Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Advice for confusion. ISHelper and MSHelper


  • Please log in to reply
7 replies to this topic

#1 markr9

markr9

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:midwest USA
  • Local time:10:55 PM

Posted 06 January 2015 - 10:51 AM

Hello.

 

I wound up using an online canner to check for malware on my PC. It said that ISHelper and MSHelper were found and both were dangerous as they tracked keystrokes and other activity.

 

I scan weekly with malwarebytes and run the free AVG which is updated daily but neither of them complain about these two. .

 

Are these in fact potentially harmful ?  How would I remove them ?

 

Thanks.



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,912 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:55 AM

Posted 06 January 2015 - 11:12 AM

Hello Mark
 
Looks like ISHelper is from  iSkysoft  a video or PDF converter tool ad appears safe if located here... C:\Program Files\Common Files.
 
MSHelper is an undesirable program.
 
Let's run these apps to clean.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 markr9

markr9
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:midwest USA
  • Local time:10:55 PM

Posted 08 January 2015 - 04:49 PM

Ok, results below.

 

this opc is used by several people in the household.

I did not delete the stuff ADW found, much of it seemed to be parts of the AVG free virus stuff.  I will delete them if you think it advisable.

I use YTD downloader a lot to do some video editing on contract. It seems to have been removed automatically by one of the utilities. Is there a good reason I should not reload it ? there are other ways I can get the files.

 

 

Here are the log files.

 

MiniToolBox by Farbar  Version: 30-11-2014
Ran by Owner (administrator) on 07-01-2015 at 20:50:36
Running from "C:\Documents and Settings\Owner\Desktop"
Microsoft Windows XP Home Edition Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1       localhost
127.0.0.1       localhost
127.0.0.1       localhost

========================= IP Configuration: ================================

NVIDIA nForce MCP Networking Controller = Local Area Connection (Disconnected)
802.11n USB Wireless LAN Card = Wireless Network Connection (Connected)


# ----------------------------------
# Interface IP Configuration         
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Wireless Network Connection"

set address name="Wireless Network Connection" source=dhcp
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



        Host Name . . . . . . . . . . . . : YOUR-C3436969FC

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Unknown

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No

        DNS Suffix Search List. . . . . . : home.gateway



Ethernet adapter Wireless Network Connection:



        Connection-specific DNS Suffix  . : home.gateway

        Description . . . . . . . . . . . : 802.11n USB Wireless LAN Card

        Physical Address. . . . . . . . . : 00-36-76-07-7D-01

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 192.168.1.4

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.1.1

        DHCP Server . . . . . . . . . . . : 192.168.1.1

        DNS Servers . . . . . . . . . . . : 192.168.1.1

        Lease Obtained. . . . . . . . . . : Wednesday, January 07, 2015 3:41:45 PM

        Lease Expires . . . . . . . . . . : Thursday, January 08, 2015 3:41:45 AM

Server:  home.gateway
Address:  192.168.1.1

Name:    google.com
Addresses:  173.194.115.5, 173.194.115.4, 173.194.115.3, 173.194.115.2
      173.194.115.9, 173.194.115.14, 173.194.115.7, 173.194.115.1, 173.194.115.8
      173.194.115.6, 173.194.115.0



Pinging google.com [173.194.115.0] with 32 bytes of data:



Reply from 173.194.115.0: bytes=32 time=133ms TTL=50

Reply from 173.194.115.0: bytes=32 time=913ms TTL=50



Ping statistics for 173.194.115.0:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 133ms, Maximum = 913ms, Average = 523ms

Server:  home.gateway
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  98.138.253.109, 206.190.36.45, 98.139.183.24



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:



Reply from 98.139.183.24: bytes=32 time=183ms TTL=46

Reply from 98.139.183.24: bytes=32 time=123ms TTL=46



Ping statistics for 98.139.183.24:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 123ms, Maximum = 183ms, Average = 153ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 36 76 07 7d 01 ...... 802.11n USB Wireless LAN Card - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.4      20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
      192.168.1.0    255.255.255.0      192.168.1.4     192.168.1.4      20
      192.168.1.4  255.255.255.255        127.0.0.1       127.0.0.1      20
    192.168.1.255  255.255.255.255      192.168.1.4     192.168.1.4      20
        224.0.0.0        240.0.0.0      192.168.1.4     192.168.1.4      20
  255.255.255.255  255.255.255.255      192.168.1.4     192.168.1.4      1
Default Gateway:       192.168.1.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [90112] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [90112] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/07/2015 08:42:10 PM) (Source: Application Error) (User: )
Description: Faulting application plugin-container.exe, version 34.0.5.5443, faulting module mozalloc.dll, version 34.0.5.5443, fault address 0x00001425.
Processing media-specific event for [plugin-container.exe!ws!]


System errors:
=============
Error: (01/07/2015 04:30:57 PM) (Source: Service Control Manager) (User: )
Description: The DAZ Content Management Service service failed to start due to the following error:
%%1053

Error: (01/07/2015 04:30:57 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the DAZ Content Management Service service to connect.


Microsoft Office Sessions:
=========================
Error: (01/07/2015 08:42:10 PM) (Source: Application Error)(User: )
Description: plugin-container.exe34.0.5.5443mozalloc.dll34.0.5.544300001425



=========================== Installed Programs ============================
8 Ball Frenzy (HKLM\...\8 Ball Frenzy_is1) (Version:  - My Real Games Ltd)
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Photoshop Elements 3.0 (HKLM\...\{851C67EF-068A-4060-9EF5-2E3DDCD68382}) (Version: 003.000.0000 - Adobe Systems Inc.)
Adobe Reader 6.0 (HKLM\...\{AC76BA86-7AD7-1033-7B44-000000000001}) (Version: 6.0 - Adobe Systems Incorporated)
AOL You've Got Pictures Screensaver (HKLM\...\AOL YGP Screensaver) (Version:  - )
Audacity 1.2.6 (HKLM\...\Audacity_is1) (Version:  - )
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5577 - AVG Technologies)
AVG 2015 (Version: 15.0.4257 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5577 - AVG Technologies) Hidden
AVG SafeGuard toolbar (HKLM\...\AVG SafeGuard toolbar) (Version: 18.1.9.799 - AVG Technologies)
Brick Shooter Egypt (HKLM\...\Brick Shooter Egypt_is1) (Version: 1.0 - Media Contact LLC)
DAZ Content Management Service (HKLM\...\DAZ Content Management Service 4.8.1.7) (Version: 4.8.1.7 - DAZ 3D)
DAZ Install Manager (HKLM\...\DAZ Install Manager 1.1.0.28) (Version: 1.1.0.28 - DAZ 3D)
DAZ Studio 4.5 (HKLM\...\DAZ Studio 4.5 4.5.1.56) (Version: 4.5.1.56 - DAZ 3D)
DeskEngrave (HKLM\...\DeskEngrave_is1) (Version:  - )
Digital Media Reader (HKLM\...\InstallShield_{81EED1A1-AE78-4B11-BE47-C6AE9F5E87F1}) (Version: 1.08 - )
Digital Media Reader (Version: 1.08 - ) Hidden
ffdshow v1.3.4533 [2014-09-29] (HKLM\...\ffdshow_is1) (Version: 1.3.4533.0 - )
FileZilla Client 3.6.0 (HKLM\...\FileZilla Client) (Version: 3.6.0 - FileZilla Project)
FLV Player 2.0 (build 25) (HKLM\...\FLV Player) (Version: 2.0 (build 25) - Martijn de Visser)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 6.0.2.413 - Foxit Corporation)
GLInfo (HKLM\...\GLInfo_is1) (Version:  - 3D-Scape Ltd.)
Inkscape 0.48.4 (HKLM\...\Inkscape) (Version: 0.48.4 - )
Java 2 Runtime Environment, SE v1.4.2 (HKLM\...\{7148F0A8-6813-11D6-A77B-00B0D0142000}) (Version: 1.4.2 - Sun Microsystems, Inc.)
KMotion (HKLM\...\KMotion) (Version:  - )
Learn2 Player (Uninstall Only) (HKLM\...\StreetPlugin) (Version:  - )
Lexmark Z700-P700 Series (HKLM\...\Lexmark Z700-P700 Series) (Version:  - )
LightWave 3D 9.6 (HKLM\...\LightWave 3D 9.6 9.6) (Version: 9.6 - NewTek, Inc.)
Mach3 Mach3VersionR2.63 (HKLM\...\Mach3 Mach3VersionR2.63) (Version: Mach3VersionR2.63 - ArtSoft CNC Software Inc.)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft Office 2000 Disc 2 (HKLM\...\{00040409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2720 - Microsoft Corporation)
Microsoft Office 2000 Professional (HKLM\...\{00010409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2720 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 6.0 Professional Edition (HKLM\...\Visual Studio 6.0 Professional Edition) (Version:  - )
Microsoft Web Publishing Wizard 1.53 (HKLM\...\WebPost) (Version:  - )
Microsoft Works (HKLM\...\{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}) (Version: 08.04.0623 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
MSDN Library - Visual Studio 6.0 (HKLM\...\Microsoft Developer Network - Visual Studio 6.0) (Version:  - )
MSXML 6.0 Parser (KB933579) (HKLM\...\{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}) (Version: 6.10.1200.0 - Microsoft Corporation)
MWSnap 3 (HKLM\...\MWSnap 3) (Version: 3.0.0.74 - Mirek Wojtowicz)
Nero BurnRights (HKLM\...\Nero BurnRights!UninstallKey) (Version:  - )
Nero OEM (HKLM\...\Nero - Burning Rom!UninstallKey) (Version:  - )
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.0 - Frank Heindörfer, Philip Chinery)
Poser 7 (HKLM\...\Poser 7) (Version:  - )
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version:  - )
Python 2.4 pywin32-218 (HKLM\...\pywin32-py2.4) (Version:  - )
Python 2.4.3 (HKLM\...\{75E71ADD-042C-4F30-BFAC-A9EC42351313}) (Version: 2.4.3150 - Martin v. Löwis)
Python 2.7.8 (HKLM\...\{61121B12-88BD-4261-A6EE-AB32610A56DD}) (Version: 2.7.8150 - Python Software Foundation)
QuickLink MessageCenter III (HKLM\...\QuickLink MessageCenter III) (Version:  - )
QuickTime (HKLM\...\QuickTime) (Version:  - )
Rand McNally TripMaker (HKLM\...\TripMaker) (Version:  - )
RealPlayer Basic (HKLM\...\RealPlayer 6.0) (Version:  - )
Sentinel System Driver (HKLM\...\{791CAF6C-90A3-11D4-8306-00D0B72E1DB9}) (Version: 5.39.2 - Rainbow Technologies)
Skype™ 4.1 (HKLM\...\{5C474A83-A45F-470C-9AC8-2BD1C251BF9A}) (Version: 4.1.166 - Skype Technologies S.A.)
Snappy Fax Version 5 (HKLM\...\{9A0CEF36-483A-4EAE-99B8-0E5767FFD161}_is1) (Version: 5..0 - John Taylor & Associates)
SoftV92 Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200014F1) (Version:  - )
Sproink (HKLM\...\Sproink_is1) (Version:  - My Real Games Ltd)
UHS Reader (Version 6.10) (HKLM\...\UHS Reader (Version 6.10)) (Version: 6.10 - Universal Hint System)
VCarve Pro 6.0 (HKLM\...\VCarve Pro) (Version: 6.0 - Vectric)
Viewpoint Media Player (HKLM\...\ViewpointMediaPlayer) (Version:  - )
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VisualCAD 2012 (HKLM\...\{58281C3D-F3CD-48D0-987D-AE1E86B1534D}) (Version: 2.0.65 - MecSoft Corporation)
VisualMILL 2012 (HKLM\...\{CB8824F6-6E15-4024-9685-360F8315DC68}) (Version: 7.0.92 - MecSoft Corporation)
VP6 Decoder (HKLM\...\{D064F16E-88DA-4E8F-BBAE-0E2AA9A6AE61}) (Version:  - )
WampServer 2.2 (HKLM\...\WampServer 2_is1) (Version:  - Hervé Leclerc (HeL))
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
WinCatalog Light (remove only) (HKCU\...\WinCatalog Light) (Version:  - WinCatalog.com)
Windows Backup Utility (HKLM\...\{76EFFC7C-17A6-479D-9E47-8E658C1695AE}) (Version: 5.1 - Microsoft Corporation)
Windows Driver Package - Ralink Technology, Corp. (rt2870) Net  (01/24/2014 5.01.11.0000) (HKLM\...\9BF9FA171C37DFF93EC64F016C77285E531F1EEC) (Version: 01/24/2014 5.01.11.0000 - Ralink Technology, Corp.)
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (HKLM\...\KB952011) (Version: 1.0 - Microsoft Corporation)
Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
Windows Installer 3.1 (KB893803) (HKLM\...\KB893803v2) (Version: 3.1 - Microsoft Corporation)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
WinTopo (HKLM\...\WinTopo) (Version:  - )
Woolies Adventure (HKLM\...\Woolies Adventure_is1) (Version:  - My Real Games Ltd)
YTD Video Downloader 4.8.8 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8.8 - GreenTree Applications SRL)

========================= Memory info: ===================================

Percentage of memory in use: 44%
Total physical RAM: 511.48 MB
Available physical RAM: 281.81 MB
Total Pagefile: 1440.43 MB
Available Pagefile: 991.5 MB
Total Virtual: 2047.88 MB
Available Virtual: 1986 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:74.53 GB) (Free:14.35 GB) NTFS

========================= Users: ========================================

User accounts for \\YOUR-C3436969FC

Administrator            ASPNET                   Guest                    
HelpAssistant            Owner                    SUPPORT_388945a0         


**** End of log ****

 

 

 

 

 

# AdwCleaner v4.107 - Report created 07/01/2015 at 21:00:09
# Updated 07/01/2015 by Xplode
# Database : 2014-12-21.4 [Local]
# Operating System : Microsoft Windows XP Service Pack 2 (32 bits)
# Username : Owner - YOUR-C3436969FC
# Running from : C:\Documents and Settings\Owner\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : vToolbarUpdater18.1.9

***** [ Files / Folders ] *****

File Found : C:\Program Files\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml
Folder Found : C:\Documents and Settings\All Users\Application Data\AVG SafeGuard toolbar
Folder Found : C:\Documents and Settings\All Users\Application Data\AVG SafeGuard toolbar
Folder Found : C:\Documents and Settings\All Users\Application Data\AVG Secure Search
Folder Found : C:\Documents and Settings\All Users\Application Data\AVG Secure Search
Folder Found : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Found : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Found : C:\Documents and Settings\All Users\Application Data\ytd video downloader
Folder Found : C:\Documents and Settings\All Users\Application Data\ytd video downloader
Folder Found : C:\Documents and Settings\All Users\Start Menu\Programs\ytd video downloader
Folder Found : C:\Documents and Settings\All Users\Start Menu\Programs\ytd video downloader
Folder Found : C:\Documents and Settings\Owner\Application Data\AVG SafeGuard toolbar
Folder Found : C:\Documents and Settings\Owner\Application Data\iWin
Folder Found : C:\Documents and Settings\Owner\Local Settings\Application Data\AVG SafeGuard toolbar
Folder Found : C:\Program Files\AVG SafeGuard toolbar
Folder Found : C:\Program Files\AVG Security Toolbar
Folder Found : C:\Program Files\Common Files\AVG Secure Search
Folder Found : C:\Program Files\GreenTree Applications
Folder Found : C:\Program Files\Viewpoint

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AVG SafeGuard toolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Softonic
Key Found : HKLM\SOFTWARE\AVG SafeGuard toolbar
Key Found : HKLM\SOFTWARE\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\SOFTWARE\MetaStream
Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG SafeGuard toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FLV Player
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SpyHunter
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Found : HKLM\SOFTWARE\PIP
Key Found : HKLM\SOFTWARE\systweak
Key Found : HKLM\SOFTWARE\Tuneup Pro
Key Found : HKLM\SOFTWARE\Viewpoint
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [ Browsers ] *****

-\\ Internet Explorer v6.0.2900.2180


-\\ Mozilla Firefox v34.0.5 (x86 en-US)


*************************

AdwCleaner[R0].txt - [7383 octets] - [07/01/2015 21:00:09]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [7443 octets] ##########
 

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Microsoft Windows XP x86
Ran by Owner on Wed 01/07/2015 at 21:23:24.53
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\viewpoint"
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\ytd video downloader"
Successfully deleted: [Folder] "C:\Documents and Settings\Owner\Application Data\iwin"
Successfully deleted: [Folder] "C:\Program Files\bigfix"
Successfully deleted: [Folder] "C:\Program Files\viewpoint"
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\start menu\programs\ytd video downloader"



~~~ FireFox

Emptied folder: C:\Documents and Settings\Owner\Application Data\mozilla\firefox\profiles\0gc2hx4d.default\minidumps [3 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 01/07/2015 at 21:27:53.62
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

20:52:30.0640 0x0844  TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
20:52:40.0375 0x0844  ============================================================
20:52:40.0375 0x0844  Current date / time: 2015/01/07 20:52:40.0375
20:52:40.0375 0x0844  SystemInfo:
20:52:40.0375 0x0844  
20:52:40.0375 0x0844  OS Version: 5.1.2600 ServicePack: 2.0
20:52:40.0375 0x0844  Product type: Workstation
20:52:40.0375 0x0844  ComputerName: YOUR-C3436969FC
20:52:40.0375 0x0844  UserName: Owner
20:52:40.0375 0x0844  Windows directory: C:\WINDOWS
20:52:40.0375 0x0844  System windows directory: C:\WINDOWS
20:52:40.0375 0x0844  Processor architecture: Intel x86
20:52:40.0375 0x0844  Number of processors: 1
20:52:40.0375 0x0844  Page size: 0x1000
20:52:40.0375 0x0844  Boot type: Normal boot
20:52:40.0375 0x0844  ============================================================
20:52:45.0562 0x0844  KLMD registered as C:\WINDOWS\system32\drivers\80781595.sys
20:52:47.0437 0x0844  System UUID: {7899892E-64A6-304E-4797-6471507A7194}
20:52:49.0828 0x0844  Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 ( 74.53 Gb ), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:52:49.0921 0x0844  ============================================================
20:52:49.0921 0x0844  \Device\Harddisk0\DR0:
20:52:49.0953 0x0844  MBR partitions:
20:52:49.0953 0x0844  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950E482
20:52:49.0953 0x0844  ============================================================
20:52:50.0015 0x0844  C: <-> \Device\Harddisk0\DR0\Partition1
20:52:50.0015 0x0844  ============================================================
20:52:50.0015 0x0844  Initialize success
20:52:50.0015 0x0844  ============================================================
20:53:03.0062 0x07ec  ============================================================
20:53:03.0062 0x07ec  Scan started
20:53:03.0062 0x07ec  Mode: Manual;
20:53:03.0062 0x07ec  ============================================================
20:53:03.0062 0x07ec  KSN ping started
20:53:14.0921 0x07ec  KSN ping finished: true
20:53:16.0281 0x07ec  ================ Scan system memory ========================
20:53:16.0281 0x07ec  System memory - ok
20:53:16.0281 0x07ec  ================ Scan services =============================
20:53:16.0453 0x07ec  Abiosdsk - ok
20:53:16.0500 0x07ec  [ 6ABB91494FE6C59089B9336452AB2EA3, FA28396820E44F991891042E051A4414485B54D456F252E03E3FFE1B4B4CF843 ] abp480n5        C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
20:53:16.0515 0x07ec  abp480n5 - ok
20:53:16.0656 0x07ec  [ A10C7534F7223F4A73A948967D00E69B, EBF46FBB4C7C04433E91D95A079354E51A40CC05EAA00A86DEE261AFA81162FC ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:53:16.0687 0x07ec  ACPI - ok
20:53:16.0718 0x07ec  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
20:53:17.0015 0x07ec  ACPIEC - ok
20:53:17.0156 0x07ec  [ E42F7B36B4D8866184E8DF9776CA4226, CBF1AD67FD17927CC5762491DFAB219B22C8BC7E3D6427B019C652EDBB6251BA ] AdobeActiveFileMonitor C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
20:53:17.0187 0x07ec  AdobeActiveFileMonitor - ok
20:53:17.0296 0x07ec  [ 4E48A7DF7ECACB38C686B2BEBAA687A3, D4DEE6BD464855B24A6D40BC6A9279B2041099615C6A319D869DA113AD896EA3 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:53:17.0328 0x07ec  AdobeFlashPlayerUpdateSvc - ok
20:53:17.0359 0x07ec  [ 9A11864873DA202C996558B2106B0BBC, 4C68F1DBD1541291DD0FAB78DB42B25FA051CD9F55ED869173E3219CD31500C4 ] adpu160m        C:\WINDOWS\system32\DRIVERS\adpu160m.sys
20:53:17.0359 0x07ec  adpu160m - ok
20:53:17.0437 0x07ec  [ 841F385C6CFAF66B58FBD898722BB4F0, 0DA17CCA27DF5C7245959249162A5393B2E36B7C9A3A3525AE1371DE6AE698A3 ] aec             C:\WINDOWS\system32\drivers\aec.sys
20:53:17.0453 0x07ec  aec - ok
20:53:17.0484 0x07ec  [ 5AC495F4CB807B2B98AD2AD591E6D92E, F645FAD628EC81C3D2555862BEE8DF3975FD9EAE326885528E773B2F148D70FB ] AFD             C:\WINDOWS\System32\drivers\afd.sys
20:53:17.0484 0x07ec  AFD - ok
20:53:17.0500 0x07ec  [ 2C428FA0C3E3A01ED93C9B2A27D8D4BB, A11AA25C0FF052578AE342717C85AED26B79CCE39040C42C69105868F6059A34 ] agp440          C:\WINDOWS\system32\DRIVERS\agp440.sys
20:53:17.0515 0x07ec  agp440 - ok
20:53:17.0531 0x07ec  [ 67288B07D6ABA6C1267B626E67BC56FD, 476EB4F9530AAFFB25B50931F91B0D93CB4BEBBE09BE1D2F202C9665C21BF443 ] agpCPQ          C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
20:53:17.0531 0x07ec  agpCPQ - ok
20:53:17.0546 0x07ec  [ C23EA9B5F46C7F7910DB3EAB648FF013, 92C84E9AF278A3B55D56C4F8E6C10E3EF1F7B336A44A018AED6DC51A46671F0B ] Aha154x         C:\WINDOWS\system32\DRIVERS\aha154x.sys
20:53:17.0546 0x07ec  Aha154x - ok
20:53:17.0562 0x07ec  [ 19DD0FB48B0C18892F70E2E7D61A1529, 95BA1568E8E08314508CA0E1F95555891E70399AEC312C793B46A841F56FFDCF ] aic78u2         C:\WINDOWS\system32\DRIVERS\aic78u2.sys
20:53:17.0562 0x07ec  aic78u2 - ok
20:53:17.0593 0x07ec  [ B7FE594A7468AA0132DEB03FB8E34326, BF0DC2B8C474DB151589BA9968264413521DDD9E7316B752B2FA40C24200FBE0 ] aic78xx         C:\WINDOWS\system32\DRIVERS\aic78xx.sys
20:53:17.0593 0x07ec  aic78xx - ok
20:53:17.0687 0x07ec  [ A9355A51698F6901B362EF738B15631D, A85B1F45C7631ADF2F09C05D4A1CE98A10A81CAF7C863915FF1CD02FF8D67D76 ] ALCXSENS        C:\WINDOWS\system32\drivers\ALCXSENS.SYS
20:53:17.0718 0x07ec  ALCXSENS - ok
20:53:17.0781 0x07ec  [ CD86A348FC4016842DBD5AC7398FB48D, 54343656CA15D7C10CD7E1E98F137CC268833E8C4C37ABC94C71BC890A9C2A29 ] ALCXWDM         C:\WINDOWS\system32\drivers\ALCXWDM.SYS
20:53:17.0796 0x07ec  ALCXWDM - ok
20:53:17.0843 0x07ec  [ C7AE0FD3867DB0D42B03B73C18F3D671, 13AE5D3DD13BC4C0EAB234FC3F87DA918793CE317A07EE37F107C8C6104E0BA9 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
20:53:17.0843 0x07ec  Alerter - ok
20:53:17.0875 0x07ec  [ F1958FBF86D5C004CF19A5951A9514B7, E8DF2330D48E9BF97A7061A84E42CCB2AD197C90FECB56150FB573B4D0C62883 ] ALG             C:\WINDOWS\System32\alg.exe
20:53:17.0890 0x07ec  ALG - ok
20:53:17.0890 0x07ec  [ 1140AB9938809700B46BB88E46D72A96, 369379ECC5941ACE984A7F31EAABB66A2E693EDBADA639B86D26FD681D45608E ] AliIde          C:\WINDOWS\system32\DRIVERS\aliide.sys
20:53:17.0906 0x07ec  AliIde - ok
20:53:17.0906 0x07ec  [ F312B7CEF21EFF52FA23056B9D815FAD, D2FC307ED900B74ECDD17BC9F1334C78C423C40BBB3D41917D8FE841AFEA316E ] alim1541        C:\WINDOWS\system32\DRIVERS\alim1541.sys
20:53:17.0906 0x07ec  alim1541 - ok
20:53:17.0937 0x07ec  [ 675C16A3C1F8482F85EE4A97FC0DDE3D, A5BC4E924FFE42F760F91481B83D737A4E47035B037EBE3F1FCF3A25C684DE9C ] amdagp          C:\WINDOWS\system32\DRIVERS\amdagp.sys
20:53:17.0937 0x07ec  amdagp - ok
20:53:17.0953 0x07ec  [ 680AD1C1BB16239E28D8F33A54A7A3C7, 5E8C39A01C3FF1695C70132F933D71F2722867B3A3B485FB7505E8D447D7D5B9 ] AmdK7           C:\WINDOWS\system32\DRIVERS\amdk7.sys
20:53:17.0953 0x07ec  AmdK7 - ok
20:53:17.0953 0x07ec  [ 79F5ADD8D24BD6893F2903A3E2F3FAD6, 9B179F0B6A559639D3AE3975CEBF2718294BE5743517BEE06586F0D258164C81 ] amsint          C:\WINDOWS\system32\DRIVERS\amsint.sys
20:53:17.0953 0x07ec  amsint - ok
20:53:17.0953 0x07ec  AppMgmt - ok
20:53:17.0968 0x07ec  [ 62D318E9A0C8FC9B780008E724283707, 1A69806AB2BDECCEB5EB23A80700B3F98983D5D67F78839CBF269087FA460757 ] asc             C:\WINDOWS\system32\DRIVERS\asc.sys
20:53:17.0968 0x07ec  asc - ok
20:53:17.0968 0x07ec  [ 69EB0CC7714B32896CCBFD5EDCBEA447, 1CB506B5F71F84EFD26961010681D0A79AA7B266573378E3D2755125DF5D6BB6 ] asc3350p        C:\WINDOWS\system32\DRIVERS\asc3350p.sys
20:53:17.0968 0x07ec  asc3350p - ok
20:53:17.0968 0x07ec  [ 5D8DE112AA0254B907861E9E9C31D597, 557C93E82A71131D226267151C84B197503831A16263DDFE040E996B605CA9E8 ] asc3550         C:\WINDOWS\system32\DRIVERS\asc3550.sys
20:53:17.0984 0x07ec  asc3550 - ok
20:53:18.0109 0x07ec  [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
20:53:18.0109 0x07ec  aspnet_state - ok
20:53:18.0156 0x07ec  [ 02000ABF34AF4C218C35D257024807D6, FDE21F7FCB198A44A6F2BCAF5EB11C9D90A094B4A2F8C307244A7655848954DA ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:53:18.0156 0x07ec  AsyncMac - ok
20:53:18.0171 0x07ec  [ CDFE4411A69C224BD1D11B2DA92DAC51, 0E6B23A80F171550575BEBC56F7500CD87A5CF03B2B9FDC49BC3DE96282CD69D ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
20:53:18.0171 0x07ec  atapi - ok
20:53:18.0187 0x07ec  Atdisk - ok
20:53:18.0218 0x07ec  [ EC88DA854AB7D7752EC8BE11A741BB7F, 91FAF224CB4B44608C85CC25C3A82A3EC83F379D14A119A60A75505A30043255 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:53:18.0234 0x07ec  Atmarpc - ok
20:53:18.0281 0x07ec  [ DB66DB626E4882EBEF55F136F12C1829, E4FA63031E8FCF456D45160C29ADD0989355D5C5C8E17C949C278421D41DAB62 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
20:53:18.0281 0x07ec  AudioSrv - ok
20:53:18.0328 0x07ec  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
20:53:18.0328 0x07ec  audstub - ok
20:53:18.0390 0x07ec  [ CB2C2B24BD7E64CFB2B24D401FF5BBC0, F48ABD9F5BF91BF5F25E6D5EE02647F7DD8E1C1A11FEEE2C1C1B3BD34E3D0F85 ] Avgdiskx        C:\WINDOWS\system32\DRIVERS\avgdiskx.sys
20:53:18.0421 0x07ec  Avgdiskx - ok
20:53:18.0968 0x07ec  [ 11BE8047AF7016C4D814F40CF4E5F1BD, 6E30843985B169D818BE9B0DDFB1841C271E9F58C119A3082286380933943184 ] AVGIDSAgent     C:\Program Files\AVG\AVG2015\avgidsagent.exe
20:53:19.0234 0x07ec  AVGIDSAgent - ok
20:53:19.0312 0x07ec  [ 0BAF28B3E27E7C3AD5844406CF470420, E9CA17021393D41852A47BFED6BED57300B1DD2D3CBD6A78A7798CDD8ECB86A8 ] AVGIDSDriverl   C:\WINDOWS\system32\DRIVERS\avgidsdriverlx.sys
20:53:19.0328 0x07ec  AVGIDSDriverl - ok
20:53:19.0375 0x07ec  [ 6A019432682A6BD98B1548015CA7A4D4, B9C18B566754A06A0F2A7376885B4EA556F3C9182F2A76957DEDE399277C677E ] AVGIDSHX        C:\WINDOWS\system32\DRIVERS\avgidshx.sys
20:53:19.0375 0x07ec  AVGIDSHX - ok
20:53:19.0406 0x07ec  [ 2429F7F025F63532B6B264D97E4ECA49, EDE2C88B3B4B2A3AC59A3AB0B2FEC1D2CC75AA8AFFF0F5011D07AB4F053390D9 ] AVGIDSShim      C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
20:53:19.0406 0x07ec  AVGIDSShim - ok
20:53:19.0437 0x07ec  [ 9AFD535116E986D49877B811F3665E8E, 6843415ED638BB26A17BE9AB7A49D36070A588088256D4D0D1B4789FBDA6730B ] Avgldx86        C:\WINDOWS\system32\DRIVERS\avgldx86.sys
20:53:19.0453 0x07ec  Avgldx86 - ok
20:53:19.0484 0x07ec  [ D94378757947E02AE9BC484DF196A44D, 91B711C07320EFFDB780356EF84D39A06673198C4E0B45EE1D1412B996CB9227 ] Avglogx         C:\WINDOWS\system32\DRIVERS\avglogx.sys
20:53:19.0484 0x07ec  Avglogx - ok
20:53:19.0500 0x07ec  [ 35DD83C14AA01F4817BA46A4D6B6A520, 563619CDFC2ACC061C2421091E3527CA3C6C5F595008C5E9E45CFBE954D45841 ] Avgmfx86        C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
20:53:19.0515 0x07ec  Avgmfx86 - ok
20:53:19.0531 0x07ec  [ F016B95273E0B1961F204F7FD2FFD811, 9F89323177B68DEDE6B1F09790E6A978376B4FCBDC029283B297A3C4D9B242FF ] Avgrkx86        C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
20:53:19.0531 0x07ec  Avgrkx86 - ok
20:53:19.0562 0x07ec  [ 5A22A7A67BFB67D3223B7A339FC97780, 1DADB75B30665866FC93DADDC1EC9F612CD8CE5EC8582BCAF2A527FFDAFF8DBE ] Avgtdix         C:\WINDOWS\system32\DRIVERS\avgtdix.sys
20:53:19.0578 0x07ec  Avgtdix - ok
20:53:19.0640 0x07ec  [ D15D2E9F5567075740B88F16F01810D6, 09086182352B0901D886B1F588F141DFC1E68CF0CA62BA399F841E1C96DFDFEF ] avgtp           C:\WINDOWS\system32\drivers\avgtpx86.sys
20:53:19.0656 0x07ec  avgtp - ok
20:53:19.0750 0x07ec  [ BA5BEC7FB1EABF3FBD38924AB45C7B3A, DF731DB44CDA24F412E72555A0AEB64E7B182BE22C8283CDEA4397DDBE6AA0EE ] avgwd           C:\Program Files\AVG\AVG2015\avgwdsvc.exe
20:53:19.0765 0x07ec  avgwd - ok
20:53:19.0843 0x07ec  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
20:53:20.0140 0x07ec  Beep - ok
20:53:20.0203 0x07ec  [ 2C69EC7E5A311334D10DD95F338FCCEA, 3A4335B8D723311F66FA2A30972C65EEED63161D6A2B4ABD6FCF1C374083BC0F ] BITS            C:\WINDOWS\system32\qmgr.dll
20:53:20.0265 0x07ec  BITS - ok
20:53:20.0328 0x07ec  [ E3CFCCDDA4EDD1D0DC9168B2E18F27B8, DDFCCB3BC9A840ED0D6FC4B46086AD15AAF9D0D9AB8ED3A7B8860A1DA4D33970 ] Browser         C:\WINDOWS\System32\browser.dll
20:53:20.0328 0x07ec  Browser - ok
20:53:20.0359 0x07ec  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf           C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
20:53:20.0359 0x07ec  cbidf - ok
20:53:20.0375 0x07ec  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
20:53:20.0375 0x07ec  cbidf2k - ok
20:53:20.0390 0x07ec  [ F3EC03299634490E97BBCE94CD2954C7, CDC85ADA27E0D501581CE6F28D7E1941E90411FA8E8F2C43A68BAA8CB78E85DD ] cd20xrnt        C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
20:53:20.0390 0x07ec  cd20xrnt - ok
20:53:20.0453 0x07ec  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
20:53:20.0656 0x07ec  Cdaudio - ok
20:53:20.0671 0x07ec  [ CD7D5152DF32B47F4E36F710B35AAE02, 7382890CC1B27FC66C3E94E064562BBD87B3C75577CB0FD10860B8E2CE07D12E ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
20:53:20.0671 0x07ec  Cdfs - ok
20:53:20.0734 0x07ec  [ 7B53584D94E9D8716B2DE91D5F1CB42D, 2042D5D26ED7D43B4C69384F4E2D383761A57B0765F2501A844F98BD220C5246 ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:53:20.0734 0x07ec  Cdrom - ok
20:53:20.0750 0x07ec  Changer - ok
20:53:20.0828 0x07ec  [ 3192BD04D032A9C4A85A3278C268A13A, 7844F229916A9BC8670D3CCF80AD674C626EC6DD9D741FF10986E67F6AFD8757 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
20:53:20.0828 0x07ec  CiSvc - ok
20:53:20.0875 0x07ec  [ C8DEC22C4137D7A90F8BDF41CA4B82AE, 92CE7B388236DBC196C92AE9929433C0F1E045EA5DB86802EF8C6041B56FE81F ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
20:53:20.0875 0x07ec  ClipSrv - ok
20:53:20.0906 0x07ec  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:53:20.0953 0x07ec  clr_optimization_v2.0.50727_32 - ok
20:53:21.0015 0x07ec  [ E5DCB56C533014ECBC556A8357C929D5, B2915C0C07EDBA59C5D02680804C4C2DE099D73DE0D0DD0CDA748F34F11057E0 ] CmdIde          C:\WINDOWS\system32\DRIVERS\cmdide.sys
20:53:21.0015 0x07ec  CmdIde - ok
20:53:21.0015 0x07ec  COMSysApp - ok
20:53:21.0046 0x07ec  [ 3EE529119EED34CD212A215E8C40D4B6, A6B71F3D4EE7358CA85F010E6271A6B72226D25DF30ED331DA830639ED3E9903 ] Cpqarray        C:\WINDOWS\system32\DRIVERS\cpqarray.sys
20:53:21.0046 0x07ec  Cpqarray - ok
20:53:21.0109 0x07ec  [ 10654F9DDCEA9C46CFB77554231BE73B, 4EEAF6523941228FC440E9EA758545E2F2A2DD98565F90B5351EF2C9B82139ED ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
20:53:21.0125 0x07ec  CryptSvc - ok
20:53:21.0140 0x07ec  [ E550E7418984B65A78299D248F0A7F36, 52F6BD1027E91F9A90AFAB82C7F2A0314B7E55262F5293D5F9F8F12135EDD88C ] dac2w2k         C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
20:53:21.0156 0x07ec  dac2w2k - ok
20:53:21.0171 0x07ec  [ 683789CAA3864EB46125AE86FF677D34, B725D026E069AD253192E21245260CBA44EF3C72781616A2CAD0BF0E2D86D510 ] dac960nt        C:\WINDOWS\system32\DRIVERS\dac960nt.sys
20:53:21.0171 0x07ec  dac960nt - ok
20:53:21.0328 0x07ec  [ DB66841A22E3F51030C7671F33B2D290, EAC72AB3675D4DCA35A5E1FF3AD50F4D87D3807F0716FCB5FF01FDAB75A668A0 ] DAZContentManagementService C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe
20:53:21.0328 0x07ec  DAZContentManagementService - ok
20:53:21.0359 0x07ec  [ BB005CB49D0638039703AC4F67FE0A05, 1BDF034CCAF02FB88614485BBECB2C115646F8F892B6B722B8AAFBCE72E6F113 ] DC21x4          C:\WINDOWS\system32\DRIVERS\dc21x4.sys
20:53:21.0359 0x07ec  DC21x4 - ok
20:53:21.0437 0x07ec  [ 5C83A4408604F737717AB96371201680, 32317F8D631820ADE9D6FDF521A05214D13A562E5C6F5F0D01BAE0B4DEB67D70 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
20:53:21.0468 0x07ec  DcomLaunch - ok
20:53:21.0562 0x07ec  [ CB6CA3E5261D65F6F809EED23BF167AA, 48A3CED0556420445329D5910B1411A8E9B2725979C859F89DF5DB23DD100078 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
20:53:21.0562 0x07ec  Dhcp - ok
20:53:21.0578 0x07ec  [ 00CA44E4534865F8A3B64F7C0984BFF0, 3FD73CCD9892F6CFEE776CB384C2E35FA15F4101D308A67E1358F85299501E3D ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
20:53:21.0578 0x07ec  Disk - ok
20:53:21.0593 0x07ec  dmadmin - ok
20:53:21.0671 0x07ec  [ C0FBB516E06E243F0CF31F597E7EBF7D, 1FC205AC5D8D6BDA176438CEBFAC92CD4DEF50A6C1EBDCBCE2B149FF08D40032 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
20:53:21.0718 0x07ec  dmboot - ok
20:53:21.0765 0x07ec  [ F5E7B358A732D09F4BCF2824B88B9E28, 97B8317354659EFBA076E20AF20741C9FBC0961723483514E43D7EC6D66186C3 ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
20:53:21.0781 0x07ec  dmio - ok
20:53:21.0812 0x07ec  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
20:53:21.0812 0x07ec  dmload - ok
20:53:21.0828 0x07ec  [ 1639D9964C9E1B2ECCA95C8217D3E70D, A42E985697E673B89F5BD314BA9FE93A1CD8DDEBC6312AD52E196BFDFFA9E513 ] dmserver        C:\WINDOWS\System32\dmserver.dll
20:53:21.0828 0x07ec  dmserver - ok
20:53:21.0875 0x07ec  [ A6F881284AC1150E37D9AE47FF601267, 6C07654CF21637E527FC727EB50F4138BF0EFF0680000AC94001063B436389DB ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
20:53:21.0875 0x07ec  DMusic - ok
20:53:21.0890 0x07ec  [ 7379DE06FD196E396A00AA97B990C00D, FEF389F2E87FC9EC2AB0F3A9B2D4AF50DC9D023C412274EF2399AEE0615BDFA4 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
20:53:21.0906 0x07ec  Dnscache - ok
20:53:21.0921 0x07ec  [ 40F3B93B4E5B0126F2F5C0A7A5E22660, 8AFFF28903037F5E36BB5352F2B236A217558FCC0146B23C787606C3F21243DB ] dpti2o          C:\WINDOWS\system32\DRIVERS\dpti2o.sys
20:53:21.0921 0x07ec  dpti2o - ok
20:53:21.0937 0x07ec  [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E, B941AB5D9D504486083E0D1539B1A96E27721C9EFD7A67CA1DB7258B0D33AB78 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
20:53:21.0937 0x07ec  drmkaud - ok
20:53:22.0000 0x07ec  [ 67DFF7BBBD0E80AAB7B3CF061448DB8A, 305F39E4D18DC079E48578C31AE87BA1D0D781A2613BD5DA4689AC6F2794D326 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
20:53:22.0000 0x07ec  ERSvc - ok
20:53:22.0031 0x07ec  [ C6CE6EEC82F187615D1002BB3BB50ED4, CEA9C880328205AE3376EB8B005412CB0F8FCE52A71C6F0651EF5F9C193F6E3F ] Eventlog        C:\WINDOWS\system32\services.exe
20:53:22.0031 0x07ec  Eventlog - ok
20:53:22.0062 0x07ec  [ ACD36A2DD7D1E9D8A060AA651DC07E63, F100C6E91CB2701920FAA583B3F201C00C5834924CA991AF65E6E07E115CFB7B ] EventSystem     C:\WINDOWS\system32\es.dll
20:53:22.0078 0x07ec  EventSystem - ok
20:53:22.0109 0x07ec  [ 3117F595E9615E04F05A54FC15A03B20, 4708E8F1CDE6E9663B5DBEBAB8C684B16E45D41AEF20E4071D0A2931B305BD76 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
20:53:22.0375 0x07ec  Fastfat - ok
20:53:22.0421 0x07ec  [ E7518DC542D3EBDCB80EDD98462C7821, 5C9266A75866AD17A0F6994D63F95B7D99078EA27DEDD6EEB2A79075F3A89D70 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
20:53:22.0437 0x07ec  FastUserSwitchingCompatibility - ok
20:53:22.0468 0x07ec  [ CED2E8396A8838E59D8FD529C680E02C, 8542AE6A2D65D3F843EA70F5FFBC150B773C5CFA3FE6388FA68A95416FAD0F6E ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
20:53:22.0468 0x07ec  Fdc - ok
20:53:22.0484 0x07ec  [ E153AB8A11DE5452BCF5AC7652DBF3ED, AEB48687C604B0CDE5F1A13C2EC854CFFBE1CE0837C3898D6D4C6B71265D0ED0 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
20:53:22.0906 0x07ec  Fips - ok
20:53:22.0937 0x07ec  [ 0DD1DE43115B93F4D85E889D7A86F548, D50F7AAE5416C6D41845960BDDA24E97226F609AA726E4F88601ADC9ED50E872 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
20:53:22.0937 0x07ec  Flpydisk - ok
20:53:23.0015 0x07ec  [ 157754F0DF355A9E0A6F54721914F9C6, 1EB1424D98000FE80901287F9D51DDD18132B7C2CFEC4C7767F32F71DC2F64F9 ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys
20:53:23.0015 0x07ec  FltMgr - ok
20:53:23.0093 0x07ec  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:53:23.0109 0x07ec  FontCache3.0.0.0 - ok
20:53:23.0125 0x07ec  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:53:23.0296 0x07ec  Fs_Rec - ok
20:53:23.0343 0x07ec  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:53:23.0359 0x07ec  Ftdisk - ok
20:53:23.0375 0x07ec  [ C0F1D4A21DE5A415DF8170616703DEBF, 3E21AAD06CF6EB95662B568671B1DBD129CED481761BCDB67088E965E5C0BC5B ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:53:23.0406 0x07ec  Gpc - ok
20:53:23.0515 0x07ec  [ 4236E014632F4163F53EBB717F41594C, 0C29E1A6C036EC81E50D66503BCA4081706245E06EED5C4A92B13C23FDECB6DB ] HCF_MSFT        C:\WINDOWS\system32\DRIVERS\HCF_MSFT.sys
20:53:23.0609 0x07ec  HCF_MSFT - ok
20:53:23.0734 0x07ec  [ 8827911A8C37E40C027CBFC88E69D967, ED381F089E6143896B890BD5450FFFB271FC68983412376F54869A93F9D7DA9D ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:53:23.0734 0x07ec  helpsvc - ok
20:53:23.0750 0x07ec  HidServ - ok
20:53:23.0781 0x07ec  [ 1DE6783B918F540149AA69943BDFEBA8, 6ED28109CA0A7738857D840E369EAB91C1605F2643950762D327CCE241C135A1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:53:23.0781 0x07ec  HidUsb - ok
20:53:23.0812 0x07ec  [ B028377DEA0546A5FCFBA928A8AEFAE0, FD7B34A6036AD443014B16394A5F051A298CEE4276D50525FB9F15A0D2684C8B ] hpn             C:\WINDOWS\system32\DRIVERS\hpn.sys
20:53:23.0828 0x07ec  hpn - ok
20:53:23.0859 0x07ec  [ 33DFC0AFA95F9A2C753FF2ADB7D4A21F, 2D9A9066E1A3FC253AC0E411BD58DA73432BF0E4768C92CB1A90A46CC06F33F4 ] HSFHWBS2        C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
20:53:23.0890 0x07ec  HSFHWBS2 - ok
20:53:23.0968 0x07ec  [ B2DFC168D6F7512FAEA085253C5A37AD, 25B8FE027F8D0A383F9A475D98C0A587BF8DB26D7AC2747DDC115BC6E7D91EBA ] HSF_DP          C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
20:53:24.0031 0x07ec  HSF_DP - ok
20:53:24.0109 0x07ec  [ C19B522A9AE0BBC3293397F3055E80A1, C04F067E06798E50AE90743F6ACB53FEB83DC749C76F97C962B14616A49E15CE ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
20:53:24.0140 0x07ec  HTTP - ok
20:53:24.0171 0x07ec  [ 064D8581ADF77C25133E7D751D917D83, E8623C32E48D3E7A0179C8333C14D8A051C9F7300D0F465E94184F1C75E13A0F ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
20:53:24.0187 0x07ec  HTTPFilter - ok
20:53:24.0218 0x07ec  [ 8F09F91B5C91363B77BCD15599570F2C, D855AA7187616E056EA01A0CB1DC9AC16A13B54143FF3C61333BD9A2C0CF3D29 ] i2omgmt         C:\WINDOWS\system32\drivers\i2omgmt.sys
20:53:24.0468 0x07ec  i2omgmt - ok
20:53:24.0515 0x07ec  [ ED6BF9E441FDEA13292A6D30A64A24C3, 900BCB5A180F82A7030F442EC73D6F3E06E8D85B6B9813588189274F39725776 ] i2omp           C:\WINDOWS\system32\DRIVERS\i2omp.sys
20:53:24.0515 0x07ec  i2omp - ok
20:53:24.0578 0x07ec  [ 5502B58EEF7486EE6F93F3F164DCB808, 7E56E49D6444F2F48037B859B491DF95E1C90EC7ED4EF9C477CD2C49783E62E0 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:53:24.0593 0x07ec  i8042prt - ok
20:53:24.0703 0x07ec  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:53:24.0765 0x07ec  idsvc - ok
20:53:24.0781 0x07ec  [ F8AA320C6A0409C0380E5D8A99D76EC6, A848B9C489DDFBD48BDA140CB9DD43097686115042745F6444F803739168D391 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
20:53:24.0781 0x07ec  Imapi - ok
20:53:24.0843 0x07ec  [ FA788520BCAC0F5D9D5CDE5615C0D931, 7C70D1875B302CABC809627212E33CDD56F12B169EA548F1C94ECF2D14236514 ] ImapiService    C:\WINDOWS\system32\imapi.exe
20:53:24.0843 0x07ec  ImapiService - ok
20:53:24.0875 0x07ec  [ 4A40E045FAEE58631FD8D91AFC620719, 7A2FD81BD483821B3DA01B1CD7215423EDD719CBE3862C0342FF7D21A17AF437 ] ini910u         C:\WINDOWS\system32\DRIVERS\ini910u.sys
20:53:24.0875 0x07ec  ini910u - ok
20:53:24.0890 0x07ec  [ 2D722B2B54AB55B2FA475EB58D7B2AAD, 1D4BB8F3ABA0EE51EE9F398E383621882189ABCA63D7F0D8A16581AFD1A85553 ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
20:53:24.0890 0x07ec  IntelIde - ok
20:53:24.0937 0x07ec  [ 4448006B6BC60E6C027932CFC38D6855, C377235EBE475C281ACB6A3267F12D8FE623433F05134A6CE50562414F94D7B1 ] Ip6Fw           C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
20:53:24.0937 0x07ec  Ip6Fw - ok
20:53:24.0953 0x07ec  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:53:24.0953 0x07ec  IpFilterDriver - ok
20:53:24.0968 0x07ec  [ E1EC7F5DA720B640CD8FB8424F1B14BB, E5CF9F43D8C8028E8F29CAF8AD1E2179E5B02DCAA430900672FCB4C4EE288EF0 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:53:24.0968 0x07ec  IpInIp - ok
20:53:25.0015 0x07ec  [ B5A8E215AC29D24D60B4D1250EF05ACE, D1D47DCF9F35325549833710BD9B1C431698819914212FF6A328DD338FBA0E1D ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:53:25.0015 0x07ec  IpNat - ok
20:53:25.0046 0x07ec  [ 64537AA5C003A6AFEEE1DF819062D0D1, 5A6C11317DEF14B8C34A8C669EB75F7A8D46F05090C43D3DFF602CFA13CC504E ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:53:25.0046 0x07ec  IPSec - ok
20:53:25.0062 0x07ec  [ 50708DAA1B1CBB7D6AC1CF8F56A24410, A5657038A66B83472B456246E58884D5DF2E5B63BD176AE3DFFB6D5B6998E8B7 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
20:53:25.0062 0x07ec  IRENUM - ok
20:53:25.0078 0x07ec  [ E504F706CCB699C2596E9A3DA1596E87, 80675B90DEFA75A58CB83FB88ED9CB849FE5CE2522A90F4AF08D54DC5B412541 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:53:25.0093 0x07ec  isapnp - ok
20:53:25.0109 0x07ec  [ EBDEE8A2EE5393890A1ACEE971C4C246, ACC57A7BACAB100FB2903451D2A48BFE936E3B8F9B13882C1D2DFF9D19BD1D34 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:53:25.0109 0x07ec  Kbdclass - ok
20:53:25.0140 0x07ec  [ D93CAD07C5683DB066B0B2D2D3790EAD, 4C96F68F9914DCCDAFB5D6FC1A765ADFF37C6E4675AF0EF20AA1EDFF04CE27AD ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
20:53:25.0156 0x07ec  kmixer - ok
20:53:25.0171 0x07ec  [ EB7FFE87FD367EA8FCA0506F74A87FBB, 5D318CD7DB88473A6FFB74939FF62EB8DD0E6C79847844212D7168095F635531 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
20:53:25.0171 0x07ec  KSecDD - ok
20:53:25.0250 0x07ec  [ 93D32468D34E000CB3407947D1D6E22A, 0CE2BB11771BC49213F1EF6B1C42D1C542E9BBE486898BABCF37BEB194556078 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
20:53:25.0250 0x07ec  lanmanserver - ok
20:53:25.0312 0x07ec  [ 2C0A7B2AE9C26F2C163627679B42783C, AF101468418679B7B2CF77A5E50C2FAA19BF3D149E3138FD13E8E2E635394F9E ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
20:53:25.0328 0x07ec  lanmanworkstation - ok
20:53:25.0343 0x07ec  lbrtfdc - ok
20:53:25.0421 0x07ec  [ BFADBB0B68E566F6F46B856557A68EC1, 62F988D598E08A89CDF1CC08E9A23E7D34A42064601F4AE46DE4291E4780742D ] LexBceS         C:\WINDOWS\system32\LEXBCES.EXE
20:53:25.0453 0x07ec  LexBceS - ok
20:53:25.0531 0x07ec  [ B3EFF6D938C572E90A07B3D87A3C7657, 8C02DEFD2F1A15740CD5421D20B3808BD27583019AF1B79D087880A71807EEE1 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
20:53:25.0546 0x07ec  LmHosts - ok
20:53:25.0593 0x07ec  [ 3CBD5A0AE3E30EC93C1672BE52CBEDB5, 40AE022C8CDDAC4AFED959F8983FB31CF6A781C942038233BCD77CF2C69790AA ] Mach3           C:\WINDOWS\system32\Drivers\Mach3.sys
20:53:25.0625 0x07ec  Mach3 - ok
20:53:25.0671 0x07ec  [ 3C318B9CD391371BED62126581EE9961, 1254273DE950EF8D5922F26D67B55C9D9082F45CDE168E3DAB20A2E53208DC3A ] mdmxsdk         C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
20:53:25.0687 0x07ec  mdmxsdk - ok
20:53:25.0718 0x07ec  [ 95FD808E4AC22ABA025A7B3EAC0375D2, 4A067A8B7C539A0C2BFAC55A1869EF56FED835C28F5F7DD7D7BA65A5B273CF5F ] Messenger       C:\WINDOWS\System32\msgsvc.dll
20:53:25.0718 0x07ec  Messenger - ok
20:53:25.0734 0x07ec  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
20:53:25.0906 0x07ec  mnmdd - ok
20:53:25.0953 0x07ec  [ F6415361201915B9FE3896B0E4E724FF, C99C1EE0EABF8847BD4F737D72DB3EE5A57D773F008EC6596E83DAE48474F3F2 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
20:53:25.0953 0x07ec  mnmsrvc - ok
20:53:25.0968 0x07ec  [ 6FC6F9D7ACC36DCA9B914565A3AEDA05, BF2C49E4D4C2D2E865B1C59FFE76BF29146ADD971D845FBD659A96AA26D72A11 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
20:53:25.0968 0x07ec  Modem - ok
20:53:26.0031 0x07ec  [ 34E1F0031153E491910E12551400192C, D608F77DB7035FD676773A3DF8DBC5DD52CC5198D0681A73D7EAA6C161047A90 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:53:26.0031 0x07ec  Mouclass - ok
20:53:26.0078 0x07ec  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:53:26.0078 0x07ec  mouhid - ok
20:53:26.0125 0x07ec  [ 65653F3B4477F3C63E68A9659F85EE2E, 32A34B22A4C1F50A966F321FD228C6B85F0F0315ABF3D40FC416618E786A4024 ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
20:53:26.0125 0x07ec  MountMgr - ok
20:53:26.0203 0x07ec  [ B4E9C7383A705628AD491CF0F87D901F, 5C0CD7133D4F5B1E0466CDB2A2210ECA57206A8BC41F37BC6324120AE5501C70 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:53:26.0203 0x07ec  MozillaMaintenance - ok
20:53:26.0218 0x07ec  [ 3F4BB95E5A44F3BE34824E8E7CAF0737, 9A4F9E63AA55B779AF3563C66C8E40D9C42FF3BB5F533F70905ADC7A44EA7DAD ] mraid35x        C:\WINDOWS\system32\DRIVERS\mraid35x.sys
20:53:26.0218 0x07ec  mraid35x - ok
20:53:26.0265 0x07ec  [ 46EDCC8F2DB2F322C24F48785CB46366, 0300EC19CAAEEC52001EBB7F3BE6DE314B42FE7F8BA072905070FEA75CC06E3B ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:53:26.0281 0x07ec  MRxDAV - ok
20:53:26.0328 0x07ec  [ 1FD607FC67F7F7C633C3DA65BFC53D18, 0FDD53C72F3158283306892A57A2687D5358A468380E8BE6EB58EAE100D813C1 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:53:26.0343 0x07ec  MRxSmb - ok
20:53:26.0406 0x07ec  [ C7C3D89EB0A6F3DBA622EA737FA335B1, 4392887A5F312DBD0971E1D72B85B3CA5636D7FB3A409E5A99CA925BD05493E8 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
20:53:26.0406 0x07ec  MSDTC - ok
20:53:26.0437 0x07ec  [ 561B3A4333CA2DBDBA28B5B956822519, 5B53906A29B9AA55A399F880CA989F9878BD943D3E97FB10A25BFD723654AF49 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
20:53:26.0437 0x07ec  Msfs - ok
20:53:26.0453 0x07ec  MSIServer - ok
20:53:26.0484 0x07ec  [ AE431A8DD3C1D0D0610CDBAC16057AD0, 8B3BCAC3DA71778DC8B863E6DEF10F02F65D1BDD3381802DDC0B2980F4F1FBB9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:53:26.0484 0x07ec  MSKSSRV - ok
20:53:26.0515 0x07ec  [ 13E75FEF9DFEB08EEDED9D0246E1F448, 69D4CF483753FF253431656E1CB680F6702375696F94E259729BD11C25004031 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:53:26.0515 0x07ec  MSPCLOCK - ok
20:53:26.0531 0x07ec  [ 1988A33FF19242576C3D0EF9CE785DA7, 9E1C07F364DA7EF0D859BB7A3A06F849A153722E27E872640120CC6855D9FC51 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
20:53:26.0546 0x07ec  MSPQM - ok
20:53:26.0578 0x07ec  [ 469541F8BFD2B32659D5D463A6714BCE, 46AA7D2442DCC4C51C08BA0C00136F058F9160E6D6EDE78B2FD82545AE4FD10B ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:53:26.0578 0x07ec  mssmbios - ok
20:53:26.0593 0x07ec  [ 82035E0F41C2DD05AE41D27FE6CF7DE1, 6111D330E7ACB77E23EA6A9E001FC651DE1DC49D772DC6FDD3C4B8EDA57E1C7A ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
20:53:26.0609 0x07ec  Mup - ok
20:53:26.0640 0x07ec  [ E1CDF20697D992CF83FF86DD04DF1285, F11EFA7B96672225BFB4302CD2272AD0D189973CBC24E9DA71FC3C7DAA78D4EA ] mxnic           C:\WINDOWS\system32\DRIVERS\mxnic.sys
20:53:26.0640 0x07ec  mxnic - ok
20:53:26.0671 0x07ec  [ 558635D3AF1C7546D26067D5D9B6959E, 8C1802908DF35E442575969D29F4B22019A2B3E4C309B8E193F98F75AE81F013 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
20:53:26.0671 0x07ec  NDIS - ok
20:53:26.0703 0x07ec  [ 08D43BBDACDF23F34D79E44ED35C1B4C, F72CB8FA67C361C40B4C83F08302D7B2FD9178C1C60A7C236AF08B9CB5162591 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:53:26.0703 0x07ec  NdisTapi - ok
20:53:26.0718 0x07ec  [ 34D6CD56409DA9A7ED573E1C90A308BF, DE2060F57C913272524AFB0D472714ABF6F7E49A01534F23D95EE67F207CC6CF ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:53:26.0734 0x07ec  Ndisuio - ok
20:53:26.0750 0x07ec  [ 0B90E255A9490166AB368CD55A529893, 90EB17422BF52FE6D0CC6ADA4262D605806C5B583DE04EDEC95FD47EE9697865 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:53:26.0750 0x07ec  NdisWan - ok
20:53:26.0765 0x07ec  [ 59FC3FB44D2669BC144FD87826BB571F, B3C8CEFB09D5C85CBF12AED8CDB1FE455679D3436337263EFDABDC5116D92453 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
20:53:27.0046 0x07ec  NDProxy - ok
20:53:27.0093 0x07ec  [ 3A2ACA8FC1D7786902CA434998D7CEB4, ECE218DCDCB4D0A5CA8CBD14E931BAA3B5F381B70BBACB65B0EBBB46D2D31683 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
20:53:27.0093 0x07ec  NetBIOS - ok
20:53:27.0156 0x07ec  [ 0C80E410CD2F47134407EE7DD19CC86B, 2A1D0CE9797F4AB7A24873947A26DD6413B8DBB5A82C24CF28D1FC243AEFC5C8 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
20:53:27.0171 0x07ec  NetBT - ok
20:53:27.0218 0x07ec  [ 05AFB5AD06462257BEA7495283C86D50, 2D6584D0BFB168E48433EA702E6CABC7CB9B98675D2E99F78D9B84A63D4BD977 ] NetDDE          C:\WINDOWS\system32\netdde.exe
20:53:27.0218 0x07ec  NetDDE - ok
20:53:27.0250 0x07ec  [ 05AFB5AD06462257BEA7495283C86D50, 2D6584D0BFB168E48433EA702E6CABC7CB9B98675D2E99F78D9B84A63D4BD977 ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
20:53:27.0250 0x07ec  NetDDEdsdm - ok
20:53:27.0281 0x07ec  [ 84885F9B82F4D55C6146EBF6065D75D2, 76FE1B6C432B6C74FC283DE52D14EF668F8C4AAD0D139F362635EFB30482B4ED ] Netlogon        C:\WINDOWS\system32\lsass.exe
20:53:27.0296 0x07ec  Netlogon - ok
20:53:27.0328 0x07ec  [ DAB9E6C7105D2EF49876FE92C524F565, 22786AF94EA2737A5D9B34B99D2D6F3F41FD46843D6A01E2230723747988E401 ] Netman          C:\WINDOWS\System32\netman.dll
20:53:27.0343 0x07ec  Netman - ok
20:53:27.0390 0x07ec  [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:53:27.0406 0x07ec  NetTcpPortSharing - ok
20:53:27.0468 0x07ec  [ 4E74AF063C3271FBEA20DD940CFD1184, 122D43E61578B6D014C4C0029D952E532F71B795379892667FC8147962F4FA79 ] Nla             C:\WINDOWS\System32\mswsock.dll
20:53:27.0500 0x07ec  Nla - ok
20:53:27.0515 0x07ec  [ 4F601BCB8F64EA3AC0994F98FED03F8E, D9D6783B970CB871DE0C6EDD8BE42F30CD1DCD55D4DF006922D9CFC0CF020D27 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
20:53:27.0515 0x07ec  Npfs - ok
20:53:27.0578 0x07ec  [ B78BE402C3F63DD55521F73876951CDD, 020D75527B4814C544820D29CA064E94F2FCB7B1BA011D63E9D2BFD4CF91BA61 ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
20:53:27.0625 0x07ec  Ntfs - ok
20:53:27.0656 0x07ec  [ 84885F9B82F4D55C6146EBF6065D75D2, 76FE1B6C432B6C74FC283DE52D14EF668F8C4AAD0D139F362635EFB30482B4ED ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
20:53:27.0656 0x07ec  NtLmSsp - ok
20:53:27.0718 0x07ec  [ B62F29C00AC55A761B2E45877D85EA0F, 8B4B96BDBE26D73F89CC51876929515C1AEA18A8E9CA4E76FAEF538D9E5BDA90 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
20:53:27.0750 0x07ec  NtmsSvc - ok
20:53:27.0812 0x07ec  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
20:53:28.0000 0x07ec  Null - ok
20:53:28.0453 0x07ec  [ 9E143FB3EF13B7EC1C1DD06529DEBADD, 6CCCEEE04E4B1A1F44A3D13E4B3341DA77CAC27CA3B56A731598A03D1C19A353 ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
20:53:28.0921 0x07ec  nv - ok
20:53:29.0000 0x07ec  [ 51635322A7BA00B05977F70B1FFF95BB, 7CFA48D893E332F1A8836E2CD8D8D3E1033793B395571ABA0FFEC6A193EA494F ] nvax            C:\WINDOWS\system32\drivers\nvax.sys
20:53:29.0031 0x07ec  nvax - ok
20:53:29.0078 0x07ec  [ 5155E22DA2F2E1CA4023D00F6EB31B5E, 0CF96ED940D6419A19BC4DD579C813256EF5A486CCAA6BEBD75F05B4D16454E5 ] NVENET          C:\WINDOWS\system32\DRIVERS\NVENET.sys
20:53:29.0078 0x07ec  NVENET - ok
20:53:29.0125 0x07ec  [ F9000A5B746CABA368810147CA804E9D, 144680C6072D4152B0AFC2EC7ED5073F09409E3227AB73A5B6F124BCDACF8CAB ] nvnforce        C:\WINDOWS\system32\drivers\nvapu.sys
20:53:29.0156 0x07ec  nvnforce - ok
20:53:29.0187 0x07ec  [ 1633409E67F1BD6E5AC8ECB9CD5D2027, FFDFC427A02E56A2BADFE345A68BBB583F4C0E23D20D25DCD79BD8E863F3D0B6 ] NVSvc           C:\WINDOWS\system32\nvsvc32.exe
20:53:29.0203 0x07ec  NVSvc - ok
20:53:29.0218 0x07ec  [ 29291C3A7256337327051CC37E4FC09A, C35DEBA55F133134AAD7F7E1DB5F8CB883E0EA4E337F4530D224C2E631074996 ] nv_agp          C:\WINDOWS\system32\DRIVERS\nv_agp.sys
20:53:29.0218 0x07ec  nv_agp - ok
20:53:29.0265 0x07ec  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:53:29.0265 0x07ec  NwlnkFlt - ok
20:53:29.0312 0x07ec  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:53:29.0312 0x07ec  NwlnkFwd - ok
20:53:29.0343 0x07ec  [ 3E16EFF2A6FED2D8D7F5A66DFE65D183, A463B4A70C60ECA11CB9586C313AE3F89F25F829CDA7091FD2C70B123141A6C4 ] P3              C:\WINDOWS\system32\DRIVERS\p3.sys
20:53:29.0343 0x07ec  P3 - ok
20:53:29.0375 0x07ec  [ 29744EB4CE659DFE3B4122DEB45BC478, 5F7B63152CDAA031ACB77E793BB7E8210472D6D1EED911F3A0BD70455FC282FC ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
20:53:29.0390 0x07ec  Parport - ok
20:53:29.0406 0x07ec  [ 3334430C29DC338092F79C38EF7B4CD0, B54989B46D77F124D66741A939FF2033F73854FC39AF13C8165D01203A94A94E ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
20:53:29.0406 0x07ec  PartMgr - ok
20:53:29.0437 0x07ec  [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
20:53:29.0437 0x07ec  ParVdm - ok
20:53:29.0453 0x07ec  [ 8086D9979234B603AD5BC2F5D890B234, 4FCB98D3B6F95B6979B255287480943C1F87A12ECB30D446294C1E84B6DFE620 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
20:53:29.0468 0x07ec  PCI - ok
20:53:29.0484 0x07ec  PCIDump - ok
20:53:29.0484 0x07ec  [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
20:53:29.0500 0x07ec  PCIIde - ok
20:53:29.0531 0x07ec  [ 82A087207DECEC8456FBE8537947D579, 92305DC8BC1CA3BD93A8D996AAA7433E816931B17D5BDFAC06C7251F2759D023 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
20:53:29.0875 0x07ec  Pcmcia - ok
20:53:29.0890 0x07ec  PDCOMP - ok
20:53:29.0906 0x07ec  PDFRAME - ok
20:53:29.0921 0x07ec  PDRELI - ok
20:53:29.0937 0x07ec  PDRFRAME - ok
20:53:29.0968 0x07ec  [ 6C14B9C19BA84F73D3A86DBA11133101, 2CFB7E027E43C1B3890985DFD7987B23E4E3CC003E3FD2583E4A8AC1F8A13B26 ] perc2           C:\WINDOWS\system32\DRIVERS\perc2.sys
20:53:29.0968 0x07ec  perc2 - ok
20:53:29.0984 0x07ec  [ F50F7C27F131AFE7BEBA13E14A3B9416, C0498EA65B908C07A734324ED70DB27F434FAAA815DD02F1BC429A3AB6C663D5 ] perc2hib        C:\WINDOWS\system32\DRIVERS\perc2hib.sys
20:53:29.0984 0x07ec  perc2hib - ok
20:53:30.0046 0x07ec  [ D0F9F362023BF94CF58A1C3CDBBEBE06, 47C2282058F25B12877A4D96CA3A61AA274ED74B4B4E81E111ED93742F0BA7EA ] PhotoshopElementsDeviceConnect C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
20:53:30.0109 0x07ec  PhotoshopElementsDeviceConnect - ok
20:53:30.0156 0x07ec  [ C6CE6EEC82F187615D1002BB3BB50ED4, CEA9C880328205AE3376EB8B005412CB0F8FCE52A71C6F0651EF5F9C193F6E3F ] PlugPlay        C:\WINDOWS\system32\services.exe
20:53:30.0156 0x07ec  PlugPlay - ok
20:53:30.0187 0x07ec  [ 84885F9B82F4D55C6146EBF6065D75D2, 76FE1B6C432B6C74FC283DE52D14EF668F8C4AAD0D139F362635EFB30482B4ED ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
20:53:30.0187 0x07ec  PolicyAgent - ok
20:53:30.0234 0x07ec  [ 1C5CC65AAC0783C344F16353E60B72AC, 7786CFE970A79B327DB57AEBADA8B0B94B4DE07CE8AF285E9835B2AADD597296 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:53:30.0234 0x07ec  PptpMiniport - ok
20:53:30.0359 0x07ec  [ 6135B976E16F80C1B1363BE882344785, 57905ED033C9D1ADD439B9708EFE6E25C9F5B5EC9F85FF083A7FAE2E0DE99FE5 ] PrismXL         C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
20:53:30.0359 0x07ec  PrismXL - ok
20:53:30.0375 0x07ec  [ 84885F9B82F4D55C6146EBF6065D75D2, 76FE1B6C432B6C74FC283DE52D14EF668F8C4AAD0D139F362635EFB30482B4ED ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
20:53:30.0375 0x07ec  ProtectedStorage - ok
20:53:30.0390 0x07ec  [ 48671F327553DCF1D27F6197F622A668, CB34A17BC36E8F8BB5F87F9EE21311C50DE9AE156513D682581DE47C93EC155D ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
20:53:30.0406 0x07ec  PSched - ok
20:53:30.0421 0x07ec  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:53:30.0421 0x07ec  Ptilink - ok
20:53:30.0437 0x07ec  [ B5DFB86A6CAEAE9B2BF3DEDB43BE6393, EB25ADA930E325728D0569B737FDF34295037DC14DEE7483F77E47438B849741 ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
20:53:30.0453 0x07ec  PxHelp20 - ok
20:53:30.0468 0x07ec  [ 0A63FB54039EB5662433CABA3B26DBA7, A1FB923EB2D08D89D24E8AD7042BBED7CB1DBDA9A5B77BDD188E9913BADAB0EF ] ql1080          C:\WINDOWS\system32\DRIVERS\ql1080.sys
20:53:30.0468 0x07ec  ql1080 - ok
20:53:30.0484 0x07ec  [ 6503449E1D43A0FF0201AD5CB1B8C706, F1EFC2DE5998615CB182D7984366631FE956AE1ECA9AC777F26FCA2E6F2E05A6 ] Ql10wnt         C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
20:53:30.0500 0x07ec  Ql10wnt - ok
20:53:30.0515 0x07ec  [ 156ED0EF20C15114CA097A34A30D8A01, 7490B90D4C88B7A9BADB9473D4033535F054C797ABF6D542CB859DA5C9B2586A ] ql12160         C:\WINDOWS\system32\DRIVERS\ql12160.sys
20:53:30.0515 0x07ec  ql12160 - ok
20:53:30.0531 0x07ec  [ 70F016BEBDE6D29E864C1230A07CC5E6, 895BC2C888F6566086FC1399F499A401D447E57333BC9F9C6DBAFE0F117603D6 ] ql1240          C:\WINDOWS\system32\DRIVERS\ql1240.sys
20:53:30.0531 0x07ec  ql1240 - ok
20:53:30.0578 0x07ec  [ 907F0AEEA6BC451011611E732BD31FCF, F9E7023BD1042963110D0A613054D094437868B20779F23C316A38E4781A6152 ] ql1280          C:\WINDOWS\system32\DRIVERS\ql1280.sys
20:53:30.0578 0x07ec  ql1280 - ok
20:53:30.0593 0x07ec  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:53:30.0593 0x07ec  RasAcd - ok
20:53:30.0640 0x07ec  [ 44DB7A9BDD2FB58747D123FBF1D35ADB, 1546B32AE19015213236031E82BF5C44ACF4C1B5F9E379908A1B413C6CA65755 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
20:53:30.0656 0x07ec  RasAuto - ok
20:53:30.0703 0x07ec  [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C, F59974A2A3C21071BC72CA4DAF5D2DDF93471EC16FD1A34DE9DC1A50027F6835 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:53:30.0703 0x07ec  Rasl2tp - ok
20:53:30.0796 0x07ec  [ 41A3C11E3517C962C9B44893BCEC3B34, 0D0CA7F91D0A29E7C9F6D89B52A793F82676927DDCEE9EFCF1DD14AB7078481E ] RasMan          C:\WINDOWS\System32\rasmans.dll
20:53:30.0796 0x07ec  RasMan - ok
20:53:30.0843 0x07ec  [ 7306EEED8895454CBED4669BE9F79FAA, DC6874ECAD9105BC9EAB007291958911D7D4D3649124472070B3496B36C45200 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:53:30.0859 0x07ec  RasPppoe - ok
20:53:30.0875 0x07ec  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
20:53:30.0875 0x07ec  Raspti - ok
20:53:30.0921 0x07ec  [ 29D66245ADBA878FFF574CD66ABD2884, E85710229E61DB37BAB291E2E13ABD99FA8DFF7C8245853253BE540D8741990E ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:53:30.0937 0x07ec  Rdbss - ok
20:53:30.0953 0x07ec  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:53:30.0953 0x07ec  RDPCDD - ok
20:53:31.0000 0x07ec  [ A2CAE2C60BC37E0751EF9DDA7CEAF4AD, 586900D30F44E132AC75520EFF4FF615AA46283F1F050AC93FF9C235AC0F1D75 ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:53:31.0015 0x07ec  rdpdr - ok
20:53:31.0062 0x07ec  [ D4F5643D7714EF499AE9527FDCD50894, 6D9EDD9DE3B21324FBDEF074F815A4925F656E06BD15B73B53CD255FD8F0D63F ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
20:53:31.0406 0x07ec  RDPWD - ok
20:53:31.0484 0x07ec  [ 729798E0933076B8FCFCD9934698F164, 87CCF85E6C7F9AB9A5EB97BD9D2BE97429CB178B35FCA17CB1C9B58A0475D726 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
20:53:31.0500 0x07ec  RDSessMgr - ok
20:53:31.0562 0x07ec  [ B31B4588E4086D8D84ADBF9845C2402B, 0B45979623B0AC774A9426C428954E7FB604FAE0DB187C402AF6052906F4099A ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
20:53:31.0562 0x07ec  redbook - ok
20:53:31.0625 0x07ec  [ 3046DB917E3CFA040632799DD9B14865, 90FE0C8C887A718BAEA77B1CFE1F6EEB2595F520A0B3DE0A50B4DE2E1D99CCF4 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
20:53:31.0625 0x07ec  RemoteAccess - ok
20:53:31.0656 0x07ec  [ 793F04A09B15E7C6C11DBDFFAF06C0AB, D108DF4DC61300926F360E4D3B2F75DBEF3D3CB9D4C15260232047ED6FB1BFC7 ] RpcLocator      C:\WINDOWS\system32\locator.exe
20:53:31.0656 0x07ec  RpcLocator - ok
20:53:31.0734 0x07ec  [ 5C83A4408604F737717AB96371201680, 32317F8D631820ADE9D6FDF521A05214D13A562E5C6F5F0D01BAE0B4DEB67D70 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
20:53:31.0765 0x07ec  RpcSs - ok
20:53:31.0796 0x07ec  [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            C:\WINDOWS\system32\rsvp.exe
20:53:31.0796 0x07ec  RSVP - ok
20:53:31.0937 0x07ec  [ 5FA813C5BB840A1B0FC332F2EB2AEF22, 7B4F9921337988F90958DA715477FEDE2BE3AF070D6EEB96253C6AC79677D435 ] rt2870          C:\WINDOWS\system32\DRIVERS\rt2870.sys
20:53:32.0062 0x07ec  rt2870 - ok
20:53:32.0109 0x07ec  [ 84885F9B82F4D55C6146EBF6065D75D2, 76FE1B6C432B6C74FC283DE52D14EF668F8C4AAD0D139F362635EFB30482B4ED ] SamSs           C:\WINDOWS\system32\lsass.exe
20:53:32.0125 0x07ec  SamSs - ok
20:53:32.0140 0x07ec  [ 25D8DE134DF108E3DBC8D7D23B1AA58E, BF4C48E75D696546AB69E205F5492553001C9A92127D824F7F9BFCFE0F1C1093 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
20:53:32.0140 0x07ec  SCardSvr - ok
20:53:32.0218 0x07ec  [ 92360854316611F6CC471612213C3D92, A45DC437FA0DEC1DB540DC889A2469E8C3C4360F2F41FE60BFA3F78462507959 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
20:53:32.0234 0x07ec  Schedule - ok
20:53:32.0296 0x07ec  [ 314A998B1732C1ACD6B6459EC9961AD8, A85C63F5FB99C8EFC9EA3BE600629BA611C22C2684C380F49CCE03572AD7AFC1 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:53:32.0296 0x07ec  Secdrv - ok
20:53:32.0328 0x07ec  [ B1E0CE09895376871746F36DC5773B4F, 686458ED5D4C72AAF2F45B4FCBB44BFA0D84DFE93B5E01ECCBEAD33CBAC52BD5 ] seclogon        C:\WINDOWS\System32\seclogon.dll
20:53:32.0328 0x07ec  seclogon - ok
20:53:32.0375 0x07ec  [ DFD9870CF39C791D86C4C209DA9FA919, 336A0525630149EF160AE8346AF6BEE2FAA0289629FA052ADAF887B5B84A918D ] SENS            C:\WINDOWS\system32\sens.dll
20:53:32.0375 0x07ec  SENS - ok
20:53:32.0421 0x07ec  [ 8627C992B8A80504FC477B2E8FF8EC4F, 61E90302C806B36445BF1850CA7060FF4DFFA92F00EFD1E334495D0AE0D27209 ] Sentinel        C:\WINDOWS\System32\Drivers\SENTINEL.SYS
20:53:32.0437 0x07ec  Sentinel - ok
20:53:32.0453 0x07ec  [ A2D868AEEFF612E70E213C451A70CAFB, 25CBB9E26CDCBD8E221ACF4364E82E8F811C3144E0EEF9DF9DAEC8534243BD3B ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
20:53:32.0453 0x07ec  serenum - ok
20:53:32.0500 0x07ec  [ CD9404D115A00D249F70A371B46D5A26, D9FC869FA9A6B9574A1FCE70E7B919D8F79E02B28967E49F6DEF83A84520ECDF ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
20:53:32.0500 0x07ec  Serial - ok
20:53:32.0546 0x07ec  [ 0D13B6DF6E9E101013A7AFB0CE629FE0, 2214EA0F16BB33970E299CE457EB50AEE0BEF7959BC1EBD3C06C78A46B42B808 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
20:53:32.0718 0x07ec  Sfloppy - ok
20:53:32.0796 0x07ec  [ 36CC8C01B5E50163037BEF56CB96DEFF, F8D3CC92E97E8C97A0F88850D6D96CFA02A69940208834F413A8FCB71241F552 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
20:53:32.0812 0x07ec  SharedAccess - ok
20:53:32.0875 0x07ec  [ E7518DC542D3EBDCB80EDD98462C7821, 5C9266A75866AD17A0F6994D63F95B7D99078EA27DEDD6EEB2A79075F3A89D70 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:53:32.0890 0x07ec  ShellHWDetection - ok
20:53:32.0906 0x07ec  Simbad - ok
20:53:32.0968 0x07ec  [ 732D859B286DA692119F286B21A2A114, 65E21E42411DA4B27D10D67DB46D93CE314CAC9EB3E0C1B7E57C32FCF15D56F2 ] sisagp          C:\WINDOWS\system32\DRIVERS\sisagp.sys
20:53:32.0968 0x07ec  sisagp - ok
20:53:33.0031 0x07ec  [ 87F799C486302ACEFF098E067D481D9C, 94A29253E7EF0F8377D41745E77A01DFCFDD59970FB723AA9D3C8A4CB6A584D3 ] SNTNLUSB        C:\WINDOWS\system32\DRIVERS\SNTNLUSB.SYS
20:53:33.0062 0x07ec  SNTNLUSB - ok
20:53:33.0093 0x07ec  [ 83C0F71F86D3BDAF915685F3D568B20E, 10B24723914A5A9E27A592FD58DAE2207B6E49F13A17CD2B1477C51D2D609D2E ] Sparrow         C:\WINDOWS\system32\DRIVERS\sparrow.sys
20:53:33.0093 0x07ec  Sparrow - ok
20:53:33.0125 0x07ec  [ 8E186B8F23295D1E42C573B82B80D548, C418568C2071E2761CD26F736443BD7BF9C6914D47D171A5AC990278E855A74F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
20:53:33.0140 0x07ec  splitter - ok
20:53:33.0203 0x07ec  [ 7435B108B935E42EA92CA94F59C8E717, 73887EF68291264D9A17D70133EFDC0DE87E30B717A965A4B64108FB5482C39C ] Spooler         C:\WINDOWS\system32\spoolsv.exe
20:53:33.0203 0x07ec  Spooler - ok
20:53:33.0218 0x07ec  [ E41B6D037D6CD08461470AF04500DC24, 9556C669E69B1B290865FCAABD5D793B310C071B64FD3DF9FCFADC3716BDC926 ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
20:53:33.0250 0x07ec  sr - ok
20:53:33.0312 0x07ec  [ 92BDF74F12D6CBEC43C94D4B7F804838, C1BFE7F498F4A9992FEA459CE7EEF7525AE51A7E04C76D676819A61615A4A92E ] srservice       C:\WINDOWS\system32\srsvc.dll
20:53:33.0375 0x07ec  srservice - ok
20:53:33.0421 0x07ec  [ 20B7E396720353E4117D64D9DCB926CA, 55E35EBA5792DC42BE2F10A4FAD4BE5721C05C134C153E37AC4D5E68982DED6C ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
20:53:33.0437 0x07ec  Srv - ok
20:53:33.0468 0x07ec  [ 4B8D61792F7175BED48859CC18CE4E38, 13C50FACC85828F56FF5B29D13B004933352CB581B62B218038B503561531981 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
20:53:33.0468 0x07ec  SSDPSRV - ok
20:53:33.0546 0x07ec  [ D9F6C4F6B1E188ADAFC42B561D9BC2E6, D2F90880B5E8CFD205FE2302FFFF4668989300249811F97F73DE56B42FCD3E85 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
20:53:33.0562 0x07ec  stisvc - ok
20:53:33.0609 0x07ec  [ D8CBD8B4BF4DC9CD64B5CC8E2BEC1B96, 8A195B5F9C795D35163388A80EA545167FCB199AF5B4D034FE90C16C7D2B8C85 ] SunkFilt        C:\WINDOWS\System32\Drivers\sunkfilt.sys
20:53:33.0609 0x07ec  SunkFilt - ok
20:53:33.0640 0x07ec  [ FABCC3BEC89A2853958CEFB28943C470, 87109C7B39B22F938386B8B614991CD2531BD9317A98E414F849FB233681DDA7 ] SunkFilt39      C:\WINDOWS\System32\Drivers\sunkfilt39.sys
20:53:33.0640 0x07ec  SunkFilt39 - ok
20:53:33.0656 0x07ec  Sunkfiltp - ok
20:53:33.0687 0x07ec  [ 03C1BAE4766E2450219D20B993D6E046, 0D8E5B141EAA9E2C8D1F8BFD522F57EE8074216A336CBE37FE77B8ADDB791DBE ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
20:53:33.0687 0x07ec  swenum - ok
20:53:33.0718 0x07ec  [ 94ABC808FC4B6D7D2BBF42B85E25BB4D, EEF6DB9EDD8C273A6595675A7A12B9D440FA4E178BA7C69FB1942D97E291F989 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
20:53:33.0718 0x07ec  swmidi - ok
20:53:33.0718 0x07ec  SwPrv - ok
20:53:33.0734 0x07ec  [ 1FF3217614018630D0A6758630FC698C, 78A3075BBFF5D7ADEAC1527E65ACA8527BFC509DF124D44410BB46C4D96C96BB ] symc810         C:\WINDOWS\system32\DRIVERS\symc810.sys
20:53:33.0750 0x07ec  symc810 - ok
20:53:33.0765 0x07ec  [ 070E001D95CF725186EF8B20335F933C, B98B29FB01741AF3B4BB02C76A4D117EA04FE4CC4F8CDB491F9216931704A6D8 ] symc8xx         C:\WINDOWS\system32\DRIVERS\symc8xx.sys
20:53:33.0796 0x07ec  symc8xx - ok
20:53:33.0812 0x07ec  [ 80AC1C4ABBE2DF3B738BF15517A51F2C, CCF82D09C63F4FA98BCBEF3A1DC8C02D4269B78256D0B6213E815D9BBE174432 ] sym_hi          C:\WINDOWS\system32\DRIVERS\sym_hi.sys
20:53:33.0828 0x07ec  sym_hi - ok
20:53:33.0843 0x07ec  [ BF4FAB949A382A8E105F46EBB4937058, FE7C114A19D50E37463CDD3605C26105A779EEA79CB92BF98267C7BE809D853B ] sym_u3          C:\WINDOWS\system32\DRIVERS\sym_u3.sys
20:53:33.0859 0x07ec  sym_u3 - ok
20:53:33.0890 0x07ec  [ 650AD082D46BAC0E64C9C0E0928492FD, 6A587A55418A3A7867602D92B99FE393152DED191F27992C4BA909BD268AC43C ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
20:53:33.0906 0x07ec  sysaudio - ok
20:53:33.0968 0x07ec  [ 8B54AA346D1B1B113FFAA75501B8B1B2, 0DBCAA0FEA212F2274973B1CAD8DB0AD7FC117D8483C9BB78166372907A5B398 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
20:53:34.0000 0x07ec  SysmonLog - ok
20:53:34.0093 0x07ec  [ EB4A4187D74A8EFDCBEA3EA2CB1BDFBD, 6B40DBFB6A055D5B748383EF51B206CC4F978405BCC7F9A25FAC90668FD818C4 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
20:53:34.0109 0x07ec  TapiSrv - ok
20:53:34.0250 0x07ec  [ 9F4B36614A0FC234525BA224957DE55C, 56766EF576479367C29B2EE16CF232EDE2569CEB0A72BF8E38FBABC9BF7C1BEC ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:53:34.0296 0x07ec  Tcpip - ok
20:53:34.0328 0x07ec  [ 38D437CF2D98965F239B0ABCD66DCB0F, CC497A25C7AC1FF1E07CEE25FB0C5A5E6C4005C1CB244601FE620884A5C26506 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
20:53:35.0671 0x07ec  TDPIPE - ok
20:53:35.0828 0x07ec  [ ED0580AF02502D00AD8C4C066B156BE9, 41AA6C88CF48CAF0DA8E374F37E74206E4F558332075304A28983D04E08B3154 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
20:53:37.0312 0x07ec  TDTCP - ok
20:53:37.0390 0x07ec  [ A540A99C281D933F3D69D55E48727F47, CC430FA0E0F1745E167877003FDCC35FE940AF8CAD05387ECBA880CC3A3F6709 ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
20:53:37.0421 0x07ec  TermDD - ok
20:53:37.0828 0x07ec  [ B60C877D16D9C880B952FDA04ADF16E6, 244D59A555349259D81D4643500E714A053D4A06DF892A8EDCAA0DC5EADFF050 ] TermService     C:\WINDOWS\System32\termsrv.dll
20:53:38.0000 0x07ec  TermService - ok
20:53:38.0093 0x07ec  [ E7518DC542D3EBDCB80EDD98462C7821, 5C9266A75866AD17A0F6994D63F95B7D99078EA27DEDD6EEB2A79075F3A89D70 ] Themes          C:\WINDOWS\System32\shsvcs.dll
20:53:38.0109 0x07ec  Themes - ok
20:53:38.0156 0x07ec  [ F2790F6AF01321B172AA62F8E1E187D9, 5644B5EFA0065C0CC9DB28E5520AAD2F4B3BCE48337F165BF9F166ECC164630C ] TosIde          C:\WINDOWS\system32\DRIVERS\toside.sys
20:53:38.0187 0x07ec  TosIde - ok
20:53:38.0250 0x07ec  [ 6D9AC544B30F96C57F8206566C1FB6A1, C39D35D169A3BCA5E458815A1B60CE92D19BC04579D62DAB9396B42760C5E47B ] TrkWks          C:\WINDOWS\system32\trkwks.dll
20:53:38.0265 0x07ec  TrkWks - ok
20:53:38.0312 0x07ec  [ 12F70256F140CD7D52C58C7048FDE657, F2E3E645AA713A520452F5E17513D258D3900E93F65013551FC2B542BFA15BB3 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
20:53:39.0718 0x07ec  Udfs - ok
20:53:39.0859 0x07ec  [ 1B698A51CD528D8DA4FFAED66DFC51B9, FC3F12D25EE0E99AFE056502FCCFC052854699C21B99D559FAF1244F206DFB4F ] ultra           C:\WINDOWS\system32\DRIVERS\ultra.sys
20:53:39.0875 0x07ec  ultra - ok
20:53:40.0000 0x07ec  [ AFF2E5045961BBC0A602BB6F95EB1345, FEEF47B9683B0F26355AC0947019DE9AE27002A7019C1C4A2D22FA0046E9F07B ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
20:53:40.0125 0x07ec  Update - ok
20:53:40.0250 0x07ec  [ 0546477BDE979E33294FE97F6B3DE84A, 9DE7E3F4FDF0A94307C0517DBDD4DB057C187E3AFDC473BBFEB3AA339E31716B ] upnphost        C:\WINDOWS\System32\upnphost.dll
20:53:40.0281 0x07ec  upnphost - ok
20:53:40.0312 0x07ec  [ 3F5DF65B0758675F95A2D43918A740A3, BC639259E0365C66F4C6CF2F341395942706810E4B393598429FA3B929D16D8C ] UPS             C:\WINDOWS\System32\ups.exe
20:53:40.0375 0x07ec  UPS - ok
20:53:40.0484 0x07ec  [ 15E993BA2F6946B2BFBBFCD30398621E, 10AD5B133C9C68B8E11DF702C50BDE5162693C5A9F132DFE1823D03D70D4EB89 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:53:40.0531 0x07ec  usbehci - ok
20:53:40.0562 0x07ec  [ C72F40947F92CEA56A8FB532EDF025F1, EBB9E235C973574B835B1FD22D813E9215029B3FC5030591D6F7971C9A23AEF7 ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:53:40.0656 0x07ec  usbhub - ok
20:53:40.0906 0x07ec  [ BDFE799A8531BAD8A5A985821FE78760, CDF194BA160146C329D4911A6573FE47E93BC1F5594C7D3B6C9F44105B90BD26 ] usbohci         C:\WINDOWS\system32\DRIVERS\usbohci.sys
20:53:40.0921 0x07ec  usbohci - ok
20:53:41.0015 0x07ec  [ A42369B7CD8886CD7C70F33DA6FCBCF5, EEDAA16F906A2F8FF40009ED10243F66A5CCE878111F1001DA6060A42DD79047 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:53:41.0078 0x07ec  usbprint - ok
20:53:41.0203 0x07ec  [ A6BC71402F4F7DD5B77FD7F4A8DDBA85, E40B73D4E2417F4874D155885C86E4FB44557324616AABD84EFE6C4751DCC46B ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:53:41.0265 0x07ec  usbscan - ok
20:53:41.0312 0x07ec  [ 6CD7B22193718F1D17A47A1CD6D37E75, CFD74FE06819DA488654F88BFCCBF29994FE7F04EC6CD5CD41552B0C95A8130F ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:53:41.0328 0x07ec  USBSTOR - ok
20:53:41.0437 0x07ec  [ F8FD1400092E23C8F2F31406EF06167B, AE93C83BA1966535AFA3E72D6F69156B7E56F021A6808EC8DA44C7E7D506D7E5 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:53:41.0453 0x07ec  usbuhci - ok
20:53:41.0484 0x07ec  [ 8A60EDD72B4EA5AEA8202DAF0E427925, ED0624B285E4F64E07E30C12490873A2090F9DFD6A91A2EDA7A1082B88A8199E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
20:53:41.0500 0x07ec  VgaSave - ok
20:53:41.0531 0x07ec  [ D92E7C8A30CFD14D8E15B5F7F032151B, EE85C489EC95DAAFED814189CEF86BB4444AFC14C209CD36930B8B7E7B1D7725 ] viaagp          C:\WINDOWS\system32\DRIVERS\viaagp.sys
20:53:41.0546 0x07ec  viaagp - ok
20:53:41.0562 0x07ec  [ 59CB1338AD3654417BEA49636457F65D, 1B03B894BEA354C190782C6570498B5126F3B884E9DBFE6E9B176D7C47AD79D4 ] ViaIde          C:\WINDOWS\system32\DRIVERS\viaide.sys
20:53:41.0578 0x07ec  ViaIde - ok
20:53:41.0734 0x07ec  [ EE4660083DEBA849FF6C485D944B379B, 4DA3CA0DEA0698D387EA370D9BBFF06FEF1C0A5B3D7F772164441B63B8A3927A ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
20:53:41.0765 0x07ec  VolSnap - ok
20:53:42.0062 0x07ec  [ 3EE00364AE0FD8D604F46CBAF512838A, 962168941F4E291F2B5236DA7DB84E50DC335F42595B4BC31FCB7960BD8743FC ] VSS             C:\WINDOWS\System32\vssvc.exe
20:53:42.0171 0x07ec  VSS - ok
20:53:43.0125 0x07ec  [ B4F02998BA52ED5FE9B96290A5A0F1E3, 6EDE2D9EEDE94F066AE75A7C751977EA665E65C95CBA487E82A7DC46D690825C ] vToolbarUpdater18.1.9 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
20:53:43.0671 0x07ec  vToolbarUpdater18.1.9 - ok
20:53:43.0734 0x07ec  [ 2B281958F5D0CF99ED626E3EF39D5C8D, FB46398AE01CDD9CB6E1E647E4DDA86B670F93F787D69B885C7E930D4FF8F3FC ] W32Time         C:\WINDOWS\system32\w32time.dll
20:53:43.0765 0x07ec  W32Time - ok
20:53:43.0968 0x07ec  [ 5D81DFEDC21830764B02F12415AFAE2B, 379753219632E1705578922B5FBD0A84A00C517FCB3E9CBE01DEBBDCD513EF60 ] wampapache      c:\wamp\bin\apache\apache2.2.22\bin\httpd.exe
20:53:44.0000 0x07ec  wampapache - ok
20:53:44.0109 0x07ec  wampmysqld - ok
20:53:44.0140 0x07ec  [ 984EF0B9788ABF89974CFED4BFBAACBC, 8178888E3A1AA3BD3BE34456118BB76AF2DD04EC575E4880F97A8EFB182C9E92 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:53:44.0156 0x07ec  Wanarp - ok
20:53:44.0171 0x07ec  wanatw - ok
20:53:44.0187 0x07ec  WDICA - ok
20:53:44.0250 0x07ec  [ 2797F33EBF50466020C430EE4F037933, F134F8C091D944880714E4D193D2753BE4F1C18757D5274A892195C4EC9C4D08 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
20:53:44.0265 0x07ec  wdmaud - ok
20:53:44.0328 0x07ec  [ 5D0A442864BFBF3B19DCCA4CD29F6E99, 856346DBE80450BFCB3E7A5D9C7AEB3DF41D4CEBC35FE550E0CD86161BC43A31 ] WebClient       C:\WINDOWS\System32\webclnt.dll
20:53:44.0359 0x07ec  WebClient - ok
20:53:44.0484 0x07ec  [ 2DC7C0B6175A0A8ED84A4F70199C93B5, 2EF9A3A555938D4F6FE8167D2E04C996623CFF587FDEBD3AD41A96045CC8646E ] winachsf        C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
20:53:44.0546 0x07ec  winachsf - ok
20:53:44.0671 0x07ec  [ F399242A80C4066FD155EFA4CF96658E, DC40735D288193170DAF5571A829702EDC07DDAEA87ECF59490DFB516A690F9B ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
20:53:44.0687 0x07ec  winmgmt - ok
20:53:44.0781 0x07ec  [ C086483E3DBA8C1C0A687EC8D5B3D4C1, DBEB01C8B1E7CF45C53EAC00526B3DF878A9B90CCEBD524261581CA816C23BE2 ] WmdmPmSN        C:\WINDOWS\system32\mspmsnsv.dll
20:53:44.0812 0x07ec  WmdmPmSN - ok
20:53:44.0890 0x07ec  [ BA8CECC3E813E1F7C441B20393D4F86C, E60AC60B67926F61AD872412DC2E096825F97D725B66834328EC3B97F62DBFEA ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:53:44.0906 0x07ec  WmiApSrv - ok
20:53:44.0968 0x07ec  [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:53:44.0984 0x07ec  WS2IFSL - ok
20:53:45.0046 0x07ec  [ 4D59DAA66C60858CDF4F67A900F42D4A, 312DC7D712F0807EBE5B3984E1BC19E7327D6357818D51AEB33058B052AEAA83 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
20:53:45.0062 0x07ec  wscsvc - ok
20:53:45.0156 0x07ec  [ 13D72740963CBA12D9FF76A7F218BCD8, 3E4D0369F85E64FB6E4088753D7654D58900B480BEBF42F3CB6969355CEAC5A8 ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
20:53:45.0171 0x07ec  wuauserv - ok
20:53:45.0250 0x07ec  [ 5A91E6FEAB9F901302FA7FF768C0120F, 83A1A719508CB4E504D9A75BBB6FCEA1E15C1EC574B8BD18BA40B2A18EF9918E ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
20:53:45.0281 0x07ec  WZCSVC - ok
20:53:45.0359 0x07ec  [ EEF46DAB68229A14DA3D8E73C99E2959, C9D7083BC69E1A4672D06CBD9E4E6FD93C3CA67E28EC040D1CC6AAFBFC825813 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
20:53:45.0359 0x07ec  xmlprov - ok
20:53:45.0390 0x07ec  ================ Scan global ===============================
20:53:45.0453 0x07ec  [ 00EF9C3AF83EDBAF18CA7A2837750117, 87DB68DC66EADA719411C2B3DB02768C52D61BAA94216FCE9C4EE5C710EE7171 ] C:\WINDOWS\system32\basesrv.dll
20:53:45.0531 0x07ec  [ 442D0EAD5534E4ADCF6D4469043C82C0, B1DCC27DE175C763A234C61CBD7DE6F696B523D9A2BA35873B7D7255D613E644 ] C:\WINDOWS\system32\winsrv.dll
20:53:45.0671 0x07ec  [ 442D0EAD5534E4ADCF6D4469043C82C0, B1DCC27DE175C763A234C61CBD7DE6F696B523D9A2BA35873B7D7255D613E644 ] C:\WINDOWS\system32\winsrv.dll
20:53:45.0718 0x07ec  [ C6CE6EEC82F187615D1002BB3BB50ED4, CEA9C880328205AE3376EB8B005412CB0F8FCE52A71C6F0651EF5F9C193F6E3F ] C:\WINDOWS\system32\services.exe
20:53:45.0734 0x07ec  [ Global ] - ok
20:53:45.0734 0x07ec  ================ Scan MBR ==================================
20:53:45.0765 0x07ec  [ A9BC6085158A2785B9EB6A494A4B11F1 ] \Device\Harddisk0\DR0
20:53:46.0375 0x07ec  \Device\Harddisk0\DR0 - ok
20:53:46.0375 0x07ec  ================ Scan VBR ==================================
20:53:46.0390 0x07ec  [ 8EE3EEF3820B100C24752217E1D6D053 ] \Device\Harddisk0\DR0\Partition1
20:53:46.0406 0x07ec  \Device\Harddisk0\DR0\Partition1 - ok
20:53:46.0406 0x07ec  ================ Scan generic autorun ======================
20:53:46.0468 0x07ec  [ 18AF798F49A1084B0ED8C47D3CECA6B2, 3D11D2EA0BE3066ED9FF8D210B42FED8480AC72914DBAB00DF6C6411B522854B ] C:\WINDOWS\SOUNDMAN.EXE
20:53:46.0500 0x07ec  SoundMan - ok
20:53:46.0515 0x07ec  NvCplDaemon - ok
20:53:46.0515 0x07ec  nwiz - ok
20:53:46.0531 0x07ec  nForce Tray Options - ok
20:53:46.0625 0x07ec  [ 915A106A2FB87292CEF0AD4F36ADF313, 149A283D263BDA1FFF23857263B54536763A79D5786918B15AE68ED661A460E7 ] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
20:53:46.0625 0x07ec  RemoteControl - ok
20:53:46.0734 0x07ec  [ 3E4C03CEFAD8DE135263236B61A49C90, 243201B64F4B60D55CDB1A3BF4B9AA60BC22EB8ACA88E95042EE48AC5DF5F397 ] C:\WINDOWS\system32\NeroCheck.exe
20:53:46.0750 0x07ec  NeroFilterCheck - ok
20:53:46.0812 0x07ec  [ 06A6145CDDF7DB1EFBE6280A57880111, E783DF54AE271C64196C7247349271F58EEF20F87115283B9AF834E86DD18D89 ] C:\Program Files\Digital Media Reader\shwiconem.exe
20:53:46.0875 0x07ec  SunKistEM - ok
20:53:47.0375 0x07ec  [ B53343FE60A33EE765C2476D50D27B26, BFC2565FDE90CD777A471B5F36CADCD91C4282499CBBD27F407842BBB35AF5A4 ] C:\Program Files\Messenger\msmsgs.exe
20:53:47.0562 0x07ec  MSMSGS - ok
20:53:47.0578 0x07ec  Waiting for KSN requests completion. In queue: 254
20:53:48.0953 0x07ec  AV detected via SS1: AVG AntiVirus Free Edition 2015, 2015.0, enabled, updated
20:53:48.0968 0x07ec  Win FW state via NFM: enabled
20:53:49.0515 0x07ec  ============================================================
20:53:49.0515 0x07ec  Scan finished
20:53:49.0515 0x07ec  ============================================================
20:53:49.0531 0x0dc0  Detected object count: 0
20:53:49.0531 0x0dc0  Actual detected object count: 0
20:57:18.0640 0x0e74  Deinitialize success

C:\Documents and Settings\Owner\laptop_drive\Downloads\casinostyleblackjack-setup.exe    Win32/DownloadAdmin.G potentially unwanted application    deleted - quarantined
C:\Documents and Settings\Owner\laptop_drive\Downloads\cbsidlm-cbsi188-YS_Flight_Simulator-BP-10114866.exe    a variant of Win32/CNETInstaller.B potentially unwanted application    deleted - quarantined
C:\Documents and Settings\Owner\laptop_drive\Downloads\cutepdfwriter-setup.exe    Win32/DownloadAdmin.G potentially unwanted application    deleted - quarantined
C:\Documents and Settings\Owner\laptop_drive\Downloads\CuteWriter.exe    a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application    deleted - quarantined
C:\Documents and Settings\Owner\laptop_drive\Downloads\defragsetup.exe    a variant of Win32/Toolbar.Widgi.B potentially unwanted application    deleted - quarantined
C:\Documents and Settings\Owner\laptop_drive\Downloads\dfsetup215.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted - quarantined
C:\Documents and Settings\Owner\laptop_drive\Downloads\viacad2d3d-setup.exe    Win32/DownloadAdmin.G potentially unwanted application    deleted - quarantined
C:\Documents and Settings\Owner\My Documents\Downloads\cbsidlm-tr1_12-Rustyspigot_Inventory_Stock_Control-SEO-75498393.exe    Win32/DownloadAdmin.G potentially unwanted application    deleted - quarantined
C:\Documents and Settings\Owner\My Documents\Downloads\DVDStyler-2.4.2-win32.exe    Win32/Somoto.E potentially unwanted application    deleted - quarantined
C:\Documents and Settings\Owner\My Documents\Downloads\moyeaflveditorlite-setup.exe    a variant of Win32/DownloadAdmin.H potentially unwanted application    deleted - quarantined
C:\Documents and Settings\Owner\My Documents\Downloads\SetupYTD.exe    Win32/Toolbar.Widgi potentially unwanted application    deleted - quarantined
C:\Documents and Settings\Owner\My Documents\Downloads\tuppsetup_2005(1).exe    Win32/Systweak.K potentially unwanted application    deleted - quarantined
C:\Documents and Settings\Owner\My Documents\Downloads\tuppsetup_2005.exe    Win32/Systweak.K potentially unwanted application    deleted - quarantined

 


Edited by markr9, 08 January 2015 - 05:44 PM.


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,912 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:55 AM

Posted 08 January 2015 - 08:20 PM

These are outdated and should be uninstalled thru Control Panel.
Adobe Reader 6.0 (HKLM\...\{AC76BA86-7AD7-1033-7B44-000000000001}) (Version: 6.0 - Adobe Systems Incorporated)
Java 2 Runtime Environment, SE v1.4.2 (HKLM\...\{7148F0A8-6813-11D6-A77B-00B0D0142000}) (Version: 1.4.2 - Sun Microsystems, Inc.)

Reboot


The items from AVG are toolbar related.. They are just spyware to track you.

YTDownloader Virus is categorized as an adware application, which should be removed from the computer. It can be bundled with freeware or downloaded from the official website yt-downloader.com. Malware researchers have discovered that YTDownloader installs a browser helper object (BHO) and re-downloads it on a regular basis. Moreover, it has been observed that YTDownloader Virus can display pop-up advertisements, which may be related to your browsing sessions. This is so because YTDownloader Virus monitors what websites you visit and what items you are interested in. Ignore web banners, offers, and other forms of advertising and remove YTDownloader Virus from the PC. MORE


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 markr9

markr9
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:midwest USA
  • Local time:10:55 PM

Posted 09 January 2015 - 11:17 AM

OK, thanks.

 

I have rerun adw and let it clean things up.

 

heres its report.

 

# AdwCleaner v4.107 - Report created 09/01/2015 at 10:05:00
# Updated 07/01/2015 by Xplode
# Database : 2014-12-21.4 [Local]
# Operating System : Microsoft Windows XP Service Pack 2 (32 bits)
# Username : Owner - YOUR-C3436969FC
# Running from : C:\Documents and Settings\Owner\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : vToolbarUpdater18.1.9

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\AVG SafeGuard toolbar
Folder Deleted : C:\Documents and Settings\All Users\Application Data\AVG Secure Search
Folder Deleted : C:\Program Files\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files\AVG Security Toolbar
Folder Deleted : C:\Program Files\GreenTree Applications
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\Documents and Settings\Owner\Local Settings\Application Data\AVG SafeGuard toolbar
Folder Deleted : C:\Documents and Settings\Owner\Application Data\AVG SafeGuard toolbar
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\MetaStream
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Tuneup Pro
Key Deleted : HKLM\SOFTWARE\Viewpoint
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FLV Player
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SpyHunter

***** [ Browsers ] *****

-\\ Internet Explorer v6.0.2900.2180


-\\ Mozilla Firefox v34.0.5 (x86 en-US)


*************************

AdwCleaner[R0].txt - [7523 octets] - [07/01/2015 21:00:09]
AdwCleaner[R1].txt - [7583 octets] - [07/01/2015 21:14:51]
AdwCleaner[R2].txt - [6840 octets] - [09/01/2015 09:29:11]
AdwCleaner[S0].txt - [6733 octets] - [09/01/2015 10:05:00]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6793 octets] ##########
 



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,912 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:55 AM

Posted 09 January 2015 - 03:14 PM

Very nice...

Empty your temp folders using TFC (Temporary File Cleaner)
  • Please download TFC by Old Timer and save it to your desktop.
    alternate download link
  • Save any unsaved work. (TFC will close ALL open programs including your browser!)
  • Double-click on TFC.exe to run it. (If you are using Vista or above, right-click on the file and choose "Run As Administrator".)
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.
How is it running?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 markr9

markr9
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:midwest USA
  • Local time:10:55 PM

Posted 10 January 2015 - 07:39 PM

I think the machine is doing as well as an old machine with 512 mb of memory will run. As long as I dont try running many browser windows it runs fine.   I am looking at a dual core machine used with 4 gb of memory and win 7. Its a faster processor and dual core so it should run faster.

 

Some of the slow activity has gone, and several proocesses are now gone.   I have also been cleaning out all the games and utilities which no one is using, so that may get rid of a bit more.

 

I think you can close this now, thanks for the help.



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,912 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:55 AM

Posted 11 January 2015 - 04:37 PM

This can help clean up and repair some files.

Download Windows Repair (All in One) from this site

Install the program then run it.

NOTE 1. In Windows Vista, 7 and 8 right click on the program, click "Run As Administrator".
NOTE 2. Disable your antivirus program before running Windows Repair.


Go to Step 3 and click on Check button next to 1. See If Check Disk Is Needed.
If the tool indicates that the Check Disk is needed click on Do It button next to 2. Check Disk, then restart your computer.

1406373241-3-o.png


Once the above is done, go to Step 4 and allow it to run System File Check by clicking on the Do It button.

1406373250-4-o.png


Go to Step 5 and under"System Restore" click on Create button.

1406373259-5-o.png


Go to Start Repairs tab and click the Start button.

1406373267-start1-o.png


Leave the check marks as they are.
NOTE for Windows 8 users. Reset Registry Permissions is NOT checked by design.

Click on Start Repairs button.

1406373275-start2-o.png


After the repair finished, you may be prompted to restart the computer. Please allow it to do so.

Please post the Windows Repair log which is located in the following folder:
64-bit systems - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs
32-bit systems - C:\Program Files\Tweaking.com\Windows Repair (All in One)\Logs
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users