Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Need help to know where to begin.


  • Please log in to reply
11 replies to this topic

#1 dayvolt

dayvolt

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:03:17 PM

Posted 28 December 2015 - 08:55 PM

About three years ago I helped my grandmother build this computer from Dell. It came with Windows 7 Home Premium 32-bit installed. Just over one year ago the "Windows is not Genuine" message began. My grandmother called me and I contacted Microsoft for her. They took control and ran a scan of the computer. They showed me some files that came up red and said that that was a virus/malware responsible. I don't remember exactly and, for those that have talked to Microsoft's tech support department, the man wasn't completely perfect at the English language. However, they asked for my grandmother to pay them just over $100.00 to take care of the problem, which she did. The problem seem to stop. Now it seems that it is back just after that one year worth of service provided by Microsoft ended. Can someone please help me?



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:17 PM

Posted 28 December 2015 - 09:00 PM

Hi dayvolt

Let's see what these say.

3Al62Pm.pngMiniToolBox
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
SXvL3ZF.pngTDSSKiller
  • Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
zcMPezJ.pngAdwCleaner
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
lv0mVRW.pngJunkware Removal Tool
  • Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
cvMlKv6.pngESET Online Scanner
  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 bc0306

bc0306

  • Members
  • 193 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:17 PM

Posted 28 December 2015 - 09:09 PM

dont trust him hes probably a scammer also i recommend you backing up the computer and reinstalling windows then scan the backed up files


Don't even think about it if your not sure


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:17 PM

Posted 28 December 2015 - 09:57 PM

Are you saying I'm a scammer there bc
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Condobloke

Condobloke

    Outback Aussie @ 54.2101° N, 0.2906° W


  • Members
  • 5,808 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:17 AM

Posted 28 December 2015 - 10:05 PM

@ boopme.....he has a death wish......

 

@ bc0306.....calling a global moderator a scammer is really not cool....especially one of boopme's standing

 

If that is not what you meant......I would edit your post and make your intent clear.


Edited by Condobloke, 28 December 2015 - 10:11 PM.

Condobloke ...Outback Australian  

 

fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

 

Microsoft gives you Windows, Linux gives you the whole house...

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy

#6 dayvolt

dayvolt
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:03:17 PM

Posted 28 December 2015 - 10:07 PM

MiniToolBox by Farbar  Version: 02-11-2015
Ran by Juliana Dayvolt (administrator) on 28-12-2015 at 21:28:39
Running from "C:\Users\Juliana Dayvolt\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8HJ1QPOR"
Microsoft Windows 7 Home Premium  Service Pack 1 (X86)
Model: Vostro 220s Series Manufacturer: Dell Inc.
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
127.0.0.1       localhost
========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Local Area Connection 2" forwarding=disabled advertise=disabled mtu=1428 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled

popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : jdayvolt-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Broadcast
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : attlocal.net

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : attlocal.net
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : A4-BA-DB-E5-0D-A8
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2602:30a:2e40:d490:10fd:cf50:af10:f50b(Preferred)
   Temporary IPv6 Address. . . . . . : 2602:30a:2e40:d490:5c0e:c63c:87c0:8e34(Preferred)
   Link-local IPv6 Address . . . . . : fe80::10fd:cf50:af10:f50b%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.69(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, December 27, 2015 9:25:57 PM
   Lease Expires . . . . . . . . . . : Tuesday, December 29, 2015 8:37:15 PM
   Default Gateway . . . . . . . . . : fe80::3a3b:c8ff:fe2b:d309%10
                                       192.168.1.254
   DHCP Server . . . . . . . . . . . : 192.168.1.254
   DHCPv6 IAID . . . . . . . . . . . : 245676763
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-19-D1-D4-A4-BA-DB-E5-0D-A8
   DNS Servers . . . . . . . . . . . : 2602:30a:2e40:d490::1
                                       192.168.1.254
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.attlocal.net:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : attlocal.net
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  homeportal
Address:  2602:30a:2e40:d490::1

Name:    google.com
Addresses:  2607:f8b0:4002:c03::8b
   74.125.21.100
   74.125.21.102
   74.125.21.113
   74.125.21.101
   74.125.21.139
   74.125.21.138

Pinging google.com [2607:f8b0:4002:c08::8a] with 32 bytes of data:
Reply from 2607:f8b0:4002:c08::8a: time=34ms
Reply from 2607:f8b0:4002:c08::8a: time=38ms

Ping statistics for 2607:f8b0:4002:c08::8a:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 34ms, Maximum = 38ms, Average = 36ms
Server:  homeportal
Address:  2602:30a:2e40:d490::1

Name:    yahoo.com
Addresses:  2001:4998:44:204::a7
   2001:4998:c:a06::2:4008
   2001:4998:58:c02::a9
   98.139.183.24
   206.190.36.45
   98.138.253.109

Pinging yahoo.com [2001:4998:58:c02::a9] with 32 bytes of data:
Reply from 2001:4998:58:c02::a9: time=100ms
Reply from 2001:4998:58:c02::a9: time=100ms

Ping statistics for 2001:4998:58:c02::a9:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 100ms, Maximum = 100ms, Average = 100ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 10...a4 ba db e5 0d a8 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 11...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254     192.168.1.69     10
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link      192.168.1.69    266
     192.168.1.69  255.255.255.255         On-link      192.168.1.69    266
    192.168.1.255  255.255.255.255         On-link      192.168.1.69    266
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.1.69    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.1.69    266
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 10    266 ::/0                     fe80::3a3b:c8ff:fe2b:d309
  1    306 ::1/128                  On-link
 10     18 2602:30a:2e40:d490::/64  On-link
 10    266 2602:30a:2e40:d490:10fd:cf50:af10:f50b/128
                                    On-link
 10    266 2602:30a:2e40:d490:5c0e:c63c:87c0:8e34/128
                                    On-link
 10    266 fe80::/64                On-link
 10    266 fe80::10fd:cf50:af10:f50b/128
                                    On-link
  1    306 ff00::/8                 On-link
 10    266 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/27/2015 07:52:32 PM) (Source: Windows Activation Technologies) (User: )
Description: Health check failure:
 hr = 0x8004FE21, HealthStatus: 0x000000000003EFFF

Error: (12/27/2015 07:49:29 PM) (Source: Windows Activation Technologies) (User: )
Description: Health check failure:
 hr = 0x8004FE21, HealthStatus: 0x000000000003EFFF

Error: (09/14/2015 07:23:17 PM) (Source: Windows Activation Technologies) (User: )
Description: Health check failure:
 hr = 0x8004FE21, HealthStatus: 0x000000000003EFFF

Error: (09/07/2015 10:41:35 AM) (Source: Windows Activation Technologies) (User: )
Description: Health check failure:
 hr = 0x8004FE21, HealthStatus: 0x000000000003EFFF

Error: (08/22/2015 04:13:45 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15600

Error: (08/22/2015 04:13:45 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15600

Error: (08/22/2015 04:13:45 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/22/2015 04:12:14 PM) (Source: Application Error) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d6727a7
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x5b5e5f48
Faulting process id: 0xfd0
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3

Error: (08/20/2015 07:52:18 PM) (Source: Windows Activation Technologies) (User: )
Description: Health check failure:
 hr = 0x8004FE21, HealthStatus: 0x000000000003EFFF

Error: (08/11/2015 09:53:31 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 64816481

System errors:
=============
Error: (12/27/2015 09:25:54 PM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service failed to start due to the following error:
%%2

Error: (12/27/2015 09:25:53 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 9:23:51 PM on ‎12/‎27/‎2015 was unexpected.

Error: (12/27/2015 08:12:51 PM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service failed to start due to the following error:
%%2

Error: (12/27/2015 08:11:48 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Display Driver Service service has reported an invalid current state 32.

Error: (12/27/2015 07:42:19 PM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service failed to start due to the following error:
%%2

Error: (12/27/2015 07:41:14 PM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service failed to start due to the following error:
%%2

Error: (12/27/2015 07:41:07 PM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service failed to start due to the following error:
%%2

Error: (12/27/2015 07:41:07 PM) (Source: Service Control Manager) (User: )
Description: The AVG Firewall service failed to start due to the following error:
%%2

Error: (09/14/2015 07:43:46 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Display Driver Service service has reported an invalid current state 32.

Error: (09/07/2015 10:35:35 AM) (Source: Service Control Manager) (User: )
Description: The AVG Firewall service failed to start due to the following error:
%%2

Microsoft Office Sessions:
=========================
Error: (06/20/2010 05:16:42 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 814097 seconds with 540 seconds of active time.  This session ended with a crash.

=========================== Installed Programs ============================

Adobe AIR (HKLM\...\{FE23D063-934D-4829-A0D8-00634CE79B4A}) (Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.1.102.55 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E1DB0812-2D60-43DB-AE09-6C7027D93B28}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2013 (HKLM\...\{2AE79B77-E3FA-4F9C-93D7-4FC643516D6A}) (Version: 13.0.3199 - AVG Technologies) Hidden
AVG 2013 (HKLM\...\{715C6CD0-3AA9-4E69-8144-D8AA9FF048BC}) (Version: 13.0.4253 - AVG Technologies) Hidden
AVG 2013 (HKLM\...\{D4425424-253F-4EC6-90FF-4028DD82D989}) (Version: 13.0.3495 - AVG Technologies) Hidden
AVG 2013 (HKLM\...\AVG) (Version: 2013.0.3495 - AVG Technologies)
Bing Bar (HKLM\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Bing Rewards Client Installer (HKLM\...\{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}) (Version: 16.0.345.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Chimpoo (HKLM\...\Chimpoo_3abar Uninstall) (Version:  - Chimpoo)
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery Manager (HKLM\...\{8DD67529-BA26-4D12-97A8-3853D0C4B67D}) (Version: 1.2.1 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{3138EAD3-700B-4A10-B617-B3F8096EE30D}) (Version: 1.0.0 - Dell Inc)
Google Chrome (HKLM\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.29.1 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GoZone iSync (HKLM\...\GoZone iSync) (Version: 1.0.91 - Virgin HealthMiles) Hidden
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
iTunes (HKLM\...\{3A9FE6B1-EE7F-40AC-B831-AC7C9ABB58A0}) (Version: 12.1.1.4 - Apple Inc.)
Java 8 Update 66 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java Auto Updater (HKLM\...\{4A03706F-666A-4037-7777-5F2748764D10}) (Version: 2.8.66.18 - Oracle Corporation) Hidden
Junk Mail filter update (HKLM\...\{400C31E4-796F-4E86-8FDC-C3C4FACC6847}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Standard 2007 (HKLM\...\STANDARDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (HKLM\...\{5BABDA39-61CF-41EE-992D-4054B6649A9B}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM\...\{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.9 - NVIDIA Corporation)
Photo Common (HKLM\...\{D888F114-7537-4D48-AF03-5DA9C82D7540}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (HKLM\...\{30F99474-EBE3-4134-A02B-F6CD38CFE243}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (HKLM\...\{FC6C7107-7D72-41A1-A031-3CE751159BAB}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PowerDVD DX (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.3.5424 - CyberLink Corp.)
Realtek Ethernet Diagnostic Utility (HKLM\...\{7236672F-6430-439E-9B27-27EDEAF1D676}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5859 - )
Roxio Creator Audio (HKLM\...\{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}) (Version: 3.7.0 - Roxio) Hidden
Roxio Creator Copy (HKLM\...\{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}) (Version: 3.7.0 - Roxio) Hidden
Roxio Creator Data (HKLM\...\{08E81ABD-79F7-49C2-881F-FD6CB0975693}) (Version: 3.7.0 - Roxio) Hidden
Roxio Creator DE 10.3 (HKLM\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.3 - Roxio)
Roxio Creator DE 10.3 (HKLM\...\{ED439A64-F018-4DD4-8BA5-328D85AB09AB}) (Version: 3.7.0 - Roxio) Hidden
Roxio Creator Tools (HKLM\...\{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}) (Version: 3.7.0 - Roxio) Hidden
Roxio Express Labeler 3 (HKLM\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 3.2.2 - Roxio) Hidden
Roxio Update Manager (HKLM\...\{30465B6C-B53F-49A1-9EBA-A3F187AD502E}) (Version: 6.0.0 - Roxio) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
TotalRecipeSearch Toolbar (HKLM\...\TotalRecipeSearch_14bar Uninstall) (Version:  - Mindspark Interactive Network)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)

========================= Memory info: ===================================

Percentage of memory in use: 28%
Total physical RAM: 3070.99 MB
Available physical RAM: 2210.02 MB
Total Virtual: 6140.27 MB
Available Virtual: 4731.14 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:290.12 GB) (Free:247.55 GB) NTFS
3 Drive e: () (Removable) (Total:14.9 GB) (Free:14.27 GB) FAT32

========================= Users: ========================================

User accounts for \\JDAYVOLT-PC

Administrator            Guest                    jdayvolt                
Juliana Dayvolt         

**** End of log ****

 

 

 

 

 

 

22:16:23.0698 0x068c  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
22:16:25.0913 0x068c  ============================================================
22:16:25.0913 0x068c  Current date / time: 2015/12/28 22:16:25.0913
22:16:25.0913 0x068c  SystemInfo:
22:16:25.0913 0x068c 
22:16:25.0913 0x068c  OS Version: 6.1.7601 ServicePack: 1.0
22:16:25.0913 0x068c  Product type: Workstation
22:16:25.0913 0x068c  ComputerName: JDAYVOLT-PC
22:16:25.0913 0x068c  UserName: Juliana Dayvolt
22:16:25.0913 0x068c  Windows directory: C:\Windows
22:16:25.0913 0x068c  System windows directory: C:\Windows
22:16:25.0913 0x068c  Processor architecture: Intel x86
22:16:25.0913 0x068c  Number of processors: 2
22:16:25.0913 0x068c  Page size: 0x1000
22:16:25.0913 0x068c  Boot type: Normal boot
22:16:25.0913 0x068c  ============================================================
22:16:26.0147 0x068c  KLMD registered as C:\Windows\system32\drivers\97581780.sys
22:16:26.0834 0x068c  System UUID: {A124FC9A-2C48-AC66-23B1-B95F29A276E4}
22:16:27.0583 0x068c  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:16:27.0598 0x068c  Drive \Device\Harddisk1\DR1 - Size: 0x3BA300000 ( 14.91 Gb ), SectorSize: 0x200, Cylinders: 0x79A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
22:16:27.0598 0x068c  ============================================================
22:16:27.0598 0x068c  \Device\Harddisk0\DR0:
22:16:27.0598 0x068c  MBR partitions:
22:16:27.0598 0x068c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0xFDB000
22:16:27.0598 0x068c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xFEF000, BlocksNum 0x2443F000
22:16:27.0598 0x068c  \Device\Harddisk1\DR1:
22:16:27.0598 0x068c  MBR partitions:
22:16:27.0598 0x068c  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x20, BlocksNum 0x1DD17E0
22:16:27.0598 0x068c  ============================================================
22:16:27.0629 0x068c  C: <-> \Device\Harddisk0\DR0\Partition2
22:16:27.0629 0x068c  ============================================================
22:16:27.0629 0x068c  Initialize success
22:16:27.0629 0x068c  ============================================================
22:16:28.0940 0x1640  ============================================================
22:16:28.0940 0x1640  Scan started
22:16:28.0940 0x1640  Mode: Manual;
22:16:28.0940 0x1640  ============================================================
22:16:28.0940 0x1640  KSN ping started
22:16:31.0717 0x1640  KSN ping finished: true
22:16:32.0543 0x1640  ================ Scan system memory ========================
22:16:32.0543 0x1640  System memory - ok
22:16:32.0543 0x1640  ================ Scan services =============================
22:16:32.0684 0x1640  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
22:16:32.0699 0x1640  1394ohci - ok
22:16:32.0793 0x1640  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
22:16:32.0793 0x1640  ACPI - ok
22:16:32.0824 0x1640  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
22:16:32.0824 0x1640  AcpiPmi - ok
22:16:32.0887 0x1640  [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
22:16:32.0902 0x1640  AdobeARMservice - ok
22:16:32.0933 0x1640  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
22:16:32.0949 0x1640  adp94xx - ok
22:16:32.0965 0x1640  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
22:16:32.0980 0x1640  adpahci - ok
22:16:32.0996 0x1640  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
22:16:33.0011 0x1640  adpu320 - ok
22:16:33.0027 0x1640  [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
22:16:33.0027 0x1640  AeLookupSvc - ok
22:16:33.0058 0x1640  [ 7A841462AD4749F8A07B27AE8E8947B8, 029B0FBB42AC042EF13BD6AD66EC39104FA102553439DE56E7DC2EA02398E03F ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
22:16:33.0058 0x1640  AERTFilters - ok
22:16:33.0121 0x1640  [ F81BB7E487EDCEAB630A7EE66CF23913, 7D1638FD7E388EF670FA0A421762E0413351058A20DDF0F9988A383F05395A68 ] AFD             C:\Windows\system32\drivers\afd.sys
22:16:33.0136 0x1640  AFD - ok
22:16:33.0167 0x1640  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
22:16:33.0167 0x1640  agp440 - ok
22:16:33.0183 0x1640  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
22:16:33.0183 0x1640  aic78xx - ok
22:16:33.0199 0x1640  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
22:16:33.0199 0x1640  ALG - ok
22:16:33.0230 0x1640  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
22:16:33.0230 0x1640  aliide - ok
22:16:33.0230 0x1640  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
22:16:33.0230 0x1640  amdagp - ok
22:16:33.0245 0x1640  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
22:16:33.0245 0x1640  amdide - ok
22:16:33.0277 0x1640  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
22:16:33.0277 0x1640  AmdK8 - ok
22:16:33.0292 0x1640  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
22:16:33.0292 0x1640  AmdPPM - ok
22:16:33.0323 0x1640  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
22:16:33.0323 0x1640  amdsata - ok
22:16:33.0339 0x1640  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
22:16:33.0339 0x1640  amdsbs - ok
22:16:33.0355 0x1640  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
22:16:33.0355 0x1640  amdxata - ok
22:16:33.0386 0x1640  [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID           C:\Windows\system32\drivers\appid.sys
22:16:33.0386 0x1640  AppID - ok
22:16:33.0386 0x1640  [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
22:16:33.0401 0x1640  AppIDSvc - ok
22:16:33.0417 0x1640  [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo         C:\Windows\System32\appinfo.dll
22:16:33.0417 0x1640  Appinfo - ok
22:16:33.0479 0x1640  [ D2B87FC03BE28CD0B33C2B5C1119FD8E, 97EB74CB7F62C0D06D45CB250E3A90657A0F107C2FC20738FF6B2C87B0240080 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:16:33.0479 0x1640  Apple Mobile Device - ok
22:16:33.0495 0x1640  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\DRIVERS\arc.sys
22:16:33.0511 0x1640  arc - ok
22:16:33.0526 0x1640  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
22:16:33.0526 0x1640  arcsas - ok
22:16:33.0542 0x1640  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
22:16:33.0542 0x1640  AsyncMac - ok
22:16:33.0573 0x1640  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
22:16:33.0573 0x1640  atapi - ok
22:16:33.0620 0x1640  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:16:33.0635 0x1640  AudioEndpointBuilder - ok
22:16:33.0651 0x1640  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] Audiosrv        C:\Windows\System32\Audiosrv.dll
22:16:33.0667 0x1640  Audiosrv - ok
22:16:33.0698 0x1640  Avgfwfd - ok
22:16:33.0729 0x1640  AVGIDSAgent - ok
22:16:33.0760 0x1640  [ 5BCAE36134162830ED283F4C3D88476A, A47EE816A88A8C18458BA721AB829E49D492128BA8D5BF6FF317C2B5A1FFA60F ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdriverx.sys
22:16:33.0760 0x1640  AVGIDSDriver - ok
22:16:33.0791 0x1640  [ 7C8E88549BCDAAC965B1B724C175F7A9, 86240BF965C60FFAF381879D1B2DD7190FAD597E7534AEE9A9E48A2BDEC119BA ] AVGIDSHX        C:\Windows\system32\DRIVERS\avgidshx.sys
22:16:33.0807 0x1640  AVGIDSHX - ok
22:16:33.0823 0x1640  [ F8D2E76EA51B3B4119DF3D6A7A6D99F3, 417E05BA987345ED48223404DEBC10043A18CBC749462186CC3EE9C20F47C86D ] AVGIDSShim      C:\Windows\system32\DRIVERS\avgidsshimx.sys
22:16:33.0823 0x1640  AVGIDSShim - ok
22:16:33.0854 0x1640  [ FCF551AD50A10E427F743165A533E613, 78EA90EC56A7E1B40B4F9191A33D06A648AB48499A4F19C6AE43EA690585BE25 ] Avgldx86        C:\Windows\system32\DRIVERS\avgldx86.sys
22:16:33.0854 0x1640  Avgldx86 - ok
22:16:33.0901 0x1640  [ E2B9CF2CF787C6978E7CC898E9684E48, 73D5D8514EF1BF3BCC64DC158C68189D07B3940641F1155823C6822D03BC761B ] Avglogx         C:\Windows\system32\DRIVERS\avglogx.sys
22:16:33.0901 0x1640  Avglogx - ok
22:16:33.0932 0x1640  [ 3F59750A3AA55C46663801E7C2FD1E2B, F748EB6552889974CB1FC6F666F2D78F654CAA990A339C741255355295CD46E8 ] Avgmfx86        C:\Windows\system32\DRIVERS\avgmfx86.sys
22:16:33.0932 0x1640  Avgmfx86 - ok
22:16:33.0932 0x1640  [ 90FA3A4BB1039701D68FD1CC2ED3EE22, 5842AECBF76163BCAEE19DED708291DD8402E2D24DD48453E6067A9AE5BABB11 ] Avgrkx86        C:\Windows\system32\DRIVERS\avgrkx86.sys
22:16:33.0947 0x1640  Avgrkx86 - ok
22:16:33.0963 0x1640  [ A4713E9B75D8A9C2B016C3FDAB196D6A, 7A4405B90732C5BA9FE380ECE8E3FFC802A39283AC4945BC44550723C91E3C53 ] Avgtdix         C:\Windows\system32\DRIVERS\avgtdix.sys
22:16:33.0979 0x1640  Avgtdix - ok
22:16:34.0010 0x1640  [ D15D2E9F5567075740B88F16F01810D6, 09086182352B0901D886B1F588F141DFC1E68CF0CA62BA399F841E1C96DFDFEF ] avgtp           C:\Windows\system32\drivers\avgtpx86.sys
22:16:34.0010 0x1640  avgtp - ok
22:16:34.0072 0x1640  [ D646FA5135A1CD795877AFE9D17FA9ED, 2F97FBCD7BD75727A77C17D75D2482AE819D5D2EB9760D96412F9C20AA7D9473 ] avgwd           C:\Program Files\AVG\AVG2013\avgwdsvc.exe
22:16:34.0088 0x1640  avgwd - ok
22:16:34.0119 0x1640  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
22:16:34.0119 0x1640  AxInstSV - ok
22:16:34.0150 0x1640  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
22:16:34.0166 0x1640  b06bdrv - ok
22:16:34.0197 0x1640  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
22:16:34.0197 0x1640  b57nd60x - ok
22:16:34.0275 0x1640  [ 5F685973740F289BE3C809952DB8408B, 4C0A0C06BB2B6B1879A860B0D68289A55F80CF74947FCCE7815F1D8121232F62 ] BBSvc           C:\Program Files\Microsoft\BingBar\7.3.132.0\BBSvc.exe
22:16:34.0291 0x1640  BBSvc - ok
22:16:34.0322 0x1640  [ 76F78018F45E7F92164CEA5020176933, 76E1CA6E198417F3749864721C43913189A7EA07B5ED320DE543B2037CEA3D65 ] BBUpdate        C:\Program Files\Microsoft\BingBar\7.3.132.0\SeaPort.exe
22:16:34.0337 0x1640  BBUpdate - ok
22:16:34.0369 0x1640  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
22:16:34.0369 0x1640  BDESVC - ok
22:16:34.0369 0x1640  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
22:16:34.0369 0x1640  Beep - ok
22:16:34.0415 0x1640  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
22:16:34.0431 0x1640  BFE - ok
22:16:34.0493 0x1640  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
22:16:34.0509 0x1640  BITS - ok
22:16:34.0525 0x1640  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
22:16:34.0540 0x1640  blbdrive - ok
22:16:34.0587 0x1640  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:16:34.0618 0x1640  Bonjour Service - ok
22:16:34.0649 0x1640  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:16:34.0649 0x1640  bowser - ok
22:16:34.0681 0x1640  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:16:34.0681 0x1640  BrFiltLo - ok
22:16:34.0681 0x1640  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:16:34.0681 0x1640  BrFiltUp - ok
22:16:34.0696 0x1640  [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
22:16:34.0696 0x1640  BridgeMP - ok
22:16:34.0712 0x1640  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
22:16:34.0727 0x1640  Browser - ok
22:16:34.0743 0x1640  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
22:16:34.0759 0x1640  Brserid - ok
22:16:34.0790 0x1640  [ 56F59A4011F503149AE4DE826982CA4F, C89142939D576D33FC4B130F529A02DC15B1247C76419111DF450AF4191CE23B ] BrSerIf         C:\Windows\system32\Drivers\BrSerIf.sys
22:16:34.0790 0x1640  BrSerIf - ok
22:16:34.0805 0x1640  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
22:16:34.0805 0x1640  BrSerWdm - ok
22:16:34.0821 0x1640  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
22:16:34.0821 0x1640  BrUsbMdm - ok
22:16:34.0852 0x1640  [ A24C7B39602218F8DBDB2B6704325FC7, B90A1BA412A33AD041A2CE47FBB73AE296AF07A2F3DF1F56D9FEE5B3B1E0BBD5 ] BrUsbSer        C:\Windows\system32\Drivers\BrUsbSer.sys
22:16:34.0852 0x1640  BrUsbSer - ok
22:16:34.0868 0x1640  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
22:16:34.0868 0x1640  BTHMODEM - ok
22:16:34.0899 0x1640  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
22:16:34.0899 0x1640  bthserv - ok
22:16:34.0977 0x1640  catchme - ok
22:16:34.0993 0x1640  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:16:34.0993 0x1640  cdfs - ok
22:16:35.0024 0x1640  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
22:16:35.0024 0x1640  cdrom - ok
22:16:35.0055 0x1640  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
22:16:35.0055 0x1640  CertPropSvc - ok
22:16:35.0071 0x1640  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
22:16:35.0071 0x1640  circlass - ok
22:16:35.0086 0x1640  [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS            C:\Windows\system32\CLFS.sys
22:16:35.0102 0x1640  CLFS - ok
22:16:35.0149 0x1640  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:16:35.0149 0x1640  clr_optimization_v2.0.50727_32 - ok
22:16:35.0227 0x1640  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:16:35.0227 0x1640  clr_optimization_v4.0.30319_32 - ok
22:16:35.0258 0x1640  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
22:16:35.0258 0x1640  CmBatt - ok
22:16:35.0273 0x1640  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
22:16:35.0273 0x1640  cmdide - ok
22:16:35.0320 0x1640  [ 247B4CE2DAB1160CD422D532D5241E1F, CFE04DBE48B23B084C3F4C3D0F483B26F322E4693176D8739A412BE5D8BE597E ] CNG             C:\Windows\system32\Drivers\cng.sys
22:16:35.0336 0x1640  CNG - ok
22:16:35.0367 0x1640  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
22:16:35.0367 0x1640  Compbatt - ok
22:16:35.0398 0x1640  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
22:16:35.0398 0x1640  CompositeBus - ok
22:16:35.0398 0x1640  COMSysApp - ok
22:16:35.0414 0x1640  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
22:16:35.0414 0x1640  crcdisk - ok
22:16:35.0445 0x1640  [ 7CA1BECEA5DE2643ADDAD32670E7A4C9, E3AB4CC52A97E3855D7EAB87363F807FDD2162ED8C76A036CD71549ED64E7797 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:16:35.0461 0x1640  CryptSvc - ok
22:16:35.0492 0x1640  [ 33E7AB50F87F97ABD9057205E27CB182, CD5139E2ED2652E5EE5E31F43B0EE06971A4490943238C0BA1BA36C02963C245 ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
22:16:35.0492 0x1640  dc3d - ok
22:16:35.0523 0x1640  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:16:35.0554 0x1640  DcomLaunch - ok
22:16:35.0585 0x1640  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
22:16:35.0585 0x1640  defragsvc - ok
22:16:35.0617 0x1640  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
22:16:35.0617 0x1640  DfsC - ok
22:16:35.0648 0x1640  [ 7A5FB3E4E0D77740D56E516EE6B2DC2B, 5B4636EC04903D2E512AC8FB98A484F7CEBE4EE0A081CF897CD13E8491C0D8CC ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
22:16:35.0648 0x1640  dg_ssudbus - ok
22:16:35.0679 0x1640  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
22:16:35.0695 0x1640  Dhcp - ok
22:16:35.0710 0x1640  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
22:16:35.0710 0x1640  discache - ok
22:16:35.0710 0x1640  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
22:16:35.0726 0x1640  Disk - ok
22:16:35.0757 0x1640  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:16:35.0757 0x1640  Dnscache - ok
22:16:35.0788 0x1640  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
22:16:35.0788 0x1640  dot3svc - ok
22:16:35.0819 0x1640  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
22:16:35.0819 0x1640  DPS - ok
22:16:35.0851 0x1640  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
22:16:35.0851 0x1640  drmkaud - ok
22:16:35.0897 0x1640  [ 16498EBC04AE9DD07049A8884B205C05, 134EA1C7A2DB984B8EBADF6C25B28DBADF02215AA2ED298FA124556FC4992084 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
22:16:35.0929 0x1640  DXGKrnl - ok
22:16:35.0944 0x1640  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
22:16:35.0944 0x1640  EapHost - ok
22:16:36.0053 0x1640  [ 560EDC0912BDB68290930E2542823A24, CB9578A19F717FBD388F2BE8179CF2D4755DF11AD246E13AF1D43E25CA026386 ] eapihdrv        C:\Users\JULIAN~1\AppData\Local\Temp\ehdrv.sys
22:16:36.0069 0x1640  eapihdrv - ok
22:16:36.0163 0x1640  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
22:16:36.0241 0x1640  ebdrv - ok
22:16:36.0287 0x1640  [ 81951F51E318AECC2D68559E47485CC4, ACF76395EF4A2ED03AB919A9DA04D3A4C03B4D0EDC60BE123B3BE1AFE78BC71B ] EFS             C:\Windows\System32\lsass.exe
22:16:36.0287 0x1640  EFS - ok
22:16:36.0350 0x1640  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
22:16:36.0365 0x1640  ehRecvr - ok
22:16:36.0381 0x1640  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
22:16:36.0381 0x1640  ehSched - ok
22:16:36.0412 0x1640  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
22:16:36.0443 0x1640  elxstor - ok
22:16:36.0475 0x1640  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
22:16:36.0475 0x1640  ErrDev - ok
22:16:36.0506 0x1640  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
22:16:36.0521 0x1640  EventSystem - ok
22:16:36.0537 0x1640  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
22:16:36.0537 0x1640  exfat - ok
22:16:36.0553 0x1640  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
22:16:36.0553 0x1640  fastfat - ok
22:16:36.0599 0x1640  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
22:16:36.0631 0x1640  Fax - ok
22:16:36.0646 0x1640  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
22:16:36.0646 0x1640  fdc - ok
22:16:36.0662 0x1640  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
22:16:36.0662 0x1640  fdPHost - ok
22:16:36.0662 0x1640  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
22:16:36.0662 0x1640  FDResPub - ok
22:16:36.0693 0x1640  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:16:36.0693 0x1640  FileInfo - ok
22:16:36.0709 0x1640  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
22:16:36.0709 0x1640  Filetrace - ok
22:16:36.0724 0x1640  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
22:16:36.0724 0x1640  flpydisk - ok
22:16:36.0740 0x1640  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:16:36.0740 0x1640  FltMgr - ok
22:16:36.0802 0x1640  [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache       C:\Windows\system32\FntCache.dll
22:16:36.0849 0x1640  FontCache - ok
22:16:36.0896 0x1640  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:16:36.0911 0x1640  FontCache3.0.0.0 - ok
22:16:36.0911 0x1640  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
22:16:36.0911 0x1640  FsDepends - ok
22:16:36.0958 0x1640  [ 2ED0BABD4CD98ED820FD0D0BCBE96721, A5B955F77BBD299DEF0F25047EF5C6E63AD3D25E4E783D974AA8BB64878D97D7 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
22:16:36.0958 0x1640  fssfltr - ok
22:16:37.0067 0x1640  [ 812E1BA5C52A78F13EA6AA10DF708B1D, CF1C4D8E072CF0D66C977DFA4C852E5CE757843BEAF5D29454D26A9AC5766E61 ] fsssvc          C:\Program Files\Windows Live\Family Safety\fsssvc.exe
22:16:37.0114 0x1640  fsssvc - ok
22:16:37.0145 0x1640  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:16:37.0145 0x1640  Fs_Rec - ok
22:16:37.0177 0x1640  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
22:16:37.0192 0x1640  fvevol - ok
22:16:37.0208 0x1640  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
22:16:37.0208 0x1640  gagp30kx - ok
22:16:37.0255 0x1640  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
22:16:37.0286 0x1640  gpsvc - ok
22:16:37.0364 0x1640  [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
22:16:37.0379 0x1640  gupdate - ok
22:16:37.0395 0x1640  [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
22:16:37.0395 0x1640  gupdatem - ok
22:16:37.0442 0x1640  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
22:16:37.0442 0x1640  gusvc - ok
22:16:37.0473 0x1640  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
22:16:37.0473 0x1640  hcw85cir - ok
22:16:37.0489 0x1640  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
22:16:37.0489 0x1640  HDAudBus - ok
22:16:37.0504 0x1640  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
22:16:37.0504 0x1640  HidBatt - ok
22:16:37.0520 0x1640  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
22:16:37.0520 0x1640  HidBth - ok
22:16:37.0535 0x1640  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
22:16:37.0535 0x1640  HidIr - ok
22:16:37.0567 0x1640  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\System32\hidserv.dll
22:16:37.0567 0x1640  hidserv - ok
22:16:37.0613 0x1640  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
22:16:37.0613 0x1640  HidUsb - ok
22:16:37.0660 0x1640  [ B3635FD088BA2F6F03A276A961BE6ED2, 119E3283E9101031883A1742BD904672C84DD6971F4DE42932B4B798B02C86D4 ] hitmanpro37     C:\Windows\system32\drivers\hitmanpro37.sys
22:16:37.0660 0x1640  hitmanpro37 - ok
22:16:37.0691 0x1640  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
22:16:37.0691 0x1640  hkmsvc - ok
22:16:37.0723 0x1640  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:16:37.0738 0x1640  HomeGroupListener - ok
22:16:37.0754 0x1640  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:16:37.0754 0x1640  HomeGroupProvider - ok
22:16:37.0785 0x1640  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
22:16:37.0785 0x1640  HpSAMD - ok
22:16:37.0832 0x1640  [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:16:37.0863 0x1640  HTTP - ok
22:16:37.0879 0x1640  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
22:16:37.0879 0x1640  hwpolicy - ok
22:16:37.0894 0x1640  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
22:16:37.0894 0x1640  i8042prt - ok
22:16:37.0957 0x1640  [ 0E899D0DB39617AA0B2F992E7E95B5EB, 214AA4A0F298BB97C9DC6CB0496D566519C45C1092CE2C5BF92E5FFB8E4B6FA3 ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
22:16:37.0972 0x1640  IAANTMON - ok
22:16:38.0003 0x1640  [ 01446278D4563B3013C92830AE6CBB26, 68DB91660E46945CAD5AB9767A603D1B750899A0737C538551F01892E755F0ED ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
22:16:38.0003 0x1640  iaStor - ok
22:16:38.0050 0x1640  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
22:16:38.0066 0x1640  iaStorV - ok
22:16:38.0128 0x1640  [ C521D7EB6497BB1AF6AFA89E322FB43C, BDDCFCBB5B76A9295669B5AC9F732D6127199ED5C300770B554C4E4794F66BB7 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:16:38.0159 0x1640  idsvc - ok
22:16:38.0175 0x1640  IEEtwCollectorService - ok
22:16:38.0191 0x1640  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
22:16:38.0191 0x1640  iirsp - ok
22:16:38.0237 0x1640  [ F95622F161474511B8D80D6B093AA610, F2320E25EB9B4AA9A8366BD3AA23EABEBE111A5610D3A62EBA47D90427D5BC26 ] IKEEXT          C:\Windows\System32\ikeext.dll
22:16:38.0269 0x1640  IKEEXT - ok
22:16:38.0362 0x1640  [ 8B27C21412AE4404EB0ACFE1D98579EC, 64D7001C533D8210BB5A80B06581F0585F3B049AC9B07087130BCB6DC89AB5E2 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
22:16:38.0440 0x1640  IntcAzAudAddService - ok
22:16:38.0456 0x1640  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
22:16:38.0456 0x1640  intelide - ok
22:16:38.0487 0x1640  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
22:16:38.0487 0x1640  intelppm - ok
22:16:38.0534 0x1640  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
22:16:38.0534 0x1640  IPBusEnum - ok
22:16:38.0549 0x1640  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:16:38.0549 0x1640  IpFilterDriver - ok
22:16:38.0596 0x1640  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
22:16:38.0612 0x1640  iphlpsvc - ok
22:16:38.0643 0x1640  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
22:16:38.0643 0x1640  IPMIDRV - ok
22:16:38.0659 0x1640  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
22:16:38.0659 0x1640  IPNAT - ok
22:16:38.0721 0x1640  [ 1323570D55CE9D70D1F10144A8249D20, 5876576289CCDC994D6BC8D1B8D29EFFF66811EBECC577F8C2F9BDC2E59ADFBC ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
22:16:38.0752 0x1640  iPod Service - ok
22:16:38.0768 0x1640  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:16:38.0768 0x1640  IRENUM - ok
22:16:38.0799 0x1640  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
22:16:38.0799 0x1640  isapnp - ok
22:16:38.0830 0x1640  [ CB7A9ABB12B8415BCE5D74994C7BA3AE, 464BFF3F5EEE985BE075E23E1813F5CB82A9A0771A92C6D889B13B867BCDF647 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
22:16:38.0846 0x1640  iScsiPrt - ok
22:16:38.0877 0x1640  [ D7B5B5C5130B775EC7E32EDD780D737F, D6423D72561DBE1F65DF1BBFB6DE0BAC19D4B8CD8065202937D8D21F2BC3C4B7 ] JRAID           C:\Windows\system32\DRIVERS\jraid.sys
22:16:38.0877 0x1640  JRAID - ok
22:16:38.0893 0x1640  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
22:16:38.0893 0x1640  kbdclass - ok
22:16:38.0939 0x1640  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
22:16:38.0939 0x1640  kbdhid - ok
22:16:38.0955 0x1640  [ 81951F51E318AECC2D68559E47485CC4, ACF76395EF4A2ED03AB919A9DA04D3A4C03B4D0EDC60BE123B3BE1AFE78BC71B ] KeyIso          C:\Windows\system32\lsass.exe
22:16:38.0955 0x1640  KeyIso - ok
22:16:38.0986 0x1640  [ B7895B4182C0D16F6EFADEB8081E8D36, BAC3BAD22207C8826125FD7721C96F2C7A238960FD9398A3D4573E14648E9DB9 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:16:38.0986 0x1640  KSecDD - ok
22:16:39.0017 0x1640  [ D30159AC9237519FBC62C6EC247D2D46, 10BDE041C95D0CCD3591ED497002043FEC3A5F732D7AE311FBA457E0FE16CE4B ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
22:16:39.0017 0x1640  KSecPkg - ok
22:16:39.0064 0x1640  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
22:16:39.0080 0x1640  KtmRm - ok
22:16:39.0111 0x1640  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\System32\srvsvc.dll
22:16:39.0127 0x1640  LanmanServer - ok
22:16:39.0158 0x1640  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:16:39.0158 0x1640  LanmanWorkstation - ok
22:16:39.0173 0x1640  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
22:16:39.0189 0x1640  lltdio - ok
22:16:39.0205 0x1640  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
22:16:39.0220 0x1640  lltdsvc - ok
22:16:39.0236 0x1640  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
22:16:39.0236 0x1640  lmhosts - ok
22:16:39.0251 0x1640  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
22:16:39.0251 0x1640  LSI_FC - ok
22:16:39.0267 0x1640  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
22:16:39.0267 0x1640  LSI_SAS - ok
22:16:39.0283 0x1640  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:16:39.0283 0x1640  LSI_SAS2 - ok
22:16:39.0298 0x1640  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:16:39.0298 0x1640  LSI_SCSI - ok
22:16:39.0314 0x1640  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
22:16:39.0314 0x1640  luafv - ok
22:16:39.0345 0x1640  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
22:16:39.0345 0x1640  Mcx2Svc - ok
22:16:39.0376 0x1640  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
22:16:39.0376 0x1640  megasas - ok
22:16:39.0392 0x1640  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
22:16:39.0407 0x1640  MegaSR - ok
22:16:39.0439 0x1640  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
22:16:39.0439 0x1640  MMCSS - ok
22:16:39.0454 0x1640  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
22:16:39.0454 0x1640  Modem - ok
22:16:39.0470 0x1640  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
22:16:39.0470 0x1640  monitor - ok
22:16:39.0517 0x1640  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
22:16:39.0532 0x1640  mouclass - ok
22:16:39.0532 0x1640  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
22:16:39.0532 0x1640  mouhid - ok
22:16:39.0563 0x1640  [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
22:16:39.0563 0x1640  mountmgr - ok
22:16:39.0595 0x1640  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
22:16:39.0595 0x1640  mpio - ok
22:16:39.0610 0x1640  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:16:39.0610 0x1640  mpsdrv - ok
22:16:39.0688 0x1640  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
22:16:39.0719 0x1640  MpsSvc - ok
22:16:39.0735 0x1640  [ CEB46AB7C01C9F825F8CC6BABC18166A, AA98898204FC58878502C170FE6ED8BA681396DDD8BF3689D0C3642DEA87BEF8 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:16:39.0735 0x1640  MRxDAV - ok
22:16:39.0766 0x1640  [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:16:39.0766 0x1640  mrxsmb - ok
22:16:39.0797 0x1640  [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:16:39.0813 0x1640  mrxsmb10 - ok
22:16:39.0813 0x1640  [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:16:39.0813 0x1640  mrxsmb20 - ok
22:16:39.0829 0x1640  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
22:16:39.0829 0x1640  msahci - ok
22:16:39.0860 0x1640  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
22:16:39.0860 0x1640  msdsm - ok
22:16:39.0891 0x1640  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
22:16:39.0891 0x1640  MSDTC - ok
22:16:39.0922 0x1640  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:16:39.0922 0x1640  Msfs - ok
22:16:39.0922 0x1640  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
22:16:39.0922 0x1640  mshidkmdf - ok
22:16:39.0953 0x1640  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
22:16:39.0953 0x1640  msisadrv - ok
22:16:39.0985 0x1640  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
22:16:39.0985 0x1640  MSiSCSI - ok
22:16:40.0000 0x1640  msiserver - ok
22:16:40.0016 0x1640  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
22:16:40.0016 0x1640  MSKSSRV - ok
22:16:40.0031 0x1640  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
22:16:40.0031 0x1640  MSPCLOCK - ok
22:16:40.0047 0x1640  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
22:16:40.0047 0x1640  MSPQM - ok
22:16:40.0063 0x1640  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
22:16:40.0063 0x1640  MsRPC - ok
22:16:40.0078 0x1640  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
22:16:40.0078 0x1640  mssmbios - ok
22:16:40.0094 0x1640  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
22:16:40.0094 0x1640  MSTEE - ok
22:16:40.0109 0x1640  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
22:16:40.0109 0x1640  MTConfig - ok
22:16:40.0125 0x1640  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
22:16:40.0125 0x1640  Mup - ok
22:16:40.0156 0x1640  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
22:16:40.0172 0x1640  napagent - ok
22:16:40.0203 0x1640  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
22:16:40.0203 0x1640  NativeWifiP - ok
22:16:40.0250 0x1640  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:16:40.0281 0x1640  NDIS - ok
22:16:40.0297 0x1640  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
22:16:40.0297 0x1640  NdisCap - ok
22:16:40.0312 0x1640  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:16:40.0312 0x1640  NdisTapi - ok
22:16:40.0343 0x1640  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
22:16:40.0343 0x1640  Ndisuio - ok
22:16:40.0375 0x1640  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
22:16:40.0375 0x1640  NdisWan - ok
22:16:40.0406 0x1640  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
22:16:40.0421 0x1640  NDProxy - ok
22:16:40.0421 0x1640  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
22:16:40.0421 0x1640  NetBIOS - ok
22:16:40.0453 0x1640  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
22:16:40.0453 0x1640  NetBT - ok
22:16:40.0468 0x1640  [ 81951F51E318AECC2D68559E47485CC4, ACF76395EF4A2ED03AB919A9DA04D3A4C03B4D0EDC60BE123B3BE1AFE78BC71B ] Netlogon        C:\Windows\system32\lsass.exe
22:16:40.0468 0x1640  Netlogon - ok
22:16:40.0484 0x1640  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
22:16:40.0499 0x1640  Netman - ok
22:16:40.0531 0x1640  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
22:16:40.0546 0x1640  netprofm - ok
22:16:40.0577 0x1640  [ F476EC40033CDB91EFBE73EB99B8362D, B17535037BC070F9AE1F6B381C2DBEE27658A8FDE15FB0E061F485EA7C7CBE59 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:16:40.0593 0x1640  NetTcpPortSharing - ok
22:16:40.0609 0x1640  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
22:16:40.0609 0x1640  nfrd960 - ok
22:16:40.0640 0x1640  [ 374071043F9E4231EE43BE2BB48DD36D, C4FA3FC40CC49DBBB91901D14210A55D3831FAC9F9B3FF45FCA7F5CF242C9E92 ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:16:40.0655 0x1640  NlaSvc - ok
22:16:40.0655 0x1640  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:16:40.0671 0x1640  Npfs - ok
22:16:40.0687 0x1640  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
22:16:40.0687 0x1640  nsi - ok
22:16:40.0702 0x1640  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:16:40.0702 0x1640  nsiproxy - ok
22:16:40.0765 0x1640  [ 5E43D2B0EE64123D4880DFA6626DEFDE, 164413A22DE58B19EA2B4120034B46D6BE1F424B80C3421E10BE5C81153D049F ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:16:40.0811 0x1640  Ntfs - ok
22:16:40.0827 0x1640  [ CF7E041663119E09D2E118521ADA9300, 0BDDEDA787CCBE34D515945717AF972143A3684F6D37F87B639D6A5371F381CC ] NuidFltr        C:\Windows\system32\DRIVERS\NuidFltr.sys
22:16:40.0827 0x1640  NuidFltr - ok
22:16:40.0843 0x1640  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
22:16:40.0843 0x1640  Null - ok
22:16:40.0874 0x1640  [ A82534D453425F5FEE4B6A583FDCF3EB, 0F88E2D1298F30100AAAA249B9F4401550ED67D9C4A0D0EB32CEED5341BA7CD0 ] NVHDA           C:\Windows\system32\drivers\nvhda32v.sys
22:16:40.0874 0x1640  NVHDA - ok
22:16:41.0155 0x1640  [ A6E06D1AE86B4FD2CD4AF1E5F2B8A241, EB471A2C5807479A14C3927201CD9F016D522AF8D64367CC5CAC5FE890F98AFB ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:16:41.0404 0x1640  nvlddmkm - ok
22:16:41.0467 0x1640  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
22:16:41.0467 0x1640  nvraid - ok
22:16:41.0498 0x1640  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
22:16:41.0498 0x1640  nvstor - ok
22:16:41.0513 0x1640  [ CD8EA2885B0FAC5CFD93B41BC7345DFE, CADAECD854C93B05BD31A01FE4CE436C1D98EAC57625D0782019BA63B5ADE755 ] nvsvc           C:\Windows\system32\nvvsvc.exe
22:16:41.0513 0x1640  nvsvc - ok
22:16:41.0545 0x1640  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
22:16:41.0545 0x1640  nv_agp - ok
22:16:41.0623 0x1640  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:16:41.0638 0x1640  odserv - ok
22:16:41.0669 0x1640  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
22:16:41.0669 0x1640  ohci1394 - ok
22:16:41.0701 0x1640  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:16:41.0701 0x1640  ose - ok
22:16:41.0732 0x1640  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
22:16:41.0747 0x1640  p2pimsvc - ok
22:16:41.0763 0x1640  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
22:16:41.0779 0x1640  p2psvc - ok
22:16:41.0810 0x1640  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
22:16:41.0810 0x1640  Parport - ok
22:16:41.0841 0x1640  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
22:16:41.0841 0x1640  partmgr - ok
22:16:41.0857 0x1640  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
22:16:41.0857 0x1640  Parvdm - ok
22:16:41.0888 0x1640  [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:16:41.0888 0x1640  PcaSvc - ok
22:16:41.0919 0x1640  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
22:16:41.0919 0x1640  pci - ok
22:16:41.0935 0x1640  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
22:16:41.0935 0x1640  pciide - ok
22:16:41.0966 0x1640  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
22:16:41.0966 0x1640  pcmcia - ok
22:16:41.0981 0x1640  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
22:16:41.0981 0x1640  pcw - ok
22:16:42.0013 0x1640  [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:16:42.0044 0x1640  PEAUTH - ok
22:16:42.0122 0x1640  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
22:16:42.0169 0x1640  pla - ok
22:16:42.0200 0x1640  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:16:42.0215 0x1640  PlugPlay - ok
22:16:42.0231 0x1640  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
22:16:42.0231 0x1640  PNRPAutoReg - ok
22:16:42.0247 0x1640  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
22:16:42.0247 0x1640  PNRPsvc - ok
22:16:42.0278 0x1640  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
22:16:42.0293 0x1640  PolicyAgent - ok
22:16:42.0325 0x1640  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
22:16:42.0340 0x1640  Power - ok
22:16:42.0340 0x1640  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
22:16:42.0356 0x1640  PptpMiniport - ok
22:16:42.0371 0x1640  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
22:16:42.0371 0x1640  Processor - ok
22:16:42.0387 0x1640  [ CADEFAC453040E370A1BDFF3973BE00D, 2E3DD8DA702468D8AB0F3CE27188B1991D4CB015FB36BAE4C6E7996B61CF49B8 ] ProfSvc         C:\Windows\system32\profsvc.dll
22:16:42.0403 0x1640  ProfSvc - ok
22:16:42.0403 0x1640  [ 81951F51E318AECC2D68559E47485CC4, ACF76395EF4A2ED03AB919A9DA04D3A4C03B4D0EDC60BE123B3BE1AFE78BC71B ] ProtectedStorage C:\Windows\system32\lsass.exe
22:16:42.0403 0x1640  ProtectedStorage - ok
22:16:42.0418 0x1640  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
22:16:42.0434 0x1640  Psched - ok
22:16:42.0449 0x1640  [ 40FEDD328F98245AD201CF5F9F311724, CE1582652B6A7CACE46D8B492CAA8E51EA46C3890EF640E8C5E1E053731A4D74 ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
22:16:42.0449 0x1640  PxHelp20 - ok
22:16:42.0496 0x1640  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
22:16:42.0543 0x1640  ql2300 - ok
22:16:42.0574 0x1640  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
22:16:42.0574 0x1640  ql40xx - ok
22:16:42.0590 0x1640  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
22:16:42.0590 0x1640  QWAVE - ok
22:16:42.0605 0x1640  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:16:42.0605 0x1640  QWAVEdrv - ok
22:16:42.0621 0x1640  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:16:42.0621 0x1640  RasAcd - ok
22:16:42.0637 0x1640  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
22:16:42.0637 0x1640  RasAgileVpn - ok
22:16:42.0652 0x1640  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
22:16:42.0652 0x1640  RasAuto - ok
22:16:42.0668 0x1640  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
22:16:42.0668 0x1640  Rasl2tp - ok
22:16:42.0699 0x1640  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
22:16:42.0730 0x1640  RasMan - ok
22:16:42.0746 0x1640  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:16:42.0746 0x1640  RasPppoe - ok
22:16:42.0761 0x1640  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
22:16:42.0761 0x1640  RasSstp - ok
22:16:42.0808 0x1640  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
22:16:42.0824 0x1640  rdbss - ok
22:16:42.0839 0x1640  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
22:16:42.0839 0x1640  rdpbus - ok
22:16:42.0871 0x1640  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
22:16:42.0871 0x1640  RDPCDD - ok
22:16:42.0871 0x1640  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
22:16:42.0886 0x1640  RDPENCDD - ok
22:16:42.0886 0x1640  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
22:16:42.0902 0x1640  RDPREFMP - ok
22:16:42.0917 0x1640  [ F031683E6D1FEA157ABB2FF260B51E61, 83B552819A5964152882C527E1421DBCEAACC74DEB897E3C4B53F52F1467FED3 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
22:16:42.0933 0x1640  RDPWD - ok
22:16:42.0964 0x1640  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
22:16:42.0964 0x1640  rdyboost - ok
22:16:42.0995 0x1640  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:16:42.0995 0x1640  RemoteRegistry - ok
22:16:42.0995 0x1640  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
22:16:43.0011 0x1640  RpcEptMapper - ok
22:16:43.0027 0x1640  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
22:16:43.0027 0x1640  RpcLocator - ok
22:16:43.0042 0x1640  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
22:16:43.0073 0x1640  RpcSs - ok
22:16:43.0073 0x1640  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:16:43.0089 0x1640  rspndr - ok
22:16:43.0105 0x1640  [ 26A9D6227D12B9D9DA5A81BB9B55D810, 65AB233248B09619BE47A44008544FDFAA6C60C671F8659DB85B97693677B3F9 ] RTL8167         C:\Windows\system32\DRIVERS\Rt86win7.sys
22:16:43.0105 0x1640  RTL8167 - ok
22:16:43.0136 0x1640  [ F2FEC929E9FA9902F0BB52A4522068D4, 3469386F5F6A316D6C05DE5CD449AEC98B781CF323FCF3CEDEF138EB4B10D57C ] RtNdPt60        C:\Windows\system32\DRIVERS\RtNdPt60.sys
22:16:43.0136 0x1640  RtNdPt60 - ok
22:16:43.0167 0x1640  [ D78D74C6ED83339910CCCA7E68534222, 0293D45B2596A92160DF0CEC286F4BAAA8A5E7847BAA221468BE816BF69F858F ] RTTEAMPT        C:\Windows\system32\DRIVERS\RtTeam60.sys
22:16:43.0167 0x1640  RTTEAMPT - ok
22:16:43.0167 0x1640  [ E6472A4007FB17D27D4091ABD657A291, 4281243F7E53697582B51E13DF4A2A94BE70260713AE2FF0CE5AC8474723F4C4 ] RTVLANPT        C:\Windows\system32\DRIVERS\RtVlan60.sys
22:16:43.0167 0x1640  RTVLANPT - ok
22:16:43.0183 0x1640  [ 81951F51E318AECC2D68559E47485CC4, ACF76395EF4A2ED03AB919A9DA04D3A4C03B4D0EDC60BE123B3BE1AFE78BC71B ] SamSs           C:\Windows\system32\lsass.exe
22:16:43.0183 0x1640  SamSs - ok
22:16:43.0214 0x1640  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
22:16:43.0214 0x1640  sbp2port - ok
22:16:43.0229 0x1640  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:16:43.0229 0x1640  SCardSvr - ok
22:16:43.0276 0x1640  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
22:16:43.0276 0x1640  scfilter - ok
22:16:43.0323 0x1640  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
22:16:43.0370 0x1640  Schedule - ok
22:16:43.0385 0x1640  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
22:16:43.0385 0x1640  SCPolicySvc - ok
22:16:43.0432 0x1640  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
22:16:43.0432 0x1640  SDRSVC - ok
22:16:43.0463 0x1640  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
22:16:43.0463 0x1640  secdrv - ok
22:16:43.0479 0x1640  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
22:16:43.0479 0x1640  seclogon - ok
22:16:43.0495 0x1640  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\system32\sens.dll
22:16:43.0510 0x1640  SENS - ok
22:16:43.0541 0x1640  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
22:16:43.0541 0x1640  SensrSvc - ok
22:16:43.0541 0x1640  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
22:16:43.0557 0x1640  Serenum - ok
22:16:43.0573 0x1640  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
22:16:43.0573 0x1640  Serial - ok
22:16:43.0588 0x1640  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
22:16:43.0588 0x1640  sermouse - ok
22:16:43.0619 0x1640  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
22:16:43.0635 0x1640  SessionEnv - ok
22:16:43.0651 0x1640  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
22:16:43.0651 0x1640  sffdisk - ok
22:16:43.0682 0x1640  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
22:16:43.0682 0x1640  sffp_mmc - ok
22:16:43.0697 0x1640  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
22:16:43.0697 0x1640  sffp_sd - ok
22:16:43.0697 0x1640  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
22:16:43.0697 0x1640  sfloppy - ok
22:16:43.0760 0x1640  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
22:16:43.0775 0x1640  SharedAccess - ok
22:16:43.0807 0x1640  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:16:43.0822 0x1640  ShellHWDetection - ok
22:16:43.0838 0x1640  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
22:16:43.0838 0x1640  sisagp - ok
22:16:43.0853 0x1640  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:16:43.0853 0x1640  SiSRaid2 - ok
22:16:43.0869 0x1640  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
22:16:43.0869 0x1640  SiSRaid4 - ok
22:16:43.0885 0x1640  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
22:16:43.0885 0x1640  Smb - ok
22:16:43.0900 0x1640  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:16:43.0900 0x1640  SNMPTRAP - ok
22:16:43.0931 0x1640  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
22:16:43.0931 0x1640  spldr - ok
22:16:43.0963 0x1640  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
22:16:43.0978 0x1640  Spooler - ok
22:16:44.0087 0x1640  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
22:16:44.0165 0x1640  sppsvc - ok
22:16:44.0212 0x1640  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
22:16:44.0212 0x1640  sppuinotify - ok
22:16:44.0243 0x1640  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
22:16:44.0259 0x1640  srv - ok
22:16:44.0306 0x1640  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:16:44.0321 0x1640  srv2 - ok
22:16:44.0337 0x1640  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:16:44.0337 0x1640  srvnet - ok
22:16:44.0353 0x1640  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
22:16:44.0353 0x1640  SSDPSRV - ok
22:16:44.0368 0x1640  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
22:16:44.0368 0x1640  SstpSvc - ok
22:16:44.0399 0x1640  [ 5EE6503C932CB79B493E4B4D8E23D219, 51DC712611E21F5CF3ED2322A146E167769D082E826B82601471CF782090E8B5 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
22:16:44.0399 0x1640  ssudmdm - ok
22:16:44.0415 0x1640  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
22:16:44.0415 0x1640  stexstor - ok
22:16:44.0446 0x1640  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
22:16:44.0462 0x1640  StiSvc - ok
22:16:44.0493 0x1640  [ E476C66713C842F58E61A95826ED1D57, 33632E8AE6D868EAC7D676E4236E78A0B1E613C9A5FA2470A0419B2E9A6CAE4B ] stllssvr        C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
22:16:44.0509 0x1640  stllssvr - ok
22:16:44.0540 0x1640  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\drivers\swenum.sys
22:16:44.0540 0x1640  swenum - ok
22:16:44.0571 0x1640  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
22:16:44.0587 0x1640  swprv - ok
22:16:44.0649 0x1640  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\Windows\system32\sysmain.dll
22:16:44.0680 0x1640  SysMain - ok
22:16:44.0711 0x1640  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
22:16:44.0727 0x1640  TabletInputService - ok
22:16:44.0758 0x1640  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
22:16:44.0774 0x1640  TapiSrv - ok
22:16:44.0774 0x1640  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
22:16:44.0789 0x1640  TBS - ok
22:16:44.0852 0x1640  [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
22:16:44.0899 0x1640  Tcpip - ok
22:16:44.0945 0x1640  [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
22:16:44.0977 0x1640  TCPIP6 - ok
22:16:45.0008 0x1640  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:16:45.0008 0x1640  tcpipreg - ok
22:16:45.0055 0x1640  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
22:16:45.0055 0x1640  TDPIPE - ok
22:16:45.0070 0x1640  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
22:16:45.0086 0x1640  TDTCP - ok
22:16:45.0101 0x1640  [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
22:16:45.0101 0x1640  tdx - ok
22:16:45.0133 0x1640  [ D78D74C6ED83339910CCCA7E68534222, 0293D45B2596A92160DF0CEC286F4BAAA8A5E7847BAA221468BE816BF69F858F ] TEAM            C:\Windows\system32\DRIVERS\RtTeam60.sys
22:16:45.0133 0x1640  TEAM - ok
22:16:45.0148 0x1640  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\drivers\termdd.sys
22:16:45.0148 0x1640  TermDD - ok
22:16:45.0195 0x1640  [ 382C804C92811BE57829D8E550A900E2, 5F52C2E7902024CF1C9CC0069F411C3F19CCA3DB209F437FA0F3932D4898EB50 ] TermService     C:\Windows\System32\termsrv.dll
22:16:45.0211 0x1640  TermService - ok
22:16:45.0226 0x1640  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
22:16:45.0226 0x1640  Themes - ok
22:16:45.0242 0x1640  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
22:16:45.0242 0x1640  THREADORDER - ok
22:16:45.0257 0x1640  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
22:16:45.0257 0x1640  TrkWks - ok
22:16:45.0304 0x1640  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:16:45.0320 0x1640  TrustedInstaller - ok
22:16:45.0351 0x1640  [ B37B08F2E5EEB1A37E448E09BACE1101, 32CC9E06B88BAB6FAB4696B744548DFCE9199A7FD2BA8B019F269CA75895852C ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
22:16:45.0351 0x1640  tssecsrv - ok
22:16:45.0398 0x1640  [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
22:16:45.0398 0x1640  TsUsbFlt - ok
22:16:45.0445 0x1640  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:16:45.0445 0x1640  tunnel - ok
22:16:45.0476 0x1640  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
22:16:45.0476 0x1640  uagp35 - ok
22:16:45.0491 0x1640  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:16:45.0491 0x1640  udfs - ok
22:16:45.0523 0x1640  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
22:16:45.0523 0x1640  UI0Detect - ok
22:16:45.0554 0x1640  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
22:16:45.0554 0x1640  uliagpkx - ok
22:16:45.0585 0x1640  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
22:16:45.0585 0x1640  umbus - ok
22:16:45.0601 0x1640  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
22:16:45.0601 0x1640  UmPass - ok
22:16:45.0632 0x1640  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
22:16:45.0647 0x1640  upnphost - ok
22:16:45.0663 0x1640  [ EC1C23779BB41A8B2AB2AA6FCE308BDE, D027A2B472CAE97AECB16F69BE52E06CB61E1C61AE196C22662050B711C1C72D ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
22:16:45.0663 0x1640  USBAAPL - ok
22:16:45.0694 0x1640  [ BD9C55D7023C5DE374507ACC7A14E2AC, 1DBAFF733DE5C1A6A2374B15BD94512A22D9C0F4DF91F997801340828333AF3C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
22:16:45.0694 0x1640  usbccgp - ok
22:16:45.0725 0x1640  [ 04EC7CEC62EC3B6D9354EEE93327FC82, 6CB41D8644618A5F701F6CA91FB65BB94AA83EA48992133B5262DC539B334B2E ] usbcir          C:\Windows\system32\drivers\usbcir.sys
22:16:45.0725 0x1640  usbcir - ok
22:16:45.0741 0x1640  [ F92DE757E4B7CE9C07C5E65423F3AE3B, B3FDEE4A8F1C7EC12405D99ACABC3E633FA4ED08D2A2AA871526ED7927A35A91 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
22:16:45.0741 0x1640  usbehci - ok
22:16:45.0772 0x1640  [ 8DC94AEC6A7E644A06135AE7506DC2E9, 3ACB621D57BC8691DBBCDEF27563AA6390370362F21AFA6E7BA35BC429E14590 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
22:16:45.0772 0x1640  usbhub - ok
22:16:45.0803 0x1640  [ E185D44FAC515A18D9DEDDC23C2CDF44, EF69D0253CC8F1D29929FD5E74F18737ECF5D238874B6E1505E2EAEE66D9D987 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
22:16:45.0803 0x1640  usbohci - ok
22:16:45.0803 0x1640  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
22:16:45.0803 0x1640  usbprint - ok
22:16:45.0835 0x1640  [ 576096CCBC07E7C4EA4F5E6686D6888F, 8C643F43BD0017979548389C4DB36A1EE872CCF19C86FAE3752A4989173E28ED ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
22:16:45.0835 0x1640  usbscan - ok
22:16:45.0866 0x1640  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:16:45.0866 0x1640  USBSTOR - ok
22:16:45.0881 0x1640  [ 68DF884CF41CDADA664BEB01DAF67E3D, 142781FE2FF93B269D8FA11D4C3F60967552A867E94533D94EF1C2D777A67872 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
22:16:45.0881 0x1640  usbuhci - ok
22:16:45.0897 0x1640  [ AF77716205C97E902E6C5B78DECE2CCA, ED99EABED1C7F323EE2A76413E2B260F8EE1D76FDF1E60EE35136D060E756735 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
22:16:45.0897 0x1640  usb_rndisx - ok
22:16:45.0928 0x1640  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
22:16:45.0928 0x1640  UxSms - ok
22:16:45.0928 0x1640  [ 81951F51E318AECC2D68559E47485CC4, ACF76395EF4A2ED03AB919A9DA04D3A4C03B4D0EDC60BE123B3BE1AFE78BC71B ] VaultSvc        C:\Windows\system32\lsass.exe
22:16:45.0928 0x1640  VaultSvc - ok
22:16:45.0944 0x1640  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
22:16:45.0944 0x1640  vdrvroot - ok
22:16:45.0991 0x1640  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
22:16:46.0022 0x1640  vds - ok
22:16:46.0022 0x1640  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
22:16:46.0022 0x1640  vga - ok
22:16:46.0053 0x1640  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
22:16:46.0053 0x1640  VgaSave - ok
22:16:46.0084 0x1640  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
22:16:46.0084 0x1640  vhdmp - ok
22:16:46.0100 0x1640  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
22:16:46.0100 0x1640  viaagp - ok
22:16:46.0100 0x1640  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
22:16:46.0115 0x1640  ViaC7 - ok
22:16:46.0131 0x1640  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
22:16:46.0131 0x1640  viaide - ok
22:16:46.0147 0x1640  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
22:16:46.0147 0x1640  volmgr - ok
22:16:46.0178 0x1640  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
22:16:46.0193 0x1640  volmgrx - ok
22:16:46.0209 0x1640  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
22:16:46.0225 0x1640  volsnap - ok
22:16:46.0240 0x1640  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
22:16:46.0256 0x1640  vsmraid - ok
22:16:46.0303 0x1640  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
22:16:46.0349 0x1640  VSS - ok
22:16:46.0365 0x1640  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
22:16:46.0365 0x1640  vwifibus - ok
22:16:46.0396 0x1640  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
22:16:46.0412 0x1640  W32Time - ok
22:16:46.0427 0x1640  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
22:16:46.0427 0x1640  WacomPen - ok
22:16:46.0443 0x1640  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
22:16:46.0443 0x1640  WANARP - ok
22:16:46.0443 0x1640  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
22:16:46.0443 0x1640  Wanarpv6 - ok
22:16:46.0521 0x1640  [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
22:16:46.0568 0x1640  WatAdminSvc - ok
22:16:46.0599 0x1640  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
22:16:46.0646 0x1640  wbengine - ok
22:16:46.0661 0x1640  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
22:16:46.0677 0x1640  WbioSrvc - ok
22:16:46.0708 0x1640  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
22:16:46.0724 0x1640  wcncsvc - ok
22:16:46.0739 0x1640  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:16:46.0739 0x1640  WcsPlugInService - ok
22:16:46.0771 0x1640  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
22:16:46.0771 0x1640  Wd - ok
22:16:46.0802 0x1640  [ A840213F1ACDCC175B4D1D5AAEAC0D7A, B20F7CAEEA790290072BC170EBEEADB4C19E1C40DB0B3FE0D4A640D0D82300D6 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:16:46.0833 0x1640  Wdf01000 - ok
22:16:46.0849 0x1640  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:16:46.0849 0x1640  WdiServiceHost - ok
22:16:46.0849 0x1640  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost   C:\Windows\system32\wdi.dll
22:16:46.0849 0x1640  WdiSystemHost - ok
22:16:46.0880 0x1640  [ A9D880F97530D5B8FEE278923349929D, 6A293E2DB9B7C434EA8B4CD4861E11905D46BD60E014AE27B74DC8C4B2DDF834 ] WebClient       C:\Windows\System32\webclnt.dll
22:16:46.0895 0x1640  WebClient - ok
22:16:46.0895 0x1640  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:16:46.0911 0x1640  Wecsvc - ok
22:16:46.0927 0x1640  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
22:16:46.0927 0x1640  wercplsupport - ok
22:16:46.0942 0x1640  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
22:16:46.0942 0x1640  WerSvc - ok
22:16:46.0958 0x1640  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
22:16:46.0958 0x1640  WfpLwf - ok
22:16:46.0973 0x1640  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
22:16:46.0973 0x1640  WIMMount - ok
22:16:47.0051 0x1640  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
22:16:47.0098 0x1640  WinDefend - ok
22:16:47.0098 0x1640  WinHttpAutoProxySvc - ok
22:16:47.0145 0x1640  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
22:16:47.0161 0x1640  Winmgmt - ok
22:16:47.0207 0x1640  [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM           C:\Windows\system32\WsmSvc.dll
22:16:47.0254 0x1640  WinRM - ok
22:16:47.0317 0x1640  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
22:16:47.0317 0x1640  WinUsb - ok
22:16:47.0348 0x1640  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
22:16:47.0410 0x1640  Wlansvc - ok
22:16:47.0504 0x1640  [ 5E7C103F8475C4289847D15E129C20F7, C6325D3557545FA1DA26B0B1EA9A1C95AED1FA84A93BE29A771DAD9ECB00768B ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:16:47.0582 0x1640  wlidsvc - ok
22:16:47.0597 0x1640  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
22:16:47.0597 0x1640  WmiAcpi - ok
22:16:47.0613 0x1640  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:16:47.0613 0x1640  wmiApSrv - ok
22:16:47.0707 0x1640  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
22:16:47.0753 0x1640  WMPNetworkSvc - ok
22:16:47.0769 0x1640  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:16:47.0769 0x1640  WPCSvc - ok
22:16:47.0800 0x1640  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:16:47.0800 0x1640  WPDBusEnum - ok
22:16:47.0831 0x1640  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
22:16:47.0831 0x1640  ws2ifsl - ok
22:16:47.0847 0x1640  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
22:16:47.0847 0x1640  wscsvc - ok
22:16:47.0863 0x1640  WSearch - ok
22:16:47.0941 0x1640  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
22:16:48.0019 0x1640  wuauserv - ok
22:16:48.0050 0x1640  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
22:16:48.0050 0x1640  WudfPf - ok
22:16:48.0097 0x1640  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
22:16:48.0097 0x1640  WUDFRd - ok
22:16:48.0128 0x1640  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
22:16:48.0143 0x1640  wudfsvc - ok
22:16:48.0175 0x1640  [ 3C5E51C05BE9B56EAFF4E388C3AB25E4, 10D9FDEDAB1FB2E76D54661AFA5C1A6B1B0980525F38F5D061537077841C6AEE ] WwanSvc         C:\Windows\System32\wwansvc.dll
22:16:48.0175 0x1640  WwanSvc - ok
22:16:48.0190 0x1640  ================ Scan global ===============================
22:16:48.0237 0x1640  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
22:16:48.0268 0x1640  [ 1F5F07091D50244F17DD8D5147A628CC, 2F2B84BD1C052F44662960953C0EC91F9233D4D8DD06512E3E3BE43CE216BCB6 ] C:\Windows\system32\winsrv.dll
22:16:48.0299 0x1640  [ 1F5F07091D50244F17DD8D5147A628CC, 2F2B84BD1C052F44662960953C0EC91F9233D4D8DD06512E3E3BE43CE216BCB6 ] C:\Windows\system32\winsrv.dll
22:16:48.0315 0x1640  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
22:16:48.0346 0x1640  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
22:16:48.0362 0x1640  [ Global ] - ok
22:16:48.0362 0x1640  ================ Scan MBR ==================================
22:16:48.0362 0x1640  [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
22:16:48.0596 0x1640  \Device\Harddisk0\DR0 - ok
22:16:48.0596 0x1640  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
22:16:48.0611 0x1640  \Device\Harddisk1\DR1 - ok
22:16:48.0611 0x1640  ================ Scan VBR ==================================
22:16:48.0611 0x1640  [ 205727351122879DF64C3C5FFBE286D8 ] \Device\Harddisk0\DR0\Partition1
22:16:48.0611 0x1640  \Device\Harddisk0\DR0\Partition1 - ok
22:16:48.0611 0x1640  [ 589BFCFE6CB9AAC7E595C14EC13252A4 ] \Device\Harddisk0\DR0\Partition2
22:16:48.0611 0x1640  \Device\Harddisk0\DR0\Partition2 - ok
22:16:48.0627 0x1640  [ BA7B761A635F1A6EC0CA9A6226733C41 ] \Device\Harddisk1\DR1\Partition1
22:16:48.0627 0x1640  \Device\Harddisk1\DR1\Partition1 - ok
22:16:48.0627 0x1640  ================ Scan generic autorun ======================
22:16:48.0845 0x1640  [ D8039D9D877710CCE2C1125FE23010D2, BFA6197A058EC91F4CA117D197E645DFB9430A21F794E0DF6F31C18803C5698A ] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
22:16:49.0033 0x1640  RtHDVCpl - ok
22:16:49.0064 0x1640  [ 0B1B7568CED61ABF5FD717F28175C96A, F80853474B73DC02267F87EFBA1A198C9A5FD49EECE20B6B42A8E29D61B39058 ] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
22:16:49.0079 0x1640  IAAnotif - ok
22:16:49.0095 0x1640  [ 1F5A26DF97C33CD24A8ED4D4A1FF1348, 4A6E75D4F5F6CB6CDC92F5281B64B7F81F28B0FDDF38EAD95735982E5F64A6A1 ] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
22:16:49.0111 0x1640  PDVDDXSrv - ok
22:16:49.0142 0x1640  [ 76792DE2D69C1503C05739F91E464592, 64CC55603B0B83249BFEEC6D56E413161B8736B89D417E4544C44A27A6EFC187 ] C:\Dell\DBRM\Reminder\DbrmTrayIcon.exe
22:16:49.0142 0x1640  DBRMTray - ok
22:16:49.0313 0x1640  [ 24A3FDF5F2ED5AD16BDD35150F00EFDA, EC52FBD9F15D082633D3104CE1213693A41363F44653F238D0D33F4F8F96EA44 ] C:\Program Files\AVG\AVG2013\avgui.exe
22:16:49.0438 0x1640  AVG_UI - ok
22:16:49.0501 0x1640  [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
22:16:49.0547 0x1640  Adobe ARM - ok
22:16:49.0594 0x1640  [ 99342358331F57209DFF987CEEB8E37B, 3972DD0BE82B43BD50838E8B44DBF8160777B302F2718F2624CC6B67E0E1AF02 ] C:\Program Files\iTunes\iTunesHelper.exe
22:16:49.0594 0x1640  iTunesHelper - ok
22:16:49.0625 0x1640  [ 793D7221E5EC69EA615349A13B702B8C, 1545C9634A6599FE4B35419B1B40932797FE2E7DF0B5F27D6698810CC075CF86 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
22:16:49.0641 0x1640  SunJavaUpdateSched - ok
22:16:49.0688 0x1640  [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
22:16:49.0688 0x1640  swg - ok
22:16:49.0750 0x1640  [ 8D6D691AA7AA121AC048BA594AD7E647, 8583202D26BA894F30C222EF1DA155427E738DA7DF6C7EBDAA982DE070B88095 ] C:\Users\jdayvolt\AppData\Local\Apps\2.0\58MYR0ZC.MNO\MQKJWOBZ.XMP\dell..tion_e30b47f5d4a30e9e_0005.000d_4ab2a66cfade09be\DellSystemDetect.exe
22:16:49.0750 0x1640  DellSystemDetect - ok
22:16:49.0797 0x1640  [ 54126CDDEF533083D0FFDB94810AD1AA, A956E9DC83329D16E8E25EE874B4BC6099BFC9A5099D50A9CD5A087C94E2D08A ] C:\Windows\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe
22:16:49.0813 0x1640  FlashPlayerUpdate - ok
22:16:49.0813 0x1640  Waiting for KSN requests completion. In queue: 343
22:16:50.0827 0x1640  Waiting for KSN requests completion. In queue: 33
22:16:51.0841 0x1640  Waiting for KSN requests completion. In queue: 33
22:16:52.0683 0x0f7c  Object required for P2P: [ 793D7221E5EC69EA615349A13B702B8C ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
22:16:52.0855 0x1640  Waiting for KSN requests completion. In queue: 4
22:16:53.0869 0x1640  Waiting for KSN requests completion. In queue: 4
22:16:54.0883 0x1640  Waiting for KSN requests completion. In queue: 4
22:16:55.0741 0x0f7c  Object send P2P result: true
22:16:55.0928 0x1640  AV detected via SS2: AVG AntiVirus Free Edition 2013, C:\Program Files\AVG\AVG2013\avgwsc.exe ( 13.0.0.3300 ), 0x41010 ( enabled : outofdate )
22:16:55.0928 0x1640  FW detected via SS2: AVG Internet Security 2013, C:\Program Files\AVG\AVG2013\avgwsc.exe ( 13.0.0.3300 ), 0x40010 ( disabled )
22:16:55.0943 0x1640  Win FW state via NFP2: enabled ( trusted )
22:16:58.0845 0x1640  ============================================================
22:16:58.0845 0x1640  Scan finished
22:16:58.0845 0x1640  ============================================================
22:16:58.0845 0x03a0  Detected object count: 0
22:16:58.0845 0x03a0  Actual detected object count: 0

 

 

 

 

# AdwCleaner v5.026 - Logfile created 28/12/2015 at 22:18:23
# Updated 21/12/2015 by Xplode
# Database : 2015-12-23.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x86)
# Username : Juliana Dayvolt - JDAYVOLT-PC
# Running from : C:\Users\Juliana Dayvolt\Desktop\AdwCleaner.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

***** [ Files ] *****

***** [ DLL ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{03f3147c-cea6-4aae-b0ae-8d8abe7a8080}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0384459A-9D5E-4AE1-B154-8EAC39721C97}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0CE10DC6-DB5B-4255-BB4C-420C9B8D4F60}
Key Found : HKLM\SOFTWARE\Classes\Interface\{23A73CDC-711C-4D7E-AECC-D9AECFA152AA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2D465563-7CA8-45EC-83F2-6F5C293762F3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{377DB814-EBF3-464B-8688-AAE2798E1999}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3B0C32DB-699F-4B5E-BE81-1E78693D50D9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{40FE5A09-64EC-411D-B743-7EA5EC3CBD60}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4874BC7B-0681-49E4-A9B8-631B218F90D2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4A80A60D-BDEF-4D70-BCCC-D0DAD25FF951}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4FFED4E7-CF5A-467C-965C-0E425314E0CF}
Key Found : HKLM\SOFTWARE\Classes\Interface\{50DDA533-7F95-4141-98A4-5EC64E966126}
Key Found : HKLM\SOFTWARE\Classes\Interface\{559A5B93-63B3-4E1F-A720-78B227F9C3E6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6A01347F-FD7B-4EDF-871D-5143F104BFE6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6A6B3763-2264-4710-B165-26DB0B35920C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6D2D2DDF-CFF7-47A0-B4E9-F9043DF6C2C4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{7906EEF8-33D6-442A-A07A-11A9A5701935}
Key Found : HKLM\SOFTWARE\Classes\Interface\{81C8B625-F505-4E26-84F9-207AF4240B00}
Key Found : HKLM\SOFTWARE\Classes\Interface\{827F725B-5665-4A4B-807C-A60460066CED}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9359921F-1C6F-4E7F-8234-CD64087640BB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9A74121D-E910-4C66-8CBC-2A342BD03EB5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A828B2D7-0718-404B-AC94-A4EF0A3C9B88}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AE648A4E-AC70-47EF-9F19-E0030732B36D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B0839327-0156-4D83-96C8-26255C502568}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B3952944-3DB1-4605-B9D0-4D84AB9B10A7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B4EF7D02-FD90-4B58-AC4A-0CD7847799D2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B519D22F-3AC7-4CBB-8623-DA3E6ED1C7A4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B5612128-4651-4197-84C3-F3711AD8C023}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B723E5AA-0F63-47DF-971C-AE8EA0F8393A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C76ED8C1-24E5-43A8-807F-448264610140}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D70D51A6-C90C-4BF4-9C91-DC0B943754DE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E1C9AF72-FEDF-44E3-8BC1-B11AEF0433F9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0384459a-9d5e-4ae1-b154-8eac39721c97}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4a80a60d-bdef-4d70-bccc-d0dad25ff951}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{06A16622-19D9-47E8-9FEC-6CA8CF275BD7}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{0B41B972-09C0-4406-B15C-0310E138F2F1}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{1695AEEE-5B43-4FBB-B1BC-9E5E6C30C495}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{249434B9-E5AF-4834-874F-D25D1593018B}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{398035F8-0621-4534-AEF6-B5592A68F6D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{529B4045-715C-46E7-BC81-81E3AAEC9060}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{829E44ED-CB4F-4CCC-990F-428FBD0B128A}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A0676B02-1367-4651-88C0-28DCC456365F}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{AF25082C-7883-4AC5-9D15-784F3CFC78DF}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B7B60F9D-F1E4-4694-9A40-1538EA07A795}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{BCF02409-9333-44E7-96E8-01890EA9D58E}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{CC748B11-E10D-4C87-9A24-93E429FDD1FD}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EE201AE6-533C-4947-97EA-12627D4854A0}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{FFED91AD-6369-48F5-B351-2A42D09CB27C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0384459A-9D5E-4AE1-B154-8EAC39721C97}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4A80A60D-BDEF-4D70-BCCC-D0DAD25FF951}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0384459a-9d5e-4ae1-b154-8eac39721c97}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{03f3147c-cea6-4aae-b0ae-8d8abe7a8080}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{36e778e5-f988-4689-a78c-03e38601ede7}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{435e56d9-92df-4d38-bdff-fe316064953c}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4a80a60d-bdef-4d70-bccc-d0dad25ff951}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4acf5837-1634-4afc-a583-53405f15ee0b}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8cab2773-5453-4778-90d9-6672805b41ca}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a142b533-344a-426d-83cf-c9f6034de0a8}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{db082b40-5dde-4df1-8ee1-76a3e98966d1}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TotalRecipeSearch_14bar Uninstall
Key Found : HKU\.DEFAULT\Software\AVG Secure Search
Key Found : HKU\.DEFAULT\Software\IGearSettings
Key Found : HKU\.DEFAULT\Software\AppDataLow\Software\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509

***** [ Web browsers ] *****

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [6884 bytes] ##########

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Windows 7 Home Premium x86
Ran by Juliana Dayvolt (Administrator) on Mon 12/28/2015 at 21:44:03.93
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

File System: 4

Successfully deleted: C:\Windows\System32\Tasks\PCDEventLauncherTask (Task)
Successfully deleted: C:\Windows\prefetch\GOOGLETOOLBARINSTALLER_UPDATE-6FAB9FAE.pf (File)
Successfully deleted: C:\Windows\prefetch\GOOGLETOOLBARINSTALLER_UPDATE-71C4F46A.pf (File)
Successfully deleted: C:\Windows\prefetch\GOOGLETOOLBARINSTALLER_UPDATE-93353B13.pf (File)

 

Registry: 2

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value)

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 12/28/2015 at 21:45:01.28
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

 

C:\Documents and Settings\jdayvolt\Downloads\GuffinsSetup2.3.97.23.YJman000.exe a variant of Win32/Toolbar.MyWebSearch.R potentially unwanted application
C:\Documents and Settings\jdayvolt\Downloads\GuffinsSetup2.5.5.6.YJman000.exe a variant of Win32/Toolbar.MyWebSearch.R potentially unwanted application
C:\Program Files\Chimpoo_3a\bar\1.bin\3aauxstb.dll Win32/Toolbar.MyWebSearch.W potentially unwanted application
C:\Program Files\Chimpoo_3a\bar\1.bin\3abar.dll a variant of Win32/Toolbar.MyWebSearch.W potentially unwanted application
C:\Program Files\Chimpoo_3a\bar\1.bin\3abrstub.dll Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\Program Files\Chimpoo_3a\bar\1.bin\3adatact.dll a variant of Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\Program Files\Chimpoo_3a\bar\1.bin\3adlghk.dll a variant of Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\Program Files\Chimpoo_3a\bar\1.bin\3adyn.dll Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\Program Files\Chimpoo_3a\bar\1.bin\3afeedmg.dll Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\Program Files\Chimpoo_3a\bar\1.bin\3ahighin.exe Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\Program Files\Chimpoo_3a\bar\1.bin\3ahkstub.dll a variant of Win32/Toolbar.MyWebSearch.AM potentially unwanted application
C:\Program Files\Chimpoo_3a\bar\1.bin\3ahtml.dll a variant of Win32/Toolbar.MyWebSearch.F potentially unwanted application
C:\Program Files\Chimpoo_3a\bar\1.bin\3ahtmlmu.dll a variant of Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\Program Files\Chimpoo_3a\bar\1.bin\3ahttpct.dll Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\Program Files\Chimpoo_3a\bar\1.bin\3aidle.dll Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\Program Files\Chimpoo_3a\bar\1.bin\3aieovr.dll a variant of Win32/Toolbar.MyWebSearch.P potentially unwanted application
C:\Program Files\Chimpoo_3a\bar\1.bin\3aimpipe.exe Win32/Toolbar.MyWebSearch.W potentially unwanted application
C:\Program Files\Chimpoo_3a\bar\1.bin\3amedint.exe Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\Program Files\Chimpoo_3a\bar\1.bin\3amlbtn.dll Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\Program Files\Chimpoo_3a\bar\1.bin\3amsg.dll Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\Program Files\Chimpoo_3a\bar\1.bin\3aPlugin.dll a variant of Win32/Toolbar.MyWebSearch potentially unwanted application
C:\Program Files\Chimpoo_3a\bar\1.bin\3aradio.dll Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\Program Files\Chimpoo_3a\bar\1.bin\3aregfft.dll Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\Program Files\Chimpoo_3a\bar\1.bin\3areghk.dll a variant of Win32/Toolbar.MyWebSearch.W potentially unwanted application
C:\Program Files\Chimpoo_3a\bar\1.bin\3aregiet.dll Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\Program Files\Chimpoo_3a\bar\1.bin\3ascript.dll Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\Program Files\Chimpoo_3a\bar\1.bin\3askin.dll a variant of Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\Program Files\Chimpoo_3a\bar\1.bin\3askplay.exe Win32/Toolbar.MyWebSearch.W potentially unwanted application
C:\Program Files\Chimpoo_3a\bar\1.bin\3aSrcAs.dll a variant of Win32/Toolbar.MyWebSearch.AC potentially unwanted application
C:\Program Files\Chimpoo_3a\bar\1.bin\3atpinst.dll a variant of Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\Program Files\Chimpoo_3a\bar\1.bin\3auabtn.dll Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\Program Files\Windows Live\Messenger\msimg32.dll Win32/Toolbar.MyWebSearch potentially unwanted application
C:\Program Files\Windows Live\Messenger\riched20.dll Win32/Toolbar.MyWebSearch potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\GuffinsEI\Installr\1.bin\NPu4EISb.dll.vir Win32/Toolbar.MyWebSearch potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\GuffinsEI\Installr\1.bin\u4EIPlug.dll.vir Win32/Toolbar.MyWebSearch potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\GuffinsEI\Installr\1.bin\u4EZSETP.dll.vir Win32/Toolbar.MyWebSearch potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL.vir Win32/Toolbar.MyWebSearch potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL.vir Win32/FunWeb potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL.vir Win32/FunWeb potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3HKSTUB.DLL.vir Win32/Toolbar.MyWebSearch.G potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL.vir Win32/Toolbar.MyWebSearch.B potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL.vir Win32/Toolbar.MyWebSearch potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3IMSTUB.DLL.vir Win32/Toolbar.MyWebSearch potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL.vir Win32/FunWeb potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR.vir Win32/Toolbar.MyWebSearch potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3REGHK.DLL.vir Win32/Toolbar.MyWebSearch.G potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL.vir Win32/Toolbar.MyWebSearch.D potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL.vir Win32/Toolbar.MyWebSearch potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE.vir Win32/FunWeb potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL.vir Win32/Toolbar.MyWebSearch.P potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL.vir Win32/FunWeb potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3AUXSTB.DLL.vir Win32/Toolbar.MyWebSearch.H potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3DLGHK.DLL.vir Win32/Toolbar.MyWebSearch.I potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3HIGHIN.EXE.vir a variant of Win32/Toolbar.MyWebSearch.AN potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL.vir Win32/Toolbar.MyWebSearch.F potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL.vir Win32/Toolbar.MyWebSearch.P potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3IEOVR.DLL.vir Win32/Toolbar.MyWebSearch.P potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE.vir Win32/Toolbar.MyWebSearch potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3MEDINT.EXE.vir Win32/Toolbar.MyWebSearch.AN potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3MSG.DLL.vir Win32/Toolbar.MyWebSearch potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL.vir Win32/Toolbar.MyWebSearch.J potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL.vir a variant of Win32/Toolbar.MyWebSearch potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL.vir Win32/Toolbar.MyWebSearch.P potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE.vir Win32/Toolbar.MyWebSearch potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE.vir Win32/Toolbar.MyWebSearch.J potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE.vir Win32/Toolbar.MyWebSearch.I potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3TPINST.DLL.vir Win32/Toolbar.MyWebSearch.I potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL.vir a variant of Win32/Toolbar.MyWebSearch.W potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSMLBTN.DLL.vir Win32/Toolbar.MyWebSearch potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE.vir Win32/Toolbar.MyWebSearch potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL.vir Win32/Toolbar.MyWebSearch.J potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL.vir Win32/Toolbar.MyWebSearch potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL.vir Win32/Toolbar.MyWebSearch potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE.vir Win32/Toolbar.MyWebSearch potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSUABTN.DLL.vir Win32/Toolbar.MyWebSearch potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL.vir Win32/Toolbar.MyWebSearch potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\Searchqu Toolbar\Datamngr\BrowserConnection.dll.vir Win32/Toolbar.SearchSuite potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\Searchqu Toolbar\Datamngr\DnsBHO.dll.vir Win32/Toolbar.SearchSuite potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\Searchqu Toolbar\Datamngr\IEBHO.dll.vir Win32/Toolbar.SearchSuite potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe.vir a variant of Win32/Toolbar.Visicom.C potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\TotalRecipeSearch_14\bar\1.bin\14auxstb.dll.vir Win32/Toolbar.MyWebSearch.W potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\TotalRecipeSearch_14\bar\1.bin\14bar.dll.vir Win32/Toolbar.MyWebSearch.W potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\TotalRecipeSearch_14\bar\1.bin\14barsvc.exe.vir Win32/Toolbar.MyWebSearch.X potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\TotalRecipeSearch_14\bar\1.bin\14brmon.exe.vir Win32/Toolbar.MyWebSearch.W potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\TotalRecipeSearch_14\bar\1.bin\14brstub.dll.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\TotalRecipeSearch_14\bar\1.bin\14datact.dll.vir a variant of Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\TotalRecipeSearch_14\bar\1.bin\14dlghk.dll.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\TotalRecipeSearch_14\bar\1.bin\14dyn.dll.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\TotalRecipeSearch_14\bar\1.bin\14feedmg.dll.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\TotalRecipeSearch_14\bar\1.bin\14highin.exe.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\TotalRecipeSearch_14\bar\1.bin\14hkstub.dll.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\TotalRecipeSearch_14\bar\1.bin\14htmlmu.dll.vir a variant of Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\TotalRecipeSearch_14\bar\1.bin\14httpct.dll.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\TotalRecipeSearch_14\bar\1.bin\14idle.dll.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\TotalRecipeSearch_14\bar\1.bin\14ieovr.dll.vir a variant of Win32/Toolbar.MyWebSearch.P potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\TotalRecipeSearch_14\bar\1.bin\14impipe.exe.vir Win32/Toolbar.MyWebSearch.W potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\TotalRecipeSearch_14\bar\1.bin\14medint.exe.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\TotalRecipeSearch_14\bar\1.bin\14mlbtn.dll.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\TotalRecipeSearch_14\bar\1.bin\14msg.dll.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\TotalRecipeSearch_14\bar\1.bin\14Plugin.dll.vir a variant of Win32/Toolbar.MyWebSearch potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\TotalRecipeSearch_14\bar\1.bin\14radio.dll.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\TotalRecipeSearch_14\bar\1.bin\14regfft.dll.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\TotalRecipeSearch_14\bar\1.bin\14reghk.dll.vir a variant of Win32/Toolbar.MyWebSearch.W potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\TotalRecipeSearch_14\bar\1.bin\14regiet.dll.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\TotalRecipeSearch_14\bar\1.bin\14script.dll.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\TotalRecipeSearch_14\bar\1.bin\14skin.dll.vir a variant of Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\TotalRecipeSearch_14\bar\1.bin\14sknlcr.dll.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\TotalRecipeSearch_14\bar\1.bin\14skplay.exe.vir Win32/Toolbar.MyWebSearch.W potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\TotalRecipeSearch_14\bar\1.bin\14SrcAs.dll.vir a variant of Win32/Toolbar.MyWebSearch.AC potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\TotalRecipeSearch_14\bar\1.bin\14SrchMn.exe.vir a variant of Win32/Toolbar.MyWebSearch.W potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\TotalRecipeSearch_14\bar\1.bin\14tpinst.dll.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\TotalRecipeSearch_14\bar\1.bin\14uabtn.dll.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\TotalRecipeSearch_14\bar\1.bin\CREXT.DLL.vir a variant of Win32/Toolbar.MyWebSearch.W potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\TotalRecipeSearch_14\bar\1.bin\CrExtP14.exe.vir a variant of Win32/Toolbar.MyWebSearch.W potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\TotalRecipeSearch_14\bar\1.bin\T8EXTEX.DLL.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\TotalRecipeSearch_14\bar\1.bin\T8EXTPEX.DLL.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\TotalRecipeSearch_14\bar\1.bin\T8HTML.DLL.vir a variant of Win32/Toolbar.MyWebSearch.F potentially unwanted application
C:\Qoobox\Quarantine\C\Program Files\TotalRecipeSearch_14\bar\1.bin\T8TICKER.DLL.vir a variant of Win32/Toolbar.MyWebSearch.AC potentially unwanted application
C:\Qoobox\Quarantine\C\Windows\System32\f3PSSavr.scr.vir Win32/Toolbar.MyWebSearch potentially unwanted application
C:\Users\jdayvolt\Downloads\GuffinsSetup2.3.97.23.YJman000.exe a variant of Win32/Toolbar.MyWebSearch.R potentially unwanted application
C:\Users\jdayvolt\Downloads\GuffinsSetup2.5.5.6.YJman000.exe a variant of Win32/Toolbar.MyWebSearch.R potentially unwanted application
 



#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:17 PM

Posted 28 December 2015 - 10:15 PM

Remove what ADWcleaner found.

How recently did you run ComboFix?


Double click on AdwCleaner.exe to run the tool again. Vista/Windows 7/8 users right-click and select Run As Administrator[/i]
  • The tool will start to update the database, please wait a bit.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
  • <-insert any special instructions here for what to uncheck OR remove this line if there are none->
  • This time click on the Cleaning button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[C#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 dayvolt

dayvolt
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:03:17 PM

Posted 28 December 2015 - 10:21 PM

I don't think thatComboFix was run on this computer. I downloaded it on this computer to transfer it to a computer that had the ZeroAccess Rootkit



#9 dayvolt

dayvolt
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:03:17 PM

Posted 28 December 2015 - 10:27 PM

# AdwCleaner v5.026 - Logfile created 28/12/2015 at 22:40:59
# Updated 21/12/2015 by Xplode
# Database : 2015-12-23.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x86)
# Username : Juliana Dayvolt - JDAYVOLT-PC
# Running from : C:\Users\Juliana Dayvolt\Desktop\AdwCleaner.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

***** [ Files ] *****

***** [ DLLs ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03f3147c-cea6-4aae-b0ae-8d8abe7a8080}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0384459A-9D5E-4AE1-B154-8EAC39721C97}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0CE10DC6-DB5B-4255-BB4C-420C9B8D4F60}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23A73CDC-711C-4D7E-AECC-D9AECFA152AA}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D465563-7CA8-45EC-83F2-6F5C293762F3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{377DB814-EBF3-464B-8688-AAE2798E1999}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3B0C32DB-699F-4B5E-BE81-1E78693D50D9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{40FE5A09-64EC-411D-B743-7EA5EC3CBD60}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4874BC7B-0681-49E4-A9B8-631B218F90D2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4A80A60D-BDEF-4D70-BCCC-D0DAD25FF951}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4FFED4E7-CF5A-467C-965C-0E425314E0CF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{50DDA533-7F95-4141-98A4-5EC64E966126}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{559A5B93-63B3-4E1F-A720-78B227F9C3E6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6A01347F-FD7B-4EDF-871D-5143F104BFE6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6A6B3763-2264-4710-B165-26DB0B35920C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6D2D2DDF-CFF7-47A0-B4E9-F9043DF6C2C4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7906EEF8-33D6-442A-A07A-11A9A5701935}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81C8B625-F505-4E26-84F9-207AF4240B00}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{827F725B-5665-4A4B-807C-A60460066CED}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9359921F-1C6F-4E7F-8234-CD64087640BB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9A74121D-E910-4C66-8CBC-2A342BD03EB5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A828B2D7-0718-404B-AC94-A4EF0A3C9B88}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AE648A4E-AC70-47EF-9F19-E0030732B36D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0839327-0156-4D83-96C8-26255C502568}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B3952944-3DB1-4605-B9D0-4D84AB9B10A7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B4EF7D02-FD90-4B58-AC4A-0CD7847799D2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B519D22F-3AC7-4CBB-8623-DA3E6ED1C7A4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B5612128-4651-4197-84C3-F3711AD8C023}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B723E5AA-0F63-47DF-971C-AE8EA0F8393A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C76ED8C1-24E5-43A8-807F-448264610140}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D70D51A6-C90C-4BF4-9C91-DC0B943754DE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1C9AF72-FEDF-44E3-8BC1-B11AEF0433F9}
[!] Key Not Deleted : HKLM\SOFTWARE\Classes\Interface\{0384459a-9d5e-4ae1-b154-8eac39721c97}
[!] Key Not Deleted : HKLM\SOFTWARE\Classes\Interface\{4a80a60d-bdef-4d70-bccc-d0dad25ff951}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{06A16622-19D9-47E8-9FEC-6CA8CF275BD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{0B41B972-09C0-4406-B15C-0310E138F2F1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1695AEEE-5B43-4FBB-B1BC-9E5E6C30C495}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{249434B9-E5AF-4834-874F-D25D1593018B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{398035F8-0621-4534-AEF6-B5592A68F6D8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{529B4045-715C-46E7-BC81-81E3AAEC9060}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{829E44ED-CB4F-4CCC-990F-428FBD0B128A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0676B02-1367-4651-88C0-28DCC456365F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AF25082C-7883-4AC5-9D15-784F3CFC78DF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B7B60F9D-F1E4-4694-9A40-1538EA07A795}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BCF02409-9333-44E7-96E8-01890EA9D58E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CC748B11-E10D-4C87-9A24-93E429FDD1FD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EE201AE6-533C-4947-97EA-12627D4854A0}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FFED91AD-6369-48F5-B351-2A42D09CB27C}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0384459A-9D5E-4AE1-B154-8EAC39721C97}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4A80A60D-BDEF-4D70-BCCC-D0DAD25FF951}
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0384459a-9d5e-4ae1-b154-8eac39721c97}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{03f3147c-cea6-4aae-b0ae-8d8abe7a8080}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{36e778e5-f988-4689-a78c-03e38601ede7}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{435e56d9-92df-4d38-bdff-fe316064953c}
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4a80a60d-bdef-4d70-bccc-d0dad25ff951}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4acf5837-1634-4afc-a583-53405f15ee0b}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8cab2773-5453-4778-90d9-6672805b41ca}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a142b533-344a-426d-83cf-c9f6034de0a8}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{db082b40-5dde-4df1-8ee1-76a3e98966d1}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TotalRecipeSearch_14bar Uninstall
[-] Key Deleted : HKU\.DEFAULT\Software\AVG Secure Search
[-] Key Deleted : HKU\.DEFAULT\Software\IGearSettings
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\AVG Security Toolbar
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509

***** [ Web browsers ] *****

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [7412 bytes] ##########



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:17 PM

Posted 28 December 2015 - 10:30 PM

Hi. no problem, these are CF's quarantine files

C:\Qoobox\Quarantine

Run the rest and see how it is. I'll look back tomorrow.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 dayvolt

dayvolt
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:03:17 PM

Posted 28 December 2015 - 10:33 PM

Ah then that means my daughter attempted to fix the problem she created lol.



#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:17 PM

Posted 29 December 2015 - 06:49 PM

That's OK, run the last 2 scans,
You should tell her to be careful, CF is a very strong tool and may remove things you did not want to. Always post a XF log in the logs forum for review.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users