21.0048 0x131c  LSI_SAS2 - ok
00:12:21.0084 0x131c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
00:12:21.0089 0x131c  LSI_SCSI - ok
00:12:21.0131 0x131c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
00:12:21.0134 0x131c  luafv - ok
00:12:21.0203 0x131c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
00:12:21.0208 0x131c  Mcx2Svc - ok
00:12:21.0228 0x131c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
00:12:21.0232 0x131c  megasas - ok
00:12:21.0304 0x131c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
00:12:21.0321 0x131c  MegaSR - ok
00:12:21.0443 0x131c  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
00:12:21.0447 0x131c  Microsoft Office Groove Audit Service - ok
00:12:21.0476 0x131c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
00:12:21.0479 0x131c  MMCSS - ok
00:12:21.0506 0x131c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
00:12:21.0508 0x131c  Modem - ok
00:12:21.0570 0x131c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
00:12:21.0572 0x131c  monitor - ok
00:12:21.0654 0x131c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
00:12:21.0656 0x131c  mouclass - ok
00:12:21.0721 0x131c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
00:12:21.0722 0x131c  mouhid - ok
00:12:21.0773 0x131c  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
00:12:21.0777 0x131c  mountmgr - ok
00:12:21.0859 0x131c  [ E1B6FCAE82474FC071155263E2841D54, 341E2CEB1A86586730130311C4FAF86851151D5F08EF915A5F89B6C4094AE1F4 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
00:12:21.0864 0x131c  MozillaMaintenance - ok
00:12:21.0921 0x131c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
00:12:21.0963 0x131c  mpio - ok
00:12:22.0018 0x131c  [ 6DDB2BEFF00EA756FF0F65132330D4F4, A50749C3FDB57B686F91109CC55DF05300A6DF224B58649CE514506D074EADC9 ] MpKsl8179482c   C:\Windows\system32\MpEngineStore\MpKsl8179482c.sys
00:12:22.0028 0x131c  MpKsl8179482c - ok
00:12:22.0099 0x131c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
00:12:22.0101 0x131c  mpsdrv - ok
00:12:22.0182 0x131c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
00:12:22.0234 0x131c  MpsSvc - ok
00:12:22.0289 0x131c  [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
00:12:22.0295 0x131c  MRxDAV - ok
00:12:22.0357 0x131c  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
00:12:22.0363 0x131c  mrxsmb - ok
00:12:22.0418 0x131c  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:12:22.0427 0x131c  mrxsmb10 - ok
00:12:22.0458 0x131c  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:12:22.0463 0x131c  mrxsmb20 - ok
00:12:22.0509 0x131c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
00:12:22.0512 0x131c  msahci - ok
00:12:22.0567 0x131c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
00:12:22.0573 0x131c  msdsm - ok
00:12:22.0595 0x131c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
00:12:22.0602 0x131c  MSDTC - ok
00:12:22.0643 0x131c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
00:12:22.0644 0x131c  Msfs - ok
00:12:22.0699 0x131c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
00:12:22.0701 0x131c  mshidkmdf - ok
00:12:22.0748 0x131c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
00:12:22.0750 0x131c  msisadrv - ok
00:12:22.0817 0x131c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
00:12:22.0825 0x131c  MSiSCSI - ok
00:12:22.0832 0x131c  msiserver - ok
00:12:22.0863 0x131c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
00:12:22.0866 0x131c  MSKSSRV - ok
00:12:22.0905 0x131c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
00:12:22.0908 0x131c  MSPCLOCK - ok
00:12:22.0915 0x131c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
00:12:22.0920 0x131c  MSPQM - ok
00:12:22.0981 0x131c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
00:12:22.0998 0x131c  MsRPC - ok
00:12:23.0520 0x131c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
00:12:23.0522 0x131c  mssmbios - ok
00:12:23.0559 0x131c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
00:12:23.0562 0x131c  MSTEE - ok
00:12:23.0586 0x131c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
00:12:23.0590 0x131c  MTConfig - ok
00:12:23.0620 0x131c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
00:12:23.0622 0x131c  Mup - ok
00:12:23.0714 0x131c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
00:12:23.0729 0x131c  napagent - ok
00:12:23.0774 0x131c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
00:12:23.0781 0x131c  NativeWifiP - ok
00:12:23.0870 0x131c  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
00:12:23.0919 0x131c  NDIS - ok
00:12:23.0941 0x131c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
00:12:23.0944 0x131c  NdisCap - ok
00:12:23.0973 0x131c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
00:12:23.0974 0x131c  NdisTapi - ok
00:12:24.0024 0x131c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
00:12:24.0028 0x131c  Ndisuio - ok
00:12:24.0086 0x131c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
00:12:24.0094 0x131c  NdisWan - ok
00:12:24.0147 0x131c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
00:12:24.0151 0x131c  NDProxy - ok
00:12:24.0208 0x131c  [ D4F51E88C71BF8F06EA1BE320B0BB75B, ABDA528F8159290BFDFBAAFC3BDA4484649FF612FD1D9E74284CA7DBA00A4B0D ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
00:12:24.0212 0x131c  Net Driver HPZ12 - ok
00:12:24.0235 0x131c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
00:12:24.0237 0x131c  NetBIOS - ok
00:12:24.0299 0x131c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
00:12:24.0327 0x131c  NetBT - ok
00:12:24.0352 0x131c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
00:12:24.0355 0x131c  Netlogon - ok
00:12:24.0423 0x131c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
00:12:24.0439 0x131c  Netman - ok
00:12:24.0512 0x131c  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:12:24.0520 0x131c  NetMsmqActivator - ok
00:12:24.0624 0x131c  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:12:24.0628 0x131c  NetPipeActivator - ok
00:12:24.0718 0x131c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
00:12:24.0728 0x131c  netprofm - ok
00:12:24.0858 0x131c  [ 81B8D0C1CE44A7FDBD596B693783950C, 9F47ACECFE32E935FE03D0134018A9C03698D9E25E6FC9B8A525A4FE4A880642 ] netr7364        C:\Windows\system32\DRIVERS\netr7364.sys
00:12:24.0894 0x131c  netr7364 - ok
00:12:24.0912 0x131c  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:12:24.0917 0x131c  NetTcpActivator - ok
00:12:24.0932 0x131c  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:12:24.0939 0x131c  NetTcpPortSharing - ok
00:12:24.0999 0x131c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
00:12:25.0004 0x131c  nfrd960 - ok
00:12:25.0066 0x131c  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
00:12:25.0098 0x131c  NlaSvc - ok
00:12:25.0132 0x131c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
00:12:25.0133 0x131c  Npfs - ok
00:12:25.0149 0x131c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
00:12:25.0152 0x131c  nsi - ok
00:12:25.0182 0x131c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
00:12:25.0184 0x131c  nsiproxy - ok
00:12:25.0381 0x131c  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
00:12:25.0455 0x131c  Ntfs - ok
00:12:25.0474 0x131c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
00:12:25.0475 0x131c  Null - ok
00:12:25.0550 0x131c  [ A85B4F2EF3A7304A5399EF0526423040, E45854691BA6AE36E53C2922CC93FF13DC2D84CBE7FE13A2F0B1CE1C16D1D158 ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x64.sys
00:12:25.0558 0x131c  NVENETFD - ok
00:12:26.0016 0x131c  [ 8E6247F418B4C8AE9EEB0B532CABCC21, 42AD2588CBC8C9478F289955AB1391C65788D0564CCA7E0F9A41B8498A8BA117 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
00:12:26.0294 0x131c  nvlddmkm - ok
00:12:26.0413 0x131c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
00:12:26.0421 0x131c  nvraid - ok
00:12:26.0476 0x131c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
00:12:26.0483 0x131c  nvstor - ok
00:12:26.0608 0x131c  [ 41B97DCE2B2D113B831EB197F02A7398, 3168C646327E5C72741A326C12AD46A73234DA6A67DC21F66FF1D195A971FBFE ] nvsvc           C:\Windows\system32\nvvsvc.exe
00:12:26.0628 0x131c  nvsvc - ok
00:12:26.0739 0x131c  [ A3A25E0509F67473B960DAF214828BE3, F2EC38B82DF46E5765FD8976AA5A7043637AC716F56B17D6DC7524E774602DE3 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
00:12:26.0764 0x131c  nvUpdatusService - ok
00:12:26.0828 0x131c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
00:12:26.0837 0x131c  nv_agp - ok
00:12:27.0052 0x131c  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
00:12:27.0188 0x131c  odserv - ok
00:12:27.0258 0x131c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
00:12:27.0265 0x131c  ohci1394 - ok
00:12:27.0375 0x131c  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:12:27.0380 0x131c  ose - ok
00:12:27.0492 0x131c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
00:12:27.0542 0x131c  p2pimsvc - ok
00:12:27.0607 0x131c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
00:12:27.0624 0x131c  p2psvc - ok
00:12:27.0709 0x131c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
00:12:27.0726 0x131c  Parport - ok
00:12:27.0773 0x131c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
00:12:27.0778 0x131c  partmgr - ok
00:12:27.0808 0x131c  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
00:12:27.0813 0x131c  PcaSvc - ok
00:12:27.0864 0x131c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
00:12:27.0870 0x131c  pci - ok
00:12:27.0918 0x131c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
00:12:27.0920 0x131c  pciide - ok
00:12:27.0949 0x131c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
00:12:27.0957 0x131c  pcmcia - ok
00:12:27.0979 0x131c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
00:12:27.0980 0x131c  pcw - ok
00:12:28.0022 0x131c  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
00:12:28.0043 0x131c  PEAUTH - ok
00:12:28.0138 0x131c  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
00:12:28.0181 0x131c  PeerDistSvc - ok
00:12:28.0274 0x131c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
00:12:28.0277 0x131c  PerfHost - ok
00:12:28.0371 0x131c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
00:12:28.0423 0x131c  pla - ok
00:12:28.0477 0x131c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
00:12:28.0496 0x131c  PlugPlay - ok
00:12:28.0549 0x131c  [ 9A80707D8B6C1806531BFD7399B3CC76, C9996A265B0C461843DECE336314AEDD38D3F0644A8AA4D3F20D3496AD17956B ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
00:12:28.0614 0x131c  Pml Driver HPZ12 - ok
00:12:28.0652 0x131c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
00:12:28.0657 0x131c  PNRPAutoReg - ok
00:12:28.0747 0x131c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
00:12:28.0755 0x131c  PNRPsvc - ok
00:12:28.0793 0x131c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
00:12:28.0852 0x131c  PolicyAgent - ok
00:12:28.0900 0x131c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
00:12:28.0905 0x131c  Power - ok
00:12:28.0948 0x131c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
00:12:28.0953 0x131c  PptpMiniport - ok
00:12:29.0000 0x131c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
00:12:29.0004 0x131c  Processor - ok
00:12:29.0080 0x131c  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
00:12:29.0110 0x131c  ProfSvc - ok
00:12:29.0148 0x131c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
00:12:29.0150 0x131c  ProtectedStorage - ok
00:12:29.0312 0x131c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
00:12:29.0358 0x131c  Psched - ok
00:12:29.0480 0x131c  [ 799DBE9B52C74DA2F04144F0D06C2E56, D6ABBA10FE6B1D56401D1E29B7775BDAE598CF4A8144855E9CFB70919F3C4AD0 ] QBCFMonitorService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
00:12:29.0482 0x131c  QBCFMonitorService - ok
00:12:29.0588 0x131c  [ 9EE9AA5D1FB3F3B99467A20B03B47C5D, 5C43150DF7FC7786DD7568219860BEC89460EE13889B37F01A6D15D4059EC146 ] QBFCService     C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
00:12:29.0593 0x131c  QBFCService - ok
00:12:29.0761 0x131c  [ 78AFB70DBE365BD6140E6740792AC3EA, 32DBFDA80C62B6752BB17F5A3843314ED33F8B77760B5691F910AD632EE5DD0F ] QBVSS           C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
00:12:29.0785 0x131c  QBVSS - ok
00:12:29.0864 0x131c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
00:12:29.0915 0x131c  ql2300 - ok
00:12:29.0948 0x131c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
00:12:29.0954 0x131c  ql40xx - ok
00:12:29.0993 0x131c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
00:12:30.0002 0x131c  QWAVE - ok
00:12:30.0020 0x131c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
00:12:30.0025 0x131c  QWAVEdrv - ok
00:12:30.0043 0x131c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
00:12:30.0046 0x131c  RasAcd - ok
00:12:30.0112 0x131c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
00:12:30.0113 0x131c  RasAgileVpn - ok
00:12:30.0146 0x131c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
00:12:30.0151 0x131c  RasAuto - ok
00:12:30.0200 0x131c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
00:12:30.0205 0x131c  Rasl2tp - ok
00:12:30.0266 0x131c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
00:12:30.0283 0x131c  RasMan - ok
00:12:30.0305 0x131c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
00:12:30.0310 0x131c  RasPppoe - ok
00:12:30.0338 0x131c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
00:12:30.0340 0x131c  RasSstp - ok
00:12:30.0399 0x131c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
00:12:30.0409 0x131c  rdbss - ok
00:12:30.0435 0x131c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
00:12:30.0436 0x131c  rdpbus - ok
00:12:30.0464 0x131c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
00:12:30.0464 0x131c  RDPCDD - ok
00:12:30.0513 0x131c  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
00:12:30.0520 0x131c  RDPDR - ok
00:12:30.0553 0x131c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
00:12:30.0555 0x131c  RDPENCDD - ok
00:12:30.0600 0x131c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
00:12:30.0601 0x131c  RDPREFMP - ok
00:12:30.0667 0x131c  [ 70CBA1A0C98600A2AA1863479B35CB90, 91A133297921B4955817176251AFC5283DA3C7D2099700C4C92ECC94DBE9A99E ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
00:12:30.0672 0x131c  RdpVideoMiniport - ok
00:12:30.0749 0x131c  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
00:12:30.0756 0x131c  RDPWD - ok
00:12:30.0806 0x131c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
00:12:30.0814 0x131c  rdyboost - ok
00:12:30.0862 0x131c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
00:12:30.0867 0x131c  RemoteAccess - ok
00:12:30.0919 0x131c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
00:12:30.0926 0x131c  RemoteRegistry - ok
00:12:30.0957 0x131c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
00:12:30.0960 0x131c  RpcEptMapper - ok
00:12:31.0006 0x131c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
00:12:31.0009 0x131c  RpcLocator - ok
00:12:31.0074 0x131c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
00:12:31.0085 0x131c  RpcSs - ok
00:12:31.0164 0x131c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
00:12:31.0166 0x131c  rspndr - ok
00:12:31.0189 0x131c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
00:12:31.0191 0x131c  SamSs - ok
00:12:31.0246 0x131c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
00:12:31.0251 0x131c  sbp2port - ok
00:12:31.0288 0x131c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
00:12:31.0296 0x131c  SCardSvr - ok
00:12:31.0342 0x131c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
00:12:31.0345 0x131c  scfilter - ok
00:12:31.0404 0x131c  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
00:12:31.0439 0x131c  Schedule - ok
00:12:31.0497 0x131c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
00:12:31.0499 0x131c  SCPolicySvc - ok
00:12:31.0525 0x131c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
00:12:31.0533 0x131c  SDRSVC - ok
00:12:31.0553 0x131c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
00:12:31.0555 0x131c  secdrv - ok
00:12:31.0600 0x131c  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
00:12:31.0604 0x131c  seclogon - ok
00:12:31.0618 0x131c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
00:12:31.0624 0x131c  SENS - ok
00:12:31.0640 0x131c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
00:12:31.0649 0x131c  SensrSvc - ok
00:12:31.0697 0x131c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
00:12:31.0699 0x131c  Serenum - ok
00:12:31.0727 0x131c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
00:12:31.0732 0x131c  Serial - ok
00:12:31.0752 0x131c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
00:12:31.0755 0x131c  sermouse - ok
00:12:31.0817 0x131c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
00:12:31.0824 0x131c  SessionEnv - ok
00:12:31.0864 0x131c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
00:12:31.0866 0x131c  sffdisk - ok
00:12:31.0885 0x131c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
00:12:31.0888 0x131c  sffp_mmc - ok
00:12:31.0910 0x131c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
00:12:31.0913 0x131c  sffp_sd - ok
00:12:31.0931 0x131c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
00:12:31.0934 0x131c  sfloppy - ok
00:12:31.0992 0x131c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
00:12:32.0009 0x131c  SharedAccess - ok
00:12:32.0074 0x131c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:12:32.0093 0x131c  ShellHWDetection - ok
00:12:32.0118 0x131c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
00:12:32.0122 0x131c  SiSRaid2 - ok
00:12:32.0139 0x131c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
00:12:32.0144 0x131c  SiSRaid4 - ok
00:12:32.0176 0x131c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
00:12:32.0180 0x131c  Smb - ok
00:12:32.0212 0x131c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
00:12:32.0214 0x131c  SNMPTRAP - ok
00:12:32.0236 0x131c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
00:12:32.0237 0x131c  spldr - ok
00:12:32.0308 0x131c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
00:12:32.0322 0x131c  Spooler - ok
00:12:32.0471 0x131c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
00:12:32.0537 0x131c  sppsvc - ok
00:12:32.0589 0x131c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
00:12:32.0594 0x131c  sppuinotify - ok
00:12:32.0719 0x131c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
00:12:32.0744 0x131c  srv - ok
00:12:32.0812 0x131c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
00:12:32.0829 0x131c  srv2 - ok
00:12:32.0896 0x131c  [ A42B22601CC2754428B5F82E040FD1C7, 111E18952FB1F1B9D2059D8F6880FE1D5996C5D193EB8FBB2757826123739F2A ] SrvHsfPCIe      C:\Windows\system32\DRIVERS\VSTBS36.SYS
00:12:32.0901 0x131c  SrvHsfPCIe - ok
00:12:32.0963 0x131c  [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
00:12:33.0005 0x131c  SrvHsfV92 - ok
00:12:33.0119 0x131c  [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
00:12:33.0133 0x131c  SrvHsfWinac - ok
00:12:33.0164 0x131c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
00:12:33.0170 0x131c  srvnet - ok
00:12:33.0194 0x131c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
00:12:33.0199 0x131c  SSDPSRV - ok
00:12:33.0224 0x131c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
00:12:33.0227 0x131c  SstpSvc - ok
00:12:33.0271 0x131c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
00:12:33.0274 0x131c  stexstor - ok
00:12:33.0314 0x131c  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\drivers\serscan.sys
00:12:33.0316 0x131c  StillCam - ok
00:12:33.0371 0x131c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
00:12:33.0397 0x131c  stisvc - ok
00:12:33.0443 0x131c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
00:12:33.0445 0x131c  swenum - ok
00:12:33.0482 0x131c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
00:12:33.0507 0x131c  swprv - ok
00:12:33.0533 0x131c  Synth3dVsc - ok
00:12:33.0647 0x131c  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
00:12:33.0739 0x131c  SysMain - ok
00:12:33.0802 0x131c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:12:33.0807 0x131c  TabletInputService - ok
00:12:33.0859 0x131c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
00:12:33.0875 0x131c  TapiSrv - ok
00:12:33.0928 0x131c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
00:12:33.0947 0x131c  TBS - ok
00:12:34.0054 0x131c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
00:12:34.0115 0x131c  Tcpip - ok
00:12:34.0204 0x131c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
00:12:34.0239 0x131c  TCPIP6 - ok
00:12:34.0306 0x131c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
00:12:34.0310 0x131c  tcpipreg - ok
00:12:34.0377 0x131c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
00:12:34.0403 0x131c  TDPIPE - ok
00:12:34.0440 0x131c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
00:12:34.0443 0x131c  TDTCP - ok
00:12:34.0489 0x131c  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
00:12:34.0494 0x131c  tdx - ok
00:12:34.0892 0x131c  [ 5CEF407E235885DB5421DF79C843F2DF, B85D7C8A137B15BDF14DB9588CEDB09C67B0C7965F8E79121E2BA7796B16777C ] TeamViewer9     C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
00:12:34.0987 0x131c  TeamViewer9 - ok
00:12:35.0058 0x131c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
00:12:35.0060 0x131c  TermDD - ok
00:12:35.0108 0x131c  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
00:12:35.0135 0x131c  TermService - ok
00:12:35.0193 0x131c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
00:12:35.0195 0x131c  Themes - ok
00:12:35.0253 0x131c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
00:12:35.0256 0x131c  THREADORDER - ok
00:12:35.0290 0x131c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
00:12:35.0294 0x131c  TrkWks - ok
00:12:35.0401 0x131c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:12:35.0408 0x131c  TrustedInstaller - ok
00:12:35.0461 0x131c  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
00:12:35.0464 0x131c  tssecsrv - ok
00:12:35.0550 0x131c  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
00:12:35.0554 0x131c  TsUsbFlt - ok
00:12:35.0578 0x131c  tsusbhub - ok
00:12:35.0670 0x131c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
00:12:35.0676 0x131c  tunnel - ok
00:12:35.0742 0x131c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
00:12:35.0766 0x131c  uagp35 - ok
00:12:35.0865 0x131c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
00:12:35.0889 0x131c  udfs - ok
00:12:35.0927 0x131c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
00:12:35.0932 0x131c  UI0Detect - ok
00:12:35.0962 0x131c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
00:12:35.0985 0x131c  uliagpkx - ok
00:12:36.0083 0x131c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
00:12:36.0086 0x131c  umbus - ok
00:12:36.0123 0x131c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
00:12:36.0127 0x131c  UmPass - ok
00:12:36.0195 0x131c  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
00:12:36.0204 0x131c  UmRdpService - ok
00:12:36.0241 0x131c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
00:12:36.0256 0x131c  upnphost - ok
00:12:36.0340 0x131c  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
00:12:36.0345 0x131c  usbaudio - ok
00:12:36.0392 0x131c  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
00:12:36.0396 0x131c  usbccgp - ok
00:12:36.0453 0x131c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
00:12:36.0458 0x131c  usbcir - ok
00:12:36.0507 0x131c  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
00:12:36.0511 0x131c  usbehci - ok
00:12:36.0556 0x131c  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
00:12:36.0599 0x131c  usbhub - ok
00:12:36.0632 0x131c  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
00:12:36.0707 0x131c  usbohci - ok
00:12:36.0758 0x131c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
00:12:36.0760 0x131c  usbprint - ok
00:12:36.0783 0x131c  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
00:12:36.0786 0x131c  usbscan - ok
00:12:36.0809 0x131c  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:12:36.0813 0x131c  USBSTOR - ok
00:12:36.0847 0x131c  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
00:12:36.0851 0x131c  usbuhci - ok
00:12:36.0957 0x131c  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
00:12:36.0966 0x131c  usbvideo - ok
00:12:37.0015 0x131c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
00:12:37.0017 0x131c  UxSms - ok
00:12:37.0036 0x131c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
00:12:37.0038 0x131c  VaultSvc - ok
00:12:37.0077 0x131c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
00:12:37.0079 0x131c  vdrvroot - ok
00:12:37.0269 0x131c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
00:12:37.0318 0x131c  vds - ok
00:12:37.0353 0x131c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
00:12:37.0357 0x131c  vga - ok
00:12:37.0371 0x131c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
00:12:37.0373 0x131c  VgaSave - ok
00:12:37.0396 0x131c  VGPU - ok
00:12:37.0458 0x131c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
00:12:37.0466 0x131c  vhdmp - ok
00:12:37.0547 0x131c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
00:12:37.0550 0x131c  viaide - ok
00:12:37.0611 0x131c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
00:12:37.0624 0x131c  volmgr - ok
00:12:37.0688 0x131c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
00:12:37.0705 0x131c  volmgrx - ok
00:12:37.0773 0x131c  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
00:12:37.0780 0x131c  volsnap - ok
00:12:37.0811 0x131c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
00:12:37.0818 0x131c  vsmraid - ok
00:12:37.0924 0x131c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
00:12:37.0981 0x131c  VSS - ok
00:12:38.0020 0x131c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
00:12:38.0021 0x131c  vwifibus - ok
00:12:38.0091 0x131c  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
00:12:38.0093 0x131c  vwififlt - ok
00:12:38.0125 0x131c  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
00:12:38.0126 0x131c  vwifimp - ok
00:12:38.0191 0x131c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
00:12:38.0204 0x131c  W32Time - ok
00:12:38.0235 0x131c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
00:12:38.0238 0x131c  WacomPen - ok
00:12:38.0273 0x131c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
00:12:38.0292 0x131c  WANARP - ok
00:12:38.0315 0x131c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
00:12:38.0317 0x131c  Wanarpv6 - ok
00:12:38.0442 0x131c  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
00:12:38.0492 0x131c  WatAdminSvc - ok
00:12:38.0587 0x131c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
00:12:38.0638 0x131c  wbengine - ok
00:12:38.0710 0x131c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
00:12:38.0720 0x131c  WbioSrvc - ok
00:12:38.0773 0x131c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
00:12:38.0790 0x131c  wcncsvc - ok
00:12:38.0813 0x131c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:12:38.0818 0x131c  WcsPlugInService - ok
00:12:38.0872 0x131c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
00:12:38.0894 0x131c  Wd - ok
00:12:38.0959 0x131c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
00:12:39.0015 0x131c  Wdf01000 - ok
00:12:39.0047 0x131c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
00:12:39.0050 0x131c  WdiServiceHost - ok
00:12:39.0057 0x131c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
00:12:39.0063 0x131c  WdiSystemHost - ok
00:12:39.0178 0x131c  [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient       C:\Windows\System32\webclnt.dll
00:12:39.0195 0x131c  WebClient - ok
00:12:39.0220 0x131c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
00:12:39.0229 0x131c  Wecsvc - ok
00:12:39.0246 0x131c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
00:12:39.0249 0x131c  wercplsupport - ok
00:12:39.0276 0x131c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
00:12:39.0280 0x131c  WerSvc - ok
00:12:39.0330 0x131c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
00:12:39.0331 0x131c  WfpLwf - ok
00:12:39.0357 0x131c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
00:12:39.0374 0x131c  WIMMount - ok
00:12:39.0404 0x131c  WinDefend - ok
00:12:39.0416 0x131c  WinHttpAutoProxySvc - ok
00:12:39.0559 0x131c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
00:12:39.0565 0x131c  Winmgmt - ok
00:12:39.0686 0x131c  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
00:12:39.0831 0x131c  WinRM - ok
00:12:39.0927 0x131c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
00:12:39.0936 0x131c  WinUsb - ok
00:12:40.0008 0x131c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
00:12:40.0040 0x131c  Wlansvc - ok
00:12:40.0282 0x131c  [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:12:40.0326 0x131c  wlidsvc - ok
00:12:40.0383 0x131c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
00:12:40.0385 0x131c  WmiAcpi - ok
00:12:40.0455 0x131c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
00:12:40.0462 0x131c  wmiApSrv - ok
00:12:40.0484 0x131c  WMPNetworkSvc - ok
00:12:40.0511 0x131c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
00:12:40.0520 0x131c  WPCSvc - ok
00:12:40.0582 0x131c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
00:12:40.0590 0x131c  WPDBusEnum - ok
00:12:40.0625 0x131c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
00:12:40.0700 0x131c  ws2ifsl - ok
00:12:40.0721 0x131c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
00:12:40.0732 0x131c  wscsvc - ok
00:12:40.0784 0x131c  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
00:12:40.0787 0x131c  WSDPrintDevice - ok
00:12:40.0794 0x131c  WSearch - ok
00:12:40.0930 0x131c  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
00:12:41.0030 0x131c  wuauserv - ok
00:12:41.0130 0x131c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
00:12:41.0135 0x131c  WudfPf - ok
00:12:41.0176 0x131c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
00:12:41.0184 0x131c  WUDFRd - ok
00:12:41.0216 0x131c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
00:12:41.0223 0x131c  wudfsvc - ok
00:12:41.0262 0x131c  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
00:12:41.0321 0x131c  WwanSvc - ok
00:12:41.0354 0x131c  ================ Scan global ===============================
00:12:41.0397 0x131c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
00:12:41.0460 0x131c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
00:12:41.0477 0x131c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
00:12:41.0530 0x131c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
00:12:41.0597 0x131c  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
00:12:41.0604 0x131c  [ Global ] - ok
00:12:41.0605 0x131c  ================ Scan MBR ==================================
00:12:41.0622 0x131c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
00:12:41.0935 0x131c  \Device\Harddisk0\DR0 - ok
00:12:41.0943 0x131c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
00:12:41.0949 0x131c  \Device\Harddisk1\DR1 - ok
00:12:41.0950 0x131c  ================ Scan VBR ==================================
00:12:41.0955 0x131c  [ 47A3405340E668D1E890867C34CA36F3 ] \Device\Harddisk0\DR0\Partition1
00:12:41.0957 0x131c  \Device\Harddisk0\DR0\Partition1 - ok
00:12:41.0968 0x131c  [ EB9F668724DDD2AD5FB2BC3B4FBD8D15 ] \Device\Harddisk0\DR0\Partition2
00:12:42.0003 0x131c  \Device\Harddisk0\DR0\Partition2 - ok
00:12:42.0011 0x131c  [ F9DE83DF55CEEDDEEE52A185FC79AE24 ] \Device\Harddisk1\DR1\Partition1
00:12:42.0012 0x131c  \Device\Harddisk1\DR1\Partition1 - ok
00:12:42.0013 0x131c  ================ Scan generic autorun ======================
00:12:42.0482 0x131c  [ F8B096E7EC6BD3807660149EB16A9788, 49FCF83B8923EED64CE270C13491250B5D06193175340C68B82ABA8D8A17FC73 ] C:\Program Files\HP\HP LaserJet Professional CM1410 Series\Fax Driver\hppfaxprintersrv.exe
00:12:42.0549 0x131c  HP LaserJet Professional CM1410 Series Fax - ok
00:12:42.0731 0x131c  [ 78AB92E3B0AAEC820CEF88F49C6C007E, A2CA6074540D546E2795E38A644D680C31C11F8D2B76FB3B1E04A71908E6094B ] C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe
00:12:42.0733 0x131c  ToolboxFX - ok
00:12:42.0955 0x131c  [ 4CDF90E852837C827C855F8E8E2C5FE2, 1918CE3A880E2067D52C538096DA2D35DFCA2D742E2ED370CF2DFE22840024FD ] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe
00:12:43.0022 0x131c  Intuit SyncManager - ok
00:12:43.0325 0x131c  [ 7B59D1D1F458B322A722E95554BB591E, F184E22D37E013580AB7FD07172C1F662275D39E036CE22DFA62B2A43823E719 ] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
00:12:43.0354 0x131c  CanonSolutionMenuEx - ok
00:12:43.0456 0x131c  [ 0E34B7BB1FCF22BCC1E394D16F9E992B, 382CA8E6BAC301E2F277F8EDA03D263FF71272796A8EED582C36294EEE9191F9 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
00:12:43.0458 0x131c  GrooveMonitor - ok
00:12:43.0577 0x131c  [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
00:12:43.0595 0x131c  Adobe ARM - ok
00:12:43.0672 0x131c  [ D63797E8E7781EE1500A810CB6194FA6, 5C96DA00B98F0776E6174EBB7D4D6DB634838E130D8581E11811831D2C57B119 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
00:12:43.0678 0x131c  SunJavaUpdateSched - ok
00:12:43.0812 0x131c  [ 7E91655B4947EC1B18B3BC1645839145, 4425326D019A7A6380B71D6710AD94D58A11E1BC5BA42159DD4A17437A296C48 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
00:12:43.0819 0x131c  AVP - ok
00:12:43.0908 0x131c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
00:12:43.0949 0x131c  Sidebar - ok
00:12:43.0981 0x131c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
00:12:43.0986 0x131c  mctadmin - ok
00:12:44.0041 0x131c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
00:12:44.0062 0x131c  Sidebar - ok
00:12:44.0073 0x131c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
00:12:44.0076 0x131c  mctadmin - ok
00:12:44.0259 0x131c  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] C:\Users\dukarmo\AppData\Local\Google\Update\GoogleUpdate.exe
00:12:44.0263 0x131c  Google Update - ok
00:12:44.0334 0x131c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\sidebar.exe
00:12:44.0354 0x131c  Sidebar - ok
00:12:44.0453 0x131c  [ B43D19E4B357A52926D551B2698868E4, B5A5C2C97324DE42FD466A910ECD35DB1CC6A1D900389D64677549C279C3A0C0 ] C:\Users\dukarmo\AppData\Roaming\Genieo\Application\Updater\bin\genupdater.exe
00:12:44.0468 0x131c  GenieoUpdaterService - ok
00:12:44.0501 0x131c  [ 8C16926C0F984A586D32636D7B6C80FA, FC36D6C15766CA69380DE9376EA44252077D96AC9FAEABF6D274AD8FEC04D6A5 ] C:\Users\dukarmo\AppData\Roaming\Genieo\Application\TrayUi\bin\gentray.exe
00:12:44.0524 0x131c  GenieoSystemTray - ok
00:12:44.0824 0x131c  [ B820CC1FAC0ADEA66687EE13CC2CB114, AF68DC3157DAFFF9E83F88FFD9A45FAC14D56659C47CE411F549AC44215046CF ] C:\Users\dukarmo\AppData\Local\iLivid\iLivid.exe
00:12:45.0019 0x131c  iLivid - ok
00:12:45.0273 0x131c  [ B06F0B4297AFA7E76A8B2D81082FA426, 8A744C525F92F550A59724F157171F7B7FE1745FB0B2764987A687E9442082BC ] C:\Program Files (x86)\AIM\aim.exe
00:12:45.0406 0x131c  Aim - ok
00:12:45.0469 0x131c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
00:12:45.0489 0x131c  Sidebar - ok
00:12:45.0513 0x131c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
00:12:45.0516 0x131c  mctadmin - ok
00:12:45.0574 0x131c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
00:12:45.0594 0x131c  Sidebar - ok
00:12:45.0613 0x131c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
00:12:45.0616 0x131c  mctadmin - ok
00:12:45.0617 0x131c  Waiting for KSN requests completion. In queue: 109
00:12:46.0617 0x131c  Waiting for KSN requests completion. In queue: 109
00:12:47.0617 0x131c  Waiting for KSN requests completion. In queue: 109
00:12:48.0640 0x131c  AV detected via SS2: Kaspersky PURE 3.0, C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\wmiav.exe ( 13.0.2.558 ), 0x41000 ( enabled : updated )
00:12:48.0696 0x131c  FW detected via SS2: Kaspersky PURE 3.0, C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\wmifw.exe ( 13.0.2.558 ), 0x41010 ( enabled )
00:12:51.0232 0x131c  ============================================================
00:12:51.0232 0x131c  Scan finished
00:12:51.0232 0x131c  ============================================================
00:12:51.0244 0x1348  Detected object count: 0
00:12:51.0244 0x1348  Actual detected object count: 0
00:14:06.0886 0x0eac  Deinitialize success
 

ADW CLEANER:

# AdwCleaner v3.309 - Report created 11/09/2014 at 00:18:06
# Updated 02/09/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Kevin - CAREINSURANCE
# Running from : C:\Users\Kevin\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : DatamngrCoordinator
[#] Service Deleted : F06DEFF2-5B9C-490D-910F-35D3A91196222

***** [ Files / Folders ] *****

[!] Folder Deleted : C:\ProgramData\DataMngr
Folder Deleted : C:\ProgramData\PC Optimizer Pro
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\w3i
Folder Deleted : C:\ProgramData\wincert
Folder Deleted : C:\Program Files (x86)\Fast Free Converter
Folder Deleted : C:\Program Files (x86)\File Type Helper
[!] Folder Deleted : C:\Program Files (x86)\Movies Toolbar
Folder Deleted : C:\Program Files (x86)\SaveValet
Folder Deleted : C:\Program Files (x86)\w3i
Folder Deleted : C:\Program Files (x86)\Common Files\Software Update Utility
Folder Deleted : C:\Users\dukarmo\AppData\Local\iLivid
Folder Deleted : C:\Users\dukarmo\AppData\Local\ilividmoviestoolbar181
Folder Deleted : C:\Users\dukarmo\AppData\Local\torch
Folder Deleted : C:\Users\dukarmo\AppData\Local\Temp\lucky leap
Folder Deleted : C:\Users\dukarmo\AppData\LocalLow\DataMngr
Folder Deleted : C:\Users\dukarmo\AppData\LocalLow\Fast Free Converter
Folder Deleted : C:\Users\dukarmo\AppData\LocalLow\ilividmoviestoolbar181
Folder Deleted : C:\Users\dukarmo\AppData\LocalLow\searchresultstb
Folder Deleted : C:\Users\dukarmo\AppData\Roaming\Tepfel
Folder Deleted : C:\Users\Kevin\AppData\LocalLow\ilividmoviestoolbar181
Folder Deleted : C:\Users\QBDataServiceUser21\AppData\LocalLow\Fast Free Converter
Folder Deleted : C:\Users\SysAdmin\AppData\LocalLow\Fast Free Converter
Folder Deleted : C:\Users\UpdatusUser\AppData\LocalLow\Fast Free Converter
Folder Deleted : C:\Users\dukarmo\AppData\Roaming\Mozilla\Firefox\Profiles\ebbkuv2s.default\ilividmoviestoolbar181
Folder Deleted : C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\wdasepvu.default\ilividmoviestoolbar181
Folder Deleted : C:\Users\SysAdmin\AppData\Roaming\Mozilla\Firefox\Profiles\8rccx8wx.default\ilividmoviestoolbar181
Folder Deleted : C:\Users\dukarmo\AppData\Roaming\Mozilla\Firefox\Profiles\ebbkuv2s.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
File Deleted : C:\Users\Public\Desktop\Free Games.lnk
File Deleted : C:\Users\dukarmo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk
File Deleted : C:\Users\dukarmo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PC Optimizer Pro.lnk
File Deleted : C:\Users\dukarmo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
File Deleted : C:\Users\dukarmo\Desktop\iLivid.lnk
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\Ask.xml
File Deleted : C:\Users\dukarmo\AppData\Roaming\Mozilla\Firefox\Profiles\ebbkuv2s.default\user.js
File Deleted : C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\wdasepvu.default\user.js
File Deleted : C:\Users\dukarmo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\dukarmo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****

Task Deleted : PC Optimizer Pro Updates
Task Deleted : PC Optimizer Pro64 Scan

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Classes\iLivid.torrent
Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\webcakeupdater
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D1DAC034-9FD9-4C13-A388-D2E10E57707F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1CCCE0D-AE21-42A2-BE58-8E6109410995}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D1DAC034-9FD9-4C13-A388-D2E10E57707F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0F12903-DE76-4DF7-BCDC-0A0689151189}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D1DAC034-9FD9-4C13-A388-D2E10E57707F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D1DAC034-9FD9-4C13-A388-D2E10E57707F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1DAC034-9FD9-4C13-A388-D2E10E57707F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D1DAC034-9FD9-4C13-A388-D2E10E57707F}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{D1DAC034-9FD9-4C13-A388-D2E10E57707F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F0F12903-DE76-4DF7-BCDC-0A0689151189}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D1DAC034-9FD9-4C13-A388-D2E10E57707F}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0F12903-DE76-4DF7-BCDC-0A0689151189}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D1DAC034-9FD9-4C13-A388-D2E10E57707F}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\SocialBit
Key Deleted : HKLM\SOFTWARE\Fast Free Converter
Key Deleted : HKLM\SOFTWARE\InstallIQ
Key Deleted : HKLM\SOFTWARE\torch
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Fast Free Converter
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilividmoviestoolbar181CR
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilividmoviestoolbar181IE
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-00B2-0409-0000-0000000FF1CE}
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17239


-\\ Mozilla Firefox v29.0.1 (en-US)

[ File : C:\Users\dukarmo\AppData\Roaming\Mozilla\Firefox\Profiles\ebbkuv2s.default\prefs.js ]

Line Deleted : user_pref("browser.search.defaultenginename", "Ask.com");
Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("browser.search.selectedEngine", "Ask.com");
Line Deleted : user_pref("extensions.enabledAddons", "plugins%40getwebcake.com:1.00.01,%7B635abd67-4fe9-1b23-4f01-e679fa7484c1%7D:3.2.4.20140604103324,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1");
Line Deleted : user_pref("extentions.webcake.defaultEnableAppsList", "layers,brain/features,newOffers/wc");
Line Deleted : user_pref("extentions.webcake.installId", "fb4f437c-6f7b-43db-acd0-89e08911933f");
Line Deleted : user_pref("keyword.URL", "hxxp://dts.search.ask.com/sr?src=ffb&gct=ds&appid=1013&systemid=406&v=a12627-243&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=5352050968844060&o=APN10645&q=");

[ File : C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\wdasepvu.default\prefs.js ]


[ File : C:\Users\SysAdmin\AppData\Roaming\Mozilla\Firefox\Profiles\8rccx8wx.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [14829 octets] - [11/09/2014 00:14:26]
AdwCleaner[R1].txt - [14890 octets] - [11/09/2014 00:16:42]
AdwCleaner[S0].txt - [12938 octets] - [11/09/2014 00:18:06]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [12999 octets] ##########
 

JRT REPORT:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x64
Ran by Kevin on Thu 09/11/2014 at  0:31:35.64
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\savevalet_ie



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 09/11/2014 at  0:42:20.77
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

ESET SCAN REPORT:

C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temp\nsqF49D.tmp\Starter.exe    a variant of Win32/Toolbar.SearchSuite.M potentially unwanted application    
C:\Windows.old\Documents and Settings\Thuy Do\AppData\Local\Temp\jar_cache3613433557953191138.tmp    Java/Rowindal.A trojan    
C:\Windows.old\Documents and Settings\Thuy Do\AppData\Local\Temp\OpenCandy\OCSetupHlp.dll    Win32/OpenCandy potentially unsafe application    
C:\Windows.old\Documents and Settings\Thuy Do\Local Settings\Temp\jar_cache3613433557953191138.tmp    Java/Rowindal.A trojan    
C:\Windows.old\Documents and Settings\Thuy Do\Local Settings\Temp\OpenCandy\OCSetupHlp.dll    Win32/OpenCandy potentially unsafe application    
C:\Windows.old\Users\Thuy Do\AppData\Local\Temp\jar_cache3613433557953191138.tmp    Java/Rowindal.A trojan    
C:\Windows.old\Users\Thuy Do\AppData\Local\Temp\OpenCandy\OCSetupHlp.dll    Win32/OpenCandy potentially unsafe application    
C:\Windows.old\Users\Thuy Do\Downloads\FreewarePrimoPDF.exe    Win32/OpenCandy potentially unsafe application    
C:\Windows.old\Users\Thuy Do\Local Settings\Temp\jar_cache3613433557953191138.tmp    Java/Rowindal.A trojan    
C:\Windows.old\Users\Thuy Do\Local Settings\Temp\OpenCandy\OCSetupHlp.dll    Win32/OpenCandy potentially unsafe application    
C:\AdwCleaner\Quarantine\C\Program Files (x86)\File Type Helper\FileTypeHelper.exe.vir    MSIL/FileTypeHelper.A potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\File Type Helper\FileTypeHelper_assoc.exe.vir    MSIL/FileTypeHelper.A potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveValet\ie\SaveValetIE_32.dll.vir    Win32/SaveValet.A potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveValet\ie\SaveValetIE_64.dll.vir    Win64/SaveValet.A potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\w3i\UninstallHelper\UninstallHelper.exe.vir    probably a variant of Win32/InstallIQ.A potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\_Setupx.dll.vir    probably a variant of Win32/Adware.Yontoo.B application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\ProgramData\wincert\win32cert.dll.vir    Win32/Toolbar.SearchSuite.M potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\ProgramData\wincert\win32prop.dll.vir    Win32/Toolbar.SearchSuite.M potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\ProgramData\wincert\win64cert.dll.vir    Win64/Toolbar.SearchSuite.B potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\ProgramData\wincert\win64prop.dll.vir    Win64/Toolbar.SearchSuite.B potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\dukarmo\AppData\Local\iLivid\Helper.dll.vir    a variant of Win32/Toolbar.SearchSuite.P potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\dukarmo\AppData\Local\iLivid\Uninstall.exe.vir    a variant of Win32/Toolbar.SearchSuite.G potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\dukarmo\AppData\Roaming\Tepfel\dat\Paladin.dat.vir    a variant of MSIL/WebCake.A potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\dukarmo\AppData\Roaming\Tepfel\dat\Phoenix.dat.vir    a variant of MSIL/WebCake.A potentially unwanted application    deleted - quarantined
C:\Users\dukarmo\AppData\Local\Temp\helper.exe    MSIL/FileTypeHelper.A potentially unwanted application    deleted - quarantined
C:\Users\dukarmo\AppData\Local\Temp\ICReinstall_MediaPlayerSetup.exe    a variant of Win32/InstallCore.F potentially unwanted application    deleted - quarantined
C:\Users\dukarmo\AppData\Local\Temp\DTX\Reporting\ReportingHelper.dll    a variant of Win32/Bundled.Toolbar.Ask.K potentially unsafe application    deleted - quarantined
C:\Users\dukarmo\AppData\Local\Temp\nssF57A.tmp\Helper.dll    a variant of Win32/Toolbar.SearchSuite.C potentially unwanted application    deleted - quarantined
C:\Users\dukarmo\AppData\Local\Temp\nssF57A.tmp\Starter.exe    a variant of Win32/Toolbar.SearchSuite.M potentially unwanted application    deleted - quarantined
C:\Users\dukarmo\AppData\Roaming\Mozilla\Firefox\Profiles\ebbkuv2s.default\extensions\plugins@getwebcake.com.xpi    JS/Adware.Yontoo.C application    deleted - quarantined
C:\Users\dukarmo\AppData\Roaming\Mozilla\Firefox\Profiles\ebbkuv2s.default\extensions\{3CC4251A-E33E-2B5A-C476-4C9C80FFD05B}\components\DatamngrHlpFF10.dll    probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application    deleted - quarantined
C:\Users\dukarmo\AppData\Roaming\Mozilla\Firefox\Profiles\ebbkuv2s.default\extensions\{3CC4251A-E33E-2B5A-C476-4C9C80FFD05B}\components\DatamngrHlpFF11.dll    probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application    deleted - quarantined
C:\Users\dukarmo\AppData\Roaming\Mozilla\Firefox\Profiles\ebbkuv2s.default\extensions\{3CC4251A-E33E-2B5A-C476-4C9C80FFD05B}\components\DatamngrHlpFF12.dll    probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application    deleted - quarantined
C:\Users\dukarmo\AppData\Roaming\Mozilla\Firefox\Profiles\ebbkuv2s.default\extensions\{3CC4251A-E33E-2B5A-C476-4C9C80FFD05B}\components\DatamngrHlpFF13.dll    probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application    deleted - quarantined
C:\Users\dukarmo\AppData\Roaming\Mozilla\Firefox\Profiles\ebbkuv2s.default\extensions\{3CC4251A-E33E-2B5A-C476-4C9C80FFD05B}\components\DatamngrHlpFF14.dll    probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application    deleted - quarantined
C:\Users\dukarmo\AppData\Roaming\Mozilla\Firefox\Profiles\ebbkuv2s.default\extensions\{3CC4251A-E33E-2B5A-C476-4C9C80FFD05B}\components\DatamngrHlpFF15.dll    probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application    deleted - quarantined
C:\Users\dukarmo\AppData\Roaming\Mozilla\Firefox\Profiles\ebbkuv2s.default\extensions\{3CC4251A-E33E-2B5A-C476-4C9C80FFD05B}\components\DatamngrHlpFF16.dll    probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application    deleted - quarantined
C:\Users\dukarmo\AppData\Roaming\Mozilla\Firefox\Profiles\ebbkuv2s.default\extensions\{3CC4251A-E33E-2B5A-C476-4C9C80FFD05B}\components\DatamngrHlpFF17.dll    probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application    deleted - quarantined
C:\Users\dukarmo\AppData\Roaming\Mozilla\Firefox\Profiles\ebbkuv2s.default\extensions\{3CC4251A-E33E-2B5A-C476-4C9C80FFD05B}\components\DatamngrHlpFF18.dll    probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application    deleted - quarantined
C:\Users\dukarmo\AppData\Roaming\Mozilla\Firefox\Profiles\ebbkuv2s.default\extensions\{3CC4251A-E33E-2B5A-C476-4C9C80FFD05B}\components\DatamngrHlpFF19.dll    probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application    deleted - quarantined
C:\Users\dukarmo\AppData\Roaming\Mozilla\Firefox\Profiles\ebbkuv2s.default\extensions\{3CC4251A-E33E-2B5A-C476-4C9C80FFD05B}\components\DatamngrHlpFF2.dll    probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application    deleted - quarantined
C:\Users\dukarmo\AppData\Roaming\Mozilla\Firefox\Profiles\ebbkuv2s.default\extensions\{3CC4251A-E33E-2B5A-C476-4C9C80FFD05B}\components\DatamngrHlpFF20.dll    probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application    deleted - quarantined
C:\Users\dukarmo\AppData\Roaming\Mozilla\Firefox\Profiles\ebbkuv2s.default\extensions\{3CC4251A-E33E-2B5A-C476-4C9C80FFD05B}\components\DatamngrHlpFF21.dll    probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application    deleted - quarantined
C:\Users\dukarmo\AppData\Roaming\Mozilla\Firefox\Profiles\ebbkuv2s.default\extensions\{3CC4251A-E33E-2B5A-C476-4C9C80FFD05B}\components\DatamngrHlpFF22.dll    probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application    deleted - quarantined
C:\Users\dukarmo\AppData\Roaming\Mozilla\Firefox\Profiles\ebbkuv2s.default\extensions\{3CC4251A-E33E-2B5A-C476-4C9C80FFD05B}\components\DatamngrHlpFF23.dll    probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application    deleted - quarantined
C:\Users\dukarmo\AppData\Roaming\Mozilla\Firefox\Profiles\ebbkuv2s.default\extensions\{3CC4251A-E33E-2B5A-C476-4C9C80FFD05B}\components\DatamngrHlpFF24.dll    probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application    deleted - quarantined
C:\Users\dukarmo\AppData\Roaming\Mozilla\Firefox\Profiles\ebbkuv2s.default\extensions\{3CC4251A-E33E-2B5A-C476-4C9C80FFD05B}\components\DatamngrHlpFF25.dll    probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application    deleted - quarantined
C:\Users\dukarmo\AppData\Roaming\Mozilla\Firefox\Profiles\ebbkuv2s.default\extensions\{3CC4251A-E33E-2B5A-C476-4C9C80FFD05B}\components\DatamngrHlpFF26.dll    probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application    deleted - quarantined
C:\Users\dukarmo\AppData\Roaming\Mozilla\Firefox\Profiles\ebbkuv2s.default\extensions\{3CC4251A-E33E-2B5A-C476-4C9C80FFD05B}\components\DatamngrHlpFF27.dll    probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application    deleted - quarantined
C:\Users\dukarmo\AppData\Roaming\Mozilla\Firefox\Profiles\ebbkuv2s.default\extensions\{3CC4251A-E33E-2B5A-C476-4C9C80FFD05B}\components\DatamngrHlpFF28.dll    probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application    deleted - quarantined
C:\Users\dukarmo\AppData\Roaming\Mozilla\Firefox\Profiles\ebbkuv2s.default\extensions\{3CC4251A-E33E-2B5A-C476-4C9C80FFD05B}\components\DatamngrHlpFF29.dll    probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application    deleted - quarantined
C:\Users\dukarmo\AppData\Roaming\Mozilla\Firefox\Profiles\ebbkuv2s.default\extensions\{3CC4251A-E33E-2B5A-C476-4C9C80FFD05B}\components\DatamngrHlpFF30.dll    probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application    deleted - quarantined
C:\Users\dukarmo\AppData\Roaming\Mozilla\Firefox\Profiles\ebbkuv2s.default\extensions\{3CC4251A-E33E-2B5A-C476-4C9C80FFD05B}\components\DatamngrHlpFF31.dll    probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application    deleted - quarantined
C:\Users\dukarmo\AppData\Roaming\Mozilla\Firefox\Profiles\ebbkuv2s.default\extensions\{3CC4251A-E33E-2B5A-C476-4C9C80FFD05B}\components\DatamngrHlpFF32.dll    probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application    deleted - quarantined
C:\Users\dukarmo\AppData\Roaming\Mozilla\Firefox\Profiles\ebbkuv2s.default\extensions\{3CC4251A-E33E-2B5A-C476-4C9C80FFD05B}\components\DatamngrHlpFF4.dll    probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application    deleted - quarantined
C:\Users\dukarmo\AppData\Roaming\Mozilla\Firefox\Profiles\ebbkuv2s.default\extensions\{3CC4251A-E33E-2B5A-C476-4C9C80FFD05B}\components\DatamngrHlpFF5.dll    probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application    deleted - quarantined
C:\Users\dukarmo\AppData\Roaming\Mozilla\Firefox\Profiles\ebbkuv2s.default\extensions\{3CC4251A-E33E-2B5A-C476-4C9C80FFD05B}\components\DatamngrHlpFF6.dll    probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application    deleted - quarantined
C:\Users\dukarmo\AppData\Roaming\Mozilla\Firefox\Profiles\ebbkuv2s.default\extensions\{3CC4251A-E33E-2B5A-C476-4C9C80FFD05B}\components\DatamngrHlpFF7.dll    probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application    deleted - quarantined
C:\Users\dukarmo\AppData\Roaming\Mozilla\Firefox\Profiles\ebbkuv2s.default\extensions\{3CC4251A-E33E-2B5A-C476-4C9C80FFD05B}\components\DatamngrHlpFF8.dll    probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application    deleted - quarantined
C:\Users\dukarmo\AppData\Roaming\Mozilla\Firefox\Profiles\ebbkuv2s.default\extensions\{3CC4251A-E33E-2B5A-C476-4C9C80FFD05B}\components\DatamngrHlpFF9.dll    probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application    deleted - quarantined
C:\Users\dukarmo\Downloads\cbsidlm-tr1_14-VLC_Media_Player-ORG-10267151.exe    Win32/DownloadAdmin.G potentially unwanted application    deleted - quarantined
C:\Users\dukarmo\Downloads\GOMPLAYERENSETUP.EXE    Win32/OpenCandy potentially unsafe application    deleted - quarantined
C:\Users\dukarmo\Downloads\MediaPlayerSetup (1).exe    a variant of Win32/InstallCore.F potentially unwanted application    deleted - quarantined
C:\Users\dukarmo\Downloads\MediaPlayerSetup (2).exe    a variant of Win32/InstallCore.F potentially unwanted application    deleted - quarantined
C:\Users\dukarmo\Downloads\MediaPlayerSetup.exe    a variant of Win32/InstallCore.F potentially unwanted application    deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Temp\nsqF49D.tmp\Starter.exe    a variant of Win32/Toolbar.SearchSuite.M potentially unwanted application    deleted - quarantined
C:\Windows\Temp\127e453a\SetupDataMngr_iLivid.exe    a variant of Win32/Toolbar.SearchSuite.G potentially unwanted application    deleted - quarantined
C:\Windows\Temp\5834232b\SetupDataMngr_iLivid.exe    a variant of Win32/Toolbar.SearchSuite.G potentially unwanted application    deleted - quarantined
C:\Windows\Temp\nsq451C.tmp\Helper.dll    a variant of Win32/Toolbar.SearchSuite.C potentially unwanted application    deleted - quarantined
C:\Windows.old\$Recycle.Bin\S-1-5-21-2906193778-2094702162-1710606864-1002\$RIKCX7G.exe    a variant of Win32/Packed.Themida potentially unwanted application    deleted - quarantined
C:\Windows.old\Documents and Settings\Thuy Do\AppData\Local\Application Data\Temp\jar_cache3613433557953191138.tmp    Java/Rowindal.A trojan    cleaned by deleting - quarantined
C:\Windows.old\Documents and Settings\Thuy Do\AppData\Local\Application Data\Temp\OpenCandy\OCSetupHlp.dll    Win32/OpenCandy potentially unsafe application    deleted - quarantined
C:\Windows.old\Documents and Settings\Thuy Do\Downloads\FreewarePrimoPDF.exe    Win32/OpenCandy potentially unsafe application    deleted - quarantined
C:\Windows.old\Program Files (x86)\Common Files\Akamai\Cache\87525\GrandFantasia_Install_20100409.exe    a variant of Win32/Packed.Themida potentially unwanted application    deleted - quarantined
 

Thank you for your help



#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:47 PM

Posted 11 September 2014 - 12:44 PM

Ok, that was a great clean...

This infection "Java/Rowindal.A trojan " comes from a Java exploit.. You did not post the Minitoolbox log so I can check for that.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 orangezesty

orangezesty
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:08:47 PM

Posted 11 September 2014 - 04:50 PM

oops sorry about that. Here is the minitoolbox log

 

MiniToolBox by Farbar  Version: 21-07-2014
Ran by Kevin (administrator) on 11-09-2014 at 00:10:48
Running from "C:\Users\Kevin\Desktop"
Microsoft Windows 7 Ultimate  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================



# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : CAREinsurance
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : hsd1.ca.comcast.net.

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 00-16-44-F6-A0-1C
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : hsd1.ca.comcast.net.
   Description . . . . . . . . . . . : USB Wireless 802.11 b/g Adaptor
   Physical Address. . . . . . . . . : 00-16-44-F6-A0-1D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::e45b:a9a6:3563:7763%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.100(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, September 10, 2014 11:59:52 PM
   Lease Expires . . . . . . . . . . : Thursday, September 11, 2014 11:59:54 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 234886724
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-9A-15-5D-00-22-68-4A-BD-79
   DNS Servers . . . . . . . . . . . : 75.75.75.75
                                       75.75.76.76
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : hsd1.ca.comcast.net.
   Description . . . . . . . . . . . : NVIDIA nForce Networking Controller
   Physical Address. . . . . . . . . : 00-22-68-4A-BD-79
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Reusable ISATAP Interface {F17D5061-939A-4B31-A3F6-62F19EEFD134}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{12F93842-46F5-4C35-B590-5FB9D5453A4B}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 17:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:c33:45c:3f57:fe9b(Preferred)
   Link-local IPv6 Address . . . . . : fe80::c33:45c:3f57:fe9b%25(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.hsd1.ca.comcast.net.:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : hsd1.ca.comcast.net.
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  cdns01.comcast.net
Address:  75.75.75.75

Name:    google.com
Addresses:  2607:f8b0:4005:800::1007
      74.125.239.32
      74.125.239.39
      74.125.239.40
      74.125.239.46
      74.125.239.38
      74.125.239.41
      74.125.239.37
      74.125.239.35
      74.125.239.36
      74.125.239.33
      74.125.239.34


Pinging google.com [74.125.239.46] with 32 bytes of data:
Reply from 74.125.239.46: bytes=32 time=30ms TTL=52
Reply from 74.125.239.46: bytes=32 time=42ms TTL=52

Ping statistics for 74.125.239.46:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 30ms, Maximum = 42ms, Average = 36ms
Server:  cdns01.comcast.net
Address:  75.75.75.75

Name:    yahoo.com
Addresses:  206.190.36.45
      98.139.183.24
      98.138.253.109


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=82ms TTL=47
Reply from 98.138.253.109: bytes=32 time=82ms TTL=47

Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 82ms, Maximum = 82ms, Average = 82ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 12...00 16 44 f6 a0 1c ......Microsoft Virtual WiFi Miniport Adapter
 11...00 16 44 f6 a0 1d ......USB Wireless 802.11 b/g Adaptor
 10...00 22 68 4a bd 79 ......NVIDIA nForce Networking Controller
  1...........................Software Loopback Interface 1
 23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 25...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 24...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.100     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.100    281
    192.168.1.100  255.255.255.255         On-link     192.168.1.100    281
    192.168.1.255  255.255.255.255         On-link     192.168.1.100    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.100    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.100    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 25     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 25     58 2001::/32                On-link
 25    306 2001:0:5ef5:79fd:c33:45c:3f57:fe9b/128
                                    On-link
 11    281 fe80::/64                On-link
 25    306 fe80::/64                On-link
 25    306 fe80::c33:45c:3f57:fe9b/128
                                    On-link
 11    281 fe80::e45b:a9a6:3563:7763/128
                                    On-link
  1    306 ff00::/8                 On-link
 25    306 ff00::/8                 On-link
 11    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/10/2014 08:24:03 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 because of the following error: Not enough storage is available to complete this operation. (Exception from HRESULT: 0x8007000E (E_OUTOFMEMORY)).

Error: (09/10/2014 08:17:15 PM) (Source: FastFreeConverter) (User: )
Description: Can't download info about new versions from: http://www.fastfreeconverter.com/fastfreeconverter/updater/u.php?timestamp=1410405435&app_id=c386ce5d9d144bb8b9fff4565cc4fb0c&version=5.5&updaterVersion=1.0.4&channel=fastfreeconverter2, to local path: C:\Windows\TEMP\FastFreeConverterUpdt_update.txt

Error: (09/10/2014 08:17:15 PM) (Source: FastFreeConverter) (User: )
Description: Can't query the user token

Error: (09/10/2014 08:17:15 PM) (Source: FastFreeConverter) (User: )
Description: Can't query user's token, code: 1008

Error: (09/10/2014 08:17:15 PM) (Source: FastFreeConverter) (User: )
Description: Send failed, code: 12007

Error: (09/10/2014 07:59:14 PM) (Source: Windows Search Service) (User: )
Description: Performance monitoring cannot be initialized for the gatherer object, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.

Context:  Application, SystemIndex Catalog

Error: (09/09/2014 10:01:49 PM) (Source: Application Error) (User: )
Description: Faulting application name: QBW32.EXE, version: 24.0.4007.2403, time stamp: 0x53ac42b6
Faulting module name: OLEAUT32.dll, version: 6.1.7601.17676, time stamp: 0x4e58702a
Exception code: 0xc0000005
Fault offset: 0x0001297e
Faulting process id: 0x9bc
Faulting application start time: 0xQBW32.EXE0
Faulting application path: QBW32.EXE1
Faulting module path: QBW32.EXE2
Report Id: QBW32.EXE3

Error: (09/09/2014 10:00:55 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks Pro Plus 2014":
V24.0D R7 (M=1066, L=335, C=249, V=0 (0))

Error: (09/09/2014 09:51:26 PM) (Source: FastFreeConverter) (User: )
Description: Can't download info about new versions from: http://www.fastfreeconverter.com/fastfreeconverter/updater/u.php?timestamp=1410324684&app_id=c386ce5d9d144bb8b9fff4565cc4fb0c&version=5.5&updaterVersion=1.0.4&channel=fastfreeconverter2, to local path: C:\Windows\TEMP\FastFreeConverterUpdt_update.txt

Error: (09/09/2014 09:51:26 PM) (Source: FastFreeConverter) (User: )
Description: Can't query the user token


System errors:
=============
Error: (09/11/2014 00:09:12 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 252.

Error: (09/11/2014 00:09:10 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 252.

Error: (09/11/2014 00:09:04 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 252.

Error: (09/11/2014 00:08:59 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 252.

Error: (09/11/2014 00:06:41 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 252.

Error: (09/11/2014 00:01:49 AM) (Source: Microsoft-Windows-Eventlog) (User: NT AUTHORITY)
Description: The event logging service encountered an error (res=23) while initializing logging resources for channel Microsoft-Windows-Resource-Exhaustion-Detector/Operational.

Error: (09/11/2014 00:01:47 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (09/11/2014 00:01:44 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (09/11/2014 00:01:40 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (09/11/2014 00:01:37 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.


Microsoft Office Sessions:
=========================
Error: (08/18/2011 11:39:13 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 12 seconds with 0 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-09-09 00:31:27.051
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-09 00:31:27.035
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-09 00:31:27.020
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-09 00:31:27.004
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-09 00:31:27.004
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-09 00:31:27.004
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-08 22:45:44.289
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-08 22:45:44.289
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-08 22:45:44.274
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-08 22:45:44.258
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.



 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
=========================== Installed Programs ============================
64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 2.5.1.17730 - Adobe Systems Inc.) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.3) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.3 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.9.615 - Adobe Systems, Inc.)
AIM 7 (HKLM-x32\...\AIM_7) (Version:  - )
AnswerWorks 4.0 Runtime - English (HKLM-x32\...\{7DD9A065-2C86-4A9F-A5FF-796EC1B99DCA}) (Version: 4.0.101 - Vantage Software Technologies)
AVS DVD Copy 4.1.2.283 (HKLM-x32\...\AVS DVD Copy_is1) (Version: 4.1.2.283 - Online Media Technologies Ltd.)
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
CanoScan LiDE 210 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4809) (Version:  - )
CoreAAC (HKLM-x32\...\CoreAAC) (Version:  - )
Document eSort Components (HKLM-x32\...\{9665EE5D-FC32-4A71-9BC4-E243CF2531F3}) (Version: 3.1.0.61 - Intuit Inc.)
Download Updater (AOL LLC) (HKLM-x32\...\SoftwareUpdUtility) (Version:  - )
Fast Free Converter (HKLM-x32\...\Fast Free Converter) (Version: 4.3 - Fast Free Converter)
GOM Picker (HKLM-x32\...\GOM Picker) (Version: 1.0.0.4 - Gretech Corporation)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.53.5169 - Gretech Corporation)
GOM Video Converter (HKLM-x32\...\GOM Video Converter) (Version: 1.1.0.59 - Gretech Corporation)
HP LaserJet Professional CM1410 Series (HKLM-x32\...\{0EF0EA0D-F945-4958-85CC-60FF1E86D216}) (Version:  - Hewlett-Packard)
HP LJ CM1410 MFP Series HP Scan (HKLM-x32\...\{21749F4E-02A1-4828-9A1E-BBDF5929C5D0}) (Version: 1.0.302.0 - Hewlett-Packard Co.)
HPLaserJetHelp_LearnCenter (HKLM-x32\...\{C9C16E4B-4FDD-4A31-8B8F-EC402082407A}) (Version: 1.01.0000 - Hewlett-Packard)
HPLJUT (HKLM-x32\...\{229D6185-BD7E-494B-A73B-C5215BE0690E}) (Version: 1.00.0007 - HP)
hppCM1410LaserJetService (x32 Version: 001.007.00319 - Hewlett-Packard) Hidden
hppFaxDrvCM1410 (x32 Version: 003.000.00001 - Hewlett-Packard) Hidden
hppFaxUtilityCM1410 (x32 Version: 000.002.00001 - Hewlett-Packard) Hidden
hppLaserJetService (x32 Version: 002.007.00397 - Hewlett-Packard) Hidden
hppSendFaxCM1410 (x32 Version: 003.000.00001 - Hewlett-Packard) Hidden
hppTLBXFXCM1410 (x32 Version: 001.007.00647 - Hewlett-Packard) Hidden
hpzTLBXFX (x32 Version: 006.007.00770 - Hewlett-Packard) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4 - HP)
InstaCodecs (HKLM-x32\...\InstaCodecs_is1) (Version: 1.0 - )
Intuit Entitlement Client (HKLM-x32\...\{FA0092C2-C0FE-40DA-A79E-E4C0FCA129F9}) (Version: 1.0.0 - Intuit Inc.)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Kaspersky PURE 3.0 (HKLM-x32\...\InstallWIX_{D0702EE9-9DE4-419A-9C6C-4730B1C985BA}) (Version: 13.0.2.558 - Kaspersky Lab)
Kaspersky PURE 3.0 (x32 Version: 13.0.2.558 - Kaspersky Lab) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Office 2007 Primary Interop Assemblies (HKLM-x32\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (HKLM-x32\...\{90120000-00B2-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50701 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50706 - Microsoft Corporation) Hidden
Movies Toolbar for Chrome (Dist. by Bandoo Media, Inc.) (HKLM-x32\...\ilividmoviestoolbar181CR) (Version: 1.8.1.0 - IAC Search and Media)
Movies Toolbar for Internet Explorer (Dist. by Bandoo Media, Inc.) (HKLM-x32\...\ilividmoviestoolbar181IE) (Version: 1.8.1.0 - IAC Search and Media)
Mozilla Firefox 29.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 en-US)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NVIDIA Control Panel 307.83 (Version: 307.83 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 307.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 307.83 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.706 - NVIDIA Corporation) Hidden
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
ProSeries 2009 (HKLM-x32\...\ProSeries 2009) (Version:  - )
ProSeries 2010 (HKLM-x32\...\ProSeries 2010) (Version:  - )
ProSeries User's Guide 2009 (HKLM-x32\...\{0FFD15DD-B6B7-4F1E-8764-9DD1FED7DC0A}) (Version: 1.00.000 - Intuit)
QBIDPServiceInstall (HKLM-x32\...\{C639494E-FAF1-47FB-9EB3-AA296040F456}) (Version: 1.24.4000 - Intuit, Inc.)
QuickBooks (x32 Version: 21.0.4013.904 - Intuit Inc.) Hidden
QuickBooks (x32 Version: 24.0.4007.2403 - Intuit Inc.) Hidden
QuickBooks Pro 2011 (HKLM-x32\...\{11E0AC7D-6822-4F67-865F-EE1C13D28C38}) (Version: 21.0.4013.904 - Intuit Inc.)
QuickBooks Pro 2014 (HKLM-x32\...\{4A21D17E-2FE8-42CD-88B7-ACF8E8860834}) (Version: 24.0.4004.2403 - Intuit Inc.)
QuickBooks Runtime Redistributable (HKLM\...\{F2A4F809-2DE6-4D27-888B-4D2BB8DAF20E}) (Version: 1.00.0000 - Intuit Inc.)
SaveValet IE - Stop overpaying!  Instantly get the lowest price and best deals right as you shop. (HKLM-x32\...\SaveValet_IE) (Version: 1.7.9.52 - Save Valet, LLC)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: 1.1.3.16939 - Blizzard Entertainment)
Tax Forms Helper 2010 9.5 (HKLM-x32\...\Tax Forms Helper 2010_is1) (Version:  - )
Tax Forms Helper 2011 10.0 (HKLM-x32\...\Tax Forms Helper 2011_is1) (Version:  - )
Tax Forms Helper 2012 10.5 (HKLM-x32\...\Tax Forms Helper 2012_is1) (Version:  - )
Tax Forms Helper 2013 11.0 (HKLM-x32\...\Tax Forms Helper 2013_is1) (Version:  - )
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.31064 - TeamViewer)
Uninstall Helper (HKLM-x32\...\Uninstall Helper 2.0.1.0) (Version: 2.0.1.0 - InstallX, LLC)
Uninstall Helper (x32 Version: 2.0.1.0 - InstallX, LLC) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2473228) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2889914) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{F3F83933-75FC-4B60-84F2-3F8FA63D042E}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player 2.0.8 (HKLM-x32\...\VLC media player) (Version: 2.0.8 - VideoLAN)
Web-Cake 3.00 (HKLM\...\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}) (Version: 3.00 - Web Cake LLC)
WebEx PCNow (HKLM-x32\...\{1C03685D-8507-493B-AC0A-E50516B1CF77}) (Version: 4.0.1 - WebEx Communications Inc.)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )

========================= Memory info: ===================================

Percentage of memory in use: 45%
Total physical RAM: 3965.18 MB
Available physical RAM: 2172.29 MB
Total Pagefile: 7928.54 MB
Available Pagefile: 5976.95 MB
Total Virtual: 4095.88 MB
Available Virtual: 3985.21 MB

========================= Partitions: =====================================

1 Drive c: (HP) (Fixed) (Total:452.62 GB) (Free:238.32 GB) NTFS
2 Drive d: (FACTORY_IMAGE) (Fixed) (Total:13.14 GB) (Free:1.8 GB) NTFS
4 Drive f: () (Fixed) (Total:29.8 GB) (Free:29.77 GB) FAT32

========================= Users: ========================================

User accounts for \\CAREINSURANCE

Administrator            dukarmo                  Guest                    
Kevin                    QBDataServiceUser21      SysAdmin                 
UpdatusUser              


**** End of log ****
 



#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:47 PM

Posted 11 September 2014 - 07:29 PM

Ahh

 

In Control Panel uninstall these.. outdated

Adobe Reader X (10.1.3) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.3 - Adobe Systems Incorporated)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)

 

Empty your temp folders using TFC (Temporary File Cleaner)

  • Please download TFC by Old Timer and save it to your desktop.
    alternate download link
  • Save any unsaved work. (TFC will close ALL open programs including your browser!)
  • Double-click on TFC.exe to run it. (If you are using Vista, right-click on the file and choose "Run As Administrator".)
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.

 

Install Adobe Reader Version XI (11.0.08)

 

NOTE: UNcheck these optional offers.

 

Optional offers
Yes, install Google Chrome as my default browser.Yes, install Google Chrome.

Learn more | Install Option

Yes, install Google Toolbar for Internet Explorer.

Learn more

 

 

How is it now?


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 orangezesty

orangezesty
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:08:47 PM

Posted 11 September 2014 - 09:03 PM

Good news is I can now access my mother's user account, which I couldn't do before hand. However, if I try to access any program (I tried Quickbook), the computer just restarted itself without any warning. Also trying to start up and access the desktop takes over 15 minutes to do as well.



#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:47 PM

Posted 12 September 2014 - 10:53 AM

Let's run this now.
 
Reboot the machine.
 
Download Windows Repair (All in One) from this site Install the program then run it. NOTE 1. In Windows Vista, 7 and 8 right click on the program, click "Run As Administrator". NOTE 2. Disable your antivirus program before running Windows Repair. Go to Step 3 and click on Check button next to 1. See If Check Disk Is Needed. If the tool that the Check Disk is needed click on Do It button next to 2. Check Disk. In that case make sure you restart computer. p22004342.gif Once the above is done go to Step 4 and allow it to run System File Check by clicking on Do It button: p22004343.gif Go to Step 5 and under "System Restore" click on Create button: p22004346.gif Go to Start Repairs tab and click Start button. Leave all checkmarks as they're. NOTE for Windows 8 users. Reset Registry Permissions is NOT checked by design. Click on Start button. p22004347.gifPost Windows Repair log which is located in the following folder: 64-bit systems - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs 32-bit systems - C:\Program Files\Tweaking.com\Windows Repair (All in One)\Logs

Edited by boopme, 12 September 2014 - 10:53 AM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 orangezesty

orangezesty
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:08:47 PM

Posted 12 September 2014 - 10:03 PM

Window repair log:
Tweaking.com - Windows Repair v2.8.9
--------------------------------------------------------------------------------

System Variables
--------------------------------------------------------------------------------
OS: Windows 7 Ultimate
OS Architecture: 64-bit
OS Version: 6.1.7601
OS Service Pack: Service Pack 1
Computer Name: CAREINSURANCE
Windows Drive: C:\
Windows Path: C:\Windows
Program Files: C:\Program Files
Program Files (x86): C:\Program Files (x86)
Current Profile: C:\Users\Kevin
Current Profile SID: S-1-5-21-1150163310-788146165-4276867264-1007
Current Profile Classes: S-1-5-21-1150163310-788146165-4276867264-1007_Classes
Profiles Location: C:\Users
Profiles Location 2: C:\Windows\ServiceProfiles
Local Settings AppData: C:\Users\Kevin\AppData\Local
--------------------------------------------------------------------------------

System Information
--------------------------------------------------------------------------------
System Up Time: 0 Days 00:51:10

Process Count: 63
Commit Total: 2.06 GB
Commit Limit: 7.74 GB
Commit Peak: 2.98 GB
Handle Count: 23292
Kernel Total: 472.62 MB
Kernel Paged: 386.77 MB
Kernel Non Paged: 85.85 MB
System Cache: 2.31 GB
Thread Count: 793
--------------------------------------------------------------------------------

Memory Before Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 3.87 GB
Memory Used: 1.72 GB(44.3577%)
Memory Avail.: 2.15 GB
--------------------------------------------------------------------------------

Cleaning Memory Before Starting Repairs...

Memory After Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 3.87 GB
Memory Used: 1.72 GB(44.3043%)
Memory Avail.: 2.16 GB
--------------------------------------------------------------------------------

Starting Repairs...
   Started at (9/12/2014 3:39:33 PM)

01 - Reset Registry Permissions 01/03
   HKEY_CURRENT_USER & Sub Keys
   Start (9/12/2014 3:41:43 PM)
   Running Repair Under Current User Account
   Done (9/12/2014 3:41:50 PM)

01 - Reset Registry Permissions 02/03
   HKEY_LOCAL_MACHINE & Sub Keys
   Start (9/12/2014 3:41:50 PM)
   Running Repair Under System Account
   Done (9/12/2014 3:50:01 PM)

01 - Reset Registry Permissions 03/03
   HKEY_CLASSES_ROOT & Sub Keys
   Start (9/12/2014 3:50:01 PM)
   Running Repair Under System Account
   Done (9/12/2014 3:51:57 PM)

03 - Reset Service Permissions
   Start (9/12/2014 3:51:57 PM)
   Running Repair Under System Account
   Done (9/12/2014 3:52:48 PM)

04 - Register System Files
   Start (9/12/2014 3:52:48 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/12/2014 3:53:57 PM)

05 - Repair WMI
   Start (9/12/2014 3:53:57 PM)

   Starting Security Center So We Can Export The Security Info.

   Exporting Antivirus Info...
   Kaspersky PURE 3.0 Exported.

   Exporting AntiSpyware Info...
   Kaspersky PURE 3.0 Exported.
   Windows Defender Exported.

   Exporting 3rd Party Firewall Info...
   Kaspersky PURE 3.0 Exported.

   Running Repair Under Current User Account
   Done (9/12/2014 4:07:31 PM)

06 - Repair Windows Firewall
   Start (9/12/2014 4:07:31 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/12/2014 4:08:16 PM)

07 - Repair Internet Explorer
   Start (9/12/2014 4:08:16 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/12/2014 4:09:17 PM)

08 - Repair MDAC/MS Jet
   Start (9/12/2014 4:09:17 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/12/2014 4:09:34 PM)

09 - Repair Hosts File
   Start (9/12/2014 4:09:34 PM)
   Running Repair Under System Account
   Done (9/12/2014 4:09:36 PM)

10 - Remove Policies Set By Infections
   Start (9/12/2014 4:09:36 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/12/2014 4:09:39 PM)

11 - Repair Start Menu Icons Removed By Infections
   Start (9/12/2014 4:09:39 PM)
   Running Repair Under System Account
   Done (9/12/2014 4:09:42 PM)

12 - Repair Icons
   Start (9/12/2014 4:09:42 PM)
   Running Repair Under Current User Account
   Done (9/12/2014 4:09:43 PM)

13 - Repair Winsock & DNS Cache
   Start (9/12/2014 4:09:46 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/12/2014 4:10:15 PM)

15 - Repair Proxy Settings
   Start (9/12/2014 4:10:15 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/12/2014 4:10:18 PM)

17 - Repair Windows Updates
   Start (9/12/2014 4:10:18 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Setting Windows Updates Files That Are In Use To Be Removed At Next Boot.
   Done (9/12/2014 4:11:31 PM)

18 - Repair CD/DVD Missing/Not Working
   Start (9/12/2014 4:11:31 PM)
   iTunes not found, not applying UpperFilters iTunes Reg Key
   Done (9/12/2014 4:11:31 PM)

19 - Repair Volume Shadow Copy Service
   Start (9/12/2014 4:11:31 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/12/2014 4:11:56 PM)

21 - Repair MSI (Windows Installer)
   Start (9/12/2014 4:11:56 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/12/2014 4:12:13 PM)

23.01 - Repair bat Association
   Start (9/12/2014 4:12:13 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/12/2014 4:12:15 PM)

23.02 - Repair cmd Association
   Start (9/12/2014 4:12:15 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/12/2014 4:12:17 PM)

23.03 - Repair com Association
   Start (9/12/2014 4:12:17 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/12/2014 4:12:19 PM)

23.04 - Repair Directory Association
   Start (9/12/2014 4:12:19 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/12/2014 4:12:23 PM)

23.05 - Repair Drive Association
   Start (9/12/2014 4:12:23 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/12/2014 4:12:44 PM)

23.06 - Repair exe Association
   Start (9/12/2014 4:12:44 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/12/2014 4:12:46 PM)

23.07 - Repair Folder Association
   Start (9/12/2014 4:12:46 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/12/2014 4:12:48 PM)

23.08 - Repair inf Association
   Start (9/12/2014 4:12:49 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/12/2014 4:12:51 PM)

23.09 - Repair lnk (Shortcuts) Association
   Start (9/12/2014 4:12:51 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/12/2014 4:12:54 PM)

23.10 - Repair msc Association
   Start (9/12/2014 4:12:54 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/12/2014 4:12:57 PM)

23.11 - Repair reg Association
   Start (9/12/2014 4:12:57 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/12/2014 4:12:59 PM)

23.12 - Repair scr Association
   Start (9/12/2014 4:12:59 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/12/2014 4:13:01 PM)

24 - Repair Windows Safe Mode
   Start (9/12/2014 4:13:01 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/12/2014 4:13:03 PM)

25 - Repair Print Spooler
   Start (9/12/2014 4:13:03 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/12/2014 4:13:34 PM)

26 - Restore Important Windows Services
   Start (9/12/2014 4:13:34 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/12/2014 4:13:50 PM)

27 - Set Windows Services To Default Startup
   Start (9/12/2014 4:13:50 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/12/2014 4:14:53 PM)

   Skipping Repair.
   Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
   Current version: 6.1

   Skipping Repair.
   Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
   Current version: 6.1

   Skipping Repair.
   Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
   Current version: 6.1

31 - Repair Windows 'New' Submenu
   Start (9/12/2014 4:14:53 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/12/2014 4:15:08 PM)

Cleaning up empty logs...

All Selected Repairs Done.
   Done at (9/12/2014 4:15:08 PM)
   Total Repair Time: 00:35:58


...YOU MUST RESTART YOUR SYSTEM...
 



#11 orangezesty

orangezesty
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:08:47 PM

Posted 13 September 2014 - 02:02 PM

update: when I log onto my mother's account, it says windows explorer stop working, then try to restart itself, then it says it stops working. This only occurs on her account. If i use my account it does not happen



#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:47 PM

Posted 15 September 2014 - 03:49 PM

Did you run System File Checker to scan your OS for missing/corrupt files, complete these steps: 1.Click Start, and then type cmd in the Start Search box.
2.In the results area, right-click cmd.exe, and then click Run as administrator. You will be prompted to type the password for an administrator account. Click Continue if you are the administrator or type the administrator password. Then, click Continue.
3.At the command prompt, type Sfc /scannow, and then press ENTER.

The scan may take some time, so be patient. Windows will repair any corrupted or missing files that it finds.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users