Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Iastor.sys BSOD


  • Please log in to reply
23 replies to this topic

#1 Daanmakus

Daanmakus

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:09:42 PM

Posted 17 November 2014 - 09:03 AM

Hey,

 

I need some help to fix my computer that gives me a BSOD with the following lines....

 

Iastor.sys

 

address FFFFF8800105334

base at FFFFF8800102E000 4CD50774

 

Any thoughts?

 

I get the BSOD randomly....it seems like it is when I leave the computer for awhile like if I goto sleep and I come back there is a BSOD.  Possibly when the computer gets put into sleep mode?

 

Thanks,

Andrew



BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 56,119 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:09:42 PM

Posted 17 November 2014 - 10:35 AM

Please download MiniToolBox  , save it to your desktop and run it.
 
Checkmark the following checkboxes:
  List last 10 Event Viewer log
  List Installed Programs
  List Users, Partitions and Memory size.
 
Click Go and paste the content into your next post.
 
Also...please Publish a Snapshot using Speccy - http://www.bleepingcomputer.com/forums/topic323892.html/page__p__1797792#entry1797792 , taking care to post the link of the snapshot in your next post.
 
Louis



#3 Daanmakus

Daanmakus
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:09:42 PM

Posted 17 November 2014 - 01:25 PM

Thanks Louis I will post these later today when I am home from work.

 

Andrew



#4 Daanmakus

Daanmakus
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:09:42 PM

Posted 17 November 2014 - 04:58 PM

Hi Louis 

 

Here is the text from the Minitoolbox

 

MiniToolBox by Farbar  Version: 21-07-2014
Ran by Administrator (administrator) on 17-11-2014 at 16:57:19
Running from "C:\Users\Administrator\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (11/17/2014 07:18:51 AM) (Source: Application Hang) (User: )
Description: The program uTorrent.exe version 3.4.2.34944 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 366b4
 
Start Time: 01d0026065252d08
 
Termination Time: 0
 
Application Path: C:\Users\Administrator\AppData\Roaming\uTorrent\uTorrent.exe
 
Report Id: dc423e11-6e53-11e4-810a-7071bcdcd885
 
Error: (11/17/2014 07:17:36 AM) (Source: Microsoft-Windows-WMI) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (11/16/2014 03:07:41 PM) (Source: Application Error) (User: )
Description: Faulting application name: NCUpdateHelper.exe, version: 0.0.0.1, time stamp: 0x525b6657
Faulting module name: NCUpdateHelper.exe, version: 0.0.0.1, time stamp: 0x525b6657
Exception code: 0xc000000d
Fault offset: 0x0001d162
Faulting process id: 0xc0e9c
Faulting application start time: 0xNCUpdateHelper.exe0
Faulting application path: NCUpdateHelper.exe1
Faulting module path: NCUpdateHelper.exe2
Report Id: NCUpdateHelper.exe3
 
Error: (11/16/2014 02:51:23 PM) (Source: Microsoft-Windows-WMI) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (11/16/2014 02:50:51 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_stisvc, version: 6.1.7601.22137, time stamp: 0x5080442a
Faulting module name: wiaservc.dll, version: 6.1.7601.17514, time stamp: 0x4ce7ca0f
Exception code: 0x40000015
Fault offset: 0x0000000000047a6b
Faulting process id: 0x129bc
Faulting application start time: 0xsvchost.exe_stisvc0
Faulting application path: svchost.exe_stisvc1
Faulting module path: svchost.exe_stisvc2
Report Id: svchost.exe_stisvc3
 
Error: (11/16/2014 02:48:27 PM) (Source: Microsoft-Windows-WMI) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (11/16/2014 02:48:06 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_stisvc, version: 6.1.7601.22137, time stamp: 0x5080442a
Faulting module name: wiaservc.dll, version: 6.1.7601.17514, time stamp: 0x4ce7ca0f
Exception code: 0x40000015
Fault offset: 0x0000000000047a6b
Faulting process id: 0x157d8
Faulting application start time: 0xsvchost.exe_stisvc0
Faulting application path: svchost.exe_stisvc1
Faulting module path: svchost.exe_stisvc2
Report Id: svchost.exe_stisvc3
 
Error: (11/16/2014 09:21:53 AM) (Source: Microsoft-Windows-WMI) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (11/15/2014 01:07:43 PM) (Source: Microsoft-Windows-WMI) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (11/15/2014 01:07:14 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_stisvc, version: 6.1.7601.22137, time stamp: 0x5080442a
Faulting module name: wiaservc.dll, version: 6.1.7601.17514, time stamp: 0x4ce7ca0f
Exception code: 0x40000015
Fault offset: 0x0000000000047a6b
Faulting process id: 0x10548
Faulting application start time: 0xsvchost.exe_stisvc0
Faulting application path: svchost.exe_stisvc1
Faulting module path: svchost.exe_stisvc2
Report Id: svchost.exe_stisvc3
 
 
System errors:
=============
Error: (11/17/2014 04:52:46 PM) (Source: ipnathlp) (User: )
Description: 192.168.254.100192.168.137.0255.255.255.0
 
Error: (11/17/2014 04:52:35 PM) (Source: ipnathlp) (User: )
Description: 0
 
Error: (11/17/2014 07:23:58 AM) (Source: ipnathlp) (User: )
Description: 
 
Error: (11/17/2014 07:18:58 AM) (Source: ipnathlp) (User: )
Description: 
 
Error: (11/17/2014 07:18:46 AM) (Source: ipnathlp) (User: )
Description: 0
 
Error: (11/17/2014 07:18:10 AM) (Source: ipnathlp) (User: )
Description: 192.168.254.100192.168.137.0255.255.255.0
 
Error: (11/17/2014 07:18:10 AM) (Source: ipnathlp) (User: )
Description: 
 
Error: (11/17/2014 07:18:05 AM) (Source: ipnathlp) (User: )
Description: 0
 
Error: (11/17/2014 07:17:39 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom
 
Error: (11/17/2014 07:15:36 AM) (Source: BugCheck) (User: )
Description: 0x0000007e (0xffffffffc0000005, 0xfffff88001051334, 0xfffff88003bcb8e8, 0xfffff88003bcb140)C:\Windows\MEMORY.DMP111714-77360-01
 
 
Microsoft Office Sessions:
=========================
Error: (11/17/2014 07:18:51 AM) (Source: Application Hang)(User: )
Description: uTorrent.exe3.4.2.34944366b401d0026065252d080C:\Users\Administrator\AppData\Roaming\uTorrent\uTorrent.exedc423e11-6e53-11e4-810a-7071bcdcd885
 
Error: (11/17/2014 07:17:36 AM) (Source: Microsoft-Windows-WMI)(User: NT AUTHORITY)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/16/2014 03:07:41 PM) (Source: Application Error)(User: )
Description: NCUpdateHelper.exe0.0.0.1525b6657NCUpdateHelper.exe0.0.0.1525b6657c000000d0001d162c0e9c01d001d843207a3dC:\Program Files (x86)\NCWest\NCLauncher\NCUpdateHelper.exeC:\Program Files (x86)\NCWest\NCLauncher\NCUpdateHelper.exe37cedf8b-6dcc-11e4-a525-7071bcdcd885
 
Error: (11/16/2014 02:51:23 PM) (Source: Microsoft-Windows-WMI)(User: NT AUTHORITY)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/16/2014 02:50:51 PM) (Source: Application Error)(User: )
Description: svchost.exe_stisvc6.1.7601.221375080442awiaservc.dll6.1.7601.175144ce7ca0f400000150000000000047a6b129bc01d001d69924d4caC:\Windows\system32\svchost.exec:\windows\system32\wiaservc.dlldde4d6db-6dc9-11e4-a525-7071bcdcd885
 
Error: (11/16/2014 02:48:27 PM) (Source: Microsoft-Windows-WMI)(User: NT AUTHORITY)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/16/2014 02:48:06 PM) (Source: Application Error)(User: )
Description: svchost.exe_stisvc6.1.7601.221375080442awiaservc.dll6.1.7601.175144ce7ca0f400000150000000000047a6b157d801d001d637096ab2C:\Windows\system32\svchost.exec:\windows\system32\wiaservc.dll7b5bed76-6dc9-11e4-b125-7071bcdcd885
 
Error: (11/16/2014 09:21:53 AM) (Source: Microsoft-Windows-WMI)(User: NT AUTHORITY)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/15/2014 01:07:43 PM) (Source: Microsoft-Windows-WMI)(User: NT AUTHORITY)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/15/2014 01:07:14 PM) (Source: Application Error)(User: )
Description: svchost.exe_stisvc6.1.7601.221375080442awiaservc.dll6.1.7601.175144ce7ca0f400000150000000000047a6b1054801d000feeefd4c9bC:\Windows\system32\svchost.exec:\windows\system32\wiaservc.dll39d473ff-6cf2-11e4-8024-7071bcdcd885
 
 
 
=========================== Installed Programs ============================
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34944 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.293 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 15.0.0.293 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Aion (HKLM-x32\...\{B9291CA2-6FA5-44EA-8EE0-923EB32ADAAB}) (Version: 4.0.0.3 - NC Interactive, LLC)
AION Free-to-Play (HKLM-x32\...\{82E73E8D-E1E7-45A4-A311-6D31492AA913}_is1) (Version:  - Gameforge)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
BattlePing (HKLM-x32\...\{DB480AC3-1578-B8DC-3F8F-786A2A4E3BC7}) (Version: 1.3.4.5 - BattlePing)
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CPUID CPU-Z 1.70 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.52 - DivX, LLC)
DrumsUI Updater (HKCU\...\DrumsUI Updater) (Version:  - )
EQ2MAP Updater 1.2.10 (HKLM-x32\...\EQ2MAP Updater) (Version: 1.2.10 - Johan Nilsson)
EverQuest II (2) (HKCU\...\SOE-EverQuest II (2)) (Version: 1.0.3.183 - Sony Online Entertainment)
EverQuest II (HKCU\...\SOE-EverQuest II) (Version:  - Sony Online Entertainment)
FirstClass® Client (HKLM-x32\...\{5B35C417-2649-11D6-83D1-0050FC01225C}) (Version: 10.0 (build 10.014) - FirstClass Division, Open Text Corporation.)
Fitbit Connect (HKLM-x32\...\{D3CD091B-296B-48E9-9F0F-E9FE53E02E41}) (Version: 1.0.3.5511 - Fitbit Inc.)
Gameforge Live 2.0.4 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.4 - Gameforge)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.122 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HP Officejet 6600 Basic Device Software (HKLM\...\{B407F586-D027-45C3-9109-CC2943E839FA}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HPDiagnosticCoreDll (HKLM-x32\...\{9262B08F-E183-4FED-A2BD-23FF1A84EB79}) (Version: 1.0.15.0 - Hewlett Packard)
iLivid (HKCU\...\iLivid) (Version: 5.0.0.4286 - Bandoo Media Inc)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 15.4 - Intel)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.3.9.2622 - IObit)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
K-Lite Codec Pack 10.5.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.5.5 - )
Legends of Norrath (HKCU\...\SOE-LegendsOfNorrath) (Version:  - Sony Online Entertainment)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Security Client (Version: 4.6.0305.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK (HKLM-x32\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSI Afterburner 3.0.1 (HKLM-x32\...\Afterburner) (Version: 3.0.1 - MSI Co., LTD)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Musicnotes Player V1.32.2 and Viewer V1.19.0 (HKLM-x32\...\Musicnotes Player_is1) (Version: 1.32.2 - Musicnotes Inc.)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version:  - NCSOFT)
netTALK (HKLM-x32\...\netTALK) (Version: 1.34 - netTALK)
netTALK DUO WiFi Management Tool (HKLM-x32\...\{1C369AF1-6121-4BDE-A109-468C1418DC23}) (Version: 1.0.5 - netTALK)
NVIDIA 3D Vision Controller Driver 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA Control Panel 344.11 (Version: 344.11 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.158.1212 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA ShadowPlay 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Update 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
OpenOffice 4.0.0 (HKLM-x32\...\{55E61709-D7D4-43C0-B45D-BFAF5C09A02D}) (Version: 4.00.9702 - Apache Software Foundation)
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
proXPN 2.5.3 (HKLM-x32\...\proXPN) (Version: 2.5.3 - )
Razer Core (HKLM-x32\...\Razer Core) (Version: 1.0.1.66 - Razer Inc)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.15.20888 - Razer Inc.)
RivaTuner Statistics Server 6.1.2 (HKLM-x32\...\RTSS) (Version: 6.1.2 - Unwinder)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.9.62.1 - Conduit)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.25 - Piriform)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
VisualBee V.6 Toolbar for IE (HKLM-x32\...\IECT3287805) (Version: 6.16.2.2 - VisualBee V.6)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
 
========================= Memory info: ===================================
 
Percentage of memory in use: 31%
Total physical RAM: 8171.95 MB
Available physical RAM: 5584.03 MB
Total Pagefile: 16342.08 MB
Available Pagefile: 13649.82 MB
Total Virtual: 4095.88 MB
Available Virtual: 3982.85 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:372.51 GB) (Free:112.24 GB) NTFS
2 Drive d: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\WIN-PVS7D20PCI3
 
Administrator            Guest                    
 
 
**** End of log ****


#5 Daanmakus

Daanmakus
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:09:42 PM

Posted 17 November 2014 - 05:02 PM

http://speccy.piriform.com/results/iYEqosjZcUR8gWvd3B8v3rl


You will also notice my disk drive is not recognized? Not sure why...

 

Thanks,

Andrew



#6 hamluis

hamluis

    Moderator


  • Moderator
  • 56,119 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:09:42 PM

Posted 18 November 2014 - 11:29 AM

Appears to me that you may be infected, moving topic to Am I Infected forum.

 

Louis



#7 Daanmakus

Daanmakus
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:09:42 PM

Posted 18 November 2014 - 02:38 PM

will someone else reply to me Louis?

 

Thanks,

Andrew



#8 maggot7

maggot7

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:42 PM

Posted 18 November 2014 - 02:59 PM

Hey Daanmakus,

 

These should serve as a start:

  • Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.


#9 Daanmakus

Daanmakus
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:09:42 PM

Posted 18 November 2014 - 04:52 PM

16:47:11.0776 0x60600  TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
16:47:18.0406 0x60600  ============================================================
16:47:18.0406 0x60600  Current date / time: 2014/11/18 16:47:18.0406
16:47:18.0406 0x60600  SystemInfo:
16:47:18.0406 0x60600  
16:47:18.0406 0x60600  OS Version: 6.1.7601 ServicePack: 1.0
16:47:18.0406 0x60600  Product type: Workstation
16:47:18.0406 0x60600  ComputerName: WIN-PVS7D20PCI3
16:47:18.0406 0x60600  UserName: Administrator
16:47:18.0406 0x60600  Windows directory: C:\Windows
16:47:18.0406 0x60600  System windows directory: C:\Windows
16:47:18.0406 0x60600  Running under WOW64
16:47:18.0406 0x60600  Processor architecture: Intel x64
16:47:18.0406 0x60600  Number of processors: 8
16:47:18.0406 0x60600  Page size: 0x1000
16:47:18.0406 0x60600  Boot type: Normal boot
16:47:18.0406 0x60600  ============================================================
16:47:20.0164 0x60600  KLMD registered as C:\Windows\system32\drivers\32488460.sys
16:47:21.0564 0x60600  System UUID: {2F68A45F-9A25-77D3-5087-BEAE48AD9C5C}
16:47:23.0492 0x60600  Drive \Device\Harddisk0\DR0 - Size: 0x5D27216000 ( 372.61 Gb ), SectorSize: 0x200, Cylinders: 0xBE01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:47:23.0497 0x60600  ============================================================
16:47:23.0497 0x60600  \Device\Harddisk0\DR0:
16:47:23.0497 0x60600  MBR partitions:
16:47:23.0497 0x60600  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:47:23.0497 0x60600  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x2E906000
16:47:23.0497 0x60600  ============================================================
16:47:23.0576 0x60600  C: <-> \Device\Harddisk0\DR0\Partition2
16:47:23.0659 0x60600  D: <-> \Device\Harddisk0\DR0\Partition1
16:47:23.0660 0x60600  ============================================================
16:47:23.0660 0x60600  Initialize success
16:47:23.0660 0x60600  ============================================================
16:47:28.0578 0x651b4  ============================================================
16:47:28.0578 0x651b4  Scan started
16:47:28.0578 0x651b4  Mode: Manual; 
16:47:28.0578 0x651b4  ============================================================
16:47:28.0578 0x651b4  KSN ping started
16:47:31.0291 0x651b4  KSN ping finished: true
16:47:33.0513 0x651b4  ================ Scan system memory ========================
16:47:33.0513 0x651b4  System memory - ok
16:47:33.0513 0x651b4  ================ Scan services =============================
16:47:35.0716 0x651b4  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
16:47:35.0759 0x651b4  1394ohci - ok
16:47:35.0870 0x651b4  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:47:35.0909 0x651b4  ACPI - ok
16:47:35.0986 0x651b4  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
16:47:36.0028 0x651b4  AcpiPmi - ok
16:47:36.0616 0x651b4  [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:47:36.0661 0x651b4  AdobeARMservice - ok
16:47:37.0771 0x651b4  [ D51145F6B0CE987850F13A61DAD5E531, 67CB6AB8C42781FA717CBEF81F3C658747E3B7814383056A56EDA99583FDBFD5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:47:37.0794 0x651b4  AdobeFlashPlayerUpdateSvc - ok
16:47:38.0056 0x651b4  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
16:47:38.0089 0x651b4  adp94xx - ok
16:47:38.0275 0x651b4  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
16:47:38.0296 0x651b4  adpahci - ok
16:47:38.0462 0x651b4  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
16:47:38.0484 0x651b4  adpu320 - ok
16:47:38.0544 0x651b4  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:47:38.0607 0x651b4  AeLookupSvc - ok
16:47:38.0739 0x651b4  [ BDF76C3CE993FFB6214287272708364F, C2112D58104DD8FB74530F6DCA4F1261C82F26DE928E0BD764BCB6EF49B59A2D ] AFD             C:\Windows\system32\drivers\afd.sys
16:47:38.0763 0x651b4  AFD - ok
16:47:38.0841 0x651b4  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
16:47:38.0859 0x651b4  agp440 - ok
16:47:38.0943 0x651b4  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
16:47:39.0007 0x651b4  ALG - ok
16:47:39.0119 0x651b4  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:47:39.0132 0x651b4  aliide - ok
16:47:39.0172 0x651b4  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
16:47:39.0182 0x651b4  amdide - ok
16:47:39.0236 0x651b4  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
16:47:39.0267 0x651b4  AmdK8 - ok
16:47:39.0302 0x651b4  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
16:47:39.0304 0x651b4  AmdPPM - ok
16:47:39.0351 0x651b4  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:47:39.0383 0x651b4  amdsata - ok
16:47:39.0489 0x651b4  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
16:47:39.0510 0x651b4  amdsbs - ok
16:47:39.0536 0x651b4  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:47:39.0537 0x651b4  amdxata - ok
16:47:39.0886 0x651b4  [ 59D01FA91962C9C1E9B4022B2D3B46DB, 3A111588538B77F010B5C900FB8425DDE55A08DBAC308CA7FB7BD9FCCCDEC69F ] AppHostSvc      C:\Windows\system32\inetsrv\apphostsvc.dll
16:47:39.0907 0x651b4  AppHostSvc - ok
16:47:40.0020 0x651b4  [ D6934D14EDAEC74F47C8C6A8026ADA01, 6FC7F30216DD33441702438E7BE49158DB1C62B45B30FA27280FCB8E394E5EA7 ] AppID           C:\Windows\system32\drivers\appid.sys
16:47:40.0033 0x651b4  AppID - ok
16:47:40.0053 0x651b4  [ A66E46C7C869B195EBB2D8F00A210B75, 45E4CD1681DEC199796FD7047485BA65B80200BC6E15B621C674A388B438E7F8 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:47:40.0054 0x651b4  AppIDSvc - ok
16:47:40.0098 0x651b4  [ 9651B55594F10F65D6D4498B89E5A4C5, 0726F44A81298116E61DCF720383C2E295EA96C79364A19B1ED1C274D20B3D77 ] Appinfo         C:\Windows\System32\appinfo.dll
16:47:40.0099 0x651b4  Appinfo - ok
16:47:40.0287 0x651b4  [ 608D6A90E989C6522F170E5526A64BF4, 36EDD07DF6BD2D20121F63CF720C289FCCF7C53574D37F99C2F9ED68298D655B ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:47:40.0305 0x651b4  Apple Mobile Device - ok
16:47:40.0389 0x651b4  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
16:47:40.0411 0x651b4  arc - ok
16:47:40.0474 0x651b4  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
16:47:40.0494 0x651b4  arcsas - ok
16:47:41.0437 0x651b4  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:47:41.0569 0x651b4  aspnet_state - ok
16:47:41.0673 0x651b4  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:47:41.0688 0x651b4  AsyncMac - ok
16:47:41.0814 0x651b4  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
16:47:41.0814 0x651b4  atapi - ok
16:47:41.0956 0x651b4  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:47:42.0298 0x651b4  AudioEndpointBuilder - ok
16:47:42.0850 0x651b4  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
16:47:42.0870 0x651b4  AudioSrv - ok
16:47:43.0016 0x651b4  [ 68430AD3FB0FADBFA5D1677617D1E1F5, CF732DD21B472653AB0A4063455F2E7608F3075C255B9882D18CB52026B6C972 ] avgtp           C:\Windows\system32\drivers\avgtpx64.sys
16:47:43.0017 0x651b4  avgtp - ok
16:47:43.0119 0x651b4  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:47:43.0136 0x651b4  AxInstSV - ok
16:47:43.0460 0x651b4  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
16:47:43.0479 0x651b4  b06bdrv - ok
16:47:43.0729 0x651b4  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
16:47:43.0750 0x651b4  b57nd60a - ok
16:47:43.0890 0x651b4  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
16:47:43.0893 0x651b4  BDESVC - ok
16:47:43.0954 0x651b4  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:47:43.0955 0x651b4  Beep - ok
16:47:44.0623 0x68c74  Object required for P2P: [ D51145F6B0CE987850F13A61DAD5E531 ] AdobeFlashPlayerUpdateSvc
16:47:44.0872 0x651b4  [ F513F0CE75F873A0050A34379A8E76B5, CB1329CCAE7B8EBB711772F4A4C5ABBC47347C948BBBDEE011A8A25872B0C17D ] BFE             C:\Windows\System32\bfe.dll
16:47:45.0009 0x651b4  BFE - ok
16:47:45.0113 0x651b4  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
16:47:45.0304 0x651b4  BITS - ok
16:47:45.0360 0x651b4  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
16:47:45.0363 0x651b4  blbdrive - ok
16:47:45.0782 0x651b4  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:47:45.0824 0x651b4  Bonjour Service - ok
16:47:45.0923 0x651b4  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:47:46.0112 0x651b4  bowser - ok
16:47:46.0243 0x651b4  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
16:47:46.0244 0x651b4  BrFiltLo - ok
16:47:46.0488 0x651b4  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
16:47:46.0490 0x651b4  BrFiltUp - ok
16:47:46.0577 0x651b4  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
16:47:46.0581 0x651b4  Browser - ok
16:47:46.0744 0x651b4  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
16:47:46.0765 0x651b4  Brserid - ok
16:47:46.0783 0x651b4  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:47:46.0786 0x651b4  BrSerWdm - ok
16:47:47.0063 0x651b4  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:47:47.0076 0x651b4  BrUsbMdm - ok
16:47:47.0139 0x651b4  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
16:47:47.0140 0x651b4  BrUsbSer - ok
16:47:47.0265 0x651b4  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
16:47:47.0328 0x651b4  BTHMODEM - ok
16:47:47.0417 0x651b4  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
16:47:47.0420 0x651b4  bthserv - ok
16:47:47.0517 0x651b4  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:47:47.0559 0x651b4  cdfs - ok
16:47:47.0727 0x651b4  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
16:47:47.0734 0x68c74  Object send P2P result: true
16:47:47.0748 0x651b4  cdrom - ok
16:47:48.0061 0x651b4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
16:47:48.0293 0x651b4  CertPropSvc - ok
16:47:48.0448 0x651b4  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
16:47:48.0523 0x651b4  circlass - ok
16:47:48.0925 0x651b4  [ FF60401F1C659CA2ED4BAE85D3FD14DA, 71EEA0078E1545A2F80B0020BE7113843B713DE1A5CC20D9810BD9F3889A4DB0 ] CISVC           C:\Windows\system32\CISVC.EXE
16:47:48.0945 0x651b4  CISVC - ok
16:47:49.0216 0x651b4  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
16:47:49.0282 0x651b4  CLFS - ok
16:47:49.0718 0x651b4  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:47:49.0742 0x651b4  clr_optimization_v2.0.50727_32 - ok
16:47:50.0053 0x651b4  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:47:50.0059 0x651b4  clr_optimization_v2.0.50727_64 - ok
16:47:50.0745 0x651b4  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:47:51.0521 0x651b4  clr_optimization_v4.0.30319_32 - ok
16:47:51.0584 0x651b4  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:47:51.0654 0x651b4  clr_optimization_v4.0.30319_64 - ok
16:47:52.0057 0x651b4  [ 878D97298306A78501EC4CD05B3CC570, AF50592F680C28017B46307C4ADE1B8FCC2852265AEA50D4CA077C9B94F76BBE ] CltMngSvc       C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe
16:47:52.0286 0x651b4  CltMngSvc - ok
16:47:52.0358 0x651b4  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
16:47:52.0379 0x651b4  CmBatt - ok
16:47:52.0400 0x651b4  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:47:52.0401 0x651b4  cmdide - ok
16:47:52.0657 0x651b4  [ 29F5E6D593ED5CAC96B0889FD6CF555B, 1A0807F57DD83CAADED8BF96E6FF3A1DAB8C38E4A377D26D60E55C9B814D40AF ] CNG             C:\Windows\system32\Drivers\cng.sys
16:47:52.0720 0x651b4  CNG - ok
16:47:52.0777 0x651b4  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
16:47:52.0807 0x651b4  Compbatt - ok
16:47:52.0861 0x651b4  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
16:47:52.0883 0x651b4  CompositeBus - ok
16:47:52.0924 0x651b4  COMSysApp - ok
16:47:53.0014 0x651b4  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
16:47:53.0029 0x651b4  crcdisk - ok
16:47:53.0157 0x651b4  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:47:53.0164 0x651b4  CryptSvc - ok
16:47:54.0852 0x651b4  [ FCF1073020F1E564A722398EE8BF242F, 45B96A67B98026A580B023D3A7015D6370E2E92ECF209865FDE6507357544E38 ] DatamngrCoordinator C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe
16:47:55.0234 0x651b4  DatamngrCoordinator - ok
16:47:55.0655 0x651b4  [ F3EF088F45BE326B4EDAC8C1C5A35105, 6A8F992981AB68F811E3EF51545A0B0572A88C746472D24042646329B581F519 ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:47:55.0719 0x651b4  DcomLaunch - ok
16:47:55.0847 0x651b4  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
16:47:55.0867 0x651b4  defragsvc - ok
16:47:56.0132 0x651b4  [ A61E76AA38582730CEFA51B78B3184B2, 1E7B401E9765C18CA17F26D796CC77601FC06220C4B88FE5727215B0446BE8BB ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:47:56.0159 0x651b4  DfsC - ok
16:47:56.0396 0x651b4  [ 3249F4E4DBF1BD24B40DFF385F2511D4, BFDF544580127CE07FCF01DE6A011C478F7D5948569B649BB5B0AAD85B2188F2 ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:47:56.0414 0x651b4  Dhcp - ok
16:47:56.0446 0x651b4  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
16:47:56.0447 0x651b4  discache - ok
16:47:56.0577 0x651b4  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
16:47:56.0581 0x651b4  Disk - ok
16:47:56.0739 0x651b4  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:47:56.0825 0x651b4  Dnscache - ok
16:47:56.0960 0x651b4  [ 8DA62036CC6192959D675142A3084916, BA97989D8E047872C54BC517697366741AFBB483906185EDED67C7C5854FCB4F ] dot3svc         C:\Windows\System32\dot3svc.dll
16:47:57.0015 0x651b4  dot3svc - ok
16:47:57.0189 0x651b4  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
16:47:57.0223 0x651b4  DPS - ok
16:47:57.0305 0x651b4  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:47:57.0347 0x651b4  drmkaud - ok
16:47:57.0659 0x651b4  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:47:57.0683 0x651b4  DXGKrnl - ok
16:47:57.0920 0x651b4  [ 3E09F5F961D51FD1A1E918FF41AAC9C6, A8658D2AFF393EEC5C08D33AFA8C3D1489E6A3D5146A0B7E1D66A3519B3C906E ] e1cexpress      C:\Windows\system32\DRIVERS\e1c62x64.sys
16:47:57.0927 0x651b4  e1cexpress - ok
16:47:57.0980 0x651b4  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
16:47:57.0998 0x651b4  EapHost - ok
16:47:58.0467 0x651b4  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
16:47:58.0618 0x651b4  ebdrv - ok
16:47:58.0824 0x651b4  [ 6598EBC4D209318EBD81F76833ECBEDB, A941E8FD33962F69722A007E946AA36B0A52C3913958C700404D21E09D331D9E ] EFS             C:\Windows\System32\lsass.exe
16:47:58.0836 0x651b4  EFS - ok
16:48:00.0323 0x651b4  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:48:00.0501 0x651b4  ehRecvr - ok
16:48:00.0726 0x651b4  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
16:48:00.0744 0x651b4  ehSched - ok
16:48:01.0043 0x651b4  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
16:48:01.0064 0x651b4  elxstor - ok
16:48:01.0078 0x651b4  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:48:01.0099 0x651b4  ErrDev - ok
16:48:01.0844 0x651b4  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
16:48:01.0865 0x651b4  EventSystem - ok
16:48:01.0983 0x651b4  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
16:48:02.0024 0x651b4  exfat - ok
16:48:02.0285 0x651b4  [ 8BBCAD4BADC21F4E1E25E246B1F338E5, A1EB7EB50C2B2F25E111B8FDE63D5D1A96709A50D4BCE641335653B57FC76988 ] F06DEFF2-5B9C-490D-910F-35D3A9119622 C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\setmgrc2.cfg
16:48:02.0293 0x651b4  F06DEFF2-5B9C-490D-910F-35D3A9119622 - ok
16:48:02.0377 0x651b4  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:48:02.0393 0x651b4  fastfat - ok
16:48:02.0508 0x651b4  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
16:48:02.0551 0x651b4  Fax - ok
16:48:02.0600 0x651b4  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
16:48:02.0621 0x651b4  fdc - ok
16:48:02.0683 0x651b4  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
16:48:02.0704 0x651b4  fdPHost - ok
16:48:02.0767 0x651b4  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:48:02.0769 0x651b4  FDResPub - ok
16:48:02.0851 0x651b4  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:48:02.0871 0x651b4  FileInfo - ok
16:48:02.0955 0x651b4  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:48:03.0019 0x651b4  Filetrace - ok
16:48:03.0750 0x651b4  [ 31AC02203B716CBF8829343C91C8FD75, 6231A842733887C9A0CD513E9AFEF4A35152F4BCC9706EEAB38DC898B10AF9BD ] Fitbit Connect  C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
16:48:03.0875 0x651b4  Fitbit Connect - ok
16:48:03.0920 0x651b4  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
16:48:03.0941 0x651b4  flpydisk - ok
16:48:04.0049 0x651b4  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:48:04.0054 0x651b4  FltMgr - ok
16:48:04.0501 0x651b4  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
16:48:04.0609 0x651b4  FontCache - ok
16:48:04.0843 0x651b4  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:48:04.0969 0x651b4  FontCache3.0.0.0 - ok
16:48:05.0017 0x651b4  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:48:05.0032 0x651b4  FsDepends - ok
16:48:05.0200 0x651b4  [ B3EB502D2C3F47C47415F85387DFAEF1, 5240D4281BB9FBFBFEB98522D12F0C006BE063C084C2E6E23DACB6606CDC25AE ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
16:48:05.0245 0x651b4  fssfltr - ok
16:48:05.0894 0x651b4  [ 7B4C82899A967A7EB22DAB502770AE8E, 209FB59669070FCAAACB24B0CE81C375362BF1C519B15FDB5AA3EC2C87E2069B ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
16:48:05.0960 0x651b4  fsssvc - ok
16:48:06.0059 0x651b4  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:48:06.0059 0x651b4  Fs_Rec - ok
16:48:06.0314 0x651b4  [ D225864F6FD96575A303A20BD42383ED, 291ECE0E6D9756EBC7D9D80DC4B1458957DB284D3927034B1C36FA4425C50FD0 ] ftpsvc          C:\Windows\system32\inetsrv\ftpsvc.dll
16:48:06.0324 0x651b4  ftpsvc - ok
16:48:06.0509 0x651b4  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:48:06.0564 0x651b4  fvevol - ok
16:48:06.0751 0x651b4  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
16:48:06.0835 0x651b4  gagp30kx - ok
16:48:06.0897 0x651b4  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:48:06.0919 0x651b4  GEARAspiWDM - ok
16:48:07.0161 0x651b4  [ 030B778F4272DF185E4E2E8EC49D162E, 702E884DC9C56D67A250F2DE4C293A878054F0F0A3BB64944A204445D9D5357F ] gpsvc           C:\Windows\System32\gpsvc.dll
16:48:07.0183 0x651b4  gpsvc - ok
16:48:07.0401 0x651b4  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:48:07.0422 0x651b4  gupdate - ok
16:48:07.0485 0x651b4  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:48:07.0487 0x651b4  gupdatem - ok
16:48:07.0526 0x651b4  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:48:07.0593 0x651b4  hcw85cir - ok
16:48:07.0844 0x651b4  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:48:07.0929 0x651b4  HdAudAddService - ok
16:48:08.0037 0x651b4  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
16:48:08.0094 0x651b4  HDAudBus - ok
16:48:08.0139 0x651b4  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
16:48:08.0157 0x651b4  HidBatt - ok
16:48:08.0220 0x651b4  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
16:48:08.0265 0x651b4  HidBth - ok
16:48:08.0394 0x651b4  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
16:48:08.0438 0x651b4  HidIr - ok
16:48:08.0518 0x651b4  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
16:48:08.0536 0x651b4  hidserv - ok
16:48:08.0680 0x651b4  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
16:48:08.0680 0x651b4  HidUsb - ok
16:48:08.0785 0x651b4  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:48:08.0808 0x651b4  hkmsvc - ok
16:48:08.0955 0x651b4  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:48:08.0961 0x651b4  HomeGroupListener - ok
16:48:09.0038 0x651b4  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:48:09.0059 0x651b4  HomeGroupProvider - ok
16:48:09.0225 0x651b4  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:48:09.0232 0x651b4  HpSAMD - ok
16:48:09.0351 0x651b4  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:48:09.0402 0x651b4  HTTP - ok
16:48:09.0434 0x651b4  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:48:09.0434 0x651b4  hwpolicy - ok
16:48:09.0540 0x651b4  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
16:48:09.0544 0x651b4  i8042prt - ok
16:48:09.0712 0x651b4  [ D7921D5A870B11CC1ADAB198A519D50A, 5DF99EB5D5504E9D9EB21658E8B4A58DEE2AD143A1875DB7F9B7BF4877FCB57F ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
16:48:09.0718 0x651b4  iaStor - ok
16:48:09.0924 0x651b4  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:48:09.0942 0x651b4  iaStorV - ok
16:48:10.0184 0x651b4  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:48:10.0293 0x651b4  idsvc - ok
16:48:11.0384 0x651b4  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
16:48:11.0405 0x651b4  iirsp - ok
16:48:11.0530 0x651b4  [ AB55B8A9B13130F638546881CE4425F8, 8427E67BE02ECABAA3F0C48BD4205BCBD4C978B48AE4E7336DA5821DFC49029E ] IISADMIN        C:\Windows\system32\inetsrv\inetinfo.exe
16:48:11.0531 0x651b4  IISADMIN - ok
16:48:11.0681 0x651b4  [ 1E2A51DB8B28CD431D2B5C76A71AAEE3, A356E381C155DF7D3E905696D63A652D1C01D524B6B866C2288ECC5F3B3D4AB9 ] IKEEXT          C:\Windows\System32\ikeext.dll
16:48:11.0725 0x651b4  IKEEXT - ok
16:48:11.0812 0x651b4  IntcAzAudAddService - ok
16:48:11.0887 0x651b4  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
16:48:11.0929 0x651b4  intelide - ok
16:48:12.0014 0x651b4  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
16:48:12.0015 0x651b4  intelppm - ok
16:48:12.0097 0x651b4  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:48:12.0100 0x651b4  IPBusEnum - ok
16:48:12.0119 0x651b4  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:48:12.0122 0x651b4  IpFilterDriver - ok
16:48:12.0190 0x651b4  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:48:12.0209 0x651b4  iphlpsvc - ok
16:48:12.0244 0x651b4  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
16:48:12.0250 0x651b4  IPMIDRV - ok
16:48:12.0307 0x651b4  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:48:12.0328 0x651b4  IPNAT - ok
16:48:12.0544 0x651b4  [ 635F7587F7576AA14871B850EB95BFB8, 75CB8F4D511964BB9104E93EF31D2DDF1227DACE1EDB9DE25AE9719835B6C34B ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
16:48:12.0565 0x651b4  iPod Service - ok
16:48:13.0039 0x651b4  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:48:13.0047 0x651b4  IRENUM - ok
16:48:13.0168 0x651b4  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:48:13.0186 0x651b4  isapnp - ok
16:48:13.0357 0x651b4  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
16:48:13.0420 0x651b4  iScsiPrt - ok
16:48:13.0460 0x651b4  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
16:48:13.0462 0x651b4  kbdclass - ok
16:48:13.0501 0x651b4  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
16:48:13.0503 0x651b4  kbdhid - ok
16:48:13.0543 0x651b4  [ 6598EBC4D209318EBD81F76833ECBEDB, A941E8FD33962F69722A007E946AA36B0A52C3913958C700404D21E09D331D9E ] KeyIso          C:\Windows\system32\lsass.exe
16:48:13.0544 0x651b4  KeyIso - ok
16:48:13.0611 0x651b4  [ A6C623B5EAF9C0D03EA9BB55215E3307, 115863684786480C2EEF7B31690C60D28A4B8CAB9B9E5AB55BADECC692805E7E ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:48:13.0628 0x651b4  KSecDD - ok
16:48:13.0670 0x651b4  [ F2908E8C29163DD5E7A02556012792C5, DE8FA9FA3FB7B403ADDBC371DB20BD20DA774E16E7C7EB147B840731A68E9763 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:48:13.0673 0x651b4  KSecPkg - ok
16:48:13.0756 0x651b4  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:48:13.0757 0x651b4  ksthunk - ok
16:48:13.0821 0x651b4  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:48:13.0829 0x651b4  KtmRm - ok
16:48:13.0923 0x651b4  [ 5CE3ADEF1C7203DCC0467E084ACE5643, E8A26479F296451310D42215E3E280C80A18BD6E537A854D1702873AC4162382 ] LanmanServer    C:\Windows\system32\srvsvc.dll
16:48:13.0944 0x651b4  LanmanServer - ok
16:48:14.0009 0x651b4  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:48:14.0026 0x651b4  LanmanWorkstation - ok
16:48:14.0633 0x651b4  [ D69FDDADA5CF0097966C4F52C2E6FEBA, 35FA7E4658AFCCE293F31E66B695D45D31A0ADF4C837DA1C801F7577B73754AC ] LiveUpdateSvc   C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
16:48:14.0676 0x651b4  LiveUpdateSvc - ok
16:48:14.0717 0x651b4  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:48:14.0738 0x651b4  lltdio - ok
16:48:14.0889 0x651b4  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:48:14.0917 0x651b4  lltdsvc - ok
16:48:14.0947 0x651b4  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:48:14.0948 0x651b4  lmhosts - ok
16:48:15.0099 0x651b4  [ 5DCD36FC4A6ECBF6E7F9B3BF7E0D0F55, 265BDBC10CC256CB35F2BF5A9A25246D1859400087370A2B629783B9D3F7D0D4 ] LPDSVC          C:\Windows\system32\lpdsvc.dll
16:48:15.0115 0x651b4  LPDSVC - ok
16:48:15.0141 0x651b4  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
16:48:15.0158 0x651b4  LSI_FC - ok
16:48:15.0204 0x651b4  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
16:48:15.0206 0x651b4  LSI_SAS - ok
16:48:15.0228 0x651b4  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
16:48:15.0229 0x651b4  LSI_SAS2 - ok
16:48:15.0293 0x651b4  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
16:48:15.0305 0x651b4  LSI_SCSI - ok
16:48:15.0328 0x651b4  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
16:48:15.0331 0x651b4  luafv - ok
16:48:15.0376 0x651b4  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:48:15.0409 0x651b4  Mcx2Svc - ok
16:48:15.0429 0x651b4  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
16:48:15.0431 0x651b4  megasas - ok
16:48:15.0566 0x651b4  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
16:48:15.0625 0x651b4  MegaSR - ok
16:48:15.0682 0x651b4  [ 9042E630FE102F1A2436EE05857CD139, 96C855824E46E2863EBC4A70FC195A14BD9FDD35107358B83D6C3CD01C522F3C ] MEIx64          C:\Windows\system32\DRIVERS\TeeDriverx64.sys
16:48:15.0691 0x651b4  MEIx64 - ok
16:48:15.0744 0x651b4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
16:48:15.0765 0x651b4  MMCSS - ok
16:48:15.0795 0x651b4  [ BFFB0C93D9FB43CA42EF11C9240BFF7F, E1E98C55DF9A56316050A21AC5A7D764338DA55F6124B52A52E71B5B0089C3FA ] Modem           C:\Windows\system32\drivers\modem.sys
16:48:15.0807 0x651b4  Modem - ok
16:48:15.0869 0x651b4  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:48:15.0870 0x651b4  monitor - ok
16:48:15.0891 0x651b4  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:48:15.0892 0x651b4  mouclass - ok
16:48:15.0932 0x651b4  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:48:15.0939 0x651b4  mouhid - ok
16:48:15.0975 0x651b4  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:48:15.0983 0x651b4  mountmgr - ok
16:48:16.0089 0x651b4  [ 707E98CC15C2224C078C9E71FF1889BC, 958416FE081436FDBF7F2BEBBB2795C54CC4F3F349D6DF463296A7BBA3404F13 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:48:16.0109 0x651b4  MozillaMaintenance - ok
16:48:16.0271 0x651b4  [ 6439D1E559D08BD8A1465A8943357053, 0E300508C22D12FBA3BE566B722F574CBE1B4A1A305356B92B8EA8B86267071B ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
16:48:16.0276 0x651b4  MpFilter - ok
16:48:16.0395 0x651b4  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:48:16.0416 0x651b4  mpio - ok
16:48:16.0436 0x651b4  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:48:16.0438 0x651b4  mpsdrv - ok
16:48:16.0760 0x651b4  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:48:16.0821 0x651b4  MpsSvc - ok
16:48:16.0898 0x651b4  [ 83A296715A67D696F101130AB44B92A7, 365D984745C38CA6AD2EE038834A02BE03AAAF02BCEB40B4E60E4309C01C3BE2 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:48:16.0919 0x651b4  MRxDAV - ok
16:48:16.0961 0x651b4  [ 631EC673CD9115AA5A3570E7C092A410, 2FD8525D0BAE43C7D0E8858B65EC2E707734CC59CB642617712C2AA62CF10B04 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:48:16.0983 0x651b4  mrxsmb - ok
16:48:17.0007 0x651b4  [ B10A0DF47FB6A1B807617A8EB8CF1045, 6EAD4CD5B6325718143AF46B100E0122C254A7E3EECF87AE8590A783D60DD2D0 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:48:17.0028 0x651b4  mrxsmb10 - ok
16:48:17.0066 0x651b4  [ B7D1933C1835A39B55BB59A2190DC858, B594BDEA0FB8CE1C736A2F8487A7EC5353AFB1B2DF80178F21897EFDD6D6C4C5 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:48:17.0086 0x651b4  mrxsmb20 - ok
16:48:17.0150 0x651b4  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:48:17.0151 0x651b4  msahci - ok
16:48:17.0212 0x651b4  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:48:17.0241 0x651b4  msdsm - ok
16:48:17.0256 0x651b4  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
16:48:17.0259 0x651b4  MSDTC - ok
16:48:17.0295 0x651b4  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:48:17.0296 0x651b4  Msfs - ok
16:48:17.0336 0x651b4  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:48:17.0357 0x651b4  mshidkmdf - ok
16:48:17.0378 0x651b4  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:48:17.0379 0x651b4  msisadrv - ok
16:48:17.0443 0x651b4  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:48:17.0450 0x651b4  MSiSCSI - ok
16:48:17.0464 0x651b4  msiserver - ok
16:48:17.0510 0x651b4  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:48:17.0511 0x651b4  MSKSSRV - ok
16:48:17.0609 0x651b4  [ F0D5494D8B177C37E16966262F5D0F68, DD63427DFFD9DD2BEC8336F6AD1BEFE347012331631DC5FEC65E83B1EACDBC67 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
16:48:17.0610 0x651b4  MsMpSvc - ok
16:48:17.0672 0x651b4  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:48:17.0673 0x651b4  MSPCLOCK - ok
16:48:17.0760 0x651b4  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:48:17.0761 0x651b4  MSPQM - ok
16:48:17.0886 0x651b4  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:48:17.0907 0x651b4  MsRPC - ok
16:48:17.0924 0x651b4  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
16:48:17.0924 0x651b4  mssmbios - ok
16:48:17.0945 0x651b4  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:48:17.0946 0x651b4  MSTEE - ok
16:48:17.0965 0x651b4  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
16:48:17.0967 0x651b4  MTConfig - ok
16:48:17.0987 0x651b4  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
16:48:17.0988 0x651b4  Mup - ok
16:48:18.0153 0x651b4  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
16:48:18.0202 0x651b4  napagent - ok
16:48:18.0305 0x651b4  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:48:18.0326 0x651b4  NativeWifiP - ok
16:48:18.0748 0x651b4  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:48:18.0826 0x651b4  NDIS - ok
16:48:18.0909 0x651b4  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:48:18.0910 0x651b4  NdisCap - ok
16:48:18.0999 0x651b4  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:48:19.0000 0x651b4  NdisTapi - ok
16:48:19.0056 0x651b4  [ 662CBFAA835FFF1A935DD01890AAFC62, 41CD715EF77446E2ECD70A512BF2A5DC8C32C0F38E56F48621461784C28CF914 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:48:19.0059 0x651b4  Ndisuio - ok
16:48:19.0162 0x651b4  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:48:19.0183 0x651b4  NdisWan - ok
16:48:19.0265 0x651b4  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:48:19.0314 0x651b4  NDProxy - ok
16:48:19.0412 0x651b4  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:48:19.0414 0x651b4  NetBIOS - ok
16:48:19.0499 0x651b4  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:48:19.0541 0x651b4  NetBT - ok
16:48:19.0621 0x651b4  [ 6598EBC4D209318EBD81F76833ECBEDB, A941E8FD33962F69722A007E946AA36B0A52C3913958C700404D21E09D331D9E ] Netlogon        C:\Windows\system32\lsass.exe
16:48:19.0622 0x651b4  Netlogon - ok
16:48:19.0803 0x651b4  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
16:48:19.0818 0x651b4  Netman - ok
16:48:19.0916 0x651b4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:48:20.0002 0x651b4  NetMsmqActivator - ok
16:48:20.0006 0x651b4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:48:20.0009 0x651b4  NetPipeActivator - ok
16:48:20.0193 0x651b4  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
16:48:20.0237 0x651b4  netprofm - ok
16:48:20.0355 0x651b4  [ FDA392A0404BABC5B51F31F2AF1059F2, 6E72A9B1575B5ED12899331E1E7D826871F2EC6AA4709FCA7BF6DA1C414FC540 ] nettalkd        C:\Windows\system32\DRIVERS\nettalkd.sys
16:48:20.0450 0x651b4  nettalkd - ok
16:48:20.0544 0x651b4  NetTalkUsrLaunchService - ok
16:48:20.0546 0x651b4  NetTalkUsrService - ok
16:48:20.0609 0x651b4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:48:20.0612 0x651b4  NetTcpActivator - ok
16:48:20.0629 0x651b4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:48:20.0632 0x651b4  NetTcpPortSharing - ok
16:48:20.0733 0x651b4  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
16:48:20.0775 0x651b4  nfrd960 - ok
16:48:20.0859 0x651b4  [ F9EEFFC65C68A45001D1349E652B8B6F, E5F223129416083A12A85D48C65B2C8D1BF1124110399938E144308C89F9241D ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:48:20.0862 0x651b4  NisDrv - ok
16:48:20.0927 0x651b4  [ 9690F420A99364C1E5C439914B0DE25C, 6C6E0B27C4255001FE5F1EAD911DE1A8BF922C405B0C8031A6BD253CEB1D02A6 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
16:48:20.0968 0x651b4  NisSrv - ok
16:48:21.0099 0x651b4  [ 843E337C1CDD282545ED7515345E263B, B0E485856FC1C28DA6C453BF60A04F603BA15D7B0D84896E878049198F2FD1C9 ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:48:21.0134 0x651b4  NlaSvc - ok
16:48:21.0215 0x651b4  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:48:21.0236 0x651b4  Npfs - ok
16:48:21.0278 0x651b4  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
16:48:21.0280 0x651b4  nsi - ok
16:48:21.0361 0x651b4  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:48:21.0362 0x651b4  nsiproxy - ok
16:48:21.0684 0x651b4  [ 48B6047F82D5A8D0AEC71593F4ACD79B, A96F91C1DFD1CBB17C05B5DAAC4956169380E988FB4223E4588FEF34C2BC5249 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:48:21.0761 0x651b4  Ntfs - ok
16:48:21.0823 0x651b4  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
16:48:21.0865 0x651b4  Null - ok
16:48:21.0930 0x651b4  [ 7BDEC000D56D485021D9C1E63C2F81CA, 7F1303FD0371AF8715BFC38433B730C797170AEF10C7DB845B7B547DA8DBB5D5 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
16:48:21.0951 0x651b4  nusb3xhc - ok
16:48:22.0127 0x651b4  [ C87B11EB78428853F9E8495C47E53C10, FAE479DB0812967B3FF968773BA998591B4F50BE4329B8349BCA7E6EAB1B0474 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
16:48:22.0184 0x651b4  NVHDA - ok
16:48:24.0173 0x651b4  [ FDB03499693DEFD0B6754264C187F967, 7A011832868A685E37DFA7815AABABD7BE14D7E4F05FE1F5349E5BC96AA1DE82 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:48:24.0399 0x651b4  nvlddmkm - ok
16:48:24.0825 0x651b4  [ 45D6780D0525D7BC29E2E3605CA73C18, C8BBE8BE9824CD1D3C4314FE370FA03BD6000187B4FC4FC935F8342E1A02FA7E ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
16:48:24.0880 0x651b4  NvNetworkService - ok
16:48:24.0953 0x651b4  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:48:24.0957 0x651b4  nvraid - ok
16:48:25.0074 0x651b4  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:48:25.0079 0x651b4  nvstor - ok
16:48:25.0306 0x651b4  [ A0D870DCE152EE5B92A41AD927201D19, 67FB025CB380D933BF0FDD4AFE9BE4E3C1D69A59865E02A96533BBE9EC260D71 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
16:48:25.0306 0x651b4  NvStreamKms - ok
16:48:29.0147 0x651b4  [ E5597D09E5239C0F908948DB7057AC26, A6045D4D9D2F8007B0F75DAAABB2AD9FEB4A898E33A51ECE9A9D788D8E8F84A4 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
16:48:29.0819 0x651b4  NvStreamSvc - ok
16:48:30.0096 0x651b4  [ 103C5A4A296D7958B2E150A15884B240, D57DCDD668CAE26AC4EDD30BF415421B8F63071245538FC8D940CD430A169445 ] nvsvc           C:\Windows\system32\nvvsvc.exe
16:48:30.0582 0x651b4  nvsvc - ok
16:48:30.0690 0x651b4  [ 75034A4D7C02327D150B617571D4196A, 8E7DAFEC4307E883D52BD0B5F0732E26E019C953770B52ACBBAD3074A66393CB ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
16:48:30.0691 0x651b4  nvvad_WaveExtensible - ok
16:48:30.0722 0x651b4  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:48:30.0734 0x651b4  nv_agp - ok
16:48:30.0754 0x651b4  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:48:30.0755 0x651b4  ohci1394 - ok
16:48:30.0862 0x651b4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:48:30.0905 0x651b4  p2pimsvc - ok
16:48:31.0115 0x651b4  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
16:48:31.0157 0x651b4  p2psvc - ok
16:48:31.0215 0x651b4  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
16:48:31.0257 0x651b4  Parport - ok
16:48:31.0302 0x651b4  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:48:31.0347 0x651b4  partmgr - ok
16:48:31.0405 0x651b4  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:48:31.0426 0x651b4  PcaSvc - ok
16:48:31.0531 0x651b4  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
16:48:31.0594 0x651b4  pci - ok
16:48:31.0660 0x651b4  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
16:48:31.0704 0x651b4  pciide - ok
16:48:31.0783 0x651b4  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
16:48:31.0809 0x651b4  pcmcia - ok
16:48:31.0892 0x651b4  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:48:31.0893 0x651b4  pcw - ok
16:48:32.0066 0x651b4  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:48:32.0114 0x651b4  PEAUTH - ok
16:48:33.0499 0x651b4  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
16:48:33.0500 0x651b4  PerfHost - ok
16:48:33.0771 0x651b4  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
16:48:33.0876 0x651b4  pla - ok
16:48:34.0092 0x651b4  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:48:34.0157 0x651b4  PlugPlay - ok
16:48:34.0191 0x651b4  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:48:34.0195 0x651b4  PNRPAutoReg - ok
16:48:34.0218 0x651b4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:48:34.0235 0x651b4  PNRPsvc - ok
16:48:34.0427 0x651b4  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:48:34.0470 0x651b4  PolicyAgent - ok
16:48:34.0528 0x651b4  [ B2392DBB9085E39AAB5204BE92FB3AB0, BB7741859C9FB5B3DCA98DDC2869C05AD06DA896F5B0CA821D433C46463F8536 ] Power           C:\Windows\system32\umpo.dll
16:48:34.0549 0x651b4  Power - ok
16:48:34.0653 0x651b4  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:48:34.0681 0x651b4  PptpMiniport - ok
16:48:34.0757 0x651b4  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
16:48:34.0765 0x651b4  Processor - ok
16:48:34.0866 0x651b4  [ 5CCDC5AECAC81371CCCB77F0556C757F, A7A195C20B7316BDA795B03A1166DAE1892F96F471FBD9595AAACBDF035F42B4 ] ProfSvc         C:\Windows\system32\profsvc.dll
16:48:34.0885 0x651b4  ProfSvc - ok
16:48:34.0953 0x651b4  [ 6598EBC4D209318EBD81F76833ECBEDB, A941E8FD33962F69722A007E946AA36B0A52C3913958C700404D21E09D331D9E ] ProtectedStorage C:\Windows\system32\lsass.exe
16:48:34.0954 0x651b4  ProtectedStorage - ok
16:48:35.0015 0x651b4  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:48:35.0054 0x651b4  Psched - ok
16:48:35.0426 0x651b4  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
16:48:35.0455 0x651b4  ql2300 - ok
16:48:35.0534 0x651b4  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
16:48:35.0560 0x651b4  ql40xx - ok
16:48:35.0669 0x651b4  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
16:48:35.0686 0x651b4  QWAVE - ok
16:48:35.0725 0x651b4  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:48:35.0745 0x651b4  QWAVEdrv - ok
16:48:35.0826 0x651b4  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:48:35.0832 0x651b4  RasAcd - ok
16:48:35.0910 0x651b4  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
16:48:35.0931 0x651b4  RasAgileVpn - ok
16:48:36.0015 0x651b4  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
16:48:36.0036 0x651b4  RasAuto - ok
16:48:36.0127 0x651b4  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:48:36.0163 0x651b4  Rasl2tp - ok
16:48:36.0270 0x651b4  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
16:48:36.0291 0x651b4  RasMan - ok
16:48:36.0351 0x651b4  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:48:36.0372 0x651b4  RasPppoe - ok
16:48:36.0443 0x651b4  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:48:36.0458 0x651b4  RasSstp - ok
16:48:36.0792 0x651b4  [ 3B4642DE518A76310C62EEB9A64F771A, 198CF37D779FF9D3D529CF8C222A0A35D04AE3EF69D7861FB3F14D5CC3B3406C ] Razer Game Scanner Service C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
16:48:36.0838 0x651b4  Razer Game Scanner Service - ok
16:48:36.0961 0x651b4  [ DB854D79B792CBDD51F3072B44D724F0, 0FF84D8ECE098C28596B77F71582BC362FB23C671922544F847B659D52B9F8A9 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:48:36.0987 0x651b4  rdbss - ok
16:48:37.0025 0x651b4  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
16:48:37.0042 0x651b4  rdpbus - ok
16:48:37.0230 0x651b4  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:48:37.0230 0x651b4  RDPCDD - ok
16:48:37.0293 0x651b4  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:48:37.0293 0x651b4  RDPENCDD - ok
16:48:37.0356 0x651b4  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
16:48:37.0356 0x651b4  RDPREFMP - ok
16:48:37.0484 0x651b4  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:48:37.0505 0x651b4  RDPWD - ok
16:48:37.0699 0x651b4  [ 9500266AFA2548D2812DC59D8C1D7BD3, 25FFD440B02D7D651B57133D94C95EB526F7189F3329060D004F28BA179BF89F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:48:37.0721 0x651b4  rdyboost - ok
16:48:37.0798 0x651b4  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:48:37.0820 0x651b4  RemoteAccess - ok
16:48:37.0949 0x651b4  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:48:37.0986 0x651b4  RemoteRegistry - ok
16:48:38.0028 0x651b4  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:48:38.0037 0x651b4  RpcEptMapper - ok
16:48:38.0131 0x651b4  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
16:48:38.0195 0x651b4  RpcLocator - ok
16:48:38.0410 0x651b4  [ F3EF088F45BE326B4EDAC8C1C5A35105, 6A8F992981AB68F811E3EF51545A0B0572A88C746472D24042646329B581F519 ] RpcSs           C:\Windows\system32\rpcss.dll
16:48:38.0418 0x651b4  RpcSs - ok
16:48:38.0493 0x651b4  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:48:38.0531 0x651b4  rspndr - ok
16:48:38.0678 0x651b4  [ 652F9068C05A7FB83291DF616CDC8A8B, 13136DE67C31C5781B9E484C1AF806F43AF8EA0843D5A4018CBE7191ADD31A54 ] RzDxgk          C:\Windows\system32\drivers\RzDxgk.sys
16:48:38.0700 0x651b4  RzDxgk - ok
16:48:38.0806 0x651b4  [ 2CEDF1DC70CEFB415354180A507104CE, AD5B2792B05337F809C375A534F421B3D4B9955B19281FBC635A6CAC9DD05ED4 ] RzFilter        C:\Windows\system32\drivers\RzFilter.sys
16:48:38.0814 0x651b4  RzFilter - ok
16:48:39.0160 0x651b4  [ 8F8C6EDB43BA9E60917ED76EA2E02CDE, AED12241690DFE6FAFF54D85FFD0926B84135BBEE1F9C9ED9850E11F4D5330EE ] RzOvlMon        C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe
16:48:39.0167 0x651b4  RzOvlMon - ok
16:48:39.0327 0x651b4  [ F17F84511E7DFDEEAB646F0699A006D7, 5237937841FBD1F99A5D6161DEBA26182DDAF617CA98946EE7DB0AB67FC149EA ] rzpmgrk         C:\Windows\system32\drivers\rzpmgrk.sys
16:48:39.0335 0x651b4  rzpmgrk - ok
16:48:39.0418 0x651b4  [ FEF60A37301E1F5A3020FA3487FB2CD7, 0C925468C3376458D0E1EC65E097BD1A81A03901035C0195E8F6EF904EF3F901 ] rzpnk           C:\Windows\system32\drivers\rzpnk.sys
16:48:39.0426 0x651b4  rzpnk - ok
16:48:39.0539 0x651b4  [ C2A49525F6CEEED97A1D9FC950AAF863, DAA57C1C446861C733D3BE668EB247E40CE3871EF8FA0BB91CEB074B7357E0D8 ] rzudd           C:\Windows\system32\DRIVERS\rzudd.sys
16:48:39.0541 0x651b4  rzudd - ok
16:48:39.0587 0x651b4  [ 6598EBC4D209318EBD81F76833ECBEDB, A941E8FD33962F69722A007E946AA36B0A52C3913958C700404D21E09D331D9E ] SamSs           C:\Windows\system32\lsass.exe
16:48:39.0588 0x651b4  SamSs - ok
16:48:39.0643 0x651b4  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:48:39.0649 0x651b4  sbp2port - ok
16:48:39.0749 0x651b4  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:48:39.0770 0x651b4  SCardSvr - ok
16:48:39.0811 0x651b4  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:48:39.0830 0x651b4  scfilter - ok
16:48:40.0033 0x651b4  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
16:48:40.0102 0x651b4  Schedule - ok
16:48:40.0189 0x651b4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:48:40.0191 0x651b4  SCPolicySvc - ok
16:48:40.0252 0x651b4  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:48:40.0274 0x651b4  SDRSVC - ok
16:48:40.0382 0x651b4  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:48:40.0398 0x651b4  secdrv - ok
16:48:40.0459 0x651b4  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
16:48:40.0480 0x651b4  seclogon - ok
16:48:40.0547 0x651b4  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
16:48:40.0565 0x651b4  SENS - ok
16:48:40.0652 0x651b4  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:48:40.0669 0x651b4  SensrSvc - ok
16:48:40.0732 0x651b4  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
16:48:40.0753 0x651b4  Serenum - ok
16:48:40.0837 0x651b4  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
16:48:40.0841 0x651b4  Serial - ok
16:48:40.0904 0x651b4  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
16:48:40.0920 0x651b4  sermouse - ok
16:48:41.0005 0x651b4  [ F8F5016A8021390DFAF8782687B4F226, BF51874E3448F2800DCC74BDDCFD86D55C95B4B076DFAE61DD821A440BB0405E ] SessionEnv      C:\Windows\system32\sessenv.dll
16:48:41.0047 0x651b4  SessionEnv - ok
16:48:41.0069 0x651b4  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:48:41.0088 0x651b4  sffdisk - ok
16:48:41.0130 0x651b4  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:48:41.0136 0x651b4  sffp_mmc - ok
16:48:41.0155 0x651b4  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:48:41.0172 0x651b4  sffp_sd - ok
16:48:41.0235 0x651b4  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
16:48:41.0240 0x651b4  sfloppy - ok
16:48:41.0407 0x651b4  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:48:41.0449 0x651b4  SharedAccess - ok
16:48:41.0595 0x651b4  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:48:41.0622 0x651b4  ShellHWDetection - ok
16:48:41.0696 0x651b4  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
16:48:41.0717 0x651b4  SiSRaid2 - ok
16:48:41.0801 0x651b4  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
16:48:41.0810 0x651b4  SiSRaid4 - ok
16:48:41.0885 0x651b4  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:48:41.0889 0x651b4  Smb - ok
16:48:42.0060 0x651b4  [ AB55844754761967DE4DD6535E5183FE, 811221EB303BE2E1711DDA4D7353B0ECE6FA845C2A716AA4130C43D44DC88EA9 ] SmbDrvI         C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
16:48:42.0067 0x651b4  SmbDrvI - ok
16:48:42.0143 0x651b4  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:48:42.0178 0x651b4  SNMPTRAP - ok
16:48:42.0241 0x651b4  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:48:42.0242 0x651b4  spldr - ok
16:48:42.0386 0x651b4  [ B98780FA7839BB6B14823C56A7BDA35C, 7EF79A807DE9940A93BDE9E18CD83940773BCA26CA68646C76BC2F96B6DC2E5B ] Spooler         C:\Windows\System32\spoolsv.exe
16:48:42.0411 0x651b4  Spooler - ok
16:48:42.0684 0x651b4  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
16:48:42.0855 0x651b4  sppsvc - ok
16:48:42.0913 0x651b4  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
16:48:42.0933 0x651b4  sppuinotify - ok
16:48:43.0094 0x651b4  [ 20735E269DF367C76EF02DDE9C3FA477, 0D794D191A74406CCD62DCC270F9350981EE935488C61ADF168E98A712EE42B6 ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:48:43.0130 0x651b4  srv - ok
16:48:43.0304 0x651b4  [ 6D1173EDC0D5C02ACE4BEA18F48E0746, BCDF818C079B3E90577AEEE7ECDA4DA2E54F0F393F5FFD26FD0D4793CE14038F ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:48:43.0323 0x651b4  srv2 - ok
16:48:43.0461 0x651b4  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:48:43.0480 0x651b4  srvnet - ok
16:48:43.0564 0x651b4  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:48:43.0585 0x651b4  SSDPSRV - ok
16:48:43.0667 0x651b4  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:48:43.0671 0x651b4  SstpSvc - ok
16:48:43.0964 0x651b4  [ 9ADA53D2178EFA0C21FDD1F6002145C5, BC363BFF88DA893C7E72B2085D9784A89950A4C07352F8F20EB0840D67D4F6B6 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
16:48:44.0785 0x651b4  Stereo Service - ok
16:48:44.0820 0x651b4  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
16:48:44.0821 0x651b4  stexstor - ok
16:48:44.0945 0x651b4  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
16:48:44.0991 0x651b4  StillCam - ok
16:48:45.0080 0x651b4  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
16:48:45.0099 0x651b4  stisvc - ok
16:48:45.0133 0x651b4  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
16:48:45.0134 0x651b4  swenum - ok
16:48:45.0203 0x651b4  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
16:48:45.0224 0x651b4  swprv - ok
16:48:45.0647 0x651b4  [ 25E0900D1B452EDEB09B1F9B71195153, 96F47A96AA3510EBC67579806A679D82CF85709A1E041D026378E8F6DC0EB374 ] SysMain         C:\Windows\system32\sysmain.dll
16:48:45.0744 0x651b4  SysMain - ok
16:48:45.0805 0x651b4  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:48:45.0836 0x651b4  TabletInputService - ok
16:48:45.0889 0x651b4  [ F9BE29D5E097F03F81D3CD12B794CB66, 5EC208DEAF7C721F4C36512E7DAD4AC66578AB935B9502A5E1E213BC91BE508C ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
16:48:45.0891 0x651b4  tap0901 - ok
16:48:45.0915 0x651b4  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:48:45.0922 0x651b4  TapiSrv - ok
16:48:45.0952 0x651b4  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
16:48:45.0953 0x651b4  TBS - ok
16:48:46.0352 0x651b4  [ 4F80944B03112F486212DC20BE166079, B4C1AF42E450A280C8018EF123555F4E3FD943BDC14E4ECD0AB72BB40C22AF94 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:48:46.0440 0x651b4  Tcpip - ok
16:48:46.0898 0x651b4  [ 4F80944B03112F486212DC20BE166079, B4C1AF42E450A280C8018EF123555F4E3FD943BDC14E4ECD0AB72BB40C22AF94 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:48:46.0943 0x651b4  TCPIP6 - ok
16:48:47.0003 0x651b4  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:48:47.0028 0x651b4  tcpipreg - ok
16:48:47.0062 0x651b4  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:48:47.0063 0x651b4  TDPIPE - ok
16:48:47.0070 0x651b4  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:48:47.0083 0x651b4  TDTCP - ok
16:48:47.0105 0x651b4  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:48:47.0108 0x651b4  tdx - ok
16:48:47.0146 0x651b4  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
16:48:47.0148 0x651b4  TermDD - ok
16:48:47.0305 0x651b4  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
16:48:47.0347 0x651b4  TermService - ok
16:48:47.0377 0x651b4  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
16:48:47.0398 0x651b4  Themes - ok
16:48:47.0440 0x651b4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
16:48:47.0441 0x651b4  THREADORDER - ok
16:48:47.0502 0x651b4  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
16:48:47.0524 0x651b4  TrkWks - ok
16:48:47.0660 0x651b4  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:48:47.0702 0x651b4  TrustedInstaller - ok
16:48:47.0775 0x651b4  [ 2CE1083C5A2D9BA5FFAD087F997EE25C, 1293A1B4D98A800A16BCD3ED52EA8AB429259FC16F9B6D3A0CAAEE7C7BE57DF7 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:48:47.0776 0x651b4  tssecsrv - ok
16:48:47.0817 0x651b4  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
16:48:47.0819 0x651b4  TsUsbFlt - ok
16:48:47.0859 0x651b4  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
16:48:47.0880 0x651b4  TsUsbGD - ok
16:48:47.0902 0x651b4  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:48:47.0904 0x651b4  tunnel - ok
16:48:47.0931 0x651b4  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
16:48:47.0943 0x651b4  uagp35 - ok
16:48:48.0060 0x651b4  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:48:48.0097 0x651b4  udfs - ok
16:48:48.0173 0x651b4  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:48:48.0175 0x651b4  UI0Detect - ok
16:48:48.0225 0x651b4  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:48:48.0237 0x651b4  uliagpkx - ok
16:48:48.0323 0x651b4  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
16:48:48.0348 0x651b4  umbus - ok
16:48:48.0403 0x651b4  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
16:48:48.0408 0x651b4  UmPass - ok
16:48:48.0478 0x651b4  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
16:48:48.0532 0x651b4  upnphost - ok
16:48:48.0614 0x651b4  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
16:48:48.0615 0x651b4  USBAAPL64 - ok
16:48:48.0698 0x651b4  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
16:48:48.0719 0x651b4  usbaudio - ok
16:48:48.0761 0x651b4  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
16:48:48.0762 0x651b4  usbccgp - ok
16:48:48.0845 0x651b4  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:48:48.0871 0x651b4  usbcir - ok
16:48:48.0928 0x651b4  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
16:48:48.0949 0x651b4  usbehci - ok
16:48:48.0996 0x651b4  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:48:49.0021 0x651b4  usbhub - ok
16:48:49.0057 0x651b4  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
16:48:49.0075 0x651b4  usbohci - ok
16:48:49.0143 0x651b4  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
16:48:49.0161 0x651b4  usbprint - ok
16:48:49.0222 0x651b4  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
16:48:49.0223 0x651b4  usbscan - ok
16:48:49.0246 0x651b4  [ ED08C252A0041F8FC0237BAB585BABDC, DF5948BCD5CEB5B69E1A0096465C069E233DB81F5524D7364FF3FCD1E5B28880 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:48:49.0248 0x651b4  USBSTOR - ok
16:48:49.0264 0x651b4  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
16:48:49.0265 0x651b4  usbuhci - ok
16:48:49.0305 0x651b4  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
16:48:49.0307 0x651b4  UxSms - ok
16:48:49.0327 0x651b4  [ 6598EBC4D209318EBD81F76833ECBEDB, A941E8FD33962F69722A007E946AA36B0A52C3913958C700404D21E09D331D9E ] VaultSvc        C:\Windows\system32\lsass.exe
16:48:49.0328 0x651b4  VaultSvc - ok
16:48:49.0390 0x651b4  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:48:49.0391 0x651b4  vdrvroot - ok
16:48:49.0693 0x651b4  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
16:48:49.0710 0x651b4  vds - ok
16:48:49.0787 0x651b4  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:48:49.0829 0x651b4  vga - ok
16:48:49.0850 0x651b4  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:48:49.0851 0x651b4  VgaSave - ok
16:48:49.0941 0x651b4  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
16:48:49.0978 0x651b4  vhdmp - ok
16:48:50.0042 0x651b4  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:48:50.0043 0x651b4  viaide - ok
16:48:50.0082 0x651b4  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:48:50.0084 0x651b4  volmgr - ok
16:48:50.0190 0x651b4  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:48:50.0199 0x651b4  volmgrx - ok
16:48:50.0315 0x651b4  [ DF83AA1C4278E2C0E36C0479C1555A9C, EA082BE4E38E22FD0C7D0A98DC227E2E33C0D87964D87276A2F56044656CD6F0 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:48:50.0360 0x651b4  volsnap - ok
16:48:50.0463 0x651b4  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
16:48:50.0467 0x651b4  vsmraid - ok
16:48:50.0730 0x651b4  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
16:48:50.0773 0x651b4  VSS - ok
16:48:51.0139 0x651b4  [ C22E26DEDA8CDDCD45B5E0751CD9ABCC, B913266BCB85F1C67AD5A44A53F4DAF4026D46B058EE6174FEC355FF2EA0F338 ] vToolbarUpdater18.1.9 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
16:48:51.0173 0x651b4  vToolbarUpdater18.1.9 - ok
16:48:51.0195 0x651b4  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
16:48:51.0196 0x651b4  vwifibus - ok
16:48:51.0299 0x651b4  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
16:48:51.0314 0x651b4  W32Time - ok
16:48:51.0700 0x651b4  [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] W3SVC           C:\Windows\system32\inetsrv\iisw3adm.dll
16:48:51.0709 0x651b4  W3SVC - ok
16:48:51.0778 0x651b4  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
16:48:51.0779 0x651b4  WacomPen - ok
16:48:51.0888 0x651b4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
16:48:51.0890 0x651b4  WANARP - ok
16:48:51.0911 0x651b4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:48:51.0912 0x651b4  Wanarpv6 - ok
16:48:51.0976 0x651b4  [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] WAS             C:\Windows\system32\inetsrv\iisw3adm.dll
16:48:51.0982 0x651b4  WAS - ok
16:48:52.0423 0x651b4  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
16:48:52.0780 0x651b4  WatAdminSvc - ok
16:48:53.0160 0x651b4  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
16:48:53.0211 0x651b4  wbengine - ok
16:48:53.0311 0x651b4  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:48:53.0332 0x651b4  WbioSrvc - ok
16:48:53.0486 0x651b4  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:48:53.0505 0x651b4  wcncsvc - ok
16:48:53.0581 0x651b4  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:48:53.0583 0x651b4  WcsPlugInService - ok
16:48:53.0623 0x651b4  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
16:48:53.0626 0x651b4  Wd - ok
16:48:53.0755 0x651b4  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:48:53.0780 0x651b4  Wdf01000 - ok
16:48:53.0861 0x651b4  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:48:53.0875 0x651b4  WdiServiceHost - ok
16:48:53.0896 0x651b4  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:48:53.0898 0x651b4  WdiSystemHost - ok
16:48:54.0066 0x651b4  [ 1BABAABCB29B03CFA7BC30833963398E, A354415572EEEB6FD7847F0FAF07BB7772E761EA485CFF3FE7837706515E85A0 ] WebClient       C:\Windows\System32\webclnt.dll
16:48:54.0234 0x651b4  WebClient - ok
16:48:54.0358 0x651b4  [ D5BA7D43FA2EF656BF7E98A188391E40, 56CF132B7C43A0F9C7C4D070730315FE7AFD2E87E94014DFC3D7107BB52B9C64 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:48:54.0409 0x651b4  Wecsvc - ok
16:48:54.0483 0x651b4  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:48:54.0504 0x651b4  wercplsupport - ok
16:48:54.0588 0x651b4  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:48:54.0596 0x651b4  WerSvc - ok
16:48:54.0797 0x651b4  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
16:48:54.0798 0x651b4  WfpLwf - ok
16:48:54.0824 0x651b4  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:48:54.0825 0x651b4  WIMMount - ok
16:48:54.0880 0x651b4  WinDefend - ok
16:48:54.0910 0x651b4  WinHttpAutoProxySvc - ok
16:48:55.0135 0x651b4  [ 136760C1E9697BAF4ECDEAE5590A0806, 12E80D0923D794F4C520FEA7CB98EF581231B996FB1876EB20995E6E457EFF56 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:48:55.0140 0x651b4  Winmgmt - ok
16:48:55.0795 0x651b4  [ 3BB6B401A780BF434C8F58137DE10BF7, 1A377C39B78B92A1A1FED699EE5E5ED0271A6FFAC143F1D29FC1FDF4D726A522 ] WinRM           C:\Windows\system32\WsmSvc.dll
16:48:55.0952 0x651b4  WinRM - ok
16:48:56.0058 0x651b4  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
16:48:56.0097 0x651b4  WinUsb - ok
16:48:56.0759 0x651b4  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:48:56.0812 0x651b4  Wlansvc - ok
16:48:57.0456 0x651b4  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:48:57.0511 0x651b4  wlidsvc - ok
16:48:57.0546 0x651b4  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
16:48:57.0565 0x651b4  WmiAcpi - ok
16:48:57.0652 0x651b4  [ 4DF841632B62A7CF19A79A05046A8AB1, D80F28FD7FEB95DB83976EAFECB2E9AE1423DA4D34EC5D820FC39A33444B82DA ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:48:57.0672 0x651b4  wmiApSrv - ok
16:48:57.0795 0x651b4  WMPNetworkSvc - ok
16:48:57.0882 0x651b4  [ B5BD872122A2CE82D196ABF2D5D8D80A, 06FD527BA98261905DF6C1D752843DE45987D776EAA075EBBFCFCA4652D6664A ] WMSVC           C:\Windows\system32\inetsrv\wmsvc.exe
16:48:57.0884 0x651b4  WMSVC - ok
16:48:57.0963 0x651b4  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:48:57.0964 0x651b4  WPCSvc - ok
16:48:58.0006 0x651b4  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:48:58.0048 0x651b4  WPDBusEnum - ok
16:48:58.0068 0x651b4  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:48:58.0069 0x651b4  ws2ifsl - ok
16:48:58.0111 0x651b4  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
16:48:58.0114 0x651b4  wscsvc - ok
16:48:58.0116 0x651b4  WSearch - ok
16:48:58.0760 0x651b4  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:48:58.0876 0x651b4  wuauserv - ok
16:48:58.0912 0x651b4  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:48:58.0928 0x651b4  WudfPf - ok
16:48:59.0033 0x651b4  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
16:48:59.0037 0x651b4  WUDFRd - ok
16:48:59.0096 0x651b4  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:48:59.0099 0x651b4  wudfsvc - ok
16:48:59.0164 0x651b4  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:48:59.0174 0x651b4  WwanSvc - ok
16:48:59.0221 0x651b4  ================ Scan global ===============================
16:48:59.0271 0x651b4  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
16:48:59.0391 0x651b4  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:48:59.0418 0x651b4  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:48:59.0494 0x651b4  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:48:59.0582 0x651b4  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
16:48:59.0602 0x651b4  [ Global ] - ok
16:48:59.0603 0x651b4  ================ Scan MBR ==================================
16:48:59.0624 0x651b4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:49:00.0564 0x651b4  \Device\Harddisk0\DR0 - ok
16:49:00.0564 0x651b4  ================ Scan VBR ==================================
16:49:00.0571 0x651b4  [ 9E9AD722C2A4B4326825CB64827C2E60 ] \Device\Harddisk0\DR0\Partition1
16:49:00.0583 0x651b4  \Device\Harddisk0\DR0\Partition1 - ok
16:49:00.0604 0x651b4  [ 812CA80AF59ABDF43B36A4871BCA3372 ] \Device\Harddisk0\DR0\Partition2
16:49:00.0626 0x651b4  \Device\Harddisk0\DR0\Partition2 - ok
16:49:00.0626 0x651b4  ================ Scan generic autorun ======================
16:49:00.0999 0x651b4  [ A6AAD37CDCAE75CB62D039E3A4D8F5E3, 4FF763B0D129175BA1B1E794BA313E6C63F7A89D377C786BF5E730AF2A1D95D1 ] c:\Program Files\Microsoft Security Client\msseces.exe
16:49:01.0040 0x651b4  MSC - ok
16:49:01.0094 0x651b4  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
16:49:01.0096 0x651b4  ShadowPlay - ok
16:49:01.0370 0x651b4  [ 05470C684B62C2F86325D8685E4513CB, EDE70A162AFA104D774AE1D8D3A077F2C12940851EC5BA785242F4032EEA902E ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
16:49:01.0489 0x651b4  NvBackend - ok
16:49:01.0585 0x651b4  [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
16:49:01.0601 0x651b4  Adobe ARM - ok
16:49:01.0702 0x651b4  [ 545676F48851A5C65A38CAE5B5518C95, F7CD893B8198AA22347CB96A61C258217FA0A1B1CC1733784B5FD84A7B208264 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
16:49:01.0704 0x651b4  APSDaemon - ok
16:49:01.0820 0x651b4  [ CE5C9977DA751DDC30952AC4DCBCA788, 295172C4681E9AC27121122CDD2BA6F2A62435917A083CC8490D584CA0164BE6 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
16:49:01.0821 0x651b4  HP Software Update - ok
16:49:02.0130 0x651b4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:49:02.0157 0x651b4  Sidebar - ok
16:49:02.0206 0x651b4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:49:02.0219 0x651b4  mctadmin - ok
16:49:02.0673 0x651b4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:49:02.0688 0x651b4  Sidebar - ok
16:49:02.0813 0x651b4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:49:02.0815 0x651b4  mctadmin - ok
16:49:04.0168 0x651b4  [ B820CC1FAC0ADEA66687EE13CC2CB114, AF68DC3157DAFFF9E83F88FFD9A45FAC14D56659C47CE411F549AC44215046CF ] C:\Users\Administrator\AppData\Local\iLivid\iLivid.exe
16:49:04.0328 0x651b4  iLivid - ok
16:49:08.0070 0x651b4  [ C1C1DC114D1CF460FD1F04DD6A8999D9, FD4C01DDEA011A73F731645D208CD800896BA2DFE7C3D0A204120BBCF8733AFF ] C:\Program Files\CCleaner\CCleaner64.exe
16:49:08.0190 0x651b4  CCleaner Monitoring - ok
16:49:08.0427 0x651b4  [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\Windows\system32\cmd.exe
16:49:08.0476 0x651b4  Uninstall C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910 - ok
16:49:09.0147 0x651b4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:49:09.0164 0x651b4  Sidebar - ok
16:49:09.0263 0x651b4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:49:09.0264 0x651b4  mctadmin - ok
16:49:09.0265 0x651b4  Waiting for KSN requests completion. In queue: 200
16:49:10.0265 0x651b4  Waiting for KSN requests completion. In queue: 200
16:49:10.0912 0x80184  Object required for P2P: [ 9ADA53D2178EFA0C21FDD1F6002145C5 ] Stereo Service
16:49:11.0265 0x651b4  Waiting for KSN requests completion. In queue: 111
16:49:12.0265 0x651b4  Waiting for KSN requests completion. In queue: 109
16:49:13.0265 0x651b4  Waiting for KSN requests completion. In queue: 109
16:49:13.0936 0x80184  Object send P2P result: true
16:49:14.0275 0x651b4  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.6.305.0 ), 0x61000 ( enabled : updated )
16:49:14.0277 0x651b4  Win FW state via NFP2: enabled
16:49:17.0124 0x651b4  ============================================================
16:49:17.0124 0x651b4  Scan finished
16:49:17.0124 0x651b4  ============================================================
16:49:17.0129 0x6517c  Detected object count: 0
16:49:17.0129 0x6517c  Actual detected object count: 0


#10 Daanmakus

Daanmakus
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:09:42 PM

Posted 18 November 2014 - 05:05 PM

# AdwCleaner v4.101 - Report created 18/11/2014 at 16:56:43
# Updated 09/11/2014 by Xplode
# Database : 2014-11-16.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Administrator - WIN-PVS7D20PCI3
# Running from : C:\Users\Administrator\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
[#] Service Deleted : CltMngSvc
[#] Service Deleted : DatamngrCoordinator
[#] Service Deleted : F06DEFF2-5B9C-490D-910F-35D3A9119622
Service Deleted : vToolbarUpdater18.1.9
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\SearchProtect
Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
Folder Deleted : C:\ProgramData\AVG Secure Search
[#] Folder Deleted : C:\ProgramData\BitGuard
[#] Folder Deleted : C:\ProgramData\Browser Manager
[#] Folder Deleted : C:\ProgramData\BrowserProtect
Folder Deleted : C:\ProgramData\Conduit
[!] Folder Deleted : C:\ProgramData\DataMngr
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\VisualBee
Folder Deleted : C:\ProgramData\wincert
[!] Folder Deleted : C:\ProgramData\Datamngr
Folder Deleted : C:\Program Files (x86)\AVG Security Toolbar
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\HDvidCodec.com
[!] Folder Deleted : C:\Program Files (x86)\Movies Toolbar
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\SearchProtect
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Windows\SysWOW64\SearchProtect
[!] Folder Deleted : C:\Users\Administrator\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Administrator\AppData\Local\Conduit
Folder Deleted : C:\Users\Administrator\AppData\Local\emaze
Folder Deleted : C:\Users\Administrator\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Administrator\AppData\Local\iLivid
Folder Deleted : C:\Users\Administrator\AppData\Local\SearchProtect
Folder Deleted : C:\Users\Administrator\AppData\Local\VisualBeeExe
Folder Deleted : C:\Users\Administrator\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Administrator\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Administrator\AppData\LocalLow\DataMngr
Folder Deleted : C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HDvidCodec.com
Folder Deleted : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\Extensions\adremoveext@adremoveext.net
Folder Deleted : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\uvuxi8sq.default\Extensions\adremoveext@adremoveext.net
File Deleted : C:\END
File Deleted : C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk
File Deleted : C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
File Deleted : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js
File Deleted : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\uvuxi8sq.default\user.js
 
***** [ Scheduled Tasks ] *****
 
Task Deleted : VisualBeeRecovery
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dnllcmllkjofnojidnaknldfehfhehoo
Key Deleted : HKCU\Software\Classes\iLivid.torrent
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [iLivid]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\iLivid.torrent
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IECT3287805
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\WEDLMNGR
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\SOFTWARE\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\DataMngr
Key Deleted : HKLM\SOFTWARE\SearchProtect
Key Deleted : HKLM\SOFTWARE\VBMZ
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.17148
 
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
 
-\\ Mozilla Firefox v32.0.3 (x86 en-US)
 
[uvuxi8sq.default\prefs.js] - Line Deleted : user_pref("extensions.crossrider.bic", "14797b466064837b452d5bde25aa0c60");
 
-\\ Google Chrome v38.0.2125.122
 
 
*************************
 
AdwCleaner[R0].txt - [18658 octets] - [18/11/2014 16:53:30]
AdwCleaner[S0].txt - [14822 octets] - [18/11/2014 16:56:43]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [14883 octets] ##########


#11 Daanmakus

Daanmakus
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:09:42 PM

Posted 18 November 2014 - 05:12 PM

Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.9 (11.15.2014:2)
OS: Windows 7 Home Premium x64
Ran by Administrator on 18/11/2014 at 17:07:33.68
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-2934196910-795859369-2802726781-500\Software\Microsoft\Internet Explorer\Main\\Start Page
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ FireFox
 
Successfully deleted: [File] C:\user.js
Emptied folder: C:\Users\Administrator\AppData\Roaming\mozilla\firefox\profiles\uvuxi8sq.default\minidumps [6 files]
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18/11/2014 at 17:11:09.52
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#12 maggot7

maggot7

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:42 PM

Posted 18 November 2014 - 05:19 PM

Looking good! The ESET scan can take some time.

 

Has it BSOD while running any of these scans?



#13 Daanmakus

Daanmakus
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:09:42 PM

Posted 18 November 2014 - 11:10 PM

The ESET scan seemed to pause at 46% for a very long time and not do anything after a few hours.  This is all i got.  Should I try it again?
 
I did get some funny programs not working like chrome.  I rebooted and they worked.  I did get a BSOD before I booted saying something about service....
 
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe.vir a variant of Win32/Conduit.SearchProtect.H potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\SPTool.dll.vir a variant of Win32/Conduit.SearchProtect.H potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\SPtool.dll_1389824542256.vir a variant of Win32/Conduit.SearchProtect.H potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\SPtool.dll_1389824542315.vir a variant of Win32/Conduit.SearchProtect.H potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\SPtool.dll_1391070389605.vir Win32/Conduit.SearchProtect.H potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe.vir Win32/Conduit.SearchProtect.Q potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe.vir Win32/Conduit.SearchProtect.I potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPTool64.exe.vir a variant of Win64/Conduit.SearchProtect.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll.vir a variant of Win32/Conduit.SearchProtect.H potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll.vir a variant of Win32/Conduit.SearchProtect.H potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64.dll.vir a variant of Win64/Conduit.SearchProtect.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll.vir Win64/Conduit.SearchProtect.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe.vir a variant of Win32/Conduit.SearchProtect.I potentially unwanted application
C:\AdwCleaner\Quarantine\C\ProgramData\Conduit\IE\CT3287805\UninstallerUI.exe.vir a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\AdwCleaner\Quarantine\C\ProgramData\wincert\win32cert.dll.vir Win32/Toolbar.SearchSuite.M potentially unwanted application
C:\AdwCleaner\Quarantine\C\ProgramData\wincert\win32prop.dll.vir Win32/Toolbar.SearchSuite.M potentially unwanted application
C:\AdwCleaner\Quarantine\C\ProgramData\wincert\win64cert.dll.vir Win64/Toolbar.SearchSuite.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\ProgramData\wincert\win64prop.dll.vir Win64/Toolbar.SearchSuite.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\iLivid\Helper.dll.vir a variant of Win32/Toolbar.SearchSuite.P potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\iLivid\Uninstall.exe.vir a variant of Win32/Toolbar.SearchSuite.G potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Program Files (x86)\Conduit\Community Alerts\Alert.dll Win32/Toolbar.Conduit.Y potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\04J15PLL\arcadi3_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\04J15PLL\conduitinstaller[1].exe Win32/Toolbar.Conduit.S potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\04J15PLL\coupish_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\04J15PLL\intext_5_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\04J15PLL\intext_adv_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\04J15PLL\similar_web_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\04J15PLL\superfish_no_coupons_m[1].js JS/Toolbar.Crossrider.B potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\04J15PLL\superfish_no_search_no_coupons_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FGS0E3I7\ads_only_5_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FGS0E3I7\arcadi2_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FGS0E3I7\arcadi3_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FGS0E3I7\corticas_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FGS0E3I7\cortica_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FGS0E3I7\intext_adv_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FGS0E3I7\revizer_ws_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FGS0E3I7\SPSetup[1].exe Win32/Conduit.SearchProtect.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FGS0E3I7\Vgrabber_v1.5[1].exe Win32/Toolbar.Conduit potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FGS0E3I7\WebCakesetup[1].exe multiple threats
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FGS0E3I7\widdit_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IWHRTHM7\coupons_intext_ads_5_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IWHRTHM7\dealply_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IWHRTHM7\monetizationLoader[1].js JS/Toolbar.Crossrider.B potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IWHRTHM7\revizer_p_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IWHRTHM7\Solid-Savings[1].exe Win32/Packed.ScrambleWrapper.C potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IWHRTHM7\superfish_m[1].js JS/Toolbar.Crossrider.B potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LLKUVGLU\arcadi2_sourceID_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LLKUVGLU\arcadi3_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LLKUVGLU\checktbexist[2].exe Win32/Toolbar.Conduit.S potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LLKUVGLU\conduitinstaller[1].exe Win32/Toolbar.Conduit.S potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LLKUVGLU\ibario_pops_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LLKUVGLU\icm_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LLKUVGLU\jollywallet_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LLKUVGLU\luck_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LLKUVGLU\revizer_ws_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LLKUVGLU\setup.exe Win32/Toolbar.Conduit potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LLKUVGLU\Setup[1].exe Win32/BrowseFox.C potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LLKUVGLU\Snapdo_v1[1].exe a variant of Win32/Toolbar.Linkury.E potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MQW8N872\checktbexist[1].exe Win32/Toolbar.Conduit.AF potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MQW8N872\corticas_ru_m[1].js JS/Toolbar.Crossrider.B potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MQW8N872\cortica_rollover_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MQW8N872\coupons_intext_ads_5_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MQW8N872\dealply_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MQW8N872\mconduitinstaller[1].exe Win32/Toolbar.Conduit.S potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MQW8N872\SPSetup[1].exe Win32/Conduit.SearchProtect.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MQW8N872\statisticsstub[2].exe Win32/Toolbar.Conduit potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MQW8N872\superfish_m[1].js JS/Toolbar.Crossrider.B potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MQW8N872\superfish_no_search_no_coupons_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MQW8N872\superfish_pricora_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RLTD7NYE\arcadi2_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RLTD7NYE\getdeal_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RLTD7NYE\icm_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RLTD7NYE\icm_m[2].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RLTD7NYE\jollywallet_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RLTD7NYE\KeyBar_1.13[1].exe Win32/Toolbar.Conduit potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RLTD7NYE\luck_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RLTD7NYE\monetizationLoader[1].js JS/Toolbar.Crossrider.B potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RLTD7NYE\OptimizerPro[1].exe a variant of Win32/SpeedingUpMyPC.B application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RLTD7NYE\stublogic[2].exe Win32/Toolbar.Conduit.S potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RLTD7NYE\superfish_pricora_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RLTD7NYE\VisualBee_V.4[1].exe Win32/Toolbar.Conduit potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SY6700SI\50onred_ads_only_no_fb_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SY6700SI\ads_only_5_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SY6700SI\conduitchecker[1].exe Win32/Toolbar.Conduit.S potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SY6700SI\corticas_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SY6700SI\cortica_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SY6700SI\getdeal_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SY6700SI\intext_adv_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SY6700SI\monetizationLoader[1].js JS/Toolbar.Crossrider.B potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SY6700SI\revizer_p_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SY6700SI\Vgrabber_v1.5[1].exe Win32/Conduit.SearchProtect.J potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SY6700SI\VisualBeeWebext[1].exe Win32/Packed.ScrambleWrapper.C potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SY6700SI\VisualBee_V.6[1].exe Win32/Conduit.SearchProtect.J potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U6A5RD6Q\arcadi2_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U6A5RD6Q\coupish_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U6A5RD6Q\icm1_5_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U6A5RD6Q\intext_5_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U6A5RD6Q\intext_fa_m[1].js JS/Toolbar.Crossrider.B potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U6A5RD6Q\similar_web_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U6A5RD6Q\superfish_no_coupons_m[1].js JS/Toolbar.Crossrider.B potentially unwanted application
C:\System Volume Information\SystemRestore\FRStaging\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U6A5RD6Q\widdit_m[1].js JS/Toolbar.Crossrider.A potentially unwanted application
C:\Tiger Backup\Program Files (x86)\Conduit\Community Alerts\Alert.dll Win32/Toolbar.Conduit.Y potentially unwanted application
C:\Tiger Backup\Program Files (x86)\Uninstall Information\ib_uninst_514\uninstall.exe a variant of Win32/InstallBrain.H potentially unwanted application
C:\Tiger Backup\Program Files (x86)\Uninstall Information\ib_uninst_567\uninstall.exe a variant of Win32/InstallBrain.H potentially unwanted application
C:\Tiger Backup\Program Files (x86)\Uninstall Information\ib_uninst_569\uninstall.exe a variant of Win32/InstallBrain.H potentially unwanted application
C:\Tiger Backup\ProgramData\Browser Manager\2.2.580.182\{16cdff19-861d-48e3-a751-d99a27784753}\brwmngr.dll a variant of Win32/bProtector.A potentially unwanted application
C:\Tiger Backup\ProgramData\Browser Manager\2.2.580.182\{16cdff19-861d-48e3-a751-d99a27784753}\brwmngr.exe a variant of Win32/bProtector.A potentially unwanted application
C:\Tiger Backup\ProgramData\Browser Manager\2.2.580.182\{16cdff19-861d-48e3-a751-d99a27784753}\Uninstall Manager.exe a variant of Win32/bProtector.A potentially unwanted application
C:\Tiger Backup\ProgramData\Browser Manager\2.2.580.182\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-10.0.2.dll a variant of Win32/bProtector.I potentially unwanted application
C:\Tiger Backup\ProgramData\Browser Manager\2.2.580.182\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-11.0.dll a variant of Win32/bProtector.I potentially unwanted application
C:\Tiger Backup\ProgramData\Browser Manager\2.2.580.182\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-12.0.dll a variant of Win32/bProtector.I potentially unwanted application
C:\Tiger Backup\ProgramData\Browser Manager\2.2.580.182\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-13.0.dll a variant of Win32/bProtector.I potentially unwanted application
C:\Tiger Backup\ProgramData\Browser Manager\2.2.580.182\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-14.0.1.dll a variant of Win32/bProtector.I potentially unwanted application
C:\Tiger Backup\ProgramData\Browser Manager\2.2.580.182\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-3.6.dll a variant of Win32/bProtector.I potentially unwanted application
C:\Tiger Backup\ProgramData\Browser Manager\2.2.580.182\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-5.0.dll a variant of Win32/bProtector.I potentially unwanted application
C:\Tiger Backup\ProgramData\Browser Manager\2.2.580.182\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-6.0.2.dll a variant of Win32/bProtector.I potentially unwanted application
C:\Tiger Backup\ProgramData\Browser Manager\2.2.580.182\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-7.0.1.dll a variant of Win32/bProtector.I potentially unwanted application
C:\Tiger Backup\ProgramData\Browser Manager\2.2.580.182\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-8.0.1.dll a variant of Win32/bProtector.I potentially unwanted application
C:\Tiger Backup\ProgramData\Browser Manager\2.2.580.182\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-9.0.1.dll a variant of Win32/bProtector.I potentially unwanted application
C:\Tiger Backup\ProgramData\Browser Manager\2.2.580.182\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\content\bprotector.js Win32/bProtector.C potentially unwanted application
C:\Tiger Backup\Users\Andrew\AppData\Roaming\OpenCandy\C2EE230C510C4B0CB7542F65B1233BCD\OCBrowserHelper_1.0.3.85.dll a variant of Win32/OpenCandy.A potentially unsafe application
C:\Tiger Backup\Users\Andrew\AppData\Roaming\OpenCandy\C2EE230C510C4B0CB7542F65B1233BCD\setup_759.exe Win32/Amonetize potentially unwanted application
C:\Tiger Backup\Users\Andrew\Desktop\BundleSweetIMSetup.exe a variant of Win32/SweetIM.C potentially unwanted application
C:\Tiger Backup\Users\Andrew\Downloads\asc-setup (1).exe a variant of Win32/Toolbar.Widgi.B potentially unwanted application
C:\Tiger Backup\Users\Andrew\Downloads\driver_fusion_1.3.0.exe Win32/OpenCandy potentially unsafe application
C:\Tiger Backup\Users\Andrew\Downloads\mp3rocket (1).exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application
C:\Tiger Backup\Users\Andrew\Downloads\mp3rocket (2).exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application
C:\Tiger Backup\Users\Andrew\Downloads\mp3rocket (3).exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application
C:\Tiger Backup\Users\Andrew\Downloads\mp3rocket (4).exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application
C:\Tiger Backup\Users\Andrew\Downloads\mp3rocket (6).exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application
C:\Tiger Backup\Users\Andrew\Downloads\mp3rocket (7).exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application
C:\Tiger Backup\Users\Andrew\Downloads\mp3rocket.exe Win32/Somoto.F potentially unwanted application
C:\Tiger Backup\Users\Andrew\Downloads\Setup.exe a variant of Win32/Adware.iBryte.D application
C:\Tiger Backup\Users\Andrew\Downloads\SoftonicDownloader_for_leatrix-latency-fix.exe Win32/SoftonicDownloader.E potentially unwanted application
C:\Tiger Backup\Users\Andrew\Downloads\spsetup118.exe Win32/Bundled.Toolbar.Google.E potentially unsafe application
C:\Tiger Backup\Users\Andrew\Downloads\spsetup120.exe Win32/Bundled.Toolbar.Google.E potentially unsafe application
C:\Tiger Backup\Windows\Installer\ea57b5a.msi a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\File System\006\t\00\00000000 Win32/AdWare.1ClickDownload.AW application
C:\Users\Administrator\AppData\LocalLow\VisualBee_V.6\hk64tbVisu.dll Win64/Toolbar.Conduit.B potentially unwanted application
C:\Users\Administrator\AppData\LocalLow\VisualBee_V.6\hktbVisu.dll Win32/Toolbar.Conduit.X potentially unwanted application
C:\Users\Administrator\AppData\LocalLow\VisualBee_V.6\ldrtbVisu.dll a variant of Win32/Toolbar.Conduit.P potentially unwanted application
C:\Users\Administrator\AppData\LocalLow\VisualBee_V.6\tbVisu.dll a variant of Win32/Toolbar.Conduit.X potentially unwanted application
C:\Users\Administrator\Downloads\ccsetup419.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Administrator\Downloads\CodecPerformerSetup.exe a variant of Win32/InstallBrain.BZ potentially unwanted application
C:\Users\Administrator\Downloads\cpu z setup.exe MSIL/Soft32Downloader.C potentially unwanted application
C:\Users\Administrator\Downloads\Gran Hotel Seasons 1, 2, 3 ENGLISH SUBS (Read Description &amp; Comments).exe Win32/InstalleRex.M potentially unwanted application
C:\Users\Administrator\Downloads\Player-Chrome.exe a variant of Win32/AdWare.iBryte.AF application
C:\Users\Administrator\Downloads\Plugin (1).exe Win32/DownWare.I potentially unwanted application
C:\Users\Administrator\Downloads\Plugin (2).exe Win32/DownWare.I potentially unwanted application
C:\Users\Administrator\Downloads\Plugin (3).exe Win32/DownWare.I potentially unwanted application
C:\Users\Administrator\Downloads\Plugin.exe Win32/DownWare.I potentially unwanted application
C:\Users\Administrator\Downloads\setup (1).exe Win32/Toolbar.Conduit.S potentially unwanted application
C:\Users\Administrator\Downloads\Setup.exe a variant of Win32/SoftPulse.P potentially unwanted application
C:\Users\Administrator\Downloads\spsetup126.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application


#14 maggot7

maggot7

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:42 PM

Posted 19 November 2014 - 01:52 PM

Okay, so it is still happening right?

 

If it is, let's do this:

 

Download BlueScreenView:

http://www.nirsoft.net/utils/blue_screen_view.html

unzip downloaded file and double click on BlueScreenView.exe to run the program.

when scanning is done, go to EDIT - Select All

Go to FILE - SAVE Selected Items, and save the report as BSOD.txt

Open BSOD.txt in Notepad, copy all of the content, and paste it into your next reply



#15 Daanmakus

Daanmakus
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:09:42 PM

Posted 19 November 2014 - 03:20 PM

I'll try that when I get home.

 

Was there a program that removed the infected files?  Did Eset remove them or did it just do a scan?

 

Do I need a program that removes viruses or malware?

 

Thanks,

Andrew






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users