Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Multiple infections


  • Please log in to reply
17 replies to this topic

#1 alik2k

alik2k

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:10:38 PM

Posted 30 July 2017 - 07:58 PM

I was given a hand-me-down new computer at work. Have to work with what I've got. I want to get it better because it's better than the very, very out of date old computer I was using. Ran into issues with it not being able to download any Windows Update. It just freezes. Installed Avast and it can't complete a Smart Scan. Freezes at 85%. Decided to run Malware Bytes and see what it came up with. Malware Bytes came up with over 100 issues which it quarantined. Also ran other scans and they also came up with issues which they cleaned. I want to know what other issues are lurking beneath the surface of the machine.

 

It is a Toshiba Windows 7, SP1, 64-bit laptop.



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:38 PM

Posted 30 July 2017 - 08:04 PM

Hello, Restart the computer and run these.

MiniToolBox
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP conf[iguration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
SXvL3ZF.pngTDSSKiller
  • Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
zcMPezJ.pngAdwCleaner
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
lv0mVRW.pngJunkware Removal Tool
  • Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
And finally I'd like us to scan your machine with ESET OnlineScan:
  • It is recommended to turn off your antivirus program. Click on the E5rfZI9.png button to see which antivirus is currently enabled:
c4VVzVO.png
  • Turn off your antivirus program. See here how to do this.
  • Check the option beside: Enable detection of potentially unwanted applications.
  • Now click on Advanced Settings and make sure that the option Clean threats automatically is NOT checked, and select the following:
Enable detection of potentially unsafe applications
Enable detection of suspicious applications
Scan archives
Enable Anti-Stealth Technology
  • Click on the Change button and select only Operating memory, Autostart locations and drive C:\ to be scanned.
yKulboi.jpg
  • Push the dtoGjAL.png button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
8L8IBHJ.png
  • When the scan completes a list of found threats will open automatically (if any malicious files are found).
imxEgHt.png
  • Push thecRhRYZ8.png button and save the file to your desktop using a unique name, such as ESETScan.txt. Include the contents of this report in your next reply.
  • Push the 9IjfdXq.png button.
  • Check the box beside RHzfZB1.png to uninstall the application when closed.
  • Push Vc3btaC.png and the close the application clicking the X in upper right corner.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 alik2k

alik2k
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:10:38 PM

Posted 31 July 2017 - 11:43 AM

For Adware Cleaner, I have the option of Clean or Logfiles for the 127 elements. Should I click on Clean?
 
MTB-
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="Local Area Connection" nexthop=192.168.10.2 publish=Yes
add address name="Local Area Connection" address=192.168.10.200 mask=255.255.255.0
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Paul-PC2
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : domain.actdsltmp
 
Wireless LAN adapter Wireless Network Connection 3:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 9C-B7-0D-BA-2E-E6
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20)
   Physical Address. . . . . . . . . : 04-7D-7B-6A-41-3A
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : domain.actdsltmp
   Description . . . . . . . . . . . : Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
   Physical Address. . . . . . . . . : 9C-B7-0D-BA-2E-E6
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::8407:f86f:b386:34f1%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.3(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Monday, July 31, 2017 12:00:43 PM
   Lease Expires . . . . . . . . . . : Monday, August 07, 2017 12:00:45 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 245151501
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-F2-44-6F-9C-B7-0D-BA-2E-E6
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
Server:  
Address:  192.168.1.1
 
Name:    google.com
Addresses:  2607:f8b0:4006:818::200e
 172.217.3.110
 
 
Pinging google.com [172.217.10.78] with 32 bytes of data:
Reply from 172.217.10.78: bytes=32 time=26ms TTL=56
Reply from 172.217.10.78: bytes=32 time=12ms TTL=56
 
Ping statistics for 172.217.10.78:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 12ms, Maximum = 26ms, Average = 19ms
Server:  
Address:  192.168.1.1
 
Name:    yahoo.com
Addresses:  2001:4998:44:204::a7
 2001:4998:c:a06::2:4008
 2001:4998:58:c02::a9
 206.190.36.45
 98.138.253.109
 98.139.180.149
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=109ms TTL=51
Reply from 206.190.36.45: bytes=32 time=93ms TTL=51
 
Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 93ms, Maximum = 109ms, Average = 101ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 17...9c b7 0d ba 2e e6 ......Microsoft Virtual WiFi Miniport Adapter
 12...04 7d 7b 6a 41 3a ......Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20)
 11...9c b7 0d ba 2e e6 ......Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
  1...........................Software Loopback Interface 1
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.3     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.3    281
      192.168.1.3  255.255.255.255         On-link       192.168.1.3    281
    192.168.1.255  255.255.255.255         On-link       192.168.1.3    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.3    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.3    281
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
          0.0.0.0          0.0.0.0     192.168.10.2  Default 
===========================================================================
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 11    281 fe80::/64                On-link
 11    281 fe80::8407:f86f:b386:34f1/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 10 C:\windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog9 01 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 10 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (07/31/2017 12:09:19 PM) (Source: Toshiba App Place) (User: )
Description: System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a receive.
Error Data:
(no response)
Stack Trace:
   at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
   at SnappCloud.ActivationReminder.AraClient.GetResponseCallback[T](IAsyncResult result)
 
Error: (07/31/2017 12:08:47 PM) (Source: Application Error) (User: )
Description: Faulting application name: LogonUI.exe, version: 6.1.7601.17514, time stamp: 0x4ce79f70
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000374
Fault offset: 0x00000000000c4102
Faulting process id: 0x1734
Faulting application start time: 0xLogonUI.exe0
Faulting application path: LogonUI.exe1
Faulting module path: LogonUI.exe2
Report Id: LogonUI.exe3
 
Error: (07/31/2017 12:05:23 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/31/2017 11:58:23 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/31/2017 11:53:41 AM) (Source: Application Error) (User: )
Description: Faulting application name: CsrBtOBEXService.exe, version: 2.1.63.0, time stamp: 0x4f68683b
Faulting module name: CsrBtOBEXService.exe, version: 2.1.63.0, time stamp: 0x4f68683b
Exception code: 0xc0000005
Fault offset: 0x0000000000006f58
Faulting process id: 0x6b4
Faulting application start time: 0xCsrBtOBEXService.exe0
Faulting application path: CsrBtOBEXService.exe1
Faulting module path: CsrBtOBEXService.exe2
Report Id: CsrBtOBEXService.exe3
 
Error: (07/31/2017 11:44:49 AM) (Source: Toshiba App Place) (User: )
Description: System.Runtime.Serialization.SerializationException: There was an error deserializing the object of type SnappCloud.ActivationReminder.Models.InitClientResponse. Encountered unexpected character '<'.
Stack Trace:
   at System.Runtime.Serialization.XmlObjectSerializer.ReadObjectHandleExceptions(XmlReaderDelegator reader, Boolean verifyObjectName)
   at System.Runtime.Serialization.Json.DataContractJsonSerializer.ReadObject(XmlDictionaryReader reader)
   at System.Runtime.Serialization.Json.DataContractJsonSerializer.ReadObject(Stream stream)
   at SnappCloud.ActivationReminder.AraClient.DeserializeJson[T](String json)
   at SnappCloud.ActivationReminder.AraClient.GetResponseCallback[T](IAsyncResult result)
 
Error: (07/31/2017 11:43:02 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/31/2017 11:32:27 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/31/2017 11:26:35 AM) (Source: Application Error) (User: )
Description: Faulting application name: CsrBtOBEXService.exe, version: 2.1.63.0, time stamp: 0x4f68683b
Faulting module name: CsrBtOBEXService.exe, version: 2.1.63.0, time stamp: 0x4f68683b
Exception code: 0xc0000005
Fault offset: 0x0000000000006f58
Faulting process id: 0x74c
Faulting application start time: 0xCsrBtOBEXService.exe0
Faulting application path: CsrBtOBEXService.exe1
Faulting module path: CsrBtOBEXService.exe2
Report Id: CsrBtOBEXService.exe3
 
Error: (07/31/2017 11:17:47 AM) (Source: MsiInstaller) (User: )
Description: Product: QuickTime 7 -- Error 1719. The Windows Installer Service could not be accessed. This can occur if you are running Windows in safe mode, or if the Windows Installer is not correctly installed. Contact your support personnel for assistance.
 
 
System errors:
=============
Error: (07/31/2017 12:03:28 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AudioEndpointBuilder service.
 
Error: (07/31/2017 12:01:55 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (07/31/2017 11:58:43 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X64 service to connect.
 
Error: (07/31/2017 11:56:55 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (07/31/2017 11:54:52 AM) (Source: Service Control Manager) (User: )
Description: The CSR Bluetooth Service service did not shut down properly after receiving a preshutdown control.
 
Error: (07/31/2017 11:54:20 AM) (Source: Service Control Manager) (User: )
Description: The CSR Bluetooth Audio Service service did not shut down properly after receiving a preshutdown control.
 
Error: (07/31/2017 11:53:58 AM) (Source: Service Control Manager) (User: )
Description: The Group Policy Client service did not shut down properly after receiving a preshutdown control.
 
Error: (07/31/2017 11:52:43 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (07/31/2017 11:42:43 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (07/31/2017 11:31:29 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
 
Microsoft Office Sessions:
=========================
Error: (01/24/2015 09:47:21 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 528135 seconds with 8460 seconds of active time.  This session ended with a crash.
 
Error: (12/13/2014 09:43:13 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 59 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (12/13/2014 09:40:34 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 73657 seconds with 1800 seconds of active time.  This session ended with a crash.
 
Error: (12/10/2014 11:52:43 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 7 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (08/07/2014 06:26:58 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 205747 seconds with 1800 seconds of active time.  This session ended with a crash.
 
Error: (05/25/2014 02:42:45 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 456348 seconds with 1920 seconds of active time.  This session ended with a crash.
 
Error: (04/18/2014 07:31:07 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 387282 seconds with 12240 seconds of active time.  This session ended with a crash.
 
Error: (03/19/2014 03:47:05 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 111397 seconds with 1140 seconds of active time.  This session ended with a crash.
 
Error: (02/24/2014 08:37:14 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 117202 seconds with 2100 seconds of active time.  This session ended with a crash.
 
Error: (02/23/2014 04:20:47 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 160173 seconds with 1200 seconds of active time.  This session ended with a crash.
 
 
=========================== Installed Programs ============================
 
2d3 SteadyMove for Adobe Premiere Pro (HKLM-x32\...\{94118D5F-2D5D-4BF5-9F84-11FB8A97B566}) (Version: 1.01.1401 - 2d3 Ltd)
3.0.2.321 (HKLM-x32\...\{29A9D366-A463-41E2-861C-FAB50A9D3745}_is1) (Version:  - )
64 Bit HP CIO Components Installer (HKLM\...\{55D55008-E5F6-47D6-B16F-B2A40D4D145F}) (Version: 6.2.1 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 26.0.0.127 - Adobe Systems Incorporated)
Adobe Flash Player 26 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 26.0.0.137 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated)
Adobe Photoshop Elements 7.0 (HKLM-x32\...\Adobe Photoshop Elements 7) (Version: 7.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 4 64-bit (HKLM\...\{669A82E0-43E2-4645-8A2E-1A3DE78F8312}) (Version: 4.0.1 - Adobe)
Adobe Photoshop.com Inspiration Browser (HKLM-x32\...\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1) (Version: 2.61 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.20) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.20 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.9.199 - Adobe Systems, Inc.)
Air Copy (HKLM-x32\...\{774817AB-264D-4673-B18F-E9F020FAFD97}) (Version: 1.0.3 - ION Audio)
AOL Uninstaller (Choose which Products to Remove) (HKLM-x32\...\AOL Uninstaller) (Version:  - AOL Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Perfect365 (HKLM-x32\...\{5B5E949E-3924-45E3-9229-84E8270BED68}) (Version: 1.8.0.3 - ArcSoft, Inc.)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
Audials (HKLM-x32\...\{CDA91A28-4350-4885-944F-88908A0E3BBC}) (Version: 10.1.6207.700 - Audials AG)
Aunsoft Final Mate version 1.9.1.1166 (HKLM-x32\...\{777035DA-2B47-4E06-8A01-D33423CCB8D9}_is1) (Version:  - )
AV Tube (HKLM-x32\...\AV Tube) (Version: 1.0.20 - AVSoft Corp. (VN))
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.5.2303 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brightness Guide 1.1.1 (HKLM\...\Brightness Guide_is1) (Version: 1.1.1 - Tint Guide)
BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.32 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.51.2.51 - Conexant)
Copy (HKLM-x32\...\{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
CSR Harmony Wireless Software Stack (HKLM\...\{17DEA095-8EE1-49A2-AC5A-9663DB098FA9}) (Version: 2.1.63.0 - Cambridge Silicon Radio Limited.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DeleteMe 1.3.2 (HKLM-x32\...\DeleteMe) (Version: 1.3.2 - CyberKiko)
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
DJ_AIO_05_F4400_Software_Min (HKLM-x32\...\{A835C187-691C-4827-BCEA-1611179C96B9}) (Version: 140.0.690.000 - Hewlett-Packard) Hidden
Download Updater (AOL LLC) (HKLM-x32\...\SoftwareUpdUtility) (Version:  - )
Easy audio mixer 2.0 (HKLM-x32\...\EasyAudioMixer2_is1) (Version: 2.0 - G.F. Software)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.4.0 - Seiko Epson Corporation)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.7.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{0F13C24A-FFE2-4CD0-8E0B-DC804E0A0E0B}) (Version: 3.10.0035 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Epson XP-410 User's Guide version 1.0 (HKLM-x32\...\UsersGuideEpson XP-410 User's Guide_is1) (Version: 1.0 - )
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
EZTalks 2.1.0.0 (HKLM-x32\...\{4DE4DFB5-1D3D-4639-853C-928AA5C6191C}_is1) (Version:  - CUMeeting Inc.)
F4400 (HKLM-x32\...\{08067AFD-4ECE-4454-80B4-31C859D4EDC1}) (Version: 140.0.696.000 - Hewlett-Packard) Hidden
FBM PDF Converter (HKLM-x32\...\FBM PDF Converter_is1) (Version:  - flip-book-maker.com Solution)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.211.000 - Hewlett-Packard) Hidden
GPL Ghostscript 8.71 (HKLM-x32\...\GPL Ghostscript 8.71) (Version:  - )
HARDiNFO 7 Professional (HKLM-x32\...\{708C3C8B-A637-4AF5-9749-8F2914CA6B23}) (Version: 7.0 - Ultimate Systems) Hidden
HARDiNFO 7 Professional (HKLM-x32\...\HARDiNFO 7 Professional) (Version: 7.0 - Ultimate Systems)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F4400 Printer Driver Software 14.0 Rel. 5 (HKLM\...\{A800FCC9-8E1E-4D84-9CED-47870701FDE1}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Officejet 6600 Basic Device Software (HKLM\...\{B407F586-D027-45C3-9109-CC2943E839FA}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Pocket Playlist (HKLM-x32\...\{87611DE6-794F-47A6-87A2-CD0EAB771E32}) (Version: 1.00.0000 - Hewlett-Packard)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{74DC0593-6BC6-4001-AD5F-D810AFB68D86}) (Version: 5.002.002.002 - Hewlett-Packard)
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}) (Version: 140.0.211.000 - Hewlett-Packard) Hidden
ICA (HKLM-x32\...\{77B3BEA9-835C-4DDF-BCE7-1510271E4E37}) (Version: 17.0.0.249 - Corel Corporation) Hidden
iCloud (HKLM\...\{6096C0CC-7E19-4355-87F0-627EC5AA146D}) (Version: 4.0.3.56 - Apple Inc.)
Inpaint 4.7 (HKLM-x32\...\{2AEDC172-479F-47AE-8A48-A0524D4AED5B}_is1) (Version:  - Teorex)
InstantPhotoSketch Pro 2.1 (HKLM-x32\...\{2CEC6A7A-3366-4CE0-B8FD-540434ED3702}_is1) (Version:  - CPSSoftware)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2509 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KC Softwares AVIToolbox (HKLM-x32\...\KC Softwares AVIToolbox_is1) (Version:  - KC Softwares)
KC Softwares PhotoToFilm (HKLM-x32\...\KC Softwares PhotoToFilm_is1) (Version:  - KC Softwares)
K-Lite Codec Pack 7.9.0 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.9.0 - )
Leawo iTransfer version  1.8.2.5 (HKLM-x32\...\{93337CC5-9BC4-4FB0-B82E-38EC63E149F3}_is1) (Version: 1.8.2.5 - Leawo Software)
LooxcieDesktop (HKLM-x32\...\LooxcieDesktop) (Version: 1.4.5 - Looxcie)
Lytro Desktop (HKLM-x32\...\LytroDesktop) (Version: 3.0.0 - Lytro, Inc.)
MakeUp Pilot Free 4.5.2 (HKLM\...\MakeUp Pilot Free_is1) (Version: 4.5.2 - Two Pilots)
Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
MarketResearch (HKLM-x32\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Professional 2007 (HKLM-x32\...\PROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ Run Time  Lib Setup (HKLM-x32\...\{AAF4238F-7C29-451D-9925-C753271A5728}) (Version: 1.0.0 - Microsoft)
Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0409-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)
Mozilla Firefox 43.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 en-US)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2.5765 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Netwaiting (HKLM-x32\...\{74B8998B-2B1B-4414-AD5D-17E7E9B5FF0A}) (Version: 1.0.1 - Conexant Systems, Inc)
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
PageFlip PDF to Flash Converter (HKLM-x32\...\PageFlip PDF to Flash Converter_is1) (Version:  - PageFlipPDF Solution)
Perfect Effects 8 (HKLM-x32\...\{C982ACFF-5997-4B7D-B3E1-CF7273A06FB2}) (Version: 8.1.0 - onOne Software)
Photo to Sketch Converter 2.0 (HKLM-x32\...\Photo to Sketch Converter_is1) (Version: 2.0 - SoftOrbits)
Photomizer Retro (HKLM-x32\...\{41B5224D-7853-4EA5-0001-C8949A33B608}) (Version: 2.0.13.308 - Engelmann Media GmbH)
PhotoshopdotcomInspirationBrowser (HKLM-x32\...\{AFBBF30D-ADA9-4313-464E-14458B6BE034}) (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Privacy Optimizer (HKLM-x32\...\PrivacyOptimizer) (Version: 1.0 - Badosoft)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 1.0.0.15 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0013 - REALTEK Semiconductor Corp.)
Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.80.000 - Hewlett-Packard) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Sketch Drawer 1.0 (HKLM-x32\...\Sketch Drawer_is1) (Version: 1.0 - SoftOrbits)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype Launcher (HKLM-x32\...\{DA84ECBF-4B79-47F2-B34C-95C38484C058}) (Version: 2.01 - TOSHIBA Corporation)
Skype™ 6.9 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.9.106 - Skype Technologies S.A.)
SmartSound Quicktracks 5 (HKLM-x32\...\{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.6 - SmartSound Software Inc.) Hidden
SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.6 - SmartSound Software Inc.)
SmartWebPrinting (HKLM-x32\...\{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}) (Version: 140.0.186.000 - Hewlett-Packard) Hidden
Snap Secure (HKLM-x32\...\{AD34C3A4-6489-42E0-B17A-289CB59ED7C8}) (Version: 1.1.8 - SnapOne, Inc.) Hidden
Snap Secure (HKLM-x32\...\InstallShield_{AD34C3A4-6489-42E0-B17A-289CB59ED7C8}) (Version: 1.1.8 - SnapOne, Inc.)
Soft Organizer version 3.04 (HKLM-x32\...\Soft Organizer_is1) (Version: 3.04 - ChemTable Software)
SoftOrbits Flash Drive Recovery 2.1 (HKLM-x32\...\SoftOrbits Flash Drive Recovery_is1) (Version: 2.1 - SoftOrbits)
SoftOrbits Photo Retoucher 2.0 (HKLM-x32\...\SoftOrbits Photo Retoucher_is1) (Version: 2.0 - SoftOrbits)
Software Updater (HKLM-x32\...\{E1BAD1BA-C0E8-4018-9281-E7D2C6B07474}) (Version: 4.3.6 - SEIKO EPSON CORPORATION)
SolutionCenter (HKLM-x32\...\{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}) (Version: 140.0.213.000 - Hewlett-Packard) Hidden
Spartan (HKLM-x32\...\Spartan) (Version:  - )
Status (HKLM-x32\...\{2FB9EA69-51D4-4913-9AD5-762C034DE811}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.11.1 - Synaptics Incorporated)
Syncios version 4.1.6 (HKLM-x32\...\{068A5D84-8419-4BDE-9689-FE65F412EFBB}_is1) (Version: 4.1.6 - Anvsoft, Inc.)
TDMore DVD Converter for GOTD 1.0.0.5 (18/09/2014) (HKLM-x32\...\TDMore DVD Converter for GOTD_is1) (Version:  - )
Tipard Blu-ray Player 6.1.20 (HKLM-x32\...\{3827AA3A-CC6F-4260-AF59-46AAD9A2F6A8}_is1) (Version: 6.1.20 - Tipard Studio)
Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.428.000 - Hewlett-Packard) Hidden
Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.2 - TOSHIBA)
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.2.3.0 - TOSHIBA CORPORATION)
Toshiba Book Place (HKLM-x32\...\{A14962A7-2B7D-456E-BFCD-F54E3A88D41F}) (Version: 2.2.7530 - K-NFB Reading Technology, Inc.)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{1C8C049A-145F-4A6E-8290-B5C245EBE39D}) (Version: 1.6.11.64 - TOSHIBA Corporation)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.11 for x64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM\...\{C2F94B5E-201A-4754-8F2F-4395E1D90DA3}) (Version: 1.3.5.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.17.64 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}) (Version: 4.08.09.00 - TOSHIBA)
TOSHIBA HDD/SSD Alert (HKLM\...\{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.9 - TOSHIBA Corporation)
Toshiba Laptop Checkup (HKLM-x32\...\NortonPCCheckup) (Version: 2.0.13.11 - Symantec Corporation)
TOSHIBA Media Controller (HKLM-x32\...\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}) (Version: 1.0.87.4 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.7.5 - TOSHIBA CORPORATION)
Toshiba Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 2.0.0.31 - Toshiba)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.7.9.64 - TOSHIBA Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.4 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.5.5109a - TOSHIBA CORPORATION)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.21.64 - TOSHIBA Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.1.2001 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.12 - TOSHIBA)
TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.2.8 - TOSHIBA Corporation)
TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{CBD6B23D-41D5-4A46-8019-6208516C9712}) (Version: 4.08.09.00 - TOSHIBA)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.6.1.64 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.3.3 - TOSHIBA Corporation)
TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.7 - TOSHIBA)
TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
UnHackMe 7.11 release (HKLM-x32\...\UnHackMe_is1) (Version:  - Greatis Software, LLC.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.212.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
X-Mirage version 1.01.5 (HKLM-x32\...\{EE034220-E0F5-4AA3-82B5-DD1CC216A6F5}_is1) (Version: 1.01.5 - X-Mirage, Inc.)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 59%
Total physical RAM: 4043.86 MB
Available physical RAM: 1621.19 MB
Total Virtual: 8085.9 MB
Available Virtual: 5424.68 MB
 
========================= Partitions: =====================================
 
1 Drive c: (TI106320W0D) (Fixed) (Total:449.62 GB) (Free:280.43 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\PAUL-PC2
 
Administrator            Guest                    Paul                     
PrivacyOptimizerFP       WCCA                     
 
 
**** End of log ****
 
TDSS Killer-
12:38:18.0533 0x1a64  TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
12:38:26.0691 0x1a64  ============================================================
12:38:26.0691 0x1a64  Current date / time: 2017/07/31 12:38:26.0691
12:38:26.0691 0x1a64  SystemInfo:
12:38:26.0691 0x1a64  
12:38:26.0691 0x1a64  OS Version: 6.1.7601 ServicePack: 1.0
12:38:26.0691 0x1a64  Product type: Workstation
12:38:26.0692 0x1a64  ComputerName: PAUL-PC2
12:38:26.0697 0x1a64  UserName: Paul
12:38:26.0697 0x1a64  Windows directory: C:\windows
12:38:26.0697 0x1a64  System windows directory: C:\windows
12:38:26.0697 0x1a64  Running under WOW64
12:38:26.0697 0x1a64  Processor architecture: Intel x64
12:38:26.0697 0x1a64  Number of processors: 4
12:38:26.0697 0x1a64  Page size: 0x1000
12:38:26.0697 0x1a64  Boot type: Normal boot
12:38:26.0697 0x1a64  CodeIntegrityOptions = 0x00000001
12:38:26.0697 0x1a64  ============================================================
12:38:26.0700 0x1a64  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.18247, osProperties = 0x1
12:38:31.0285 0x1a64  System UUID: {6002A968-DE9F-2D13-0ABD-E2AB0DF5F6DC}
12:38:42.0023 0x1a64  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:38:42.0381 0x1a64  ============================================================
12:38:42.0381 0x1a64  \Device\Harddisk0\DR0:
12:38:42.0656 0x1a64  MBR partitions:
12:38:42.0656 0x1a64  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x3833E800
12:38:42.0656 0x1a64  ============================================================
12:38:44.0680 0x1a64  C: <-> \Device\Harddisk0\DR0\Partition1
12:38:44.0680 0x1a64  ============================================================
12:38:44.0680 0x1a64  Initialize success
12:38:44.0680 0x1a64  ============================================================
12:38:46.0553 0x1854  ============================================================
12:38:46.0553 0x1854  Scan started
12:38:46.0553 0x1854  Mode: Manual; 
12:38:46.0553 0x1854  ============================================================
12:38:46.0553 0x1854  KSN ping started
12:38:51.0422 0x1854  KSN ping finished: true
12:39:08.0588 0x1854  ================ Scan system memory ========================
12:39:08.0588 0x1854  System memory - ok
12:39:08.0589 0x1854  ================ Scan services =============================
12:39:09.0163 0x1854  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
12:39:09.0177 0x1854  1394ohci - ok
12:39:09.0302 0x1854  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\windows\system32\drivers\ACPI.sys
12:39:09.0320 0x1854  ACPI - ok
12:39:09.0454 0x1854  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys
12:39:09.0456 0x1854  AcpiPmi - ok
12:39:09.0824 0x1854  [ 5A8104D0DDA7C48D967F6A66AFF35CC5, 07E27BE72DAEABFA98B9A6AF3CCE706695D33A496F2308F7BAFFA86CF62E2B86 ] ADExchange      C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
12:39:09.0828 0x1854  ADExchange - ok
12:39:10.0036 0x1854  [ 3FD8DC2C9735C2AA70155102CFB93EDA, 92C066ECF295C757EB51DC42336329950A1920865051ABF47A6CFF8CC96E152E ] AdobeActiveFileMonitor7.0 C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
12:39:10.0043 0x1854  AdobeActiveFileMonitor7.0 - ok
12:39:10.0232 0x1854  [ 8D6BA8E7676038A27FD4ECF12CC744B0, F5D59B764DCB4A06A51939533DC7B2391FD68E3979C48939C023A60DCE0D2101 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:39:10.0238 0x1854  AdobeARMservice - ok
12:39:10.0622 0x1854  [ 0DC99843E91A0313F0C6591656D650A5, 583DCD5D3BA3F470FF9F39221358EF2DF01FE62B98562FCFD1AD99FA1C01892E ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:39:10.0636 0x1854  AdobeFlashPlayerUpdateSvc - ok
12:39:12.0654 0x1854  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\windows\system32\drivers\adp94xx.sys
12:39:12.0676 0x1854  adp94xx - ok
12:39:12.0904 0x1854  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\windows\system32\drivers\adpahci.sys
12:39:12.0921 0x1854  adpahci - ok
12:39:12.0966 0x1854  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\windows\system32\drivers\adpu320.sys
12:39:12.0971 0x1854  adpu320 - ok
12:39:13.0031 0x1854  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
12:39:13.0034 0x1854  AeLookupSvc - ok
12:39:13.0195 0x1854  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\windows\system32\drivers\afd.sys
12:39:13.0224 0x1854  AFD - ok
12:39:13.0291 0x1854  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\windows\system32\drivers\agp440.sys
12:39:13.0294 0x1854  agp440 - ok
12:39:13.0415 0x1854  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\windows\System32\alg.exe
12:39:13.0419 0x1854  ALG - ok
12:39:13.0502 0x1854  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\windows\system32\drivers\aliide.sys
12:39:13.0505 0x1854  aliide - ok
12:39:13.0615 0x1854  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\windows\system32\drivers\amdide.sys
12:39:13.0618 0x1854  amdide - ok
12:39:13.0704 0x1854  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\windows\system32\drivers\amdk8.sys
12:39:13.0708 0x1854  AmdK8 - ok
12:39:13.0749 0x1854  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\windows\system32\drivers\amdppm.sys
12:39:13.0752 0x1854  AmdPPM - ok
12:39:13.0808 0x1854  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\windows\system32\drivers\amdsata.sys
12:39:13.0812 0x1854  amdsata - ok
12:39:13.0850 0x1854  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
12:39:13.0857 0x1854  amdsbs - ok
12:39:13.0923 0x1854  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\windows\system32\drivers\amdxata.sys
12:39:14.0028 0x1854  amdxata - ok
12:39:14.0459 0x1854  [ 85180CF88C5EBAD73B452A43A004CA51, 24D25495DC21293FC1F37EE7E7C2A4725E66D3D25BE05D7EDF4BB4F444C65526 ] AOL ACS         C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe
12:39:14.0464 0x1854  AOL ACS - ok
12:39:14.0580 0x1854  [ C65A3C67630A67A97AD26C21173BA61E, 9C66AF6FC15FEA0B0352540C037AD87B4113CE401C10B6A35DE98901E74152DC ] Apowersoft_AudioDevice C:\windows\system32\drivers\Apowersoft_AudioDevice.sys
12:39:14.0584 0x1854  Apowersoft_AudioDevice - ok
12:39:14.0710 0x1854  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\windows\system32\drivers\appid.sys
12:39:14.0720 0x1854  AppID - ok
12:39:15.0324 0x1854  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\windows\System32\appidsvc.dll
12:39:15.0395 0x1854  AppIDSvc - ok
12:39:15.0489 0x1854  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\windows\System32\appinfo.dll
12:39:15.0495 0x1854  Appinfo - ok
12:39:15.0708 0x1854  [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:39:15.0713 0x1854  Apple Mobile Device - ok
12:39:15.0796 0x1854  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\windows\system32\drivers\arc.sys
12:39:15.0803 0x1854  arc - ok
12:39:15.0842 0x1854  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\windows\system32\drivers\arcsas.sys
12:39:15.0846 0x1854  arcsas - ok
12:39:16.0128 0x1854  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:39:16.0131 0x1854  aspnet_state - ok
12:39:19.0561 0x1854  [ FB0E3B5C272BD3C3CD724F7F5D2246D7, E6E7181540114BA88A02C50FFFB58BE6DB2225E72655E4E81B6737908B4B6E1A ] aswbIDSAgent    C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
12:39:19.0940 0x1854  aswbIDSAgent - ok
12:39:20.0108 0x1854  [ 3EFCCA98FA2D26A6C923B637006AA182, 36DECA4E7D802318FD479440E623344D1E6A331A2C2DCF2FFA906403050607ED ] aswbidsdriver   C:\windows\system32\drivers\aswbidsdrivera.sys
12:39:20.0120 0x1854  aswbidsdriver - ok
12:39:20.0171 0x1854  [ 25CE9D7CAFCCE355859DF61F6FC09329, 5E3364AB1717473C6E149988EFBBF68C535DBCCB022C2C336D432DB07E65C02F ] aswbidsh        C:\windows\system32\drivers\aswbidsha.sys
12:39:20.0178 0x1854  aswbidsh - ok
12:39:20.0208 0x1854  [ FAA26A88467702888BD20DAD973CA4CC, 0F11E3AD7E6DC773BE41BB5ED632C91AE395594B6F24DA0F71FB1A0EE46C8D40 ] aswblog         C:\windows\system32\drivers\aswbloga.sys
12:39:20.0218 0x1854  aswblog - ok
12:39:20.0239 0x1854  [ CE8C5A3420DF5AF5B5E54FA06EAA3638, 664C61C3297A4ED450F3FA48A57E1A959B473FB1BF3CA42C3AB26A10AFFB502E ] aswbuniv        C:\windows\system32\drivers\aswbuniva.sys
12:39:20.0241 0x1854  aswbuniv - ok
12:39:20.0293 0x1854  [ A332C57F39A94F888A5BAA991ABBB395, 78D55F9ABBC8EB565BA2E8DB881F0F4241FECA06DB46D5F453780252ECF7DE1F ] aswHwid         C:\windows\system32\drivers\aswHwid.sys
12:39:20.0295 0x1854  aswHwid - ok
12:39:20.0318 0x1854  [ EDC5044E2C065D65D37C1FCEA2B488EB, 075A07BC2149D5B0FBF5F5F352B3CAFAD95880E91DC9B9D78F16BA0E0EDBAED9 ] aswMonFlt       C:\windows\system32\drivers\aswMonFlt.sys
12:39:20.0322 0x1854  aswMonFlt - ok
12:39:20.0341 0x1854  [ 92576512177C98D1F48F11322DA717B9, B2724080A9DBC11A3E1363C2EB2E935A324A82D17AFA3631CFE410071E474A10 ] aswRdr          C:\windows\system32\drivers\aswRdr2.sys
12:39:20.0345 0x1854  aswRdr - ok
12:39:20.0390 0x1854  [ 663ABA1DDF8182D1416F5BF066EAED35, 8D9C2DBD803711D9DD01F2E8CE4CB3F8B676A8B373DEDC5310F289D6CC0282DD ] aswRvrt         C:\windows\system32\drivers\aswRvrt.sys
12:39:20.0393 0x1854  aswRvrt - ok
12:39:20.0473 0x1854  [ 7851937E78E1B6361A8EDA4A6AAEBFE8, 07BFA43DCE570BBA03CB8C2DDC3A5F145EB2EBCB591EDD94D143995A82E306A4 ] aswSnx          C:\windows\system32\drivers\aswSnx.sys
12:39:20.0500 0x1854  aswSnx - ok
12:39:20.0576 0x1854  [ FB13D6EB42896ADDA1A8395E1298AC25, C16C51E75D2FFEB37E91289B92FA9B48A1BAD1FFCBCA18790C55B101BE375C2B ] aswSP           C:\windows\system32\drivers\aswSP.sys
12:39:20.0598 0x1854  aswSP - ok
12:39:20.0623 0x1854  [ 774696CAAAAD5F63E80472370295DC83, AC6D4A50E5A64D986995B568CE65FFA2802983DE063071818ECE34C72050770E ] aswStm          C:\windows\system32\drivers\aswStm.sys
12:39:20.0629 0x1854  aswStm - ok
12:39:20.0655 0x1854  [ 318CD52B4066304CD5D82B46504CA62F, A613743E2FE9EE1F3D64A3F3CFCB8F8E2E4E2F3F43422DDB604EC6002F35ECB2 ] aswVmm          C:\windows\system32\drivers\aswVmm.sys
12:39:20.0665 0x1854  aswVmm - ok
12:39:20.0718 0x1854  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
12:39:20.0720 0x1854  AsyncMac - ok
12:39:20.0954 0x1854  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\windows\system32\drivers\atapi.sys
12:39:20.0958 0x1854  atapi - ok
12:39:21.0144 0x1854  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
12:39:21.0167 0x1854  AudioEndpointBuilder - ok
12:39:21.0194 0x1854  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\windows\System32\Audiosrv.dll
12:39:21.0210 0x1854  AudioSrv - ok
12:39:21.0473 0x1854  [ 3B9C76D72F6889E0EB1D1AAAD1731759, 394DEDA0C6448578E8714CD23E36847785C3991D572D97779D5DC60780BF0A03 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
12:39:21.0586 0x1854  avast! Antivirus - ok
12:39:21.0751 0x1854  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\windows\System32\AxInstSV.dll
12:39:21.0762 0x1854  AxInstSV - ok
12:39:21.0849 0x1854  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys
12:39:21.0870 0x1854  b06bdrv - ok
12:39:21.0974 0x1854  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\windows\system32\DRIVERS\b57nd60a.sys
12:39:21.0988 0x1854  b57nd60a - ok
12:39:22.0068 0x1854  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\windows\System32\bdesvc.dll
12:39:22.0072 0x1854  BDESVC - ok
12:39:22.0157 0x1854  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\windows\system32\drivers\Beep.sys
12:39:22.0158 0x1854  Beep - ok
12:39:22.0401 0x1854  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\windows\System32\bfe.dll
12:39:22.0423 0x1854  BFE - ok
12:39:22.0579 0x1854  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\windows\System32\qmgr.dll
12:39:22.0686 0x1854  BITS - ok
12:39:22.0896 0x1854  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys
12:39:22.0900 0x1854  blbdrive - ok
12:39:23.0131 0x1854  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:39:23.0151 0x1854  Bonjour Service - ok
12:39:23.0219 0x1854  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
12:39:23.0227 0x1854  bowser - ok
12:39:23.0257 0x1854  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\windows\system32\drivers\BrFiltLo.sys
12:39:23.0259 0x1854  BrFiltLo - ok
12:39:23.0313 0x1854  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\windows\system32\drivers\BrFiltUp.sys
12:39:23.0315 0x1854  BrFiltUp - ok
12:39:23.0428 0x1854  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\windows\System32\browser.dll
12:39:23.0433 0x1854  Browser - ok
12:39:23.0517 0x1854  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\windows\System32\Drivers\Brserid.sys
12:39:23.0531 0x1854  Brserid - ok
12:39:23.0604 0x1854  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
12:39:23.0610 0x1854  BrSerWdm - ok
12:39:23.0671 0x1854  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
12:39:23.0674 0x1854  BrUsbMdm - ok
12:39:23.0708 0x1854  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
12:39:23.0804 0x1854  BrUsbSer - ok
12:39:23.0998 0x1854  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\windows\system32\DRIVERS\BthEnum.sys
12:39:24.0003 0x1854  BthEnum - ok
12:39:24.0116 0x1854  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\windows\system32\drivers\bthmodem.sys
12:39:24.0122 0x1854  BTHMODEM - ok
12:39:24.0209 0x1854  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\windows\system32\DRIVERS\bthpan.sys
12:39:24.0213 0x1854  BthPan - ok
12:39:24.0290 0x1854  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\windows\system32\Drivers\BTHport.sys
12:39:24.0307 0x1854  BTHPORT - ok
12:39:24.0385 0x1854  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\windows\system32\bthserv.dll
12:39:24.0390 0x1854  bthserv - ok
12:39:24.0422 0x1854  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\windows\system32\Drivers\BTHUSB.sys
12:39:24.0425 0x1854  BTHUSB - ok
12:39:24.0547 0x1854  [ 6FF259D19E446CE736D2D9C1DA74C14E, 0E161A40B4D1CDBA9BD2B43FAB7E62822AE8F585FB1475478D18F83FC6CCC62C ] BtSwitcherService C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe
12:39:24.0550 0x1854  BtSwitcherService - ok
12:39:24.0698 0x1854  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
12:39:24.0703 0x1854  cdfs - ok
12:39:24.0984 0x1854  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\windows\system32\DRIVERS\cdrom.sys
12:39:24.0996 0x1854  cdrom - ok
12:39:25.0143 0x1854  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\windows\System32\certprop.dll
12:39:25.0151 0x1854  CertPropSvc - ok
12:39:25.0200 0x1854  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\windows\system32\drivers\circlass.sys
12:39:25.0202 0x1854  circlass - ok
12:39:25.0349 0x1854  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\windows\system32\CLFS.sys
12:39:25.0365 0x1854  CLFS - ok
12:39:25.0540 0x1854  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:39:25.0547 0x1854  clr_optimization_v2.0.50727_32 - ok
12:39:25.0730 0x1854  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:39:25.0738 0x1854  clr_optimization_v2.0.50727_64 - ok
12:39:25.0935 0x1854  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:39:25.0945 0x1854  clr_optimization_v4.0.30319_32 - ok
12:39:26.0003 0x1854  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:39:26.0014 0x1854  clr_optimization_v4.0.30319_64 - ok
12:39:26.0086 0x1854  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\windows\system32\DRIVERS\CmBatt.sys
12:39:26.0088 0x1854  CmBatt - ok
12:39:26.0144 0x1854  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\windows\system32\drivers\cmdide.sys
12:39:26.0147 0x1854  cmdide - ok
12:39:26.0308 0x1854  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\windows\system32\Drivers\cng.sys
12:39:26.0330 0x1854  CNG - ok
12:39:26.0555 0x1854  [ 20506F12AFAD3DB588D007EA9325FBBC, 275ECBD0F668782ACE055AD5CA600A6885CFCDD4943BC52A2EA8339AF71EABAE ] CnxtHdAudService C:\windows\system32\drivers\CHDRT64.sys
12:39:26.0634 0x1854  CnxtHdAudService - ok
12:39:26.0890 0x1854  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\windows\system32\drivers\compbatt.sys
12:39:26.0978 0x1854  Compbatt - ok
12:39:27.0167 0x1854  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\windows\system32\DRIVERS\CompositeBus.sys
12:39:27.0211 0x1854  CompositeBus - ok
12:39:27.0253 0x1854  COMSysApp - ok
12:39:27.0333 0x1854  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\windows\system32\drivers\crcdisk.sys
12:39:27.0337 0x1854  crcdisk - ok
12:39:27.0455 0x1854  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\windows\system32\cryptsvc.dll
12:39:27.0464 0x1854  CryptSvc - ok
12:39:27.0742 0x1854  [ F36B14E5DD31BC45028556768615BDCA, 73894103BD1D4C50581F15BBF3CF8B4699185FFF88325B3A0B74EE3D37E427C1 ] CSRBtAudioService C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe
12:39:27.0756 0x1854  CSRBtAudioService - ok
12:39:27.0896 0x1854  [ 21249D1C893CDA49C296727242109AD2, 31CBF9FCD3ED3A3FA1A17F5C2C9E39DE76A3856755B0C217BEF8629E43B04D6A ] CsrBtOBEXService C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
12:39:27.0924 0x1854  CsrBtOBEXService - ok
12:39:28.0620 0x1854  [ 6AA077D6CC426476E349DF8BFAB2DD0A, 5D24CE14881DD6D1C5003FDE45036DB8894546D26BAEA29D50A6F73B3BE78050 ] CsrBtPort       C:\windows\system32\DRIVERS\CsrBtPort.sys
12:39:29.0047 0x1854  CsrBtPort - ok
12:39:30.0276 0x1854  [ 56CD42AC0A286A29804D5E938B76BC75, 4B144E9C649786594169FB6B800B05E96810A9F31156A7046F53F4FEEF8E1125 ] CsrBtService    C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe
12:39:30.0508 0x1854  CsrBtService - ok
12:39:31.0120 0x1854  [ B869927FB411004CCD98B7DF30A8AEDC, 4E72AE1EDFA55A8577B56ADAEF196910A915F619E121BCC98155439984FA2AE3 ] csrpan          C:\windows\system32\DRIVERS\csrpan.sys
12:39:31.0323 0x1854  csrpan - ok
12:39:31.0871 0x1854  [ 7DB081CD5AFF021666444D7CEFFBDB1B, F32E7D217B0BB6091D808BE413D548A2C66584BA3625F189C81090DC0CC1F0F9 ] csrserial       C:\windows\system32\DRIVERS\csrserial.sys
12:39:31.0970 0x1854  csrserial - ok
12:39:32.0320 0x1854  [ 19A0B8F1CE67E5E0E0CDF315F9DA29D6, 3A2E289F8E227D60F6211C5B62170F2F446DBD86ED7BE014B543F24D394600AF ] csrusb          C:\windows\system32\Drivers\csrusb.sys
12:39:32.0423 0x1854  csrusb - ok
12:39:32.0970 0x1854  [ D2EF74C29A95E8814BC0BCFF3F21D4D1, 1D70B391B0C3FE50C96932580302353BB290D589F7834407C4DA7FCFAF3B4B06 ] csrusbfilter    C:\windows\system32\Drivers\csrusbfilter.sys
12:39:33.0053 0x1854  csrusbfilter - ok
12:39:33.0348 0x1854  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\windows\system32\rpcss.dll
12:39:33.0436 0x1854  DcomLaunch - ok
12:39:33.0614 0x1854  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\windows\System32\defragsvc.dll
12:39:33.0624 0x1854  defragsvc - ok
12:39:33.0753 0x1854  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\windows\system32\Drivers\dfsc.sys
12:39:33.0757 0x1854  DfsC - ok
12:39:34.0019 0x1854  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\windows\system32\dhcpcore.dll
12:39:34.0029 0x1854  Dhcp - ok
12:39:34.0148 0x1854  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\windows\system32\drivers\discache.sys
12:39:34.0154 0x1854  discache - ok
12:39:34.0302 0x1854  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\windows\system32\drivers\disk.sys
12:39:34.0307 0x1854  Disk - ok
12:39:34.0373 0x1854  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\windows\System32\dnsrslvr.dll
12:39:34.0384 0x1854  Dnscache - ok
12:39:34.0455 0x1854  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\windows\System32\dot3svc.dll
12:39:34.0472 0x1854  dot3svc - ok
12:39:34.0610 0x1854  [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4            C:\windows\system32\DRIVERS\Dot4.sys
12:39:34.0616 0x1854  Dot4 - ok
12:39:34.0695 0x1854  [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print       C:\windows\system32\DRIVERS\Dot4Prt.sys
12:39:34.0697 0x1854  Dot4Print - ok
12:39:34.0734 0x1854  [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb         C:\windows\system32\DRIVERS\dot4usb.sys
12:39:34.0859 0x1854  dot4usb - ok
12:39:34.0981 0x1854  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\windows\system32\dps.dll
12:39:34.0987 0x1854  DPS - ok
12:39:35.0251 0x1854  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
12:39:35.0254 0x1854  drmkaud - ok
12:39:35.0426 0x1854  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
12:39:35.0452 0x1854  DXGKrnl - ok
12:39:35.0547 0x1854  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\windows\System32\eapsvc.dll
12:39:35.0559 0x1854  EapHost - ok
12:39:35.0982 0x1854  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\windows\system32\drivers\evbda.sys
12:39:36.0135 0x1854  ebdrv - ok
12:39:36.0192 0x1854  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\windows\System32\lsass.exe
12:39:36.0196 0x1854  EFS - ok
12:39:36.0395 0x1854  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\windows\ehome\ehRecvr.exe
12:39:36.0423 0x1854  ehRecvr - ok
12:39:36.0492 0x1854  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\windows\ehome\ehsched.exe
12:39:36.0503 0x1854  ehSched - ok
12:39:36.0592 0x1854  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\windows\system32\drivers\elxstor.sys
12:39:36.0612 0x1854  elxstor - ok
12:39:36.0937 0x1854  [ 4FD20D3497691CACEC51B18BEBDB7BD9, 75BF08A8F09F38C770C3597C1EBDD2712669D1BDD0A0B9E630798A271E0074C2 ] EpsonCustomerParticipation C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
12:39:37.0094 0x1854  EpsonCustomerParticipation - ok
12:39:37.0343 0x1854  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\windows\system32\drivers\errdev.sys
12:39:37.0450 0x1854  ErrDev - ok
12:39:37.0548 0x1854  [ 5C9CA030C451CB3553DB9094C68EE6E9, 0C2E6C874F4B19CA4A603B7767077378ABBDA325D9D73DB971D5DDF52C827745 ] ESProtectionDriver C:\windows\system32\drivers\mbae64.sys
12:39:37.0556 0x1854  ESProtectionDriver - ok
12:39:37.0647 0x1854  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\windows\system32\es.dll
12:39:37.0669 0x1854  EventSystem - ok
12:39:37.0820 0x1854  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\windows\system32\drivers\exfat.sys
12:39:37.0827 0x1854  exfat - ok
12:39:37.0866 0x1854  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\windows\system32\drivers\fastfat.sys
12:39:37.0873 0x1854  fastfat - ok
12:39:38.0041 0x1854  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\windows\system32\fxssvc.exe
12:39:38.0067 0x1854  Fax - ok
12:39:38.0111 0x1854  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\windows\system32\drivers\fdc.sys
12:39:38.0113 0x1854  fdc - ok
12:39:38.0211 0x1854  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\windows\system32\fdPHost.dll
12:39:38.0217 0x1854  fdPHost - ok
12:39:38.0270 0x1854  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\windows\system32\fdrespub.dll
12:39:38.0278 0x1854  FDResPub - ok
12:39:38.0745 0x1854  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
12:39:39.0009 0x1854  FileInfo - ok
12:39:39.0057 0x1854  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
12:39:39.0060 0x1854  Filetrace - ok
12:39:39.0377 0x1854  [ F76D04F7413B07DAA029F6520B64B4E8, 3EB13C0EFE737880853FB8952381E7A57723F9472E0E4ED7CDA8A0D7DE8DC90D ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:39:39.0399 0x1854  FLEXnet Licensing Service - ok
12:39:39.0433 0x1854  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\windows\system32\drivers\flpydisk.sys
12:39:39.0435 0x1854  flpydisk - ok
12:39:39.0627 0x1854  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
12:39:39.0645 0x1854  FltMgr - ok
12:39:39.0840 0x1854  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\windows\system32\FntCache.dll
12:39:39.0873 0x1854  FontCache - ok
12:39:39.0996 0x1854  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:39:40.0001 0x1854  FontCache3.0.0.0 - ok
12:39:40.0080 0x1854  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
12:39:40.0085 0x1854  FsDepends - ok
12:39:40.0321 0x1854  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
12:39:40.0324 0x1854  Fs_Rec - ok
12:39:40.0398 0x1854  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
12:39:40.0411 0x1854  fvevol - ok
12:39:40.0539 0x1854  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys
12:39:40.0546 0x1854  gagp30kx - ok
12:39:40.0643 0x1854  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\windows\system32\DRIVERS\GEARAspiWDM.sys
12:39:40.0645 0x1854  GEARAspiWDM - ok
12:39:41.0037 0x1854  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\windows\System32\gpsvc.dll
12:39:41.0126 0x1854  gpsvc - ok
12:39:41.0978 0x1854  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:39:42.0098 0x1854  gupdate - ok
12:39:42.0140 0x1854  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:39:42.0148 0x1854  gupdatem - ok
12:39:43.0293 0x1854  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
12:39:43.0429 0x1854  gusvc - ok
12:39:43.0661 0x1854  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
12:39:43.0783 0x1854  hcw85cir - ok
12:39:44.0320 0x1854  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
12:39:44.0345 0x1854  HdAudAddService - ok
12:39:44.0377 0x1854  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\windows\system32\DRIVERS\HDAudBus.sys
12:39:44.0448 0x1854  HDAudBus - ok
12:39:44.0476 0x1854  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\windows\system32\drivers\HidBatt.sys
12:39:44.0570 0x1854  HidBatt - ok
12:39:44.0604 0x1854  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\windows\system32\drivers\hidbth.sys
12:39:44.0609 0x1854  HidBth - ok
12:39:44.0629 0x1854  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\windows\system32\drivers\hidir.sys
12:39:44.0632 0x1854  HidIr - ok
12:39:44.0722 0x1854  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\windows\system32\hidserv.dll
12:39:44.0874 0x1854  hidserv - ok
12:39:44.0976 0x1854  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\windows\system32\drivers\hidusb.sys
12:39:44.0981 0x1854  HidUsb - ok
12:39:45.0136 0x1854  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\windows\system32\kmsvc.dll
12:39:45.0152 0x1854  hkmsvc - ok
12:39:45.0264 0x1854  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
12:39:45.0277 0x1854  HomeGroupListener - ok
12:39:45.0382 0x1854  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
12:39:45.0393 0x1854  HomeGroupProvider - ok
12:39:45.0753 0x1854  [ 5DA42D24712E00728CEA2342A65009B2, 73EC5250DCFD556525B24B3CA66C64AC7747E77652A2AD6119936A59A9E8562A ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
12:39:45.0771 0x1854  hpqcxs08 - ok
12:39:45.0894 0x1854  [ D86A39BF100069444D026D22D9A6E555, 7B24D48D5BA67704C88697FADB64364E0E64D26259408E3C219820C5404C5EEC ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
12:39:45.0899 0x1854  hpqddsvc - ok
12:39:45.0995 0x1854  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
12:39:45.0999 0x1854  HpSAMD - ok
12:39:46.0116 0x1854  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\windows\system32\drivers\HTTP.sys
12:39:46.0140 0x1854  HTTP - ok
12:39:46.0333 0x1854  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
12:39:46.0336 0x1854  hwpolicy - ok
12:39:46.0464 0x1854  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\windows\system32\DRIVERS\i8042prt.sys
12:39:46.0470 0x1854  i8042prt - ok
12:39:46.0592 0x1854  [ 2FDAEC4B02729C48C0FD1B0B4695995B, 87331D91FA3A23257B9913067B7B16D08710408070795B638058DBF728BBB288 ] iaStor          C:\windows\system32\DRIVERS\iaStor.sys
12:39:46.0609 0x1854  iaStor - ok
12:39:46.0734 0x1854  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
12:39:46.0894 0x1854  iaStorV - ok
12:39:47.0760 0x1854  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
12:39:48.0064 0x1854  IDriverT - ok
12:39:48.0455 0x1854  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:39:48.0543 0x1854  idsvc - ok
12:39:48.0667 0x1854  IEEtwCollectorService - ok
12:39:49.0313 0x1854  [ 0D1B8C64BDF0E5CDC523A1409FFB5EF0, 92F264325C3B1F70E0ACDBC886F7DC4C32371759EA94CE359B0FABD89573DCA4 ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
12:39:49.0778 0x1854  igfx - ok
12:39:50.0062 0x1854  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\windows\system32\drivers\iirsp.sys
12:39:50.0066 0x1854  iirsp - ok
12:39:50.0211 0x1854  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\windows\System32\ikeext.dll
12:39:50.0235 0x1854  IKEEXT - ok
12:39:50.0391 0x1854  [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud        C:\windows\system32\DRIVERS\IntcDAud.sys
12:39:50.0411 0x1854  IntcDAud - ok
12:39:50.0435 0x1854  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\windows\system32\drivers\intelide.sys
12:39:50.0437 0x1854  intelide - ok
12:39:50.0479 0x1854  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys
12:39:50.0485 0x1854  intelppm - ok
12:39:50.0620 0x1854  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\windows\system32\ipbusenum.dll
12:39:50.0635 0x1854  IPBusEnum - ok
12:39:50.0859 0x1854  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
12:39:50.0870 0x1854  IpFilterDriver - ok
12:39:50.0974 0x1854  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
12:39:50.0991 0x1854  iphlpsvc - ok
12:39:51.0022 0x1854  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys
12:39:51.0025 0x1854  IPMIDRV - ok
12:39:51.0106 0x1854  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\windows\system32\drivers\ipnat.sys
12:39:51.0110 0x1854  IPNAT - ok
12:39:51.0239 0x1854  [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
12:39:51.0261 0x1854  iPod Service - ok
12:39:51.0336 0x1854  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\windows\system32\drivers\irenum.sys
12:39:51.0340 0x1854  IRENUM - ok
12:39:51.0367 0x1854  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\windows\system32\drivers\isapnp.sys
12:39:51.0373 0x1854  isapnp - ok
12:39:51.0410 0x1854  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
12:39:51.0418 0x1854  iScsiPrt - ok
12:39:51.0506 0x1854  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\windows\system32\DRIVERS\kbdclass.sys
12:39:51.0510 0x1854  kbdclass - ok
12:39:51.0588 0x1854  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\windows\system32\drivers\kbdhid.sys
12:39:51.0591 0x1854  kbdhid - ok
12:39:51.0617 0x1854  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\windows\system32\lsass.exe
12:39:51.0623 0x1854  KeyIso - ok
12:39:51.0682 0x1854  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
12:39:51.0689 0x1854  KSecDD - ok
12:39:51.0719 0x1854  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
12:39:51.0724 0x1854  KSecPkg - ok
12:39:51.0808 0x1854  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
12:39:51.0810 0x1854  ksthunk - ok
12:39:51.0910 0x1854  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\windows\system32\msdtckrm.dll
12:39:51.0923 0x1854  KtmRm - ok
12:39:51.0972 0x1854  [ EBED8B3FF4A823C1A6EEBEED7B29353F, 0942200EEDEDA1FF4E634CDC5182D8EDC9BC9F66E89A5DAB8DF82C3FBB2F0D59 ] L1C             C:\windows\system32\DRIVERS\L1C62x64.sys
12:39:51.0975 0x1854  L1C - ok
12:39:52.0063 0x1854  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\windows\system32\srvsvc.dll
12:39:52.0081 0x1854  LanmanServer - ok
12:39:52.0199 0x1854  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
12:39:52.0210 0x1854  LanmanWorkstation - ok
12:39:52.0418 0x1854  [ 05F46B68394B1E5B3D2936B213ADAD28, 0D086A8AD380FB60117FAFE26E1A5D0C8E6D1901EF54C5FF4907CCFE1477E9F4 ] Leawo_service   C:\Program Files (x86)\Common Files\Appkeys\yytool64.exe
12:39:52.0447 0x1854  Leawo_service - ok
12:39:52.0649 0x1854  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
12:39:52.0652 0x1854  lltdio - ok
12:39:52.0724 0x1854  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\windows\System32\lltdsvc.dll
12:39:52.0850 0x1854  lltdsvc - ok
12:39:52.0869 0x1854  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\windows\System32\lmhsvc.dll
12:39:52.0873 0x1854  lmhosts - ok
12:39:53.0070 0x1854  [ 2ED1786B7542CDA261029F6B526EDF44, C6131B65B045EF5B4F62CF6CF089DF0921BA6A8EFC83BCBA45D5DDE78E9D78E2 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
12:39:53.0091 0x1854  LMS - ok
12:39:53.0590 0x1854  [ 458ED3DAE4A8FF4AD350EAE1464CF65F, D8EFD7D505823EA48EFA68221C7F890A73785348FFF7AAEECB058B482B93FECC ] looxcie-libusb  C:\windows\syswow64\drivers\looxcie-libusb0.sys
12:39:53.0595 0x1854  looxcie-libusb - ok
12:39:53.0943 0x1854  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\windows\system32\drivers\lsi_fc.sys
12:39:53.0948 0x1854  LSI_FC - ok
12:39:53.0994 0x1854  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys
12:39:53.0998 0x1854  LSI_SAS - ok
12:39:54.0033 0x1854  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys
12:39:54.0036 0x1854  LSI_SAS2 - ok
12:39:54.0071 0x1854  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\windows\system32\drivers\lsi_scsi.sys
12:39:54.0075 0x1854  LSI_SCSI - ok
12:39:54.0096 0x1854  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\windows\system32\drivers\luafv.sys
12:39:54.0100 0x1854  luafv - ok
12:39:54.0227 0x1854  [ AC8186571F4A598786CE38BE8E4692FB, 4BDA8D696B65A6F70FCAA7F3F9A2062DDFD172C1A6526EAE7E959A4A784A9DD9 ] LytroService    C:\Program Files\Lytro\lytroservice.exe
12:39:54.0237 0x1854  LytroService - ok
12:39:54.0304 0x1854  [ 0C847B9BD2D1F1E97037F8C3DA6D5A1B, B2405BBAFBE78DF554B963C53DE843419AE873B82A1B0C2FA8D1779D1CC142BE ] MBAMChameleon   C:\windows\system32\drivers\MBAMChameleon.sys
12:39:54.0313 0x1854  MBAMChameleon - ok
12:39:54.0379 0x1854  [ 19956478146DC7884812C24B74D7132E, D6795397398C942530B8618F15B7BE6FDB84BAD61DE1B61A9AB85EBCB29EAEF3 ] MBAMFarflt      C:\windows\system32\drivers\farflt.sys
12:39:54.0385 0x1854  MBAMFarflt - ok
12:39:54.0503 0x1854  [ 149E252142950594695178971748D056, 6F3EBAD6CB87A21B457AA09CA56EF01B48D4478CB94BD09834E72BE9A41265A4 ] MBAMProtection  C:\windows\system32\drivers\mbam.sys
12:39:54.0509 0x1854  MBAMProtection - ok
12:39:55.0459 0x1854  [ D76E56108E6482905D3FAEA0649919E4, E10285889570A01E544B027F4A17BA7242E5E3EF93D20A19B05091DB237C6DD1 ] MBAMService     C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
12:39:55.0553 0x1854  MBAMService - ok
12:39:56.0118 0x1854  [ C3549BE8C1FE4ECBEE21DAD3378F6CD0, E4FB6856C1A8B9185322EFC4AF31A3748365ED2E3E4FB6DF57B35569D8D42AAD ] MBAMSwissArmy   C:\windows\system32\drivers\MBAMSwissArmy.sys
12:39:56.0229 0x1854  MBAMSwissArmy - ok
12:39:56.0439 0x1854  [ 6460084E1086CA8523C00C95F280F43B, DE0EF7079C65236D540AA18269005833B0A6E00C57AEDF3EE022C9DC8FB8882E ] MBAMWebProtection C:\windows\system32\drivers\mwac.sys
12:39:56.0528 0x1854  MBAMWebProtection - ok
12:39:57.0014 0x1854  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll
12:39:57.0108 0x1854  Mcx2Svc - ok
12:39:57.0255 0x1854  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\windows\system32\drivers\megasas.sys
12:39:57.0338 0x1854  megasas - ok
12:39:57.0660 0x1854  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\windows\system32\drivers\MegaSR.sys
12:39:57.0686 0x1854  MegaSR - ok
12:39:57.0931 0x1854  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\windows\system32\DRIVERS\HECIx64.sys
12:39:58.0012 0x1854  MEIx64 - ok
12:39:58.0175 0x1854  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\windows\system32\mmcss.dll
12:39:58.0183 0x1854  MMCSS - ok
12:39:58.0297 0x1854  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\windows\system32\drivers\modem.sys
12:39:58.0302 0x1854  Modem - ok
12:39:58.0353 0x1854  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\windows\system32\DRIVERS\monitor.sys
12:39:58.0356 0x1854  monitor - ok
12:39:58.0396 0x1854  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
12:39:58.0401 0x1854  mouclass - ok
12:39:58.0496 0x1854  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
12:39:58.0588 0x1854  mouhid - ok
12:39:58.0614 0x1854  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
12:39:58.0618 0x1854  mountmgr - ok
12:39:58.0923 0x1854  [ C34AB4280614658903BE848CE79ACDB5, 9A943D9B3CF941DAE4EA4E2771B5EC5DA37AB16AD43095EF092B4259D62FF810 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:39:58.0935 0x1854  MozillaMaintenance - ok
12:39:59.0051 0x1854  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\windows\system32\drivers\mpio.sys
12:39:59.0058 0x1854  mpio - ok
12:39:59.0099 0x1854  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
12:39:59.0103 0x1854  mpsdrv - ok
12:39:59.0224 0x1854  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\windows\system32\mpssvc.dll
12:39:59.0252 0x1854  MpsSvc - ok
12:39:59.0297 0x1854  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
12:39:59.0302 0x1854  MRxDAV - ok
12:39:59.0324 0x1854  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
12:39:59.0329 0x1854  mrxsmb - ok
12:39:59.0388 0x1854  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
12:39:59.0396 0x1854  mrxsmb10 - ok
12:39:59.0422 0x1854  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
12:39:59.0427 0x1854  mrxsmb20 - ok
12:39:59.0475 0x1854  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\windows\system32\drivers\msahci.sys
12:39:59.0477 0x1854  msahci - ok
12:39:59.0534 0x1854  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\windows\system32\drivers\msdsm.sys
12:39:59.0539 0x1854  msdsm - ok
12:39:59.0664 0x1854  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\windows\System32\msdtc.exe
12:39:59.0674 0x1854  MSDTC - ok
12:39:59.0784 0x1854  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\windows\system32\drivers\Msfs.sys
12:39:59.0786 0x1854  Msfs - ok
12:39:59.0854 0x1854  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
12:39:59.0858 0x1854  mshidkmdf - ok
12:39:59.0892 0x1854  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
12:39:59.0894 0x1854  msisadrv - ok
12:39:59.0987 0x1854  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
12:39:59.0996 0x1854  MSiSCSI - ok
12:40:00.0003 0x1854  msiserver - ok
12:40:00.0105 0x1854  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
12:40:00.0108 0x1854  MSKSSRV - ok
12:40:00.0131 0x1854  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
12:40:00.0134 0x1854  MSPCLOCK - ok
12:40:00.0183 0x1854  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
12:40:00.0185 0x1854  MSPQM - ok
12:40:00.0250 0x1854  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
12:40:00.0264 0x1854  MsRPC - ok
12:40:00.0282 0x1854  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\windows\system32\DRIVERS\mssmbios.sys
12:40:00.0283 0x1854  mssmbios - ok
12:40:00.0352 0x1854  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
12:40:00.0353 0x1854  MSTEE - ok
12:40:00.0382 0x1854  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\windows\system32\drivers\MTConfig.sys
12:40:00.0384 0x1854  MTConfig - ok
12:40:00.0414 0x1854  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\windows\system32\Drivers\mup.sys
12:40:00.0417 0x1854  Mup - ok
12:40:00.0504 0x1854  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\windows\system32\qagentRT.dll
12:40:00.0535 0x1854  napagent - ok
12:40:00.0688 0x1854  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
12:40:00.0714 0x1854  NativeWifiP - ok
12:40:01.0279 0x1854  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\windows\system32\drivers\ndis.sys
12:40:01.0320 0x1854  NDIS - ok
12:40:01.0367 0x1854  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
12:40:01.0370 0x1854  NdisCap - ok
12:40:01.0415 0x1854  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
12:40:01.0417 0x1854  NdisTapi - ok
12:40:01.0538 0x1854  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
12:40:01.0540 0x1854  Ndisuio - ok
12:40:01.0570 0x1854  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
12:40:01.0575 0x1854  NdisWan - ok
12:40:01.0592 0x1854  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
12:40:01.0595 0x1854  NDProxy - ok
12:40:01.0731 0x1854  [ D5AC41AE382738483FAFFBD7E373D49A, 68793D15566F387650E9C5010E1CA73BDE3EB4BA431EA0A1673004CAE08413B0 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
12:40:01.0737 0x1854  Net Driver HPZ12 - ok
12:40:01.0792 0x1854  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
12:40:01.0795 0x1854  NetBIOS - ok
12:40:01.0857 0x1854  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
12:40:01.0866 0x1854  NetBT - ok
12:40:01.0907 0x1854  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\windows\system32\lsass.exe
12:40:01.0910 0x1854  Netlogon - ok
12:40:02.0023 0x1854  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\windows\System32\netman.dll
12:40:02.0040 0x1854  Netman - ok
12:40:03.0000 0x1854  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:40:03.0012 0x1854  NetMsmqActivator - ok
12:40:03.0078 0x1854  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:40:03.0082 0x1854  NetPipeActivator - ok
12:40:03.0133 0x1854  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\windows\System32\netprofm.dll
12:40:03.0151 0x1854  netprofm - ok
12:40:03.0244 0x1854  [ F3A1D8B7317939813568992D1BFDDE37, 816829E4B8DF5C6A2B09685ED45E844D8DE2C2721C90490A2957227025D057A0 ] netr7364        C:\windows\system32\DRIVERS\netr7364.sys
12:40:03.0264 0x1854  netr7364 - ok
12:40:03.0339 0x1854  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:40:03.0343 0x1854  NetTcpActivator - ok
12:40:03.0350 0x1854  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:40:03.0354 0x1854  NetTcpPortSharing - ok
12:40:03.0425 0x1854  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\windows\system32\drivers\nfrd960.sys
12:40:03.0427 0x1854  nfrd960 - ok
12:40:03.0518 0x1854  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\windows\System32\nlasvc.dll
12:40:03.0530 0x1854  NlaSvc - ok
12:40:03.0950 0x1854  [ 91FC7F4BB192639E8893A9733E1F0E82, 095A807ACE813A8954018293D65294DFAFA2B1A66DCAFBCFDACA8654FF062C31 ] nlsX86cc        C:\windows\SysWOW64\nlssrv32.exe
12:40:03.0957 0x1854  nlsX86cc - ok
12:40:04.0237 0x1854  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\windows\system32\drivers\Npfs.sys
12:40:04.0241 0x1854  Npfs - ok
12:40:04.0295 0x1854  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\windows\system32\nsisvc.dll
12:40:04.0299 0x1854  nsi - ok
12:40:04.0320 0x1854  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
12:40:04.0322 0x1854  nsiproxy - ok
12:40:04.0524 0x1854  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
12:40:04.0592 0x1854  Ntfs - ok
12:40:04.0612 0x1854  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\windows\system32\drivers\Null.sys
12:40:04.0613 0x1854  Null - ok
12:40:04.0678 0x1854  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\windows\system32\drivers\nvraid.sys
12:40:04.0683 0x1854  nvraid - ok
12:40:04.0712 0x1854  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\windows\system32\drivers\nvstor.sys
12:40:04.0719 0x1854  nvstor - ok
12:40:04.0893 0x1854  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
12:40:04.0977 0x1854  nv_agp - ok
12:40:05.0302 0x1854  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:40:05.0329 0x1854  odserv - ok
12:40:05.0415 0x1854  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\windows\system32\drivers\ohci1394.sys
12:40:05.0419 0x1854  ohci1394 - ok
12:40:05.0531 0x1854  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:40:05.0541 0x1854  ose - ok
12:40:05.0694 0x1854  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
12:40:05.0706 0x1854  p2pimsvc - ok
12:40:05.0794 0x1854  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\windows\system32\p2psvc.dll
12:40:05.0815 0x1854  p2psvc - ok
12:40:05.0878 0x1854  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\windows\system32\drivers\parport.sys
12:40:05.0887 0x1854  Parport - ok
12:40:05.0908 0x1854  Partizan - ok
12:40:05.0958 0x1854  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\windows\system32\drivers\partmgr.sys
12:40:05.0962 0x1854  partmgr - ok
12:40:06.0025 0x1854  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\windows\System32\pcasvc.dll
12:40:06.0034 0x1854  PcaSvc - ok
12:40:06.0135 0x1854  [ 2F86BE1818C2D7AC90478E3323EE7FCB, CE721FCFFDC9D24483DEB6BB77DAFEBE79BA143CA2EE68BF28E2A9297AADB2D4 ] PCCUJobMgr      C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
12:40:06.0139 0x1854  PCCUJobMgr - ok
12:40:06.0161 0x1854  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\windows\system32\drivers\pci.sys
12:40:06.0167 0x1854  pci - ok
12:40:06.0189 0x1854  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\windows\system32\drivers\pciide.sys
12:40:06.0191 0x1854  pciide - ok
12:40:06.0240 0x1854  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\windows\system32\drivers\pcmcia.sys
12:40:06.0247 0x1854  pcmcia - ok
12:40:06.0267 0x1854  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\windows\system32\drivers\pcw.sys
12:40:06.0270 0x1854  pcw - ok
12:40:06.0377 0x1854  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\windows\system32\drivers\peauth.sys
12:40:06.0416 0x1854  PEAUTH - ok
12:40:06.0662 0x1854  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\windows\SysWow64\perfhost.exe
12:40:06.0671 0x1854  PerfHost - ok
12:40:07.0128 0x1854  [ 91111CEBBDE8015E822C46120ED9537C, 255B85FEF663C2E0652CECF3F9B67B12B576F924A34415DEE13F0F5137E1E7F7 ] PGEffect        C:\windows\system32\DRIVERS\pgeffect.sys
12:40:07.0134 0x1854  PGEffect - ok
12:40:07.0257 0x1854  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\windows\system32\pla.dll
12:40:07.0367 0x1854  pla - ok
12:40:07.0449 0x1854  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
12:40:07.0463 0x1854  PlugPlay - ok
12:40:07.0555 0x1854  [ 37F6046CDC630442D7DC087501FF6FC6, EFC0F3DA49839CA263CD95AE5015F4FC554D9D845A58A699C542C8C96E70ED3C ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
12:40:07.0566 0x1854  Pml Driver HPZ12 - ok
12:40:07.0626 0x1854  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
12:40:07.0637 0x1854  PNRPAutoReg - ok
12:40:07.0697 0x1854  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
12:40:07.0716 0x1854  PNRPsvc - ok
12:40:07.0795 0x1854  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
12:40:07.0814 0x1854  PolicyAgent - ok
12:40:07.0844 0x1854  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\windows\system32\umpo.dll
12:40:07.0852 0x1854  Power - ok
12:40:07.0936 0x1854  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
12:40:07.0940 0x1854  PptpMiniport - ok
12:40:07.0957 0x1854  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\windows\system32\drivers\processr.sys
12:40:08.0052 0x1854  Processor - ok
12:40:08.0118 0x1854  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\windows\system32\profsvc.dll
12:40:08.0130 0x1854  ProfSvc - ok
12:40:08.0198 0x1854  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\windows\system32\lsass.exe
12:40:08.0206 0x1854  ProtectedStorage - ok
12:40:08.0274 0x1854  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\windows\system32\DRIVERS\pacer.sys
12:40:08.0285 0x1854  Psched - ok
12:40:08.0367 0x1854  [ A6BF0A9B5A30D743623CA0D3BE35DF05, 0AA2DAE7ADC38F4197548DE174D551A0CF9281D2680B07E6C84914CA199C0661 ] PxHlpa64        C:\windows\system32\Drivers\PxHlpa64.sys
12:40:08.0371 0x1854  PxHlpa64 - ok
12:40:08.0447 0x1854  [ C8FCB4899F8B70CC34E0D9876A80963C, E4CFC69C3EE1BC5C0FFF96CE034EAD8DD9727DA165A790CB57979AA0A6CEE350 ] QIOMem          C:\windows\system32\DRIVERS\QIOMem.sys
12:40:08.0448 0x1854  QIOMem - ok
12:40:08.0579 0x1854  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\windows\system32\drivers\ql2300.sys
12:40:08.0658 0x1854  ql2300 - ok
12:40:08.0708 0x1854  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\windows\system32\drivers\ql40xx.sys
12:40:08.0713 0x1854  ql40xx - ok
12:40:08.0929 0x1854  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\windows\system32\qwave.dll
12:40:08.0944 0x1854  QWAVE - ok
12:40:08.0968 0x1854  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
12:40:08.0971 0x1854  QWAVEdrv - ok
12:40:09.0193 0x1854  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
12:40:09.0271 0x1854  RasAcd - ok
12:40:09.0302 0x1854  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
12:40:09.0306 0x1854  RasAgileVpn - ok
12:40:09.0366 0x1854  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\windows\System32\rasauto.dll
12:40:09.0376 0x1854  RasAuto - ok
12:40:09.0449 0x1854  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
12:40:09.0455 0x1854  Rasl2tp - ok
12:40:09.0600 0x1854  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\windows\System32\rasmans.dll
12:40:09.0625 0x1854  RasMan - ok
12:40:09.0686 0x1854  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
12:40:09.0690 0x1854  RasPppoe - ok
12:40:09.0766 0x1854  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
12:40:09.0769 0x1854  RasSstp - ok
12:40:09.0841 0x1854  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
12:40:09.0852 0x1854  rdbss - ok
12:40:09.0964 0x1854  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\windows\system32\drivers\rdpbus.sys
12:40:09.0968 0x1854  rdpbus - ok
12:40:10.0021 0x1854  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
12:40:10.0023 0x1854  RDPCDD - ok
12:40:10.0068 0x1854  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
12:40:10.0070 0x1854  RDPENCDD - ok
12:40:10.0077 0x1854  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
12:40:10.0079 0x1854  RDPREFMP - ok
12:40:10.0101 0x1854  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
12:40:10.0108 0x1854  RDPWD - ok
12:40:10.0168 0x1854  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
12:40:10.0174 0x1854  rdyboost - ok
12:40:10.0228 0x1854  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\windows\System32\mprdim.dll
12:40:10.0233 0x1854  RemoteAccess - ok
12:40:10.0325 0x1854  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\windows\system32\regsvc.dll
12:40:10.0333 0x1854  RemoteRegistry - ok
12:40:10.0400 0x1854  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\windows\system32\DRIVERS\rfcomm.sys
12:40:10.0405 0x1854  RFCOMM - ok
12:40:10.0445 0x1854  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
12:40:10.0451 0x1854  RpcEptMapper - ok
12:40:10.0516 0x1854  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\windows\system32\locator.exe
12:40:10.0519 0x1854  RpcLocator - ok
12:40:10.0596 0x1854  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\windows\system32\rpcss.dll
12:40:10.0618 0x1854  RpcSs - ok
12:40:10.0745 0x1854  [ 2ABD2B3BA2EF0C3BA82284C2A5E28675, 2CDE31DEB899BAC801A9E4EFE15582B80D9B35921C4B92CB2E1E6BEFB7E3EB9C ] RRNetCap        C:\windows\system32\DRIVERS\rrnetcap.sys
12:40:10.0842 0x1854  RRNetCap - ok
12:40:10.0854 0x1854  [ 2ABD2B3BA2EF0C3BA82284C2A5E28675, 2CDE31DEB899BAC801A9E4EFE15582B80D9B35921C4B92CB2E1E6BEFB7E3EB9C ] RRNetCapMP      C:\windows\system32\DRIVERS\rrnetcap.sys
12:40:10.0859 0x1854  RRNetCapMP - ok
12:40:10.0928 0x1854  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
12:40:10.0933 0x1854  rspndr - ok
12:40:11.0004 0x1854  [ 135A64530D7699AD48F29D73A658DD11, 35838AE8ACFD9047C68DD0C8910557A82998E5CD778D5B98D4767AFA4BCE85BB ] RSUSBSTOR       C:\windows\system32\Drivers\RtsUStor.sys
12:40:11.0016 0x1854  RSUSBSTOR - ok
12:40:11.0126 0x1854  [ E5DC911D0FEB72CAFF2BBDD6E7C3672F, E50825E0413049898A81DDF2AFE24BC92E48A0E9AA7653776F0F6EEE7D82E5D6 ] RSUSBVSTOR      C:\windows\system32\Drivers\RTSUVSTOR.sys
12:40:11.0138 0x1854  RSUSBVSTOR - ok
12:40:11.0305 0x1854  [ 64FDF4FE366CA42DA2B7D9D424B6E39B, FC3844152E29B703373788F24862CDD307837AA53D21F978FB9C038A34593B95 ] RTL8192Ce       C:\windows\system32\DRIVERS\rtl8192Ce.sys
12:40:11.0334 0x1854  RTL8192Ce - ok
12:40:11.0378 0x1854  RTL8192su - ok
12:40:11.0408 0x1854  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\windows\system32\lsass.exe
12:40:11.0411 0x1854  SamSs - ok
12:40:11.0442 0x1854  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
12:40:11.0445 0x1854  sbp2port - ok
12:40:11.0497 0x1854  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\windows\System32\SCardSvr.dll
12:40:11.0506 0x1854  SCardSvr - ok
12:40:11.0541 0x1854  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
12:40:11.0543 0x1854  scfilter - ok
12:40:11.0635 0x1854  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\windows\system32\schedsvc.dll
12:40:11.0666 0x1854  Schedule - ok
12:40:11.0802 0x1854  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\windows\System32\certprop.dll
12:40:11.0805 0x1854  SCPolicySvc - ok
12:40:11.0874 0x1854  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\windows\System32\SDRSVC.dll
12:40:11.0884 0x1854  SDRSVC - ok
12:40:11.0953 0x1854  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\windows\system32\drivers\secdrv.sys
12:40:11.0955 0x1854  secdrv - ok
12:40:12.0009 0x1854  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\windows\system32\seclogon.dll
12:40:12.0041 0x1854  seclogon - ok
12:40:12.0124 0x1854  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\windows\System32\sens.dll
12:40:12.0129 0x1854  SENS - ok
12:40:12.0165 0x1854  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\windows\system32\sensrsvc.dll
12:40:12.0171 0x1854  SensrSvc - ok
12:40:12.0217 0x1854  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\windows\system32\drivers\serenum.sys
12:40:12.0219 0x1854  Serenum - ok
12:40:12.0278 0x1854  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\windows\system32\drivers\serial.sys
12:40:12.0284 0x1854  Serial - ok
12:40:12.0333 0x1854  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\windows\system32\drivers\sermouse.sys
12:40:12.0335 0x1854  sermouse - ok
12:40:12.0394 0x1854  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\windows\system32\sessenv.dll
12:40:12.0402 0x1854  SessionEnv - ok
12:40:12.0433 0x1854  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\windows\system32\drivers\sffdisk.sys
12:40:12.0435 0x1854  sffdisk - ok
12:40:12.0459 0x1854  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys
12:40:12.0461 0x1854  sffp_mmc - ok
12:40:12.0488 0x1854  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys
12:40:12.0490 0x1854  sffp_sd - ok
12:40:12.0571 0x1854  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\windows\system32\DRIVERS\sfloppy.sys
12:40:12.0575 0x1854  sfloppy - ok
12:40:12.0676 0x1854  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\windows\System32\ipnathlp.dll
12:40:12.0698 0x1854  SharedAccess - ok
12:40:12.0927 0x1854  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
12:40:12.0948 0x1854  ShellHWDetection - ok
12:40:13.0011 0x1854  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys
12:40:13.0013 0x1854  SiSRaid2 - ok
12:40:13.0052 0x1854  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys
12:40:13.0055 0x1854  SiSRaid4 - ok
12:40:13.0292 0x1854  [ F5BBEDF602C310B00036EB2DBF4348A5, AC2712E639F0C54BCF00EB4E90E805335871EA27AE8A45DFC53EDF28822318C4 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
12:40:13.0305 0x1854  SkypeUpdate - ok
12:40:13.0373 0x1854  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\windows\system32\DRIVERS\smb.sys
12:40:13.0382 0x1854  Smb - ok
12:40:13.0463 0x1854  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
12:40:13.0469 0x1854  SNMPTRAP - ok
12:40:13.0513 0x1854  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\windows\system32\drivers\spldr.sys
12:40:13.0516 0x1854  spldr - ok
12:40:13.0640 0x1854  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\windows\System32\spoolsv.exe
12:40:13.0662 0x1854  Spooler - ok
12:40:14.0104 0x1854  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\windows\system32\sppsvc.exe
12:40:14.0267 0x1854  sppsvc - ok
12:40:14.0320 0x1854  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\windows\system32\sppuinotify.dll
12:40:14.0325 0x1854  sppuinotify - ok
12:40:14.0385 0x1854  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\windows\system32\DRIVERS\srv.sys
12:40:14.0398 0x1854  srv - ok
12:40:14.0449 0x1854  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
12:40:14.0461 0x1854  srv2 - ok
12:40:14.0628 0x1854  [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA       C:\windows\system32\DRIVERS\VSTAZL6.SYS
12:40:14.0636 0x1854  SrvHsfHDA - ok
12:40:15.0314 0x1854  [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92       C:\windows\system32\DRIVERS\VSTDPV6.SYS
12:40:15.0457 0x1854  SrvHsfV92 - ok
12:40:16.0125 0x1854  [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac     C:\windows\system32\DRIVERS\VSTCNXT6.SYS
12:40:16.0254 0x1854  SrvHsfWinac - ok
12:40:16.0522 0x1854  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
12:40:16.0626 0x1854  srvnet - ok
12:40:17.0023 0x1854  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
12:40:17.0041 0x1854  SSDPSRV - ok
12:40:17.0087 0x1854  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\windows\system32\sstpsvc.dll
12:40:17.0096 0x1854  SstpSvc - ok
12:40:17.0832 0x1854  [ 1CFA4A1F3C7BB4C8F299E00428EB8677, 997F97F8A27A4228D07ED3DF293479AE42D534A4F3D0680BE2D95B187E56F7D7 ] SSUService      C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
12:40:17.0964 0x1854  SSUService - ok
12:40:19.0293 0x1854  Steam Client Service - ok
12:40:19.0510 0x1854  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\windows\system32\drivers\stexstor.sys
12:40:19.0593 0x1854  stexstor - ok
12:40:19.0939 0x1854  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\windows\system32\drivers\serscan.sys
12:40:20.0029 0x1854  StillCam - ok
12:40:21.0751 0x1854  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\windows\System32\wiaservc.dll
12:40:21.0872 0x1854  stisvc - ok
12:40:22.0095 0x1854  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\windows\system32\DRIVERS\swenum.sys
12:40:22.0099 0x1854  swenum - ok
12:40:22.0189 0x1854  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\windows\System32\swprv.dll
12:40:22.0206 0x1854  swprv - ok
12:40:22.0376 0x1854  [ F5B46DF59FEAA48A442AED7EEB754D4B, 8415FDD5E7B4D4819BB9B0937CDF254548C871045787958BCF708096204B1714 ] SynTP           C:\windows\system32\DRIVERS\SynTP.sys
12:40:22.0431 0x1854  SynTP - ok
12:40:22.0677 0x1854  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\windows\system32\sysmain.dll
12:40:22.0747 0x1854  SysMain - ok
12:40:22.0899 0x1854  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
12:40:22.0910 0x1854  TabletInputService - ok
12:40:22.0967 0x1854  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\windows\System32\tapisrv.dll
12:40:22.0992 0x1854  TapiSrv - ok
12:40:23.0357 0x1854  [ 048CFE7569D6ADCAB9349BB1A566A79E, E248D2A66881FDFF9505896F383EFFEF2FD5AFC15D8992E653F5C31F1F80DAF3 ] tbhsd           C:\windows\system32\drivers\tbhsd.sys
12:40:23.0362 0x1854  tbhsd - ok
12:40:23.0446 0x1854  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\windows\System32\tbssvc.dll
12:40:23.0453 0x1854  TBS - ok
12:40:23.0724 0x1854  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\windows\system32\drivers\tcpip.sys
12:40:23.0805 0x1854  Tcpip - ok
12:40:23.0996 0x1854  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
12:40:24.0036 0x1854  TCPIP6 - ok
12:40:24.0059 0x1854  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
12:40:24.0062 0x1854  tcpipreg - ok
12:40:24.0174 0x1854  [ FD542B661BD22FA69CA789AD0AC58C29, 75FFAF1834B1E22DF37608ED451F161052FF1FE3C681B4E20A68DCA92CC7FD8C ] tdcmdpst        C:\windows\system32\DRIVERS\tdcmdpst.sys
12:40:24.0178 0x1854  tdcmdpst - ok
12:40:24.0272 0x1854  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys
12:40:24.0277 0x1854  TDPIPE - ok
12:40:24.0315 0x1854  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys
12:40:24.0318 0x1854  TDTCP - ok
12:40:24.0366 0x1854  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
12:40:24.0370 0x1854  tdx - ok
12:40:24.0394 0x1854  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\windows\system32\DRIVERS\termdd.sys
12:40:24.0397 0x1854  TermDD - ok
12:40:24.0537 0x1854  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\windows\System32\termsrv.dll
12:40:24.0568 0x1854  TermService - ok
12:40:24.0589 0x1854  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\windows\system32\themeservice.dll
12:40:24.0594 0x1854  Themes - ok
12:40:24.0644 0x1854  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\windows\system32\mmcss.dll
12:40:24.0649 0x1854  THREADORDER - ok
12:40:25.0226 0x1854  [ 71C321649B28638EE80A2EEB164C1DC8, D75D296B506DCC38A4DED82C71141388AEB60B065785DCC5BC2F4B3B77ACEDC7 ] TMachInfo       C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
12:40:25.0233 0x1854  TMachInfo - ok
12:40:25.0348 0x1854  [ 8E2C799D3476EAC32C3BA0DF7CE6AF19, CFE8A69E3F2A42C3BA2B38EC9233076D0AD32C441500E6407219F2E866905D9B ] TODDSrv         C:\Windows\system32\TODDSrv.exe
12:40:25.0367 0x1854  TODDSrv - ok
12:40:25.0653 0x1854  [ 1C73689B900428C7D054A41C4687F55C, 6DD3CDC09E4A62F40A81872789A5C8678C0FE23DD911C2951DFF5494B6BFC012 ] TosCoSrv        C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
12:40:25.0674 0x1854  TosCoSrv - ok
12:40:25.0762 0x1854  [ 63AAFCF3EA5DBB17123E0BAE9AFE4D58, ACAD9D96CE58EDB620AC13ACA8C6F4122BA8B2AF78468A760F21A01B43D93312 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
12:40:25.0773 0x1854  TOSHIBA eco Utility Service - ok
12:40:25.0916 0x1854  [ 29D0886CF250FCEF1BF9E65AB8D2C0C8, 8D852DB100AC68A07A6E2AD21198410EAAB36E83BB8BAEA71CB698680B5DCE71 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
12:40:25.0920 0x1854  TOSHIBA HDD SSD Alert Service - ok
12:40:26.0031 0x1854  [ 09FF7B0B1B5C3D225495CB6F5A9B39F8, 0D2CC72B7E02B92C9A1D6B76300B75A39427046903326642B9D511A51A795027 ] tos_sps64       C:\windows\system32\DRIVERS\tos_sps64.sys
12:40:26.0045 0x1854  tos_sps64 - ok
12:40:26.0248 0x1854  [ 098B8A408C17E125A3D9A8E1166780C8, F25F09F62713C8234CB2B6A40A4455502C8004090BFB9EE9465546AD48369956 ] TPCHSrv         C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
12:40:26.0308 0x1854  TPCHSrv - ok
12:40:26.0350 0x1854  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\windows\System32\trkwks.dll
12:40:26.0357 0x1854  TrkWks - ok
12:40:26.0464 0x1854  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
12:40:26.0469 0x1854  TrustedInstaller - ok
12:40:26.0522 0x1854  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys
12:40:26.0525 0x1854  tssecsrv - ok
12:40:26.0579 0x1854  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
12:40:26.0583 0x1854  TsUsbFlt - ok
12:40:26.0615 0x1854  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\windows\system32\drivers\TsUsbGD.sys
12:40:26.0618 0x1854  TsUsbGD - ok
12:40:26.0731 0x1854  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
12:40:26.0914 0x1854  tunnel - ok
12:40:27.0292 0x1854  [ 550B567F9364D8F7684C3FB3EA665A72, A214BBBBAB9F0DD525FA5A818CEB8E9294B4A96676317255D7ACF6049049C933 ] TVALZ           C:\windows\system32\DRIVERS\TVALZ_O.SYS
12:40:27.0423 0x1854  TVALZ - ok
12:40:27.0585 0x1854  [ 9C7191F4B2E49BFF47A6C1144B5923FA, DF4E663499946F4E68B7528CA399574D1EB69797FF81F681943B84F3E5E6A40E ] TVALZFL         C:\windows\system32\DRIVERS\TVALZFL.sys
12:40:27.0741 0x1854  TVALZFL - ok
12:40:27.0993 0x1854  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\windows\system32\drivers\uagp35.sys
12:40:28.0094 0x1854  uagp35 - ok
12:40:28.0313 0x1854  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
12:40:28.0333 0x1854  udfs - ok
12:40:28.0388 0x1854  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\windows\system32\UI0Detect.exe
12:40:28.0394 0x1854  UI0Detect - ok
12:40:28.0616 0x1854  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
12:40:28.0698 0x1854  uliagpkx - ok
12:40:28.0948 0x1854  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\windows\system32\DRIVERS\umbus.sys
12:40:29.0031 0x1854  umbus - ok
12:40:29.0166 0x1854  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\windows\system32\DRIVERS\umpass.sys
12:40:29.0170 0x1854  UmPass - ok
12:40:29.0509 0x1854  [ 7E5E1603D0FF2D240AE70295C5C3FEFC, 1E5F8E415ACE3C6DFBE636473DBE051329174F2A085516B6FC1515A54014D02B ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
12:40:29.0636 0x1854  UNS - ok
12:40:29.0784 0x1854  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\windows\System32\upnphost.dll
12:40:29.0819 0x1854  upnphost - ok
12:40:29.0883 0x1854  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\windows\system32\Drivers\usbaapl64.sys
12:40:29.0886 0x1854  USBAAPL64 - ok
12:40:29.0934 0x1854  [ ACCEA6BC68D0C9A78EB97EE159028B4E, 132F7A543C1DA9456FBABA50552B37E3162ACA612A8567BB3FF0F7DA84231419 ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys
12:40:29.0938 0x1854  usbccgp - ok
12:40:29.0970 0x1854  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\windows\system32\drivers\usbcir.sys
12:40:30.0074 0x1854  usbcir - ok
12:40:30.0091 0x1854  [ 311C1DD1088E55BEAE15954D17F50646, A663344ABD1414D570617F59CC00020640F31DB34265142EFCA8817328DB842A ] usbehci         C:\windows\system32\drivers\usbehci.sys
12:40:30.0095 0x1854  usbehci - ok
12:40:30.0160 0x1854  [ 280E90CBF4B2DDD169F0728CB44D726F, 2B39666C022A4F7338BDDB4CB0D7B4D0CC6B398298D29E38826F27FADF4C29DD ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
12:40:30.0173 0x1854  usbhub - ok
12:40:30.0193 0x1854  [ 9406D801042FAF859CF81B2C886413DC, D16536EC05260D7A2902314E1AA5E5F73533483B9967739C381FD41B6192B92F ] usbohci         C:\windows\system32\drivers\usbohci.sys
12:40:30.0195 0x1854  usbohci - ok
12:40:30.0246 0x1854  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\windows\system32\DRIVERS\usbprint.sys
12:40:30.0248 0x1854  usbprint - ok
12:40:30.0308 0x1854  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\windows\system32\DRIVERS\usbscan.sys
12:40:30.0314 0x1854  usbscan - ok
12:40:30.0337 0x1854  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS
12:40:30.0342 0x1854  USBSTOR - ok
12:40:30.0377 0x1854  [ A83D0EC9AE4C31704442099D40BA2471, A29D714FCDF10DF7A2A17D54B131AEFDA61AED988CF8B99C7B30728C50130DCE ] usbuhci         C:\windows\system32\drivers\usbuhci.sys
12:40:30.0379 0x1854  usbuhci - ok
12:40:30.0523 0x1854  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys
12:40:30.0536 0x1854  usbvideo - ok
12:40:30.0677 0x1854  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\windows\System32\uxsms.dll
12:40:30.0691 0x1854  UxSms - ok
12:40:30.0721 0x1854  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\windows\system32\lsass.exe
12:40:30.0822 0x1854  VaultSvc - ok
12:40:30.0930 0x1854  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
12:40:30.0936 0x1854  vdrvroot - ok
12:40:31.0039 0x1854  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\windows\System32\vds.exe
12:40:31.0060 0x1854  vds - ok
12:40:31.0139 0x1854  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\windows\system32\DRIVERS\vgapnp.sys
12:40:31.0142 0x1854  vga - ok
12:40:31.0175 0x1854  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\windows\System32\drivers\vga.sys
12:40:31.0178 0x1854  VgaSave - ok
12:40:31.0246 0x1854  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\windows\system32\drivers\vhdmp.sys
12:40:31.0256 0x1854  vhdmp - ok
12:40:31.0297 0x1854  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\windows\system32\drivers\viaide.sys
12:40:31.0299 0x1854  viaide - ok
12:40:31.0384 0x1854  [ 93F279A2C172562050700A18FA84BE2E, EBFB6C530B4AC714963D31B5D424E7AF2B7D2CA1CF3E455294BE1E56CC8A3A12 ] vncmirror       C:\windows\system32\DRIVERS\vncmirror.sys
12:40:31.0385 0x1854  vncmirror - ok
12:40:31.0443 0x1854  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\windows\system32\drivers\volmgr.sys
12:40:31.0446 0x1854  volmgr - ok
12:40:31.0544 0x1854  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
12:40:31.0558 0x1854  volmgrx - ok
12:40:31.0628 0x1854  [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap         C:\windows\system32\drivers\volsnap.sys
12:40:31.0644 0x1854  volsnap - ok
12:40:31.0710 0x1854  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\windows\system32\drivers\vsmraid.sys
12:40:31.0724 0x1854  vsmraid - ok
12:40:31.0890 0x1854  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\windows\system32\vssvc.exe
12:40:31.0956 0x1854  VSS - ok
12:40:32.0051 0x1854  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys
12:40:32.0056 0x1854  vwifibus - ok
12:40:32.0144 0x1854  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
12:40:32.0150 0x1854  vwififlt - ok
12:40:32.0245 0x1854  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
12:40:32.0249 0x1854  vwifimp - ok
12:40:32.0300 0x1854  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\windows\system32\w32time.dll
12:40:32.0318 0x1854  W32Time - ok
12:40:32.0346 0x1854  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\windows\system32\drivers\wacompen.sys
12:40:32.0348 0x1854  WacomPen - ok
12:40:32.0406 0x1854  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys
12:40:32.0410 0x1854  WANARP - ok
12:40:32.0416 0x1854  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
12:40:32.0418 0x1854  Wanarpv6 - ok
12:40:32.0451 0x1854  [ ECEB715BECE47E101DDEC06B11126066, 6BD577D6EABD48B1BA31955DB3DEEE68528EA54375CA64D233B723D161B45CBA ] wanatw          C:\windows\system32\DRIVERS\wanatw64.sys
12:40:32.0453 0x1854  wanatw - ok
12:40:32.0661 0x1854  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\windows\system32\Wat\WatAdminSvc.exe
12:40:32.0703 0x1854  WatAdminSvc - ok
12:40:33.0024 0x1854  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\windows\system32\wbengine.exe
12:40:33.0418 0x1854  wbengine - ok
12:40:33.0455 0x1854  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
12:40:33.0465 0x1854  WbioSrvc - ok
12:40:33.0588 0x1854  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\windows\System32\wcncsvc.dll
12:40:33.0603 0x1854  wcncsvc - ok
12:40:33.0658 0x1854  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
12:40:33.0663 0x1854  WcsPlugInService - ok
12:40:33.0704 0x1854  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\windows\system32\drivers\wd.sys
12:40:33.0706 0x1854  Wd - ok
12:40:33.0775 0x1854  [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM         C:\windows\system32\DRIVERS\wdcsam64.sys
12:40:33.0777 0x1854  WDC_SAM - ok
12:40:33.0853 0x1854  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
12:40:33.0878 0x1854  Wdf01000 - ok
12:40:33.0939 0x1854  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\windows\system32\wdi.dll
12:40:34.0035 0x1854  WdiServiceHost - ok
12:40:34.0049 0x1854  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\windows\system32\wdi.dll
12:40:34.0065 0x1854  WdiSystemHost - ok
12:40:34.0131 0x1854  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\windows\System32\webclnt.dll
12:40:34.0143 0x1854  WebClient - ok
12:40:34.0172 0x1854  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\windows\system32\wecsvc.dll
12:40:34.0182 0x1854  Wecsvc - ok
12:40:34.0228 0x1854  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\windows\System32\wercplsupport.dll
12:40:34.0235 0x1854  wercplsupport - ok
12:40:34.0275 0x1854  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\windows\System32\WerSvc.dll
12:40:34.0282 0x1854  WerSvc - ok
12:40:34.0338 0x1854  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys
12:40:34.0340 0x1854  WfpLwf - ok
12:40:34.0369 0x1854  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\windows\system32\drivers\wimmount.sys
12:40:34.0371 0x1854  WIMMount - ok
12:40:34.0417 0x1854  WinDefend - ok
12:40:34.0447 0x1854  WinHttpAutoProxySvc - ok
12:40:34.0628 0x1854  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
12:40:34.0646 0x1854  Winmgmt - ok
12:40:34.0932 0x1854  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\windows\system32\WsmSvc.dll
12:40:35.0116 0x1854  WinRM - ok
12:40:35.0328 0x1854  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys
12:40:35.0333 0x1854  WinUsb - ok
12:40:35.0512 0x1854  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\windows\System32\wlansvc.dll
12:40:35.0550 0x1854  Wlansvc - ok
12:40:35.0721 0x1854  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
12:40:35.0726 0x1854  wlcrasvc - ok
12:40:36.0172 0x1854  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:40:36.0258 0x1854  wlidsvc - ok
12:40:36.0332 0x1854  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\windows\system32\DRIVERS\wmiacpi.sys
12:40:36.0334 0x1854  WmiAcpi - ok
12:40:36.0396 0x1854  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
12:40:36.0413 0x1854  wmiApSrv - ok
12:40:36.0469 0x1854  WMPNetworkSvc - ok
12:40:36.0550 0x1854  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\windows\System32\wpcsvc.dll
12:40:36.0555 0x1854  WPCSvc - ok
12:40:36.0592 0x1854  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
12:40:36.0599 0x1854  WPDBusEnum - ok
12:40:36.0669 0x1854  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
12:40:36.0672 0x1854  ws2ifsl - ok
12:40:36.0729 0x1854  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\windows\System32\wscsvc.dll
12:40:36.0859 0x1854  wscsvc - ok
12:40:36.0946 0x1854  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\windows\system32\DRIVERS\WSDPrint.sys
12:40:36.0950 0x1854  WSDPrintDevice - ok
12:40:36.0962 0x1854  WSearch - ok
12:40:37.0205 0x1854  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\windows\system32\wuaueng.dll
12:40:37.0299 0x1854  wuauserv - ok
12:40:37.0344 0x1854  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
12:40:37.0347 0x1854  WudfPf - ok
12:40:37.0397 0x1854  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys
12:40:37.0403 0x1854  WUDFRd - ok
12:40:37.0464 0x1854  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
12:40:37.0482 0x1854  wudfsvc - ok
12:40:37.0510 0x1854  [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc         C:\windows\System32\wwansvc.dll
12:40:37.0522 0x1854  WwanSvc - ok
12:40:37.0719 0x1854  ================ Scan global ===============================
12:40:37.0811 0x1854  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\windows\system32\basesrv.dll
12:40:37.0868 0x1854  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
12:40:37.0890 0x1854  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
12:40:37.0949 0x1854  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
12:40:38.0009 0x1854  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\windows\system32\services.exe
12:40:38.0027 0x1854  [ Global ] - ok
12:40:38.0029 0x1854  ================ Scan MBR ==================================
12:40:38.0049 0x1854  [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
12:40:38.0461 0x1854  \Device\Harddisk0\DR0 - ok
12:40:38.0462 0x1854  ================ Scan VBR ==================================
12:40:38.0538 0x1854  [ EF4E68F9EC02AABEC2867B5DE2945259 ] \Device\Harddisk0\DR0\Partition1
12:40:39.0938 0x1854  \Device\Harddisk0\DR0\Partition1 - ok
12:40:39.0938 0x1854  ================ Scan generic autorun ======================
12:40:42.0347 0x1854  [ BB752714D14CB1F13969D721F1A3A60F, 32B95C75704BE37B349E0493AA8D2FCDAE8007275124646125650456D3A1563F ] C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
12:40:42.0437 0x1854  TSleepSrv - ok
12:40:43.0478 0x1854  [ 02F4246866BF35BF2244E5CF72E25895, AA08D3E65CCF6F4F79D169575C9B4FE8BA078246BFB30C380939A4A3B6092074 ] C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe
12:40:43.0632 0x1854  NortonOnlineBackupReminder - ok
12:40:43.0813 0x1854  [ 2D7816ACDA1CC85C873CBC19A4121D58, 3F3E41EBEF81DB8C2A84A8E75D1E4852046A10A5DCB8CCCC2ADF7FD0DC8EEF66 ] C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe
12:40:43.0907 0x1854  ToshibaAppPlace - ok
12:40:44.0135 0x1854  [ 09E60B4FE341A94A300830C008907099, 5F07868953FAA8FFA9E6477F6BAC52DEEDF3EA4A3F8AF5B4E15878D8240223AB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
12:40:44.0139 0x1854  APSDaemon - ok
12:40:44.0348 0x1854  [ A5E746D3A15129ECA75F581F814AC502, 86A7B8CCE98248A5C98CE3E85F53C6B4C785776ED4DFCBD8A6D39843CAC35E0B ] C:\Users\Paul\AppData\Local\keepvid.com.exe
12:40:44.0392 0x1854  keepvid - ok
12:40:44.0550 0x1854  [ 560BDDFDADAD103ADA0F75CE1381E980, 83BE66AD4E0B0489B349855B62A1265AAD7522C343ABF20018F3926E2FD9ABC4 ] C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
12:40:44.0574 0x1854  Syncios device service - ok
12:40:44.0948 0x1854  [ 82F68EBA0FCEA46BA8919D6A264A833E, 093140F47B047134D36A1D195BC01AA1A17B4B0215C7617A3FF846BC405651E6 ] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
12:40:44.0996 0x1854  EEventManager - ok
12:40:45.0206 0x1854  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:40:45.0259 0x1854  Sidebar - ok
12:40:45.0307 0x1854  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:40:45.0312 0x1854  mctadmin - ok
12:40:45.0425 0x1854  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:40:45.0449 0x1854  Sidebar - ok
12:40:45.0473 0x1854  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:40:45.0477 0x1854  mctadmin - ok
12:40:45.0606 0x1854  [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
12:40:45.0609 0x1854  swg - ok
12:40:47.0254 0x1854  [ 24AFAD9B4B24FD1D4BF7127A2DC78D92, 86F801B1EA39CEE3A1A1969A02D32477040982339F837AE8FAAFF68F46D78822 ] C:\Program Files\CCleaner\CCleaner64.exe
12:40:47.0950 0x1854  CCleaner Monitoring - ok
12:40:47.0966 0x1854  Waiting for KSN requests completion. In queue: 13
12:40:48.0966 0x1854  Waiting for KSN requests completion. In queue: 13
12:40:49.0966 0x1854  Waiting for KSN requests completion. In queue: 13
12:40:50.0515 0x0e7c  Object required for P2P: [ 24AFAD9B4B24FD1D4BF7127A2DC78D92 ] C:\Program Files\CCleaner\CCleaner64.exe
12:40:50.0966 0x1854  Waiting for KSN requests completion. In queue: 1
12:40:52.0096 0x1854  Waiting for KSN requests completion. In queue: 1
12:40:53.0097 0x1854  Waiting for KSN requests completion. In queue: 1
12:40:54.0431 0x1854  Waiting for KSN requests completion. In queue: 1
12:40:55.0436 0x1854  Waiting for KSN requests completion. In queue: 1
12:40:56.0632 0x0e7c  Object send P2P result: true
12:41:10.0997 0x1854  AV detected via SS2: Avast Antivirus, C:\Program Files\AVAST Software\Avast\wsc_proxy.exe ( 17.5.3585.0 ), 0x42000 ( disabled : updated )
12:41:15.0243 0x1854  AV detected via SS2: Malwarebytes, C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe ( 3.0.0.143 ), 0x61000 ( enabled : updated )
12:41:20.0457 0x1854  Win FW state via NFP2: enabled ( trusted )
 


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:38 PM

Posted 31 July 2017 - 12:05 PM

Post the ADW log first then we will clean what has to be.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 alik2k

alik2k
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:10:38 PM

Posted 31 July 2017 - 12:10 PM

Junkware Removal-

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Home Premium x64 
Ran by Paul (Administrator) on Mon 07/31/2017 at 12:44:03.49
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 105 
 
Successfully deleted: C:\end (File) 
Successfully deleted: C:\Program Files (x86)\mozilla firefox\plugins\npdnu.dll (File) 
Successfully deleted: C:\Program Files (x86)\mozilla firefox\plugins\npdnu.xpt (File) 
Successfully deleted: C:\Program Files (x86)\mozilla firefox\plugins\npdnupdater2.dll (File) 
Successfully deleted: C:\Program Files (x86)\mozilla firefox\plugins\npdnupdater2.xpt (File) 
Successfully deleted: C:\ProgramData\apn (Folder) 
Successfully deleted: C:\ProgramData\babylon (Folder) 
Successfully deleted: C:\ProgramData\esellerate (Folder) 
Successfully deleted: C:\user.js (File) 
Successfully deleted: C:\Users\Paul\AppData\Local\{09DDF5BE-245B-4391-81B9-4FD4A22C2B33} (Empty Folder)
Successfully deleted: C:\Users\Paul\AppData\Local\{0B7233A2-FC5D-4D8E-9C5F-AB7F54A3ECA6} (Empty Folder)
Successfully deleted: C:\Users\Paul\AppData\Local\{0D1F932F-4899-4FF3-A3A1-5A1A4548501C} (Empty Folder)
Successfully deleted: C:\Users\Paul\AppData\Local\{1B191EAA-F521-4678-9A00-57A65D2CF23C} (Empty Folder)
Successfully deleted: C:\Users\Paul\AppData\Local\{1D7D585E-06F5-4C0E-9A41-D0AD2CDF93BA} (Empty Folder)
Successfully deleted: C:\Users\Paul\AppData\Local\{20A7E597-0C3E-44D3-B417-7D5A9B6DC6C8} (Empty Folder)
Successfully deleted: C:\Users\Paul\AppData\Local\{21AA3A30-D63E-4997-9C40-2433D1B31AEA} (Empty Folder)
Successfully deleted: C:\Users\Paul\AppData\Local\{22925F7D-6B58-4F45-A76D-11A037643B81} (Empty Folder)
Successfully deleted: C:\Users\Paul\AppData\Local\{26CB400A-ED4A-4376-8127-8E9DD8370F6E} (Empty Folder)
Successfully deleted: C:\Users\Paul\AppData\Local\{2AE97D9F-76EA-4680-BB8A-4B4B00D0BCB1} (Empty Folder)
Successfully deleted: C:\Users\Paul\AppData\Local\{33004D93-0749-440F-9CA5-6D723DC2C827} (Empty Folder)
Successfully deleted: C:\Users\Paul\AppData\Local\{394FC930-5E49-4CF7-A568-D830C6CD2751} (Empty Folder)
Successfully deleted: C:\Users\Paul\AppData\Local\{3B3098F1-85EC-443C-A4F3-41E27AE54B31} (Empty Folder)
Successfully deleted: C:\Users\Paul\AppData\Local\{47E2A175-26C6-4875-BAD3-5F281962388F} (Empty Folder)
Successfully deleted: C:\Users\Paul\AppData\Local\{5B592B73-903C-4012-9564-BAB327145CAD} (Empty Folder)
Successfully deleted: C:\Users\Paul\AppData\Local\{6D88CE44-5F62-4F39-BA61-4A1C4FD0E0BE} (Empty Folder)
Successfully deleted: C:\Users\Paul\AppData\Local\{6FA93961-AE9D-41F1-B301-5BA9DFE5F779} (Empty Folder)
Successfully deleted: C:\Users\Paul\AppData\Local\{72BCBF24-CE55-4729-B685-54DA7F2959B2} (Empty Folder)
Successfully deleted: C:\Users\Paul\AppData\Local\{741687B3-3F30-4430-8A49-DA304FAE45FD} (Empty Folder)
Successfully deleted: C:\Users\Paul\AppData\Local\{75B18CDE-3808-43FA-B426-FDA202AB865D} (Empty Folder)
Successfully deleted: C:\Users\Paul\AppData\Local\{75EB8B50-908F-4D37-89CB-7CC11CF6617B} (Empty Folder)
Successfully deleted: C:\Users\Paul\AppData\Local\{7A08C679-9244-4808-AE27-6D7DA5023D53} (Empty Folder)
Successfully deleted: C:\Users\Paul\AppData\Local\{7AD287AD-CA9C-474C-8E6E-8DE4EDC8FF04} (Empty Folder)
Successfully deleted: C:\Users\Paul\AppData\Local\{7C58BE2E-3CA4-4905-AFED-F66A50999D75} (Empty Folder)
Successfully deleted: C:\Users\Paul\AppData\Local\{7FD97768-A886-407D-98C4-EA84A5507812} (Empty Folder)
Successfully deleted: C:\Users\Paul\AppData\Local\{85652897-67BC-4B79-B90B-56B88CB1B213} (Empty Folder)
Successfully deleted: C:\Users\Paul\AppData\Local\{89FE9DDF-7F25-47EB-BA4D-820E7AC576C0} (Empty Folder)
Successfully deleted: C:\Users\Paul\AppData\Local\{8D78DAD1-7830-43B5-B660-B7E8F2FAB52A} (Empty Folder)
Successfully deleted: C:\Users\Paul\AppData\Local\{92133039-BCE8-4CD3-B3D6-EA596B4932B9} (Empty Folder)
Successfully deleted: C:\Users\Paul\AppData\Local\{994EB6C3-CB15-4C79-AC59-D72B106D0A6B} (Empty Folder)
Successfully deleted: C:\Users\Paul\AppData\Local\{9A5F6F5D-261A-4BA2-950C-10F3FA2DC88E} (Empty Folder)
Successfully deleted: C:\Users\Paul\AppData\Local\{9CE1344D-F3D8-41BD-B981-2D483EADA6FE} (Empty Folder)
Successfully deleted: C:\Users\Paul\AppData\Local\{A463DCDC-80BC-412D-9C2F-5DF78457DF55} (Empty Folder)
Successfully deleted: C:\Users\Paul\AppData\Local\{A4DE0BA0-CC97-4D39-8D3E-D23F9CA9C4EE} (Empty Folder)
Successfully deleted: C:\Users\Paul\AppData\Local\{AAE7A15A-B611-4CA9-B9C5-32879909140E} (Empty Folder)
Successfully deleted: C:\Users\Paul\AppData\Local\{ACB4FE4B-0434-4385-BE92-84AEFAC668C1} (Empty Folder)
Successfully deleted: C:\Users\Paul\AppData\Local\{B3991E00-B1F0-4EB4-9449-69D55FB17E9E} (Empty Folder)
Successfully deleted: C:\Users\Paul\AppData\Local\{B506D86E-D63B-41CA-B5A2-7D53A8876F52} (Empty Folder)
Successfully deleted: C:\Users\Paul\AppData\Local\{C0E0AC96-2F33-4C2A-AB35-5C1E06927471} (Empty Folder)
Successfully deleted: C:\Users\Paul\AppData\Local\{C0FE3A6E-74DE-4D47-B2C1-9CC75511979B} (Empty Folder)
Successfully deleted: C:\Users\Paul\AppData\Local\{C9F2E226-F78A-4BFC-BD86-5C8FB0742995} (Empty Folder)
Successfully deleted: C:\Users\Paul\AppData\Local\{CC028921-0F6A-4A83-B792-ABBFFABF6018} (Empty Folder)
Successfully deleted: C:\Users\Paul\AppData\Local\{D83BE01A-A1B3-4235-892D-533B42F95E89} (Empty Folder)
Successfully deleted: C:\Users\Paul\AppData\Local\{F062CCB5-EE5E-4D1D-A190-F79C2D97119B} (Empty Folder)
Successfully deleted: C:\Users\Paul\AppData\Local\{F3AAE7F1-F872-4B3D-9E7B-F3B0FB4DB87B} (Empty Folder)
Successfully deleted: C:\Users\Paul\AppData\Local\packageaware (Folder) 
Successfully deleted: C:\Users\Paul\AppData\Local\pirates (Folder) 
Successfully deleted: C:\Users\Paul\AppData\Local\stormfall (Folder) 
Successfully deleted: C:\Users\Paul\AppData\Local\worldoftanks (Folder) 
Successfully deleted: C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\qvz6hq94.default\extensions\staged (Folder) 
Successfully deleted: C:\Users\Paul\AppData\Roaming\pccustubinstaller (Folder) 
Successfully deleted: C:\Users\Paul\AppData\Roaming\performersoft (Folder) 
Successfully deleted: C:\Users\Paul\AppData\Roaming\productdata (Folder) 
Successfully deleted: C:\Users\Paul\Desktop\play games online.url (Shortcut) 
Successfully deleted: C:\Users\Paul\Start Menu\Programs\play games online.url (Shortcut) 
Successfully deleted: C:\Program Files (x86)\Common Files\software update utility (Folder) 
Successfully deleted: C:\Program Files (x86)\GUTDB71.tmp (File) 
Successfully deleted: C:\Program Files (x86)\rightsurf (Folder) 
Successfully deleted: C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0JWYIEIZ (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3BQC0HUF (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\555GCBJ7 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5GEZU59B (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8669KZUV (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CAZKL906 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IZZVZZLM (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LDO36TLI (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ONPN2C9S (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P3YRUXR7 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PFHDOEWU (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q7KTTSXU (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R2KB5QC1 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YTMEHMB1 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YXY55C30 (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0JWYIEIZ (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3BQC0HUF (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\555GCBJ7 (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5GEZU59B (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8669KZUV (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CAZKL906 (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IZZVZZLM (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LDO36TLI (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ONPN2C9S (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P3YRUXR7 (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PFHDOEWU (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q7KTTSXU (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R2KB5QC1 (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YTMEHMB1 (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YXY55C30 (Temporary Internet Files Folder) 
 
user_pref(browser.search.selectedEngine, Vosteran);
 
 
 
Registry: 0 
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 07/31/2017 at 12:54:58.37
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
Adware Cleaner-
# AdwCleaner 7.0.0.0 - Logfile created on Mon Jul 31 16:30:59 2017
# Updated on 2017/17/07 by Malwarebytes 
# Database: 07-16-2017.1
# Running on Windows 7 Home Premium (X64)
# Mode: scan
 
***** [ Services ] *****
 
No malicious services found.
 
***** [ Folders ] *****
 
PUP.Optional.Legacy, C:\Users\Paul\AppData\Local\StormFall
PUP.Optional.Legacy, C:\ProgramData\Babylon
PUP.Optional.Legacy, C:\ProgramData\Application Data\Babylon
PUP.Optional.Legacy, C:\Users\All Users\Babylon
PUP.Optional.Legacy, C:\Users\Paul\AppData\LocalLow\HPAppData
PUP.Optional.Legacy, C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
PUP.Optional.Legacy, C:\Users\Paul\AppData\Roaming\pccustubinstaller
PUP.Optional.Legacy, C:\Program Files (x86)\rightsurf
PUP.Optional.Legacy, C:\Program Files (x86)\Common Files\Software Update Utility
PUP.Optional.Legacy, C:\ProgramData\IObit\ASCDownloader
PUP.Optional.Legacy, C:\ProgramData\Application Data\IObit\ASCDownloader
PUP.Optional.Legacy, C:\Users\All Users\IObit\ASCDownloader
PUP.Optional.PCPerformer, C:\Users\Paul\AppData\Roaming\Performersoft
Rogue.ForcedExtension, C:\ProgramData\apn
Rogue.ForcedExtension, C:\ProgramData\Application Data\apn
Rogue.ForcedExtension, C:\Users\All Users\apn
PUP.Adware.Heuristic, C:/Program Files (x86)\SmartSound Software
 
 
***** [ Files ] *****
 
PUP.Optional.Legacy, C:/user.js
PUP.Optional.Legacy, C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
PUP.Optional.Legacy, C:\Users\Paul\Desktop\Play Games Online.url
PUP.Optional.Legacy, C:\END
 
 
***** [ DLL ] *****
 
No malicious DLLs found.
 
***** [ WMI ] *****
 
No malicious WMI found.
 
***** [ Shortcuts ] *****
 
No malicious shortcuts found.
 
***** [ Tasks ] *****
 
No malicious tasks found.
 
***** [ Registry ] *****
 
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cloudfront.net
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cloudfront.net
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.ask.com
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-2047839615-2776486527-20338251-1000\Software\APN PIP
PUP.Optional.Legacy, [Key] - HKCU\Software\APN PIP
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-2047839615-2776486527-20338251-1000\Software\APN
PUP.Optional.Legacy, [Key] - HKCU\Software\APN
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Babylon
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\firstsearch
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-2047839615-2776486527-20338251-1000\Software\Microsoft\Babylon
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Babylon
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\PIP
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{A07E5BFF-B16C-4ABA-A30F-514213A945E6}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{250BECD2-5C43-48CF-A3C6-666338526D67}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3614D305-2DBB-4991-9297-750DD60FFC73}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48DD-9B6D-7A13A3E42127}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40FD-8DAE-FF14757F60C7}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFDF9EF3-3C3A-4F05-9A6E-5D3B778EC567}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Installer\Features\3192AA38321C641458DBDAF83979D193
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966d4C29D35B1C9
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966d4C29D35B1C9
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2468513CA2D6943A1A233CD3F88CE7
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\20E71B53321C641458DBDAF83979D193
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\20E71B53321C641458DBDAF83979D193
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\dnu.EXE
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\post platform | FunWebProducts
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION | BackgroundHost64.exe
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD | BackgroundHost64.exe
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION | BackgroundHost.exe
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD | BackgroundHost.exe
PUP.Optional.Ask, [Key] - HKU\S-1-5-21-2047839615-2776486527-20338251-1000\Software\AskToolbar
PUP.Optional.Ask, [Key] - HKU\S-1-5-21-2047839615-2776486527-20338251-1000\Software\AppDataLow\Software\AskToolbar
PUP.Optional.Ask, [Key] - HKCU\Software\AskToolbar
PUP.Optional.Ask, [Key] - HKCU\Software\AppDataLow\Software\AskToolbar
PUP.Optional.Ask, [Key] - HKU\S-1-5-21-2047839615-2776486527-20338251-1000\Software\Ask.com
PUP.Optional.Ask, [Key] - HKCU\Software\Ask.com
PUP.Optional.Conduit, [Key] - HKLM\SOFTWARE\Conduit
PUP.Optional.Conduit, [Key] - HKU\S-1-5-21-2047839615-2776486527-20338251-1000\Software\AppDataLow\Software\Conduit
PUP.Optional.Conduit, [Key] - HKCU\Software\AppDataLow\Software\Conduit
PUP.Optional.FrostwireTB.A, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
PUP.Optional.FrostwireTB.A, [Key] - HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
PUP.Optional.FrostwireTB.A, [Key] - HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
PUP.Optional.FrostwireTB.A, [Key] - HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
PUP.Optional.BrowseFox.A, [Key] - HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
 
 
***** [ Firefox (and derivatives) ] *****
 
No malicious Firefox entries.
 
***** [ Chromium (and derivatives) ] *****
 
SearchProvider found: AOL - aol.com
SearchProvider found: AOL - aol.com
SearchProvider found: Vosteran - vosteran.com
SearchProvider found: Ask - ask.com
SearchProvider found: Ask - ask.com
SearchProvider found: Yahoo - yahoo.com Search
 
/!\ Please Reset the Chrome Synchronization before cleaning the Chrome Preferences: https://support.google.com/chrome/answer/3097271 
 
 
*************************
 
 
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########


#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:38 PM

Posted 31 July 2017 - 12:33 PM

Ok clean all that ADw..
Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • The tool will start to update the database if one is required.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button.
  • A window will open which lists the logs of your scans.
  • Click on the Scan tab.
  • Double-click the most recent scan which will be at the top of the list....the log will appear.
  • Review the results...see note below
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
  • To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
  • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
  • A copy of all logfiles are saved to C:\AdwCleaner.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 alik2k

alik2k
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:10:38 PM

Posted 31 July 2017 - 02:41 PM

Cleared the Adware.

ESET keeps ending early with no objects detected, saying that the scan was stopped by user when I haven't clicked on anything, I think.



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:38 PM

Posted 31 July 2017 - 03:48 PM

Ok, let it go.. Run Malwarebytes again and post he log
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 alik2k

alik2k
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:10:38 PM

Posted 01 August 2017 - 01:44 AM

Had to leave work before I saw the message and I wasn't able to bring the laptop home. Will run the log and post the results on Thursday.



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:38 PM

Posted 02 August 2017 - 12:57 PM

take your time.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 alik2k

alik2k
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:10:38 PM

Posted 03 August 2017 - 10:41 AM

Okay. Back at work and ran Adware Cleaner again. Also good news in that computer is able to run Windows Update! It doesn't freeze!

 

Adware Cleaner-

# AdwCleaner 7.0.0.0 - Logfile created on Thu Aug 03 15:26:34 2017
# Updated on 2017/17/07 by Malwarebytes 
# Database: 07-16-2017.1
# Running on Windows 7 Home Premium (X64)
# Mode: scan
 
***** [ Services ] *****
 
No malicious services found.
 
***** [ Folders ] *****
 
No malicious folders found.
 
***** [ Files ] *****
 
No malicious files found.
 
***** [ DLL ] *****
 
No malicious DLLs found.
 
***** [ WMI ] *****
 
No malicious WMI found.
 
***** [ Shortcuts ] *****
 
No malicious shortcuts found.
 
***** [ Tasks ] *****
 
No malicious tasks found.
 
***** [ Registry ] *****
 
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{A07E5BFF-B16C-4ABA-A30F-514213A945E6}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
PUP.Optional.FrostwireTB.A, [Key] - HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
PUP.Optional.FrostwireTB.A, [Key] - HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
PUP.Optional.FrostwireTB.A, [Key] - HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
 
 
***** [ Firefox (and derivatives) ] *****
 
No malicious Firefox entries.
 
***** [ Chromium (and derivatives) ] *****
 
SearchProvider found: Ask - ask.com
 
/!\ Please Reset the Chrome Synchronization before cleaning the Chrome Preferences: https://support.google.com/chrome/answer/3097271 
 
 
*************************
 
C:/AdwCleaner/AdwCleaner[C0].txt - [13463 B] - [2017/7/31 17:53:31]
C:/AdwCleaner/AdwCleaner[S0].txt - [14418 B] - [2017/7/31 16:30:59]
 
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt ##########


#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:38 PM

Posted 03 August 2017 - 12:11 PM

OK, run MBAM again then try ESET once more.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 alik2k

alik2k
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:10:38 PM

Posted 03 August 2017 - 12:52 PM

Okay. Should I clean the Adware?



#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:38 PM

Posted 04 August 2017 - 10:25 AM

Sorry, Yes do that.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 alik2k

alik2k
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:10:38 PM

Posted 04 August 2017 - 03:03 PM

Cleared MB Adware. Ran ESET and MBAM. Both came up with nothing. Am I clean now?






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users