Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hello from a computer pioneer needing help


  • Please log in to reply
15 replies to this topic

#1 Alblan

Alblan

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:56 PM

Posted 15 January 2017 - 05:37 PM

My first computer experience was at the Univ. of Okla. with an IBM 650 computer with 2000 words of core memory.  Big stuff!  As I recall, it was about 1958.  Since then I've used lots of other computers with increasing capabilities.  When they work well, they are wonderful tools.  When they get a virus, they are a real pain.  When antivirus and antimalware software lets something through, I am at a loss for how to fix it.  That's what attracted me to BleepingComputer.com.  I thought I was smart enough to benefit from combofix with no help.  Bad mistake!  So now I need help to overcome my overconfidence and recover a workable computer.  



BC AdBot (Login to Remove)

 


#2 ranchhand_

ranchhand_

  • Members
  • 1,777 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midwest
  • Local time:05:56 PM

Posted 15 January 2017 - 05:45 PM

Welcome to Bleeping Computer! At this point, you will want to post your request in the malware help section, here is the link:

 

https://www.bleepingcomputer.com/forums/f/103/am-i-infected-what-do-i-do/

 

Be patient, it can take a couple of days for someone to get back to you.


Help Requests: If there is no reply after 3 days I remove the thread from my answer list. For further help PM me.


#3 hamluis

hamluis

    Moderator


  • Moderator
  • 56,562 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:05:56 PM

Posted 15 January 2017 - 06:00 PM

No need to repost...moved this topic to Am I Infected forum.

 

Louis



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,569 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:56 PM

Posted 15 January 2017 - 10:54 PM

Welcome Alblan, please do these next..

3Al62Pm.pngMiniToolBox
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
SXvL3ZF.pngTDSSKiller
  • Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
zcMPezJ.pngAdwCleaner
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
lv0mVRW.pngJunkware Removal Tool
  • Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
cvMlKv6.pngESET Online Scanner
  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Alblan

Alblan
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:56 PM

Posted 16 January 2017 - 09:05 AM

Here is the TXT file generated by MiniToolBox.  The toolbox generated the file and kept running, flashing the error message "Getting Office Sessions errors:  5874".  I will continue stepwise--next is TDSSKiller.

 

MiniToolBox by Farbar  Version: 17-06-2016
Ran by Allen (administrator) on 16-01-2017 at 08:33:08
Running from "C:\Users\Allen\Desktop\BleepingComputer"
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86)
Model: Inspiron 1720 Manufacturer: Dell Inc.
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
127.0.0.1       localhost
========================= IP Configuration: ================================

Microsoft Loopback Adapter = Local Area Connection 2 (Connected)
Dell Wireless 1395 WLAN Mini-Card = Wireless Network Connection (Connected)
Broadcom 440x 10/100 Integrated Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add address name="Local Area Connection" address=192.168.0.1


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : ALLEN-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection 2:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Loopback Adapter
   Physical Address. . . . . . . . . : 02-00-4C-4F-4F-50
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::edf6:40a1:2089:ccac%11(Preferred)
   Autoconfiguration IPv4 Address. . : 169.254.204.172(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.0.0
   Default Gateway . . . . . . . . . :
   DHCPv6 IAID . . . . . . . . . . . : 302121036
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-0F-48-D5-21-00-1D-09-C1-57-68
   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Dell Wireless 1395 WLAN Mini-Card
   Physical Address. . . . . . . . . : 00-16-44-7E-35-2A
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::4cb8:a81a:476f:7c27%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Monday, January 16, 2017 6:55:48 AM
   Lease Expires . . . . . . . . . . : Tuesday, January 17, 2017 6:55:48 AM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 167777860
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-0F-48-D5-21-00-1D-09-C1-57-68
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom 440x 10/100 Integrated Controller
   Physical Address. . . . . . . . . : 00-1D-09-C1-57-68
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{507D28EF-D41D-4130-AF27-1E199180239E}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{29C414B5-38C1-484E-B659-F478176FB2BB}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{3E35F6BA-A4F5-49D1-BB60-3D18F638B723}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : 6TO4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  192.168.1.1

Name:    google.com
Addresses:  2607:f8b0:4002:c0c::64
      74.125.196.138
      74.125.196.102
      74.125.196.100
      74.125.196.113
      74.125.196.139
      74.125.196.101



Pinging google.com [216.58.217.142] with 32 bytes of data:

Reply from 216.58.217.142: bytes=32 time=32ms TTL=55

Reply from 216.58.217.142: bytes=32 time=33ms TTL=55



Ping statistics for 216.58.217.142:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 32ms, Maximum = 33ms, Average = 32ms

Server:  UnKnown
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  2001:4998:44:204::a7
      2001:4998:c:a06::2:4008
      2001:4998:58:c02::a9
      98.138.253.109
      98.139.183.24
      206.190.36.45



Pinging yahoo.com [206.190.36.45] with 32 bytes of data:

General failure.

Reply from 206.190.36.45: bytes=32 time=87ms TTL=47



Ping statistics for 206.190.36.45:

    Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),

Approximate round trip times in milli-seconds:

    Minimum = 87ms, Maximum = 87ms, Average = 87ms



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
 11 ...02 00 4c 4f 4f 50 ...... Microsoft Loopback Adapter
 10 ...00 16 44 7e 35 2a ...... Dell Wireless 1395 WLAN Mini-Card
  9 ...00 1d 09 c1 57 68 ...... Broadcom 440x 10/100 Integrated Controller
  1 ........................... Software Loopback Interface 1
  8 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
 24 ...00 00 00 00 00 00 00 e0  isatap.{507D28EF-D41D-4130-AF27-1E199180239E}
 23 ...00 00 00 00 00 00 00 e0  isatap.{29C414B5-38C1-484E-B659-F478176FB2BB}
 14 ...00 00 00 00 00 00 00 e0  isatap.{3E35F6BA-A4F5-49D1-BB60-3D18F638B723}
 25 ...00 00 00 00 00 00 00 e0  6TO4 Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.2     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      169.254.0.0      255.255.0.0         On-link   169.254.204.172    286
  169.254.204.172  255.255.255.255         On-link   169.254.204.172    286
  169.254.255.255  255.255.255.255         On-link   169.254.204.172    286
      192.168.1.0    255.255.255.0         On-link       192.168.1.2    281
      192.168.1.2  255.255.255.255         On-link       192.168.1.2    281
    192.168.1.255  255.255.255.255         On-link       192.168.1.2    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link   169.254.204.172    286
        224.0.0.0        240.0.0.0         On-link       192.168.1.2    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link   169.254.204.172    286
  255.255.255.255  255.255.255.255         On-link       192.168.1.2    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 11    286 fe80::/64                On-link
 10    281 fe80::/64                On-link
 10    281 fe80::4cb8:a81a:476f:7c27/128
                                    On-link
 11    286 fe80::edf6:40a1:2089:ccac/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    286 ff00::/8                 On-link
 10    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48640] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/16/2017 08:19:01 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description:
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.

System Error:
Arithmetic result exceeded 32 bits.

Error: (01/15/2017 11:33:07 PM) (Source: Application Hang) (User: )
Description: The program MiniToolBox.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 1390
Start Time: 01d26fb034932734
Termination Time: 15

Error: (01/15/2017 11:32:46 PM) (Source: Windows Search Service) (User: )
Description: The update cannot be started because the content sources cannot be accessed. Fix the errors and try the update again.

Context: Windows Application, SystemIndex Catalog

Error: (01/15/2017 11:23:42 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\ALLEN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\A72C95JF.DEFAULT-1453475763174\SAFEBROWSING-BACKUP> in the hash map cannot be updated.

Context: Windows Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (01/15/2017 08:51:05 PM) (Source: Application Error) (User: )
Description: Faulting application SearchIndexer.exe, version 7.0.6002.18005, time stamp 0x49e02459, faulting module TQUERY.DLL, version 7.0.6002.18005, time stamp 0x49e0382e, exception code 0xc0000005, fault offset 0x0001d642,
process id 0xacc, application start time 0xSearchIndexer.exe0.

Error: (01/15/2017 08:51:03 PM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index. The service will attempt to automatically correct this problem by rebuilding the index.

Context: Windows Application, SystemIndex Catalog


Details:
    The content index metadata cannot be read.   0xc0041801 (0xc0041801)

Error: (01/15/2017 04:37:04 PM) (Source: Google Update) (User: ALLEN-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned

Error: (01/15/2017 04:18:20 PM) (Source: Application Error) (User: )
Description: Faulting application firefox.exe, version 50.1.0.6186, time stamp 0x5849ff9c, faulting module mozglue.dll, version 50.1.0.6186, time stamp 0x5849ff8b, exception code 0x80000003, fault offset 0x0000ec79,
process id 0x10c0, application start time 0xfirefox.exe0.

Error: (01/15/2017 05:30:30 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description:
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.

System Error:
Arithmetic result exceeded 32 bits.

Error: (01/15/2017 05:00:14 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description:
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.

System Error:
Arithmetic result exceeded 32 bits.


System errors:
=============
Error: (01/16/2017 08:27:25 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (01/16/2017 08:17:25 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (01/16/2017 08:07:25 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (01/16/2017 07:57:25 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (01/16/2017 07:47:25 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (01/16/2017 07:37:25 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (01/16/2017 07:27:25 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (01/16/2017 07:17:25 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (01/16/2017 07:07:25 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (01/16/2017 07:01:55 AM) (Source: Service Control Manager) (User: )
Description: PnP-X IP Bus EnumeratorFunction Discovery Provider Host%%1058 = The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.



Microsoft Office Sessions:
=========================
Error: (01/04/2017 02:34:26 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6753.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 60 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (12/27/2016 11:02:19 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6753.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 28 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (12/25/2016 11:04:53 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6753.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 43 seconds with 0 seconds of active time.  This session ended with a crash.
 



#6 Alblan

Alblan
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:56 PM

Posted 16 January 2017 - 10:37 AM

Here is the report generated by TDSSKiller.  No threats were found.

 

My next step is to run AdwCleaner and post it.

 

10:23:30.0190 0x1594  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
10:25:37.0219 0x1594  ============================================================
10:25:37.0219 0x1594  Current date / time: 2017/01/16 10:25:37.0219
10:25:37.0219 0x1594  SystemInfo:
10:25:37.0219 0x1594  
10:25:37.0219 0x1594  OS Version: 6.0.6002 ServicePack: 2.0
10:25:37.0219 0x1594  Product type: Workstation
10:25:37.0219 0x1594  ComputerName: ALLEN-PC
10:25:37.0228 0x1594  UserName: Allen
10:25:37.0228 0x1594  Windows directory: C:\Windows
10:25:37.0228 0x1594  System windows directory: C:\Windows
10:25:37.0228 0x1594  Processor architecture: Intel x86
10:25:37.0228 0x1594  Number of processors: 2
10:25:37.0228 0x1594  Page size: 0x1000
10:25:37.0228 0x1594  Boot type: Normal boot
10:25:37.0228 0x1594  CodeIntegrityOptions = 0x00000000
10:25:37.0228 0x1594  ============================================================
10:25:40.0774 0x1594  KLMD registered as C:\Windows\system32\drivers\46967774.sys
10:25:40.0777 0x1594  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 6002.19700, osProperties = 0x0
10:25:43.0528 0x1594  System UUID: {64033406-0A02-06EA-85E8-CFC752E02BA4}
10:25:47.0850 0x1594  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
10:26:01.0168 0x1594  Drive \Device\Harddisk1\DR1 - Size: 0x1D1B3F00000 ( 1862.81 Gb ), SectorSize: 0x200, Cylinders: 0x3B5E6, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:26:01.0178 0x1594  Drive \Device\Harddisk2\DR2 - Size: 0xEE7E00000 ( 59.62 Gb ), SectorSize: 0x200, Cylinders: 0x1E67, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:26:01.0183 0x1594  Drive \Device\Harddisk3\DR3 - Size: 0xEE7E00000 ( 59.62 Gb ), SectorSize: 0x200, Cylinders: 0x1E67, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:26:01.0184 0x1594  ============================================================
10:26:01.0184 0x1594  \Device\Harddisk0\DR0:
10:26:01.0215 0x1594  MBR partitions:
10:26:01.0216 0x1594  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x27800, BlocksNum 0x1400000
10:26:01.0216 0x1594  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1427800, BlocksNum 0x1B89D800
10:26:01.0250 0x1594  \Device\Harddisk1\DR1:
10:26:01.0251 0x1594  MBR partitions:
10:26:01.0299 0x1594  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x65F9A, BlocksNum 0xE8D376CC
10:26:01.0299 0x1594  \Device\Harddisk2\DR2:
10:26:01.0300 0x1594  MBR partitions:
10:26:01.0300 0x1594  \Device\Harddisk2\DR2\Partition1: MBR, Type 0xC, StartLBA 0x20, BlocksNum 0x773EFE0
10:26:01.0300 0x1594  \Device\Harddisk3\DR3:
10:26:01.0301 0x1594  MBR partitions:
10:26:01.0301 0x1594  \Device\Harddisk3\DR3\Partition1: MBR, Type 0xC, StartLBA 0x20, BlocksNum 0x773EFE0
10:26:01.0301 0x1594  ============================================================
10:26:01.0453 0x1594  C: <-> \Device\Harddisk0\DR0\Partition2
10:26:01.0594 0x1594  D: <-> \Device\Harddisk0\DR0\Partition1
10:26:01.0594 0x1594  ============================================================
10:26:01.0594 0x1594  Initialize success
10:26:01.0594 0x1594  ============================================================
10:26:41.0539 0x1300  ============================================================
10:26:41.0539 0x1300  Scan started
10:26:41.0539 0x1300  Mode: Manual;
10:26:41.0539 0x1300  ============================================================
10:26:41.0539 0x1300  KSN ping started
10:27:17.0003 0x1300  KSN ping finished: true
10:27:17.0959 0x1300  ================ Scan system memory ========================
10:27:17.0959 0x1300  System memory - ok
10:27:17.0960 0x1300  ================ Scan services =============================
10:27:18.0189 0x1300  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
10:27:18.0198 0x1300  ACPI - ok
10:27:18.0314 0x1300  [ E8FE4FCE23D2809BD88BCC1D0F8408CE, D744A1052BF104490A8D9BDE2B331F2C0157FCF58B54867E192B62CEE85F697E ] AdobeActiveFileMonitor6.0 C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
10:27:18.0319 0x1300  AdobeActiveFileMonitor6.0 - ok
10:27:18.0465 0x1300  [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
10:27:18.0474 0x1300  AdobeARMservice - ok
10:27:18.0576 0x1300  [ B79750091FC0842182FE49D263791294, 32FC260A74C9C45CD1E8998523642C285866378FCD9478FEFD15A0CC42EC0E0B ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:27:18.0582 0x1300  AdobeFlashPlayerUpdateSvc - ok
10:27:18.0625 0x1300  [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB, 0342700760874683A6DF4F149DACACEF0569D40C45FC5958C67100B3C5D9BBBC ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
10:27:18.0639 0x1300  adp94xx - ok
10:27:18.0675 0x1300  [ B84088CA3CDCA97DA44A984C6CE1CCAD, 87009809FB101BF51483FA32318CBCD209386582880C82417BE4FFAD1B04C8C1 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
10:27:18.0685 0x1300  adpahci - ok
10:27:18.0714 0x1300  [ 7880C67BCCC27C86FD05AA2AFB5EA469, C8B06E203EEA6EAD19651F212432005ABADFF21E2AA5699E34040527394F2677 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
10:27:18.0718 0x1300  adpu160m - ok
10:27:18.0744 0x1300  [ 9AE713F8E30EFC2ABCCD84904333DF4D, B0C7801AC6E0811C38F0474703F34283914C8873D851F59EE232834F7C0D8087 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
10:27:18.0750 0x1300  adpu320 - ok
10:27:18.0794 0x1300  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
10:27:18.0796 0x1300  AeLookupSvc - ok
10:27:18.0829 0x1300  [ EF1142512BEC12F1C2C87735DA1755BE, 236EFD8FBA717123E0CF5A136ACEBB80A2BE1FA4B1A9A2C74728BC4EB4E787D8 ] AESTFilters     C:\Windows\system32\aestsrv.exe
10:27:18.0833 0x1300  AESTFilters - ok
10:27:18.0889 0x1300  [ 4A0978779958D8FE8F5849F452BCC812, C57002A721F3DCAFB00CF4DEC57E9E761393BDB471ACEAFFDBD1ABA9AE308598 ] AFD             C:\Windows\system32\drivers\afd.sys
10:27:18.0898 0x1300  AFD - ok
10:27:18.0938 0x1300  [ 8B10CE1C1F9F1D47E4DEB1A547A00CD4, 2E89838BD068314F4BE59753486E5D666FE2A3DD0A616E00EED4E0F83DB87401 ] agp440          C:\Windows\system32\drivers\agp440.sys
10:27:18.0941 0x1300  agp440 - ok
10:27:18.0966 0x1300  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
10:27:18.0970 0x1300  aic78xx - ok
10:27:19.0003 0x1300  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
10:27:19.0005 0x1300  ALG - ok
10:27:19.0044 0x1300  [ DC67A153FDB8105B25D05334B5E1D8E2, 95CD9ABE73EC1E5111F5D599FE16EB1B3A6A87B7FC54922254769032CD2BEF0E ] aliide          C:\Windows\system32\drivers\aliide.sys
10:27:19.0046 0x1300  aliide - ok
10:27:19.0061 0x1300  [ 848F27E5B27C1C253F6CEFDC1A5D8F21, 0FE955D82CE68A1FC5DCA33626179005B90803821005A370EB36352817433089 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
10:27:19.0064 0x1300  amdagp - ok
10:27:19.0092 0x1300  [ 835C4C3355088298A5EBD818FA31430F, 947E587F016AD3B2B4606334E03372F34D806ED1AFF4860E7EA2E289D70FB79E ] amdide          C:\Windows\system32\drivers\amdide.sys
10:27:19.0093 0x1300  amdide - ok
10:27:19.0140 0x1300  [ DC487885BCEF9F28EECE6FAC0E5DDFC5, 24A62F6E628AD46273BC226F7BC3453A9C7B76F81ABB9FB801EBEFADB2AB7C9B ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
10:27:19.0142 0x1300  AmdK7 - ok
10:27:19.0171 0x1300  [ 0CA0071DA4315B00FC1328CA86B425DA, 4F816FA2197166A83A266084F9D5ED68876D0521D378F90F1314DD53C6FB8814 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
10:27:19.0174 0x1300  AmdK8 - ok
10:27:19.0210 0x1300  [ 350F19EB5FE4EC37A2414DF56CDE1AA8, AC78C39D08D7DFEC19AF3FEF40C0EB8290897CABFF1DE40A399026E37426C735 ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
10:27:19.0216 0x1300  ApfiltrService - ok
10:27:19.0274 0x1300  [ 8F7D200717A58E9800D391F4C2101577, F07CF0F5636F46D8F3D5133284943E991E8739E5A644BCA5F18BB896B374620D ] Appinfo         C:\Windows\System32\appinfo.dll
10:27:19.0276 0x1300  Appinfo - ok
10:27:19.0351 0x1300  [ A9AE03362A846898368653E94B6DB1AA, EF6EE35E85C75561C1E6D38D0005C8E31FF492F0B2CDEB914ACA4E026759511D ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:27:19.0355 0x1300  Apple Mobile Device - ok
10:27:19.0406 0x1300  [ 5F673180268BB1FDB69C99B6619FE379, C4307A861163F96648109046A6C7D53AB1C9B10D0B841DD1A7D147D22F462649 ] arc             C:\Windows\system32\drivers\arc.sys
10:27:19.0410 0x1300  arc - ok
10:27:19.0431 0x1300  [ 957F7540B5E7F602E44648C7DE5A1C05, F03C7708A6C9D2579ECE5A7413AFA068E1067D7191EC653A78BA4FEDE76CFBD8 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
10:27:19.0434 0x1300  arcsas - ok
10:27:19.0539 0x1300  [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
10:27:19.0566 0x1300  aspnet_state - ok
10:27:19.0609 0x1300  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
10:27:19.0614 0x1300  AsyncMac - ok
10:27:19.0642 0x1300  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi           C:\Windows\system32\drivers\atapi.sys
10:27:19.0643 0x1300  atapi - ok
10:27:19.0698 0x1300  [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:27:19.0705 0x1300  AudioEndpointBuilder - ok
10:27:19.0719 0x1300  [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
10:27:19.0726 0x1300  Audiosrv - ok
10:27:20.0067 0x1300  [ 5FA2B930ED91270CF9534465DF7E12EA, 8F4A1DA8CF5B4367A79FA80856797EEF1A745A1FFAFC9F996A781333DBC4538C ] AVG Antivirus   C:\Program Files\AVG\Antivirus\AVGSvc.exe
10:27:20.0076 0x1300  AVG Antivirus - ok
10:27:20.0196 0x1300  [ 26064A4F92ADDEA6EDBB43ADE5AF102C, D12C6240F8B3A815425B16923CF1B69FBF3FB0ECE8D1156CF8C5065746258BE9 ] AVG Firewall    C:\Program Files\AVG\Antivirus\afwServ.exe
10:27:20.0218 0x1300  AVG Firewall - ok
10:27:20.0296 0x1300  [ 0150E1A7446A9947195283A524718E44, 50CE1862EDA37A92C26B6F9B79A9F7A1ADC83CD22624ECBCF2772F6D327DF0A6 ] avgbdisk        C:\Windows\system32\drivers\avgbdiskx.sys
10:27:20.0302 0x1300  avgbdisk - ok
10:27:20.0649 0x1300  [ 4D67B1B4576F8F95DC2D7CB2234F1862, 4DF29ECA4D61A8F2DEFF558C6F727C2967462EB348F51F0512ADA4F74C5615E8 ] avgbIDSAgent    C:\Program Files\AVG\Antivirus\aswidsagent.exe
10:27:20.0800 0x1300  avgbIDSAgent - ok
10:27:20.0909 0x1300  [ C3F2405A49B793608704A39E83097A53, F59EDA42CE07F01B6DA63494B042E9C4CB4C916BD5D60B478E0C92182C9834F9 ] avgbidsdriver   C:\Windows\system32\drivers\avgbidsdriverx.sys
10:27:20.0936 0x1300  avgbidsdriver - ok
10:27:21.0006 0x1300  [ D694D0F8D0C7B13E8C2B42BC22AC7CAF, A72127B666B5241ADD54CA631559E1EFDAB5758BBC6BEC8F87FF1F620B45B6B7 ] avgbidsh        C:\Windows\system32\drivers\avgbidshx.sys
10:27:21.0055 0x1300  avgbidsh - ok
10:27:21.0095 0x1300  [ 5839F0CE5415932DB278CBC4DD069E21, D5C8B46B5DD451C2497EF73AEC90C838003B1ECA8BDAB236030AEF008B55D09C ] avgblog         C:\Windows\system32\drivers\avgblogx.sys
10:27:21.0129 0x1300  avgblog - ok
10:27:21.0163 0x1300  [ 14A964445037139D963E72012F91CE1C, 29BFA118DAA069B975BD3E39E1F51438E8A284779F94604A7F8FC5B815AECBFA ] avgbuniv        C:\Windows\system32\drivers\avgbunivx.sys
10:27:21.0166 0x1300  avgbuniv - ok
10:27:21.0194 0x1300  [ B1CDC6DD582B2E50B56E8FE04753B096, DC06075870514F1A1F0B8050DC3A0684C3C79F089FBC4AE321D9FFC12F563073 ] avgHwid         C:\Windows\system32\drivers\avgHwid.sys
10:27:21.0197 0x1300  avgHwid - ok
10:27:21.0276 0x1300  [ F745250359281A4E71A56C1083CDF0D7, 1D375415B5A0F9C841FD10C758406475F50A4D30A339C1FF30CED97F594CC67C ] avgMonFlt       C:\Windows\system32\drivers\avgMonFlt.sys
10:27:21.0282 0x1300  avgMonFlt - ok
10:27:21.0336 0x1300  [ 3B854CCDEA10F6E0ED795B9E6A273D7D, 2F30CFB8BF6CE6F28FA67DEA07DD57A632B44F43AA559109FD78ABC9C76007F0 ] avgNdis         C:\Windows\system32\DRIVERS\avgNdis.sys
10:27:21.0338 0x1300  avgNdis - ok
10:27:21.0442 0x1300  [ DB8FC431C2E19306A2C9B043879DB343, 7C6CE82676EA536753CF1D702A2351D6BA75965D03E274E364E7C3777FF1F856 ] avgNdis2        C:\Windows\system32\drivers\avgNdis2.sys
10:27:21.0453 0x1300  avgNdis2 - ok
10:27:21.0479 0x1300  [ 4C9E739772AAC0D30BB318127BD278AB, 7FDFAFC65D2FDDAD4E10F9FEF5A9EA52BDBEE66C1F64929FAAE209A243F94CDE ] avgRdr          C:\Windows\system32\drivers\avgRdr.sys
10:27:21.0482 0x1300  avgRdr - ok
10:27:21.0501 0x1300  [ 9DB6C6DFBAC0F92A0E89276065A72716, CA1FD678A993163B6D7D2C37D4D8EDB1EDC03D346AF66C851302E1F1C54BFD5A ] avgRvrt         C:\Windows\system32\drivers\avgRvrt.sys
10:27:21.0504 0x1300  avgRvrt - ok
10:27:21.0566 0x1300  [ BFFF87FBBE2E53D2F5B06744E155E5C2, 3999475E4BAC50B703CEDC45DD7D29613A2A9CC8E69AA5A38D92137AF10568B2 ] avgSnx          C:\Windows\system32\drivers\avgSnx.sys
10:27:21.0590 0x1300  avgSnx - ok
10:27:21.0636 0x1300  [ 29354923E0BE31BB0AE5A9948D8D4613, D3191367EA9AD645BEC0985F1078904283CE2186AD2EC0E90875899DB3BE6285 ] avgSP           C:\Windows\system32\drivers\avgSP.sys
10:27:21.0651 0x1300  avgSP - ok
10:27:21.0709 0x1300  [ CB442D61DFF3E252204E8DDA5EB4B327, DDFA76EAF66FEEEB1C98DC9EBD524D06B06781EB8991F336819F90579A21A326 ] avgStmXP        C:\Windows\system32\drivers\avgStmXP.sys
10:27:21.0716 0x1300  avgStmXP - ok
10:27:21.0852 0x1300  [ 46539C3B20426090B52316F941FF3E92, 0DB5F799836D4BF8773F7122D2D9271BA64F21B622769EB05A0D7AB64D264FEB ] avgsvc          C:\Program Files\AVG\Framework\Common\avgsvcx.exe
10:27:21.0890 0x1300  avgsvc - ok
10:27:21.0930 0x1300  [ 88F05474AAD91F808EE07DD4530E6276, A9459A88D3B8CAD8CD5481A44C339971BC389D5FA4750C76BF921C2AF21FF43E ] avgVmm          C:\Windows\system32\drivers\avgVmm.sys
10:27:21.0939 0x1300  avgVmm - ok
10:27:22.0091 0x1300  [ A2494901E7226B356B8C1005C45F1C5F, A4A7076D40B012BB415C4B661B8C45671B853330746E278D080EC96596EEECBE ] BBSvc           C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe
10:27:22.0114 0x1300  BBSvc - ok
10:27:22.0178 0x1300  [ 63B1CBBAE4790B5BAC98F01BF9449722, 0A49B9FCEF33B38132B0AB8A9D7591A46856E82BC2123841E27A895817D92695 ] BBUpdate        C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.exe
10:27:22.0193 0x1300  BBUpdate - ok
10:27:22.0198 0x1300  BCM42RLY - ok
10:27:22.0272 0x1300  [ CDF7F28FFD693B1B4137845DD1EF1CCC, 5EAEC23CEEFF69DE116C4435D6AD637BD87E20BE82B6299560F2ED3A7EAD678D ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl6.sys
10:27:22.0331 0x1300  BCM43XX - ok
10:27:22.0381 0x1300  [ CD4646067CC7DCBA1907FA0ACF7E3966, 705DF801ACB8719213E95D6214E6C30F7A217663305DBB718F7ECD40F0084340 ] bcm4sbxp        C:\Windows\system32\DRIVERS\bcm4sbxp.sys
10:27:22.0486 0x1300  bcm4sbxp - ok
10:27:22.0532 0x1300  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
10:27:22.0533 0x1300  Beep - ok
10:27:22.0580 0x1300  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll
10:27:22.0589 0x1300  BFE - ok
10:27:22.0649 0x1300  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\System32\qmgr.dll
10:27:22.0675 0x1300  BITS - ok
10:27:22.0685 0x1300  blbdrive - ok
10:27:22.0803 0x1300  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:27:22.0812 0x1300  Bonjour Service - ok
10:27:22.0843 0x1300  [ 00802ACA417DFE68721B083522D08539, B156DB3A68D7246780F26AED10BD3F84D6C9564BD475AF6675A2C78EC06E5584 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
10:27:22.0934 0x1300  bowser - ok
10:27:22.0980 0x1300  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
10:27:22.0982 0x1300  BrFiltLo - ok
10:27:22.0997 0x1300  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
10:27:22.0999 0x1300  BrFiltUp - ok
10:27:23.0023 0x1300  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
10:27:23.0026 0x1300  Browser - ok
10:27:23.0050 0x1300  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
10:27:23.0058 0x1300  Brserid - ok
10:27:23.0077 0x1300  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
10:27:23.0081 0x1300  BrSerWdm - ok
10:27:23.0108 0x1300  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
10:27:23.0138 0x1300  BrUsbMdm - ok
10:27:23.0194 0x1300  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
10:27:23.0196 0x1300  BrUsbSer - ok
10:27:23.0264 0x1300  [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
10:27:23.0267 0x1300  BTHMODEM - ok
10:27:23.0328 0x1300  [ 248DFA5762DDE38DFDDBBD44149E9D7A, D696D5698B7B5B331A6ED39172015349685450D10F63B1E4D4112199198FA5C7 ] BVRPMPR5        C:\Windows\system32\drivers\BVRPMPR5.SYS
10:27:23.0345 0x1300  BVRPMPR5 - ok
10:27:23.0407 0x1300  catchme - ok
10:27:23.0448 0x1300  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
10:27:23.0472 0x1300  cdfs - ok
10:27:23.0511 0x1300  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
10:27:23.0518 0x1300  cdrom - ok
10:27:23.0555 0x1300  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll
10:27:23.0557 0x1300  CertPropSvc - ok
10:27:23.0586 0x1300  [ DA8E0AFC7BAA226C538EF53AC2F90897, 2BBB9966671A3B8325D215DBC29FBD7D912C13ADC562A0D4521D1FF9A6F445C0 ] circlass        C:\Windows\system32\drivers\circlass.sys
10:27:23.0589 0x1300  circlass - ok
10:27:23.0646 0x1300  [ 326CE9CCCE687AC337F4DFC936C0BA08, 47A70692F5708ABA091EF0856168CAA9F5E04EB9FC1DEEC0C454A5A5A2F781BF ] CLFS            C:\Windows\system32\CLFS.sys
10:27:23.0655 0x1300  CLFS - ok
10:27:23.0732 0x1300  [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:27:23.0738 0x1300  clr_optimization_v2.0.50727_32 - ok
10:27:23.0790 0x1300  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:27:23.0879 0x1300  clr_optimization_v4.0.30319_32 - ok
10:27:23.0900 0x1300  [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
10:27:23.0903 0x1300  CmBatt - ok
10:27:23.0935 0x1300  [ E79CBB2195E965F6E3256E2C1B23FD1C, 176819CEDE1BC16499B0E67EBDB46D7A627189D6B0DAF733B10FBE0DD3E030A2 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
10:27:23.0937 0x1300  cmdide - ok
10:27:23.0964 0x1300  [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
10:27:23.0966 0x1300  Compbatt - ok
10:27:23.0971 0x1300  COMSysApp - ok
10:27:24.0004 0x1300  [ 2A213AE086BBEC5E937553C7D9A2B22C, 1F91ACC0426E0ED1717555B282F65629EF15021375B24A63C29C89ADE916EE2A ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
10:27:24.0006 0x1300  crcdisk - ok
10:27:24.0034 0x1300  [ 22A7F883508176489F559EE745B5BF5D, D6341E3FBC8A46D2D1F0477FA60EC4828B585D35B14609CD02868FD04ECD14DB ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
10:27:24.0037 0x1300  Crusoe - ok
10:27:24.0069 0x1300  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
10:27:24.0074 0x1300  CryptSvc - ok
10:27:24.0144 0x1300  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate        C:\Program Files\Dropbox\Update\DropboxUpdate.exe
10:27:24.0150 0x1300  dbupdate - ok
10:27:24.0168 0x1300  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem       C:\Program Files\Dropbox\Update\DropboxUpdate.exe
10:27:24.0171 0x1300  dbupdatem - ok
10:27:24.0197 0x1300  dbx - ok
10:27:24.0235 0x1300  [ 97C84088ABAC51837A8DE190607A009C, 9EA08657851F0502783FE4472B85E51FF20569E6FF1C08E83544578B60C33D89 ] DbxSvc          C:\Windows\system32\DbxSvc.exe
10:27:24.0338 0x1300  DbxSvc - ok
10:27:24.0405 0x1300  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch      C:\Windows\system32\rpcss.dll
10:27:24.0424 0x1300  DcomLaunch - ok
10:27:24.0461 0x1300  [ 4E428F992C64E061C9AF56CCD3F78DAE, 52934D57DA564FBFE5730BCB2B74C46D07FA516AB8A2380122E84D9C5A2966F6 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
10:27:24.0463 0x1300  DfsC - ok
10:27:24.0582 0x1300  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
10:27:24.0681 0x1300  DFSR - ok
10:27:24.0753 0x1300  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
10:27:24.0759 0x1300  Dhcp - ok
10:27:24.0797 0x1300  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
10:27:24.0800 0x1300  disk - ok
10:27:24.0849 0x1300  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
10:27:24.0876 0x1300  Dnscache - ok
10:27:24.0901 0x1300  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll
10:27:24.0908 0x1300  dot3svc - ok
10:27:24.0957 0x1300  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
10:27:25.0007 0x1300  DPS - ok
10:27:25.0043 0x1300  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
10:27:25.0045 0x1300  drmkaud - ok
10:27:25.0120 0x1300  [ 6D2A164686B15F590DF012ABA4735888, 8A7A2656571FCFE0B56F64E5FDF48B37D101C0D3CE50A8A22481DC440CAB46D9 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
10:27:25.0141 0x1300  DXGKrnl - ok
10:27:25.0197 0x1300  [ 7505290504C8E2D172FA378CC0497BCC, 8DD69E1B27EC13E62529C87B6B796675681E6329C825E64EEC9134B15C08161C ] e1express       C:\Windows\system32\DRIVERS\e1e6032.sys
10:27:25.0205 0x1300  e1express - ok
10:27:25.0265 0x1300  [ F88FB26547FD2CE6D0A5AF2985892C48, F02E06E16830F5D3FAF61991F5A91E54BB3461F58AFE3BFB7A9066CD302B879F ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
10:27:25.0269 0x1300  E1G60 - ok
10:27:25.0309 0x1300  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
10:27:25.0312 0x1300  EapHost - ok
10:27:25.0357 0x1300  [ 9BAB89DBB27891DEEF6E1F1B589A6ED4, 61BE4A6394ED5C99CB84B720F6AA6B97C7FE71A7A04D822F6EE99AB084C55606 ] Ecache          C:\Windows\system32\drivers\ecache.sys
10:27:25.0363 0x1300  Ecache - ok
10:27:25.0426 0x1300  [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
10:27:25.0436 0x1300  ehRecvr - ok
10:27:25.0479 0x1300  [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched         C:\Windows\ehome\ehsched.exe
10:27:25.0484 0x1300  ehSched - ok
10:27:25.0505 0x1300  [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart         C:\Windows\ehome\ehstart.dll
10:27:25.0506 0x1300  ehstart - ok
10:27:25.0537 0x1300  [ E8F3F21A71720C84BCF423B80028359F, 63114E6120F634224A0E83A5047B37C7D6F26CF99FE3C01CFC0AB8B1763BB084 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
10:27:25.0548 0x1300  elxstor - ok
10:27:25.0661 0x1300  [ E798C0BDFA4913CCF8A646D29BB34796, 7CDB2BCCDD8A8A70C6248C327A357EA3488C7ADED32D4F89B933ED72AE12B73B ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
10:27:25.0677 0x1300  EMDMgmt - ok
10:27:25.0781 0x1300  [ FB676B0D3A046B7642DB24470FAE67E7, 0B972DF25E27146E0A69EFA541FD9C2FB978A2A23D9EECBF4BD21348BC8F289A ] ESProtectionDriver C:\Program Files\Malwarebytes Anti-Exploit\mbae.sys
10:27:25.0883 0x1300  ESProtectionDriver - ok
10:27:25.0956 0x1300  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll
10:27:26.0071 0x1300  EventSystem - ok
10:27:26.0098 0x1300  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys
10:27:26.0104 0x1300  exfat - ok
10:27:26.0147 0x1300  [ 4E404505B3F62ECFBDBCBBCF0A72DBC5, 9F446ED06A31BFE52C4F1E8ACC400B8E3F47A3CC02FFC950DB861B2B3BA4C5B9 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
10:27:26.0153 0x1300  fastfat - ok
10:27:26.0193 0x1300  [ 63BDADA84951B9C03E641800E176898A, AD3EA20CAD0E0C438422D5D39AEA9E0AAD9E1DC866A696AE503C76F5FAC4BE6E ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
10:27:26.0195 0x1300  fdc - ok
10:27:26.0236 0x1300  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
10:27:26.0239 0x1300  fdPHost - ok
10:27:26.0275 0x1300  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
10:27:26.0278 0x1300  FDResPub - ok
10:27:26.0401 0x1300  [ F3F5FA7131CE65F419B7176F72810BB3, AB4CE02537F934447DDB09A5FA377C6BB1EB13F2738D0B8E997DB22797C588D6 ] FibUacService   C:\ProgramData\Clickfree\FullImagingBackup\FibUac.exe
10:27:26.0504 0x1300  FibUacService - ok
10:27:26.0532 0x1300  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
10:27:26.0535 0x1300  FileInfo - ok
10:27:26.0551 0x1300  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
10:27:26.0553 0x1300  Filetrace - ok
10:27:26.0609 0x1300  [ 227846995AFEEFA70D328BF5334A86A5, B8EF22DE552B44E7DC352742C775BB6B4992B653AF4B66B231A60182CE7A7201 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
10:27:26.0715 0x1300  FLEXnet Licensing Service - ok
10:27:26.0749 0x1300  [ 6603957EFF5EC62D25075EA8AC27DE68, B52D112301A6BFBD60959D7D2502AB2E1EB6BB7F5DCED46899F1F006C7F1E887 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
10:27:26.0751 0x1300  flpydisk - ok
10:27:26.0786 0x1300  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
10:27:26.0792 0x1300  FltMgr - ok
10:27:26.0849 0x1300  [ A74E6ECEA9278BF36F24D5960BFF7596, 2D1D31C7310C5C97BDAD23050060505C79352FFFFA009F36649756395530DA04 ] FontCache       C:\Windows\system32\FntCache.dll
10:27:26.0871 0x1300  FontCache - ok
10:27:26.0937 0x1300  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
10:27:26.0940 0x1300  FontCache3.0.0.0 - ok
10:27:26.0971 0x1300  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
10:27:26.0973 0x1300  Fs_Rec - ok
10:27:27.0023 0x1300  [ ED1C85904AC2FE0F61D46F95867999C0, 9F0AFAB501A880EA081E776153BC04445BC75DFE41627007525FCCE12AA57ADD ] FullImagingService C:\ProgramData\Clickfree\FullImagingBackup\FullImagingService.exe
10:27:27.0163 0x1300  FullImagingService - ok
10:27:27.0189 0x1300  [ 4E1CD0A45C50A8882616CAE5BF82F3C5, 1B909AF150F7119A5685999451A85012F4A92F15F38390A281EA507E2D247BAE ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
10:27:27.0208 0x1300  gagp30kx - ok
10:27:27.0271 0x1300  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:27:27.0273 0x1300  GEARAspiWDM - ok
10:27:27.0403 0x1300  [ BCC0A10AF241A8414FF8E5AB43151950, DB4FB166CEF30F6E818C0E26E434B0AD2F787BEE57CE540D542DB4E715DFE037 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
10:27:27.0433 0x1300  GfExperienceService - ok
10:27:27.0498 0x1300  [ 1E74AA0D84B3AF74B39D63142DB0D2AA, EFA23EA053FB2CF2A374201F662680712F475C2461A84643755E9BC2E066E0A2 ] gpsvc           C:\Windows\System32\gpsvc.dll
10:27:27.0557 0x1300  gpsvc - ok
10:27:27.0629 0x1300  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
10:27:27.0635 0x1300  gupdate - ok
10:27:27.0647 0x1300  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
10:27:27.0650 0x1300  gupdatem - ok
10:27:27.0704 0x1300  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
10:27:27.0721 0x1300  HDAudBus - ok
10:27:27.0766 0x1300  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
10:27:27.0769 0x1300  HidBth - ok
10:27:27.0793 0x1300  [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys
10:27:27.0795 0x1300  HidIr - ok
10:27:27.0816 0x1300  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\System32\hidserv.dll
10:27:27.0819 0x1300  hidserv - ok
10:27:27.0858 0x1300  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
10:27:27.0860 0x1300  HidUsb - ok
10:27:27.0898 0x1300  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
10:27:27.0903 0x1300  hkmsvc - ok
10:27:27.0937 0x1300  [ DF353B401001246853763C4B7AAA6F50, 05C043493BDD99DEFBB0F5C3D8C475B06C2BF5629565ACF6F3B754002519B836 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
10:27:27.0940 0x1300  HpCISSs - ok
10:27:28.0058 0x1300  [ 1878A79551F2EDAE7EBD110AAE6D33AD, 1F409360B44AEB3A6023E953EAB350FFB3EB8322F589E2422AB312288B33A2DA ] HPSupportSolutionsFrameworkService C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe
10:27:28.0063 0x1300  HPSupportSolutionsFrameworkService - ok
10:27:28.0154 0x1300  [ EEFBAA7957D6041C734E596D05C3804A, 5F85B584A19743C8AA28AB68E5CF07D68FCB44EFB0EF1BDA55A08AF6F2AEC5ED ] HSF_DPV         C:\Windows\system32\DRIVERS\HSX_DPV.sys
10:27:28.0322 0x1300  HSF_DPV - ok
10:27:28.0359 0x1300  [ BE2B2CF481CD61619C5EFD77B4CBC445, 7E585346951103A9B87C7D1F4788852C963BD3937890EE0229805BD94CE7EA27 ] HSXHWAZL        C:\Windows\system32\DRIVERS\HSXHWAZL.sys
10:27:28.0506 0x1300  HSXHWAZL - ok
10:27:28.0567 0x1300  [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
10:27:28.0585 0x1300  HTTP - ok
10:27:28.0660 0x1300  [ 324C2152FF2C61ABAE92D09F3CCA4D63, 2D09964C8003277F7DB1FFAA0DAEF15B205F3C4100FF601950BC9E544DC0B91F ] i2omp           C:\Windows\system32\drivers\i2omp.sys
10:27:28.0662 0x1300  i2omp - ok
10:27:28.0691 0x1300  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
10:27:28.0694 0x1300  i8042prt - ok
10:27:28.0736 0x1300  [ FD7F9D74C2B35DBDA400804A3F5ED5D8, 93BAEE15428E9B3FF2D5F7EE156697EA8C24E176C3A8E56D1B1AFF4E541867E4 ] iaStor          C:\Windows\system32\drivers\iastor.sys
10:27:28.0745 0x1300  iaStor - ok
10:27:28.0760 0x1300  [ C957BF4B5D80B46C5017BF0101E6C906, 6B9186335E50E7E0DBAF574A224E524EC526B57AA02F509E4A8D0F905C9CE880 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
10:27:28.0769 0x1300  iaStorV - ok
10:27:28.0842 0x1300  [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
10:27:28.0991 0x1300  IDriverT - ok
10:27:29.0074 0x1300  [ DD386C45D2B5863740166783448A2E7A, 10B912BA70306644BE73A53AF4DCDFF63880C4C5860FF6DBA92B0914EB566718 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:27:29.0102 0x1300  idsvc - ok
10:27:29.0131 0x1300  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
10:27:29.0134 0x1300  iirsp - ok
10:27:29.0187 0x1300  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT          C:\Windows\System32\ikeext.dll
10:27:29.0200 0x1300  IKEEXT - ok
10:27:29.0233 0x1300  [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
10:27:29.0235 0x1300  intelide - ok
10:27:29.0271 0x1300  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
10:27:29.0274 0x1300  intelppm - ok
10:27:29.0338 0x1300  [ D46E04D83A3E174A98DC90FE23AB08DE, 0285B4A311645D292A26B276511877B46A42526BDBFBC12E3BD876A74F074720 ] IntuitUpdateServiceV4 C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
10:27:29.0340 0x1300  IntuitUpdateServiceV4 - ok
10:27:29.0387 0x1300  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
10:27:29.0392 0x1300  IPBusEnum - ok
10:27:29.0428 0x1300  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:27:29.0431 0x1300  IpFilterDriver - ok
10:27:29.0468 0x1300  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
10:27:29.0475 0x1300  iphlpsvc - ok
10:27:29.0481 0x1300  IpInIp - ok
10:27:29.0529 0x1300  [ 40F34F8ABA2A015D780E4B09138B6C17, 22F86888C6B4F76836E863A90730D8F0DBD518305D87A399A159387E79E9D2F7 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
10:27:29.0532 0x1300  IPMIDRV - ok
10:27:29.0563 0x1300  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
10:27:29.0568 0x1300  IPNAT - ok
10:27:29.0617 0x1300  [ C23748B33D431E4CD5CA2E62500545FF, C62BDF433F50536BCDBC574D2F3B12D470C3B0FD950A553BB3921BB3195E41AA ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
10:27:29.0654 0x1300  iPod Service - ok
10:27:29.0686 0x1300  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
10:27:29.0740 0x1300  IRENUM - ok
10:27:29.0778 0x1300  [ 2F8ECE2699E7E2070545E9B0960A8ED2, 40214A9220C6EC232C245939E4F40A9FF6D30497E180EDC809B87938A922E52D ] isapnp          C:\Windows\system32\drivers\isapnp.sys
10:27:29.0781 0x1300  isapnp - ok
10:27:29.0837 0x1300  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
10:27:29.0844 0x1300  iScsiPrt - ok
10:27:29.0873 0x1300  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
10:27:29.0875 0x1300  iteatapi - ok
10:27:29.0913 0x1300  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
10:27:29.0915 0x1300  iteraid - ok
10:27:29.0950 0x1300  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
10:27:29.0953 0x1300  kbdclass - ok
10:27:29.0976 0x1300  [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
10:27:29.0978 0x1300  kbdhid - ok
10:27:30.0127 0x1300  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso          C:\Windows\system32\lsass.exe
10:27:30.0172 0x1300  KeyIso - ok
10:27:30.0220 0x1300  [ FBBC2D3579E6CF8279D46B44C89C49FF, C7188643CDB7DADAD944241F554266BEFA2239ED4AD7E85F4D37319D3FAC4FFE ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
10:27:30.0236 0x1300  KSecDD - ok
10:27:30.0293 0x1300  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
10:27:30.0334 0x1300  KtmRm - ok
10:27:30.0380 0x1300  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\System32\srvsvc.dll
10:27:30.0387 0x1300  LanmanServer - ok
10:27:30.0433 0x1300  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:27:30.0441 0x1300  LanmanWorkstation - ok
10:27:30.0484 0x1300  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
10:27:30.0486 0x1300  lltdio - ok
10:27:30.0508 0x1300  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
10:27:30.0517 0x1300  lltdsvc - ok
10:27:30.0555 0x1300  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
10:27:30.0558 0x1300  lmhosts - ok
10:27:30.0596 0x1300  [ A2262FB9F28935E862B4DB46438C80D2, 792684A68726BC007ACABB584682FDF4F059AE60888FB5B47ED68A97EA0BB5E6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
10:27:30.0599 0x1300  LSI_FC - ok
10:27:30.0629 0x1300  [ 30D73327D390F72A62F32C103DAF1D6D, 7BB5BFB0DCF33AF9907539B52DF7BA1943C1E75A17715B58DBC702ACA6D406EA ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
10:27:30.0632 0x1300  LSI_SAS - ok
10:27:30.0658 0x1300  [ E1E36FEFD45849A95F1AB81DE0159FE3, DA02B23A881D156A02D3874B41E6D042F84AD558B434280A6A6AC6B619668647 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
10:27:30.0661 0x1300  LSI_SCSI - ok
10:27:30.0686 0x1300  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
10:27:30.0690 0x1300  luafv - ok
10:27:30.0745 0x1300  [ F4E29A91DF19BA8C4D72695887AA4DEF, 67F5D137209EF1323A03EC6F31DFCA10C7D1F19102FAC735D0DF8924879E22AA ] MbaeSvc         C:\Program Files\Malwarebytes Anti-Exploit\mbae-svc.exe
10:27:31.0072 0x1300  MbaeSvc - ok
10:27:31.0183 0x1300  [ A1D52DB330E18B5A7A718D31D950CA87, D3BE0C13EB0001841B0BA3B401783C0CDA247023BAF8351EBDDB48264AB2E20C ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
10:27:31.0185 0x1300  MBAMProtector - ok
10:27:31.0398 0x1300  [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler   C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
10:27:31.0431 0x1300  MBAMScheduler - ok
10:27:31.0539 0x1300  [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService     C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
10:27:31.0564 0x1300  MBAMService - ok
10:27:31.0616 0x1300  [ 5023F594D5448E16F920157174C61358, A8A188CA4E9995BBFCD419680A43EE8AD1E0C7EE529BEC8E0922581386982C4F ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
10:27:31.0757 0x1300  MBAMSwissArmy - ok
10:27:31.0813 0x1300  [ 33991F04AD6486D934BA14564B4CF823, E95C8487127BB037665DBA9D8D2D0DD49F13CF0A5390A2BC98595F859C44541D ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
10:27:31.0816 0x1300  MBAMWebAccessControl - ok
10:27:31.0851 0x1300  [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
10:27:31.0856 0x1300  Mcx2Svc - ok
10:27:31.0888 0x1300  [ 0CEA2D0D3FA284B85ED5B68365114F76, E6FF0EC98FDC3F628438B613C356C237E68686E3B5B17A58A60C16F4B9A2B968 ] mdmxsdk         C:\Windows\system32\DRIVERS\mdmxsdk.sys
10:27:31.0939 0x1300  mdmxsdk - ok
10:27:31.0969 0x1300  [ D153B14FC6598EAE8422A2037553ADCE, D5408B07B6EBA0146A605F11106497DC3DF8EC72E0DCC44BE1366A2A58ABE478 ] megasas         C:\Windows\system32\drivers\megasas.sys
10:27:31.0972 0x1300  megasas - ok
10:27:32.0012 0x1300  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
10:27:32.0016 0x1300  MMCSS - ok
10:27:32.0043 0x1300  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
10:27:32.0046 0x1300  Modem - ok
10:27:32.0085 0x1300  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
10:27:32.0274 0x1300  monitor - ok
10:27:32.0318 0x1300  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
10:27:32.0321 0x1300  mouclass - ok
10:27:32.0334 0x1300  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
10:27:32.0337 0x1300  mouhid - ok
10:27:32.0375 0x1300  [ 3EAE06B0D9E32A3D45DC3E07F1FBFA97, 0C56D92C5131D60AF2FCCF071976F2932A2C544C5EC4C2A5476E99CDE17FF08C ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
10:27:32.0378 0x1300  MountMgr - ok
10:27:32.0409 0x1300  [ E464A0A92E2E354D07DDA713D3E10DE4, D5CF213F03DF54EF9933027A7A7D4413371C1ECBFF61E4DE818D50FA72C8C5FC ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
10:27:32.0415 0x1300  MozillaMaintenance - ok
10:27:32.0504 0x1300  [ B4F616842A51D40DEB3C1D3CC45D86AC, 5951D60569CC287E7DF3062A1C430D42DD4BC6047CD46DFDF3491848217FC967 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
10:27:32.0513 0x1300  MpFilter - ok
10:27:32.0580 0x1300  [ 583A41F26278D9E0EA548163D6139397, 1F09D2FEEE1A8D4F1D9E53596158154099FD436A408F7E72E40F50778A3838A1 ] mpio            C:\Windows\system32\drivers\mpio.sys
10:27:32.0594 0x1300  mpio - ok
10:27:32.0703 0x1300  [ BB7BB66A8DAF16950F83AE7BF498AF8F, A96FC3BE055C52B98E7ECDF68D69081620F829B04B5496C73D87F271E40EA638 ] MpKsl60df1e56   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{63E1DF35-34B8-4276-A738-49098BA23940}\MpKsl60df1e56.sys
10:27:32.0706 0x1300  MpKsl60df1e56 - ok
10:27:32.0749 0x1300  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
10:27:32.0752 0x1300  mpsdrv - ok
10:27:32.0805 0x1300  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll
10:27:32.0849 0x1300  MpsSvc - ok
10:27:32.0889 0x1300  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
10:27:32.0912 0x1300  Mraid35x - ok
10:27:32.0973 0x1300  [ AD3478672E04A99D49FE2AD0278BFEB7, B436BEBB963EC834F0D785EA363B8BB91CFD8BC6715DDBBDD64D59C0C7FDAE74 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
10:27:33.0053 0x1300  MRxDAV - ok
10:27:33.0104 0x1300  [ 1B864548B2ACEC1C0BB29B615CC42978, E1DA3E6764A2C7072D99F2F093E5F40DB6DC809701B59C155C6B4EE327AB9E41 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
10:27:33.0108 0x1300  mrxsmb - ok
10:27:33.0129 0x1300  [ 3F39B02EEDC5B8A0ED896EA1CDF7245F, 41C1DCD82F964A398B7C3D44178DBF7C8AF1C2DBC5F2D944BE6B00E909FE083B ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:27:33.0137 0x1300  mrxsmb10 - ok
10:27:33.0159 0x1300  [ D0670EC8E5AD3FA5BE372BF70AC0EABF, BD2D1BA151FD5409EAA41ECCBEB863FE52FF7C2D92349961FEE736D66970748E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:27:33.0163 0x1300  mrxsmb20 - ok
10:27:33.0201 0x1300  [ D420BC42A637AC3CC4F411220549C0DC, D991D19030D29D03BAFA846C095F460F2F31D19793E5582239964F66A837C562 ] msahci          C:\Windows\system32\drivers\msahci.sys
10:27:33.0203 0x1300  msahci - ok
10:27:33.0241 0x1300  [ 3FC82A2AE4CC149165A94699183D3028, 8575BE62A209672A5D8C68D75BBBB4FF06220CA73A939B0793442DAD2272598C ] msdsm           C:\Windows\system32\drivers\msdsm.sys
10:27:33.0245 0x1300  msdsm - ok
10:27:33.0292 0x1300  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
10:27:33.0299 0x1300  MSDTC - ok
10:27:33.0328 0x1300  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
10:27:33.0330 0x1300  Msfs - ok
10:27:33.0337 0x1300  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
10:27:33.0341 0x1300  msisadrv - ok
10:27:33.0373 0x1300  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
10:27:33.0461 0x1300  MSiSCSI - ok
10:27:33.0467 0x1300  msiserver - ok
10:27:33.0483 0x1300  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
10:27:33.0523 0x1300  MSKSSRV - ok
10:27:33.0556 0x1300  [ 0A562F61D84BF1988E4DD6413B76C1D4, A83EB31ECA667F29CA8E78452A4B43E120FDF0F55B076C1082EE89A4721CF08D ] msloop          C:\Windows\system32\DRIVERS\loop.sys
10:27:33.0561 0x1300  msloop - ok
10:27:33.0627 0x1300  [ B4C5CD5ABC0673E6531A973DCF2FFEFA, 80C3E22B640B47E0C41F4185F091E2C523A9EF291A75B7007303E2267B8D68C5 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
10:27:33.0632 0x1300  MsMpSvc - ok
10:27:33.0648 0x1300  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
10:27:33.0650 0x1300  MSPCLOCK - ok
10:27:33.0668 0x1300  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
10:27:33.0669 0x1300  MSPQM - ok
10:27:33.0705 0x1300  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
10:27:33.0712 0x1300  MsRPC - ok
10:27:33.0736 0x1300  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
10:27:33.0738 0x1300  mssmbios - ok
10:27:33.0778 0x1300  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
10:27:33.0779 0x1300  MSTEE - ok
10:27:33.0819 0x1300  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys
10:27:33.0822 0x1300  Mup - ok
10:27:33.0868 0x1300  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
10:27:33.0878 0x1300  napagent - ok
10:27:33.0939 0x1300  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
10:27:33.0945 0x1300  NativeWifiP - ok
10:27:34.0011 0x1300  [ DEC4B200C459FA929B0A764E79904B79, 40261D7D0BEE45E6E3F4F25D7ACAB00744BAF5D515B6D84B41A25ED22380DC13 ] NDIS            C:\Windows\system32\drivers\ndis.sys
10:27:34.0029 0x1300  NDIS - ok
10:27:34.0068 0x1300  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
10:27:34.0070 0x1300  NdisTapi - ok
10:27:34.0084 0x1300  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
10:27:34.0086 0x1300  Ndisuio - ok
10:27:34.0109 0x1300  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
10:27:34.0117 0x1300  NdisWan - ok
10:27:34.0139 0x1300  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
10:27:34.0142 0x1300  NDProxy - ok
10:27:34.0175 0x1300  Netaapl - ok
10:27:34.0200 0x1300  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
10:27:34.0203 0x1300  NetBIOS - ok
10:27:34.0250 0x1300  [ BF84E55A9B3AD3CBAB4AAE3BE043E579, A01D03836E67C6B434687FF3388DB0BD935BCF81A611728C32E7392694E7689C ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
10:27:34.0258 0x1300  netbt - ok
10:27:34.0414 0x1300  [ C1F5DBBE10E5A976A4894B72C03C34C8, 054DA26217FD9445E5C818A441FBC3F6133E9F13A34F33BD754E02F7BA8EA791 ] NETGEARGenieDaemon C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe
10:27:34.0566 0x1300  NETGEARGenieDaemon - ok
10:27:34.0639 0x1300  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon        C:\Windows\system32\lsass.exe
10:27:34.0642 0x1300  Netlogon - ok
10:27:34.0694 0x1300  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
10:27:34.0703 0x1300  Netman - ok
10:27:34.0743 0x1300  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:27:34.0813 0x1300  NetMsmqActivator - ok
10:27:34.0822 0x1300  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:27:34.0825 0x1300  NetPipeActivator - ok
10:27:34.0860 0x1300  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
10:27:34.0900 0x1300  netprofm - ok
10:27:34.0911 0x1300  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:27:34.0914 0x1300  NetTcpActivator - ok
10:27:34.0926 0x1300  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:27:34.0930 0x1300  NetTcpPortSharing - ok
10:27:35.0001 0x1300  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
10:27:35.0004 0x1300  nfrd960 - ok
10:27:35.0071 0x1300  [ BCE0BE7D7FCD681436410FB5398ADC12, 0DABD220B47065CD8D95C2057728C4961CF00654DE005D5EAC41E489C4053780 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
10:27:35.0075 0x1300  NisDrv - ok
10:27:35.0121 0x1300  [ 244794F86176D3E05FC33A99DD02BA54, 636C283CDFB0442B348865059CAE4D30BCF5D81302AFFE4326A947E9987328BE ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
10:27:35.0130 0x1300  NisSrv - ok
10:27:35.0165 0x1300  [ C96411DD46AABC0D6F3CF06D0E0E7E14, 0D36F322AF1B923D96735BFFCAC3FDB0B282E59220BADAB8B49AC178A6765380 ] NlaSvc          C:\Windows\System32\nlasvc.dll
10:27:35.0172 0x1300  NlaSvc - ok
10:27:35.0207 0x1300  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
10:27:35.0209 0x1300  Npfs - ok
10:27:35.0228 0x1300  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
10:27:35.0232 0x1300  nsi - ok
10:27:35.0252 0x1300  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
10:27:35.0254 0x1300  nsiproxy - ok
10:27:35.0335 0x1300  [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
10:27:35.0369 0x1300  Ntfs - ok
10:27:35.0439 0x1300  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
10:27:35.0441 0x1300  ntrigdigi - ok
10:27:35.0469 0x1300  [ CF7E041663119E09D2E118521ADA9300, 0BDDEDA787CCBE34D515945717AF972143A3684F6D37F87B639D6A5371F381CC ] NuidFltr        C:\Windows\system32\DRIVERS\NuidFltr.sys
10:27:35.0471 0x1300  NuidFltr - ok
10:27:35.0488 0x1300  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
10:27:35.0489 0x1300  Null - ok
10:27:36.0479 0x1300  [ 2FBFB4FA3CF0495C0F5AF2AED1C4835A, 44E279DBDE4F2BD565C5CFCC81F62415D6404288243A23D53F57FA9D147206E3 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:27:36.0966 0x1300  nvlddmkm - ok
10:27:37.0218 0x1300  [ D57DF995F80AEE373CDE2D9B6D02A777, DB65F0B0E342D67F64C4EB20E469F3A32CDDE9199EEE5707625125EC5872FF13 ] NvNetworkService C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
10:27:37.0277 0x1300  NvNetworkService - ok
10:27:37.0334 0x1300  [ E69E946F80C1C31C53003BFBF50CBB7C, A0A4BC57822B2CBC75602A969E28DCEDE04B41CC084E1EF1532B1BCDAEAA43BB ] nvraid          C:\Windows\system32\drivers\nvraid.sys
10:27:37.0339 0x1300  nvraid - ok
10:27:37.0375 0x1300  [ 9E0BA19A28C498A6D323D065DB76DFFC, EA9E33ED2820ED39932FAE114A9CF1D87780ED6605D0260A6F22F920B48F34E9 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
10:27:37.0377 0x1300  nvstor - ok
10:27:37.0462 0x1300  [ FB2E7AE7983E4ABDD8E463EC2794AEEF, FD15E0BB6E14C2EB0252D1D1DCC27CD29EBB93F4EB56554619E58F2FEC972A7D ] nvsvc           C:\Windows\system32\nvvsvc.exe
10:27:37.0488 0x1300  nvsvc - ok
10:27:37.0543 0x1300  [ 055081FD5076401C1EE1BCAB08D81911, E6621F2D24E7E2544AFD249660F2D1026B94698CA841E79B3F1199ACB2203995 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
10:27:37.0548 0x1300  nv_agp - ok
10:27:37.0559 0x1300  NwlnkFlt - ok
10:27:37.0567 0x1300  NwlnkFwd - ok
10:27:37.0663 0x1300  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:27:37.0677 0x1300  odserv - ok
10:27:37.0714 0x1300  [ 19CAC780B858822055F46C58A111723C, D91CE501328281B8FEE6943776A145FB3201645B01BA8D1545FFA93A547DE2C7 ] OEM02Dev        C:\Windows\system32\DRIVERS\OEM02Dev.sys
10:27:37.0722 0x1300  OEM02Dev - ok
10:27:37.0745 0x1300  [ 86326062A90494BDD79CE383511D7D69, 43D5682CA8ECB4BA7CC1A5C4C2BF966EE4802E8C3AA84CDEB634CA3C410DAB89 ] OEM02Vfx        C:\Windows\system32\DRIVERS\OEM02Vfx.sys
10:27:37.0747 0x1300  OEM02Vfx - ok
10:27:37.0783 0x1300  [ 6F310E890D46E246E0E261A63D9B36B4, 7050B0C43CC0DF2DDAD3EB8D2FF9EEE425A627C68654CBB154D55A4B1A47AA08 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
10:27:37.0787 0x1300  ohci1394 - ok
10:27:37.0829 0x1300  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:27:37.0835 0x1300  ose - ok
10:27:37.0908 0x1300  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
10:27:37.0931 0x1300  p2pimsvc - ok
10:27:37.0974 0x1300  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
10:27:37.0991 0x1300  p2psvc - ok
10:27:38.0009 0x1300  [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport         C:\Windows\system32\drivers\parport.sys
10:27:38.0013 0x1300  Parport - ok
10:27:38.0058 0x1300  [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr         C:\Windows\system32\drivers\partmgr.sys
10:27:38.0061 0x1300  partmgr - ok
10:27:38.0098 0x1300  [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
10:27:38.0100 0x1300  Parvdm - ok
10:27:38.0140 0x1300  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
10:27:38.0145 0x1300  PcaSvc - ok
10:27:38.0189 0x1300  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys
10:27:38.0223 0x1300  pci - ok
10:27:38.0255 0x1300  [ 1636D43F10416AEB483BC6001097B26C, 36E61A993693A46538FE0F726D67BB28886F61D53384AD600D1282296A27662E ] pciide          C:\Windows\system32\drivers\pciide.sys
10:27:38.0258 0x1300  pciide - ok
10:27:38.0307 0x1300  [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
10:27:38.0317 0x1300  pcmcia - ok
10:27:38.0375 0x1300  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
10:27:38.0427 0x1300  PEAUTH - ok
10:27:38.0531 0x1300  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
10:27:38.0580 0x1300  pla - ok
10:27:38.0626 0x1300  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
10:27:38.0635 0x1300  PlugPlay - ok
10:27:38.0691 0x1300  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
10:27:38.0714 0x1300  PNRPAutoReg - ok
10:27:38.0744 0x1300  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
10:27:38.0761 0x1300  PNRPsvc - ok
10:27:38.0816 0x1300  [ E16D328D6C5382916C1F7925E2A20662, D904E886614E9C18B1FE0FDE884777F01FAE7CD1688C5DB3CEE772E6BDEF1516 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
10:27:38.0857 0x1300  PolicyAgent - ok
10:27:38.0907 0x1300  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
10:27:38.0910 0x1300  PptpMiniport - ok
10:27:38.0950 0x1300  [ 0E3CEF5D28B40CF273281D620C50700A, 8ADA99B4563AE2129B95136295EE92A94102B035EBBC83D4C8587ECE8B0DEE60 ] Processor       C:\Windows\system32\drivers\processr.sys
10:27:38.0953 0x1300  Processor - ok
10:27:39.0004 0x1300  [ 0D5DAD610D7EA1627581ED06FB2BAA9A, 6E27CF3A1624AE10EECB8B5F38E03D76A6AABE4E75DD66DEDD67E0773935A396 ] ProfSvc         C:\Windows\system32\profsvc.dll
10:27:39.0011 0x1300  ProfSvc - ok
10:27:39.0026 0x1300  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
10:27:39.0029 0x1300  ProtectedStorage - ok
10:27:39.0069 0x1300  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
10:27:39.0072 0x1300  PSched - ok
10:27:39.0087 0x1300  [ D86B4A68565E444D76457F14172C875A, 06B1CF81A62B3DAA8D0C5A8B88C56A504DE8E9278C520F754AF363A6676C58B0 ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
10:27:39.0090 0x1300  PxHelp20 - ok
10:27:39.0152 0x1300  [ CCDAC889326317792480C0A67156A1EC, 3D3B561B6D4E12DE442C98993C929765F002AF5CFB5A00EFACE6ABE957F7E8AF ] ql2300          C:\Windows\system32\drivers\ql2300.sys
10:27:39.0182 0x1300  ql2300 - ok
10:27:39.0205 0x1300  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
10:27:39.0218 0x1300  ql40xx - ok
10:27:39.0254 0x1300  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
10:27:39.0266 0x1300  QWAVE - ok
10:27:39.0290 0x1300  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
10:27:39.0292 0x1300  QWAVEdrv - ok
10:27:39.0404 0x1300  [ E642B131FB74CAF4BB8A014F31113142, 18A81B27FB2DA556AC51DBA8956203A6E821D75B2B09F11049250E732318F573 ] R300            C:\Windows\system32\DRIVERS\atikmdag.sys
10:27:39.0469 0x1300  R300 - ok
10:27:39.0502 0x1300  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
10:27:39.0507 0x1300  RasAcd - ok
10:27:39.0603 0x1300  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
10:27:39.0609 0x1300  RasAuto - ok
10:27:39.0645 0x1300  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
10:27:39.0651 0x1300  Rasl2tp - ok
10:27:39.0692 0x1300  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
10:27:39.0703 0x1300  RasMan - ok
10:27:39.0726 0x1300  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
10:27:39.0729 0x1300  RasPppoe - ok
10:27:39.0751 0x1300  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
10:27:39.0755 0x1300  RasSstp - ok
10:27:39.0779 0x1300  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
10:27:39.0787 0x1300  rdbss - ok
10:27:39.0796 0x1300  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
10:27:39.0797 0x1300  RDPCDD - ok
10:27:39.0853 0x1300  [ 0245418224CFA77BF4B41C2FE0622258, 532A8ABB476A1723FDD25A12EA07C97F2588F24D0AE6F86C0105112A9AECCDB9 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
10:27:39.0862 0x1300  rdpdr - ok
10:27:39.0871 0x1300  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
10:27:39.0873 0x1300  RDPENCDD - ok
10:27:39.0922 0x1300  [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
10:27:39.0929 0x1300  RDPWD - ok
10:27:39.0977 0x1300  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
10:27:39.0982 0x1300  RemoteAccess - ok
10:27:40.0000 0x1300  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
10:27:40.0008 0x1300  RemoteRegistry - ok
10:27:40.0049 0x1300  [ D85E3FA9F5B1F29BB4ED185C450D1470, 5DCB3DF594E907B058CCF3EDA07EB019D9E1835177B6CDAEA2EDE9003699809E ] rimmptsk        C:\Windows\system32\DRIVERS\rimmptsk.sys
10:27:40.0052 0x1300  rimmptsk - ok
10:27:40.0064 0x1300  [ DB8EB01C58C9FADA00C70B1775278AE0, 35F0F3F15211D0F0B3EC85832C7E307ED7FDA6A2C9B463740EA0D7A49BC64926 ] rimsptsk        C:\Windows\system32\DRIVERS\rimsptsk.sys
10:27:40.0074 0x1300  rimsptsk - ok
10:27:40.0088 0x1300  [ 6C1F93C0760C9F79A1869D07233DF39D, 70DD037E76F6E89CE9630175772707BB8588324058079B5F18C505B31306BACE ] rismxdp         C:\Windows\system32\DRIVERS\rixdptsk.sys
10:27:40.0091 0x1300  rismxdp - ok
10:27:40.0203 0x1300  [ EBCDE8B48FADC6479D96A56D0A432160, 2F73D8656A929321D8B651FCFF55DFF5F90489CE9BEB7BB7DC3C7444D9A3C0FD ] RoxMediaDB9     C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
10:27:40.0439 0x1300  RoxMediaDB9 - ok
10:27:40.0483 0x1300  [ AB2B1DE1C8F31EFCE2384B14B3DC4260, 5E67354010A19726810C172775C39C9A9AD3AAE1EB09CF2C552473D75ABD01BD ] RoxWatch9       C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
10:27:40.0633 0x1300  RoxWatch9 - ok
10:27:40.0680 0x1300  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
10:27:40.0683 0x1300  RpcLocator - ok
10:27:40.0738 0x1300  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs           C:\Windows\system32\rpcss.dll
10:27:40.0753 0x1300  RpcSs - ok
10:27:40.0792 0x1300  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
10:27:40.0796 0x1300  rspndr - ok
10:27:40.0813 0x1300  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs           C:\Windows\system32\lsass.exe
10:27:40.0816 0x1300  SamSs - ok
10:27:40.0858 0x1300  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
10:27:40.0862 0x1300  sbp2port - ok
10:27:40.0885 0x1300  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
10:27:40.0893 0x1300  SCardSvr - ok
10:27:40.0955 0x1300  [ F79CC0F814748E15538BF4D808030739, 396E94A309AFB163791095A25950CB7D85EEC43B416E1E7F056F430E1B719F4D ] Schedule        C:\Windows\system32\schedsvc.dll
10:27:40.0974 0x1300  Schedule - ok
10:27:41.0012 0x1300  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll
10:27:41.0014 0x1300  SCPolicySvc - ok
10:27:41.0055 0x1300  [ 8F36B54688C31EED4580129040C6A3D3, DC150689CBAEEC94B9DE0CA6A633FAD16CDDDC452521232E0C2A44BAE61E08D9 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
10:27:41.0060 0x1300  sdbus - ok
10:27:41.0098 0x1300  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
10:27:41.0107 0x1300  SDRSVC - ok
10:27:41.0130 0x1300  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
10:27:41.0133 0x1300  secdrv - ok
10:27:41.0162 0x1300  [ 7D7A5D3CB5AB4B394E03BDE27E6114E8, 590644469036B9C2DF3D6E56D41FD7D09D0AE5021B0FA96A8CBA873F923865C8 ] seclogon        C:\Windows\system32\seclogon.dll
10:27:41.0167 0x1300  seclogon - ok
10:27:41.0210 0x1300  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\system32\sens.dll
10:27:41.0216 0x1300  SENS - ok
10:27:41.0245 0x1300  [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum         C:\Windows\system32\drivers\serenum.sys
10:27:41.0250 0x1300  Serenum - ok
10:27:41.0271 0x1300  [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial          C:\Windows\system32\drivers\serial.sys
10:27:41.0276 0x1300  Serial - ok
10:27:41.0304 0x1300  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
10:27:41.0306 0x1300  sermouse - ok
10:27:41.0363 0x1300  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
10:27:41.0369 0x1300  SessionEnv - ok
10:27:41.0408 0x1300  [ 51CF56AA8BCC241F134B420B8F850406, 41DA7438039C791C35BDA5BD255D2CCFA85E5250325FAE4D5A4182AD819E71F1 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
10:27:41.0410 0x1300  sffdisk - ok
10:27:41.0436 0x1300  [ 96DED8B20C734AC41641CE275250E55D, E88317D0B31A98917AD30AD9F8CF6B59C1141FFBF7A150D8675A29B95FF150F3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
10:27:41.0438 0x1300  sffp_mmc - ok
10:27:41.0469 0x1300  [ 8B08CAB1267B2C377883FC9E56981F90, 4444AC438E805129103FAA48F22D0D6893AC5BD8FCA2A6D4DA51EBD8C75B7529 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
10:27:41.0471 0x1300  sffp_sd - ok
10:27:41.0484 0x1300  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
10:27:41.0486 0x1300  sfloppy - ok
10:27:41.0542 0x1300  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
10:27:41.0552 0x1300  SharedAccess - ok
10:27:41.0591 0x1300  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:27:41.0601 0x1300  ShellHWDetection - ok
10:27:41.0646 0x1300  [ 08072B2FB92477FC813271A84B3A8698, A97ABDEB5E37F7B50DD6168FAAD524BE82418FC7818BB667C10951408FB6EB70 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
10:27:41.0649 0x1300  sisagp - ok
10:27:41.0671 0x1300  [ CEDD6F4E7D84E9F98B34B3FE988373AA, E102977E6FAC30B5ABEEC0B412A9F2A10C5C42F4D9C3AD69296BF9E1E88B6141 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
10:27:41.0673 0x1300  SiSRaid2 - ok
10:27:41.0700 0x1300  [ DF843C528C4F69D12CE41CE462E973A7, A2BEC74FCB8D8B6B9D8DD4746C013DFDF1DD662AEFE9B88CA495E5B83B4A76F9 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
10:27:41.0704 0x1300  SiSRaid4 - ok
10:27:42.0141 0x1300  [ 9F712B26EE3B0242DE997A42FD302E2C, 12663EB108F158282A965EE70980627C2F2332BA7944D7DE03B78E18BEB87D26 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
10:27:42.0264 0x1300  Skype C2C Service - ok
10:27:42.0533 0x1300  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
10:27:42.0563 0x1300  SkypeUpdate - ok
10:27:42.0753 0x1300  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe
10:27:42.0847 0x1300  slsvc - ok
10:27:42.0894 0x1300  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
10:27:42.0900 0x1300  SLUINotify - ok
10:27:42.0926 0x1300  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys
10:27:42.0966 0x1300  Smb - ok
10:27:43.0099 0x1300  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
10:27:43.0104 0x1300  SNMPTRAP - ok
10:27:43.0136 0x1300  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
10:27:43.0139 0x1300  spldr - ok
10:27:43.0183 0x1300  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe
10:27:43.0191 0x1300  Spooler - ok
10:27:43.0280 0x1300  [ D2F4F32B59440011174B4F8137AF4E0C, 82862C39B34D1ED6ED170DAAB385B6ABE5078A6CC995E396828695F2CE2542D9 ] SQLWriter       c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
10:27:43.0284 0x1300  SQLWriter - ok
10:27:43.0329 0x1300  [ 58493B0B9319B2253B3786D9BE66A404, 41B316015AF915E9EC1F55905634DAC1FEFFF1F89B63EF6BEA7CC5674D13DBBE ] srv             C:\Windows\system32\DRIVERS\srv.sys
10:27:43.0340 0x1300  srv - ok
10:27:43.0386 0x1300  [ B87F16CCAF1440AF186CDC9F54C1DE54, 30D5A483D5CAF1BD456452100FC056211B223F22A382DF9CB503628895859BA8 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
10:27:43.0392 0x1300  srv2 - ok
10:27:43.0429 0x1300  [ 8C7235F1C3E23FE21BAD1E99EE76F231, 59A1DD31CE5B8CD59C5502CF7F4CAA71328D941E0B523A0B7043DE6F493832C7 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
10:27:43.0435 0x1300  srvnet - ok
10:27:43.0477 0x1300  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
10:27:43.0486 0x1300  SSDPSRV - ok
10:27:43.0547 0x1300  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
10:27:43.0554 0x1300  SstpSvc - ok
10:27:43.0609 0x1300  [ 799AA3E04879B3FED31ECEA02B1CAA9A, EECEE3F666EE3722B5655E596CF4128303AD6CA3C5B45C3501B4D1D2CEC9FD75 ] STacSV          C:\Windows\system32\STacSV.exe
10:27:43.0617 0x1300  STacSV - ok
10:27:43.0663 0x1300  [ 5AF135B2E2097D4494B9067CE84E2665, E7517C43BB81B6AE017172BA5389F6B0FC17CF9E60AAB3453A6D80A087C86592 ] STHDA           C:\Windows\system32\drivers\stwrt.sys
10:27:43.0678 0x1300  STHDA - ok
10:27:43.0718 0x1300  [ EF70B3D22B4BFFDA6EA851ECB063EFAA, 1666572F8F988805C3A2E949FA6B060B35B72DBB115B86F4CFC710FB6A86C3E3 ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
10:27:43.0720 0x1300  StillCam - ok
10:27:43.0777 0x1300  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
10:27:43.0794 0x1300  stisvc - ok
10:27:43.0869 0x1300  [ 51778FD315C9882F1CBD932743E62A72, 5127292970ABC2966723CC5535DD547C77AAC132AAA849BCBD90D0F00EDD08C0 ] stllssvr        C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
10:27:43.0937 0x1300  stllssvr - ok
10:27:44.0002 0x1300  [ 98E6233CF9DA80CC661216ECFA190FC0, 0220C8E5E070C42711287EC5950BE34E8B1F47A021465A065BD61CFF9CA12828 ] SWDUMon         C:\Windows\system32\DRIVERS\SWDUMon.sys
10:27:44.0221 0x1300  SWDUMon - ok
10:27:44.0232 0x1300  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
10:27:44.0260 0x1300  swenum - ok
10:27:44.0345 0x1300  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll
10:27:44.0358 0x1300  swprv - ok
10:27:44.0435 0x1300  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
10:27:44.0438 0x1300  Symc8xx - ok
10:27:44.0469 0x1300  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
10:27:44.0471 0x1300  Sym_hi - ok
10:27:44.0504 0x1300  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
10:27:44.0507 0x1300  Sym_u3 - ok
10:27:44.0549 0x1300  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll
10:27:44.0568 0x1300  SysMain - ok
10:27:44.0602 0x1300  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:27:44.0609 0x1300  TabletInputService - ok
10:27:44.0651 0x1300  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll
10:27:44.0661 0x1300  TapiSrv - ok
10:27:44.0699 0x1300  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
10:27:44.0706 0x1300  TBS - ok
10:27:44.0768 0x1300  [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
10:27:44.0798 0x1300  Tcpip - ok
10:27:44.0837 0x1300  [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
10:27:44.0858 0x1300  Tcpip6 - ok
10:27:44.0897 0x1300  [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
10:27:44.0899 0x1300  tcpipreg - ok
10:27:44.0919 0x1300  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
10:27:44.0922 0x1300  TDPIPE - ok
10:27:44.0945 0x1300  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
10:27:44.0948 0x1300  TDTCP - ok
10:27:44.0986 0x1300  [ EC565DFA3D9C45D8083B72DEC5B33710, BC4F41795AF98FD87F8CC92F946E6896BAC1925A35C3E5E159E8BF4E6A34A35D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
10:27:44.0990 0x1300  tdx - ok
10:27:45.0032 0x1300  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
10:27:45.0036 0x1300  TermDD - ok
10:27:45.0189 0x1300  [ DBD84E59D631569EC3E756EF144E8431, 9E58629EC762584A2D294A619593620626F7CBE467045AD0F920B6CF1D4B4724 ] TermService     C:\Windows\System32\termsrv.dll
10:27:45.0206 0x1300  TermService - ok
10:27:45.0230 0x1300  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
10:27:45.0242 0x1300  Themes - ok
10:27:45.0267 0x1300  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
10:27:45.0277 0x1300  THREADORDER - ok
10:27:45.0314 0x1300  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
10:27:45.0321 0x1300  TrkWks - ok
10:27:45.0385 0x1300  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:27:45.0399 0x1300  TrustedInstaller - ok
10:27:45.0440 0x1300  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
10:27:45.0448 0x1300  tssecsrv - ok
10:27:46.0202 0x1300  [ 705A91705FF5E91ABC244B8B3C5A679A, 9786C4D336B0BAA570BBDDF7F78786A54C330D051911A019671520B2E9CC2376 ] TuneUp.UtilitiesSvc C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
10:27:46.0398 0x1300  TuneUp.UtilitiesSvc - ok
10:27:46.0472 0x1300  [ CFF07F29BAA07D2F259BAE264769E707, 3325CE3BE2F5F4EEDFE24393365BB6EDC1C593B827152395DD2E2B73112C6539 ] TuneUpUtilitiesDrv C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys
10:27:46.0569 0x1300  TuneUpUtilitiesDrv - ok
10:27:46.0606 0x1300  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
10:27:46.0614 0x1300  tunmp - ok
10:27:46.0628 0x1300  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
10:27:46.0632 0x1300  tunnel - ok
10:27:46.0671 0x1300  [ C3ADE15414120033A36C0F293D4A4121, 74A002C4B5EBD94E33EDEACB6639AF44ED72A8DDE3083C6DE71C1EE937EF1A9C ] uagp35          C:\Windows\system32\drivers\uagp35.sys
10:27:46.0674 0x1300  uagp35 - ok
10:27:46.0725 0x1300  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
10:27:46.0733 0x1300  udfs - ok
10:27:46.0787 0x1300  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
10:27:46.0793 0x1300  UI0Detect - ok
10:27:46.0842 0x1300  [ 6D72EF05921ABDF59FC45C7EBFE7E8DD, 9102CB4B5E8B858B61DE1508C6A00D75584741891899966258E510173DBF7BB9 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
10:27:46.0846 0x1300  uliagpkx - ok
10:27:46.0878 0x1300  [ 3CD4EA35A6221B85DCC25DAA46313F8D, 100A7E12B8EA395F70A00874328E87B930CE88FF442F3576FE88B105A22E04C5 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
10:27:46.0887 0x1300  uliahci - ok
10:27:46.0914 0x1300  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
10:27:46.0918 0x1300  UlSata - ok
10:27:46.0949 0x1300  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
10:27:46.0967 0x1300  ulsata2 - ok
10:27:47.0000 0x1300  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
10:27:47.0010 0x1300  umbus - ok
10:27:47.0052 0x1300  [ 88BD96A1BAEED33EE8BDF9499C07A841, 1C4DA1B34FE52B8022AB23CBF18D6B16635283625BB2D08E6524292E6009773A ] UMPass          C:\Windows\system32\DRIVERS\umpass.sys
10:27:47.0073 0x1300  UMPass - ok
10:27:47.0111 0x1300  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
10:27:47.0120 0x1300  upnphost - ok
10:27:47.0144 0x1300  USBAAPL - ok
10:27:47.0206 0x1300  [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
10:27:47.0211 0x1300  usbccgp - ok
10:27:47.0262 0x1300  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
10:27:47.0290 0x1300  usbcir - ok
10:27:47.0341 0x1300  [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
10:27:47.0344 0x1300  usbehci - ok
10:27:47.0450 0x1300  [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
10:27:47.0457 0x1300  usbhub - ok
10:27:47.0476 0x1300  [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci         C:\Windows\system32\drivers\usbohci.sys
10:27:47.0478 0x1300  usbohci - ok
10:27:47.0509 0x1300  [ B51E52ACF758BE00EF3A58EA452FE360, 79E629EC5DE8AB7F31B0EE9AE94C71E8F703FED5C09A816228726974F7790C85 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
10:27:47.0512 0x1300  usbprint - ok
10:27:47.0530 0x1300  [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
10:27:47.0533 0x1300  usbscan - ok
10:27:47.0552 0x1300  [ 234F76D9337BBD25D849C3860418723A, 8AC74D4FFFDEF5CCAA34BA185B45D252BAC15FE37E00515F9365878325764E7F ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:27:47.0650 0x1300  USBSTOR - ok
10:27:47.0690 0x1300  [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
10:27:47.0692 0x1300  usbuhci - ok
10:27:47.0723 0x1300  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll
10:27:47.0755 0x1300  UxSms - ok
10:27:47.0801 0x1300  [ 32406DFCEA4E2F1F8E34FD636BB8EDA8, 2C5E36B7D2C192A0FE07DE38B1C87703AB1285D5205446F4C185702736950CAD ] UxTuneUp        C:\Windows\System32\uxtuneup.dll
10:27:47.0808 0x1300  UxTuneUp - ok
10:27:47.0858 0x1300  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe
10:27:47.0871 0x1300  vds - ok
10:27:47.0897 0x1300  [ 7D92BE0028ECDEDEC74617009084B5EF, D0749CE6FA3415BA4364299F8D6D53F133E8D2F44C6F1057996243415A540A53 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
10:27:47.0912 0x1300  vga - ok
10:27:47.0951 0x1300  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
10:27:47.0957 0x1300  VgaSave - ok
10:27:48.0006 0x1300  [ D5929A28BDFF4367A12CAF06AF901971, DE2A60A9EE1ABACEE6221E4AD5D4AA4CBA12FED448EB36CA3B7A9A5F09A8DC8C ] viaagp          C:\Windows\system32\drivers\viaagp.sys
10:27:48.0009 0x1300  viaagp - ok
10:27:48.0041 0x1300  [ 42B732A0BC13E9C4E432AD80B3FF3B95, DD77B0D9421373FBAA647C3D9FBAC07D53C147843676EDB5F9BAED92643815B3 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
10:27:48.0054 0x1300  ViaC7 - ok
10:27:48.0084 0x1300  [ F3B4762EB85A2AFF4999401F14C3262B, 462B3A61AE82307292C8C75041514789AD2D1E3CF31A8A35E39A19989FD394C3 ] viaide          C:\Windows\system32\drivers\viaide.sys
10:27:48.0092 0x1300  viaide - ok
10:27:48.0113 0x1300  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
10:27:48.0116 0x1300  volmgr - ok
10:27:48.0157 0x1300  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
10:27:48.0167 0x1300  volmgrx - ok
10:27:48.0210 0x1300  [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
10:27:48.0223 0x1300  volsnap - ok
10:27:48.0254 0x1300  [ D984439746D42B30FC65A4C3546C6829, B134A9890638C2B4964A9C30812A2828A3E0CC641690CBF22D9FCE65EE3C2385 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
10:27:48.0260 0x1300  vsmraid - ok
10:27:48.0340 0x1300  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe
10:27:48.0376 0x1300  VSS - ok
10:27:48.0517 0x1300  [ 8A46AEE1438647F7288106EC11832508, 412F544C87DA75BA7B22DDC2D47EC5E517D6B1CB9F05FF455D78E8F2C03842A8 ] vToolbarUpdater40.3.6 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\40.3.6\ToolbarUpdater.exe
10:27:48.0564 0x1300  vToolbarUpdater40.3.6 - ok
10:27:48.0619 0x1300  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll
10:27:48.0630 0x1300  W32Time - ok
10:27:48.0683 0x1300  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
10:27:48.0685 0x1300  WacomPen - ok
10:27:48.0718 0x1300  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
10:27:48.0721 0x1300  Wanarp - ok
10:27:48.0735 0x1300  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
10:27:48.0738 0x1300  Wanarpv6 - ok
10:27:48.0781 0x1300  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
10:27:48.0799 0x1300  wcncsvc - ok
10:27:48.0836 0x1300  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:27:48.0842 0x1300  WcsPlugInService - ok
10:27:48.0872 0x1300  [ AFC5AD65B991C1E205CF25CFDBF7A6F4, 544173AE85A11B99B9221DB30B6803DAEB3EB7FCA57FE62F0D13EF70B9C69A89 ] Wd              C:\Windows\system32\drivers\wd.sys
10:27:48.0877 0x1300  Wd - ok
10:27:48.0943 0x1300  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
10:27:48.0960 0x1300  Wdf01000 - ok
10:27:48.0998 0x1300  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
10:27:49.0004 0x1300  WdiServiceHost - ok
10:27:49.0014 0x1300  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
10:27:49.0021 0x1300  WdiSystemHost - ok
10:27:49.0085 0x1300  [ BB77BAA3E7FD8F1A5D092A96D37B5A2D, 880C37347091224DFB7C442252FE4A29FD7002DA6A8BA994B8CEAABC5E535593 ] WebClient       C:\Windows\System32\webclnt.dll
10:27:49.0096 0x1300  WebClient - ok
10:27:49.0140 0x1300  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
10:27:49.0148 0x1300  Wecsvc - ok
10:27:49.0198 0x1300  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
10:27:49.0227 0x1300  wercplsupport - ok
10:27:49.0290 0x1300  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
10:27:49.0298 0x1300  WerSvc - ok
10:27:49.0386 0x1300  [ C5020EFDF5CA428678159DFE97BEB13B, 920AB3F4229B963C6252738ABBF6B0AA497B3BF72C2BF6BF9F504F11A4CFD10C ] winachsf        C:\Windows\system32\DRIVERS\HSX_CNXT.sys
10:27:49.0526 0x1300  winachsf - ok
10:27:49.0609 0x1300  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
10:27:49.0619 0x1300  WinDefend - ok
10:27:49.0643 0x1300  WinHttpAutoProxySvc - ok
10:27:49.0748 0x1300  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
10:27:49.0753 0x1300  Winmgmt - ok
10:27:49.0901 0x1300  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll
10:27:49.0943 0x1300  WinRM - ok
10:27:50.0065 0x1300  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll
10:27:50.0083 0x1300  Wlansvc - ok
10:27:50.0210 0x1300  [ FB01D4AE207B9EFDBABFC55DC95C7E31, E0EFDBBE0BAC275230C8C1A053948C21BCF20B99B92E50939E95FFB9DC87F6BA ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:27:50.0245 0x1300  wlidsvc - ok
10:27:50.0271 0x1300  wltrysvc - ok
10:27:50.0308 0x1300  [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
10:27:50.0320 0x1300  WmiAcpi - ok
10:27:50.0372 0x1300  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
10:27:50.0379 0x1300  wmiApSrv - ok
10:27:50.0598 0x1300  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
10:27:50.0626 0x1300  WMPNetworkSvc - ok
10:27:50.0675 0x1300  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
10:27:50.0683 0x1300  WPCSvc - ok
10:27:50.0716 0x1300  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
10:27:50.0724 0x1300  WPDBusEnum - ok
10:27:50.0768 0x1300  [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
10:27:50.0771 0x1300  WpdUsb - ok
10:27:50.0978 0x1300  [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:27:51.0003 0x1300  WPFFontCache_v0400 - ok
10:27:51.0049 0x1300  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
10:27:51.0051 0x1300  ws2ifsl - ok
10:27:51.0127 0x1300  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\system32\wscsvc.dll
10:27:51.0218 0x1300  wscsvc - ok
10:27:51.0263 0x1300  [ 4422AC5ED8D4C2F0DB63E71D4C069DD7, B010DCC7B802C26A701A7DE1CA1B21D6B43D99FE88524D015C9228376B0BDA6E ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
10:27:51.0265 0x1300  WSDPrintDevice - ok
10:27:51.0281 0x1300  WSearch - ok
10:27:51.0423 0x1300  [ E20FC4FC2F02A37CCE9ACC2ACB9BA668, 7E86E72E8717198DCBD56EA8FB8D95493E51C2D89E73870E7E64CA32F877C805 ] WtuSystemSupport C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe
10:27:51.0453 0x1300  WtuSystemSupport - ok
10:27:51.0566 0x1300  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
10:27:51.0629 0x1300  wuauserv - ok
10:27:51.0678 0x1300  [ AC13CB789D93412106B0FB6C7EB2BCB6, 8F5B0BD0CBBAB182A400F8994D4727BC0C978D749B6429A2D41B412AE97428B6 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
10:27:51.0683 0x1300  WUDFRd - ok
10:27:51.0717 0x1300  [ 575A4190D989F64732119E4114045A4F, 373C344B106AFDB1E6125A21DFE28CA6CFC77FA87FE904656A4F209DB2ED69C7 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
10:27:51.0723 0x1300  wudfsvc - ok
10:27:51.0758 0x1300  [ DAB33CFA9DD24251AAA389FF36B64D4B, 1C5D7C3D6C3552BDD52EB7E76031746D7DAAF64CA2432CC23329DA72BE7252D0 ] XAudio          C:\Windows\system32\DRIVERS\xaudio.sys
10:27:51.0831 0x1300  XAudio - ok
10:27:51.0881 0x1300  [ CD5F291A1161F15896D1A4D63DAFF5DF, 4F30DC454F255249431FCD14DE17858A79A088A4084F2CEDD0CF25382D427285 ] XAudioService   C:\Windows\system32\DRIVERS\xaudio.exe
10:27:51.0991 0x1300  XAudioService - ok
10:27:52.0053 0x1300  {2E444BE9-B8EC-4CE6-8C2B-6536FB7F4FB7} - ok
10:27:52.0085 0x1300  ================ Scan global ===============================
10:27:52.0135 0x1300  [ 2F2DFC846D75D680B9018823A8B5EF07, DBC823CF0C659B6D7482CB080CD042EC6BBAEDB6297DB712CADA1BCEAA8A95C8 ] C:\Windows\system32\basesrv.dll
10:27:52.0213 0x1300  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
10:27:52.0323 0x1300  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
10:27:52.0389 0x1300  [ 4F0A7910FC7D8A66433FA9961EEF8BB5, 2086EDEE8CF9CC9BDBDC03018F7C28BB56172F941CB4D6F3D857BCF82B32FB6B ] C:\Windows\system32\services.exe
10:27:52.0545 0x1300  [ Global ] - ok
10:27:52.0545 0x1300  ================ Scan MBR ==================================
10:27:52.0574 0x1300  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
10:27:53.0665 0x1300  \Device\Harddisk0\DR0 - ok
10:27:53.0672 0x1300  [ 973E9BA32FDBB305C552ED3E1EBF0686 ] \Device\Harddisk1\DR1
10:27:53.0764 0x1300  \Device\Harddisk1\DR1 - ok
10:27:53.0768 0x1300  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
10:27:53.0773 0x1300  \Device\Harddisk2\DR2 - ok
10:27:53.0777 0x1300  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk3\DR3
10:27:53.0782 0x1300  \Device\Harddisk3\DR3 - ok
10:27:53.0783 0x1300  ================ Scan VBR ==================================
10:27:53.0800 0x1300  [ EF53A3B2C7C641B106C12B3C2954C409 ] \Device\Harddisk0\DR0\Partition1
10:27:53.0822 0x1300  \Device\Harddisk0\DR0\Partition1 - ok
10:27:53.0834 0x1300  [ 9DD5D16CA6E9B7A9A4C59D1DE6C8C803 ] \Device\Harddisk0\DR0\Partition2
10:27:53.0856 0x1300  \Device\Harddisk0\DR0\Partition2 - ok
10:27:53.0859 0x1300  [ 84EC769383686671B67842337E93900A ] \Device\Harddisk1\DR1\Partition1
10:27:53.0863 0x1300  \Device\Harddisk1\DR1\Partition1 - ok
10:27:53.0867 0x1300  [ B87B9C03A0DD554E2D8D370D7769E7C3 ] \Device\Harddisk2\DR2\Partition1
10:27:53.0868 0x1300  \Device\Harddisk2\DR2\Partition1 - ok
10:27:53.0871 0x1300  [ 4BBBCD4D0F6309C9E7329D64EE7F6BDB ] \Device\Harddisk3\DR3\Partition1
10:27:53.0873 0x1300  \Device\Harddisk3\DR3\Partition1 - ok
10:27:53.0873 0x1300  ================ Scan generic autorun ======================
10:27:54.0016 0x1300  [ 1CDA25D897CFE80DD18A818AD7FF77E2, D87DEEC98ED0C546AECFEE44CF1BB89C41C830909C5C3D6D276CFC676180B3F4 ] C:\Program Files\AVG\Framework\Common\avguirnx.exe
10:27:54.0026 0x1300  AvgUi - ok
10:27:55.0591 0x1300  [ C6011C4B9E46B18E9263A8EAFCDCFBE4, 719E33B56FDA8F215AD5BE3297E8528EEA94E289D20414FB436BC1D23713B7F6 ] C:\Program Files\AVG\Antivirus\AVGUI.exe
10:27:56.0125 0x1300  AVGUI.exe - ok
10:27:56.0221 0x1300  [ 7BEDD051B53821B040EAD42DB0724848, 42C4495E5D524496A9FF879648B4D1B2998B2AAB49FA612E9630BCD5D629476A ] C:\Windows\SYSTEM32\WerFault.exe
10:27:56.0230 0x1300  *WerKernelReporting - ok
10:27:56.0311 0x1300  [ 3138EF52DBE8C3826B0EA2797985FBC7, D6B977757EFDCCD1039E2C90BE15826337271A99205766F69AC8E24BAE28B70E ] c:\programdata\Clickfree\cfagent.exe
10:27:56.0447 0x1300  ClickfreeMonitor - ok
10:27:56.0449 0x1300  Waiting for KSN requests completion. In queue: 99
10:27:57.0449 0x1300  Waiting for KSN requests completion. In queue: 99
10:27:58.0973 0x1300  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.10.209.0 ), 0x61000 ( enabled : updated )
10:27:58.0997 0x1300  AV detected via SS2: AVG Antivirus, C:\Program Files\AVG\Antivirus\wsc_proxy.exe ( 17.1.3354.0 ), 0x41000 ( enabled : updated )
10:27:59.0000 0x1300  FW detected via SS2: AVG Antivirus, C:\Program Files\AVG\Antivirus\wsc_proxy.exe ( 17.1.3354.0 ), 0x41010 ( enabled )
10:27:59.0263 0x1300  ============================================================
10:27:59.0263 0x1300  Scan finished
10:27:59.0263 0x1300  ============================================================
10:27:59.0271 0x1390  Detected object count: 0
10:27:59.0271 0x1390  Actual detected object count: 0
 



#7 Alblan

Alblan
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:56 PM

Posted 16 January 2017 - 11:03 AM

Here is the AdwCleaner logfile.  Most of the entries are a mystery to me, particularly those in the Registry section.  I suspect some may be things I downloaded years ago and now don't remember--such as Slimware and SweetIM.

 

 

# AdwCleaner v6.042 - Logfile created 16/01/2017 at 10:42:54
# Updated on 06/01/2017 by Malwarebytes
# Database : 2017-01-15.1 [Server]
# Operating System : Windows Vista ™ Home Premium Service Pack 2 (X86)
# Username : Allen - ALLEN-PC
# Running from : C:\Users\Allen\Desktop\BleepingComputer\AdwCleaner.exe
# Mode: Scan
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****

Service Found:  vToolbarUpdater40.3.6
Service Found:  swdumon
Service Found:  WtuSystemSupport


***** [ Folders ] *****

Folder Found:  C:\Users\Allen\AppData\Local\avg web tuneup
Folder Found:  C:\ProgramData\avg web tuneup
Folder Found:  C:\ProgramData\Application Data\avg web tuneup
Folder Found:  C:\Users\Public\Documents\Downloaded Installers
Folder Found:  C:\Program Files\avg web tuneup
Folder Found:  C:\Program Files\Common Files\AVG Secure Search
Folder Found:  C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVG Secure Search


***** [ Files ] *****

File Found:  C:\Windows\system32\drivers\swdumon.sys
File Found:  C:\Users\Allen\AppData\Roaming\Mozilla\Firefox\Profiles\a72c95jf.default-1453475763174\extensions\Avg@toolbar.xpi
File Found:  C:\Users\Allen\AppData\Roaming\Mozilla\Firefox\Profiles\a72c95jf.default-1453475763174\searchplugins\avg-secure-search.xml


***** [ DLL ] *****

No malicious DLLs found.


***** [ WMI ] *****

No malicious keys found.


***** [ Shortcuts ] *****

No infected shortcut found.


***** [ Scheduled Tasks ] *****

No malicious task found.


***** [ Registry ] *****

Key Found:  HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\WtuSystemSupport
Key Found:  HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
Key Found:  HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
Key Found:  HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
Key Found:  HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
Key Found:  HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found:  HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found:  HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
Key Found:  HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
Key Found:  HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found:  HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found:  HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found:  HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Key Found:  HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
Key Found:  HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
Key Found:  HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
Key Found:  HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found:  HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found:  HKLM\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
Key Found:  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found:  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found:  HKU\S-1-5-21-744046318-1267797846-188280424-1003\Software\SlimWare Utilities Inc
Key Found:  HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-744046318-1267797846-188280424-1003\Software\AVG Secure Search
Key Found:  HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-744046318-1267797846-188280424-1003\Software\SweetIM
Key Found:  HKCU\Software\SlimWare Utilities Inc
Key Found:  HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\Updater By Sweetpacks
Key Found:  HKLM\SOFTWARE\SlimWare Utilities Inc
Key Found:  HKLM\SOFTWARE\AVG Tuneup
Data Found:  HKU\S-1-5-21-744046318-1267797846-188280424-1003\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxps://mysearch.avg.com/?cid={C2D6628C-1C44-43E1-87CE-11FE1080A205}&mid=dfb195e0190547d087e6d
Data Found:  HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxps://mysearch.avg.com/?cid={C2D6628C-1C44-43E1-87CE-11FE1080A205}&mid=dfb195e0190547d087e6d1544f25be9b-de9c874116cef9367ea5b433923e932f
Key Found:  HKU\S-1-5-21-744046318-1267797846-188280424-1003\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Data Found:  HKU\S-1-5-21-744046318-1267797846-188280424-1003\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Key Found:  HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Data Found:  HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Key Found:  HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\vProt
Key Found:  HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
Key Found:  HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin


***** [ Web browsers ] *****

Firefox pref Found:  [C:\Users\Allen\AppData\Roaming\Mozilla\Firefox\Profiles\a72c95jf.default-1453475763174\prefs.js] - "avg.wtu.ext.extParams" -  "{\"action\":\"extParams\",\"data\":{\"searchParams\":{\"pid\":\"wtu\",\"c
Firefox pref Found:  [C:\Users\Allen\AppData\Roaming\Mozilla\Firefox\Profiles\a72c95jf.default-1453475763174\prefs.js] - "browser.search.defaultenginename" -  "AVG Secure Search"
No malicious Chromium based browser items found.

*************************

C:\AdwCleaner\AdwCleaner[C2].txt - [4366 Bytes] - [05/12/2015 14:58:53]
C:\AdwCleaner\AdwCleaner[R0].txt - [6727 Bytes] - [23/07/2014 14:25:37]
C:\AdwCleaner\AdwCleaner[S0].txt - [6774 Bytes] - [23/07/2014 14:29:49]
C:\AdwCleaner\AdwCleaner[S2].txt - [4046 Bytes] - [05/12/2015 14:55:42]
C:\AdwCleaner\AdwCleaner[S3].txt - [5881 Bytes] - [16/01/2017 10:42:54]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [5954 Bytes] ##########
 



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,569 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:56 PM

Posted 16 January 2017 - 12:49 PM

Remove what ADWCleaner found....
Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • The tool will start to update the database if one is required.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button.
  • A window will open which lists the logs of your scans.
  • Click on the Scan tab.
  • Double-click the most recent scan which will be at the top of the list....the log will appear.
  • Review the results...see note below
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
  • To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
  • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
  • A copy of all logfiles are saved to C:\AdwCleaner.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 Alblan

Alblan
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:56 PM

Posted 16 January 2017 - 04:54 PM

OK.  Here is the logfile after AdwCleaner was done and the computer restarted.  I assume that I should next do the Junkware Removal Tool, so I will do that.

 

# AdwCleaner v6.042 - Logfile created 16/01/2017 at 16:38:58
# Updated on 06/01/2017 by Malwarebytes
# Database : 2017-01-15.1 [Local]
# Operating System : Windows Vista ™ Home Premium Service Pack 2 (X86)
# Username : Allen - ALLEN-PC
# Running from : C:\Users\Allen\Desktop\BleepingComputer\AdwCleaner.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****

[-] Service deleted: vToolbarUpdater40.3.6
[-] Service deleted: swdumon
[-] Service deleted: WtuSystemSupport


***** [ Folders ] *****

[-] Folder deleted: C:\Users\Allen\AppData\Local\slimware utilities inc
[-] Folder deleted: C:\Users\Allen\AppData\Local\avg web tuneup
[#] Folder deleted on reboot: C:\Users\Allen\AppData\Local\SlimWare Utilities Inc
[-] Folder deleted: C:\ProgramData\avg web tuneup
[#] Folder deleted on reboot: C:\ProgramData\Application Data\avg web tuneup
[-] Folder deleted: C:\Users\Public\Documents\Downloaded Installers
[-] Folder deleted: C:\Program Files\avg web tuneup
[-] Folder deleted: C:\Program Files\Common Files\AVG Secure Search
[-] Folder deleted: C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVG Secure Search


***** [ Files ] *****

[-] File deleted: C:\Windows\system32\drivers\swdumon.sys
[#] File deleted: C:\Users\Allen\AppData\Roaming\Mozilla\Firefox\Profiles\a72c95jf.default-1453475763174\extensions\Avg@toolbar.xpi


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Shortcuts ] *****



***** [ Scheduled Tasks ] *****



***** [ Registry ] *****

[-] Key deleted: HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\WtuSystemSupport
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[-] Key deleted: HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
[-] Key deleted: HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key deleted: HKU\S-1-5-21-744046318-1267797846-188280424-1003\Software\SlimWare Utilities Inc
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-744046318-1267797846-188280424-1003\Software\AVG Secure Search
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-744046318-1267797846-188280424-1003\Software\SweetIM
[#] Key deleted on reboot: HKCU\Software\SlimWare Utilities Inc
[-] Key deleted: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\Updater By Sweetpacks
[-] Key deleted: HKLM\SOFTWARE\SlimWare Utilities Inc
[-] Key deleted: HKLM\SOFTWARE\AVG Tuneup
[-] Key deleted: HKU\S-1-5-21-744046318-1267797846-188280424-1003\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[#] Key deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\vProt
[-] Key deleted: HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Key deleted: HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin


***** [ Web browsers ] *****

[-] Chrome preferences cleaned: "avg.wtu.ext.extParams" -  "{\"action\":\"extParams\",\"data\":{\"searchParams\":{\"pid\":\"wtu\",\"cid\":\"{9cc4d590-322d-44e8-8b10-11d1e7fa695a}\",\"mid\":\"dfb195e0190547d087e6d1544f25be9b-de9c874116cef9367ea5b433923e932f0de53af0\",\"ds\":\"AVG\",\"v\":\"4.3.6.255\",\"lang\":\"en\",\"pr\":\"fr\",\"d\":\"2016-12-06%2020%3A05%3A24\",\"ud\":\"\",\"cmpid\":\"1216avi\",\"domain\":\"mysearch.avg.com\",\"protocol\":\"hxxps\",\"FileUpdateDate\":\"\",\"form\":\"AVGSDF\",\"pc\":\"AVG2\"},\"cmpIds\":{\"hp\":\"1216avi\",\"nt\":\"1216avi\",\"dsp\":\"1216avz\"},\"install\":{\"RevertUrlHp\":\"about:home\",\"RevertUrlSp\":\"Google\",\"RevertUrlNt\":\"about:newtab\",\"hp\":1,\"sp\":1,\"nt\":1},\"manifest\":{\"domain_display_name\":\"AVG Secure Search\"}}}"
[-] Chrome preferences cleaned: "browser.search.defaultenginename" -  "AVG Secure Search"


*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C2].txt - [4366 Bytes] - [05/12/2015 14:58:53]
C:\AdwCleaner\AdwCleaner[C3].txt - [5693 Bytes] - [16/01/2017 16:38:58]
C:\AdwCleaner\AdwCleaner[R0].txt - [6727 Bytes] - [23/07/2014 14:25:37]
C:\AdwCleaner\AdwCleaner[S0].txt - [6774 Bytes] - [23/07/2014 14:29:49]
C:\AdwCleaner\AdwCleaner[S2].txt - [4046 Bytes] - [05/12/2015 14:55:42]
C:\AdwCleaner\AdwCleaner[S3].txt - [6033 Bytes] - [16/01/2017 10:42:54]
C:\AdwCleaner\AdwCleaner[S4].txt - [5456 Bytes] - [16/01/2017 16:01:58]
C:\AdwCleaner\AdwCleaner[S5].txt - [5529 Bytes] - [16/01/2017 16:14:15]

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [6204 Bytes] ##########



#10 Alblan

Alblan
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:56 PM

Posted 16 January 2017 - 09:23 PM

Here's my JRT.txt file.  Surely my computer must be trimmed down by now to just skin and bones!  But I'll continue with ESET Online Scanner.

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows Vista ™ Home Premium x86
Ran by Allen (Administrator) on Mon 01/16/2017 at 19:11:54.15
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 39

Successfully deleted: C:\Program Files\mozilla firefox\defaults\pref\itms.js (File)
Successfully deleted: C:\ProgramData\ammyy (Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{0FFC429E-321C-4427-A75B-7B9DC1ED7CA7} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{19D8E0A1-B0AF-4413-918B-23095CE5AB4E} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{3832073B-F5CF-4FDF-8F61-BC4BE561FEE5} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{3A607BEB-B7BB-41D9-8CAC-B8C72C053245} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{3C02264E-9B29-4B32-B204-272D75E6910C} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{4DB290ED-2B04-4774-B977-F1B1247DF589} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{5FBA0CC5-AC12-483E-ABD7-3C6F61687E74} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{7AF5F8D8-E915-4CCD-8F57-5A1A91CCA1D2} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{A4EC8E3A-070D-4C76-BD40-C3FB72414C5B} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{B5341397-B1D0-4A8B-B45E-926565D82944} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{DD1299B4-9D80-411F-A67A-651160E63574} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{DED185DC-25E7-4616-9705-858E4172EC67} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{F6C0813C-0873-4800-8F97-0D72F0FFEE1E} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\cre (Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gpdgdlcjhlbaphcjmagicjhhgfnkiihp_0.localstorage-journal (File)
Successfully deleted: C:\Users\Allen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gpdgdlcjhlbaphcjmagicjhhgfnkiihp_0.localstorage (File)
Successfully deleted: C:\Users\Allen\AppData\Roaming\new version available (Folder)
Successfully deleted: C:\Windows\System32\drivers\swdumon.sys (File)
Successfully deleted: C:\Windows\System32\Tasks\AVG Driver Updater Startup (Task)
Successfully deleted: C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 (Task)
Successfully deleted: C:\Windows\Tasks\AVG Driver Updater Startup.job (Task)
Successfully deleted: C:\Users\Allen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8A0UEWJG (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8S3Q8D8I (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AHDGHM8X (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AN19JJAI (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CFM5SW6L (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q8G2C1JD (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNITK3S2 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZJS47IVK (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8A0UEWJG (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8S3Q8D8I (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AHDGHM8X (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AN19JJAI (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CFM5SW6L (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q8G2C1JD (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNITK3S2 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZJS47IVK (Temporary Internet Files Folder)

Deleted the following from C:\Users\Allen\AppData\Roaming\Mozilla\Firefox\Profiles\a72c95jf.default-1453475763174\prefs.js
user_pref(avg.wtu.ext.extParams, {\action\:\extParams\,\data\:{\searchParams\:{\pid\:\wtu\,\cid\:\{9cc4d590-322d-44e8-8b10-11d1e7fa695a}\,\mid\:\dfb195e0
user_pref(browser.search.defaultenginename, AVG Secure Search);



Registry: 4

Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\SWDUMon (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 01/16/2017 at 19:27:51.55
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#11 Alblan

Alblan
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:56 PM

Posted 17 January 2017 - 05:46 AM

You were serious when you said to be patient while ESET Online Scanner is scanning! My scan has been active now for eight hours and the progress bar shows 47% completion. It has found 22 threats in about 202,000 files. Is this typical or normal?

#12 Alblan

Alblan
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:56 PM

Posted 17 January 2017 - 05:48 AM

Incidentally, that last post and this one are from my phone--I am not working the computer during the lengthy ESET scan.

#13 Alblan

Alblan
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:56 PM

Posted 17 January 2017 - 09:30 AM

ESET finally wrapped up its scan.  Here's the log of the 22 threats it found.  What is my next step to do?

 

C:\ProgramData\Clickfree\FullImagingBackup\RollBack\Data\9483822014067590056    a variant of Win32/Toolbar.Conduit.AR potentially unwanted application    
C:\Users\All Users\Clickfree\FullImagingBackup\RollBack\Data\17384878793567140177    Win32/Adware.Facetheme.F application    
C:\Users\All Users\Clickfree\FullImagingBackup\RollBack\Data\3412635547157642498    a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application    
C:\Users\All Users\Clickfree\FullImagingBackup\RollBack\Data\5367079915579007627    a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application    
C:\Users\All Users\Clickfree\FullImagingBackup\RollBack\Data\6735698930486095012    a variant of Win32/Adware.ErrorRepair.A application    
C:\Users\All Users\Clickfree\FullImagingBackup\RollBack\Data\9483822014067590056    a variant of Win32/Toolbar.Conduit.AR potentially unwanted application    
C:\Users\All Users\Clickfree\FullImagingBackup\RollBack\Data\9984732241739781884    Win32/Bundled.Toolbar.Google.D potentially unsafe application    
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\FreeTrim MP3\FreeTrim MP3 on the Web.url    LNK/Agent.CH trojan    
C:\AdwCleaner\Quarantine\C\Program Files\OApps\dler.exe.vir    Win32/Adware.Facetheme.F application    cleaned by deleting
C:\AdwCleaner\Quarantine\C\ProgramData\apn\APN-Stub\W3IV6-G\APNIC.7z.vir    a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application    deleted
C:\AdwCleaner\Quarantine\C\ProgramData\apn\APN-Stub\W3IV6-G\APNIC.dll.vir    a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application    cleaned by deleting
C:\AdwCleaner\Quarantine\C\Users\Allen\AppData\Roaming\Conduit\Uninstaller\CT3277370\CT3277370.firefox.uninstall.exe.vir    a variant of Win32/Toolbar.Conduit.AR potentially unwanted application    cleaned by deleting
C:\AdwCleaner\Quarantine\files\evxxsaadgtrwstirmgqxscjywasxcdeu\{3F2268B0-B60D-4678-BF33-E1CD21FCCF82}\setup.msi    a variant of Win32/Adware.ErrorRepair.A application    deleted
C:\Program Files\FreeTrim MP3\goup.exe    a variant of Win32/Tsingsoft.A potentially unwanted application    cleaned by deleting
C:\ProgramData\Clickfree\FullImagingBackup\RollBack\Data\17384878793567140177    Win32/Adware.Facetheme.F application    cleaned by deleting
C:\ProgramData\Clickfree\FullImagingBackup\RollBack\Data\3412635547157642498    a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application    cleaned by deleting
C:\ProgramData\Clickfree\FullImagingBackup\RollBack\Data\5367079915579007627    a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application    deleted
C:\ProgramData\Clickfree\FullImagingBackup\RollBack\Data\6735698930486095012    a variant of Win32/Adware.ErrorRepair.A application    cleaned by deleting
C:\ProgramData\Clickfree\FullImagingBackup\RollBack\Data\9984732241739781884    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeTrim MP3\FreeTrim MP3 on the Web.url    LNK/Agent.CH trojan    cleaned by deleting
C:\Users\Allen\Documents\Downloads\ccsetup521.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted
C:\Users\Homeboy\Downloads\setup9x.exe    a variant of Win32/Adware.ErrorRepair.A application    cleaned by deleting
 



#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,569 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:56 PM

Posted 17 January 2017 - 10:06 AM

That's why I use it. It is thorough.. Looks clean now.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 Alblan

Alblan
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:56 PM

Posted 17 January 2017 - 12:09 PM

Okay--so are we done?  I have no more alerts of virus infection.  My computer is still incredibly slow.  Now that I have the log files from the various steps you recommended, did they take care of all the problems, or is there still a set of actions I should take on the basis of what they found? 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users