Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Browser keeps being redirected to different websites


  • This topic is locked This topic is locked
24 replies to this topic

#1 adaba

adaba

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:07:39 AM

Posted 26 February 2016 - 02:58 PM

Hello,

 

Many times when i click on a link using either internet explorer or mozilla firefox, i keep being redirected to different/random websites. Sometimes, i also get messages from the random websites that my system is infected and i should call the number listed on the page. So, i scanned my laptop with AVG free anti-virus software as well as with Windows Defender but the result indicates no threats/viruses were found. Can you please help?

 

Laptop

Windows 7 Home Premium Service Pack 1

Processor: Intel ® Pentium ® CPU B950

 



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,759 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:39 AM

Posted 26 February 2016 - 03:54 PM

Hi adaba, sounds like a hijacker. Please do these.

3Al62Pm.pngMiniToolBox
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
SXvL3ZF.pngTDSSKiller
  • Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
zcMPezJ.pngAdwCleaner
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
lv0mVRW.pngJunkware Removal Tool
  • Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
cvMlKv6.pngESET Online Scanner
  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 adaba

adaba
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:07:39 AM

Posted 26 February 2016 - 07:18 PM

Thank you for helping me.

MiniTool Box Result:

 

MiniToolBox by Farbar  Version: 07-02-2016 01
Ran by Kemi (administrator) on 26-02-2016 at 17:14:36
Running from "C:\Users\Kemi\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: NE56R Manufacturer: Gateway
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
========================= IP Configuration: ================================

Atheros AR5B125 Wireless Network Adapter = Wireless Network Connection (Connected)
Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Kemi-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : cg.shawcable.net

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : cg.shawcable.net
   Description . . . . . . . . . . . : Atheros AR5B125 Wireless Network Adapter
   Physical Address. . . . . . . . . : 74-E5-43-3C-2E-93
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::8546:7039:a91e:1c3d%12(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.197(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, February 26, 2016 1:31:53 PM
   Lease Expires . . . . . . . . . . : Friday, March 04, 2016 1:31:53 PM
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 309650755
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-6E-B5-84-B8-88-E3-45-97-F6
   DNS Servers . . . . . . . . . . . : 64.59.135.133
                                       64.59.128.120
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : Belkin
   Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
   Physical Address. . . . . . . . . : B8-88-E3-45-97-F6
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.cg.shawcable.net:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : cg.shawcable.net
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  nsc1.so.cg.shawcable.net
Address:  64.59.135.133

Name:    google.com
Addresses:  2607:f8b0:400a:800::200e
      216.58.193.78


Pinging google.com [216.58.193.78] with 32 bytes of data:
Reply from 216.58.193.78: bytes=32 time=44ms TTL=57
Reply from 216.58.193.78: bytes=32 time=49ms TTL=57

Ping statistics for 216.58.193.78:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 44ms, Maximum = 49ms, Average = 46ms
Server:  nsc1.so.cg.shawcable.net
Address:  64.59.135.133

Name:    yahoo.com
Addresses:  2001:4998:c:a06::2:4008
      2001:4998:58:c02::a9
      2001:4998:44:204::a7
      206.190.36.45
      98.139.183.24
      98.138.253.109


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=48ms TTL=54
Reply from 206.190.36.45: bytes=32 time=47ms TTL=54

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 47ms, Maximum = 48ms, Average = 47ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 12...74 e5 43 3c 2e 93 ......Atheros AR5B125 Wireless Network Adapter
 11...b8 88 e3 45 97 f6 ......Broadcom NetLink ™ Gigabit Ethernet
  1...........................Software Loopback Interface 1
 16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1    192.168.0.197     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link     192.168.0.197    281
    192.168.0.197  255.255.255.255         On-link     192.168.0.197    281
    192.168.0.255  255.255.255.255         On-link     192.168.0.197    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.0.197    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.0.197    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 12    281 fe80::/64                On-link
 12    281 fe80::8546:7039:a91e:1c3d/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/26/2016 01:32:35 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/26/2016 12:27:45 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/26/2016 12:20:57 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/26/2016 10:19:10 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (02/26/2016 09:35:21 AM) (Source: Application Hang) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.18205 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: f50

Start Time: 01d170b393448971

Termination Time: 47

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (02/26/2016 09:22:57 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/25/2016 03:29:56 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/25/2016 01:56:07 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (02/25/2016 12:54:53 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/24/2016 11:50:54 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (02/25/2016 12:54:51 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the SSIRuntimeService service to connect.

Error: (02/25/2016 12:11:02 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (02/25/2016 12:11:02 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (02/24/2016 03:32:05 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 252.

Error: (02/24/2016 03:32:03 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 252.

Error: (02/24/2016 03:32:01 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 252.

Error: (02/24/2016 03:32:01 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 252.

Error: (02/24/2016 03:31:57 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 252.

Error: (02/24/2016 03:31:57 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 252.

Error: (02/24/2016 11:00:38 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was received: 20.


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20059 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (HKLM-x32\...\WTA-247b3eaf-34f8-4b10-9ca5-4d415450f2ce) (Version: 2.2.0.98 - WildTangent) Hidden
Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.14.1.0 - Ask.com)
Ask Toolbar Updater (HKCU\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.0.20007 - Ask.com)
AVG (HKLM\...\{433577CF-7900-4559-9693-FA52A8487DBE}) (Version: 16.41.7442 - AVG Technologies) Hidden
AVG 2016 (HKLM\...\{D181BF91-057A-4889-BF0B-812D1BC2410C}) (Version: 16.0.4537 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.41.7442 - AVG Technologies)
AVG Security Toolbar (HKLM-x32\...\AVG Secure Search) (Version: 19.2.0.326 - AVG Technologies)
Backup Manager V3 (HKLM-x32\...\{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.100 - NTI Corporation) Hidden
Bejeweled 3 (HKLM-x32\...\WTA-2e968050-ba8f-45d0-8c72-6ea615617fc3) (Version: 2.2.0.98 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 15.0.7.2 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 15.0.7.1 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform)
Chronicles of Albian (HKLM-x32\...\WTA-0313212d-7895-46ac-95f7-0078935c4988) (Version: 2.2.0.95 - WildTangent) Hidden
Chuzzle Deluxe (HKLM-x32\...\WTA-09e3226c-d318-4ea3-b583-340e5ac8edee) (Version: 2.2.0.95 - WildTangent) Hidden
Citrix Online Launcher (HKLM-x32\...\{09DA5EE2-7E46-4DC4-96F9-BFEE50D40659}) (Version: 1.0.408 - Citrix)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.00.3006 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.00.3006 - Acer Incorporated)
clear.fi SDK - MVP 2 (HKLM-x32\...\{A3AD65CC-B2CE-49da-AE4E-CC2ECF4EC0F8}) (Version: 2.0.1702 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (HKLM-x32\...\{DAF7BB88-6392-40aa-A714-8392C4BDBD2C}) (Version: 2.0.1707 - CyberLink Corp.) Hidden
Cradle of Rome 2 (HKLM-x32\...\WTA-17afbc5c-1f49-4c9e-8dce-c493e39071ae) (Version: 2.2.0.98 - WildTangent) Hidden
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1720_38230 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dora's World Adventure (HKLM-x32\...\WTA-0fac930b-6d45-4743-84ba-388a0304eda1) (Version: 2.2.0.95 - WildTangent) Hidden
eBay Worldwide (HKLM-x32\...\{D3E5A972-9A15-427D-AE78-8181A5FD943C}) (Version: 2.2.0409 - OEM)
ETDWare PS/2-X64 10.6.9.9_WHQL (HKLM\...\Elantech) (Version: 10.6.9.9 - ELAN Microelectronic Corp.)
Evernote v. 4.5.2 (HKLM-x32\...\{F77EF646-19EB-11E1-9A9E-984BE15F174E}) (Version: 4.5.2.5866 - Evernote Corp.)
FATE (HKLM-x32\...\WTA-595bc069-a9c2-4be1-8941-fc83c619568f) (Version: 2.2.0.97 - WildTangent) Hidden
FileZilla Client 3.9.0.6 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse)
Final Drive: Nitro (HKLM-x32\...\WTA-0433ca3d-4c4a-4979-ac23-1f97f0b23754) (Version: 2.2.0.95 - WildTangent) Hidden
FMW 1 (HKLM\...\{0AB3CCB3-5C0B-4C65-9FA4-CFEF6283F7F1}) (Version: 1.62.2 - AVG Technologies) Hidden
Fooz Kids (HKLM-x32\...\{5C1C996E-9CC9-ACD8-B688-03FEED4E4767}) (Version: 3.1.2 - FUHU, Inc.) Hidden
Fooz Kids (HKLM-x32\...\FoozKids) (Version: 3.1.2 - FUHU, Inc.)
Fooz Kids Platform (HKLM-x32\...\{8D68CE08-9A14-4B7B-9857-3C646A2F34C7}) (Version: 2.1 - FUHU, Inc.)
Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Gateway Games (HKLM-x32\...\WildTangent gateway Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Gateway MyBackup (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.100 - NTI Corporation)
Gateway Power Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3010 - Gateway Incorporated)
Gateway Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3508 - Gateway Incorporated)
Gateway Registration (HKLM-x32\...\Gateway Registration) (Version: 1.04.3506 - Gateway Incorporated)
Gateway ScreenSaver (HKLM-x32\...\Gateway Screensaver) (Version: 1.1.0915.2011 - Gateway Incorporated)
Gateway Social Networks (HKLM-x32\...\{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 3.0.3106 - CyberLink Corp.) Hidden
Gateway Social Networks (HKLM-x32\...\InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 3.0.3106 - CyberLink Corp.)
Gateway Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3501 - Gateway Incorporated)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Drive (HKLM-x32\...\{EF61675D-9BBC-4EC7-B906-F13BE8D3BD20}) (Version: 1.27.1227.2094 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.29.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GoToMeeting 7.12.0.4431 (HKCU\...\GoToMeeting) (Version: 7.12.0.4431 - CitrixOnline)
Governor of Poker 2 Premium Edition (HKLM-x32\...\WTA-80463f7f-2a0a-4306-a53c-6db5cb490829) (Version: 2.2.0.95 - WildTangent) Hidden
HP Deskjet 3510 series Basic Device Software (HKLM\...\{7F20F2D1-C425-4432-96BA-EBD0C2181493}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3510 series Help (HKLM-x32\...\{97C1C98D-6AE5-4C71-9B00-EBBD9E014450}) (Version: 28.0.0 - Hewlett Packard)
HP Deskjet 3510 series Product Improvement Study (HKLM\...\{791D3241-C6A4-417F-82E6-00543B6E5012}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Support Solutions Framework (HKLM-x32\...\{F6A11738-3EE4-4573-AEA5-6CD5D491C167}) (Version: 12.0.30.219 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Gateway Incorporated)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2712 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Java™ 6 Update 24 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216024FF}) (Version: 6.0.240 - Oracle)
Jewel Match 3 (HKLM-x32\...\WTA-0cf5e62f-4796-4da3-a9b0-f71073b81118) (Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (HKLM-x32\...\WTA-93c7f4a9-7cdb-4907-967e-4dfbc49b565d) (Version: 2.2.0.98 - WildTangent) Hidden
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.15 - Gateway)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Access database engine 2010 (English) (HKLM-x32\...\{90140000-00D1-0409-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Visio 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}) (Version:  - Microsoft)
Microsoft Office Visio Professional 2007 (HKLM-x32\...\VISPRO) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Project Professional 2010 (HKLM-x32\...\Office14.PRJPRO) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 44.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 en-US)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.4.10500.1.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.6.10700.5.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}) (Version: 10.6.10300 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.6.10600.4.100 - Nero AG)
NOOK for PC (HKLM-x32\...\BN_DesktopReader) (Version: 2.5.6.9575 - Barnesandnoble.com)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
Penguins! (HKLM-x32\...\WTA-62a9e65b-b2e9-4315-92b6-3332d83bd0ec) (Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-3d1af6a4-348d-4669-877e-db6321214fa8) (Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (HKLM-x32\...\WTA-71fdc7a9-9ea1-4b19-8125-2f429a77a919) (Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (HKLM-x32\...\WTA-a710428e-72a6-44a5-a2fb-0ab098845b25) (Version: 2.2.0.98 - WildTangent) Hidden
Qualcomm Atheros Direct Connect (HKLM-x32\...\{21DD6041-7251-40FA-9D06-C5EB30268E0F}) (Version: 3.0 - Qualcomm Atheros) Hidden
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 3.0 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6543 - Realtek Semiconductor Corp.)
SAS 9.3 (HKLM-x32\...\{bcd538f9-31bf-4730-920a-066a6f7fb10d}) (Version:  - SAS)
SDC Platinum V 4.0.3.2 (HKLM-x32\...\{20ED3332-7393-4DC7-BB19-F4C268FDCCF0}) (Version: 1.0.0 - Thomson Reuters)
Securexam (HKLM-x32\...\{7565DB20-95F3-4D61-933E-D9FE954CA367}) (Version: 7.9.0.0 - Software Secure, Inc) Hidden
Securexam (HKLM-x32\...\Securexam) (Version: 7.9.0.0 - Software Secure, Inc)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPRO_{58FA40EF-ABA9-4FED-AD3D-318A6073934D}) (Version:  - Microsoft)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.14 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.14.106 - Skype Technologies S.A.)
Torchlight (HKLM-x32\...\WTA-1f7ef7a0-d5c1-42e3-bf00-0172043741a4) (Version: 2.2.0.98 - WildTangent) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
Video Web Camera (HKLM-x32\...\{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2108.00 - CyberLink Corp.) Hidden
Video Web Camera (HKLM-x32\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2108.00 - CyberLink Corp.)
Virtual Villagers 5 - New Believers (HKLM-x32\...\WTA-0d8376d9-c008-4e13-a5f8-dd050f732f84) (Version: 2.2.0.97 - WildTangent) Hidden
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Web Update Wizard (Redistributable) 4.0 (HKLM-x32\...\Web Update Wizard (Redistributable)) (Version: 4.0 - PowerProgrammer)
Welcome Center (HKLM-x32\...\Gateway Welcome Center) (Version: 1.02.3507 - Gateway Incorporated)
WildTangent Games App (Gateway Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-gateway) (Version: 4.0.5.32 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Zuma's Revenge (HKLM-x32\...\WTA-e1d2cc88-cfbe-4b4c-bcfb-14a21a471552) (Version: 2.2.0.98 - WildTangent) Hidden

========================= Memory info: ===================================

Percentage of memory in use: 44%
Total physical RAM: 3932.36 MB
Available physical RAM: 2196.79 MB
Total Virtual: 7862.93 MB
Available Virtual: 5395.57 MB

========================= Partitions: =====================================

1 Drive c: (Gateway) (Fixed) (Total:447.66 GB) (Free:362.91 GB) NTFS

========================= Users: ========================================

User accounts for \\KEMI-PC

Administrator            Guest                    Kemi                     


**** End of log ****
 



#4 adaba

adaba
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:07:39 AM

Posted 26 February 2016 - 07:24 PM

TDSS Killer Report:

17:21:21.0669 0x18f0  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
17:21:37.0409 0x18f0  ============================================================
17:21:37.0409 0x18f0  Current date / time: 2016/02/26 17:21:37.0409
17:21:37.0409 0x18f0  SystemInfo:
17:21:37.0409 0x18f0  
17:21:37.0409 0x18f0  OS Version: 6.1.7601 ServicePack: 1.0
17:21:37.0409 0x18f0  Product type: Workstation
17:21:37.0409 0x18f0  ComputerName: KEMI-PC
17:21:37.0409 0x18f0  UserName: Kemi
17:21:37.0409 0x18f0  Windows directory: C:\Windows
17:21:37.0409 0x18f0  System windows directory: C:\Windows
17:21:37.0409 0x18f0  Running under WOW64
17:21:37.0409 0x18f0  Processor architecture: Intel x64
17:21:37.0409 0x18f0  Number of processors: 2
17:21:37.0409 0x18f0  Page size: 0x1000
17:21:37.0409 0x18f0  Boot type: Normal boot
17:21:37.0409 0x18f0  ============================================================
17:21:38.0626 0x18f0  KLMD registered as C:\Windows\system32\drivers\91357820.sys
17:21:39.0624 0x18f0  System UUID: {A62F26AD-7775-A092-1447-C3C85A4AEBD8}
17:21:41.0028 0x18f0  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:21:41.0028 0x18f0  ============================================================
17:21:41.0028 0x18f0  \Device\Harddisk0\DR0:
17:21:41.0028 0x18f0  MBR partitions:
17:21:41.0028 0x18f0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2400800, BlocksNum 0x32000
17:21:41.0028 0x18f0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2432800, BlocksNum 0x37F53000
17:21:41.0028 0x18f0  ============================================================
17:21:41.0059 0x18f0  C: <-> \Device\Harddisk0\DR0\Partition2
17:21:41.0059 0x18f0  ============================================================
17:21:41.0059 0x18f0  Initialize success
17:21:41.0059 0x18f0  ============================================================
17:21:49.0374 0x0f78  ============================================================
17:21:49.0374 0x0f78  Scan started
17:21:49.0374 0x0f78  Mode: Manual;
17:21:49.0374 0x0f78  ============================================================
17:21:49.0374 0x0f78  KSN ping started
17:21:49.0905 0x0f78  KSN ping finished: true
17:21:52.0167 0x0f78  ================ Scan system memory ========================
17:21:52.0167 0x0f78  System memory - ok
17:21:52.0167 0x0f78  ================ Scan services =============================
17:21:52.0354 0x0f78  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
17:21:52.0369 0x0f78  1394ohci - ok
17:21:52.0401 0x0f78  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
17:21:52.0416 0x0f78  ACPI - ok
17:21:52.0447 0x0f78  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
17:21:52.0447 0x0f78  AcpiPmi - ok
17:21:52.0541 0x0f78  [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:21:52.0557 0x0f78  AdobeARMservice - ok
17:21:52.0697 0x0f78  [ 785FD0E36CA75D90DD50042E2594BC63, 471A5ED43A3E18A5A69C28F7F351558E90F20416D9C532ADF50888808090AE89 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:21:52.0713 0x0f78  AdobeFlashPlayerUpdateSvc - ok
17:21:52.0759 0x0f78  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
17:21:52.0791 0x0f78  adp94xx - ok
17:21:52.0837 0x0f78  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
17:21:52.0869 0x0f78  adpahci - ok
17:21:52.0884 0x0f78  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
17:21:52.0900 0x0f78  adpu320 - ok
17:21:52.0931 0x0f78  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
17:21:52.0931 0x0f78  AeLookupSvc - ok
17:21:52.0993 0x0f78  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
17:21:53.0025 0x0f78  AFD - ok
17:21:53.0056 0x0f78  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
17:21:53.0056 0x0f78  agp440 - ok
17:21:53.0087 0x0f78  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
17:21:53.0087 0x0f78  ALG - ok
17:21:53.0134 0x0f78  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
17:21:53.0134 0x0f78  aliide - ok
17:21:53.0149 0x0f78  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
17:21:53.0149 0x0f78  amdide - ok
17:21:53.0196 0x0f78  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
17:21:53.0196 0x0f78  AmdK8 - ok
17:21:53.0212 0x0f78  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
17:21:53.0212 0x0f78  AmdPPM - ok
17:21:53.0243 0x0f78  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
17:21:53.0243 0x0f78  amdsata - ok
17:21:53.0274 0x0f78  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
17:21:53.0274 0x0f78  amdsbs - ok
17:21:53.0290 0x0f78  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
17:21:53.0290 0x0f78  amdxata - ok
17:21:53.0352 0x0f78  [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID           C:\Windows\system32\drivers\appid.sys
17:21:53.0352 0x0f78  AppID - ok
17:21:53.0368 0x0f78  [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
17:21:53.0368 0x0f78  AppIDSvc - ok
17:21:53.0415 0x0f78  [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo         C:\Windows\System32\appinfo.dll
17:21:53.0415 0x0f78  Appinfo - ok
17:21:53.0446 0x0f78  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
17:21:53.0446 0x0f78  arc - ok
17:21:53.0446 0x0f78  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
17:21:53.0461 0x0f78  arcsas - ok
17:21:53.0571 0x0f78  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:21:53.0571 0x0f78  aspnet_state - ok
17:21:53.0617 0x0f78  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:21:53.0617 0x0f78  AsyncMac - ok
17:21:53.0649 0x0f78  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
17:21:53.0649 0x0f78  atapi - ok
17:21:53.0789 0x0f78  [ 881AF14AD2F1207672873B65ACA6C92F, F91FECE09F1555DFADF8BF1FFE09FE7FD7D87A0BF94439B2FAA070FC7C0CB8EC ] athr            C:\Windows\system32\DRIVERS\athrx.sys
17:21:53.0898 0x0f78  athr - ok
17:21:54.0007 0x0f78  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:21:54.0054 0x0f78  AudioEndpointBuilder - ok
17:21:54.0085 0x0f78  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
17:21:54.0101 0x0f78  AudioSrv - ok
17:21:54.0241 0x0f78  [ 81C21AF75F091AD85820FD136859E108, 2CE2E55EF63BFDA0EBE32D1B5D314261EF40AAF440DFEF7273A29B23E140FDFB ] AvgAMPS         C:\Program Files (x86)\AVG\Av\avgamps.exe
17:21:54.0273 0x0f78  AvgAMPS - ok
17:21:54.0335 0x0f78  [ FF641C4AD6F27902A7D3CA57BEAA8E80, D5CC8F8BFAE3FFAF9E6FB8130337BACCCC2DB9AE04C8D01A3B7F9037EE3A0ED2 ] Avgdiska        C:\Windows\system32\DRIVERS\avgdiska.sys
17:21:54.0335 0x0f78  Avgdiska - ok
17:21:54.0507 0x0f78  [ 74E35B0D8C51BD262A218E46CB4CA18C, 4163370A59DD95331D728F9998A4B17590D2A4E2A362FCFA2A86EB32A94B49B0 ] AVGIDSAgent     C:\Program Files (x86)\AVG\Av\avgidsagent.exe
17:21:54.0663 0x0f78  AVGIDSAgent - ok
17:21:54.0709 0x0f78  [ 3EE2255BF7CDE034EF3D2977862B01B6, B156EB6952F0FFF4F73FC2B5C39E57BC0F0DD70AAC96D01FF53EBAE306C2DF44 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
17:21:54.0725 0x0f78  AVGIDSDriver - ok
17:21:54.0741 0x0f78  [ 9208FEECE7B265529FDF4DAC7F7A1C7C, 048481D12D652267B66791C238AF47CA4941BD5C5F84BD5F9B6A54C7037B6707 ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
17:21:54.0756 0x0f78  AVGIDSHA - ok
17:21:54.0787 0x0f78  [ D2E83AA008426FC9408272035E50D40B, 6F3B3385C5E1BDBF29343737C5A72A3C8B671016BC805EC51B4C0728807726E3 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
17:21:54.0803 0x0f78  Avgldx64 - ok
17:21:54.0865 0x0f78  [ 6BB3E78DE490503540DD93B9A733794D, 18832B066A10EF2CF0A02F0B834B91771DD95CC3FAB24CBACB7B60E46D280B25 ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
17:21:54.0881 0x0f78  Avgloga - ok
17:21:54.0943 0x0f78  [ 19397C0AE6483195D4CF939C7F82A6AF, 0DA3913B72AFB3A50D3B0E0ED5C3D72E62FA8D2BCBB6F56A629E09DC0CB687EE ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
17:21:54.0943 0x0f78  Avgmfx64 - ok
17:21:54.0975 0x0f78  [ 392339315A0738429B3C9E92A0F8F995, 3B101C2316DE151D39D88B33B382451C5C05C13FA5A52C4B00C5B7853931680A ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
17:21:54.0975 0x0f78  Avgrkx64 - ok
17:21:55.0099 0x0f78  [ 04D3CB2E6E66B36B1BACC186E8C2AC2B, E2B235CA49ADD10737A5067654D02543364630715B73BDBB265E82653239B369 ] avgsvc          C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
17:21:55.0146 0x0f78  avgsvc - ok
17:21:55.0224 0x0f78  [ E78505E4A45999570F380EAA87571239, B1A22691ABCA55C68EBCF7C68E34028735B48BB6BDBEED02DA37E03752A7328A ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
17:21:55.0255 0x0f78  Avgtdia - ok
17:21:55.0287 0x0f78  [ EADED7133726FEEC05C3A7CF0F661590, 2B8A912B77E3A78D44BA0689BDB75DF7838AC18EF153191229019C4DAED93B7B ] Avguniva        C:\Windows\system32\DRIVERS\avguniva.sys
17:21:55.0302 0x0f78  Avguniva - ok
17:21:55.0365 0x0f78  [ 9415920AC2CE53ADC156F011FC7FC00C, 971B41593ED83C05D0D83D5B04AD5615D4CDE08CC5FDDF9F751C66D9722AE5CB ] avgwd           C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
17:21:55.0396 0x0f78  avgwd - ok
17:21:55.0443 0x0f78  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
17:21:55.0443 0x0f78  AxInstSV - ok
17:21:55.0489 0x0f78  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
17:21:55.0521 0x0f78  b06bdrv - ok
17:21:55.0567 0x0f78  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
17:21:55.0583 0x0f78  b57nd60a - ok
17:21:55.0630 0x0f78  [ F9EB252CD589EBB2F77744450F123F60, 04558A7D5447143BFA9B0C958DCFFCF8267510A14D2F77CAAD18744DC526E392 ] b57xdbd         C:\Windows\system32\DRIVERS\b57xdbd.sys
17:21:55.0630 0x0f78  b57xdbd - ok
17:21:55.0645 0x0f78  [ FFA28D0356212A2DCF304C58E2369494, B8051A5A2C9FD41D71E625A84B8EA570239DD4DA7EB51618104B4FA998024A94 ] b57xdmp         C:\Windows\system32\DRIVERS\b57xdmp.sys
17:21:55.0645 0x0f78  b57xdmp - ok
17:21:55.0739 0x0f78  [ 5F685973740F289BE3C809952DB8408B, 4C0A0C06BB2B6B1879A860B0D68289A55F80CF74947FCCE7815F1D8121232F62 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe
17:21:55.0755 0x0f78  BBSvc - ok
17:21:55.0786 0x0f78  [ 76F78018F45E7F92164CEA5020176933, 76E1CA6E198417F3749864721C43913189A7EA07B5ED320DE543B2037CEA3D65 ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe
17:21:55.0801 0x0f78  BBUpdate - ok
17:21:55.0833 0x0f78  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
17:21:55.0848 0x0f78  BDESVC - ok
17:21:55.0864 0x0f78  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:21:55.0879 0x0f78  Beep - ok
17:21:55.0926 0x0f78  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
17:21:55.0973 0x0f78  BFE - ok
17:21:56.0020 0x0f78  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
17:21:56.0082 0x0f78  BITS - ok
17:21:56.0098 0x0f78  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
17:21:56.0098 0x0f78  blbdrive - ok
17:21:56.0145 0x0f78  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:21:56.0145 0x0f78  bowser - ok
17:21:56.0160 0x0f78  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
17:21:56.0160 0x0f78  BrFiltLo - ok
17:21:56.0176 0x0f78  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
17:21:56.0176 0x0f78  BrFiltUp - ok
17:21:56.0207 0x0f78  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
17:21:56.0207 0x0f78  Browser - ok
17:21:56.0238 0x0f78  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
17:21:56.0254 0x0f78  Brserid - ok
17:21:56.0254 0x0f78  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
17:21:56.0269 0x0f78  BrSerWdm - ok
17:21:56.0285 0x0f78  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
17:21:56.0285 0x0f78  BrUsbMdm - ok
17:21:56.0301 0x0f78  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
17:21:56.0301 0x0f78  BrUsbSer - ok
17:21:56.0332 0x0f78  [ 45218A053209DA867A9B334CCAD0AD01, 87709FD719A7BBBC609C9AD805142B5708CCD482F9B8BBD84282C9C4D3332011 ] bScsiMSa        C:\Windows\system32\DRIVERS\bScsiMSa.sys
17:21:56.0347 0x0f78  bScsiMSa - ok
17:21:56.0379 0x0f78  [ 280E8031E1703CAFF17C7727B74817A5, FF4023AEBC7CFBFDA66E11EA84DDAA98661E316FFDCDF37D1D7A487ED77ACBF2 ] bScsiSDa        C:\Windows\system32\DRIVERS\bScsiSDa.sys
17:21:56.0379 0x0f78  bScsiSDa - ok
17:21:56.0394 0x0f78  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
17:21:56.0394 0x0f78  BTHMODEM - ok
17:21:56.0441 0x0f78  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
17:21:56.0441 0x0f78  bthserv - ok
17:21:56.0597 0x0f78  [ 52AE2CDD37AB735FBDA52263EFD524AA, 844103913E6079CC1C49B05FFB1CDC9A68692A8EE5A05C9C28FD272DFE534913 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
17:21:56.0675 0x0f78  c2cautoupdatesvc - ok
17:21:56.0769 0x0f78  [ C35B91B6777E7C6DB67B8583D2AA66A7, CE3A004B560EB750442150FEEFEE074A11A17E66B3F2A489E8EF1DBCF8FE8390 ] c2cpnrsvc       C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
17:21:56.0862 0x0f78  c2cpnrsvc - ok
17:21:56.0909 0x0f78  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:21:56.0909 0x0f78  cdfs - ok
17:21:56.0940 0x0f78  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
17:21:56.0940 0x0f78  cdrom - ok
17:21:57.0003 0x0f78  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
17:21:57.0003 0x0f78  CertPropSvc - ok
17:21:57.0034 0x0f78  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
17:21:57.0049 0x0f78  circlass - ok
17:21:57.0081 0x0f78  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
17:21:57.0096 0x0f78  CLFS - ok
17:21:57.0174 0x0f78  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:21:57.0190 0x0f78  clr_optimization_v2.0.50727_32 - ok
17:21:57.0221 0x0f78  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:21:57.0237 0x0f78  clr_optimization_v2.0.50727_64 - ok
17:21:57.0283 0x0f78  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:21:57.0377 0x0f78  clr_optimization_v4.0.30319_32 - ok
17:21:57.0408 0x0f78  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:21:57.0502 0x0f78  clr_optimization_v4.0.30319_64 - ok
17:21:57.0533 0x0f78  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
17:21:57.0549 0x0f78  CmBatt - ok
17:21:57.0564 0x0f78  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
17:21:57.0564 0x0f78  cmdide - ok
17:21:57.0627 0x0f78  [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG             C:\Windows\system32\Drivers\cng.sys
17:21:57.0658 0x0f78  CNG - ok
17:21:57.0689 0x0f78  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
17:21:57.0689 0x0f78  Compbatt - ok
17:21:57.0720 0x0f78  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
17:21:57.0720 0x0f78  CompositeBus - ok
17:21:57.0720 0x0f78  COMSysApp - ok
17:21:57.0814 0x0f78  [ 2EF1B96EF990B70F13D260F324E4AFA8, F9B8DA895C307B3AB61C982A46436E0DB9F1E360279C759B3D672756D021975C ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
17:21:57.0829 0x0f78  cphs - ok
17:21:57.0861 0x0f78  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
17:21:57.0861 0x0f78  crcdisk - ok
17:21:57.0907 0x0f78  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:21:57.0923 0x0f78  CryptSvc - ok
17:21:58.0001 0x0f78  [ ED914342CCE2C3D5A7CEC79FC2FA2C0F, 84635F94449645888ED07BD17B9013397B96CA97E1E472BD9912AC847BF4E8DE ] DCDhcpService   C:\Program Files (x86)\Gateway\WDAgent\DCDhcpService.exe
17:21:58.0001 0x0f78  DCDhcpService - ok
17:21:58.0063 0x0f78  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:21:58.0095 0x0f78  DcomLaunch - ok
17:21:58.0126 0x0f78  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
17:21:58.0157 0x0f78  defragsvc - ok
17:21:58.0188 0x0f78  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:21:58.0188 0x0f78  DfsC - ok
17:21:58.0219 0x0f78  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
17:21:58.0235 0x0f78  Dhcp - ok
17:21:58.0360 0x0f78  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack       C:\Windows\system32\diagtrack.dll
17:21:58.0422 0x0f78  DiagTrack - ok
17:21:58.0469 0x0f78  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
17:21:58.0469 0x0f78  discache - ok
17:21:58.0516 0x0f78  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
17:21:58.0516 0x0f78  Disk - ok
17:21:58.0547 0x0f78  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:21:58.0563 0x0f78  Dnscache - ok
17:21:58.0578 0x0f78  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
17:21:58.0594 0x0f78  dot3svc - ok
17:21:58.0609 0x0f78  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
17:21:58.0609 0x0f78  DPS - ok
17:21:58.0672 0x0f78  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
17:21:58.0672 0x0f78  drmkaud - ok
17:21:58.0734 0x0f78  [ C02FF01B821FBB72104132E56EC5B881, 161AC96EE71C9B1F59ACE07EDC7550E1203C8DEFF6B333D298D564FAF536CF96 ] DsiWMIService   C:\Program Files (x86)\Launch Manager\dsiwmis.exe
17:21:58.0765 0x0f78  DsiWMIService - ok
17:21:58.0812 0x0f78  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
17:21:58.0859 0x0f78  DXGKrnl - ok
17:21:58.0906 0x0f78  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
17:21:58.0906 0x0f78  EapHost - ok
17:21:59.0046 0x0f78  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
17:21:59.0187 0x0f78  ebdrv - ok
17:21:59.0249 0x0f78  [ 5673794F254FE312AF62D9DA32805A2F, 76400BF26F87303924A4FA9DFE5DD13170D1E4A195CD12548DBAA0E6E8C11B1B ] EFS             C:\Windows\System32\lsass.exe
17:21:59.0249 0x0f78  EFS - ok
17:21:59.0327 0x0f78  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
17:21:59.0358 0x0f78  ehRecvr - ok
17:21:59.0389 0x0f78  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
17:21:59.0389 0x0f78  ehSched - ok
17:21:59.0452 0x0f78  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
17:21:59.0483 0x0f78  elxstor - ok
17:21:59.0577 0x0f78  [ 76B978AD795A7E71C48390B000F6023F, 0A398C0FD9F72A0865343E2153F1F4CFA9EE375DC77E87FBDE38A1A8CA3061EB ] ePowerSvc       C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
17:21:59.0623 0x0f78  ePowerSvc - ok
17:21:59.0639 0x0f78  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
17:21:59.0639 0x0f78  ErrDev - ok
17:21:59.0670 0x0f78  [ 9FD76E7BA1D2A534B7BCF5BD5755E24B, ECC5E023CC778EDC0A9D9A6807D0457D583611B3968DEEEC4C2A34EE12391DE4 ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
17:21:59.0686 0x0f78  ETD - ok
17:21:59.0733 0x0f78  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
17:21:59.0764 0x0f78  EventSystem - ok
17:21:59.0795 0x0f78  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
17:21:59.0811 0x0f78  exfat - ok
17:21:59.0826 0x0f78  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
17:21:59.0842 0x0f78  fastfat - ok
17:21:59.0889 0x0f78  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
17:21:59.0920 0x0f78  Fax - ok
17:21:59.0951 0x0f78  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
17:21:59.0951 0x0f78  fdc - ok
17:21:59.0967 0x0f78  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
17:21:59.0967 0x0f78  fdPHost - ok
17:21:59.0982 0x0f78  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
17:21:59.0982 0x0f78  FDResPub - ok
17:22:00.0013 0x0f78  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:22:00.0013 0x0f78  FileInfo - ok
17:22:00.0029 0x0f78  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
17:22:00.0045 0x0f78  Filetrace - ok
17:22:00.0060 0x0f78  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
17:22:00.0060 0x0f78  flpydisk - ok
17:22:00.0091 0x0f78  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:22:00.0107 0x0f78  FltMgr - ok
17:22:00.0185 0x0f78  [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache       C:\Windows\system32\FntCache.dll
17:22:00.0263 0x0f78  FontCache - ok
17:22:00.0325 0x0f78  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:22:00.0325 0x0f78  FontCache3.0.0.0 - ok
17:22:00.0341 0x0f78  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
17:22:00.0357 0x0f78  FsDepends - ok
17:22:00.0372 0x0f78  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:22:00.0388 0x0f78  Fs_Rec - ok
17:22:00.0435 0x0f78  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
17:22:00.0435 0x0f78  fvevol - ok
17:22:00.0466 0x0f78  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
17:22:00.0466 0x0f78  gagp30kx - ok
17:22:00.0559 0x0f78  [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
17:22:00.0559 0x0f78  GamesAppService - ok
17:22:00.0622 0x0f78  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
17:22:00.0669 0x0f78  gpsvc - ok
17:22:00.0715 0x0f78  [ 32096F187020A54D29C95B3A1467D963, 2A50686C1FC921B02F6B7472AC09B2CFD9DE290D22DD0342A94AB8E95AC3DC6C ] GREGService     C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe
17:22:00.0715 0x0f78  GREGService - ok
17:22:00.0809 0x0f78  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:22:00.0809 0x0f78  gupdate - ok
17:22:00.0825 0x0f78  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:22:00.0825 0x0f78  gupdatem - ok
17:22:00.0856 0x0f78  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
17:22:00.0856 0x0f78  hcw85cir - ok
17:22:00.0903 0x0f78  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:22:00.0918 0x0f78  HdAudAddService - ok
17:22:00.0949 0x0f78  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
17:22:00.0965 0x0f78  HDAudBus - ok
17:22:00.0981 0x0f78  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
17:22:00.0981 0x0f78  HidBatt - ok
17:22:00.0996 0x0f78  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
17:22:01.0012 0x0f78  HidBth - ok
17:22:01.0043 0x0f78  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
17:22:01.0043 0x0f78  HidIr - ok
17:22:01.0059 0x0f78  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
17:22:01.0074 0x0f78  hidserv - ok
17:22:01.0121 0x0f78  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
17:22:01.0137 0x0f78  HidUsb - ok
17:22:01.0137 0x0f78  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:22:01.0152 0x0f78  hkmsvc - ok
17:22:01.0168 0x0f78  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:22:01.0183 0x0f78  HomeGroupListener - ok
17:22:01.0215 0x0f78  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:22:01.0230 0x0f78  HomeGroupProvider - ok
17:22:01.0261 0x0f78  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
17:22:01.0261 0x0f78  HpSAMD - ok
17:22:01.0324 0x0f78  [ CB5A8B34FA37AE53053F2D3DF05AC1E6, 2C7357079A66AE609F49900181B013E735B4A01C45DA316CD1E8698F93DE6EA8 ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
17:22:01.0339 0x0f78  HPSupportSolutionsFrameworkService - ok
17:22:01.0386 0x0f78  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:22:01.0433 0x0f78  HTTP - ok
17:22:01.0449 0x0f78  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
17:22:01.0464 0x0f78  hwpolicy - ok
17:22:01.0480 0x0f78  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
17:22:01.0480 0x0f78  i8042prt - ok
17:22:01.0542 0x0f78  [ D1753C06EE17E29352B065EACF3F10D0, 4DD4C991FAA3CCF99DF8DC9F8F5DEEDEECD55977F0C3AA8C404DEFD21E32A62B ] iaStor          C:\Windows\system32\drivers\iaStor.sys
17:22:01.0542 0x0f78  iaStor - ok
17:22:01.0636 0x0f78  [ 545462D0DBE24AF379BA869B7C185CCD, 056F9D0D5FD4FEF37665A35A4029722FF60D02A69854E952DC361CC0E5CD26F9 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
17:22:01.0636 0x0f78  IAStorDataMgrSvc - ok
17:22:01.0683 0x0f78  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
17:22:01.0714 0x0f78  iaStorV - ok
17:22:01.0807 0x0f78  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:22:01.0870 0x0f78  idsvc - ok
17:22:01.0901 0x0f78  IEEtwCollectorService - ok
17:22:02.0463 0x0f78  [ 3FB253E8059A1AAC3A8B83A31D094CC5, 4D4988BF7D81FB6D75CDB65E1E42AC72DA76D3F84712AA1A27428A6490E342D0 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
17:22:03.0024 0x0f78  igfx - ok
17:22:03.0071 0x0f78  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
17:22:03.0087 0x0f78  iirsp - ok
17:22:03.0133 0x0f78  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
17:22:03.0180 0x0f78  IKEEXT - ok
17:22:03.0414 0x0f78  [ D830262519DDCDFC8BE34EB7047C22DC, A3D41BD7EDBAD0B64245824E920804FB98468E32A649A7983AB3C13C89144D23 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:22:03.0586 0x0f78  IntcAzAudAddService - ok
17:22:03.0633 0x0f78  [ 6C9FFFECA9FED31347D211C5D1FFBD2D, 36CF8B847FAED0D978B3169ED550CC958025902CAC1D7D304E2684B2483E72B8 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
17:22:03.0664 0x0f78  IntcDAud - ok
17:22:03.0711 0x0f78  [ 832CE330DD987227B7DEA8C03F22AEFA, 3DE64D9519D9D865D4C1AA7483D846F0154392B6685BDC451DEC7DA5EA0E2B2E ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
17:22:03.0742 0x0f78  Intel® Capability Licensing Service Interface - ok
17:22:03.0773 0x0f78  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
17:22:03.0773 0x0f78  intelide - ok
17:22:03.0804 0x0f78  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
17:22:03.0804 0x0f78  intelppm - ok
17:22:03.0835 0x0f78  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
17:22:03.0835 0x0f78  IPBusEnum - ok
17:22:03.0867 0x0f78  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:22:03.0867 0x0f78  IpFilterDriver - ok
17:22:03.0945 0x0f78  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:22:03.0976 0x0f78  iphlpsvc - ok
17:22:04.0007 0x0f78  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
17:22:04.0007 0x0f78  IPMIDRV - ok
17:22:04.0038 0x0f78  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
17:22:04.0038 0x0f78  IPNAT - ok
17:22:04.0069 0x0f78  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:22:04.0069 0x0f78  IRENUM - ok
17:22:04.0069 0x0f78  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:22:04.0085 0x0f78  isapnp - ok
17:22:04.0194 0x0f78  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
17:22:04.0210 0x0f78  iScsiPrt - ok
17:22:04.0288 0x0f78  [ DBD76BC1D498FE368F2C8CB76C3E00A4, CDFB082B57807CE89509A16D1C8A5BAEEC026EDD7068F5E359AA50557D2525DC ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
17:22:04.0288 0x0f78  jhi_service - ok
17:22:04.0350 0x0f78  [ E610C2ADF44FFAB91BBA5CA6FC085640, FE273414EBE28445D4E2C4FB1CA10E3B4E172157338140FE67BD0D8F17A9E8E4 ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
17:22:04.0366 0x0f78  k57nd60a - ok
17:22:04.0413 0x0f78  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
17:22:04.0413 0x0f78  kbdclass - ok
17:22:04.0444 0x0f78  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
17:22:04.0444 0x0f78  kbdhid - ok
17:22:04.0475 0x0f78  [ 5673794F254FE312AF62D9DA32805A2F, 76400BF26F87303924A4FA9DFE5DD13170D1E4A195CD12548DBAA0E6E8C11B1B ] KeyIso          C:\Windows\system32\lsass.exe
17:22:04.0475 0x0f78  KeyIso - ok
17:22:04.0522 0x0f78  [ 7BDDD24C5A148534D3737DBFA96B3E69, 06130316A21B1D67B5885AB7030603097EC96F7104F3766D67793ECFC1143158 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:22:04.0522 0x0f78  KSecDD - ok
17:22:04.0537 0x0f78  [ BA500732D160C61E889E8180EE53C86F, 2E9B9FEF4E2F86DBF6778AD0A581CE2F1CA0AC777440BA05AB36B031CE1E8781 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
17:22:04.0537 0x0f78  KSecPkg - ok
17:22:04.0569 0x0f78  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
17:22:04.0600 0x0f78  ksthunk - ok
17:22:04.0647 0x0f78  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
17:22:04.0725 0x0f78  KtmRm - ok
17:22:04.0787 0x0f78  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
17:22:04.0803 0x0f78  LanmanServer - ok
17:22:04.0818 0x0f78  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:22:04.0834 0x0f78  LanmanWorkstation - ok
17:22:04.0881 0x0f78  [ 6BB516A31DE232DAB436FF3A117E1E80, 1B91633C9D2FDD27B1712557E95D5642973105F0161D57E074A0601B666F1221 ] Live Updater Service C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
17:22:04.0896 0x0f78  Live Updater Service - ok
17:22:04.0927 0x0f78  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:22:04.0927 0x0f78  lltdio - ok
17:22:04.0974 0x0f78  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
17:22:05.0052 0x0f78  lltdsvc - ok
17:22:05.0068 0x0f78  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
17:22:05.0068 0x0f78  lmhosts - ok
17:22:05.0115 0x0f78  [ 86E4CC39C953D11EF57CF54C4DC78238, 076973CA22E8BA94877241EC39D97612C32F3E744E026FA0E518C4DDE8277A55 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
17:22:05.0130 0x0f78  LMS - ok
17:22:05.0161 0x0f78  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
17:22:05.0161 0x0f78  LSI_FC - ok
17:22:05.0193 0x0f78  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
17:22:05.0239 0x0f78  LSI_SAS - ok
17:22:05.0271 0x0f78  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
17:22:05.0271 0x0f78  LSI_SAS2 - ok
17:22:05.0286 0x0f78  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
17:22:05.0302 0x0f78  LSI_SCSI - ok
17:22:05.0317 0x0f78  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
17:22:05.0317 0x0f78  luafv - ok
17:22:05.0349 0x0f78  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
17:22:05.0349 0x0f78  Mcx2Svc - ok
17:22:05.0380 0x0f78  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
17:22:05.0380 0x0f78  megasas - ok
17:22:05.0411 0x0f78  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
17:22:05.0427 0x0f78  MegaSR - ok
17:22:05.0458 0x0f78  [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
17:22:05.0458 0x0f78  MEIx64 - ok
17:22:05.0551 0x0f78  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
17:22:05.0551 0x0f78  Microsoft Office Groove Audit Service - ok
17:22:05.0583 0x0f78  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
17:22:05.0583 0x0f78  MMCSS - ok
17:22:05.0614 0x0f78  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
17:22:05.0629 0x0f78  Modem - ok
17:22:05.0629 0x0f78  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
17:22:05.0645 0x0f78  monitor - ok
17:22:05.0645 0x0f78  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
17:22:05.0661 0x0f78  mouclass - ok
17:22:05.0692 0x0f78  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
17:22:05.0692 0x0f78  mouhid - ok
17:22:05.0739 0x0f78  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
17:22:05.0739 0x0f78  mountmgr - ok
17:22:05.0817 0x0f78  [ 5961C5D8EDD2E2A3B99F1782AE1AC21F, C383A4724A335737C4C7C3211AFCFB82D373267EC634BC47EE078A1C66E1F62A ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:22:05.0832 0x0f78  MozillaMaintenance - ok
17:22:05.0863 0x0f78  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
17:22:05.0863 0x0f78  mpio - ok
17:22:05.0879 0x0f78  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:22:05.0879 0x0f78  mpsdrv - ok
17:22:05.0926 0x0f78  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:22:05.0973 0x0f78  MpsSvc - ok
17:22:06.0019 0x0f78  [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:22:06.0019 0x0f78  MRxDAV - ok
17:22:06.0066 0x0f78  [ 355DF71D1DD1999E8AEDF986534B233C, 4F5B07A3E9F4C5EE259A72353835364BFEAEC792090C178C4EF91B517B1C49D0 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:22:06.0066 0x0f78  mrxsmb - ok
17:22:06.0097 0x0f78  [ A16FC9323A85CAEA5804D04646A91CF9, ABC9F1BE4B871EBB5FDED9FC248DABEC4004EBCCF53E6C4D1E54AF69653B00E0 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:22:06.0097 0x0f78  mrxsmb10 - ok
17:22:06.0129 0x0f78  [ 2539BE615440BA1EA4CF84A66B6C0AF9, 3369DE38EE49E5507A73036CDF3982AEF2331D61C7EC4F159004EAD14309A933 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:22:06.0129 0x0f78  mrxsmb20 - ok
17:22:06.0160 0x0f78  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
17:22:06.0160 0x0f78  msahci - ok
17:22:06.0175 0x0f78  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
17:22:06.0191 0x0f78  msdsm - ok
17:22:06.0207 0x0f78  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
17:22:06.0222 0x0f78  MSDTC - ok
17:22:06.0238 0x0f78  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:22:06.0238 0x0f78  Msfs - ok
17:22:06.0269 0x0f78  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
17:22:06.0269 0x0f78  mshidkmdf - ok
17:22:06.0285 0x0f78  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:22:06.0285 0x0f78  msisadrv - ok
17:22:06.0300 0x0f78  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
17:22:06.0331 0x0f78  MSiSCSI - ok
17:22:06.0347 0x0f78  msiserver - ok
17:22:06.0363 0x0f78  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
17:22:06.0378 0x0f78  MSKSSRV - ok
17:22:06.0394 0x0f78  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:22:06.0394 0x0f78  MSPCLOCK - ok
17:22:06.0409 0x0f78  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
17:22:06.0409 0x0f78  MSPQM - ok
17:22:06.0441 0x0f78  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
17:22:06.0456 0x0f78  MsRPC - ok
17:22:06.0472 0x0f78  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
17:22:06.0487 0x0f78  mssmbios - ok
17:22:06.0503 0x0f78  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
17:22:06.0503 0x0f78  MSTEE - ok
17:22:06.0519 0x0f78  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
17:22:06.0519 0x0f78  MTConfig - ok
17:22:06.0534 0x0f78  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
17:22:06.0534 0x0f78  Mup - ok
17:22:06.0565 0x0f78  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
17:22:06.0597 0x0f78  napagent - ok
17:22:06.0628 0x0f78  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
17:22:06.0643 0x0f78  NativeWifiP - ok
17:22:06.0737 0x0f78  [ 7F79DA9E719D0774BDBC3622ABD3AFD9, BA45D9D5C983D85999BF18C6D7F985A8D2E2CA5B2A86FF2B8B0928565E789D61 ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
17:22:06.0768 0x0f78  NAUpdate - ok
17:22:06.0846 0x0f78  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:22:06.0893 0x0f78  NDIS - ok
17:22:06.0924 0x0f78  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
17:22:06.0924 0x0f78  NdisCap - ok
17:22:06.0940 0x0f78  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:22:06.0955 0x0f78  NdisTapi - ok
17:22:06.0971 0x0f78  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
17:22:06.0987 0x0f78  Ndisuio - ok
17:22:07.0002 0x0f78  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
17:22:07.0002 0x0f78  NdisWan - ok
17:22:07.0018 0x0f78  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
17:22:07.0033 0x0f78  NDProxy - ok
17:22:07.0033 0x0f78  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
17:22:07.0049 0x0f78  NetBIOS - ok
17:22:07.0065 0x0f78  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
17:22:07.0065 0x0f78  NetBT - ok
17:22:07.0096 0x0f78  [ 5673794F254FE312AF62D9DA32805A2F, 76400BF26F87303924A4FA9DFE5DD13170D1E4A195CD12548DBAA0E6E8C11B1B ] Netlogon        C:\Windows\system32\lsass.exe
17:22:07.0096 0x0f78  Netlogon - ok
17:22:07.0127 0x0f78  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
17:22:07.0158 0x0f78  Netman - ok
17:22:07.0205 0x0f78  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:22:07.0221 0x0f78  NetMsmqActivator - ok
17:22:07.0236 0x0f78  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:22:07.0236 0x0f78  NetPipeActivator - ok
17:22:07.0267 0x0f78  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
17:22:07.0299 0x0f78  netprofm - ok
17:22:07.0314 0x0f78  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:22:07.0314 0x0f78  NetTcpActivator - ok
17:22:07.0314 0x0f78  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:22:07.0330 0x0f78  NetTcpPortSharing - ok
17:22:07.0361 0x0f78  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
17:22:07.0377 0x0f78  nfrd960 - ok
17:22:07.0423 0x0f78  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:22:07.0439 0x0f78  NlaSvc - ok
17:22:07.0579 0x0f78  [ 5839A8027D6D324A7CD494051A96628C, 474F2D0BB463ABE68D7C4D2C630860AED4B722EC62C616C91EE00AA965378382 ] NOBU            C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
17:22:07.0704 0x0f78  NOBU - ok
17:22:07.0767 0x0f78  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:22:07.0767 0x0f78  Npfs - ok
17:22:07.0798 0x0f78  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
17:22:07.0798 0x0f78  nsi - ok
17:22:07.0813 0x0f78  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:22:07.0813 0x0f78  nsiproxy - ok
17:22:07.0907 0x0f78  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:22:07.0985 0x0f78  Ntfs - ok
17:22:08.0032 0x0f78  [ D27A4546417ED7C4AEA7B3420D4F1F50, 8D52FF7D2C6E338E2E8B414F0FE9ED296A901CB38BCFF8814B1ECE52D8D1599D ] NTI IScheduleSvc C:\Program Files (x86)\NTI\Gateway MyBackup\IScheduleSvc.exe
17:22:08.0047 0x0f78  NTI IScheduleSvc - ok
17:22:08.0079 0x0f78  [ 64DDD0DEE976302F4BD93E5EFCC2F013, 19F54B4549999EF96FAE1B2B97973F281304843ADE0CF5823574453AB41E3E9C ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys
17:22:08.0079 0x0f78  NTIDrvr - ok
17:22:08.0094 0x0f78  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
17:22:08.0094 0x0f78  Null - ok
17:22:08.0125 0x0f78  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:22:08.0125 0x0f78  nvraid - ok
17:22:08.0157 0x0f78  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:22:08.0157 0x0f78  nvstor - ok
17:22:08.0172 0x0f78  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:22:08.0188 0x0f78  nv_agp - ok
17:22:08.0297 0x0f78  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:22:08.0313 0x0f78  odserv - ok
17:22:08.0344 0x0f78  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
17:22:08.0344 0x0f78  ohci1394 - ok
17:22:08.0391 0x0f78  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:22:08.0391 0x0f78  ose - ok
17:22:08.0640 0x0f78  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:22:08.0843 0x0f78  osppsvc - ok
17:22:08.0905 0x0f78  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
17:22:08.0937 0x0f78  p2pimsvc - ok
17:22:08.0983 0x0f78  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
17:22:08.0999 0x0f78  p2psvc - ok
17:22:09.0030 0x0f78  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
17:22:09.0030 0x0f78  Parport - ok
17:22:09.0061 0x0f78  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
17:22:09.0061 0x0f78  partmgr - ok
17:22:09.0108 0x0f78  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:22:09.0108 0x0f78  PcaSvc - ok
17:22:09.0139 0x0f78  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
17:22:09.0139 0x0f78  pci - ok
17:22:09.0171 0x0f78  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
17:22:09.0171 0x0f78  pciide - ok
17:22:09.0186 0x0f78  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
17:22:09.0202 0x0f78  pcmcia - ok
17:22:09.0217 0x0f78  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
17:22:09.0233 0x0f78  pcw - ok
17:22:09.0295 0x0f78  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:22:09.0327 0x0f78  PEAUTH - ok
17:22:09.0420 0x0f78  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
17:22:09.0420 0x0f78  PerfHost - ok
17:22:09.0498 0x0f78  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
17:22:09.0561 0x0f78  pla - ok
17:22:09.0607 0x0f78  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:22:09.0639 0x0f78  PlugPlay - ok
17:22:09.0654 0x0f78  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
17:22:09.0654 0x0f78  PNRPAutoReg - ok
17:22:09.0685 0x0f78  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
17:22:09.0685 0x0f78  PNRPsvc - ok
17:22:09.0732 0x0f78  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
17:22:09.0763 0x0f78  PolicyAgent - ok
17:22:09.0795 0x0f78  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
17:22:09.0795 0x0f78  Power - ok
17:22:09.0841 0x0f78  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:22:09.0841 0x0f78  PptpMiniport - ok
17:22:09.0873 0x0f78  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
17:22:09.0873 0x0f78  Processor - ok
17:22:09.0919 0x0f78  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
17:22:09.0919 0x0f78  ProfSvc - ok
17:22:09.0935 0x0f78  [ 5673794F254FE312AF62D9DA32805A2F, 76400BF26F87303924A4FA9DFE5DD13170D1E4A195CD12548DBAA0E6E8C11B1B ] ProtectedStorage C:\Windows\system32\lsass.exe
17:22:09.0935 0x0f78  ProtectedStorage - ok
17:22:09.0966 0x0f78  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
17:22:09.0982 0x0f78  Psched - ok
17:22:10.0075 0x0f78  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
17:22:10.0153 0x0f78  ql2300 - ok
17:22:10.0200 0x0f78  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
17:22:10.0200 0x0f78  ql40xx - ok
17:22:10.0216 0x0f78  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
17:22:10.0231 0x0f78  QWAVE - ok
17:22:10.0247 0x0f78  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:22:10.0247 0x0f78  QWAVEdrv - ok
17:22:10.0263 0x0f78  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:22:10.0263 0x0f78  RasAcd - ok
17:22:10.0309 0x0f78  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
17:22:10.0309 0x0f78  RasAgileVpn - ok
17:22:10.0325 0x0f78  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
17:22:10.0341 0x0f78  RasAuto - ok
17:22:10.0356 0x0f78  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
17:22:10.0356 0x0f78  Rasl2tp - ok
17:22:10.0387 0x0f78  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
17:22:10.0419 0x0f78  RasMan - ok
17:22:10.0419 0x0f78  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:22:10.0434 0x0f78  RasPppoe - ok
17:22:10.0450 0x0f78  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
17:22:10.0450 0x0f78  RasSstp - ok
17:22:10.0465 0x0f78  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:22:10.0481 0x0f78  rdbss - ok
17:22:10.0497 0x0f78  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
17:22:10.0512 0x0f78  rdpbus - ok
17:22:10.0528 0x0f78  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:22:10.0528 0x0f78  RDPCDD - ok
17:22:10.0559 0x0f78  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:22:10.0559 0x0f78  RDPENCDD - ok
17:22:10.0590 0x0f78  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
17:22:10.0590 0x0f78  RDPREFMP - ok
17:22:10.0637 0x0f78  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
17:22:10.0637 0x0f78  RDPWD - ok
17:22:10.0684 0x0f78  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
17:22:10.0684 0x0f78  rdyboost - ok
17:22:10.0715 0x0f78  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:22:10.0731 0x0f78  RemoteAccess - ok
17:22:10.0746 0x0f78  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:22:10.0762 0x0f78  RemoteRegistry - ok
17:22:10.0777 0x0f78  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
17:22:10.0777 0x0f78  RpcEptMapper - ok
17:22:10.0809 0x0f78  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
17:22:10.0824 0x0f78  RpcLocator - ok
17:22:10.0855 0x0f78  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
17:22:10.0855 0x0f78  RpcSs - ok
17:22:10.0902 0x0f78  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:22:10.0902 0x0f78  rspndr - ok
17:22:10.0918 0x0f78  [ 5673794F254FE312AF62D9DA32805A2F, 76400BF26F87303924A4FA9DFE5DD13170D1E4A195CD12548DBAA0E6E8C11B1B ] SamSs           C:\Windows\system32\lsass.exe
17:22:10.0918 0x0f78  SamSs - ok
17:22:10.0949 0x0f78  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:22:10.0965 0x0f78  sbp2port - ok
17:22:10.0980 0x0f78  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:22:10.0996 0x0f78  SCardSvr - ok
17:22:11.0011 0x0f78  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
17:22:11.0011 0x0f78  scfilter - ok
17:22:11.0074 0x0f78  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
17:22:11.0136 0x0f78  Schedule - ok
17:22:11.0167 0x0f78  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:22:11.0167 0x0f78  SCPolicySvc - ok
17:22:11.0199 0x0f78  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
17:22:11.0199 0x0f78  sdbus - ok
17:22:11.0245 0x0f78  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:22:11.0245 0x0f78  SDRSVC - ok
17:22:11.0277 0x0f78  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:22:11.0277 0x0f78  secdrv - ok
17:22:11.0292 0x0f78  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
17:22:11.0308 0x0f78  seclogon - ok
17:22:11.0323 0x0f78  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
17:22:11.0339 0x0f78  SENS - ok
17:22:11.0355 0x0f78  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
17:22:11.0355 0x0f78  SensrSvc - ok
17:22:11.0386 0x0f78  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
17:22:11.0386 0x0f78  Serenum - ok
17:22:11.0433 0x0f78  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
17:22:11.0433 0x0f78  Serial - ok
17:22:11.0448 0x0f78  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
17:22:11.0464 0x0f78  sermouse - ok
17:22:11.0511 0x0f78  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
17:22:11.0511 0x0f78  SessionEnv - ok
17:22:11.0526 0x0f78  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
17:22:11.0526 0x0f78  sffdisk - ok
17:22:11.0542 0x0f78  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:22:11.0542 0x0f78  sffp_mmc - ok
17:22:11.0557 0x0f78  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
17:22:11.0557 0x0f78  sffp_sd - ok
17:22:11.0573 0x0f78  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
17:22:11.0589 0x0f78  sfloppy - ok
17:22:11.0620 0x0f78  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:22:11.0635 0x0f78  SharedAccess - ok
17:22:11.0667 0x0f78  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:22:11.0698 0x0f78  ShellHWDetection - ok
17:22:11.0713 0x0f78  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
17:22:11.0713 0x0f78  SiSRaid2 - ok
17:22:11.0745 0x0f78  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
17:22:11.0745 0x0f78  SiSRaid4 - ok
17:22:11.0823 0x0f78  [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
17:22:11.0838 0x0f78  SkypeUpdate - ok
17:22:11.0869 0x0f78  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
17:22:11.0869 0x0f78  Smb - ok
17:22:11.0916 0x0f78  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:22:11.0916 0x0f78  SNMPTRAP - ok
17:22:11.0932 0x0f78  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
17:22:11.0932 0x0f78  spldr - ok
17:22:11.0963 0x0f78  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
17:22:11.0994 0x0f78  Spooler - ok
17:22:12.0135 0x0f78  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
17:22:12.0275 0x0f78  sppsvc - ok
17:22:12.0306 0x0f78  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
17:22:12.0306 0x0f78  sppuinotify - ok
17:22:12.0337 0x0f78  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:22:12.0369 0x0f78  srv - ok
17:22:12.0400 0x0f78  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:22:12.0415 0x0f78  srv2 - ok
17:22:12.0431 0x0f78  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:22:12.0447 0x0f78  srvnet - ok
17:22:12.0493 0x0f78  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:22:12.0493 0x0f78  SSDPSRV - ok
17:22:12.0603 0x0f78  [ 256E2E3440DEBBF655A235907E6F91A3, AA5CC85F3ED3ED07CD0283D057C772827F6A220A6EBB6D871F96F7EFCFC74D53 ] SSIRuntimeService C:\Program Files (x86)\Software Secure, Inc\SSIRuntimeService\SSIRuntimeService.exe
17:22:12.0603 0x0f78  SSIRuntimeService - ok
17:22:12.0634 0x0f78  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:22:12.0634 0x0f78  SstpSvc - ok
17:22:12.0665 0x0f78  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
17:22:12.0665 0x0f78  stexstor - ok
17:22:12.0727 0x0f78  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
17:22:12.0727 0x0f78  StillCam - ok
17:22:12.0774 0x0f78  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
17:22:12.0805 0x0f78  stisvc - ok
17:22:12.0837 0x0f78  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
17:22:12.0837 0x0f78  swenum - ok
17:22:12.0883 0x0f78  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
17:22:12.0915 0x0f78  swprv - ok
17:22:13.0008 0x0f78  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
17:22:13.0102 0x0f78  SysMain - ok
17:22:13.0149 0x0f78  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:22:13.0149 0x0f78  TabletInputService - ok
17:22:13.0180 0x0f78  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:22:13.0195 0x0f78  TapiSrv - ok
17:22:13.0211 0x0f78  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
17:22:13.0227 0x0f78  TBS - ok
17:22:13.0320 0x10bc  Object required for P2P: [ C35B91B6777E7C6DB67B8583D2AA66A7 ] c2cpnrsvc
17:22:13.0320 0x0f78  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:22:13.0414 0x0f78  Tcpip - ok
17:22:13.0492 0x0f78  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
17:22:13.0539 0x0f78  TCPIP6 - ok
17:22:13.0601 0x0f78  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:22:13.0601 0x0f78  tcpipreg - ok
17:22:13.0632 0x0f78  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:22:13.0632 0x0f78  TDPIPE - ok
17:22:13.0648 0x0f78  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
17:22:13.0648 0x0f78  TDTCP - ok
17:22:13.0679 0x0f78  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:22:13.0695 0x0f78  tdx - ok
17:22:13.0710 0x0f78  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
17:22:13.0710 0x0f78  TermDD - ok
17:22:13.0773 0x0f78  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
17:22:13.0804 0x0f78  TermService - ok
17:22:13.0835 0x0f78  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
17:22:13.0835 0x0f78  Themes - ok
17:22:13.0866 0x0f78  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
17:22:13.0882 0x0f78  THREADORDER - ok
17:22:13.0897 0x0f78  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
17:22:13.0897 0x0f78  TrkWks - ok
17:22:13.0944 0x0f78  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:22:13.0944 0x0f78  TrustedInstaller - ok
17:22:13.0991 0x0f78  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:22:13.0991 0x0f78  tssecsrv - ok
17:22:14.0007 0x0f78  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
17:22:14.0022 0x0f78  TsUsbFlt - ok
17:22:14.0038 0x0f78  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
17:22:14.0038 0x0f78  TsUsbGD - ok
17:22:14.0069 0x0f78  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:22:14.0069 0x0f78  tunnel - ok
17:22:14.0085 0x0f78  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
17:22:14.0085 0x0f78  uagp35 - ok
17:22:14.0100 0x0f78  [ 2E22C1FD397A5A9FFEF55E9D1FC96C00, 4646712B3F3AF6188DBCE1A95D92261E8B15E9583FE5DD538EC884F48B51759D ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
17:22:14.0100 0x0f78  UBHelper - ok
17:22:14.0131 0x0f78  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:22:14.0147 0x0f78  udfs - ok
17:22:14.0163 0x10bc  Object send P2P result: true
17:22:14.0163 0x0f78  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
17:22:14.0194 0x0f78  UI0Detect - ok
17:22:14.0225 0x0f78  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:22:14.0241 0x0f78  uliagpkx - ok
17:22:14.0256 0x0f78  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
17:22:14.0256 0x0f78  umbus - ok
17:22:14.0272 0x0f78  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
17:22:14.0272 0x0f78  UmPass - ok
17:22:14.0350 0x0f78  [ D80B1075B69B57A3AB78F750CE463ECE, E8435B723C3D9F5B28D5588365E7D6BED298565BCF61240C2B505B1033180DAA ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
17:22:14.0365 0x0f78  UNS - ok
17:22:14.0397 0x0f78  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
17:22:14.0428 0x0f78  upnphost - ok
17:22:14.0459 0x0f78  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
17:22:14.0459 0x0f78  usbccgp - ok
17:22:14.0490 0x0f78  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
17:22:14.0506 0x0f78  usbcir - ok
17:22:14.0537 0x0f78  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
17:22:14.0537 0x0f78  usbehci - ok
17:22:14.0568 0x0f78  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:22:14.0584 0x0f78  usbhub - ok
17:22:14.0615 0x0f78  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
17:22:14.0615 0x0f78  usbohci - ok
17:22:14.0646 0x0f78  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
17:22:14.0646 0x0f78  usbprint - ok
17:22:14.0693 0x0f78  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
17:22:14.0693 0x0f78  usbscan - ok
17:22:14.0709 0x0f78  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:22:14.0709 0x0f78  USBSTOR - ok
17:22:14.0740 0x0f78  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
17:22:14.0740 0x0f78  usbuhci - ok
17:22:14.0802 0x0f78  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
17:22:14.0802 0x0f78  usbvideo - ok
17:22:14.0833 0x0f78  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
17:22:14.0833 0x0f78  UxSms - ok
17:22:14.0849 0x0f78  [ 5673794F254FE312AF62D9DA32805A2F, 76400BF26F87303924A4FA9DFE5DD13170D1E4A195CD12548DBAA0E6E8C11B1B ] VaultSvc        C:\Windows\system32\lsass.exe
17:22:14.0849 0x0f78  VaultSvc - ok
17:22:14.0880 0x0f78  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
17:22:14.0880 0x0f78  vdrvroot - ok
17:22:14.0911 0x0f78  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
17:22:14.0958 0x0f78  vds - ok
17:22:14.0974 0x0f78  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
17:22:14.0974 0x0f78  vga - ok
17:22:14.0989 0x0f78  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
17:22:14.0989 0x0f78  VgaSave - ok
17:22:15.0021 0x0f78  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
17:22:15.0021 0x0f78  vhdmp - ok
17:22:15.0052 0x0f78  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
17:22:15.0052 0x0f78  viaide - ok
17:22:15.0067 0x0f78  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:22:15.0083 0x0f78  volmgr - ok
17:22:15.0114 0x0f78  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
17:22:15.0130 0x0f78  volmgrx - ok
17:22:15.0145 0x0f78  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
17:22:15.0161 0x0f78  volsnap - ok
17:22:15.0192 0x0f78  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
17:22:15.0192 0x0f78  vsmraid - ok
17:22:15.0286 0x0f78  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
17:22:15.0364 0x0f78  VSS - ok
17:22:15.0520 0x0f78  [ A32C5DF77A6DC5279894EB64B56FE21F, 6CCA7DA327369EB2FC785D898A3E3F0EA45C0F73B00841616328CE4B5A2E79FD ] vToolbarUpdater19.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\19.2.0\ToolbarUpdater.exe
17:22:15.0598 0x0f78  vToolbarUpdater19.2.0 - ok
17:22:15.0629 0x0f78  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
17:22:15.0645 0x0f78  vwifibus - ok
17:22:15.0676 0x0f78  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
17:22:15.0676 0x0f78  vwififlt - ok
17:22:15.0723 0x0f78  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
17:22:15.0754 0x0f78  W32Time - ok
17:22:15.0785 0x0f78  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
17:22:15.0785 0x0f78  WacomPen - ok
17:22:15.0816 0x0f78  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
17:22:15.0816 0x0f78  WANARP - ok
17:22:15.0832 0x0f78  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:22:15.0832 0x0f78  Wanarpv6 - ok
17:22:15.0925 0x0f78  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
17:22:16.0019 0x0f78  WatAdminSvc - ok
17:22:16.0128 0x0f78  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
17:22:16.0206 0x0f78  wbengine - ok
17:22:16.0237 0x0f78  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
17:22:16.0237 0x0f78  WbioSrvc - ok
17:22:16.0269 0x0f78  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
17:22:16.0284 0x0f78  wcncsvc - ok
17:22:16.0300 0x0f78  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:22:16.0315 0x0f78  WcsPlugInService - ok
17:22:16.0331 0x0f78  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
17:22:16.0347 0x0f78  Wd - ok
17:22:16.0409 0x0f78  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:22:16.0456 0x0f78  Wdf01000 - ok
17:22:16.0487 0x0f78  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:22:16.0487 0x0f78  WdiServiceHost - ok
17:22:16.0487 0x0f78  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
17:22:16.0503 0x0f78  WdiSystemHost - ok
17:22:16.0534 0x0f78  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
17:22:16.0549 0x0f78  WebClient - ok
17:22:16.0627 0x0f78  [ 2CBBC5E91BC817188A9C24F465B2934D, B2CD1F2C87B6E8270C9B2890C13EAF7A7A4E1B2726871D7619ADA41298B5EB7B ] WebUpdate4      C:\Windows\SysWOW64\WebUpdateSvc4.exe
17:22:16.0627 0x0f78  WebUpdate4 - ok
17:22:16.0674 0x0f78  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:22:16.0674 0x0f78  Wecsvc - ok
17:22:16.0690 0x0f78  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
17:22:16.0705 0x0f78  wercplsupport - ok
17:22:16.0721 0x0f78  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
17:22:16.0737 0x0f78  WerSvc - ok
17:22:16.0752 0x0f78  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
17:22:16.0752 0x0f78  WfpLwf - ok
17:22:16.0768 0x0f78  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
17:22:16.0768 0x0f78  WIMMount - ok
17:22:16.0799 0x0f78  WinDefend - ok
17:22:16.0830 0x0f78  WinHttpAutoProxySvc - ok
17:22:16.0893 0x0f78  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
17:22:16.0893 0x0f78  Winmgmt - ok
17:22:17.0002 0x0f78  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
17:22:17.0095 0x0f78  WinRM - ok
17:22:17.0158 0x0f78  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
17:22:17.0173 0x0f78  WinUsb - ok
17:22:17.0236 0x0f78  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
17:22:17.0283 0x0f78  Wlansvc - ok
17:22:17.0345 0x0f78  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:22:17.0361 0x0f78  wlcrasvc - ok
17:22:17.0485 0x0f78  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:22:17.0563 0x0f78  wlidsvc - ok
17:22:17.0610 0x0f78  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
17:22:17.0610 0x0f78  WmiAcpi - ok
17:22:17.0657 0x0f78  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:22:17.0673 0x0f78  wmiApSrv - ok
17:22:17.0704 0x0f78  WMPNetworkSvc - ok
17:22:17.0735 0x0f78  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:22:17.0735 0x0f78  WPCSvc - ok
17:22:17.0766 0x0f78  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:22:17.0766 0x0f78  WPDBusEnum - ok
17:22:17.0797 0x0f78  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
17:22:17.0797 0x0f78  ws2ifsl - ok
17:22:17.0813 0x0f78  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
17:22:17.0813 0x0f78  wscsvc - ok
17:22:17.0813 0x0f78  WSearch - ok
17:22:17.0953 0x0f78  [ 3D4032E6A5885C007AEF4BA816AB4032, 21EB2B5B5A64EED44B5B7743820842205175F52A6F5525BD0F95DCB2733F449C ] wuauserv        C:\Windows\system32\wuaueng.dll
17:22:18.0063 0x0f78  wuauserv - ok
17:22:18.0094 0x0f78  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:22:18.0094 0x0f78  WudfPf - ok
17:22:18.0156 0x0f78  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\drivers\WUDFRd.sys
17:22:18.0156 0x0f78  WUDFRd - ok
17:22:18.0203 0x0f78  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
17:22:18.0203 0x0f78  wudfsvc - ok
17:22:18.0250 0x0f78  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
17:22:18.0265 0x0f78  WwanSvc - ok
17:22:18.0281 0x0f78  ================ Scan global ===============================
17:22:18.0312 0x0f78  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
17:22:18.0359 0x0f78  [ 96AEEE466EA56AF34AE4AD5E55DAD164, 467DA5C29E04E02520974163AEBF7FAA3DED8212A765616C0D877E4F36AD173C ] C:\Windows\system32\winsrv.dll
17:22:18.0375 0x0f78  [ 96AEEE466EA56AF34AE4AD5E55DAD164, 467DA5C29E04E02520974163AEBF7FAA3DED8212A765616C0D877E4F36AD173C ] C:\Windows\system32\winsrv.dll
17:22:18.0406 0x0f78  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
17:22:18.0453 0x0f78  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
17:22:18.0484 0x0f78  [ Global ] - ok
17:22:18.0484 0x0f78  ================ Scan MBR ==================================
17:22:18.0499 0x0f78  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:22:18.0749 0x0f78  \Device\Harddisk0\DR0 - ok
17:22:18.0749 0x0f78  ================ Scan VBR ==================================
17:22:18.0749 0x0f78  [ 0BC14FBB1941263DCEE1A709E68B6E23 ] \Device\Harddisk0\DR0\Partition1
17:22:18.0780 0x0f78  \Device\Harddisk0\DR0\Partition1 - ok
17:22:18.0796 0x0f78  [ 91EB0C95C671FCF6B4181D4094D9D3E4 ] \Device\Harddisk0\DR0\Partition2
17:22:18.0827 0x0f78  \Device\Harddisk0\DR0\Partition2 - ok
17:22:18.0827 0x0f78  ================ Scan generic autorun ======================
17:22:18.0858 0x0f78  [ 65E11A42752FDAE5EFE2EC07816BA006, F778E52B56FA76C1FD3875D066D78C223482D4FE2DE80D414B251CE77667D9C7 ] C:\Windows\system32\igfxtray.exe
17:22:18.0874 0x0f78  IgfxTray - ok
17:22:18.0889 0x0f78  [ 276D5DAAB9EA87B839C2D41E4697CF1B, 3B663DF34DBA37BA97574285485FBC56F378C0CD1E5D955ED902120C05B28F40 ] C:\Windows\system32\hkcmd.exe
17:22:18.0889 0x0f78  HotKeysCmds - ok
17:22:18.0936 0x0f78  [ B187ECB8297487F6B08BB93852334ABE, 73909B14AD47DE206777CE6E66923E00FB0292691A3E6E84F73BF485241D8B76 ] C:\Windows\system32\igfxpers.exe
17:22:18.0967 0x0f78  Persistence - ok
17:22:19.0451 0x0f78  [ 6522AA1BCFC503A2417B7358E31F4EB9, 7E0AC65A1A99877DAFC139C7F712C19A92FED4D1E80BD8DC6FD857EA2D40E1CA ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
17:22:19.0903 0x0f78  RTHDVCPL - ok
17:22:19.0919 0x0f78  ETDCtrl - ok
17:22:20.0044 0x0f78  [ 9634F2078F66B901B171F7E75FFF3261, DF82CF522847F930A26A438096C32A34F448A89F28BA4C681F396F0C25B96E28 ] C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe
17:22:20.0122 0x0f78  Power Management - ok
17:22:20.0184 0x0f78  [ 0AE2979CCDC1DA044BDF24888AEBA68F, 7B4F3B644BA1ABC1CFC5418D20DB9285606588E241FDD7854991533E9C11E6C6 ] C:\Program Files (x86)\NTI\Gateway MyBackup\BackupManagerTray.exe
17:22:20.0200 0x0f78  BackupManagerTray - ok
17:22:20.0262 0x0f78  [ D3E69D500466C17498AAF7F83D12FFF0, F5723FC28396489EADDDCAD67A0E46B56D859590823E3CFA7254BA6709DC5AE6 ] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
17:22:20.0309 0x0f78  Norton Online Backup - ok
17:22:20.0387 0x0f78  [ FE668B0E3E87077A46FE77AFB0E27F9C, E9485A083D7CC0438668132154C8AD14267113F15EEB794B356BF3E6F998FD17 ] C:\Program Files (x86)\Launch Manager\LManager.exe
17:22:20.0418 0x0f78  LManager - ok
17:22:20.0543 0x0f78  [ DE71DD68C691B43DC065815ED39408A0, 74F1925D6ED820DB2916D5E61B979B82AD13D144A8888357BD5BCA31A656BB81 ] C:\Program Files (x86)\AVG Secure Search\vprot.exe
17:22:20.0652 0x0f78  vProt - ok
17:22:20.0715 0x0f78  [ 0E34B7BB1FCF22BCC1E394D16F9E992B, 382CA8E6BAC301E2F277F8EDA03D263FF71272796A8EED582C36294EEE9191F9 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
17:22:20.0715 0x0f78  GrooveMonitor - ok
17:22:20.0808 0x0f78  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:22:20.0855 0x0f78  Sidebar - ok
17:22:20.0902 0x0f78  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:22:20.0902 0x0f78  mctadmin - ok
17:22:20.0964 0x0f78  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:22:20.0995 0x0f78  Sidebar - ok
17:22:20.0995 0x0f78  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:22:21.0011 0x0f78  mctadmin - ok
17:22:21.0058 0x0f78  GoogleDriveSync - ok
17:22:21.0401 0x0f78  [ 52F5D651B8E39F258C1C34272FEB1AB2, C13AD8762A4474D8246DE7BC023244BD74456D45348F74F77373CC61C238A0F3 ] C:\Program Files\CCleaner\CCleaner64.exe
17:22:21.0729 0x0f78  CCleaner Monitoring - ok
17:22:21.0900 0x0f78  [ 22F7B9670AD770C7ED7F4738204C8E5C, 7B793AC094CB1B073419B5DAE09DFBB8EBED03D29301F490AA76EA0667613438 ] C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe
17:22:22.0009 0x0f78  HP Deskjet 3510 series (NET) - ok
17:22:22.0009 0x0f78  Waiting for KSN requests completion. In queue: 114
17:22:23.0101 0x0f78  AV detected via SS2: AVG AntiVirus Free Edition, C:\Program Files (x86)\AVG\Av\avgwsc.exe ( 16.41.0.7442 ), 0x41000 ( enabled : updated )
17:22:23.0133 0x0f78  Win FW state via NFP2: enabled ( trusted )
17:22:23.0741 0x0f78  ============================================================
17:22:23.0741 0x0f78  Scan finished
17:22:23.0741 0x0f78  ============================================================
17:22:23.0741 0x11e0  Detected object count: 0
17:22:23.0741 0x11e0  Actual detected object count: 0
 



#5 adaba

adaba
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:07:39 AM

Posted 26 February 2016 - 07:37 PM

AdwCleaner- logfile:

 

# AdwCleaner v5.036 - Logfile created 26/02/2016 at 17:31:50
# Updated 22/02/2016 by Xplode
# Database : 2016-02-24.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Kemi - KEMI-PC
# Running from : C:\Users\Kemi\Downloads\AdwCleaner.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****

Service Found : vToolbarUpdater19.2.0

***** [ Folders ] *****

Folder Found : C:\Program Files (x86)\Ask.com
Folder Found : C:\Program Files (x86)\AVG Secure Search
Folder Found : C:\Program Files (x86)\AVG Security Toolbar
Folder Found : C:\Program Files (x86)\dply_en_015020237
Folder Found : C:\Program Files (x86)\dply_en_015020237
Folder Found : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\AVG Secure Search
Folder Found : C:\ProgramData\Avg_Update_0814tb
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DESKTOPPLAY
Folder Found : C:\Users\Kemi\AppData\Local\AVG Secure Search
Folder Found : C:\Users\Kemi\AppData\Local\dply_en_015020237
Folder Found : C:\Users\Kemi\AppData\Local\dply_en_015020237
Folder Found : C:\Users\Kemi\AppData\LocalLow\AskToolbar
Folder Found : C:\Users\Kemi\AppData\LocalLow\AVG Secure Search
Folder Found : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}

***** [ Files ] *****

File Found : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
File Found : C:\Users\Public\Desktop\eBay.lnk

***** [ DLL ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

Task Found : Scheduled Update for Ask Toolbar
Task Found : AVG-Secure-Search-Update_JUNE2013_HP_rmv
Task Found : AVG-Secure-Search-Update_JUNE2013_TB_rmv
Task Found : AVG-Secure-Search-Update_JUNE2013_HP_rmv
Task Found : AVG-Secure-Search-Update_JUNE2013_TB_rmv

***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\handler\viprotocol
Key Found : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found : HKCU\Software\APN
Key Found : HKCU\Software\Ask.com
Key Found : HKCU\Software\AskToolbar
Key Found : HKCU\Software\AVG Secure Search
Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
Key Found : HKLM\SOFTWARE\APN
Key Found : HKLM\SOFTWARE\AskToolbar
Key Found : HKLM\SOFTWARE\AVG Secure Search
Key Found : HKLM\SOFTWARE\AVG Security Toolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Found : HKU\.DEFAULT\Software\AskToolbar
Key Found : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Found : [x64] HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1

***** [ Web browsers ] *****

[C:\Users\Kemi\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : aol.com
[C:\Users\Kemi\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : ask.com
[C:\Users\Kemi\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : ndibdjnfmopecpmkdieinmbadjfpblof

*************************

C:\AdwCleaner\AdwCleaner[S1].txt - [13003 bytes] - [26/02/2016 17:27:58]
C:\AdwCleaner\AdwCleaner[S2].txt - [13077 bytes] - [26/02/2016 17:31:00]
C:\AdwCleaner\AdwCleaner[S3].txt - [12865 bytes] - [26/02/2016 17:31:50]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [12939 bytes] ##########
 



#6 adaba

adaba
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:07:39 AM

Posted 26 February 2016 - 07:56 PM

Junkware removal log:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.3 (02.09.2016)
Operating System: Windows 7 Home Premium x64
Ran by Kemi (Administrator) on Fri 02/26/2016 at 17:51:19.09
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 50

Failed to delete: C:\Program Files (x86)\Common Files\avg secure search\vtoolbarupdater (Folder)
Successfully deleted: C:\Program Files (x86)\dply_en_015020237 (Folder)
Successfully deleted: C:\ProgramData\ask (Folder)
Successfully deleted: C:\ProgramData\Start Menu\Programs\desktopplay (Folder)
Successfully deleted: C:\Users\Kemi\AppData\Local\{046B4BBD-D31F-4830-A6CD-369B1EE27F00} (Empty Folder)
Successfully deleted: C:\Users\Kemi\AppData\Local\{3E451F14-966E-4948-8BFC-5B1781353BCD} (Empty Folder)
Successfully deleted: C:\Users\Kemi\AppData\Local\{43B742D5-89A7-4C06-B96F-11A6CDD2D647} (Empty Folder)
Successfully deleted: C:\Users\Kemi\AppData\Local\{4F3433AC-557F-4A9F-9AA5-08626111A7AE} (Empty Folder)
Successfully deleted: C:\Users\Kemi\AppData\Local\{63CC9EFC-D398-4702-8831-DC39BA541057} (Empty Folder)
Successfully deleted: C:\Users\Kemi\AppData\Local\{6E579A98-E8FD-460C-BC29-10CEB8853DA3} (Empty Folder)
Successfully deleted: C:\Users\Kemi\AppData\Local\{7454BC05-78B1-40BD-80C3-9F7766301767} (Empty Folder)
Successfully deleted: C:\Users\Kemi\AppData\Local\{8D84C323-2B47-4092-B028-7D891B415D7F} (Empty Folder)
Successfully deleted: C:\Users\Kemi\AppData\Local\{AE850B09-4548-4DA2-87C2-3A4822D34620} (Empty Folder)
Successfully deleted: C:\Users\Kemi\AppData\Local\{AF82AD7D-772C-44CD-91D8-44E8E5892B92} (Empty Folder)
Successfully deleted: C:\Users\Kemi\AppData\Local\{B3AD3F3F-CA98-4A55-A8DA-1128B63AAADD} (Empty Folder)
Successfully deleted: C:\Users\Kemi\AppData\Local\{FC25B2FC-E725-4857-9A92-6EA235BC90D0} (Empty Folder)
Successfully deleted: C:\Users\Kemi\AppData\Local\{FD0B6B2D-1307-43B8-AC38-0CE594B6729D} (Empty Folder)
Successfully deleted: C:\Users\Kemi\AppData\Local\dply_en_015020237 (Folder)
Successfully deleted: C:\Users\Kemi\Appdata\LocalLow\asktoolbar (Folder)
Successfully deleted: C:\Users\Public\Desktop\ebay.lnk (Shortcut)
Successfully deleted: C:\Users\Public\Desktop\help.lnk (Shortcut)
Successfully deleted: C:\Windows\system32\Tasks\Scheduled Update for Ask Toolbar (Task)
Successfully deleted: C:\Windows\wininit.ini (File)
Successfully deleted: C:\Program Files (x86)\ask.com (Folder)
Successfully deleted: C:\Program Files (x86)\avg security toolbar (Folder)
Successfully deleted: C:\Program Files (x86)\GUT2BF5.tmp (File)
Successfully deleted: C:\Users\Kemi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Kemi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Kemi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6DO4NOEX (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Kemi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\81EM4DMQ (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Kemi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DUMOPYQB (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Kemi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Kemi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GS4SNO5T (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Kemi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HHV6RI5X (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Kemi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Kemi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q6GRWWA0 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Kemi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QY3OTIAK (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Kemi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VTUJH6QL (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6DO4NOEX (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\81EM4DMQ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DUMOPYQB (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GS4SNO5T (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HHV6RI5X (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q6GRWWA0 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QY3OTIAK (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VTUJH6QL (Temporary Internet Files Folder)



Registry: 12

Successfully deleted: HKLM\Software\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater (Registry Value)
Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\vToolbarUpdater19.2.0 (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233} (Registry Value)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} (Registry Value)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 02/26/2016 at 17:54:10.33
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#7 adaba

adaba
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:07:39 AM

Posted 26 February 2016 - 10:33 PM

ESET Online Scanner:

 

C:\OEM\Preload\Autorun\APP\Nero 10 Essentials Gateway Edition\ISSetupPrerequisites\{BF80A1C0-C3FF-4B1C-ABEF-22CD4F97A0AB}\Toolbar.exe    a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application    cleaned by deleting
C:\Users\Kemi\AppData\Local\Temp\is-CMS91.tmp\predm.exe    a variant of Win32/Adware.EoRezo.BG application    cleaned by deleting
C:\Users\Kemi\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\3157844c-79c1efa8    multiple threats    cleaned by deleting
C:\Windows\Installer\5e8787.msi    a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application    deleted
 



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,759 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:39 AM

Posted 27 February 2016 - 10:57 AM

Hi remove what ADWcleaner found. What is your Browser//

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • The tool will start to update its database...please wait until complete.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button...a report (AdwCleaner[SX].txt) will open in Notepad (where the largest value of X represents the most recent report).
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
  • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
  • A copy of all logfiles are saved on the %systemdrive% (usually C:\).
How is it now?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 karolisbar

karolisbar

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:04:39 PM

Posted 27 February 2016 - 01:16 PM

An open field of personal information.



#10 adaba

adaba
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:07:39 AM

Posted 27 February 2016 - 03:14 PM

Someone wrote "an open field of personal information" Can you please delete my previous posts? Thank you.



#11 karolisbar

karolisbar

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:04:39 PM

Posted 28 February 2016 - 03:20 AM

Someone wrote "an open field of personal information" Can you please delete my previous posts? Thank you.

Full forum of it ;)



#12 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:02:39 PM

Posted 28 February 2016 - 04:47 AM

Not quite... the information gathered in logs are non-identifying. It is safe to post the logs online.

#13 karolisbar

karolisbar

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:04:39 PM

Posted 28 February 2016 - 07:11 AM

Not quite... the information gathered in logs are non-identifying. It is safe to post the logs online.

I see you lack info about computers.
There is enough information in those logs.
Dont lie to people.



 



#14 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:02:39 PM

Posted 28 February 2016 - 07:39 AM

You are not the first one with that kind of question - the staff answered a similar thread here. Bleeping Computer staff would not allow the posting of logs if there are any sensitive information in them.

#15 adaba

adaba
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:07:39 AM

Posted 28 February 2016 - 04:30 PM

Thank you for reassuring me. I use both internet explorer and Mozilla firefox.

 

AdwCleaner:

 

# AdwCleaner v5.036 - Logfile created 27/02/2016 at 12:55:22
# Updated 22/02/2016 by Xplode
# Database : 2016-02-27.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Kemi - KEMI-PC
# Running from : C:\Users\Kemi\Desktop\adwcleaner_5.036.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

Folder Found : C:\Program Files (x86)\AVG Secure Search
Folder Found : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Found : C:\ProgramData\AVG Secure Search
Folder Found : C:\ProgramData\Avg_Update_0814tb
Folder Found : C:\Users\Kemi\AppData\Local\AVG Secure Search
Folder Found : C:\Users\Kemi\AppData\LocalLow\AVG Secure Search
Folder Found : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}

***** [ Files ] *****

File Found : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml

***** [ DLL ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

Task Found : AVG-Secure-Search-Update_JUNE2013_HP_rmv
Task Found : AVG-Secure-Search-Update_JUNE2013_TB_rmv
Task Found : AVG-Secure-Search-Update_JUNE2013_HP_rmv
Task Found : AVG-Secure-Search-Update_JUNE2013_TB_rmv

***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\handler\viprotocol
Key Found : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found : HKCU\Software\APN
Key Found : HKCU\Software\Ask.com
Key Found : HKCU\Software\AskToolbar
Key Found : HKCU\Software\AVG Secure Search
Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
Key Found : HKLM\SOFTWARE\APN
Key Found : HKLM\SOFTWARE\AskToolbar
Key Found : HKLM\SOFTWARE\AVG Secure Search
Key Found : HKLM\SOFTWARE\AVG Security Toolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Found : HKU\.DEFAULT\Software\AskToolbar
Key Found : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Found : [x64] HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1

***** [ Web browsers ] *****

[C:\Users\Kemi\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : aol.com
[C:\Users\Kemi\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : ask.com
[C:\Users\Kemi\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : ndibdjnfmopecpmkdieinmbadjfpblof

*************************

C:\AdwCleaner\AdwCleaner[S1].txt - [13003 bytes] - [26/02/2016 17:27:58]
C:\AdwCleaner\AdwCleaner[S2].txt - [13077 bytes] - [26/02/2016 17:31:00]
C:\AdwCleaner\AdwCleaner[S3].txt - [13151 bytes] - [26/02/2016 17:31:50]
C:\AdwCleaner\AdwCleaner[S4].txt - [11811 bytes] - [27/02/2016 12:52:40]
C:\AdwCleaner\AdwCleaner[S5].txt - [11885 bytes] - [27/02/2016 12:54:34]
C:\AdwCleaner\AdwCleaner[S6].txt - [11673 bytes] - [27/02/2016 12:55:22]

########## EOF - C:\AdwCleaner\AdwCleaner[S6].txt - [11747 bytes] ##########






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users