Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Really poor performace!

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Really poor performace!

Unread postby walshie » July 16th, 2015, 4:45 pm

Hi all,
Please can I ask for your help.
Trying to help a friend sort out their machine which suffers from really poor perfomance.
Web browsing is really slow and faltering.

I have completed a general tidy up of temp files etc and scanned using both AVG and Malware Bytes. Found and removed 36 problems. However, think that there are registry issues which I'm not confident to deal with.

DDS posts here:


DDS (Ver_2012-11-20.01) - NTFS_x86 NETWORK
Internet Explorer: 9.0.8112.16669
Run by toshiba at 21:35:21 on 2015-07-16
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.1915.1031 [GMT 1:00]
.
AV: AVG AntiVirus 2014 *Enabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus 2014 *Enabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\Explorer.EXE
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamresearch.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://speedial.com/?f=1&a=spd_dnldstr_ ... 727179&ir=
uWindow Title = Windows Internet Explorer provided by Yahoo!
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://uk.yahoo.com/?fr=fp-yie9
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://speedial.com/?f=1&a=spd_dnldstr_ ... 727179&ir=
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
BHO: ArcadeFrontier Addon: {6C8DB2EC-499B-4897-A784-0E3186C97E9D} - c:\users\toshiba\appdata\local\arcadefrontier\ArcadeFrontier.dll
BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\6.3.2322.0\npwinext.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: @c:\program files\msn toolbar\platform\6.3.2322.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\6.3.2322.0\npwinext.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [CCleaner Monitoring] "c:\program files\ccleaner\CCleaner.exe" /MONITOR
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon
mRun: [Monitor] "c:\program files\leapfrog\leapfrog connect\Monitor.exe"
mRun: [EKStatusMonitor] c:\program files\kodak\aio\statusmonitor\EKStatusMonitor.exe
mRun: [AVG_UI] "c:\program files\avg\avg2014\avgui.exe" /TRAYONLY
mRun: [Conime] c:\windows\system32\conime.exe
dRun: [GarminExpressTrayApp] "c:\program files\garmin\express tray\tray.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{C174F4A7-D763-49F9-82C2-6C7FEF8C2E1F} : DHCPNameServer = 192.168.1.254
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - c:\program files\inbox toolbar\Inbox.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: !SASWinLogon - <no file>
Notify: igfxcui - igfxdev.dll
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - LocalServer32 - <no file>
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\43.0.2357.134\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2015-5-26 179680]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2015-5-26 271840]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2015-5-26 161248]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2014-6-17 27416]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2015-5-18 206304]
R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2011-1-6 7168]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2015-7-16 98520]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187B.sys [2011-1-5 347648]
S0 RapportHades;RapportHades;c:\windows\system32\drivers\RapportHades.sys [2015-6-2 68280]
S1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [2014-6-30 121624]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2014-7-21 200984]
S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2015-5-22 29664]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2014-10-24 189720]
S1 RapportCerberus_1412112;RapportCerberus_1412112;c:\programdata\trusteer\rapport\store\exts\rapportcerberus\baseline\RapportCerberus32_1412112.sys [2015-6-23 531416]
S1 RapportEI;RapportEI;c:\program files\trusteer\rapport\bin\RapportEI.sys [2015-6-2 280088]
S1 RapportPG;RapportPG;c:\program files\trusteer\rapport\bin\RapportPG.sys [2015-6-2 337176]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2014\avgidsagent.exe [2015-6-12 3257808]
S2 avgwd;AVG WatchDog;c:\program files\avg\avg2014\avgwdsvc.exe [2015-6-12 300408]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2014-4-12 103608]
S2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2011-1-5 21504]
S2 Garmin Device Interaction Service;Garmin Device Interaction Service;c:\program files\garmin\device interaction service\GarminService.exe [2015-4-8 708616]
S2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files\kodak\aio\center\EKAiOHostService.exe [2012-10-19 395200]
S2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;c:\program files\kodak\aio\statusmonitor\EKPrinterSDK.exe [2012-10-15 779200]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2011-3-19 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2015-7-16 23256]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2015-7-16 51928]
S3 RapportIaso;RapportIaso;c:\programdata\trusteer\rapport\store\exts\rapportms\baseline\RapportIaso.sys [2014-1-15 162584]
S3 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [2015-6-2 218264]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\avg\avg pc tuneup\TuneUpUtilitiesDriver32.sys [2015-6-4 30632]
.
=============== Created Last 30 ================
.
2015-07-16 20:16:33 98520 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-07-16 20:16:10 94936 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-07-16 20:16:10 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-07-16 20:16:10 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-07-16 20:16:10 -------- d-----w- c:\programdata\Malwarebytes
2015-07-16 20:16:10 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2015-07-16 20:11:36 -------- d-----w- c:\program files\CCleaner
2015-07-16 10:04:42 2066432 ----a-w- c:\windows\system32\win32k.sys
2015-07-16 10:04:02 1316864 ----a-w- c:\windows\system32\ole32.dll
2015-07-16 10:02:00 73216 ----a-w- c:\windows\system32\msiexec.exe
2015-07-16 10:02:00 2264576 ----a-w- c:\windows\system32\msi.dll
2015-07-16 10:00:56 298496 ----a-w- c:\windows\system32\gdi32.dll
2015-07-16 09:59:14 34304 ----a-w- c:\windows\system32\atmlib.dll
2015-07-16 09:59:13 296960 ----a-w- c:\windows\system32\atmfd.dll
2015-07-16 09:54:06 225792 ----a-w- c:\windows\system32\cewmdm.dll
2015-07-16 09:50:07 81408 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2015-07-16 09:50:06 217088 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2015-07-16 09:50:06 107008 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2015-07-16 09:50:05 218112 ----a-w- c:\windows\system32\msv1_0.dll
2015-07-16 09:49:56 783872 ----a-w- c:\windows\system32\rpcrt4.dll
2015-07-16 09:49:55 801280 ----a-w- c:\windows\system32\advapi32.dll
2015-07-16 09:49:55 501248 ----a-w- c:\windows\system32\kerberos.dll
2015-07-16 09:49:53 440768 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2015-07-03 13:15:54 25400 ----a-w- c:\windows\system32\authuitu.dll
2015-07-03 13:15:48 35640 ----a-w- c:\windows\system32\uxtuneup.dll
2015-07-01 13:00:06 -------- d-----w- C:\TeamViewer
2015-07-01 13:00:04 -------- d-----w- c:\users\toshiba\appdata\roaming\TeamViewer
2015-07-01 12:56:37 -------- d-----w- C:\TightVNC
2015-07-01 12:55:50 -------- d-----w- c:\program files\ShowMyPCService
2015-06-17 00:01:52 1202856 ----a-w- c:\windows\system32\FM20.DLL
.
==================== Find3M ====================
.
2015-07-15 10:05:48 778416 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-07-15 10:05:48 142512 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-07-03 05:18:15 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2015-06-25 06:05:12 36152 ----a-w- c:\windows\system32\TURegOpt.exe
2015-06-17 01:14:27 1810432 ----a-w- c:\windows\system32\jscript9.dll
2015-06-17 01:12:00 367616 ----a-w- c:\windows\system32\html.iec
2015-06-17 01:09:57 1129472 ----a-w- c:\windows\system32\wininet.dll
2015-06-17 01:09:17 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2015-06-17 01:09:12 421888 ----a-w- c:\windows\system32\vbscript.dll
2015-06-17 01:08:49 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2015-06-17 01:08:28 11776 ----a-w- c:\windows\system32\mshta.exe
2015-06-02 17:41:04 68280 ----a-w- c:\windows\system32\drivers\RapportHades.sys
2015-06-02 17:41:04 218264 ----a-w- c:\windows\system32\drivers\RapportKELL.sys
2015-05-26 20:11:36 179680 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2015-05-26 20:11:20 271840 ----a-w- c:\windows\system32\drivers\avglogx.sys
2015-05-22 08:56:06 29664 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
2015-05-18 20:14:04 206304 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2015-05-04 22:50:57 4096 ----a-w- c:\windows\system32\msdxm.ocx
2015-05-04 22:50:57 4096 ----a-w- c:\windows\system32\dxmasf.dll
2015-05-04 22:50:44 7680 ----a-w- c:\windows\system32\spwmp.dll
2015-05-04 21:21:20 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2015-04-30 16:03:33 279040 ----a-w- c:\windows\system32\schannel.dll
2015-04-30 13:14:01 102608 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-04-24 15:54:56 532480 ----a-w- c:\windows\system32\comctl32.dll
2015-04-19 21:24:52 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2015-04-19 21:24:52 189952 ----a-w- c:\windows\system32\d3d10core.dll
2015-04-19 21:24:52 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2015-04-19 21:24:52 1029120 ----a-w- c:\windows\system32\d3d10.dll
2015-04-19 20:19:37 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2015-04-19 20:18:56 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2015-04-19 20:13:15 682496 ----a-w- c:\windows\system32\d2d1.dll
2015-04-19 20:12:25 1072640 ----a-w- c:\windows\system32\DWrite.dll
2015-04-19 20:12:20 801792 ----a-w- c:\windows\system32\FntCache.dll
.
============= FINISH: 21:37:59.92 ===============


And second file here:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 04/01/2011 17:34:42
System Uptime: 16/07/2015 21:06:46 (0 hours ago)
.
Motherboard: TOSHIBA | | Portable PC
Processor: Intel(R) Pentium(R) Dual CPU T3200 @ 2.00GHz | CPU | 1995/667mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 149 GiB total, 23.277 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0006
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #4
PNP Device ID: ROOT\*ISATAP\0006
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0009
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #5
PNP Device ID: ROOT\*ISATAP\0009
Service: tunnel
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Adobe AIR
Adobe Flash Player 18 ActiveX
Adobe Flash Player 18 NPAPI
Adobe Photoshop 7.0
Adobe Reader X (10.1.14)
aioscnnr
ANT Drivers Installer x86
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcadeFrontier
AVG 2014
AVG PC TuneUp 2014
AVG PC TuneUp 2014 (en-US)
Bing Bar
Bing Bar Platform
Bonjour
C4USelfUpdater
Canon MP140 series
Canon My Printer
CCleaner
center
D3DX10
Driver Tool
Dropbox
Elevated Installer
essentials
Facebook Video Calling 3.1.0.521
FilesFrog Update Checker
FLV Player
Free YouTube Downloader 3.5.128
Garmin City Navigator Europe NT 2011.32 Update
Garmin Express
Garmin Express Tray
Google Chrome
Google Earth Plug-in
Google Toolbar for Internet Explorer
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
iCloud
Inbox Toolbar
Intel(R) Graphics Media Accelerator Driver
iTunes
Java Auto Updater
Java(TM) 6 Update 26
Junk Mail filter update
Kodak AIO Printer
KODAK AiO Software
LeapFrog Connect
LeapFrog LeapPad Explorer Plugin
Malwarebytes Anti-Malware version 2.1.8.1057
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4.5.2
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Edition 2003
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
MobileMe Control Panel
MSVCRT
MyPC Backup
Norton Security Scan
ocr
Picasa 3
PreReq
PrintProjects
QuickTime 7
Rapport
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
Realtek WLAN Driver
RealUpgrade 1.1
Recuva
Safari
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Microsoft .NET Framework 4.5.2 (KB3023224)
Security Update for Microsoft .NET Framework 4.5.2 (KB3035490)
Security Update for Microsoft .NET Framework 4.5.2 (KB3037581)
Security Update for Microsoft .NET Framework 4.5.2 (KB3048077)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2883029) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2920795) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2965282) 32-Bit Edition
Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2863812) 32-Bit Edition
Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2965208) 32-Bit Edition
Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2965210) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2965281) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2965283) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB3054996) 32-Bit Edition
Segoe UI
Synaptics Pointing Device Driver
TOSHIBA Supervisor Password
Trusteer Endpoint Protection
Unity Web Player
Unknown Device Identifier 7.00
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2965286) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Use the entry named LeapFrog Connect to uninstall (LeapFrog LeapPad Explorer Plugin)
Visual Studio 2012 x86 Redistributables
VLC media player 1.1.5
Web-Cake 3.00
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Yahoo! BrowserPlus 2.9.8
Yahoo! Software Update
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
16/07/2015 21:09:15, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.1.9 for the Network Card with network address 002163BB2E53 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
16/07/2015 21:08:46, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Avgdiskx AVGIDSDriver AVGIDSShim Avgldx86 eeCtrl RapportHades SASKUTIL spldr Wanarpv6
16/07/2015 21:08:46, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
16/07/2015 21:08:46, Error: Service Control Manager [7001] - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error: A device attached to the system is not functioning.
16/07/2015 21:08:17, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wcncsvc with arguments "" in order to run the server: {375FF001-DD27-11D9-8F9C-0002B3988E81}
16/07/2015 21:07:39, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
16/07/2015 21:07:30, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
16/07/2015 20:12:53, Error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.7 with the system having network hardware address F0-24-75-52-88-A1. Network operations on this system may be disrupted as a result.
16/07/2015 17:47:09, Error: cdrom [11] - The driver detected a controller error on \Device\CdRom0.
16/07/2015 17:01:57, Error: Service Control Manager [7001] - The Windows Media Player Network Sharing Service service depends on the UPnP Device Host service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
16/07/2015 16:59:48, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SASKUTIL
16/07/2015 16:59:48, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Garmin Device Interaction Service service to connect.
16/07/2015 16:59:48, Error: Service Control Manager [7000] - The Garmin Device Interaction Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
16/07/2015 13:07:54, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgwd service.
16/07/2015 03:00:17, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
15/07/2015 10:29:07, Error: Service Control Manager [7001] - The Windows Image Acquisition (WIA) service depends on the Shell Hardware Detection service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
15/07/2015 10:27:04, Error: EventLog [6008] - The previous system shutdown at 10:25:26 on 15/07/2015 was unexpected.
15/07/2015 10:18:35, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TuneUp.UtilitiesSvc service.
15/07/2015 10:15:46, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.
.
==== End Of File ===========================


Would appreciate any help that you can provide.
Thanks v m.

Sean
walshie
Regular Member
 
Posts: 61
Joined: December 17th, 2005, 1:06 pm
Advertisement
Register to Remove

Re: Really poor performace!

Unread postby pgmigg » July 18th, 2015, 12:25 am

Hello walshie,

Welcome back to the forum! :)

I am pgmigg and I'll be helping you with any malware problems.

Before we begin, please read and follow these important guidelines, so things will proceed smoothly.
  1. The instructions being given are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  2. You must have Administrator rights, permissions for this computer.
  3. DO NOT run any other fix or removal tools unless instructed to do so!
  4. DO NOT install any other software (or hardware) during the cleaning process until we are done as well as
    DO NOT Remove, or Scan with anything on your system unless I ask. This adds more items to be researched.
    Extra Additions and Removals of files make the analysis more difficult.
  5. Only post your problem at (1) one help site. Applying fixes from multiple help sites can cause problems.
  6. Print each set of instructions if possible - your Internet connection will not be available during some fix processes.
  7. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  8. Only reply to this thread, do not start another one. Please, continue responding, until I give you the "All Clean!" :cheers:
    Absence of symptoms does not mean that everything is clear.

I am currently reviewing your logs and will return, as soon as possible, with additional instructions. In the meantime...

Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.

Please read all instructions carefully before executing and perform the steps, in the order given.
lf you have any questions or problems executing these instructions, <<STOP>> do not proceed, post back with the question or problem.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start


Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3181
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Really poor performace!

Unread postby pgmigg » July 18th, 2015, 12:56 am

Hello walshie,

Step 1.
Create a System Restore Point
Because we are going to be making changes to your computer, it is advisable to create a new System Restore Point.
  1. Right-click on Computer and select Properties.
  2. In the left pane under Tasks please click System protection.
    If UAC prompts for an administrator password or approval, type the password or give your "permission to continue".
  3. Select System Protection and then choose Create.
  4. In the System Restore dialog box, type a description for the restore point. Then click Create, again.
    A window will pop up with "The Restore Point was created successfully" confirmation message.
  5. Click OK. Then close the System Restore dialog.

Unless you use some other method to create system restore points...
Please leave the System Restore function "turned on" until we are finished and I give you the 'all clean' sign.[/b]

If you have successfully created a System Restore Point...we can proceed.
If you have NOT successfully created a System Restore Point...do not go any further!
Please post back so we can determine why it was unsuccessful.


Step 2.
Remove Programs
  1. Click on Start, then click the Start Search box on the Start Menu.
  2. Copy and paste the value below without into the open text entry box:
    (Do not include the words Code: Select all - instead of it please click the Select all button next to Code: to select the entire script.)
    Code: Select all
     appwiz.cpl 
    and press Enter - the Unistall or change a program list will be opened.
  3. Click each Entry, as follows, one by one, if it exists, choose Uninstall, and give permission to Continue:
    Bing Bar
    Bing Bar Platform
    FilesFrog Update Checker
    Java Auto Updater
    Java(TM) 6 Update 26
    MyPC Backup
    Norton Security Scan
    Yahoo! BrowserPlus 2.9.8
    Yahoo! Software Update
    Yahoo! Toolbar
  4. Take extra care in answering questions posed by any Uninstaller.
  5. When the program(s) have been uninstalled, please close Control Panel.
  6. Reboot you computer.

Step 3.
AdwCleaner
Please download AdwCleaner by Xplode onto your desktop.
  1. Close all open programs and internet browsers.
  2. Right click on adwcleaner.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  3. Click on Scan. When the scan finishes, you'll see a message on the product window: "Pending. Please uncheck elements you don't want to remove."
  4. Press the Clean button. The AdwCleaner may reboot your computer - please allow it...
  5. A log file C:\AdwCleaner[Sn].txt will automatically open. ([Sn] n = number of run)
  6. Please post the content of the C:\AdwCleaner[Sn].txt log file in your next reply.

Step 4.
Image Junkware Removal Tool
  1. Please download Junkware Removal Tool and save JRT.exe to your Desktop.
  2. Shut down your protection software as shown in This topic now to avoid potential conflicts.
  3. Right click on JRT.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  4. Please be patient as this can take a while to complete depending on your system's specifications.
  5. On completion, a log file JRT.txt is saved to your desktop and will automatically open.
  6. Please post the contents of JRT.txt into your next reply.

Step 5.
TDSSKiller - Rootkit Removal Tool Image
Please download the TDSSKiller.exe by Kaspersky... save it to your Desktop. <-Important!!!
  1. Right-click on TDSSKiller.exe and select "Run As Administrator...".
    If TDSSKiller does not run... rename it. Right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. ektfhtw.com).
    If you don't see file extensions, please see: How to change the file extension.
  2. Click the Start Scan button. Do not use the computer during the scan!
  3. Click Change parameters
  4. Under Additional Options CHECK Verify file digital signatures
  5. IMPORTANT: Ensure Detect TDLFS file system remains UNCHECKED.
  6. Click OK if changes were made.
  7. Click Start scan and allow it to scan for Malicious objects.
    • If Malicious objects are detected, the default action will be Cure, ensure SKIP is selected... then click Continue
    • If suspicious objects are detected, the default action will be Skip, ensure Skip is selected... then click Continue
    • If Unsigned files are detected, the default action will be Skip, ensure Skip is selected... then click Continue
    DO NOT change the default actions, other than CURE to SKIP.
  8. You may be asked to reboot the computer to complete the process. Click on Reboot Now and allow the computer to reboot.
  9. A log will be created on your root drive (usually C:) drive. The log will have a name like Name.Version_Date_Time_log.txt.
    for example, C:\TDSSKiller.2.4.1.2_20.04.2010_15.31.43_log.txt.
  10. If no reboot is required, click on Report. A log file should appear.
  11. Please post the contents of the log file in your next reply

Step 6.
OTL - Download
Please download OTL.exe by Old Timer and save it to your Desktop.

OTL Scan
Important! Close all applications and windows so that you have nothing open and are at your Desktop.
  1. Right click on OTL.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Under Output, ensure that Standard Output is selected.
  3. Check the boxes labeled:
    • Scan All Users
    • LOP check
    • Purity check
    • Extra Registry > Use SafeList
  4. Click on Run Scan at the top left hand corner.
  5. When done, two Notepad files will open.
    • OTL.txt <-- Will be opened, maximized
    • Extras.txt <-- Will be minimized on task bar.
  6. Please post the contents of both OTL.txt and Extras.txt files in your next reply.

Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections....

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of the AdwCleaner[Sn].txt log file
  3. Contents of the JRT.txt log file
  4. Contents of the TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt log file
  5. Contents of a OTL.txt log file
  6. Contents of a Extras.txt log file
  7. Do you see any changes in computer behavior?

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3181
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Really poor performace!

Unread postby walshie » July 18th, 2015, 5:39 am

Hi,
Thanks for coming back to me and for your help>
I really appreciate it!

The system restore fails.
I have tried it several times.
It fails with the same error each time:

"Shadow copy provider had an unexpected error while trying to process the specified operation (0x8004230F)
Please try again"

I wasn't able to get around this I'm afraid!

Thanks again,
:)
walshie
Regular Member
 
Posts: 61
Joined: December 17th, 2005, 1:06 pm

Re: Really poor performace!

Unread postby pgmigg » July 18th, 2015, 11:47 am

Hello walshie,

Thanks for coming back to me and for your help>
I really appreciate it!
You are very welcome! :)

The system restore fails.
I have tried it several times.
It fails with the same error each time:

"Shadow copy provider had an unexpected error while trying to process the specified operation (0x8004230F)
Please try again"

I wasn't able to get around this I'm afraid!
It is good that you stopped and went no further. Before we return back to normal operation I would like to resolve this Shadow Copy issue. It looks like you have Windows software conflicts. Why it is happened?

When you start Windows by using a normal startup operation, several applications and services start automatically, and then run in the background. These programs include basic system processes, antivirus software, system utility applications, and other software that has been previously installed. These applications and services can cause software conflicts. For example, as I see in the list of software installed on your computer, there are a couple of programs that may conflict with each other and, more importantly, could cause the error that occurred with Shadow service.

Step 1.
Remove Programs
  1. Click on Start, then click the Start Search box on the Start Menu.
  2. Copy and paste the value below without into the open text entry box:
    (Do not include the words Code: Select all - instead of it please click the Select all button next to Code: to select the entire script.)
    Code: Select all
     appwiz.cpl 
    and press Enter - the Unistall or change a program list will be opened.
  3. Click each Entry, as follows, one by one, if it exists, choose Uninstall, and give permission to Continue:
    AVG PC TuneUp 2014
    AVG PC TuneUp 2014 (en-US)
    Norton Security Scan
  4. Take extra care in answering questions posed by any Uninstaller.
  5. When the program(s) have been uninstalled, please close Control Panel.
  6. Reboot you computer and log on to the computer by using an account that has administrator rights... <---------- It is important for the Step 2!

Step 2.
Clean boot in Windows
A clean boot is performed to start Windows by using a minimal set of drivers and startup programs. This helps eliminate software conflicts that occur when you troubleshoot or determine what conflict is causing the problem by performing a clean boot.
You must log on to the computer as an administrator to be able to perform a clean boot.
Your computer may temporarily lose some functionality when you perform a clean boot. When you start the computer normally, the functionality returns. However, you may receive the original error message, or experience the original behavior if the problem still exists.
  1. Click Start, type msconfig.exe in the Start Search box, and then press Enter to start the System Configuration utility.
    Note: If you are prompted for an administrator password or for confirmation, you should type the password or provide confirmation.
  2. On the General tab, click the Selective startup option, and then click to clear the Load startup items check box. (The Use Original Boot.ini check box is unavailable.)
  3. Click OK, and then click Restart.
  4. Log on to the computer by using an account that has administrator rights... <---------- It is important for the Step 3!

Step 3.
Restart Volume Shadow Copy Service
  1. Please open Administrative Tools by clicking the Start button, clicking Control Panel, clicking System and Maintenance, and then clicking Administrative Tools.
  2. Double-click Services. If you are prompted for an administrator password or confirmation, type the password or provide confirmation.
  3. If the SPP service (Microsoft Software Shadow Copy Provider) is disabled, double-click it to open the service properties.
    • Click the Startup type list, then click Automatic (Delayed Start), and then click Apply.
    • Under Service status, click Start.
  4. If Volume Shadow Copy service is, please double-click it to open the service properties.
    • Click the Startup type list, then click Automatic (Delayed Start), and then click Apply.
    • Under Service status, click Start.
  5. Close all opened windows.
  6. Click OK, and then click Restart.
  7. Log on to the computer by using an account that has administrator rights... <---------- It is important for the Step 4!

Step 4.
Create a System Restore Point
  1. Right-click on Computer and select Properties.
  2. In the left pane under Tasks please click System protection.
    If UAC prompts for an administrator password or approval, type the password or give your "permission to continue".
  3. Select System Protection and then choose Create.
  4. In the System Restore dialog box, type a description for the restore point. Then click Create, again.
    A window will pop up with "The Restore Point was created successfully" confirmation message.
  5. Click OK. Then close the System Restore dialog.


If you have successfully created a System Restore Point, let me know about it and you can proceed to Step 5 below...

If you have NOT successfully created a System Restore Point... do not go any further!
Please post back so we can determine why it was unsuccessful.


Step 5.
Reset the computer to start normally
  1. Click Start, type msconfig.exe in the Start Search box, and then press Enter.
    Note: If you are prompted for an administrator password or for confirmation, you should type the password or provide confirmation.
  2. On the General tab, click the Normal Startup option, and then click OK.
  3. When you are prompted to restart the computer, click Restart.

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3181
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Really poor performace!

Unread postby walshie » July 18th, 2015, 12:39 pm

Hi,
That worked fine thanks and I now have a current restore point.
Thanks - -and ready for the next set of instructions!
:)
walshie
Regular Member
 
Posts: 61
Joined: December 17th, 2005, 1:06 pm

Re: Really poor performace!

Unread postby pgmigg » July 18th, 2015, 12:51 pm

Hello walshie,

That worked fine thanks and I now have a current restore point.
Great news and amazing job! :D
Lets start our treatment...

Step 1.
Remove Programs
  1. Click on Start, then click the Start Search box on the Start Menu.
  2. Copy and paste the value below without into the open text entry box:
    (Do not include the words Code: Select all - instead of it please click the Select all button next to Code: to select the entire script.)
    Code: Select all
     appwiz.cpl 
    and press Enter - the Unistall or change a program list will be opened.
  3. Click each Entry, as follows, one by one, if it exists, choose Uninstall, and give permission to Continue:
    Bing Bar
    Bing Bar Platform
    FilesFrog Update Checker
    Java Auto Updater
    Java(TM) 6 Update 26
    MyPC Backup
    Yahoo! BrowserPlus 2.9.8
    Yahoo! Software Update
    Yahoo! Toolbar
  4. Take extra care in answering questions posed by any Uninstaller.
  5. When the program(s) have been uninstalled, please close Control Panel.
  6. Reboot you computer.

Step 2.
AdwCleaner
Please download AdwCleaner by Xplode onto your desktop.
  1. Close all open programs and internet browsers.
  2. Right click on adwcleaner.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  3. Click on Scan. When the scan finishes, you'll see a message on the product window: "Pending. Please uncheck elements you don't want to remove."
  4. Press the Clean button. The AdwCleaner may reboot your computer - please allow it...
  5. A log file C:\AdwCleaner[Sn].txt will automatically open. ([Sn] n = number of run)
  6. Please post the content of the C:\AdwCleaner[Sn].txt log file in your next reply.

Step 3.
Image Junkware Removal Tool
  1. Please download Junkware Removal Tool and save JRT.exe to your Desktop.
  2. Shut down your protection software as shown in This topic now to avoid potential conflicts.
  3. Right click on JRT.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  4. Please be patient as this can take a while to complete depending on your system's specifications.
  5. On completion, a log file JRT.txt is saved to your desktop and will automatically open.
  6. Please post the contents of JRT.txt into your next reply.

Step 4.
TDSSKiller - Rootkit Removal Tool Image
Please download the TDSSKiller.exe by Kaspersky... save it to your Desktop. <-Important!!!
  1. Right-click on TDSSKiller.exe and select "Run As Administrator...".
    If TDSSKiller does not run... rename it. Right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. ektfhtw.com).
    If you don't see file extensions, please see: How to change the file extension.
  2. Click the Start Scan button. Do not use the computer during the scan!
  3. Click Change parameters
  4. Under Additional Options CHECK Verify file digital signatures
  5. IMPORTANT: Ensure Detect TDLFS file system remains UNCHECKED.
  6. Click OK if changes were made.
  7. Click Start scan and allow it to scan for Malicious objects.
    • If Malicious objects are detected, the default action will be Cure, ensure SKIP is selected... then click Continue
    • If suspicious objects are detected, the default action will be Skip, ensure Skip is selected... then click Continue
    • If Unsigned files are detected, the default action will be Skip, ensure Skip is selected... then click Continue
    DO NOT change the default actions, other than CURE to SKIP.
  8. You may be asked to reboot the computer to complete the process. Click on Reboot Now and allow the computer to reboot.
  9. A log will be created on your root drive (usually C:) drive. The log will have a name like Name.Version_Date_Time_log.txt.
    for example, C:\TDSSKiller.2.4.1.2_20.04.2010_15.31.43_log.txt.
  10. If no reboot is required, click on Report. A log file should appear.
  11. Please post the contents of the log file in your next reply

Step 5.
OTL - Download
Please download OTL.exe by Old Timer and save it to your Desktop.

OTL Scan
Important! Close all applications and windows so that you have nothing open and are at your Desktop.
  1. Right click on OTL.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Under Output, ensure that Standard Output is selected.
  3. Check the boxes labeled:
    • Scan All Users
    • LOP check
    • Purity check
    • Extra Registry > Use SafeList
  4. Click on Run Scan at the top left hand corner.
  5. When done, two Notepad files will open.
    • OTL.txt <-- Will be opened, maximized
    • Extras.txt <-- Will be minimized on task bar.
  6. Please post the contents of both OTL.txt and Extras.txt files in your next reply.

Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections....

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of the AdwCleaner[Sn].txt log file
  3. Contents of the JRT.txt log file
  4. Contents of the TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt log file
  5. Contents of a OTL.txt log file
  6. Contents of a Extras.txt log file
  7. Do you see any changes in computer behavior?

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3181
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Really poor performace!

Unread postby walshie » July 18th, 2015, 3:18 pm

Hello again,
Thanks for the advice. All the steps were fine thanks and no problems running the steps.

Here is the Adwcleaner txt:

AdwCleaner v4.208 - Logfile created 18/07/2015 at 18:38:59
# Updated 09/07/2015 by Xplode
# Database : 2015-07-15.1 [Server]
# Operating system : Windows Vista (TM) Home Premium Service Pack 2 (x86)
# Username : toshiba - TOSHIBA-PC
# Running from : C:\Users\toshiba\Downloads\adwcleaner_4.208.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\SpeedMaxPc
Folder Deleted : C:\ProgramData\Systweak
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\driver whiz
Folder Deleted : C:\Program Files\FlvPlayer
Folder Deleted : C:\Program Files\Movdap
Folder Deleted : C:\Program Files\ShowMyPCService
Folder Deleted : C:\Users\toshiba\AppData\Local\PackageAware
Folder Deleted : C:\Users\toshiba\AppData\Local\PC_Drivers_Headquarters
Folder Deleted : C:\Users\toshiba\AppData\LocalLow\AVG Security Toolbar
Folder Deleted : C:\Users\toshiba\AppData\LocalLow\Delta
Folder Deleted : C:\Users\toshiba\AppData\LocalLow\Inbox Toolbar
Folder Deleted : C:\Users\toshiba\AppData\Roaming\Babylon
Folder Deleted : C:\Users\toshiba\AppData\Roaming\DriverCure
Folder Deleted : C:\Users\toshiba\AppData\Roaming\Movdap
Folder Deleted : C:\Users\toshiba\AppData\Roaming\SpeedMaxPc
Folder Deleted : C:\Users\toshiba\AppData\Roaming\Systweak
File Deleted : C:\END
File Deleted : C:\Windows\system32\sasnative32.exe

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\peglehonblabfemopkgmfcpofbchegcl
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\inbox
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\webcakeupdater
Key Deleted : HKLM\SOFTWARE\Classes\SDP
Key Deleted : HKCU\Software\5be8ddbe768ed44
Key Deleted : HKLM\SOFTWARE\5be8ddbe768ed44
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\SpeedMaxPC
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\SOFTWARE\SpeedMaxPC
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Tarma Installer
Key Deleted : HKU\.DEFAULT\Software\AVG Secure Search
Key Deleted : HKU\.DEFAULT\Software\IGearSettings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FilesFrog Update Checker
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FLV Player
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{97BBECCF-B1FD-4010-8D4B-EFC9E3CCEECF}
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Web browsers ] *****

-\\ Internet Explorer v9.0.8112.16669


-\\ Google Chrome v43.0.2357.134

[C:\Users\toshiba\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}

*************************

AdwCleaner[R0].txt - [6454 bytes] - [18/07/2015 18:28:22]
AdwCleaner[S0].txt - [6429 bytes] - [18/07/2015 18:38:59]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6488 bytes] ##########
walshie
Regular Member
 
Posts: 61
Joined: December 17th, 2005, 1:06 pm

Re: Really poor performace!

Unread postby walshie » July 18th, 2015, 3:20 pm

And here comes the JRT text file:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.1 (07.16.2015:1)
OS: Windows Vista (TM) Home Premium x86
Ran by toshiba on 18/07/2015 at 18:56:02.57
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110111271149}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110111271149}



~~~ Files

Successfully deleted: [File] C:\Users\toshiba\Appdata\Local\google\chrome\user data\default\local storage\chrome-extension_gkojfkhlekighikafcpjkiklfbnlmeio_0.localstorage
Successfully deleted: [File] C:\Users\toshiba\Appdata\Local\google\chrome\user data\default\local storage\chrome-extension_gkojfkhlekighikafcpjkiklfbnlmeio_0.localstorage-journal
Successfully deleted: [File] C:\Users\toshiba\desktop\clean registry for free!.lnk



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\toshiba\Appdata\Local\{094102E3-262E-42F3-A492-3BFDBB1CFE64}
Successfully deleted: [Empty Folder] C:\Users\toshiba\Appdata\Local\{0DC43C77-BD89-4674-B1A7-69EEDDA61F55}
Successfully deleted: [Empty Folder] C:\Users\toshiba\Appdata\Local\{0FA40D12-7305-4734-B003-803FA9AE1E26}
Successfully deleted: [Empty Folder] C:\Users\toshiba\Appdata\Local\{14FFC27F-F035-46B6-9B51-D1392E2A732B}
Successfully deleted: [Empty Folder] C:\Users\toshiba\Appdata\Local\{1DD7B3BC-ED0F-4FEA-AD35-CB0EDC53C526}
Successfully deleted: [Empty Folder] C:\Users\toshiba\Appdata\Local\{204A3D86-96B3-4D30-A84D-544B7D1FFBB1}
Successfully deleted: [Empty Folder] C:\Users\toshiba\Appdata\Local\{20A29667-7FC9-4BD4-8527-62E51296817D}
Successfully deleted: [Empty Folder] C:\Users\toshiba\Appdata\Local\{37E3EEEA-DEC6-42C4-B24D-72FF96008664}
Successfully deleted: [Empty Folder] C:\Users\toshiba\Appdata\Local\{3C3C30C7-8394-494F-9FD3-1819EF4170D3}
Successfully deleted: [Empty Folder] C:\Users\toshiba\Appdata\Local\{3CE1B897-9E4D-4798-A471-C2CB38F2F333}
Successfully deleted: [Empty Folder] C:\Users\toshiba\Appdata\Local\{4CE42DD4-9A3F-479C-93D0-D68D2D8B0D77}
Successfully deleted: [Empty Folder] C:\Users\toshiba\Appdata\Local\{5292471F-57B6-4581-9F21-AD5E84A3485A}
Successfully deleted: [Empty Folder] C:\Users\toshiba\Appdata\Local\{57DF6DD6-5720-4AE4-96A5-D2A7F3A00C34}
Successfully deleted: [Empty Folder] C:\Users\toshiba\Appdata\Local\{5B621DB2-ECE7-4A12-A7E1-F97C016495E9}
Successfully deleted: [Empty Folder] C:\Users\toshiba\Appdata\Local\{696B0A0D-B43C-4948-B08A-7B72906BE31C}
Successfully deleted: [Empty Folder] C:\Users\toshiba\Appdata\Local\{6BE5B007-E7D4-4CCF-A564-6D93C520A2BE}
Successfully deleted: [Empty Folder] C:\Users\toshiba\Appdata\Local\{7618FEA1-1EC6-4890-BCDD-80CD8B20259B}
Successfully deleted: [Empty Folder] C:\Users\toshiba\Appdata\Local\{77028C15-C8BE-4732-AEBF-F1DBD8EA2E62}
Successfully deleted: [Empty Folder] C:\Users\toshiba\Appdata\Local\{7F8D51D1-D88B-44AD-946B-64FA8B77BAF2}
Successfully deleted: [Empty Folder] C:\Users\toshiba\Appdata\Local\{8616DE9A-1655-4B8A-8656-D24FB13631D7}
Successfully deleted: [Empty Folder] C:\Users\toshiba\Appdata\Local\{863CD8F5-3474-4D27-BCC2-0013D7F3151F}
Successfully deleted: [Empty Folder] C:\Users\toshiba\Appdata\Local\{9136B8F6-3BD9-4340-8109-A1511B266A65}
Successfully deleted: [Empty Folder] C:\Users\toshiba\Appdata\Local\{92D32C27-9B1D-4F74-811A-79936FA31C5E}
Successfully deleted: [Empty Folder] C:\Users\toshiba\Appdata\Local\{98647E2B-41D2-4EB2-A68A-F076F501F3EC}
Successfully deleted: [Empty Folder] C:\Users\toshiba\Appdata\Local\{A3D58DA5-0E24-445B-B680-609C08784BF7}
Successfully deleted: [Empty Folder] C:\Users\toshiba\Appdata\Local\{A43E919A-1079-4C69-93A5-74FF8D721A3E}
Successfully deleted: [Empty Folder] C:\Users\toshiba\Appdata\Local\{A479260A-262C-4232-A9D1-A24FD00D7354}
Successfully deleted: [Empty Folder] C:\Users\toshiba\Appdata\Local\{A63864AB-B1CA-407E-8309-D66DD78D7931}
Successfully deleted: [Empty Folder] C:\Users\toshiba\Appdata\Local\{A8533799-EF82-4FFA-90ED-C16AA669D4B5}
Successfully deleted: [Empty Folder] C:\Users\toshiba\Appdata\Local\{B8D88629-CF1E-42E3-9CE6-D239D7B48122}
Successfully deleted: [Empty Folder] C:\Users\toshiba\Appdata\Local\{BE98E2F1-FB8E-4B1F-8880-7E82B061979F}
Successfully deleted: [Empty Folder] C:\Users\toshiba\Appdata\Local\{C0E74B43-4045-416E-AF24-D2B2E8DFE54B}
Successfully deleted: [Empty Folder] C:\Users\toshiba\Appdata\Local\{C22D99BB-151C-4596-AD02-541507F73B30}
Successfully deleted: [Empty Folder] C:\Users\toshiba\Appdata\Local\{C40D8913-9C43-47BE-AE06-36AD37BD2963}
Successfully deleted: [Empty Folder] C:\Users\toshiba\Appdata\Local\{D158EFE4-201A-4A59-A4BF-D4DF1A08E095}
Successfully deleted: [Empty Folder] C:\Users\toshiba\Appdata\Local\{D9BB14C0-A866-4EFC-ADCC-DBE7F9717C32}
Successfully deleted: [Empty Folder] C:\Users\toshiba\Appdata\Local\{DDE8E6FF-EB27-4780-A0C4-832A4244A744}
Successfully deleted: [Empty Folder] C:\Users\toshiba\Appdata\Local\{DE9C572B-47FB-4FD0-B92F-01EF8019AE55}
Successfully deleted: [Empty Folder] C:\Users\toshiba\Appdata\Local\{E03E08F8-CBD1-4132-9EE2-D647290D59E8}
Successfully deleted: [Empty Folder] C:\Users\toshiba\Appdata\Local\{E9D979EF-CC4B-44DA-B51C-5419542A8141}
Successfully deleted: [Empty Folder] C:\Users\toshiba\Appdata\Local\{EF5CF780-8C54-429C-91A4-C5DA73FCA45C}
Successfully deleted: [Empty Folder] C:\Users\toshiba\Appdata\Local\{FC981CA4-B2FC-470A-A4D0-C3957A395D3E}
Successfully deleted: [Empty Folder] C:\Users\toshiba\Appdata\Local\{FFE6EA15-797F-4D19-A22F-8C57E8585198}
Successfully deleted: [Folder] C:\Program Files\free youtube downloader
Successfully deleted: [Folder] C:\ProgramData\google



~~~ Chrome

Successfully deleted: [Folder] C:\Users\toshiba\Appdata\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio

[C:\Users\toshiba\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\toshiba\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
gkojfkhlekighikafcpjkiklfbnlmeio

[C:\Users\toshiba\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\toshiba\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
bakijjialdiiboeaknfpmflphhmljfkd,
gkojfkhlekighikafcpjkiklfbnlmeio,
peglehonblabfemopkgmfcpofbchegcl
]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18/07/2015 at 19:12:00.02
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
walshie
Regular Member
 
Posts: 61
Joined: December 17th, 2005, 1:06 pm

Re: Really poor performace!

Unread postby walshie » July 18th, 2015, 3:25 pm

And here is the TDSS Killer file: (PART 1)

19:38:51.0068 0x0418 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
19:39:31.0675 0x0418 ============================================================
19:39:31.0675 0x0418 Current date / time: 2015/07/18 19:39:31.0675
19:39:31.0675 0x0418 SystemInfo:
19:39:31.0675 0x0418
19:39:31.0675 0x0418 OS Version: 6.0.6002 ServicePack: 2.0
19:39:31.0675 0x0418 Product type: Workstation
19:39:31.0675 0x0418 ComputerName: TOSHIBA-PC
19:39:31.0675 0x0418 UserName: toshiba
19:39:31.0675 0x0418 Windows directory: C:\Windows
19:39:31.0675 0x0418 System windows directory: C:\Windows
19:39:31.0675 0x0418 Processor architecture: Intel x86
19:39:31.0675 0x0418 Number of processors: 2
19:39:31.0675 0x0418 Page size: 0x1000
19:39:31.0691 0x0418 Boot type: Normal boot
19:39:31.0691 0x0418 ============================================================
19:39:34.0109 0x0418 KLMD registered as C:\Windows\system32\drivers\14932628.sys
19:39:34.0436 0x0418 System UUID: {4B26B2ED-DB74-3D87-3E94-30CDDDFFBC21}
19:39:35.0825 0x0418 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 ( 149.05 Gb ), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:39:35.0825 0x0418 ============================================================
19:39:35.0825 0x0418 \Device\Harddisk0\DR0:
19:39:35.0825 0x0418 MBR partitions:
19:39:35.0825 0x0418 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A18A82
19:39:35.0825 0x0418 ============================================================
19:39:35.0856 0x0418 C: <-> \Device\Harddisk0\DR0\Partition1
19:39:35.0856 0x0418 ============================================================
19:39:35.0856 0x0418 Initialize success
19:39:35.0856 0x0418 ============================================================
19:40:03.0343 0x04a0 ============================================================
19:40:03.0343 0x04a0 Scan started
19:40:03.0343 0x04a0 Mode: Manual;
19:40:03.0343 0x04a0 ============================================================
19:40:03.0343 0x04a0 KSN ping started
19:40:18.0491 0x04a0 KSN ping finished: true
19:40:21.0018 0x04a0 ================ Scan system memory ========================
19:40:21.0018 0x04a0 System memory - ok
19:40:21.0018 0x04a0 ================ Scan services =============================
19:40:21.0455 0x04a0 [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI C:\Windows\system32\drivers\acpi.sys
19:40:21.0470 0x04a0 ACPI - ok
19:40:21.0689 0x04a0 [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
19:40:21.0704 0x04a0 AdobeARMservice - ok
19:40:21.0829 0x04a0 [ 9B3355B29942AF67F014EA90CE1EA960, FBB155F72984045BCD99CC2059B9EDAABD3A52104C3864A290D8A355991F94D3 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:40:21.0845 0x04a0 AdobeFlashPlayerUpdateSvc - ok
19:40:21.0969 0x04a0 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB, 0342700760874683A6DF4F149DACACEF0569D40C45FC5958C67100B3C5D9BBBC ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:40:21.0985 0x04a0 adp94xx - ok
19:40:22.0032 0x04a0 [ B84088CA3CDCA97DA44A984C6CE1CCAD, 87009809FB101BF51483FA32318CBCD209386582880C82417BE4FFAD1B04C8C1 ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:40:22.0047 0x04a0 adpahci - ok
19:40:22.0094 0x04a0 [ 7880C67BCCC27C86FD05AA2AFB5EA469, C8B06E203EEA6EAD19651F212432005ABADFF21E2AA5699E34040527394F2677 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
19:40:22.0094 0x04a0 adpu160m - ok
19:40:22.0188 0x04a0 [ 9AE713F8E30EFC2ABCCD84904333DF4D, B0C7801AC6E0811C38F0474703F34283914C8873D851F59EE232834F7C0D8087 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:40:22.0203 0x04a0 adpu320 - ok
19:40:22.0266 0x04a0 [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:40:22.0266 0x04a0 AeLookupSvc - ok
19:40:22.0375 0x04a0 [ F5272A105F59A7B3B345D9D6D87DA7AD, 9E84776994D04240BF2537330DBB555EDE16DFCFC59DEDCBA05A44ED7F70BEFA ] AFD C:\Windows\system32\drivers\afd.sys
19:40:22.0391 0x04a0 AFD - ok
19:40:22.0718 0x04a0 [ 5D97943C128ED756D1B0A08302C1B1F8, BE7C390B12EB38B0174C55F5459ECA44DC0521277475EF8E6C59E0DE407096EA ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
19:40:22.0781 0x04a0 AgereSoftModem - ok
19:40:22.0968 0x04a0 [ EF23439CDD587F64C2C1B8825CEAD7D8, 762665CFC202B3E16CA2338887896FDF996331A363DC709F1EC088BF927133A3 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:40:22.0968 0x04a0 agp440 - ok
19:40:23.0015 0x04a0 [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
19:40:23.0030 0x04a0 aic78xx - ok
19:40:23.0077 0x04a0 [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG C:\Windows\System32\alg.exe
19:40:23.0108 0x04a0 ALG - ok
19:40:23.0139 0x04a0 [ 90395B64600EBB4552E26E178C94B2E4, 73095893964DC7915983B58A567184FC51949C99341E7E0D04D70CC4C4F95E37 ] aliide C:\Windows\system32\drivers\aliide.sys
19:40:23.0155 0x04a0 aliide - ok
19:40:23.0186 0x04a0 [ 2B13E304C9DFDFA5EB582F6A149FA2C7, 196CCE13E0376526B79D9C43D4071990576C4DD210A48E9E922B438AA11C95E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
19:40:23.0186 0x04a0 amdagp - ok
19:40:23.0202 0x04a0 [ 0577DF1D323FE75A739C787893D300EA, 079EF3CA18FB847DB7E62929071BFF007FAF390E1DBF4C59F28DAAC6B9C2DE51 ] amdide C:\Windows\system32\drivers\amdide.sys
19:40:23.0202 0x04a0 amdide - ok
19:40:23.0280 0x04a0 [ DC487885BCEF9F28EECE6FAC0E5DDFC5, 24A62F6E628AD46273BC226F7BC3453A9C7B76F81ABB9FB801EBEFADB2AB7C9B ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
19:40:23.0280 0x04a0 AmdK7 - ok
19:40:23.0295 0x04a0 [ 0CA0071DA4315B00FC1328CA86B425DA, 4F816FA2197166A83A266084F9D5ED68876D0521D378F90F1314DD53C6FB8814 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:40:23.0311 0x04a0 AmdK8 - ok
19:40:23.0467 0x04a0 [ DFAE18C675D71FD06D57DC69D2913975, 5ECEEB8F49811100551C46CF66D9FA4ED34242C6F87F5BCBEA3A17900CB37DC1 ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll
19:40:23.0467 0x04a0 AppHostSvc - ok
19:40:23.0561 0x04a0 [ 8F7D200717A58E9800D391F4C2101577, F07CF0F5636F46D8F3D5133284943E991E8739E5A644BCA5F18BB896B374620D ] Appinfo C:\Windows\System32\appinfo.dll
19:40:23.0592 0x04a0 Appinfo - ok
19:40:23.0997 0x04a0 [ 6B73E94F9FE82D45781B8C8A09483082, C35EEAE7457168387A7C77A315524A3703ABDE49D9F23F59057315D9249D3473 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:40:23.0997 0x04a0 Apple Mobile Device - ok
19:40:24.0075 0x04a0 [ 5F673180268BB1FDB69C99B6619FE379, C4307A861163F96648109046A6C7D53AB1C9B10D0B841DD1A7D147D22F462649 ] arc C:\Windows\system32\drivers\arc.sys
19:40:24.0091 0x04a0 arc - ok
19:40:24.0153 0x04a0 [ 957F7540B5E7F602E44648C7DE5A1C05, F03C7708A6C9D2579ECE5A7413AFA068E1067D7191EC653A78BA4FEDE76CFBD8 ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:40:24.0185 0x04a0 arcsas - ok
19:40:24.0528 0x04a0 [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
19:40:24.0528 0x04a0 aspnet_state - ok
19:40:24.0606 0x04a0 [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:40:24.0637 0x04a0 AsyncMac - ok
19:40:24.0684 0x04a0 [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi C:\Windows\system32\drivers\atapi.sys
19:40:24.0684 0x04a0 atapi - ok
19:40:24.0793 0x04a0 [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:40:24.0809 0x04a0 AudioEndpointBuilder - ok
19:40:24.0840 0x04a0 [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] Audiosrv C:\Windows\System32\Audiosrv.dll
19:40:24.0855 0x04a0 Audiosrv - ok
19:40:24.0996 0x04a0 [ 21C2F3000A7233E517D7AB62F97BF509, 07169A2512D616E4AE7FE0F6B66D2B84D526F6022985871CC29E9F53FDCFCB6D ] Avgdiskx C:\Windows\system32\DRIVERS\avgdiskx.sys
19:40:25.0011 0x04a0 Avgdiskx - ok
19:40:25.0635 0x04a0 [ 4641EB98ED13DE1FED697250DF679BDD, 88962068D76429D2E28921614CA72F0B2F9FB68AAC902A4E0FB65DEC0331DDFF ] AVGIDSAgent C:\Program Files\AVG\AVG2014\avgidsagent.exe
19:40:25.0901 0x04a0 AVGIDSAgent - ok
19:40:26.0010 0x04a0 [ 8F07F27A2954775823A89C5976BF4F36, 232B10ECFD420B1BCB390FC495670FE092AAE9726185D2B50CBF6A5DD5D5C7A6 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdriverx.sys
19:40:26.0025 0x04a0 AVGIDSDriver - ok
19:40:26.0119 0x04a0 [ A338A5ED62F2DA715460CF89059BD5C9, 73A1C751690B30887370BD2D87FBF4C8DFF0B819A310DD4A89CE7119C28692D4 ] AVGIDSHX C:\Windows\system32\DRIVERS\avgidshx.sys
19:40:26.0119 0x04a0 AVGIDSHX - ok
19:40:26.0181 0x04a0 [ D0D512783FB87BC7FAFE330CBE413B75, 96A6457A7E2F7DD27A10D7CCCA1371F62E1D538C7BBB581DE2F2CEAF27B38E28 ] AVGIDSShim C:\Windows\system32\DRIVERS\avgidsshimx.sys
19:40:26.0181 0x04a0 AVGIDSShim - ok
19:40:26.0291 0x04a0 [ 83645E273A9EEFB3B554AD0D8A01F33D, 23491C196156BC7BF47FCD4825CCE4DEC6BE0764D7113F2D612473551305860B ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys
19:40:26.0306 0x04a0 Avgldx86 - ok
19:40:26.0447 0x04a0 [ A48519FEC3F171EBAC0504FB93A33536, 3E96D0B20ABDC8CE3CF9D18E749E7F6C8F5F994E52E99580777E30DA9DFB461D ] Avglogx C:\Windows\system32\DRIVERS\avglogx.sys
19:40:26.0493 0x04a0 Avglogx - ok
19:40:26.0556 0x04a0 [ 22E47CF9EABE8E429BB7371AD15E1C04, A073B473FB614558A0C98AB229DF060E841ECEB53BCFB966B10E1E0118F82ECD ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys
19:40:26.0571 0x04a0 Avgmfx86 - ok
19:40:26.0665 0x04a0 [ 86FCB8CE3E68C4777B98F7AF06FE8519, 6B7507DA927ECDBA8B2DAA87530DDAEAC5B0983D3CF11D1F6D00D36601FBC60C ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys
19:40:26.0712 0x04a0 Avgrkx86 - ok
19:40:26.0774 0x04a0 [ 11059657F147FCA9C1F2A049775909C1, EE294BAB0074C9F0C6A036730269DE73FC8DBDD339547E7BA6F79C7B1A10A227 ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys
19:40:26.0790 0x04a0 Avgtdix - ok
19:40:26.0883 0x04a0 [ F39694ECC32D23FD0DFF8B578ADBE7C6, C59523B22E162932A17AE5E374AE275CC03A115E2E5D1D30A099B69A28D2F97C ] avgwd C:\Program Files\AVG\AVG2014\avgwdsvc.exe
19:40:26.0930 0x04a0 avgwd - ok
19:40:27.0071 0x04a0 [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep C:\Windows\system32\drivers\Beep.sys
19:40:27.0071 0x04a0 Beep - ok
19:40:27.0164 0x04a0 [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE C:\Windows\System32\bfe.dll
19:40:27.0211 0x04a0 BFE - ok
19:40:27.0367 0x04a0 [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS C:\Windows\System32\qmgr.dll
19:40:27.0429 0x04a0 BITS - ok
19:40:27.0445 0x04a0 blbdrive - ok
19:40:27.0710 0x04a0 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:40:27.0741 0x04a0 Bonjour Service - ok
19:40:27.0819 0x04a0 [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:40:27.0835 0x04a0 bowser - ok
19:40:27.0913 0x04a0 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
19:40:27.0944 0x04a0 BrFiltLo - ok
19:40:27.0960 0x04a0 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
19:40:27.0960 0x04a0 BrFiltUp - ok
19:40:28.0007 0x04a0 [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser C:\Windows\System32\browser.dll
19:40:28.0053 0x04a0 Browser - ok
19:40:28.0147 0x04a0 [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid C:\Windows\system32\drivers\brserid.sys
19:40:28.0163 0x04a0 Brserid - ok
19:40:28.0241 0x04a0 [ 1A5FC78E41840EDF79D65EC16EFF2787, 05BC4C07C88ADDE6D7FF01B821DDB944EEEC8035AC1B6D780E39FDBD12FCA885 ] BrSerIf C:\Windows\system32\Drivers\BrSerIf.sys
19:40:28.0303 0x04a0 BrSerIf - ok
19:40:28.0350 0x04a0 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
19:40:28.0350 0x04a0 BrSerWdm - ok
19:40:28.0381 0x04a0 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
19:40:28.0397 0x04a0 BrUsbMdm - ok
19:40:28.0443 0x04a0 [ A24C7B39602218F8DBDB2B6704325FC7, B90A1BA412A33AD041A2CE47FBB73AE296AF07A2F3DF1F56D9FEE5B3B1E0BBD5 ] BrUsbSer C:\Windows\system32\Drivers\BrUsbSer.sys
19:40:28.0459 0x04a0 BrUsbSer - ok
19:40:28.0506 0x04a0 [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:40:28.0506 0x04a0 BTHMODEM - ok
19:40:28.0662 0x04a0 [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:40:28.0662 0x04a0 cdfs - ok
19:40:28.0709 0x04a0 [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:40:28.0724 0x04a0 cdrom - ok
19:40:28.0818 0x04a0 [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc C:\Windows\System32\certprop.dll
19:40:28.0849 0x04a0 CertPropSvc - ok
19:40:28.0880 0x04a0 [ DA8E0AFC7BAA226C538EF53AC2F90897, 2BBB9966671A3B8325D215DBC29FBD7D912C13ADC562A0D4521D1FF9A6F445C0 ] circlass C:\Windows\system32\drivers\circlass.sys
19:40:28.0911 0x04a0 circlass - ok
19:40:28.0958 0x04a0 [ 5D9311526801643000D7032A83B18B12, C5A98868A41446617B3A27C6C4AAFA4E7C093E253E8C1DD5DBFE6FAE21991209 ] CLFS C:\Windows\system32\CLFS.sys
19:40:28.0974 0x04a0 CLFS - ok
19:40:29.0021 0x04a0 [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:40:29.0021 0x04a0 clr_optimization_v2.0.50727_32 - ok
19:40:29.0177 0x04a0 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:40:29.0208 0x04a0 clr_optimization_v4.0.30319_32 - ok
19:40:29.0239 0x04a0 [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:40:29.0239 0x04a0 CmBatt - ok
19:40:29.0286 0x04a0 [ 45201046C776FFDAF3FC8A0029C581C8, 68A68CF2B76598BC8610EB5B2D3FD5BDC9D51CFC6F51FB7A0B0C92A2BE910FC6 ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:40:29.0286 0x04a0 cmdide - ok
19:40:29.0317 0x04a0 [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:40:29.0333 0x04a0 Compbatt - ok
19:40:29.0348 0x04a0 COMSysApp - ok
19:40:29.0379 0x04a0 [ 2A213AE086BBEC5E937553C7D9A2B22C, 1F91ACC0426E0ED1717555B282F65629EF15021375B24A63C29C89ADE916EE2A ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:40:29.0379 0x04a0 crcdisk - ok
19:40:29.0395 0x04a0 [ 22A7F883508176489F559EE745B5BF5D, D6341E3FBC8A46D2D1F0477FA60EC4828B585D35B14609CD02868FD04ECD14DB ] Crusoe C:\Windows\system32\drivers\crusoe.sys
19:40:29.0395 0x04a0 Crusoe - ok
19:40:29.0457 0x04a0 [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:40:29.0473 0x04a0 CryptSvc - ok
19:40:29.0645 0x04a0 [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:40:29.0691 0x04a0 DcomLaunch - ok
19:40:29.0723 0x04a0 [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:40:29.0738 0x04a0 DfsC - ok
19:40:29.0957 0x04a0 [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR C:\Windows\system32\DFSR.exe
19:40:30.0097 0x04a0 DFSR - ok
19:40:30.0269 0x04a0 [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp C:\Windows\System32\dhcpcsvc.dll
19:40:30.0284 0x04a0 Dhcp - ok
19:40:30.0378 0x04a0 [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk C:\Windows\system32\drivers\disk.sys
19:40:30.0378 0x04a0 disk - ok
19:40:30.0456 0x04a0 [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:40:30.0471 0x04a0 Dnscache - ok
19:40:30.0534 0x04a0 [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc C:\Windows\System32\dot3svc.dll
19:40:30.0549 0x04a0 dot3svc - ok
19:40:30.0643 0x04a0 [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS C:\Windows\system32\dps.dll
19:40:30.0659 0x04a0 DPS - ok
19:40:30.0705 0x04a0 [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:40:30.0705 0x04a0 drmkaud - ok
19:40:30.0830 0x04a0 [ 5C2C209CDEFBC51D83D66E8A53B2BE89, 7AE68672A6BEEF601017BE28AA0BF3673318EFE97AA08E70F58A9391C54DF71F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:40:30.0877 0x04a0 DXGKrnl - ok
19:40:30.0955 0x04a0 [ F88FB26547FD2CE6D0A5AF2985892C48, F02E06E16830F5D3FAF61991F5A91E54BB3461F58AFE3BFB7A9066CD302B879F ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
19:40:30.0955 0x04a0 E1G60 - ok
19:40:31.0064 0x04a0 [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost C:\Windows\System32\eapsvc.dll
19:40:31.0080 0x04a0 EapHost - ok
19:40:31.0173 0x04a0 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache C:\Windows\system32\drivers\ecache.sys
19:40:31.0189 0x04a0 Ecache - ok
19:40:31.0314 0x04a0 [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:40:31.0345 0x04a0 ehRecvr - ok
19:40:31.0376 0x04a0 [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched C:\Windows\ehome\ehsched.exe
19:40:31.0376 0x04a0 ehSched - ok
19:40:31.0407 0x04a0 [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart C:\Windows\ehome\ehstart.dll
19:40:31.0407 0x04a0 ehstart - ok
19:40:31.0485 0x04a0 [ E8F3F21A71720C84BCF423B80028359F, 63114E6120F634224A0E83A5047B37C7D6F26CF99FE3C01CFC0AB8B1763BB084 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:40:31.0517 0x04a0 elxstor - ok
19:40:31.0610 0x04a0 [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
19:40:31.0641 0x04a0 EMDMgmt - ok
19:40:31.0735 0x04a0 [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem C:\Windows\system32\es.dll
19:40:31.0751 0x04a0 EventSystem - ok
19:40:31.0813 0x04a0 [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat C:\Windows\system32\drivers\exfat.sys
19:40:31.0829 0x04a0 exfat - ok
19:40:31.0891 0x04a0 [ 4E404505B3F62ECFBDBCBBCF0A72DBC5, 9F446ED06A31BFE52C4F1E8ACC400B8E3F47A3CC02FFC950DB861B2B3BA4C5B9 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:40:31.0938 0x04a0 fastfat - ok
19:40:32.0031 0x04a0 [ 63BDADA84951B9C03E641800E176898A, AD3EA20CAD0E0C438422D5D39AEA9E0AAD9E1DC866A696AE503C76F5FAC4BE6E ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:40:32.0031 0x04a0 fdc - ok
19:40:32.0063 0x04a0 [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost C:\Windows\system32\fdPHost.dll
19:40:32.0078 0x04a0 fdPHost - ok
19:40:32.0125 0x04a0 [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub C:\Windows\system32\fdrespub.dll
19:40:32.0141 0x04a0 FDResPub - ok
19:40:32.0250 0x04a0 [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:40:32.0250 0x04a0 FileInfo - ok
19:40:32.0312 0x04a0 [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:40:32.0328 0x04a0 Filetrace - ok
19:40:32.0375 0x04a0 [ 6603957EFF5EC62D25075EA8AC27DE68, B52D112301A6BFBD60959D7D2502AB2E1EB6BB7F5DCED46899F1F006C7F1E887 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:40:32.0375 0x04a0 flpydisk - ok
19:40:32.0406 0x04a0 [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:40:32.0453 0x04a0 FltMgr - ok
19:40:32.0577 0x04a0 [ 7417E869AE5AAC3026329E7749698110, 14545202D90C23EE6A2ADC5627791A3B43B5EEA6F78F44021C9AE2B5B8A351DD ] FontCache C:\Windows\system32\FntCache.dll
19:40:32.0624 0x04a0 FontCache - ok
19:40:32.0733 0x04a0 [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:40:32.0749 0x04a0 FontCache3.0.0.0 - ok
19:40:32.0811 0x04a0 [ D909075FA72C090F27AA926C32CB4612, F8610C20C4DD499D5B4ACEBD7107E52E25B6449AEED58D1A203F7D654B55C4DF ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
19:40:32.0827 0x04a0 fssfltr - ok
19:40:33.0139 0x04a0 [ 4CE9DAC1518FF7E77BD213E6394B9D77, D7D0D29DF93AC7DC5F85E385EEB45306C7BD87ACA7AAC5A8D47893D120C32C03 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
19:40:33.0233 0x04a0 fsssvc - ok
19:40:33.0279 0x04a0 [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:40:33.0311 0x04a0 Fs_Rec - ok
19:40:33.0357 0x04a0 [ CBC22823628544735625B280665E434E, 6B5A3FE469CACE241F3332E6E6B3D0ACB3C2EB3DF0297C744F5A155992F0B411 ] FwLnk C:\Windows\system32\DRIVERS\FwLnk.sys
19:40:33.0389 0x04a0 FwLnk - ok
19:40:33.0467 0x04a0 [ 4E1CD0A45C50A8882616CAE5BF82F3C5, 1B909AF150F7119A5685999451A85012F4A92F15F38390A281EA507E2D247BAE ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:40:33.0482 0x04a0 gagp30kx - ok
19:40:33.0841 0x04a0 [ 805DAC448BEBDA900BF5520AB27D9616, C0A2935C75EC4B3D860E68ABAE6756D6D4B31BA9AFD742FF9C0B6ED11BEFD163 ] Garmin Device Interaction Service C:\Program Files\Garmin\Device Interaction Service\GarminService.exe
19:40:33.0888 0x04a0 Garmin Device Interaction Service - ok
19:40:33.0919 0x04a0 [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:40:33.0935 0x04a0 GEARAspiWDM - ok
19:40:34.0059 0x04a0 [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc C:\Windows\System32\gpsvc.dll
19:40:34.0091 0x04a0 gpsvc - ok
19:40:34.0231 0x04a0 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
19:40:34.0231 0x04a0 gupdate - ok
19:40:34.0371 0x04a0 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
19:40:34.0387 0x04a0 gupdatem - ok
19:40:34.0481 0x04a0 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
19:40:34.0496 0x04a0 gusvc - ok
19:40:34.0574 0x04a0 [ 3F90E001369A07243763BD5A523D8722, 25907F85787D879E75C3FE74C93567382AFB2D528BEEC61D71E3A6BE2D71DFBE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:40:34.0605 0x04a0 HdAudAddService - ok
19:40:34.0730 0x04a0 [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:40:34.0761 0x04a0 HDAudBus - ok
19:40:34.0824 0x04a0 [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:40:34.0839 0x04a0 HidBth - ok
19:40:34.0933 0x04a0 [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr C:\Windows\system32\drivers\hidir.sys
19:40:34.0933 0x04a0 HidIr - ok
19:40:34.0980 0x04a0 [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv C:\Windows\system32\hidserv.dll
19:40:34.0995 0x04a0 hidserv - ok
19:40:35.0027 0x04a0 [ 3C64042B95E583B366BA4E5D2450235E, B431F9692D66188AFEE372F312581178B14F49D763F8D1100D264623A239002A ] HidUsb C:\Windows\system32\drivers\hidusb.sys
19:40:35.0027 0x04a0 HidUsb - ok
19:40:35.0073 0x04a0 [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc C:\Windows\system32\kmsvc.dll
19:40:35.0089 0x04a0 hkmsvc - ok
19:40:35.0120 0x04a0 [ DF353B401001246853763C4B7AAA6F50, 05C043493BDD99DEFBB0F5C3D8C475B06C2BF5629565ACF6F3B754002519B836 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
19:40:35.0120 0x04a0 HpCISSs - ok
19:40:35.0183 0x04a0 [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:40:35.0214 0x04a0 HTTP - ok
19:40:35.0229 0x04a0 [ 324C2152FF2C61ABAE92D09F3CCA4D63, 2D09964C8003277F7DB1FFAA0DAEF15B205F3C4100FF601950BC9E544DC0B91F ] i2omp C:\Windows\system32\drivers\i2omp.sys
19:40:35.0245 0x04a0 i2omp - ok
19:40:35.0323 0x04a0 [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:40:35.0323 0x04a0 i8042prt - ok
19:40:35.0401 0x04a0 [ C957BF4B5D80B46C5017BF0101E6C906, 6B9186335E50E7E0DBAF574A224E524EC526B57AA02F509E4A8D0F905C9CE880 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
19:40:35.0417 0x04a0 iaStorV - ok
19:40:35.0557 0x04a0 [ DD386C45D2B5863740166783448A2E7A, 10B912BA70306644BE73A53AF4DCDFF63880C4C5860FF6DBA92B0914EB566718 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:40:35.0604 0x04a0 idsvc - ok
19:40:36.0181 0x04a0 [ 8266AE06DF974E5BA047B3E9E9E70B3F, 44E5A8EED802A1DDF3CCDB478A88A3AB3CF009F449FB11E0F94A28498342B4E2 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
19:40:36.0743 0x04a0 igfx - ok
19:40:36.0805 0x04a0 [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:40:36.0805 0x04a0 iirsp - ok
19:40:36.0899 0x04a0 [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT C:\Windows\System32\ikeext.dll
19:40:36.0930 0x04a0 IKEEXT - ok
19:40:36.0961 0x04a0 [ 97469037714070E45194ED318D636401, DDB5AE39BE0BD37ECB44969A5FA740E5B1169342347D0DB3E5DF0353A6708271 ] intelide C:\Windows\system32\drivers\intelide.sys
19:40:36.0977 0x04a0 intelide - ok
19:40:37.0039 0x04a0 [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:40:37.0055 0x04a0 intelppm - ok
19:40:37.0148 0x04a0 [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:40:37.0164 0x04a0 IPBusEnum - ok
19:40:37.0211 0x04a0 [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:40:37.0211 0x04a0 IpFilterDriver - ok
19:40:37.0257 0x04a0 [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:40:37.0273 0x04a0 iphlpsvc - ok
19:40:37.0289 0x04a0 IpInIp - ok
19:40:37.0320 0x04a0 [ 40F34F8ABA2A015D780E4B09138B6C17, 22F86888C6B4F76836E863A90730D8F0DBD518305D87A399A159387E79E9D2F7 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
19:40:37.0335 0x04a0 IPMIDRV - ok
19:40:37.0382 0x04a0 [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
19:40:37.0413 0x04a0 IPNAT - ok
19:40:37.0507 0x04a0 [ 35828479CCB4EE3CFD7523AF63443D5B, CA582DB092DC049597268B8245F2EEFF5DB807CBE2CFABEA04EA00DD5ED9A2B6 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:40:37.0538 0x04a0 iPod Service - ok
19:40:37.0601 0x04a0 [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:40:37.0601 0x04a0 IRENUM - ok
19:40:37.0632 0x04a0 [ 350FCA7E73CF65BCEF43FAE1E4E91293, 68403FE3F4DC40919CD26A2CC42BE4386AE6874F47DD382348FFD79080721A13 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:40:37.0647 0x04a0 isapnp - ok
19:40:37.0725 0x04a0 [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
19:40:37.0741 0x04a0 iScsiPrt - ok
19:40:37.0772 0x04a0 [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
19:40:37.0788 0x04a0 iteatapi - ok
19:40:37.0819 0x04a0 [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid C:\Windows\system32\drivers\iteraid.sys
19:40:37.0835 0x04a0 iteraid - ok
19:40:37.0881 0x04a0 [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:40:37.0881 0x04a0 kbdclass - ok
19:40:37.0913 0x04a0 [ D2600CB17B7408B4A83F231DC9A11AC3, C3025C2ED3541F58E8C1D792B0683949286BE583AB17B0C48F7362B4FA512BC0 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
19:40:37.0928 0x04a0 kbdhid - ok
19:40:37.0975 0x04a0 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso C:\Windows\system32\lsass.exe
19:40:37.0975 0x04a0 KeyIso - ok
19:40:38.0193 0x04a0 [ 775C6D5D60146D7DB08A01CB596D7EC6, 66D87041DD8E0CF8AFBC155AC709E9A647B765BBA56CDE07EA01468BDAD7C239 ] Kodak AiO Network Discovery Service C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
19:40:38.0209 0x04a0 Kodak AiO Network Discovery Service - ok
19:40:38.0287 0x04a0 [ 17AFF68AB32F8671BC46612D35351099, C782460B99EAAE84DDBEF5AEB628984984B4108A482F023CE62CE1D33A367FEB ] Kodak AiO Status Monitor Service C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
19:40:38.0334 0x04a0 Kodak AiO Status Monitor Service - ok
19:40:38.0412 0x04a0 [ E9648A2E6691B3BF0D17697640B8F7EB, 6832F086C3AD0BBB57A5D3B1B3DE8EAFB9F8E63906A70A77770B421670D61F8C ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:40:38.0427 0x04a0 KSecDD - ok
19:40:38.0521 0x04a0 [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm C:\Windows\system32\msdtckrm.dll
19:40:38.0537 0x04a0 KtmRm - ok
19:40:38.0583 0x04a0 [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer C:\Windows\system32\srvsvc.dll
19:40:38.0599 0x04a0 LanmanServer - ok
19:40:38.0708 0x04a0 [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:40:38.0724 0x04a0 LanmanWorkstation - ok
19:40:39.0332 0x04a0 [ 3CDB12C59F9D1FB256A14565F0762DAF, 3E1BBEC0F7B1938656743CF84BDF6B648D63A39A58F854EEDF287B63748D4BBD ] LeapFrog Connect Device Service C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
19:40:39.0831 0x04a0 LeapFrog Connect Device Service - ok
19:40:39.0909 0x04a0 [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:40:39.0909 0x04a0 lltdio - ok
19:40:39.0987 0x04a0 [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:40:40.0003 0x04a0 lltdsvc - ok
19:40:40.0050 0x04a0 [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:40:40.0050 0x04a0 lmhosts - ok
19:40:40.0097 0x04a0 [ A2262FB9F28935E862B4DB46438C80D2, 792684A68726BC007ACABB584682FDF4F059AE60888FB5B47ED68A97EA0BB5E6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:40:40.0112 0x04a0 LSI_FC - ok
19:40:40.0143 0x04a0 [ 30D73327D390F72A62F32C103DAF1D6D, 7BB5BFB0DCF33AF9907539B52DF7BA1943C1E75A17715B58DBC702ACA6D406EA ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:40:40.0159 0x04a0 LSI_SAS - ok
19:40:40.0175 0x04a0 [ E1E36FEFD45849A95F1AB81DE0159FE3, DA02B23A881D156A02D3874B41E6D042F84AD558B434280A6A6AC6B619668647 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:40:40.0190 0x04a0 LSI_SCSI - ok
19:40:40.0253 0x04a0 [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv C:\Windows\system32\drivers\luafv.sys
19:40:40.0253 0x04a0 luafv - ok
19:40:40.0299 0x04a0 [ B4CD87E78A01562E3DA67FE1C2779204, 536AC01C53A18E7B43F02F345FC3088C189A2D01F5E060714C0534FE7ECA2356 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
19:40:40.0299 0x04a0 MBAMProtector - ok
19:40:40.0455 0x04a0 [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
19:40:40.0533 0x04a0 MBAMService - ok
19:40:40.0596 0x04a0 [ EAFEB8DF3B5B2AD7848B4C367FDD6E05, 7444D9DB01D28100831CDE3208829784225A92C4CDF9ED594EA3DD8F5FEAEA98 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
19:40:40.0596 0x04a0 MBAMWebAccessControl - ok
19:40:40.0643 0x04a0 [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:40:40.0643 0x04a0 Mcx2Svc - ok
19:40:40.0689 0x04a0 [ D153B14FC6598EAE8422A2037553ADCE, D5408B07B6EBA0146A605F11106497DC3DF8EC72E0DCC44BE1366A2A58ABE478 ] megasas C:\Windows\system32\drivers\megasas.sys
19:40:40.0705 0x04a0 megasas - ok
19:40:40.0752 0x04a0 [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS C:\Windows\system32\mmcss.dll
19:40:40.0752 0x04a0 MMCSS - ok
19:40:40.0783 0x04a0 [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem C:\Windows\system32\drivers\modem.sys
19:40:40.0783 0x04a0 Modem - ok
19:40:40.0814 0x04a0 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:40:40.0830 0x04a0 monitor - ok
19:40:40.0845 0x04a0 [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:40:40.0845 0x04a0 mouclass - ok
19:40:40.0861 0x04a0 [ A3A6DFF7E9E757DB3DF51A833BC28885, 3285FD0176722B1098ECDA4098FCF55A39829C3A81462097BACB5B558883B027 ] mouhid C:\Windows\system32\drivers\mouhid.sys
19:40:40.0877 0x04a0 mouhid - ok
19:40:40.0923 0x04a0 [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
19:40:40.0923 0x04a0 MountMgr - ok
19:40:40.0986 0x04a0 [ 583A41F26278D9E0EA548163D6139397, 1F09D2FEEE1A8D4F1D9E53596158154099FD436A408F7E72E40F50778A3838A1 ] mpio C:\Windows\system32\drivers\mpio.sys
19:40:41.0001 0x04a0 mpio - ok
19:40:41.0033 0x04a0 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:40:41.0048 0x04a0 mpsdrv - ok
19:40:41.0111 0x04a0 [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:40:41.0142 0x04a0 MpsSvc - ok
19:40:41.0157 0x04a0 [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
19:40:41.0173 0x04a0 Mraid35x - ok
19:40:41.0235 0x04a0 [ B0584CA7DEF55929FDB5169BD28B2484, AF6A7E404FEB29F7F3428D0AF6682195E5E8ED106996A04E6947DBD575696546 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:40:41.0235 0x04a0 MRxDAV - ok
19:40:41.0298 0x04a0 [ 1B864548B2ACEC1C0BB29B615CC42978, E1DA3E6764A2C7072D99F2F093E5F40DB6DC809701B59C155C6B4EE327AB9E41 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:40:41.0298 0x04a0 mrxsmb - ok
19:40:41.0376 0x04a0 [ 3F39B02EEDC5B8A0ED896EA1CDF7245F, 41C1DCD82F964A398B7C3D44178DBF7C8AF1C2DBC5F2D944BE6B00E909FE083B ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:40:41.0391 0x04a0 mrxsmb10 - ok
19:40:41.0423 0x04a0 [ D0670EC8E5AD3FA5BE372BF70AC0EABF, BD2D1BA151FD5409EAA41ECCBEB863FE52FF7C2D92349961FEE736D66970748E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:40:41.0438 0x04a0 mrxsmb20 - ok
19:40:41.0501 0x04a0 [ 5457DCFA7C0DA43522F4D9D4049C1472, C8B0FD8F96E4FC5CB4B74D5968E808F44B4371F0A797B1D368E6A6080CB862FD ] msahci C:\Windows\system32\drivers\msahci.sys
19:40:41.0516 0x04a0 msahci - ok
19:40:41.0547 0x04a0 [ 3FC82A2AE4CC149165A94699183D3028, 8575BE62A209672A5D8C68D75BBBB4FF06220CA73A939B0793442DAD2272598C ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:40:41.0547 0x04a0 msdsm - ok
19:40:41.0610 0x04a0 [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC C:\Windows\System32\msdtc.exe
19:40:41.0625 0x04a0 MSDTC - ok
19:40:41.0672 0x04a0 [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:40:41.0688 0x04a0 Msfs - ok
19:40:41.0750 0x04a0 [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:40:41.0750 0x04a0 msisadrv - ok
19:40:41.0797 0x04a0 [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:40:41.0813 0x04a0 MSiSCSI - ok
19:40:41.0813 0x04a0 msiserver - ok
19:40:41.0937 0x04a0 [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:40:41.0969 0x04a0 MSKSSRV - ok
19:40:42.0000 0x04a0 [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:40:42.0000 0x04a0 MSPCLOCK - ok
19:40:42.0047 0x04a0 [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:40:42.0047 0x04a0 MSPQM - ok
19:40:42.0078 0x04a0 [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:40:42.0093 0x04a0 MsRPC - ok
19:40:42.0125 0x04a0 [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:40:42.0140 0x04a0 mssmbios - ok
19:40:42.0156 0x04a0 [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:40:42.0156 0x04a0 MSTEE - ok
19:40:42.0171 0x04a0 [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup C:\Windows\system32\Drivers\mup.sys
19:40:42.0187 0x04a0 Mup - ok
19:40:42.0234 0x04a0 [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent C:\Windows\system32\qagentRT.dll
19:40:42.0249 0x04a0 napagent - ok
19:40:42.0359 0x04a0 [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:40:42.0374 0x04a0 NativeWifiP - ok
19:40:42.0468 0x04a0 [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:40:42.0515 0x04a0 NDIS - ok
19:40:42.0546 0x04a0 [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:40:42.0561 0x04a0 NdisTapi - ok
19:40:42.0593 0x04a0 [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:40:42.0593 0x04a0 Ndisuio - ok
19:40:42.0639 0x04a0 [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:40:42.0655 0x04a0 NdisWan - ok
19:40:42.0686 0x04a0 [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:40:42.0702 0x04a0 NDProxy - ok
19:40:42.0717 0x04a0 [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:40:42.0749 0x04a0 NetBIOS - ok
19:40:42.0811 0x04a0 [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt C:\Windows\system32\DRIVERS\netbt.sys
19:40:42.0827 0x04a0 netbt - ok
19:40:42.0842 0x04a0 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon C:\Windows\system32\lsass.exe
19:40:42.0858 0x04a0 Netlogon - ok
19:40:42.0905 0x04a0 [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman C:\Windows\System32\netman.dll
19:40:42.0936 0x04a0 Netman - ok
19:40:42.0983 0x04a0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:40:42.0998 0x04a0 NetMsmqActivator - ok
19:40:43.0014 0x04a0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:40:43.0014 0x04a0 NetPipeActivator - ok
19:40:43.0076 0x04a0 [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm C:\Windows\System32\netprofm.dll
19:40:43.0092 0x04a0 netprofm - ok
19:40:43.0139 0x04a0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:40:43.0139 0x04a0 NetTcpActivator - ok
19:40:43.0154 0x04a0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:40:43.0170 0x04a0 NetTcpPortSharing - ok
19:40:43.0217 0x04a0 [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:40:43.0217 0x04a0 nfrd960 - ok
19:40:43.0248 0x04a0 [ C96411DD46AABC0D6F3CF06D0E0E7E14, 0D36F322AF1B923D96735BFFCAC3FDB0B282E59220BADAB8B49AC178A6765380 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:40:43.0263 0x04a0 NlaSvc - ok
19:40:43.0295 0x04a0 [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:40:43.0310 0x04a0 Npfs - ok
19:40:43.0341 0x04a0 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi C:\Windows\system32\nsisvc.dll
19:40:43.0341 0x04a0 nsi - ok
19:40:43.0373 0x04a0 [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:40:43.0373 0x04a0 nsiproxy - ok
19:40:43.0497 0x04a0 [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:40:43.0560 0x04a0 Ntfs - ok
19:40:43.0622 0x04a0 [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
19:40:43.0622 0x04a0 ntrigdigi - ok
19:40:43.0653 0x04a0 [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null C:\Windows\system32\drivers\Null.sys
19:40:43.0669 0x04a0 Null - ok
19:40:43.0685 0x04a0 [ E69E946F80C1C31C53003BFBF50CBB7C, A0A4BC57822B2CBC75602A969E28DCEDE04B41CC084E1EF1532B1BCDAEAA43BB ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:40:43.0700 0x04a0 nvraid - ok
19:40:43.0731 0x04a0 [ 9E0BA19A28C498A6D323D065DB76DFFC, EA9E33ED2820ED39932FAE114A9CF1D87780ED6605D0260A6F22F920B48F34E9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:40:43.0747 0x04a0 nvstor - ok
19:40:43.0763 0x04a0 [ 07C186427EB8FCC3D8D7927187F260F7, 9AFDE1CB7B7232BD019804BFC691580B9CC2E51A5BC0E5584B23907D532600D8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:40:43.0778 0x04a0 nv_agp - ok
19:40:43.0778 0x04a0 NwlnkFlt - ok
19:40:43.0794 0x04a0 NwlnkFwd - ok
19:40:43.0981 0x04a0 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:40:44.0012 0x04a0 odserv - ok
19:40:44.0121 0x04a0 [ BE32DA025A0BE1878F0EE8D6D9386CD5, B9D6CB4626FC67D108D713467C9ED8D0E2A071D98621B5531AD9D0C172FE7B89 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:40:44.0137 0x04a0 ohci1394 - ok
19:40:44.0199 0x04a0 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:40:44.0199 0x04a0 ose - ok
19:40:44.0277 0x04a0 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc C:\Windows\system32\p2psvc.dll
19:40:44.0324 0x04a0 p2pimsvc - ok
19:40:44.0371 0x04a0 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc C:\Windows\system32\p2psvc.dll
19:40:44.0402 0x04a0 p2psvc - ok
19:40:44.0449 0x04a0 [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport C:\Windows\system32\drivers\parport.sys
19:40:44.0465 0x04a0 Parport - ok
19:40:44.0527 0x04a0 [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:40:44.0527 0x04a0 partmgr - ok
19:40:44.0558 0x04a0 [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
19:40:44.0574 0x04a0 Parvdm - ok
19:40:44.0605 0x04a0 [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc C:\Windows\System32\pcasvc.dll
19:40:44.0621 0x04a0 PcaSvc - ok
19:40:44.0652 0x04a0 [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci C:\Windows\system32\drivers\pci.sys
19:40:44.0667 0x04a0 pci - ok
19:40:44.0699 0x04a0 [ 3B1901E401473E03EB8C874271E50C26, 3C7931F419E29FDD0155D8D05D97289430A2852FCB3DBAD1B338FE2241458E72 ] pciide C:\Windows\system32\drivers\pciide.sys
19:40:44.0699 0x04a0 pciide - ok
19:40:44.0730 0x04a0 [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:40:44.0745 0x04a0 pcmcia - ok
19:40:44.0855 0x04a0 [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:40:44.0948 0x04a0 PEAUTH - ok
19:40:45.0089 0x04a0 [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla C:\Windows\system32\pla.dll
19:40:45.0198 0x04a0 pla - ok
19:40:45.0245 0x04a0 [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:40:45.0276 0x04a0 PlugPlay - ok
19:40:45.0323 0x04a0 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
19:40:45.0369 0x04a0 PNRPAutoReg - ok
19:40:45.0401 0x04a0 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc C:\Windows\system32\p2psvc.dll
19:40:45.0447 0x04a0 PNRPsvc - ok
19:40:45.0494 0x04a0 [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:40:45.0525 0x04a0 PolicyAgent - ok
19:40:45.0557 0x04a0 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:40:45.0572 0x04a0 PptpMiniport - ok
19:40:45.0635 0x04a0 [ 0E3CEF5D28B40CF273281D620C50700A, 8ADA99B4563AE2129B95136295EE92A94102B035EBBC83D4C8587ECE8B0DEE60 ] Processor C:\Windows\system32\drivers\processr.sys
19:40:45.0635 0x04a0 Processor - ok
19:40:45.0697 0x04a0 [ 0D5DAD610D7EA1627581ED06FB2BAA9A, 6E27CF3A1624AE10EECB8B5F38E03D76A6AABE4E75DD66DEDD67E0773935A396 ] ProfSvc C:\Windows\system32\profsvc.dll
19:40:45.0713 0x04a0 ProfSvc - ok
19:40:45.0728 0x04a0 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
19:40:45.0728 0x04a0 ProtectedStorage - ok
19:40:45.0775 0x04a0 [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
19:40:45.0806 0x04a0 PSched - ok
19:40:45.0915 0x04a0 [ CCDAC889326317792480C0A67156A1EC, 3D3B561B6D4E12DE442C98993C929765F002AF5CFB5A00EFACE6ABE957F7E8AF ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:40:45.0978 0x04a0 ql2300 - ok
19:40:46.0009 0x04a0 [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:40:46.0040 0x04a0 ql40xx - ok
19:40:46.0103 0x04a0 [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE C:\Windows\system32\qwave.dll
19:40:46.0118 0x04a0 QWAVE - ok
19:40:46.0165 0x04a0 [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:40:46.0165 0x04a0 QWAVEdrv - ok
19:40:46.0415 0x04a0 [ 862A386A6FB4F420FF422B141F8069B4, E47A317FDDC677DC2A14F4EB23EA40FEFD8AE9FDF29FC0DD9D1AE350CD0D606E ] RapportCerberus_1412112 C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_1412112.sys
19:40:46.0446 0x04a0 RapportCerberus_1412112 - ok
19:40:46.0493 0x04a0 [ 1C6AC349FC3BC3D43C32B391E248EB1F, B7BF731858B1C54ACC5DA2F3807D3733D112368E58CF18DB3BA5DA1C1B2B54B9 ] RapportEI C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys
19:40:46.0508 0x04a0 RapportEI - ok
19:40:46.0602 0x04a0 [ 0AFE346F9A472E31AC5CEA816C6051B2, 27178D115A4F81084858F2738C3EF595519D51F68AB0D41A51FE7AFD38CAFF62 ] RapportHades C:\Windows\system32\Drivers\RapportHades.sys
19:40:46.0617 0x04a0 RapportHades - ok
19:40:46.0664 0x04a0 [ 44E4D168E17DDD51534B1B772A2F2900, 48F950A1ADC7EF8DD966CB56EDA00AE5FA21DAE86AE4618FDD444A042DC706F1 ] RapportKELL C:\Windows\system32\Drivers\RapportKELL.sys
19:40:46.0695 0x04a0 RapportKELL - ok
19:40:46.0867 0x04a0 [ C6B6270CD764CD00A2E6BF04FA9F63CF, 72C5E0FDB9A810F52153E025FDC916D8F1368C07E2F18A87640AEBD6CAD7B003 ] RapportMgmtService C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
19:40:46.0992 0x04a0 RapportMgmtService - ok
19:40:47.0039 0x04a0 [ F10BFFCF095CF0ADEF67EAF95E4B4C32, CF52EE7F78317DB5D74CC652295DA82128E9BE095FA27E5C930B82EAE162E070 ] RapportPG C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys
19:40:47.0070 0x04a0 RapportPG - ok
19:40:47.0101 0x04a0 [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:40:47.0117 0x04a0 RasAcd - ok
19:40:47.0148 0x04a0 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto C:\Windows\System32\rasauto.dll
19:40:47.0148 0x04a0 RasAuto - ok
19:40:47.0210 0x04a0 [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:40:47.0226 0x04a0 Rasl2tp - ok
19:40:47.0273 0x04a0 [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan C:\Windows\System32\rasmans.dll
19:40:47.0288 0x04a0 RasMan - ok
19:40:47.0319 0x04a0 [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:40:47.0319 0x04a0 RasPppoe - ok
19:40:47.0351 0x04a0 [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:40:47.0366 0x04a0 RasSstp - ok
19:40:47.0397 0x04a0 [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:40:47.0429 0x04a0 rdbss - ok
19:40:47.0444 0x04a0 [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:40:47.0444 0x04a0 RDPCDD - ok
19:40:47.0507 0x04a0 [ E8BD98D46F2ED77132BA927FCCB47D8B, 5187CF8F00AD67EDDF27DF675F3210C0D72E552578A89C58DF6953B1D5BEBCB8 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
19:40:47.0522 0x04a0 rdpdr - ok
19:40:47.0553 0x04a0 [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:40:47.0569 0x04a0 RDPENCDD - ok
19:40:47.0616 0x04a0 [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:40:47.0709 0x04a0 RDPWD - ok
19:40:47.0803 0x04a0 [ 89525CC2DBAD44F7199B9CC188B3F9C5, 09708EFA65BC1CCF92E6F2E143FCF88C645B1633AFE0DED833CDF945CB077D8C ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
19:40:47.0803 0x04a0 RealNetworks Downloader Resolver Service - ok
19:40:47.0897 0x04a0 [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess C:\Windows\System32\mprdim.dll
19:40:47.0912 0x04a0 RemoteAccess - ok
19:40:47.0943 0x04a0 [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:40:47.0959 0x04a0 RemoteRegistry - ok
19:40:47.0990 0x04a0 [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator C:\Windows\system32\locator.exe
19:40:48.0006 0x04a0 RpcLocator - ok
19:40:48.0068 0x04a0 [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs C:\Windows\system32\rpcss.dll
19:40:48.0099 0x04a0 RpcSs - ok
19:40:48.0131 0x04a0 [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:40:48.0146 0x04a0 rspndr - ok
19:40:48.0255 0x04a0 [ 2D19A7469EA19993D0C12E627F4530BC, B59F0D4ACAA60ED95093FA561D4C5D87F26C9F6C646858772743038D97B2D6AB ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
19:40:48.0271 0x04a0 RTL8169 - ok
19:40:48.0365 0x04a0 [ 7FE5089EB5F624899DE08C30DB4377FC, 3CCFDA09D8E356A1064DAB158D7B0106822C8DD4CEDAB677343415D9EC5B5F6C ] RTL8187B C:\Windows\system32\DRIVERS\RTL8187B.sys
19:40:48.0396 0x04a0 RTL8187B - ok
19:40:48.0411 0x04a0 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs C:\Windows\system32\lsass.exe
19:40:48.0411 0x04a0 SamSs - ok
19:40:48.0521 0x04a0 SASKUTIL - ok
19:40:48.0552 0x04a0 [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:40:48.0567 0x04a0 sbp2port - ok
19:40:48.0614 0x04a0 [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:40:48.0630 0x04a0 SCardSvr - ok
19:40:48.0708 0x04a0 [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule C:\Windows\system32\schedsvc.dll
19:40:48.0770 0x04a0 Schedule - ok
19:40:48.0801 0x04a0 [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc C:\Windows\System32\certprop.dll
19:40:48.0801 0x04a0 SCPolicySvc - ok
19:40:48.0848 0x04a0 [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:40:48.0848 0x04a0 SDRSVC - ok
19:40:48.0895 0x04a0 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:40:48.0895 0x04a0 secdrv - ok
19:40:48.0942 0x04a0 [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon C:\Windows\system32\seclogon.dll
19:40:48.0973 0x04a0 seclogon - ok
19:40:48.0989 0x04a0 [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS C:\Windows\System32\sens.dll
19:40:49.0004 0x04a0 SENS - ok
19:40:49.0035 0x04a0 [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum C:\Windows\system32\drivers\serenum.sys
19:40:49.0035 0x04a0 Serenum - ok
19:40:49.0051 0x04a0 [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial C:\Windows\system32\drivers\serial.sys
19:40:49.0067 0x04a0 Serial - ok
19:40:49.0098 0x04a0 [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:40:49.0098 0x04a0 sermouse - ok
19:40:49.0145 0x04a0 [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv C:\Windows\system32\sessenv.dll
19:40:49.0160 0x04a0 SessionEnv - ok
19:40:49.0191 0x04a0 [ 103B79418DA647736EE95645F305F68A, E4D356FD8C62B616D3584FE84905995A1CEE452288E3A456CC358FF41FEAB1B7 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:40:49.0191 0x04a0 sffdisk - ok
19:40:49.0223 0x04a0 [ 8FD08A310645FE872EEEC6E08C6BF3EE, 702A148C9DE172E7B5E331F057487255E0729FD42F949BB0FF2D5A01775933CF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:40:49.0223 0x04a0 sffp_mmc - ok
19:40:49.0254 0x04a0 [ 9CFA05FCFCB7124E69CFC812B72F9614, E9CFCE695E4D1AF146781CFAA295878536E573F06AEA65438878DE29EC9959AD ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:40:49.0254 0x04a0 sffp_sd - ok
19:40:49.0285 0x04a0 [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:40:49.0285 0x04a0 sfloppy - ok
19:40:49.0332 0x04a0 [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:40:49.0363 0x04a0 SharedAccess - ok
19:40:49.0410 0x04a0 [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:40:49.0425 0x04a0 ShellHWDetection - ok
19:40:49.0457 0x04a0 [ D2A595D6EEBEEAF4334F8E50EFBC9931, 851B8205C657BF806C4D815DC75356E99B4246016B6E1C1F51BAF8AD1E6D5299 ] sisagp C:\Windows\system32\drivers\sisagp.sys
19:40:49.0457 0x04a0 sisagp - ok
19:40:49.0488 0x04a0 [ CEDD6F4E7D84E9F98B34B3FE988373AA, E102977E6FAC30B5ABEEC0B412A9F2A10C5C42F4D9C3AD69296BF9E1E88B6141 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
19:40:49.0488 0x04a0 SiSRaid2 - ok
19:40:49.0519 0x04a0 [ DF843C528C4F69D12CE41CE462E973A7, A2BEC74FCB8D8B6B9D8DD4746C013DFDF1DD662AEFE9B88CA495E5B83B4A76F9 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:40:49.0519 0x04a0 SiSRaid4 - ok
19:40:49.0847 0x04a0 [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc C:\Windows\system32\SLsvc.exe
19:40:50.0034 0x04a0 slsvc - ok
19:40:50.0143 0x04a0 [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify C:\Windows\system32\SLUINotify.dll
19:40:50.0159 0x04a0 SLUINotify - ok
19:40:50.0205 0x04a0 [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:40:50.0221 0x04a0 Smb - ok
19:40:50.0268 0x04a0 [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:40:50.0283 0x04a0 SNMPTRAP - ok
19:40:50.0315 0x04a0 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr C:\Windows\system32\drivers\spldr.sys
19:40:50.0315 0x04a0 spldr - ok
19:40:50.0361 0x04a0 [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler C:\Windows\System32\spoolsv.exe
19:40:50.0377 0x04a0 Spooler - ok
19:40:50.0424 0x04a0 [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv C:\Windows\system32\DRIVERS\srv.sys
19:40:50.0439 0x04a0 srv - ok
19:40:50.0502 0x04a0 [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:40:50.0517 0x04a0 srv2 - ok
19:40:50.0549 0x04a0 [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:40:50.0549 0x04a0 srvnet - ok
19:40:50.0580 0x04a0 [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:40:50.0595 0x04a0 SSDPSRV - ok
19:40:50.0705 0x04a0 [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:40:50.0720 0x04a0 SstpSvc - ok
19:40:50.0814 0x04a0 [ EF70B3D22B4BFFDA6EA851ECB063EFAA, 1666572F8F988805C3A2E949FA6B060B35B72DBB115B86F4CFC710FB6A86C3E3 ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
19:40:50.0814 0x04a0 StillCam - ok
19:40:50.0939 0x04a0 [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc C:\Windows\System32\wiaservc.dll
19:40:50.0985 0x04a0 stisvc - ok
19:40:51.0032 0x04a0 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:40:51.0032 0x04a0 swenum - ok
19:40:51.0079 0x04a0 [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv C:\Windows\System32\swprv.dll
19:40:51.0110 0x04a0 swprv - ok
19:40:51.0157 0x04a0 [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
19:40:51.0157 0x04a0 Symc8xx - ok
19:40:51.0173 0x04a0 [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
19:40:51.0188 0x04a0 Sym_hi - ok
19:40:51.0204 0x04a0 [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
19:40:51.0204 0x04a0 Sym_u3 - ok
19:40:51.0297 0x04a0 [ 70534D1E4F9AC990536D5FB5B550B3DE, BD7F52FAD8FDF7F5FE37B6E6101D1386816F371894DD46D799FF4107F98134A1 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
19:40:51.0313 0x04a0 SynTP - ok
19:40:51.0375 0x04a0 [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain C:\Windows\system32\sysmain.dll
19:40:51.0422 0x04a0 SysMain - ok
19:40:51.0485 0x04a0 [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:40:51.0500 0x04a0 TabletInputService - ok
19:40:51.0547 0x04a0 [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:40:51.0563 0x04a0 TapiSrv - ok
19:40:51.0609 0x04a0 [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS C:\Windows\System32\tbssvc.dll
19:40:51.0609 0x04a0 TBS - ok
19:40:51.0703 0x04a0 [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:40:51.0765 0x04a0 Tcpip - ok
19:40:51.0843 0x04a0 [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
19:40:51.0875 0x04a0 Tcpip6 - ok
19:40:51.0937 0x04a0 [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:40:51.0937 0x04a0 tcpipreg - ok
19:40:51.0984 0x04a0 [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:40:52.0015 0x04a0 TDPIPE - ok
19:40:52.0046 0x04a0 [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:40:52.0046 0x04a0 TDTCP - ok
19:40:52.0077 0x04a0 [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:40:52.0093 0x04a0 tdx - ok
19:40:52.0109 0x04a0 [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:40:52.0109 0x04a0 TermDD - ok
19:40:52.0171 0x04a0 [ DBD84E59D631569EC3E756EF144E8431, 9E58629EC762584A2D294A619593620626F7CBE467045AD0F920B6CF1D4B4724 ] TermService C:\Windows\System32\termsrv.dll
19:40:52.0202 0x04a0 TermService - ok
19:40:52.0249 0x04a0 [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes C:\Windows\system32\shsvcs.dll
19:40:52.0265 0x04a0 Themes - ok
19:40:52.0280 0x04a0 [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER C:\Windows\system32\mmcss.dll
19:40:52.0296 0x04a0 THREADORDER - ok
19:40:52.0327 0x04a0 [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks C:\Windows\System32\trkwks.dll
19:40:52.0343 0x04a0 TrkWks - ok
19:40:52.0389 0x04a0 [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:40:52.0389 0x04a0 TrustedInstaller - ok
19:40:52.0436 0x04a0 [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:40:52.0436 0x04a0 tssecsrv - ok
19:40:52.0483 0x04a0 [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
19:40:52.0499 0x04a0 tunmp - ok
19:40:52.0530 0x04a0 [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:40:52.0545 0x04a0 tunnel - ok
19:40:52.0577 0x04a0 [ 792A8B80F8188ABA4B2BE271583F3E46, BFE96D13926F3CB7D807CEBB5E190736B742EB5C93F7FED08AA5D145F4B6A874 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS
19:40:52.0592 0x04a0 TVALZ - ok
19:40:52.0623 0x04a0 [ C3ADE15414120033A36C0F293D4A4121, 74A002C4B5EBD94E33EDEACB6639AF44ED72A8DDE3083C6DE71C1EE937EF1A9C ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:40:52.0639 0x04a0 uagp35 - ok
19:40:52.0670 0x04a0 [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:40:52.0686 0x04a0 udfs - ok
19:40:52.0717 0x04a0 [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:40:52.0733 0x04a0 UI0Detect - ok
19:40:52.0748 0x04a0 [ 75E6890EBFCE0841D3291B02E7A8BDB0, FDF9CDCCCCC0AA2A52623C5A67AC5F5224557EE4C8F6487CB13CAEB012575E2A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:40:52.0779 0x04a0 uliagpkx - ok
19:40:52.0811 0x04a0 [ 3CD4EA35A6221B85DCC25DAA46313F8D, 100A7E12B8EA395F70A00874328E87B930CE88FF442F3576FE88B105A22E04C5 ] uliahci C:\Windows\system32\drivers\uliahci.sys
19:40:52.0826 0x04a0 uliahci - ok
19:40:52.0857 0x04a0 [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata C:\Windows\system32\drivers\ulsata.sys
19:40:52.0857 0x04a0 UlSata - ok
19:40:52.0889 0x04a0 [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
19:40:52.0889 0x04a0 ulsata2 - ok
19:40:52.0920 0x04a0 [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:40:52.0935 0x04a0 umbus - ok
19:40:52.0982 0x04a0 [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost C:\Windows\System32\upnphost.dll
19:40:52.0998 0x04a0 upnphost - ok
19:40:53.0060 0x04a0 [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
19:40:53.0060 0x04a0 USBAAPL - ok
19:40:53.0107 0x04a0 [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:40:53.0123 0x04a0 usbccgp - ok
19:40:53.0154 0x04a0 [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:40:53.0169 0x04a0 usbcir - ok
19:40:53.0263 0x04a0 [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:40:53.0279 0x04a0 usbehci - ok
19:40:53.0341 0x04a0 [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:40:53.0341 0x04a0 usbhub - ok
19:40:53.0372 0x04a0 [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:40:53.0372 0x04a0 usbohci - ok
19:40:53.0419 0x04a0 [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:40:53.0419 0x04a0 usbprint - ok
19:40:53.0481 0x04a0 [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:40:53.0497 0x04a0 usbscan - ok
19:40:53.0528 0x04a0 [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:40:53.0544 0x04a0 USBSTOR - ok
19:40:53.0591 0x04a0 [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:40:53.0591 0x04a0 usbuhci - ok
19:40:53.0669 0x04a0 [ 73FF24E21B690625A58109637DDA0DF7, 62B1F9CD82678E2110D4BB5CC86EE8A7AB0757681443916620B6AAA1EF0DECEB ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
19:40:53.0684 0x04a0 usbvideo - ok
19:40:53.0731 0x04a0 [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms C:\Windows\System32\uxsms.dll
19:40:53.0747 0x04a0 UxSms - ok
19:40:53.0809 0x04a0 [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds C:\Windows\System32\vds.exe
19:40:53.0840 0x04a0 vds - ok
19:40:53.0871 0x04a0 [ 7D92BE0028ECDEDEC74617009084B5EF, D0749CE6FA3415BA4364299F8D6D53F133E8D2F44C6F1057996243415A540A53 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:40:53.0887 0x04a0 vga - ok
19:40:53.0934 0x04a0 [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave C:\Windows\System32\drivers\vga.sys
19:40:53.0949 0x04a0 VgaSave - ok
19:40:53.0981 0x04a0 [ 045D9961E591CF0674A920B6BA3BA5CB, EBF498A0424CEA0F7ECBAAE144A8669CE6B5DD67115DE22CEC5A46AED26CD90B ] viaagp C:\Windows\system32\drivers\viaagp.sys
19:40:53.0996 0x04a0 viaagp - ok
19:40:54.0027 0x04a0 [ 56A4DE5F02F2E88182B0981119B4DD98, 36FC94BCFD41907838DBCB02E6EA24065FDED4224239CD19E90D14433BE9108B ] ViaC7 C:\Windows\system32\drivers\viac7.sys
19:40:54.0027 0x04a0 ViaC7 - ok
19:40:54.0043 0x04a0 [ FD2E3175FCADA350C7AB4521DCA187EC, 1C914B184478611A27E0141F90EBC34FC63DFB2A83441DD36DFA43D945FB1C52 ] viaide C:\Windows\system32\drivers\viaide.sys
19:40:54.0059 0x04a0 viaide - ok
19:40:54.0074 0x04a0 [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:40:54.0090 0x04a0 volmgr - ok
19:40:54.0121 0x04a0 [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:40:54.0152 0x04a0 volmgrx - ok
19:40:54.0199 0x04a0 [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:40:54.0215 0x04a0 volsnap - ok
19:40:54.0246 0x04a0 [ D984439746D42B30FC65A4C3546C6829, B134A9890638C2B4964A9C30812A2828A3E0CC641690CBF22D9FCE65EE3C2385 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:40:54.0246 0x04a0 vsmraid - ok
19:40:54.0355 0x04a0 [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS C:\Windows\system32\vssvc.exe
19:40:54.0417 0x04a0 VSS - ok
19:40:54.0464 0x04a0 [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time C:\Windows\system32\w32time.dll
19:40:54.0480 0x04a0 W32Time - ok
19:40:54.0573 0x04a0 [ 9CA92191C8F18E8B491A5B28E63C07B7, 860064EA49ADB0ED6D88C405C60791F09A5F57E3A4701908F6843E8AF481E594 ] W3SVC C:\Windows\system32\inetsrv\iisw3adm.dll
19:40:54.0589 0x04a0 W3SVC - ok
19:40:54.0620 0x04a0 [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:40:54.0620 0x04a0 WacomPen - ok
19:40:54.0651 0x04a0 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
19:40:54.0667 0x04a0 Wanarp - ok
19:40:54.0683 0x04a0 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:40:54.0683 0x04a0 Wanarpv6 - ok
19:40:54.0745 0x04a0 [ 9CA92191C8F18E8B491A5B28E63C07B7, 860064EA49ADB0ED6D88C405C60791F09A5F57E3A4701908F6843E8AF481E594 ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll
19:40:54.0761 0x04a0 WAS - ok
19:40:54.0823 0x04a0 [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:40:54.0854 0x04a0 wcncsvc - ok
19:40:54.0917 0x04a0 [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:40:54.0932 0x04a0 WcsPlugInService - ok
19:40:54.0963 0x04a0 [ AFC5AD65B991C1E205CF25CFDBF7A6F4, 544173AE85A11B99B9221DB30B6803DAEB3EB7FCA57FE62F0D13EF70B9C69A89 ] Wd C:\Windows\system32\drivers\wd.sys
19:40:54.0963 0x04a0 Wd - ok
19:40:55.0041 0x04a0 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:40:55.0073 0x04a0 Wdf01000 - ok
19:40:55.0135 0x04a0 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:40:55.0151 0x04a0 WdiServiceHost - ok
19:40:55.0151 0x04a0 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:40:55.0166 0x04a0 WdiSystemHost - ok
19:40:55.0213 0x04a0 [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient C:\Windows\System32\webclnt.dll
19:40:55.0229 0x04a0 WebClient - ok
19:40:55.0291 0x04a0 [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:40:55.0307 0x04a0 Wecsvc - ok
19:40:55.0369 0x04a0 [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:40:55.0369 0x04a0 wercplsupport - ok
19:40:55.0431 0x04a0 [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc C:\Windows\System32\WerSvc.dll
19:40:55.0447 0x04a0 WerSvc - ok
19:40:55.0587 0x04a0 [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
19:40:55.0603 0x04a0 WinDefend - ok
19:40:55.0634 0x04a0 WinHttpAutoProxySvc - ok
19:40:55.0697 0x04a0 [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:40:55.0712 0x04a0 Winmgmt - ok
19:40:55.0853 0x04a0 [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM C:\Windows\system32\WsmSvc.dll
19:40:55.0915 0x04a0 WinRM - ok
19:40:56.0009 0x04a0 [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:40:56.0040 0x04a0 Wlansvc - ok
19:40:56.0102 0x04a0 [ 6067ACEF367E79914AF628FA1E9B5330, 491A705267B48C103E00B26BBD21FA8829DB03A88343CBC27264CEE5DE8C8DEF ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:40:56.0102 0x04a0 wlcrasvc - ok
19:40:56.0258 0x04a0 [ 0A70F4022EC2E14C159EFC4F69AA2477, FF248136576F9803762C54DE5439D3411B52DCBC95B93176A5DAB857967D9AC4 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:40:56.0367 0x04a0 wlidsvc - ok
19:40:56.0430 0x04a0 [ 701A9F884A294327E9141D73746EE279, C8A46B8C32F9EAC7848D385473F6B5C4B6DA719A941A75AD5F081757FC07A09D ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:40:56.0430 0x04a0 WmiAcpi - ok
19:40:56.0508 0x04a0 [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:40:56.0523 0x04a0 wmiApSrv - ok
19:40:56.0679 0x04a0 [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
19:40:56.0726 0x04a0 WMPNetworkSvc - ok
19:40:56.0789 0x04a0 [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:40:56.0804 0x04a0 WPCSvc - ok
19:40:56.0851 0x04a0 [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:40:56.0867 0x04a0 WPDBusEnum - ok
19:40:56.0898 0x04a0 [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
19:40:56.0913 0x04a0 WpdUsb - ok
19:40:57.0085 0x04a0 [ C108DC20ACE05072350DBB6934E277FB, 548E6ABE4C4ADE48260FFDC7BADFD1697972EA3AE94D6576498C8A183D8CE0C8 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:40:57.0147 0x04a0 WPFFontCache_v0400 - ok
19:40:57.0210 0x04a0 [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:40:57.0210 0x04a0 ws2ifsl - ok
19:40:57.0272 0x04a0 [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc C:\Windows\System32\wscsvc.dll
19:40:57.0272 0x04a0 wscsvc - ok
19:40:57.0288 0x04a0 WSearch - ok
19:40:57.0491 0x04a0 [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv C:\Windows\system32\wuaueng.dll
19:40:57.0615 0x04a0 wuauserv - ok
19:40:57.0662 0x04a0 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:40:57.0678 0x04a0 WudfPf - ok
19:40:57.0725 0x04a0 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:40:57.0740 0x04a0 WUDFRd - ok
19:40:57.0771 0x04a0 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:40:57.0787 0x04a0 wudfsvc - ok
19:40:57.0818 0x04a0 ================ Scan global ===============================
19:40:57.0849 0x04a0 [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
19:40:57.0912 0x04a0 [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
19:40:57.0974 0x04a0 [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
19:40:58.0037 0x04a0 [ 4F0A7910FC7D8A66433FA9961EEF8BB5, 2086EDEE8CF9CC9BDBDC03018F7C28BB56172F941CB4D6F3D857BCF82B32FB6B ] C:\Windows\system32\services.exe
19:40:58.0068 0x04a0 [ Global ] - ok
walshie
Regular Member
 
Posts: 61
Joined: December 17th, 2005, 1:06 pm

Re: Really poor performace!

Unread postby walshie » July 18th, 2015, 3:30 pm

TDSS Killer file (Part 2)

19:40:58.0068 0x04a0 ================ Scan MBR ==================================
19:40:58.0083 0x04a0 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
19:40:58.0863 0x04a0 \Device\Harddisk0\DR0 - ok
19:40:58.0863 0x04a0 ================ Scan VBR ==================================
19:40:58.0879 0x04a0 [ C2F480945DFC237F26F1C5A8C90BF183 ] \Device\Harddisk0\DR0\Partition1
19:40:58.0926 0x04a0 \Device\Harddisk0\DR0\Partition1 - ok
19:40:58.0926 0x04a0 ================ Scan generic autorun ======================
19:40:59.0097 0x04a0 [ 6E240D6C2F0DB74BED13AD723D3AB0A1, 99811F1EF27E0B6DDCF79DD07F49931FD55788407AB48C019C1E1B7592919614 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
19:40:59.0191 0x04a0 SynTPEnh - ok
19:40:59.0363 0x04a0 [ 714C602C1B8CEF17E25C753F1BACF78D, E0B0DC548CA9DA7F3D0EEE9EDACC9058D5C845E8B03B841434EB1E03683A9B73 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
19:40:59.0378 0x04a0 AppleSyncNotifier - ok
19:40:59.0659 0x04a0 [ 6E70704C2568ED01CDDF6291F5043763, F07ECD25C2009286AB8356DCD71169A226C40D61B9FA128102CB9C5D9D64E898 ] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
19:40:59.0799 0x04a0 CanonMyPrinter - ok
19:40:59.0877 0x04a0 [ C9DD39EE21F7AA5851804507ECB2699A, D7E2F10729852B8E0EA3FFBE4A6EB89D0D79CE5C9D61B9EBDB047ABEC4265299 ] C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
19:40:59.0893 0x04a0 Monitor - ok
19:41:00.0267 0x04a0 [ 5C59E612AA95F10DBD29F6249EA379D3, CC1B5D70960C49DAEBD0BBFA908A1F6D823FCF5030AEBEEA646A04DAC338579B ] C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
19:41:00.0392 0x04a0 EKStatusMonitor - ok
19:41:00.0876 0x04a0 [ 8E3663E3EE29594448CEFEFC8F25661A, 761C630AC3018B2CCBF7FB07EF26F57CC674AD0FCDAEA17BC16FBEFF965C3AD2 ] C:\Program Files\AVG\AVG2014\avgui.exe
19:41:01.0344 0x04a0 AVG_UI - ok
19:41:01.0406 0x04a0 [ 6080A176D09435FC8E6E800996656E18, 2E661732F83521AB1E33749DE7E1478A05BC182B14F101531E908B1B555ACA18 ] C:\Windows\system32\conime.exe
19:41:01.0422 0x04a0 Conime - ok
19:41:01.0640 0x04a0 [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
19:41:01.0703 0x04a0 Sidebar - ok
19:41:01.0718 0x04a0 WindowsWelcomeCenter - ok
19:41:01.0859 0x04a0 [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
19:41:01.0905 0x04a0 Sidebar - ok
19:41:01.0905 0x04a0 WindowsWelcomeCenter - ok
19:41:02.0030 0x04a0 [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\sidebar.exe
19:41:02.0093 0x04a0 Sidebar - ok
19:41:02.0155 0x04a0 [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
19:41:02.0171 0x04a0 swg - ok
19:41:03.0606 0x04a0 [ 6313BA5D7F348576758CE789AF7E548A, FE8DA6EB0D551B98BF1C7A64EDE9F1CEEAF05BA312B9C07EAEEEFA1C0032A6AA ] C:\Program Files\CCleaner\CCleaner.exe
19:41:05.0244 0x04a0 CCleaner Monitoring - ok
19:41:05.0275 0x04a0 Waiting for KSN requests completion. In queue: 63
19:41:06.0289 0x04a0 Waiting for KSN requests completion. In queue: 63
19:41:07.0303 0x04a0 Waiting for KSN requests completion. In queue: 63
19:41:08.0426 0x04a0 AV detected via SS2: AVG AntiVirus 2014, C:\Program Files\AVG\AVG2014\avgwsc.exe ( 14.0.0.4813 ), 0x41000 ( enabled : updated )
19:41:08.0442 0x04a0 Win FW state via NFP2: enabled
19:41:10.0938 0x04a0 ============================================================
19:41:10.0938 0x04a0 Scan finished
19:41:10.0938 0x04a0 ============================================================
19:41:10.0953 0x1474 Detected object count: 0
19:41:10.0953 0x1474 Actual detected object count: 0
19:42:01.0092 0x160c ============================================================
19:42:01.0092 0x160c Scan started
19:42:01.0092 0x160c Mode: Manual; SigCheck;
19:42:01.0092 0x160c ============================================================
19:42:01.0092 0x160c KSN ping started
19:42:15.0584 0x160c KSN ping finished: true
19:42:16.0380 0x160c ================ Scan system memory ========================
19:42:16.0380 0x160c System memory - ok
19:42:16.0380 0x160c ================ Scan services =============================
19:42:16.0645 0x160c [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI C:\Windows\system32\drivers\acpi.sys
19:42:17.0004 0x160c ACPI - ok
19:42:17.0191 0x160c [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
19:42:17.0300 0x160c AdobeARMservice - ok
19:42:17.0394 0x160c [ 9B3355B29942AF67F014EA90CE1EA960, FBB155F72984045BCD99CC2059B9EDAABD3A52104C3864A290D8A355991F94D3 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:42:17.0503 0x160c AdobeFlashPlayerUpdateSvc - ok
19:42:17.0581 0x160c [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB, 0342700760874683A6DF4F149DACACEF0569D40C45FC5958C67100B3C5D9BBBC ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:42:17.0706 0x160c adp94xx - ok
19:42:17.0768 0x160c [ B84088CA3CDCA97DA44A984C6CE1CCAD, 87009809FB101BF51483FA32318CBCD209386582880C82417BE4FFAD1B04C8C1 ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:42:17.0877 0x160c adpahci - ok
19:42:17.0909 0x160c [ 7880C67BCCC27C86FD05AA2AFB5EA469, C8B06E203EEA6EAD19651F212432005ABADFF21E2AA5699E34040527394F2677 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
19:42:18.0018 0x160c adpu160m - ok
19:42:18.0065 0x160c [ 9AE713F8E30EFC2ABCCD84904333DF4D, B0C7801AC6E0811C38F0474703F34283914C8873D851F59EE232834F7C0D8087 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:42:18.0158 0x160c adpu320 - ok
19:42:18.0221 0x160c [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:42:18.0377 0x160c AeLookupSvc - ok
19:42:18.0423 0x160c [ F5272A105F59A7B3B345D9D6D87DA7AD, 9E84776994D04240BF2537330DBB555EDE16DFCFC59DEDCBA05A44ED7F70BEFA ] AFD C:\Windows\system32\drivers\afd.sys
19:42:18.0642 0x160c AFD - ok
19:42:18.0782 0x160c [ 5D97943C128ED756D1B0A08302C1B1F8, BE7C390B12EB38B0174C55F5459ECA44DC0521277475EF8E6C59E0DE407096EA ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
19:42:19.0298 0x160c AgereSoftModem - ok
19:42:19.0360 0x160c [ EF23439CDD587F64C2C1B8825CEAD7D8, 762665CFC202B3E16CA2338887896FDF996331A363DC709F1EC088BF927133A3 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:42:19.0454 0x160c agp440 - ok
19:42:19.0485 0x160c [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
19:42:19.0579 0x160c aic78xx - ok
19:42:19.0626 0x160c [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG C:\Windows\System32\alg.exe
19:42:19.0906 0x160c ALG - ok
19:42:19.0939 0x160c [ 90395B64600EBB4552E26E178C94B2E4, 73095893964DC7915983B58A567184FC51949C99341E7E0D04D70CC4C4F95E37 ] aliide C:\Windows\system32\drivers\aliide.sys
19:42:20.0048 0x160c aliide - ok
19:42:20.0079 0x160c [ 2B13E304C9DFDFA5EB582F6A149FA2C7, 196CCE13E0376526B79D9C43D4071990576C4DD210A48E9E922B438AA11C95E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
19:42:20.0173 0x160c amdagp - ok
19:42:20.0204 0x160c [ 0577DF1D323FE75A739C787893D300EA, 079EF3CA18FB847DB7E62929071BFF007FAF390E1DBF4C59F28DAAC6B9C2DE51 ] amdide C:\Windows\system32\drivers\amdide.sys
19:42:20.0297 0x160c amdide - ok
19:42:20.0329 0x160c [ DC487885BCEF9F28EECE6FAC0E5DDFC5, 24A62F6E628AD46273BC226F7BC3453A9C7B76F81ABB9FB801EBEFADB2AB7C9B ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
19:42:20.0531 0x160c AmdK7 - ok
19:42:20.0563 0x160c [ 0CA0071DA4315B00FC1328CA86B425DA, 4F816FA2197166A83A266084F9D5ED68876D0521D378F90F1314DD53C6FB8814 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:42:20.0750 0x160c AmdK8 - ok
19:42:20.0812 0x160c [ DFAE18C675D71FD06D57DC69D2913975, 5ECEEB8F49811100551C46CF66D9FA4ED34242C6F87F5BCBEA3A17900CB37DC1 ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll
19:42:20.0968 0x160c AppHostSvc - ok
19:42:21.0031 0x160c [ 8F7D200717A58E9800D391F4C2101577, F07CF0F5636F46D8F3D5133284943E991E8739E5A644BCA5F18BB896B374620D ] Appinfo C:\Windows\System32\appinfo.dll
19:42:21.0202 0x160c Appinfo - ok
19:42:21.0311 0x160c [ 6B73E94F9FE82D45781B8C8A09483082, C35EEAE7457168387A7C77A315524A3703ABDE49D9F23F59057315D9249D3473 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:42:21.0405 0x160c Apple Mobile Device - ok
19:42:21.0452 0x160c [ 5F673180268BB1FDB69C99B6619FE379, C4307A861163F96648109046A6C7D53AB1C9B10D0B841DD1A7D147D22F462649 ] arc C:\Windows\system32\drivers\arc.sys
19:42:21.0545 0x160c arc - ok
19:42:21.0592 0x160c [ 957F7540B5E7F602E44648C7DE5A1C05, F03C7708A6C9D2579ECE5A7413AFA068E1067D7191EC653A78BA4FEDE76CFBD8 ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:42:21.0686 0x160c arcsas - ok
19:42:21.0873 0x160c [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
19:42:21.0982 0x160c aspnet_state - ok
19:42:22.0013 0x160c [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:42:22.0185 0x160c AsyncMac - ok
19:42:22.0216 0x160c [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi C:\Windows\system32\drivers\atapi.sys
19:42:22.0310 0x160c atapi - ok
19:42:22.0372 0x160c [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:42:22.0513 0x160c AudioEndpointBuilder - ok
19:42:22.0544 0x160c [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] Audiosrv C:\Windows\System32\Audiosrv.dll
19:42:22.0669 0x160c Audiosrv - ok
19:42:22.0747 0x160c [ 21C2F3000A7233E517D7AB62F97BF509, 07169A2512D616E4AE7FE0F6B66D2B84D526F6022985871CC29E9F53FDCFCB6D ] Avgdiskx C:\Windows\system32\DRIVERS\avgdiskx.sys
19:42:22.0871 0x160c Avgdiskx - ok
19:42:23.0183 0x160c [ 4641EB98ED13DE1FED697250DF679BDD, 88962068D76429D2E28921614CA72F0B2F9FB68AAC902A4E0FB65DEC0331DDFF ] AVGIDSAgent C:\Program Files\AVG\AVG2014\avgidsagent.exe
19:42:23.0527 0x160c AVGIDSAgent - ok
19:42:23.0573 0x160c [ 8F07F27A2954775823A89C5976BF4F36, 232B10ECFD420B1BCB390FC495670FE092AAE9726185D2B50CBF6A5DD5D5C7A6 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdriverx.sys
19:42:23.0683 0x160c AVGIDSDriver - ok
19:42:23.0729 0x160c [ A338A5ED62F2DA715460CF89059BD5C9, 73A1C751690B30887370BD2D87FBF4C8DFF0B819A310DD4A89CE7119C28692D4 ] AVGIDSHX C:\Windows\system32\DRIVERS\avgidshx.sys
19:42:23.0839 0x160c AVGIDSHX - ok
19:42:23.0870 0x160c [ D0D512783FB87BC7FAFE330CBE413B75, 96A6457A7E2F7DD27A10D7CCCA1371F62E1D538C7BBB581DE2F2CEAF27B38E28 ] AVGIDSShim C:\Windows\system32\DRIVERS\avgidsshimx.sys
19:42:23.0963 0x160c AVGIDSShim - ok
19:42:24.0010 0x160c [ 83645E273A9EEFB3B554AD0D8A01F33D, 23491C196156BC7BF47FCD4825CCE4DEC6BE0764D7113F2D612473551305860B ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys
19:42:24.0119 0x160c Avgldx86 - ok
19:42:24.0166 0x160c [ A48519FEC3F171EBAC0504FB93A33536, 3E96D0B20ABDC8CE3CF9D18E749E7F6C8F5F994E52E99580777E30DA9DFB461D ] Avglogx C:\Windows\system32\DRIVERS\avglogx.sys
19:42:24.0291 0x160c Avglogx - ok
19:42:24.0322 0x160c [ 22E47CF9EABE8E429BB7371AD15E1C04, A073B473FB614558A0C98AB229DF060E841ECEB53BCFB966B10E1E0118F82ECD ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys
19:42:24.0431 0x160c Avgmfx86 - ok
19:42:24.0478 0x160c [ 86FCB8CE3E68C4777B98F7AF06FE8519, 6B7507DA927ECDBA8B2DAA87530DDAEAC5B0983D3CF11D1F6D00D36601FBC60C ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys
19:42:24.0572 0x160c Avgrkx86 - ok
19:42:24.0603 0x160c [ 11059657F147FCA9C1F2A049775909C1, EE294BAB0074C9F0C6A036730269DE73FC8DBDD339547E7BA6F79C7B1A10A227 ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys
19:42:24.0712 0x160c Avgtdix - ok
19:42:24.0790 0x160c [ F39694ECC32D23FD0DFF8B578ADBE7C6, C59523B22E162932A17AE5E374AE275CC03A115E2E5D1D30A099B69A28D2F97C ] avgwd C:\Program Files\AVG\AVG2014\avgwdsvc.exe
19:42:24.0915 0x160c avgwd - ok
19:42:24.0946 0x160c [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep C:\Windows\system32\drivers\Beep.sys
19:42:25.0102 0x160c Beep - ok
19:42:25.0149 0x160c [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE C:\Windows\System32\bfe.dll
19:42:25.0352 0x160c BFE - ok
19:42:25.0430 0x160c [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS C:\Windows\System32\qmgr.dll
19:42:25.0633 0x160c BITS - ok
19:42:25.0633 0x160c blbdrive - ok
19:42:25.0789 0x160c [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:42:25.0913 0x160c Bonjour Service - ok
19:42:25.0960 0x160c [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:42:26.0147 0x160c bowser - ok
19:42:26.0194 0x160c [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
19:42:26.0350 0x160c BrFiltLo - ok
19:42:26.0366 0x160c [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
19:42:26.0506 0x160c BrFiltUp - ok
19:42:26.0569 0x160c [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser C:\Windows\System32\browser.dll
19:42:26.0725 0x160c Browser - ok
19:42:26.0756 0x160c [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid C:\Windows\system32\drivers\brserid.sys
19:42:26.0959 0x160c Brserid - ok
19:42:27.0005 0x160c [ 1A5FC78E41840EDF79D65EC16EFF2787, 05BC4C07C88ADDE6D7FF01B821DDB944EEEC8035AC1B6D780E39FDBD12FCA885 ] BrSerIf C:\Windows\system32\Drivers\BrSerIf.sys
19:42:27.0177 0x160c BrSerIf - ok
19:42:27.0208 0x160c [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
19:42:27.0380 0x160c BrSerWdm - ok
19:42:27.0411 0x160c [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
19:42:27.0598 0x160c BrUsbMdm - ok
19:42:27.0645 0x160c [ A24C7B39602218F8DBDB2B6704325FC7, B90A1BA412A33AD041A2CE47FBB73AE296AF07A2F3DF1F56D9FEE5B3B1E0BBD5 ] BrUsbSer C:\Windows\system32\Drivers\BrUsbSer.sys
19:42:27.0770 0x160c BrUsbSer - ok
19:42:27.0832 0x160c [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:42:28.0004 0x160c BTHMODEM - ok
19:42:28.0051 0x160c [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:42:28.0191 0x160c cdfs - ok
19:42:28.0253 0x160c [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:42:28.0425 0x160c cdrom - ok
19:42:28.0472 0x160c [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc C:\Windows\System32\certprop.dll
19:42:28.0628 0x160c CertPropSvc - ok
19:42:28.0659 0x160c [ DA8E0AFC7BAA226C538EF53AC2F90897, 2BBB9966671A3B8325D215DBC29FBD7D912C13ADC562A0D4521D1FF9A6F445C0 ] circlass C:\Windows\system32\drivers\circlass.sys
19:42:28.0846 0x160c circlass - ok
19:42:28.0909 0x160c [ 5D9311526801643000D7032A83B18B12, C5A98868A41446617B3A27C6C4AAFA4E7C093E253E8C1DD5DBFE6FAE21991209 ] CLFS C:\Windows\system32\CLFS.sys
19:42:29.0018 0x160c CLFS - ok
19:42:29.0143 0x160c [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:42:29.0252 0x160c clr_optimization_v2.0.50727_32 - ok
19:42:29.0299 0x160c [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:42:29.0408 0x160c clr_optimization_v4.0.30319_32 - ok
19:42:29.0501 0x160c [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:42:29.0657 0x160c CmBatt - ok
19:42:29.0704 0x160c [ 45201046C776FFDAF3FC8A0029C581C8, 68A68CF2B76598BC8610EB5B2D3FD5BDC9D51CFC6F51FB7A0B0C92A2BE910FC6 ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:42:29.0798 0x160c cmdide - ok
19:42:29.0845 0x160c [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:42:29.0938 0x160c Compbatt - ok
19:42:29.0954 0x160c COMSysApp - ok
19:42:29.0985 0x160c [ 2A213AE086BBEC5E937553C7D9A2B22C, 1F91ACC0426E0ED1717555B282F65629EF15021375B24A63C29C89ADE916EE2A ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:42:30.0079 0x160c crcdisk - ok
19:42:30.0110 0x160c [ 22A7F883508176489F559EE745B5BF5D, D6341E3FBC8A46D2D1F0477FA60EC4828B585D35B14609CD02868FD04ECD14DB ] Crusoe C:\Windows\system32\drivers\crusoe.sys
19:42:30.0313 0x160c Crusoe - ok
19:42:30.0391 0x160c [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:42:30.0562 0x160c CryptSvc - ok
19:42:30.0640 0x160c [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:42:30.0843 0x160c DcomLaunch - ok
19:42:30.0890 0x160c [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:42:31.0046 0x160c DfsC - ok
19:42:31.0202 0x160c [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR C:\Windows\system32\DFSR.exe
19:42:31.0561 0x160c DFSR - ok
19:42:31.0623 0x160c [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp C:\Windows\System32\dhcpcsvc.dll
19:42:31.0779 0x160c Dhcp - ok
19:42:31.0810 0x160c [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk C:\Windows\system32\drivers\disk.sys
19:42:31.0919 0x160c disk - ok
19:42:31.0966 0x160c [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:42:32.0122 0x160c Dnscache - ok
19:42:32.0169 0x160c [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc C:\Windows\System32\dot3svc.dll
19:42:32.0325 0x160c dot3svc - ok
19:42:32.0372 0x160c [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS C:\Windows\system32\dps.dll
19:42:32.0528 0x160c DPS - ok
19:42:32.0575 0x160c [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:42:32.0715 0x160c drmkaud - ok
19:42:32.0824 0x160c [ 5C2C209CDEFBC51D83D66E8A53B2BE89, 7AE68672A6BEEF601017BE28AA0BF3673318EFE97AA08E70F58A9391C54DF71F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:42:32.0949 0x160c DXGKrnl - ok
19:42:33.0011 0x160c [ F88FB26547FD2CE6D0A5AF2985892C48, F02E06E16830F5D3FAF61991F5A91E54BB3461F58AFE3BFB7A9066CD302B879F ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
19:42:33.0199 0x160c E1G60 - ok
19:42:33.0261 0x160c [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost C:\Windows\System32\eapsvc.dll
19:42:33.0417 0x160c EapHost - ok
19:42:33.0495 0x160c [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache C:\Windows\system32\drivers\ecache.sys
19:42:33.0604 0x160c Ecache - ok
19:42:33.0713 0x160c [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:42:33.0854 0x160c ehRecvr - ok
19:42:33.0885 0x160c [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched C:\Windows\ehome\ehsched.exe
19:42:34.0088 0x160c ehSched - ok
19:42:34.0103 0x160c [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart C:\Windows\ehome\ehstart.dll
19:42:34.0244 0x160c ehstart - ok
19:42:34.0291 0x160c [ E8F3F21A71720C84BCF423B80028359F, 63114E6120F634224A0E83A5047B37C7D6F26CF99FE3C01CFC0AB8B1763BB084 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:42:34.0400 0x160c elxstor - ok
19:42:34.0493 0x160c [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
19:42:34.0681 0x160c EMDMgmt - ok
19:42:34.0727 0x160c [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem C:\Windows\system32\es.dll
19:42:34.0899 0x160c EventSystem - ok
19:42:34.0946 0x160c [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat C:\Windows\system32\drivers\exfat.sys
19:42:35.0102 0x160c exfat - ok
19:42:35.0149 0x160c [ 4E404505B3F62ECFBDBCBBCF0A72DBC5, 9F446ED06A31BFE52C4F1E8ACC400B8E3F47A3CC02FFC950DB861B2B3BA4C5B9 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:42:35.0336 0x160c fastfat - ok
19:42:35.0383 0x160c [ 63BDADA84951B9C03E641800E176898A, AD3EA20CAD0E0C438422D5D39AEA9E0AAD9E1DC866A696AE503C76F5FAC4BE6E ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:42:35.0570 0x160c fdc - ok
19:42:35.0601 0x160c [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost C:\Windows\system32\fdPHost.dll
19:42:35.0757 0x160c fdPHost - ok
19:42:35.0804 0x160c [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub C:\Windows\system32\fdrespub.dll
19:42:35.0991 0x160c FDResPub - ok
19:42:36.0022 0x160c [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:42:36.0131 0x160c FileInfo - ok
19:42:36.0178 0x160c [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:42:36.0350 0x160c Filetrace - ok
19:42:36.0381 0x160c [ 6603957EFF5EC62D25075EA8AC27DE68, B52D112301A6BFBD60959D7D2502AB2E1EB6BB7F5DCED46899F1F006C7F1E887 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:42:36.0553 0x160c flpydisk - ok
19:42:36.0615 0x160c [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:42:36.0709 0x160c FltMgr - ok
19:42:36.0849 0x160c [ 7417E869AE5AAC3026329E7749698110, 14545202D90C23EE6A2ADC5627791A3B43B5EEA6F78F44021C9AE2B5B8A351DD ] FontCache C:\Windows\system32\FntCache.dll
19:42:37.0067 0x160c FontCache - ok
19:42:37.0145 0x160c [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:42:37.0239 0x160c FontCache3.0.0.0 - ok
19:42:37.0286 0x160c [ D909075FA72C090F27AA926C32CB4612, F8610C20C4DD499D5B4ACEBD7107E52E25B6449AEED58D1A203F7D654B55C4DF ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
19:42:37.0379 0x160c fssfltr - ok
19:42:37.0567 0x160c [ 4CE9DAC1518FF7E77BD213E6394B9D77, D7D0D29DF93AC7DC5F85E385EEB45306C7BD87ACA7AAC5A8D47893D120C32C03 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
19:42:37.0754 0x160c fsssvc - ok
19:42:37.0785 0x160c [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:42:37.0941 0x160c Fs_Rec - ok
19:42:37.0988 0x160c [ CBC22823628544735625B280665E434E, 6B5A3FE469CACE241F3332E6E6B3D0ACB3C2EB3DF0297C744F5A155992F0B411 ] FwLnk C:\Windows\system32\DRIVERS\FwLnk.sys
19:42:38.0128 0x160c FwLnk - ok
19:42:38.0191 0x160c [ 4E1CD0A45C50A8882616CAE5BF82F3C5, 1B909AF150F7119A5685999451A85012F4A92F15F38390A281EA507E2D247BAE ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:42:38.0300 0x160c gagp30kx - ok
19:42:38.0409 0x160c [ 805DAC448BEBDA900BF5520AB27D9616, C0A2935C75EC4B3D860E68ABAE6756D6D4B31BA9AFD742FF9C0B6ED11BEFD163 ] Garmin Device Interaction Service C:\Program Files\Garmin\Device Interaction Service\GarminService.exe
19:42:38.0565 0x160c Garmin Device Interaction Service - ok
19:42:38.0612 0x160c [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:42:38.0705 0x160c GEARAspiWDM - ok
19:42:38.0861 0x160c [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc C:\Windows\System32\gpsvc.dll
19:42:39.0064 0x160c gpsvc - ok
19:42:39.0220 0x160c [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
19:42:39.0329 0x160c gupdate - ok
19:42:39.0329 0x160c [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
19:42:39.0423 0x160c gupdatem - ok
19:42:39.0501 0x160c [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
19:42:39.0610 0x160c gusvc - ok
19:42:39.0657 0x160c [ 3F90E001369A07243763BD5A523D8722, 25907F85787D879E75C3FE74C93567382AFB2D528BEEC61D71E3A6BE2D71DFBE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:42:39.0875 0x160c HdAudAddService - ok
19:42:39.0953 0x160c [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:42:40.0172 0x160c HDAudBus - ok
19:42:40.0219 0x160c [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:42:40.0421 0x160c HidBth - ok
19:42:40.0453 0x160c [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr C:\Windows\system32\drivers\hidir.sys
19:42:40.0655 0x160c HidIr - ok
19:42:40.0687 0x160c [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv C:\Windows\system32\hidserv.dll
19:42:40.0827 0x160c hidserv - ok
19:42:40.0858 0x160c [ 3C64042B95E583B366BA4E5D2450235E, B431F9692D66188AFEE372F312581178B14F49D763F8D1100D264623A239002A ] HidUsb C:\Windows\system32\drivers\hidusb.sys
19:42:41.0045 0x160c HidUsb - ok
19:42:41.0092 0x160c [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc C:\Windows\system32\kmsvc.dll
19:42:41.0295 0x160c hkmsvc - ok
19:42:41.0326 0x160c [ DF353B401001246853763C4B7AAA6F50, 05C043493BDD99DEFBB0F5C3D8C475B06C2BF5629565ACF6F3B754002519B836 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
19:42:41.0420 0x160c HpCISSs - ok
19:42:41.0513 0x160c [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:42:41.0716 0x160c HTTP - ok
19:42:41.0747 0x160c [ 324C2152FF2C61ABAE92D09F3CCA4D63, 2D09964C8003277F7DB1FFAA0DAEF15B205F3C4100FF601950BC9E544DC0B91F ] i2omp C:\Windows\system32\drivers\i2omp.sys
19:42:41.0841 0x160c i2omp - ok
19:42:41.0872 0x160c [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:42:42.0013 0x160c i8042prt - ok
19:42:42.0044 0x160c [ C957BF4B5D80B46C5017BF0101E6C906, 6B9186335E50E7E0DBAF574A224E524EC526B57AA02F509E4A8D0F905C9CE880 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
19:42:42.0153 0x160c iaStorV - ok
19:42:42.0278 0x160c [ DD386C45D2B5863740166783448A2E7A, 10B912BA70306644BE73A53AF4DCDFF63880C4C5860FF6DBA92B0914EB566718 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:42:42.0434 0x160c idsvc - ok
19:42:43.0058 0x160c [ 8266AE06DF974E5BA047B3E9E9E70B3F, 44E5A8EED802A1DDF3CCDB478A88A3AB3CF009F449FB11E0F94A28498342B4E2 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
19:42:43.0869 0x160c igfx - ok
19:42:43.0947 0x160c [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:42:44.0041 0x160c iirsp - ok
19:42:44.0119 0x160c [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT C:\Windows\System32\ikeext.dll
19:42:44.0259 0x160c IKEEXT - ok
19:42:44.0306 0x160c [ 97469037714070E45194ED318D636401, DDB5AE39BE0BD37ECB44969A5FA740E5B1169342347D0DB3E5DF0353A6708271 ] intelide C:\Windows\system32\drivers\intelide.sys
19:42:44.0399 0x160c intelide - ok
19:42:44.0431 0x160c [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:42:44.0587 0x160c intelppm - ok
19:42:44.0649 0x160c [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:42:44.0805 0x160c IPBusEnum - ok
19:42:44.0852 0x160c [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:42:44.0992 0x160c IpFilterDriver - ok
19:42:45.0039 0x160c [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:42:45.0226 0x160c iphlpsvc - ok
19:42:45.0242 0x160c IpInIp - ok
19:42:45.0320 0x160c [ 40F34F8ABA2A015D780E4B09138B6C17, 22F86888C6B4F76836E863A90730D8F0DBD518305D87A399A159387E79E9D2F7 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
19:42:45.0507 0x160c IPMIDRV - ok
19:42:45.0554 0x160c [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
19:42:45.0694 0x160c IPNAT - ok
19:42:45.0835 0x160c [ 35828479CCB4EE3CFD7523AF63443D5B, CA582DB092DC049597268B8245F2EEFF5DB807CBE2CFABEA04EA00DD5ED9A2B6 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:42:45.0959 0x160c iPod Service - ok
19:42:45.0991 0x160c [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:42:46.0131 0x160c IRENUM - ok
19:42:46.0162 0x160c [ 350FCA7E73CF65BCEF43FAE1E4E91293, 68403FE3F4DC40919CD26A2CC42BE4386AE6874F47DD382348FFD79080721A13 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:42:46.0256 0x160c isapnp - ok
19:42:46.0318 0x160c [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
19:42:46.0427 0x160c iScsiPrt - ok
19:42:46.0459 0x160c [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
19:42:46.0552 0x160c iteatapi - ok
19:42:46.0583 0x160c [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid C:\Windows\system32\drivers\iteraid.sys
19:42:46.0677 0x160c iteraid - ok
19:42:46.0724 0x160c [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:42:46.0833 0x160c kbdclass - ok
19:42:46.0864 0x160c [ D2600CB17B7408B4A83F231DC9A11AC3, C3025C2ED3541F58E8C1D792B0683949286BE583AB17B0C48F7362B4FA512BC0 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
19:42:47.0051 0x160c kbdhid - ok
19:42:47.0083 0x160c [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso C:\Windows\system32\lsass.exe
19:42:47.0239 0x160c KeyIso - ok
19:42:47.0379 0x160c [ 775C6D5D60146D7DB08A01CB596D7EC6, 66D87041DD8E0CF8AFBC155AC709E9A647B765BBA56CDE07EA01468BDAD7C239 ] Kodak AiO Network Discovery Service C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
19:42:47.0504 0x160c Kodak AiO Network Discovery Service - ok
19:42:47.0597 0x160c [ 17AFF68AB32F8671BC46612D35351099, C782460B99EAAE84DDBEF5AEB628984984B4108A482F023CE62CE1D33A367FEB ] Kodak AiO Status Monitor Service C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
19:42:47.0753 0x160c Kodak AiO Status Monitor Service - ok
19:42:47.0800 0x160c [ E9648A2E6691B3BF0D17697640B8F7EB, 6832F086C3AD0BBB57A5D3B1B3DE8EAFB9F8E63906A70A77770B421670D61F8C ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:42:47.0941 0x160c KSecDD - ok
19:42:48.0112 0x160c [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm C:\Windows\system32\msdtckrm.dll
19:42:48.0284 0x160c KtmRm - ok
19:42:48.0424 0x160c [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer C:\Windows\system32\srvsvc.dll
19:42:48.0580 0x160c LanmanServer - ok
19:42:48.0658 0x160c [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:42:48.0814 0x160c LanmanWorkstation - ok
19:42:49.0345 0x160c [ 3CDB12C59F9D1FB256A14565F0762DAF, 3E1BBEC0F7B1938656743CF84BDF6B648D63A39A58F854EEDF287B63748D4BBD ] LeapFrog Connect Device Service C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
19:42:50.0249 0x160c LeapFrog Connect Device Service - detected UnsignedFile.Multi.Generic ( 1 )
19:42:50.0421 0x160c LeapFrog Connect Device Service ( UnsignedFile.Multi.Generic ) - warning
19:42:53.0011 0x160c [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:42:53.0182 0x160c lltdio - ok
19:42:53.0245 0x160c [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:42:53.0416 0x160c lltdsvc - ok
19:42:53.0463 0x160c [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:42:53.0635 0x160c lmhosts - ok
19:42:53.0697 0x160c [ A2262FB9F28935E862B4DB46438C80D2, 792684A68726BC007ACABB584682FDF4F059AE60888FB5B47ED68A97EA0BB5E6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:42:53.0791 0x160c LSI_FC - ok
19:42:53.0822 0x160c [ 30D73327D390F72A62F32C103DAF1D6D, 7BB5BFB0DCF33AF9907539B52DF7BA1943C1E75A17715B58DBC702ACA6D406EA ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:42:53.0931 0x160c LSI_SAS - ok
19:42:53.0962 0x160c [ E1E36FEFD45849A95F1AB81DE0159FE3, DA02B23A881D156A02D3874B41E6D042F84AD558B434280A6A6AC6B619668647 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:42:54.0056 0x160c LSI_SCSI - ok
19:42:54.0087 0x160c [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv C:\Windows\system32\drivers\luafv.sys
19:42:54.0243 0x160c luafv - ok
19:42:54.0274 0x160c [ B4CD87E78A01562E3DA67FE1C2779204, 536AC01C53A18E7B43F02F345FC3088C189A2D01F5E060714C0534FE7ECA2356 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
19:42:54.0383 0x160c MBAMProtector - ok
19:42:54.0524 0x160c [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
19:42:54.0727 0x160c MBAMService - ok
19:42:54.0758 0x160c [ EAFEB8DF3B5B2AD7848B4C367FDD6E05, 7444D9DB01D28100831CDE3208829784225A92C4CDF9ED594EA3DD8F5FEAEA98 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
19:42:54.0851 0x160c MBAMWebAccessControl - ok
19:42:54.0929 0x160c [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:42:55.0039 0x160c Mcx2Svc - ok
19:42:55.0085 0x160c [ D153B14FC6598EAE8422A2037553ADCE, D5408B07B6EBA0146A605F11106497DC3DF8EC72E0DCC44BE1366A2A58ABE478 ] megasas C:\Windows\system32\drivers\megasas.sys
19:42:55.0179 0x160c megasas - ok
19:42:55.0241 0x160c [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS C:\Windows\system32\mmcss.dll
19:42:55.0397 0x160c MMCSS - ok
19:42:55.0429 0x160c [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem C:\Windows\system32\drivers\modem.sys
19:42:55.0585 0x160c Modem - ok
19:42:55.0616 0x160c [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:42:55.0787 0x160c monitor - ok
19:42:55.0834 0x160c [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:42:55.0928 0x160c mouclass - ok
19:42:55.0943 0x160c [ A3A6DFF7E9E757DB3DF51A833BC28885, 3285FD0176722B1098ECDA4098FCF55A39829C3A81462097BACB5B558883B027 ] mouhid C:\Windows\system32\drivers\mouhid.sys
19:42:56.0131 0x160c mouhid - ok
19:42:56.0177 0x160c [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
19:42:56.0271 0x160c MountMgr - ok
19:42:56.0302 0x160c [ 583A41F26278D9E0EA548163D6139397, 1F09D2FEEE1A8D4F1D9E53596158154099FD436A408F7E72E40F50778A3838A1 ] mpio C:\Windows\system32\drivers\mpio.sys
19:42:56.0396 0x160c mpio - ok
19:42:56.0443 0x160c [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:42:56.0583 0x160c mpsdrv - ok
19:42:56.0645 0x160c [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:42:56.0833 0x160c MpsSvc - ok
19:42:56.0864 0x160c [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
19:42:56.0957 0x160c Mraid35x - ok
19:42:57.0020 0x160c [ B0584CA7DEF55929FDB5169BD28B2484, AF6A7E404FEB29F7F3428D0AF6682195E5E8ED106996A04E6947DBD575696546 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:42:57.0160 0x160c MRxDAV - ok
19:42:57.0223 0x160c [ 1B864548B2ACEC1C0BB29B615CC42978, E1DA3E6764A2C7072D99F2F093E5F40DB6DC809701B59C155C6B4EE327AB9E41 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:42:57.0363 0x160c mrxsmb - ok
19:42:57.0410 0x160c [ 3F39B02EEDC5B8A0ED896EA1CDF7245F, 41C1DCD82F964A398B7C3D44178DBF7C8AF1C2DBC5F2D944BE6B00E909FE083B ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:42:57.0550 0x160c mrxsmb10 - ok
19:42:57.0581 0x160c [ D0670EC8E5AD3FA5BE372BF70AC0EABF, BD2D1BA151FD5409EAA41ECCBEB863FE52FF7C2D92349961FEE736D66970748E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:42:57.0722 0x160c mrxsmb20 - ok
19:42:57.0753 0x160c [ 5457DCFA7C0DA43522F4D9D4049C1472, C8B0FD8F96E4FC5CB4B74D5968E808F44B4371F0A797B1D368E6A6080CB862FD ] msahci C:\Windows\system32\drivers\msahci.sys
19:42:57.0862 0x160c msahci - ok
19:42:57.0940 0x160c [ 3FC82A2AE4CC149165A94699183D3028, 8575BE62A209672A5D8C68D75BBBB4FF06220CA73A939B0793442DAD2272598C ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:42:58.0034 0x160c msdsm - ok
19:42:58.0096 0x160c [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC C:\Windows\System32\msdtc.exe
19:42:58.0268 0x160c MSDTC - ok
19:42:58.0299 0x160c [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:42:58.0455 0x160c Msfs - ok
19:42:58.0486 0x160c [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:42:58.0580 0x160c msisadrv - ok
19:42:58.0627 0x160c [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:42:58.0783 0x160c MSiSCSI - ok
19:42:58.0783 0x160c msiserver - ok
19:42:58.0861 0x160c [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:42:59.0001 0x160c MSKSSRV - ok
19:42:59.0048 0x160c [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:42:59.0188 0x160c MSPCLOCK - ok
19:42:59.0235 0x160c [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:42:59.0375 0x160c MSPQM - ok
19:42:59.0407 0x160c [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:42:59.0516 0x160c MsRPC - ok
19:42:59.0563 0x160c [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:42:59.0672 0x160c mssmbios - ok
19:42:59.0687 0x160c [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:42:59.0828 0x160c MSTEE - ok
19:42:59.0859 0x160c [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup C:\Windows\system32\Drivers\mup.sys
19:42:59.0968 0x160c Mup - ok
19:43:00.0015 0x160c [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent C:\Windows\system32\qagentRT.dll
19:43:00.0187 0x160c napagent - ok
19:43:00.0233 0x160c [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:43:00.0358 0x160c NativeWifiP - ok
19:43:00.0436 0x160c [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:43:00.0608 0x160c NDIS - ok
19:43:00.0655 0x160c [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:43:00.0795 0x160c NdisTapi - ok
19:43:00.0842 0x160c [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:43:01.0029 0x160c Ndisuio - ok
19:43:01.0060 0x160c [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:43:01.0216 0x160c NdisWan - ok
19:43:01.0263 0x160c [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:43:01.0388 0x160c NDProxy - ok
19:43:01.0435 0x160c [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:43:01.0591 0x160c NetBIOS - ok
19:43:01.0637 0x160c [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt C:\Windows\system32\DRIVERS\netbt.sys
19:43:01.0793 0x160c netbt - ok
19:43:01.0809 0x160c [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon C:\Windows\system32\lsass.exe
19:43:01.0934 0x160c Netlogon - ok
19:43:01.0996 0x160c [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman C:\Windows\System32\netman.dll
19:43:02.0168 0x160c Netman - ok
19:43:02.0199 0x160c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:43:02.0324 0x160c NetMsmqActivator - ok
19:43:02.0339 0x160c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:43:02.0449 0x160c NetPipeActivator - ok
19:43:02.0511 0x160c [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm C:\Windows\System32\netprofm.dll
19:43:02.0667 0x160c netprofm - ok
19:43:02.0683 0x160c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:43:02.0792 0x160c NetTcpActivator - ok
19:43:02.0807 0x160c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:43:02.0917 0x160c NetTcpPortSharing - ok
19:43:02.0963 0x160c [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:43:03.0057 0x160c nfrd960 - ok
19:43:03.0119 0x160c [ C96411DD46AABC0D6F3CF06D0E0E7E14, 0D36F322AF1B923D96735BFFCAC3FDB0B282E59220BADAB8B49AC178A6765380 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:43:03.0275 0x160c NlaSvc - ok
19:43:03.0307 0x160c [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:43:03.0447 0x160c Npfs - ok
19:43:03.0478 0x160c [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi C:\Windows\system32\nsisvc.dll
19:43:03.0634 0x160c nsi - ok
19:43:03.0697 0x160c [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:43:03.0853 0x160c nsiproxy - ok
19:43:03.0977 0x160c [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:43:04.0180 0x160c Ntfs - ok
19:43:04.0258 0x160c [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
19:43:04.0430 0x160c ntrigdigi - ok
19:43:04.0461 0x160c [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null C:\Windows\system32\drivers\Null.sys
19:43:04.0648 0x160c Null - ok
19:43:04.0679 0x160c [ E69E946F80C1C31C53003BFBF50CBB7C, A0A4BC57822B2CBC75602A969E28DCEDE04B41CC084E1EF1532B1BCDAEAA43BB ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:43:04.0789 0x160c nvraid - ok
19:43:04.0820 0x160c [ 9E0BA19A28C498A6D323D065DB76DFFC, EA9E33ED2820ED39932FAE114A9CF1D87780ED6605D0260A6F22F920B48F34E9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:43:04.0913 0x160c nvstor - ok
19:43:04.0960 0x160c [ 07C186427EB8FCC3D8D7927187F260F7, 9AFDE1CB7B7232BD019804BFC691580B9CC2E51A5BC0E5584B23907D532600D8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:43:05.0054 0x160c nv_agp - ok
19:43:05.0069 0x160c NwlnkFlt - ok
19:43:05.0069 0x160c NwlnkFwd - ok
19:43:05.0210 0x160c [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:43:05.0335 0x160c odserv - ok
19:43:05.0366 0x160c [ BE32DA025A0BE1878F0EE8D6D9386CD5, B9D6CB4626FC67D108D713467C9ED8D0E2A071D98621B5531AD9D0C172FE7B89 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:43:05.0537 0x160c ohci1394 - ok
19:43:05.0584 0x160c [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:43:05.0678 0x160c ose - ok
19:43:05.0787 0x160c [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc C:\Windows\system32\p2psvc.dll
19:43:05.0974 0x160c p2pimsvc - ok
19:43:06.0021 0x160c [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc C:\Windows\system32\p2psvc.dll
19:43:06.0224 0x160c p2psvc - ok
19:43:06.0255 0x160c [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport C:\Windows\system32\drivers\parport.sys
19:43:06.0427 0x160c Parport - ok
19:43:06.0473 0x160c [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:43:06.0583 0x160c partmgr - ok
19:43:06.0598 0x160c [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
19:43:06.0801 0x160c Parvdm - ok
19:43:06.0832 0x160c [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc C:\Windows\System32\pcasvc.dll
19:43:06.0973 0x160c PcaSvc - ok
19:43:07.0035 0x160c [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci C:\Windows\system32\drivers\pci.sys
19:43:07.0144 0x160c pci - ok
19:43:07.0191 0x160c [ 3B1901E401473E03EB8C874271E50C26, 3C7931F419E29FDD0155D8D05D97289430A2852FCB3DBAD1B338FE2241458E72 ] pciide C:\Windows\system32\drivers\pciide.sys
19:43:07.0285 0x160c pciide - ok
19:43:07.0316 0x160c [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:43:07.0425 0x160c pcmcia - ok
19:43:07.0503 0x160c [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:43:07.0753 0x160c PEAUTH - ok
19:43:07.0909 0x160c [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla C:\Windows\system32\pla.dll
19:43:08.0174 0x160c pla - ok
19:43:08.0221 0x160c [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:43:08.0361 0x160c PlugPlay - ok
19:43:08.0423 0x160c [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
19:43:08.0595 0x160c PNRPAutoReg - ok
19:43:08.0626 0x160c [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc C:\Windows\system32\p2psvc.dll
19:43:08.0798 0x160c PNRPsvc - ok
19:43:08.0876 0x160c [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:43:09.0110 0x160c PolicyAgent - ok
19:43:09.0141 0x160c [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:43:09.0328 0x160c PptpMiniport - ok
19:43:09.0391 0x160c [ 0E3CEF5D28B40CF273281D620C50700A, 8ADA99B4563AE2129B95136295EE92A94102B035EBBC83D4C8587ECE8B0DEE60 ] Processor C:\Windows\system32\drivers\processr.sys
19:43:09.0578 0x160c Processor - ok
19:43:09.0625 0x160c [ 0D5DAD610D7EA1627581ED06FB2BAA9A, 6E27CF3A1624AE10EECB8B5F38E03D76A6AABE4E75DD66DEDD67E0773935A396 ] ProfSvc C:\Windows\system32\profsvc.dll
19:43:09.0796 0x160c ProfSvc - ok
19:43:09.0812 0x160c [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
19:43:09.0937 0x160c ProtectedStorage - ok
19:43:09.0983 0x160c [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
19:43:10.0108 0x160c PSched - ok
19:43:10.0186 0x160c [ CCDAC889326317792480C0A67156A1EC, 3D3B561B6D4E12DE442C98993C929765F002AF5CFB5A00EFACE6ABE957F7E8AF ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:43:10.0342 0x160c ql2300 - ok
19:43:10.0405 0x160c [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:43:10.0514 0x160c ql40xx - ok
19:43:10.0561 0x160c [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE C:\Windows\system32\qwave.dll
19:43:10.0685 0x160c QWAVE - ok
19:43:10.0732 0x160c [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:43:10.0873 0x160c QWAVEdrv - ok
19:43:11.0044 0x160c [ 862A386A6FB4F420FF422B141F8069B4, E47A317FDDC677DC2A14F4EB23EA40FEFD8AE9FDF29FC0DD9D1AE350CD0D606E ] RapportCerberus_1412112 C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_1412112.sys
19:43:11.0185 0x160c RapportCerberus_1412112 - ok
19:43:11.0263 0x160c [ 1C6AC349FC3BC3D43C32B391E248EB1F, B7BF731858B1C54ACC5DA2F3807D3733D112368E58CF18DB3BA5DA1C1B2B54B9 ] RapportEI C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys
19:43:11.0372 0x160c RapportEI - ok
19:43:11.0434 0x160c [ 0AFE346F9A472E31AC5CEA816C6051B2, 27178D115A4F81084858F2738C3EF595519D51F68AB0D41A51FE7AFD38CAFF62 ] RapportHades C:\Windows\system32\Drivers\RapportHades.sys
19:43:11.0528 0x160c RapportHades - ok
19:43:11.0559 0x160c [ 44E4D168E17DDD51534B1B772A2F2900, 48F950A1ADC7EF8DD966CB56EDA00AE5FA21DAE86AE4618FDD444A042DC706F1 ] RapportKELL C:\Windows\system32\Drivers\RapportKELL.sys
19:43:11.0653 0x160c RapportKELL - ok
19:43:11.0809 0x160c [ C6B6270CD764CD00A2E6BF04FA9F63CF, 72C5E0FDB9A810F52153E025FDC916D8F1368C07E2F18A87640AEBD6CAD7B003 ] RapportMgmtService C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
19:43:12.0074 0x160c RapportMgmtService - ok
19:43:12.0136 0x160c [ F10BFFCF095CF0ADEF67EAF95E4B4C32, CF52EE7F78317DB5D74CC652295DA82128E9BE095FA27E5C930B82EAE162E070 ] RapportPG C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys
19:43:12.0292 0x160c RapportPG - ok
19:43:12.0339 0x160c [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:43:12.0479 0x160c RasAcd - ok
19:43:12.0526 0x160c [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto C:\Windows\System32\rasauto.dll
19:43:12.0713 0x160c RasAuto - ok
19:43:12.0776 0x160c [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:43:12.0916 0x160c Rasl2tp - ok
19:43:12.0994 0x160c [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan C:\Windows\System32\rasmans.dll
19:43:13.0135 0x160c RasMan - ok
19:43:13.0213 0x160c [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:43:13.0353 0x160c RasPppoe - ok
19:43:13.0384 0x160c [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:43:13.0525 0x160c RasSstp - ok
19:43:13.0571 0x160c [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:43:13.0712 0x160c rdbss - ok
19:43:13.0759 0x160c [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:43:13.0915 0x160c RDPCDD - ok
19:43:13.0993 0x160c [ E8BD98D46F2ED77132BA927FCCB47D8B, 5187CF8F00AD67EDDF27DF675F3210C0D72E552578A89C58DF6953B1D5BEBCB8 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
19:43:14.0195 0x160c rdpdr - ok
19:43:14.0211 0x160c [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:43:14.0383 0x160c RDPENCDD - ok
19:43:14.0429 0x160c [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:43:14.0585 0x160c RDPWD - ok
19:43:14.0663 0x160c [ 89525CC2DBAD44F7199B9CC188B3F9C5, 09708EFA65BC1CCF92E6F2E143FCF88C645B1633AFE0DED833CDF945CB077D8C ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
19:43:14.0757 0x160c RealNetworks Downloader Resolver Service - ok
19:43:14.0851 0x160c [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess C:\Windows\System32\mprdim.dll
19:43:15.0007 0x160c RemoteAccess - ok
19:43:15.0038 0x160c [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:43:15.0194 0x160c RemoteRegistry - ok
19:43:15.0225 0x160c [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator C:\Windows\system32\locator.exe
19:43:15.0334 0x160c RpcLocator - ok
19:43:15.0397 0x160c [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs C:\Windows\system32\rpcss.dll
19:43:15.0568 0x160c RpcSs - ok
19:43:15.0599 0x160c [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:43:15.0740 0x160c rspndr - ok
19:43:15.0802 0x160c [ 2D19A7469EA19993D0C12E627F4530BC, B59F0D4ACAA60ED95093FA561D4C5D87F26C9F6C646858772743038D97B2D6AB ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
19:43:15.0911 0x160c RTL8169 - ok
19:43:16.0114 0x160c [ 7FE5089EB5F624899DE08C30DB4377FC, 3CCFDA09D8E356A1064DAB158D7B0106822C8DD4CEDAB677343415D9EC5B5F6C ] RTL8187B C:\Windows\system32\DRIVERS\RTL8187B.sys
19:43:16.0270 0x160c RTL8187B - ok
19:43:16.0286 0x160c [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs C:\Windows\system32\lsass.exe
19:43:16.0411 0x160c SamSs - ok
19:43:16.0473 0x160c SASKUTIL - ok
19:43:16.0504 0x160c [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:43:16.0598 0x160c sbp2port - ok
19:43:16.0660 0x160c [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:43:16.0816 0x160c SCardSvr - ok
19:43:16.0894 0x160c [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule C:\Windows\system32\schedsvc.dll
19:43:17.0081 0x160c Schedule - ok
19:43:17.0128 0x160c [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc C:\Windows\System32\certprop.dll
19:43:17.0253 0x160c SCPolicySvc - ok
19:43:17.0284 0x160c [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:43:17.0440 0x160c SDRSVC - ok
19:43:17.0487 0x160c [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:43:17.0690 0x160c secdrv - ok
19:43:17.0721 0x160c [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon C:\Windows\system32\seclogon.dll
19:43:17.0893 0x160c seclogon - ok
19:43:17.0908 0x160c [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS C:\Windows\System32\sens.dll
19:43:18.0064 0x160c SENS - ok
19:43:18.0095 0x160c [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum C:\Windows\system32\drivers\serenum.sys
19:43:18.0283 0x160c Serenum - ok
19:43:18.0345 0x160c [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial C:\Windows\system32\drivers\serial.sys
19:43:18.0517 0x160c Serial - ok
19:43:18.0548 0x160c [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:43:18.0688 0x160c sermouse - ok
19:43:18.0751 0x160c [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv C:\Windows\system32\sessenv.dll
19:43:18.0907 0x160c SessionEnv - ok
19:43:18.0922 0x160c [ 103B79418DA647736EE95645F305F68A, E4D356FD8C62B616D3584FE84905995A1CEE452288E3A456CC358FF41FEAB1B7 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:43:19.0094 0x160c sffdisk - ok
19:43:19.0125 0x160c [ 8FD08A310645FE872EEEC6E08C6BF3EE, 702A148C9DE172E7B5E331F057487255E0729FD42F949BB0FF2D5A01775933CF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:43:19.0281 0x160c sffp_mmc - ok
19:43:19.0328 0x160c [ 9CFA05FCFCB7124E69CFC812B72F9614, E9CFCE695E4D1AF146781CFAA295878536E573F06AEA65438878DE29EC9959AD ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:43:19.0515 0x160c sffp_sd - ok
19:43:19.0531 0x160c [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:43:19.0702 0x160c sfloppy - ok
19:43:19.0749 0x160c [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:43:19.0921 0x160c SharedAccess - ok
19:43:19.0983 0x160c [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:43:20.0170 0x160c ShellHWDetection - ok
19:43:20.0217 0x160c [ D2A595D6EEBEEAF4334F8E50EFBC9931, 851B8205C657BF806C4D815DC75356E99B4246016B6E1C1F51BAF8AD1E6D5299 ] sisagp C:\Windows\system32\drivers\sisagp.sys
19:43:20.0311 0x160c sisagp - ok
19:43:20.0342 0x160c [ CEDD6F4E7D84E9F98B34B3FE988373AA, E102977E6FAC30B5ABEEC0B412A9F2A10C5C42F4D9C3AD69296BF9E1E88B6141 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
19:43:20.0451 0x160c SiSRaid2 - ok
19:43:20.0498 0x160c [ DF843C528C4F69D12CE41CE462E973A7, A2BEC74FCB8D8B6B9D8DD4746C013DFDF1DD662AEFE9B88CA495E5B83B4A76F9 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:43:20.0591 0x160c SiSRaid4 - ok
19:43:20.0841 0x160c [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc C:\Windows\system32\SLsvc.exe
19:43:21.0278 0x160c slsvc - ok
19:43:21.0340 0x160c [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify C:\Windows\system32\SLUINotify.dll
19:43:21.0481 0x160c SLUINotify - ok
19:43:21.0527 0x160c [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:43:21.0683 0x160c Smb - ok
19:43:21.0746 0x160c [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:43:21.0855 0x160c SNMPTRAP - ok
19:43:21.0917 0x160c [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr C:\Windows\system32\drivers\spldr.sys
19:43:22.0011 0x160c spldr - ok
19:43:22.0042 0x160c [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler C:\Windows\System32\spoolsv.exe
19:43:22.0183 0x160c Spooler - ok
19:43:22.0245 0x160c [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv C:\Windows\system32\DRIVERS\srv.sys
19:43:22.0401 0x160c srv - ok
19:43:22.0448 0x160c [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:43:22.0604 0x160c srv2 - ok
19:43:22.0635 0x160c [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:43:22.0760 0x160c srvnet - ok
19:43:22.0807 0x160c [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:43:22.0978 0x160c SSDPSRV - ok
19:43:23.0009 0x160c [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:43:23.0150 0x160c SstpSvc - ok
19:43:23.0181 0x160c [ EF70B3D22B4BFFDA6EA851ECB063EFAA, 1666572F8F988805C3A2E949FA6B060B35B72DBB115B86F4CFC710FB6A86C3E3 ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
19:43:23.0306 0x160c StillCam - ok
19:43:23.0368 0x160c [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc C:\Windows\System32\wiaservc.dll
19:43:23.0555 0x160c stisvc - ok
19:43:23.0587 0x160c [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:43:23.0680 0x160c swenum - ok
19:43:23.0743 0x160c [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv C:\Windows\System32\swprv.dll
19:43:23.0914 0x160c swprv - ok
19:43:23.0977 0x160c [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
19:43:24.0070 0x160c Symc8xx - ok
19:43:24.0117 0x160c [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
19:43:24.0211 0x160c Sym_hi - ok
19:43:24.0242 0x160c [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
19:43:24.0351 0x160c Sym_u3 - ok
19:43:24.0413 0x160c [ 70534D1E4F9AC990536D5FB5B550B3DE, BD7F52FAD8FDF7F5FE37B6E6101D1386816F371894DD46D799FF4107F98134A1 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
19:43:24.0523 0x160c SynTP - ok
19:43:24.0632 0x160c [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain C:\Windows\system32\sysmain.dll
19:43:24.0850 0x160c SysMain - ok
19:43:24.0897 0x160c [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:43:25.0037 0x160c TabletInputService - ok
19:43:25.0100 0x160c [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:43:25.0256 0x160c TapiSrv - ok
19:43:25.0303 0x160c [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS C:\Windows\System32\tbssvc.dll
19:43:25.0459 0x160c TBS - ok
19:43:25.0568 0x160c [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:43:25.0755 0x160c Tcpip - ok
19:43:25.0817 0x160c [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
19:43:25.0973 0x160c Tcpip6 - ok
19:43:26.0020 0x160c [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:43:26.0161 0x160c tcpipreg - ok
19:43:26.0223 0x160c [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:43:26.0348 0x160c TDPIPE - ok
19:43:26.0379 0x160c [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:43:26.0519 0x160c TDTCP - ok
19:43:26.0582 0x160c [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:43:26.0722 0x160c tdx - ok
19:43:26.0753 0x160c [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:43:26.0847 0x160c TermDD - ok
19:43:26.0925 0x160c [ DBD84E59D631569EC3E756EF144E8431, 9E58629EC762584A2D294A619593620626F7CBE467045AD0F920B6CF1D4B4724 ] TermService C:\Windows\System32\termsrv.dll
19:43:27.0081 0x160c TermService - ok
19:43:27.0128 0x160c [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes C:\Windows\system32\shsvcs.dll
19:43:27.0253 0x160c Themes - ok
19:43:27.0299 0x160c [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER C:\Windows\system32\mmcss.dll
19:43:27.0424 0x160c THREADORDER - ok
19:43:27.0471 0x160c [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks C:\Windows\System32\trkwks.dll
19:43:27.0627 0x160c TrkWks - ok
19:43:27.0705 0x160c [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:43:27.0830 0x160c TrustedInstaller - ok
19:43:27.0908 0x160c [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:43:28.0048 0x160c tssecsrv - ok
19:43:28.0111 0x160c [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
19:43:28.0235 0x160c tunmp - ok
19:43:28.0251 0x160c [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:43:28.0391 0x160c tunnel - ok
19:43:28.0423 0x160c [ 792A8B80F8188ABA4B2BE271583F3E46, BFE96D13926F3CB7D807CEBB5E190736B742EB5C93F7FED08AA5D145F4B6A874 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS
19:43:28.0516 0x160c TVALZ - ok
19:43:28.0547 0x160c [ C3ADE15414120033A36C0F293D4A4121, 74A002C4B5EBD94E33EDEACB6639AF44ED72A8DDE3083C6DE71C1EE937EF1A9C ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:43:28.0657 0x160c uagp35 - ok
19:43:28.0688 0x160c [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:43:28.0828 0x160c udfs - ok
19:43:28.0875 0x160c [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:43:29.0031 0x160c UI0Detect - ok
19:43:29.0062 0x160c [ 75E6890EBFCE0841D3291B02E7A8BDB0, FDF9CDCCCCC0AA2A52623C5A67AC5F5224557EE4C8F6487CB13CAEB012575E2A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:43:29.0171 0x160c uliagpkx - ok
19:43:29.0234 0x160c [ 3CD4EA35A6221B85DCC25DAA46313F8D, 100A7E12B8EA395F70A00874328E87B930CE88FF442F3576FE88B105A22E04C5 ] uliahci C:\Windows\system32\drivers\uliahci.sys
19:43:29.0343 0x160c uliahci - ok
19:43:29.0374 0x160c [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata C:\Windows\system32\drivers\ulsata.sys
19:43:29.0483 0x160c UlSata - ok
19:43:29.0515 0x160c [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
19:43:29.0608 0x160c ulsata2 - ok
19:43:29.0671 0x160c [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:43:29.0811 0x160c umbus - ok
19:43:29.0858 0x160c [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost C:\Windows\System32\upnphost.dll
19:43:30.0029 0x160c upnphost - ok
19:43:30.0076 0x160c [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
19:43:30.0217 0x160c USBAAPL - ok
19:43:30.0263 0x160c [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:43:30.0388 0x160c usbccgp - ok
19:43:30.0466 0x160c [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:43:30.0622 0x160c usbcir - ok
19:43:30.0685 0x160c [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:43:30.0794 0x160c usbehci - ok
19:43:30.0856 0x160c [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:43:30.0997 0x160c usbhub - ok
19:43:31.0012 0x160c [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:43:31.0199 0x160c usbohci - ok
19:43:31.0246 0x160c [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:43:31.0387 0x160c usbprint - ok
19:43:31.0465 0x160c [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:43:31.0589 0x160c usbscan - ok
19:43:31.0621 0x160c [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:43:31.0761 0x160c USBSTOR - ok
19:43:31.0792 0x160c [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:43:31.0933 0x160c usbuhci - ok
19:43:31.0979 0x160c [ 73FF24E21B690625A58109637DDA0DF7, 62B1F9CD82678E2110D4BB5CC86EE8A7AB0757681443916620B6AAA1EF0DECEB ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
19:43:32.0151 0x160c usbvideo - ok
19:43:32.0213 0x160c [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms C:\Windows\System32\uxsms.dll
19:43:32.0354 0x160c UxSms - ok
19:43:32.0416 0x160c [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds C:\Windows\System32\vds.exe
19:43:32.0619 0x160c vds - ok
19:43:32.0650 0x160c [ 7D92BE0028ECDEDEC74617009084B5EF, D0749CE6FA3415BA4364299F8D6D53F133E8D2F44C6F1057996243415A540A53 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:43:32.0822 0x160c vga - ok
19:43:32.0915 0x160c [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave C:\Windows\System32\drivers\vga.sys
19:43:33.0071 0x160c VgaSave - ok
19:43:33.0103 0x160c [ 045D9961E591CF0674A920B6BA3BA5CB, EBF498A0424CEA0F7ECBAAE144A8669CE6B5DD67115DE22CEC5A46AED26CD90B ] viaagp C:\Windows\system32\drivers\viaagp.sys
19:43:33.0196 0x160c viaagp - ok
19:43:33.0227 0x160c [ 56A4DE5F02F2E88182B0981119B4DD98, 36FC94BCFD41907838DBCB02E6EA24065FDED4224239CD19E90D14433BE9108B ] ViaC7 C:\Windows\system32\drivers\viac7.sys
19:43:33.0383 0x160c ViaC7 - ok
19:43:33.0415 0x160c [ FD2E3175FCADA350C7AB4521DCA187EC, 1C914B184478611A27E0141F90EBC34FC63DFB2A83441DD36DFA43D945FB1C52 ] viaide C:\Windows\system32\drivers\viaide.sys
19:43:33.0508 0x160c viaide - ok
19:43:33.0539 0x160c [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:43:33.0633 0x160c volmgr - ok
19:43:33.0680 0x160c [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:43:33.0789 0x160c volmgrx - ok
19:43:33.0836 0x160c [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:43:33.0945 0x160c volsnap - ok
19:43:33.0976 0x160c [ D984439746D42B30FC65A4C3546C6829, B134A9890638C2B4964A9C30812A2828A3E0CC641690CBF22D9FCE65EE3C2385 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:43:34.0085 0x160c vsmraid - ok
19:43:34.0179 0x160c [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS C:\Windows\system32\vssvc.exe
19:43:34.0397 0x160c VSS - ok
19:43:34.0522 0x160c [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time C:\Windows\system32\w32time.dll
19:43:34.0694 0x160c W32Time - ok
19:43:34.0803 0x160c [ 9CA92191C8F18E8B491A5B28E63C07B7, 860064EA49ADB0ED6D88C405C60791F09A5F57E3A4701908F6843E8AF481E594 ] W3SVC C:\Windows\system32\inetsrv\iisw3adm.dll
19:43:34.0990 0x160c W3SVC - ok
19:43:35.0037 0x160c [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:43:35.0224 0x160c WacomPen - ok
19:43:35.0255 0x160c [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
19:43:35.0380 0x160c Wanarp - ok
19:43:35.0396 0x160c [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:43:35.0521 0x160c Wanarpv6 - ok
19:43:35.0552 0x160c [ 9CA92191C8F18E8B491A5B28E63C07B7, 860064EA49ADB0ED6D88C405C60791F09A5F57E3A4701908F6843E8AF481E594 ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll
19:43:35.0692 0x160c WAS - ok
19:43:35.0755 0x160c [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:43:35.0895 0x160c wcncsvc - ok
19:43:35.0942 0x160c [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:43:36.0067 0x160c WcsPlugInService - ok
19:43:36.0113 0x160c [ AFC5AD65B991C1E205CF25CFDBF7A6F4, 544173AE85A11B99B9221DB30B6803DAEB3EB7FCA57FE62F0D13EF70B9C69A89 ] Wd C:\Windows\system32\drivers\wd.sys
19:43:36.0207 0x160c Wd - ok
19:43:36.0301 0x160c [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:43:36.0441 0x160c Wdf01000 - ok
19:43:36.0519 0x160c [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:43:36.0659 0x160c WdiServiceHost - ok
19:43:36.0675 0x160c [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:43:36.0831 0x160c WdiSystemHost - ok
19:43:36.0893 0x160c [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient C:\Windows\System32\webclnt.dll
19:43:37.0034 0x160c WebClient - ok
19:43:37.0096 0x160c [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:43:37.0330 0x160c Wecsvc - ok
19:43:37.0393 0x160c [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:43:37.0533 0x160c wercplsupport - ok
19:43:37.0611 0x160c [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc C:\Windows\System32\WerSvc.dll
19:43:37.0751 0x160c WerSvc - ok
19:43:37.0845 0x160c [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
19:43:37.0970 0x160c WinDefend - ok
19:43:38.0001 0x160c WinHttpAutoProxySvc - ok
19:43:38.0126 0x160c [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:43:38.0266 0x160c Winmgmt - ok
19:43:38.0407 0x160c [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM C:\Windows\system32\WsmSvc.dll
19:43:38.0719 0x160c WinRM - ok
19:43:38.0875 0x160c [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:43:39.0109 0x160c Wlansvc - ok
19:43:39.0265 0x160c [ 6067ACEF367E79914AF628FA1E9B5330, 491A705267B48C103E00B26BBD21FA8829DB03A88343CBC27264CEE5DE8C8DEF ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:43:39.0374 0x160c wlcrasvc - ok
19:43:39.0530 0x160c [ 0A70F4022EC2E14C159EFC4F69AA2477, FF248136576F9803762C54DE5439D3411B52DCBC95B93176A5DAB857967D9AC4 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:43:39.0779 0x160c wlidsvc - ok
19:43:39.0826 0x160c [ 701A9F884A294327E9141D73746EE279, C8A46B8C32F9EAC7848D385473F6B5C4B6DA719A941A75AD5F081757FC07A09D ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:43:39.0998 0x160c WmiAcpi - ok
19:43:40.0045 0x160c [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:43:40.0201 0x160c wmiApSrv - ok
19:43:40.0325 0x160c [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
19:43:40.0575 0x160c WMPNetworkSvc - ok
19:43:40.0637 0x160c [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:43:40.0778 0x160c WPCSvc - ok
19:43:40.0840 0x160c [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:43:41.0012 0x160c WPDBusEnum - ok
19:43:41.0043 0x160c [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
19:43:41.0152 0x160c WpdUsb - ok
19:43:41.0261 0x160c [ C108DC20ACE05072350DBB6934E277FB, 548E6ABE4C4ADE48260FFDC7BADFD1697972EA3AE94D6576498C8A183D8CE0C8 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:43:41.0449 0x160c WPFFontCache_v0400 - ok
19:43:41.0480 0x160c [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:43:41.0620 0x160c ws2ifsl - ok
19:43:41.0683 0x160c [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc C:\Windows\System32\wscsvc.dll
19:43:41.0807 0x160c wscsvc - ok
19:43:41.0823 0x160c WSearch - ok
19:43:41.0995 0x160c [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv C:\Windows\system32\wuaueng.dll
19:43:42.0275 0x160c wuauserv - ok
19:43:42.0338 0x160c [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:43:42.0509 0x160c WudfPf - ok
19:43:42.0556 0x160c [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:43:42.0697 0x160c WUDFRd - ok
19:43:42.0790 0x160c [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:43:42.0931 0x160c wudfsvc - ok
19:43:42.0993 0x160c ================ Scan global ===============================
19:43:43.0055 0x160c [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
19:43:43.0102 0x160c [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
19:43:43.0196 0x160c [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
19:43:43.0321 0x160c [ 4F0A7910FC7D8A66433FA9961EEF8BB5, 2086EDEE8CF9CC9BDBDC03018F7C28BB56172F941CB4D6F3D857BCF82B32FB6B ] C:\Windows\system32\services.exe
19:43:43.0336 0x160c [ Global ] - ok
19:43:43.0336 0x160c ================ Scan MBR ==================================
19:43:43.0352 0x160c [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
19:43:44.0366 0x160c \Device\Harddisk0\DR0 - ok
19:43:44.0366 0x160c ================ Scan VBR ==================================
19:43:44.0397 0x160c [ C2F480945DFC237F26F1C5A8C90BF183 ] \Device\Harddisk0\DR0\Partition1
19:43:44.0491 0x160c \Device\Harddisk0\DR0\Partition1 - ok
19:43:44.0491 0x160c ================ Scan generic autorun ======================
19:43:45.0146 0x160c [ 6E240D6C2F0DB74BED13AD723D3AB0A1, 99811F1EF27E0B6DDCF79DD07F49931FD55788407AB48C019C1E1B7592919614 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
19:43:45.0567 0x160c SynTPEnh - ok
19:43:45.0723 0x160c [ 714C602C1B8CEF17E25C753F1BACF78D, E0B0DC548CA9DA7F3D0EEE9EDACC9058D5C845E8B03B841434EB1E03683A9B73 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
19:43:45.0832 0x160c AppleSyncNotifier - ok
19:43:46.0253 0x160c [ 6E70704C2568ED01CDDF6291F5043763, F07ECD25C2009286AB8356DCD71169A226C40D61B9FA128102CB9C5D9D64E898 ] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
19:43:46.0877 0x160c CanonMyPrinter - ok
19:43:46.0987 0x160c [ C9DD39EE21F7AA5851804507ECB2699A, D7E2F10729852B8E0EA3FFBE4A6EB89D0D79CE5C9D61B9EBDB047ABEC4265299 ] C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
19:43:47.0080 0x160c Monitor - detected UnsignedFile.Multi.Generic ( 1 )
19:43:47.0080 0x160c Monitor ( UnsignedFile.Multi.Generic ) - warning
19:44:00.0917 0x160c [ 5C59E612AA95F10DBD29F6249EA379D3, CC1B5D70960C49DAEBD0BBFA908A1F6D823FCF5030AEBEEA646A04DAC338579B ] C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
19:44:01.0198 0x160c EKStatusMonitor - ok
19:44:01.0619 0x160c [ 8E3663E3EE29594448CEFEFC8F25661A, 761C630AC3018B2CCBF7FB07EF26F57CC674AD0FCDAEA17BC16FBEFF965C3AD2 ] C:\Program Files\AVG\AVG2014\avgui.exe
19:44:02.0134 0x160c AVG_UI - ok
19:44:02.0197 0x160c [ 6080A176D09435FC8E6E800996656E18, 2E661732F83521AB1E33749DE7E1478A05BC182B14F101531E908B1B555ACA18 ] C:\Windows\system32\conime.exe
19:44:02.0321 0x160c Conime - ok
19:44:02.0524 0x160c [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
19:44:02.0727 0x160c Sidebar - ok
19:44:02.0743 0x160c WindowsWelcomeCenter - ok
19:44:02.0821 0x160c [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
19:44:03.0023 0x160c Sidebar - ok
19:44:03.0023 0x160c WindowsWelcomeCenter - ok
19:44:03.0101 0x160c [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\sidebar.exe
19:44:03.0304 0x160c Sidebar - ok
19:44:03.0382 0x160c [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
19:44:03.0476 0x160c swg - ok
19:44:04.0490 0x160c [ 6313BA5D7F348576758CE789AF7E548A, FE8DA6EB0D551B98BF1C7A64EDE9F1CEEAF05BA312B9C07EAEEEFA1C0032A6AA ] C:\Program Files\CCleaner\CCleaner.exe
19:44:05.0020 0x160c CCleaner Monitoring - ok
19:44:05.0067 0x160c AV detected via SS2: AVG AntiVirus 2014, C:\Program Files\AVG\AVG2014\avgwsc.exe ( 14.0.0.4813 ), 0x41000 ( enabled : updated )
19:44:05.0083 0x160c Win FW state via NFP2: enabled
19:44:08.0156 0x160c ============================================================
19:44:08.0156 0x160c Scan finished
19:44:08.0156 0x160c ============================================================
19:44:08.0156 0x0b60 Detected object count: 2
19:44:08.0156 0x0b60 Actual detected object count: 2
19:44:45.0331 0x0b60 LeapFrog Connect Device Service ( UnsignedFile.Multi.Generic ) - skipped by user
19:44:45.0331 0x0b60 LeapFrog Connect Device Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:44:45.0331 0x0b60 Monitor ( UnsignedFile.Multi.Generic ) - skipped by user
19:44:45.0331 0x0b60 Monitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:44:58.0528 0x14bc Deinitialize success
walshie
Regular Member
 
Posts: 61
Joined: December 17th, 2005, 1:06 pm

Re: Really poor performace!

Unread postby walshie » July 18th, 2015, 3:31 pm

And the OTL log file:

OTL logfile created on: 18/07/2015 19:53:59 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\toshiba\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1.87 Gb Total Physical Memory | 1.03 Gb Available Physical Memory | 54.80% Memory free
3.98 Gb Paging File | 3.09 Gb Available in Paging File | 77.44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 25.41 Gb Free Space | 17.05% Space Free | Partition Type: NTFS

Computer Name: TOSHIBA-PC | User Name: toshiba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2015/07/18 19:52:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\toshiba\Desktop\OTL.exe
PRC - [2015/06/12 11:46:28 | 000,853,968 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgrsx.exe
PRC - [2015/06/12 11:46:10 | 000,665,040 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgemcx.exe
PRC - [2015/06/12 11:46:02 | 000,845,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgnsx.exe
PRC - [2015/06/12 11:45:34 | 000,300,408 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe
PRC - [2015/06/12 11:45:30 | 000,650,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgcsrvx.exe
PRC - [2015/06/02 18:40:52 | 002,980,120 | ---- | M] (IBM Corp.) -- C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
PRC - [2015/06/02 18:40:52 | 002,222,360 | ---- | M] (IBM Corp.) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2014/03/23 17:04:20 | 000,557,056 | ---- | M] () -- C:\Program Files\Trusteer\Rapport\bin\js32.dll


========== Services (SafeList) ==========

SRV - [2015/07/15 11:05:49 | 000,268,976 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/06/18 08:39:50 | 001,133,880 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2015/06/12 11:48:40 | 003,257,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2015/06/12 11:45:34 | 000,300,408 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2015/06/02 18:40:52 | 002,222,360 | ---- | M] (IBM Corp.) [Auto | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2015/04/29 23:15:00 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015/04/08 14:50:12 | 000,708,616 | ---- | M] (Garmin Ltd. or its subsidiaries) [Auto | Stopped] -- C:\Program Files\Garmin\Device Interaction Service\GarminService.exe -- (Garmin Device Interaction Service)
SRV - [2013/06/26 16:37:56 | 007,391,232 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Stopped] -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)
SRV - [2013/03/06 03:21:50 | 000,039,056 | ---- | M] () [Auto | Stopped] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2012/10/19 15:51:08 | 000,395,200 | ---- | M] (Eastman Kodak Company) [Auto | Stopped] -- C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe -- (Kodak AiO Network Discovery Service)
SRV - [2012/10/15 12:58:22 | 000,779,200 | ---- | M] (Eastman Kodak Company) [Auto | Stopped] -- C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe -- (Kodak AiO Status Monitor Service)
SRV - [2010/04/21 18:46:17 | 000,373,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010/04/21 18:46:17 | 000,373,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2009/04/11 07:28:17 | 000,052,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2008/01/19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2015/06/23 10:31:03 | 000,531,416 | ---- | M] (IBM Corp.) [Kernel | System | Running] -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_1412112.sys -- (RapportCerberus_1412112)
DRV - [2015/06/18 08:41:50 | 000,051,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV - [2015/06/18 08:41:36 | 000,023,256 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2015/06/02 18:41:04 | 000,337,176 | ---- | M] (IBM Corp.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG)
DRV - [2015/06/02 18:41:04 | 000,280,088 | ---- | M] (IBM Corp.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys -- (RapportEI)
DRV - [2015/06/02 18:41:04 | 000,218,264 | ---- | M] (IBM Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RapportKELL.sys -- (RapportKELL)
DRV - [2015/06/02 18:41:04 | 000,068,280 | ---- | M] (IBM Corp.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\RapportHades.sys -- (RapportHades)
DRV - [2015/05/26 21:11:36 | 000,179,680 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2015/05/26 21:11:20 | 000,271,840 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avglogx.sys -- (Avglogx)
DRV - [2015/05/26 21:02:54 | 000,161,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2015/05/22 09:56:06 | 000,029,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2015/05/18 21:14:04 | 000,206,304 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2014/10/24 11:20:12 | 000,189,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2014/07/21 21:03:22 | 000,200,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2014/06/30 12:43:12 | 000,121,624 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgdiskx.sys -- (Avgdiskx)
DRV - [2014/06/17 16:06:22 | 000,027,416 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2010/06/23 10:21:32 | 000,259,176 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009/06/10 14:52:58 | 000,347,648 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL8187B.sys -- (RTL8187B)
DRV - [2007/11/09 06:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)
DRV - [2006/11/19 23:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2006/11/02 08:41:50 | 000,983,552 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7


IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-2168144753-1382697019-843529903-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.yahoo.com/?fr=fp-yie9
IE - HKU\S-1-5-21-2168144753-1382697019-843529903-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-2168144753-1382697019-843529903-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-2168144753-1382697019-843529903-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2168144753-1382697019-843529903-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE - HKU\S-1-5-21-2168144753-1382697019-843529903-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2168144753-1382697019-843529903-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKU\S-1-5-21-2168144753-1382697019-843529903-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 70 B2 CA 21 C0 F1 CE 01 [binary data]
IE - HKU\S-1-5-21-2168144753-1382697019-843529903-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2168144753-1382697019-843529903-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-2168144753-1382697019-843529903-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKU\S-1-5-21-2168144753-1382697019-843529903-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2168144753-1382697019-843529903-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2168144753-1382697019-843529903-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADRA_enGB414
IE - HKU\S-1-5-21-2168144753-1382697019-843529903-1000\..\SearchScopes\{F64D7644-C003-4E60-B445-752C6F53585A}: "URL" = http://www.flickr.com/search/?q={searchTerms}
IE - HKU\S-1-5-21-2168144753-1382697019-843529903-1000\..\SearchScopes\{F9278F4E-9A5C-4651-BE56-12D8E68BC315}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=chr-yie9
IE - HKU\S-1-5-21-2168144753-1382697019-843529903-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.1.18: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.1.18: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\toshiba\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\toshiba\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DAC3F861-B30D-40dd-9166-F4E75327FAC7}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/03/27 18:19:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/03/27 18:19:43 | 000,000,000 | ---D | M]

[2013/08/10 17:15:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

========== Chrome ==========

CHR - Extension: No name found = C:\Users\toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.1_0\
CHR - Extension: No name found = C:\Users\toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_0\
CHR - Extension: No name found = C:\Users\toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\

O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [Conime] C:\Windows\System32\conime.exe (Microsoft Corporation)
O4 - HKLM..\Run: [EKStatusMonitor] C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe (Eastman Kodak Company)
O4 - HKLM..\Run: [Monitor] C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)
O4 - HKU\.DEFAULT..\Run: [GarminExpressTrayApp] C:\Program Files\Garmin\Express Tray\tray.exe (Garmin Ltd. or its subsidiaries)
O4 - HKU\S-1-5-18..\Run: [GarminExpressTrayApp] C:\Program Files\Garmin\Express Tray\tray.exe (Garmin Ltd. or its subsidiaries)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2168144753-1382697019-843529903-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C174F4A7-D763-49F9-82C2-6C7FEF8C2E1F}: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O24 - Desktop WallPaper: C:\Users\toshiba\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\toshiba\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{7efd8a95-338f-11e0-9ae4-00266c323ab8}\Shell\AutoRun\command - "" = F:\setupSNK.exe
O33 - MountPoints2\{8ed7fb13-1834-11e0-8931-00266c323ab8}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2015/07/18 19:52:06 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\toshiba\Desktop\OTL.exe
[2015/07/18 19:38:16 | 004,197,016 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\toshiba\Desktop\tdsskiller.exe
[2015/07/18 19:36:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2015/07/18 18:27:51 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2015/07/16 21:16:33 | 000,098,520 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2015/07/16 21:16:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2015/07/16 21:16:10 | 000,094,936 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2015/07/16 21:16:10 | 000,051,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
[2015/07/16 21:16:10 | 000,023,256 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2015/07/16 21:16:10 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2015/07/16 21:16:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015/07/16 21:11:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2015/07/16 21:11:36 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2015/07/16 11:04:42 | 002,066,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2015/07/16 10:59:14 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2015/07/16 10:59:13 | 000,296,960 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2015/07/16 10:54:06 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cewmdm.dll
[2015/07/15 11:35:20 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2015/07/15 11:35:13 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2015/07/15 11:35:13 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2015/07/15 11:35:13 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2015/07/15 11:35:13 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2015/07/15 11:35:12 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2015/07/15 11:35:08 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2015/07/15 11:35:07 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2015/07/15 11:35:07 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2015/07/15 11:35:06 | 000,367,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2015/07/15 11:35:06 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2015/07/15 11:35:06 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2015/07/15 11:35:04 | 001,810,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2015/07/06 10:41:55 | 000,000,000 | ---D | C] -- C:\Users\toshiba\Downloads\Documents\Images for Naomi
[2015/07/06 10:41:44 | 000,000,000 | ---D | C] -- C:\Users\toshiba\Downloads\Documents\New Folder
[2015/07/01 14:00:06 | 000,000,000 | ---D | C] -- C:\TeamViewer
[2015/07/01 14:00:04 | 000,000,000 | ---D | C] -- C:\Users\toshiba\AppData\Roaming\TeamViewer
[2015/07/01 13:56:37 | 000,000,000 | ---D | C] -- C:\TightVNC
[2015/06/24 15:24:40 | 000,000,000 | ---D | C] -- C:\Users\toshiba\Downloads\Documents\MBRFC PINK 2015-16
[4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2015/07/18 20:05:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/07/18 19:52:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\toshiba\Desktop\OTL.exe
[2015/07/18 19:41:01 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/07/18 19:38:17 | 004,197,016 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\toshiba\Desktop\tdsskiller.exe
[2015/07/18 19:00:31 | 000,004,848 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2015/07/18 19:00:31 | 000,004,848 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2015/07/18 18:48:10 | 000,026,230 | ---- | M] () -- C:\Users\toshiba\Desktop\junkware-removal-tool.htm
[2015/07/18 18:41:31 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/07/18 18:41:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/07/18 17:34:03 | 000,000,934 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2168144753-1382697019-843529903-1000UA.job
[2015/07/18 16:59:13 | 000,098,520 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2015/07/18 10:20:55 | 000,001,356 | ---- | M] () -- C:\Users\toshiba\AppData\Local\d3d9caps.dat
[2015/07/18 10:13:57 | 000,342,440 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2015/07/16 22:05:28 | 000,001,069 | ---- | M] () -- C:\Malware 16072015
[2015/07/16 21:16:13 | 000,000,899 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/07/16 21:11:37 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015/07/16 11:38:44 | 000,690,598 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2015/07/16 11:38:44 | 000,137,998 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2015/07/16 10:32:44 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2168144753-1382697019-843529903-1000Core.job
[2015/07/15 11:33:11 | 000,001,927 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/07/15 11:05:48 | 000,778,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2015/07/15 11:05:48 | 000,142,512 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2015/07/14 10:08:26 | 000,427,520 | ---- | M] () -- C:\Users\toshiba\Downloads\Documents\MFS R and ! certs.pub
[2015/07/07 16:58:51 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2015/07/07 15:22:45 | 000,296,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2015/07/03 14:12:35 | 000,385,024 | ---- | M] () -- C:\Users\toshiba\Downloads\Documents\Fun night prize.pub
[2015/07/03 06:18:15 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2015/06/29 20:22:41 | 000,000,158 | ---- | M] () -- C:\Users\toshiba\AppData\Roaming\WB.CFG
[2015/06/26 09:14:49 | 000,003,734 | ---- | M] () -- C:\Windows\System32\userawacs.cfg
[2015/06/26 09:14:44 | 000,000,470 | ---- | M] () -- C:\Windows\System32\usergui.cfg
[2015/06/26 08:50:51 | 000,140,260 | ---- | M] () -- C:\Users\toshiba\Downloads\Documents\Mobile Phone email.pdf
[2015/06/25 03:57:37 | 002,066,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2015/07/18 18:48:09 | 000,026,230 | ---- | C] () -- C:\Users\toshiba\Desktop\junkware-removal-tool.htm
[2015/07/16 22:05:28 | 000,001,069 | ---- | C] () -- C:\Malware 16072015
[2015/07/16 21:16:13 | 000,000,899 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/07/16 21:11:37 | 000,000,804 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015/07/03 14:12:35 | 000,385,024 | ---- | C] () -- C:\Users\toshiba\Downloads\Documents\Fun night prize.pub
[2015/06/26 08:50:51 | 000,140,260 | ---- | C] () -- C:\Users\toshiba\Downloads\Documents\Mobile Phone email.pdf
[2015/05/17 07:09:04 | 000,000,000 | ---- | C] () -- C:\Users\toshiba\AppData\Local\{D698CFEC-AE0A-4034-8060-5AD622C6866A}
[2015/03/21 16:46:55 | 000,084,771 | ---- | C] () -- C:\Users\toshiba\is CAT.jpg
[2015/03/21 16:32:29 | 000,093,263 | ---- | C] () -- C:\Users\toshiba\SKINNER I.jpg
[2015/03/21 16:21:13 | 000,233,574 | ---- | C] () -- C:\Users\toshiba\ISABELLE SKINNER.jpg
[2014/11/14 18:20:52 | 000,076,168 | ---- | C] () -- C:\Users\toshiba\photo 2 (1).PNG
[2014/11/14 18:20:52 | 000,038,042 | ---- | C] () -- C:\Users\toshiba\photo 1 (1).PNG
[2014/11/14 18:13:34 | 001,095,218 | ---- | C] () -- C:\Users\toshiba\photo 3.PNG
[2014/11/14 18:13:34 | 000,075,671 | ---- | C] () -- C:\Users\toshiba\photo 2.PNG
[2014/11/14 18:13:34 | 000,034,426 | ---- | C] () -- C:\Users\toshiba\photo 1.PNG
[2014/05/20 19:54:56 | 000,000,158 | ---- | C] () -- C:\Users\toshiba\AppData\Roaming\WB.CFG
[2013/05/14 15:11:14 | 005,869,029 | ---- | C] () -- C:\Users\toshiba\042.JPG
[2011/08/23 11:56:44 | 000,055,464 | ---- | C] () -- C:\Users\toshiba\LCALLIG.TTF
[2011/08/20 12:20:41 | 000,000,373 | ---- | C] () -- C:\Users\toshiba\Documents - Shortcut.lnk
[2011/08/20 05:04:15 | 000,000,297 | ---- | C] () -- C:\Users\toshiba\toshiba - Shortcut.lnk
[2011/08/04 10:45:32 | 000,145,333 | ---- | C] () -- C:\Users\toshiba\disturbed-type_nashville.zip
[2011/01/06 12:38:19 | 000,028,160 | ---- | C] () -- C:\Users\toshiba\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/04 18:39:41 | 000,001,356 | ---- | C] () -- C:\Users\toshiba\AppData\Local\d3d9caps.dat
[2009/09/09 20:16:30 | 000,051,680 | ---- | C] () -- C:\Users\toshiba\old_stamper.ttf

========== ZeroAccess Check ==========

[2006/11/02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/02/18 03:02:58 | 011,587,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012/11/21 13:38:43 | 000,000,000 | ---D | M] -- C:\Users\toshiba\AppData\Roaming\AnvSoft
[2014/01/16 11:43:26 | 000,000,000 | ---D | M] -- C:\Users\toshiba\AppData\Roaming\AVG
[2014/01/16 11:32:41 | 000,000,000 | ---D | M] -- C:\Users\toshiba\AppData\Roaming\AVG2014
[2012/01/25 21:11:33 | 000,000,000 | ---D | M] -- C:\Users\toshiba\AppData\Roaming\Canon
[2014/12/21 10:45:32 | 000,000,000 | ---D | M] -- C:\Users\toshiba\AppData\Roaming\Dropbox
[2014/08/02 10:37:47 | 000,000,000 | ---D | M] -- C:\Users\toshiba\AppData\Roaming\GARMIN
[2015/07/01 14:00:04 | 000,000,000 | ---D | M] -- C:\Users\toshiba\AppData\Roaming\TeamViewer
[2012/07/22 09:03:09 | 000,000,000 | ---D | M] -- C:\Users\toshiba\AppData\Roaming\Temp
[2013/10/23 16:46:47 | 000,000,000 | ---D | M] -- C:\Users\toshiba\AppData\Roaming\TuneUp Software
[2013/11/30 19:21:49 | 000,000,000 | ---D | M] -- C:\Users\toshiba\AppData\Roaming\Unity
[2011/03/20 18:46:32 | 000,000,000 | ---D | M] -- C:\Users\toshiba\AppData\Roaming\Windows Live Writer

========== Purity Check ==========



< End of report >
walshie
Regular Member
 
Posts: 61
Joined: December 17th, 2005, 1:06 pm

Re: Really poor performace!

Unread postby walshie » July 18th, 2015, 3:34 pm

And last but not least - the OTL Extras.txt

OTL Extras logfile created on: 18/07/2015 19:54:00 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\toshiba\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1.87 Gb Total Physical Memory | 1.03 Gb Available Physical Memory | 54.80% Memory free
3.98 Gb Paging File | 3.09 Gb Available in Paging File | 77.44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 25.41 Gb Free Space | 17.05% Space Free | Partition Type: NTFS

Computer Name: TOSHIBA-PC | User Name: toshiba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2168144753-1382697019-843529903-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- Reg Error: Key error.
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1D957E95-FFD1-46EB-8736-0B8A9A7FCC9F}" = lport=137 | protocol=17 | dir=in | app=system |
"{51FD12F0-3EF7-4A4C-BCB2-21F661CC7151}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"{5DD35108-AEED-4741-B2CC-C7F6DD4B5C3B}" = lport=5353 | protocol=17 | dir=in | name=bonjour port 5353 |
"{7B2CC2BF-6674-45D2-BE1E-08FB047E25FA}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{7E87FE36-8697-4F6E-B98D-8D64A659240F}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery |
"{97321332-6D9B-4761-AD21-C1FFCAFFF8E3}" = rport=445 | protocol=6 | dir=out | app=system |
"{98C45348-AACB-4E1B-BAA0-FC01B508E01D}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery |
"{A4A10DE7-D317-485C-A31F-D16C69D17C3D}" = lport=139 | protocol=6 | dir=in | app=system |
"{A7CAB1C8-8764-4B10-A5E9-14A363E0F357}" = lport=138 | protocol=17 | dir=in | app=system |
"{A7E39FD8-FFC8-4D68-B78F-752F5118AF5A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{BDEDD851-AB1D-4E6F-83D8-87F6C311D9FE}" = lport=445 | protocol=6 | dir=in | app=system |
"{C200AC30-7AAA-47AC-BAE6-A1B0AA13E826}" = lport=5353 | protocol=17 | dir=in | name=bonjour port 5353 |
"{D0636FB1-D122-4CE4-BB8C-4E938C58F8F8}" = rport=137 | protocol=17 | dir=out | app=system |
"{D8105BFD-A055-421E-98AC-58471AEF2B37}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{E4FE459E-299A-4014-B674-E3827988DE2B}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{EDCDB14D-E919-4BD1-85A1-C0DA3CE487FC}" = rport=138 | protocol=17 | dir=out | app=system |
"{F94E5C05-4208-4F1E-99CB-25EE691A7164}" = rport=139 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{069368BC-2AAF-4D8D-92E0-7F259A1445D2}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{0B73212C-D3BD-44D8-9CCE-4FCFE418B722}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgmfapx.exe |
"{0D725267-0AF0-432E-A926-AC7807B16052}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgemcx.exe |
"{0E8DB5FA-F967-4C60-BB13-2375D6CDC4DA}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{13DA7308-A966-41A0-BA9F-92C1FA9DA363}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgmfapx.exe |
"{1B011FDA-E18C-4B17-945E-0D6F7D70CF0D}" = protocol=6 | dir=in | app=c:\program files\kodak\aio\center\aiohomecenter.exe |
"{2D96B4F7-21C3-4C3E-B8AA-AAA4424A72A7}" = protocol=6 | dir=in | app=c:\program files\kodak\aio\center\networkprinterdiscovery.exe |
"{3E2C6480-5131-45F7-A94E-B9CDA28F5AFA}" = dir=in | app=c:\program files\leapfrog\leapfrog connect\leapfrogconnect.exe |
"{46739189-1EC6-462B-BF1C-04881194A1D2}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{490BB07B-B886-4B9B-8FFE-7E66660D30F3}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgdiagex.exe |
"{49AD503C-74BA-4915-8E8B-927288C169CC}" = protocol=17 | dir=in | app=c:\program files\kodak\aio\center\networkprinterdiscovery.exe |
"{593A52BD-E93C-4539-810B-E5DA4DB82BBD}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5ECEE9CC-78C6-4334-AAA5-CD31BB996A2C}" = protocol=17 | dir=in | app=c:\programdata\kodak\installer\setup.exe |
"{5EE0F2D7-CAA3-4CC1-8135-AC5EB77A6056}" = protocol=6 | dir=in | app=c:\programdata\kodak\installer\setup.exe |
"{8F88DF48-DC4F-4782-94C0-CF052DE939AB}" = protocol=17 | dir=in | app=c:\program files\kodak\aio\center\kodak.statistics.exe |
"{93093186-80DC-4AFB-BE0B-51F3B1ED2F14}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{9B137E28-F2C0-4C3A-8DDE-9121D6B1FA64}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{A268CAFC-0646-4A58-B42E-D351695E3516}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{AD1841A9-C48C-463B-AABC-29C8FE71F32C}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgnsx.exe |
"{AE521211-0B0E-42FA-9052-94D84EF416DB}" = dir=in | app=c:\users\toshiba\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{B1F15CE8-0CAF-49EC-AFC7-CBF9B7B84B92}" = protocol=6 | dir=in | app=c:\program files\kodak\aio\firmware\kodakaioupdater.exe |
"{B3DAE7DB-D602-4A9C-A1CA-762E4A991741}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgemcx.exe |
"{C608A391-0045-4C90-B802-CA9EF9969465}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{C84EB1F9-70B9-4F54-BA9F-0199F80A5BF4}" = protocol=17 | dir=in | app=c:\program files\kodak\aio\firmware\kodakaioupdater.exe |
"{C9294E74-B3DA-4514-92B9-63F30782E926}" = protocol=17 | dir=in | app=c:\program files\kodak\aio\center\aiohomecenter.exe |
"{CFE47E78-69FC-406C-ACBC-4CD35EBD9F15}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgdiagex.exe |
"{D29402F2-DA97-4A12-85A6-4550B7BADB28}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgnsx.exe |
"{DB8D0518-5161-412B-9C76-353AEC8E876F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{DD61031C-0A7B-44E9-8420-314EC9BA5FBC}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{F0EA0A63-5162-4A5A-896D-E1673115F949}" = protocol=6 | dir=in | app=c:\program files\kodak\aio\center\kodak.statistics.exe |
"{FAD0FDC9-84AC-4C87-B0D1-FA3CD42C9C02}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{FF91CBB7-2439-403F-8898-01080B2129C8}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"TCP Query User{11F1A893-E803-4F11-BD7C-907ACA386CB2}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{8BE5A70B-EF67-40BC-B070-5EE19AD0CFDB}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0FB630AB-7BD8-40AE-B223-60397D57C3C9}" = Realtek WLAN Driver
"{111EE7DF-FC45-40C7-98A7-753AC46B12FB}" = QuickTime 7
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP140_series" = Canon MP140 series
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18490404-64EA-4FA0-A7F1-A2F9A92349F5}" = AVG 2014
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1D91CBB5-4CB1-4757-B0FD-2122AF8AAB9E}" = Garmin Express Tray
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2091F234-EB58-4B80-8C96-8EB78C808CF7}" = Facebook Video Calling 3.1.0.521
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{27EF8E7F-88D1-4ec5-ADE2-7E447FDF114E}" = Kodak AIO Printer
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{294BF709-D758-4363-8D75-01479AD20927}" = Windows Live Family Safety
"{2CBB71EE-A4DD-4B4D-A635-608D8D1E6F81}" = Driver Tool
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3911CF56-9EF2-39BA-846A-C27BD3CD0685}" = Microsoft .NET Framework 4.5.2
"{401879D1-AC26-43CD-BDDE-E0D5D5608083}" = TOSHIBA Supervisor Password
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{48B41C3A-9A92-4B81-B653-C97FEB85C910}" = C4USelfUpdater
"{499A37A3-9A0D-4929-AA3E-588FA230D66F}" = Garmin City Navigator Europe NT 2011.32 Update
"{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}" = Google Earth Plug-in
"{50755d67-ae60-4e47-b3d6-ce44d01b5a95}" = Garmin Express
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{524569AC-B3EE-468B-BFD5-19A89EA7CE8E}" = AVG 2014
"{56BA241F-580C-43D2-8403-947241AAE633}" = center
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5A9AA2C0-972F-4239-AA41-E409434194D5}" = MobileMe Control Panel
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{78002155-F025-4070-85B3-7C0453561701}" = Apple Application Support
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{79BD66B2-4DAE-4C3B-B08E-DC72E507C163}" = iCloud
"{7E73C9A3-24D9-4D7F-B4C7-7E4AFE0ADCCB}" = Elevated Installer
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86D04316-F49A-4AF2-B3F1-A1E943886CE7}" = iTunes
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
"{941B4CE7-3F5D-443E-A8B7-56A420D2EAFD}" = Apple Mobile Device Support
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A8BD09D-8B45-4FB3-BADF-1838C2C329EA}" = ANT Drivers Installer x86
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FB8EC5B-03EE-463E-8F4F-84B525B986B7}" = Garmin Express
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1" = Free YouTube Downloader 3.5.128
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.14)
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B2BA4E49-9C6C-4ABE-A39E-51FA6A30D0E8}" = LeapFrog LeapPad Explorer Plugin
"{BE94C681-68E2-4561-8ABC-8D2E799168B4}" = essentials
"{BFBCF96F-7361-486A-965C-54B17AC35421}" = ocr
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{ce085a78-074e-4823-8dc1-8a721b94b76d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DA5BDB2A-12F0-4343-8351-21AAEB293990}" = PreReq
"{DCF0D853-BC4E-4EE6-A011-6B9BC84CF8F9}" = LeapFrog Connect
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0F274B7-592B-4669-8FB8-8D9825A09858}" = KODAK AiO Software
"{EA1FAE0F-2354-4E32-B423-ABAE8E358F91}" = RealDownloader
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EF53BFAB-4C10-40DB-A82D-9B07111715C6}" = aioscnnr
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FA4C2D53-205F-4245-9717-F3761154824D}" = Safari
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D" = Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 18 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 18 NPAPI
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"AVG" = AVG 2014
"CanonMyPrinter" = Canon My Printer
"CCleaner" = CCleaner
"D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2" = Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1)
"F9D2A789F9CFF8CEC36B544F53877C80F1F73C46" = Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201)
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"LeapPadExplorerPlugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog LeapPad Explorer Plugin)
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.1.8.1057
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Picasa 3" = Picasa 3
"PrintProjects" = PrintProjects
"Rapport_msi" = Trusteer Endpoint Protection
"Recuva" = Recuva
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Unknown Device Identifier_is1" = Unknown Device Identifier 7.00
"UPCShell" = LeapFrog Connect
"VLC media player" = VLC media player 1.1.5
"WinLiveSuite" = Windows Live Essentials

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2168144753-1382697019-843529903-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{4AFCAFDC-D870-41FA-B9FB-1442B9DAFE76}" = ArcadeFrontier
"Dropbox" = Dropbox
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 18/07/2015 12:37:06 | Computer Name = toshiba-PC | Source = System Restore | ID = 8193
Description =

Error - 18/07/2015 12:37:40 | Computer Name = toshiba-PC | Source = VSS | ID = 40
Description =

Error - 18/07/2015 12:37:40 | Computer Name = toshiba-PC | Source = VSS | ID = 12292
Description =

Error - 18/07/2015 12:37:40 | Computer Name = toshiba-PC | Source = VSS | ID = 40
Description =

Error - 18/07/2015 12:37:40 | Computer Name = toshiba-PC | Source = VSS | ID = 12292
Description =

Error - 18/07/2015 12:37:40 | Computer Name = toshiba-PC | Source = VSS | ID = 40
Description =

Error - 18/07/2015 12:37:40 | Computer Name = toshiba-PC | Source = VSS | ID = 12292
Description =

Error - 18/07/2015 12:37:40 | Computer Name = toshiba-PC | Source = System Restore | ID = 8193
Description =

Error - 18/07/2015 12:46:58 | Computer Name = toshiba-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{EA1FAE0F-2354-4E32-B423-ABAE8E358F91}\recordingmanager.exe".
Dependent
Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 18/07/2015 13:42:36 | Computer Name = toshiba-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{EA1FAE0F-2354-4E32-B423-ABAE8E358F91}\recordingmanager.exe".
Dependent
Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 18/07/2015 13:42:36 | Computer Name = toshiba-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{EA1FAE0F-2354-4E32-B423-ABAE8E358F91}\recordingmanager.exe".
Dependent
Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

[ OSession Events ]
Error - 14/03/2013 06:53:27 | Computer Name = toshiba-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 810
seconds with 180 seconds of active time. This session ended with a crash.

Error - 16/03/2013 06:43:10 | Computer Name = toshiba-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 31
seconds with 0 seconds of active time. This session ended with a crash.

Error - 18/04/2013 07:53:14 | Computer Name = toshiba-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 360
seconds with 240 seconds of active time. This session ended with a crash.

Error - 18/04/2013 08:22:48 | Computer Name = toshiba-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 1761
seconds with 1080 seconds of active time. This session ended with a crash.

Error - 30/04/2013 09:20:57 | Computer Name = toshiba-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 1046
seconds with 480 seconds of active time. This session ended with a crash.

Error - 16/05/2013 10:35:22 | Computer Name = toshiba-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 2177
seconds with 1800 seconds of active time. This session ended with a crash.

Error - 17/05/2013 06:13:30 | Computer Name = toshiba-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 64706
seconds with 960 seconds of active time. This session ended with a crash.

Error - 22/05/2013 07:29:27 | Computer Name = toshiba-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session
lasted 1125 seconds with 120 seconds of active time. This session ended with a
crash.

Error - 28/06/2013 06:26:35 | Computer Name = toshiba-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 66438
seconds with 4020 seconds of active time. This session ended with a crash.

Error - 05/09/2013 05:15:48 | Computer Name = toshiba-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 71537
seconds with 5040 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 18/07/2015 13:43:12 | Computer Name = toshiba-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 18/07/2015 13:57:58 | Computer Name = toshiba-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 18/07/2015 13:58:03 | Computer Name = toshiba-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 18/07/2015 13:58:04 | Computer Name = toshiba-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 18/07/2015 13:58:04 | Computer Name = toshiba-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 18/07/2015 13:58:05 | Computer Name = toshiba-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 18/07/2015 13:58:05 | Computer Name = toshiba-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 18/07/2015 13:58:06 | Computer Name = toshiba-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 18/07/2015 13:58:06 | Computer Name = toshiba-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 18/07/2015 13:58:07 | Computer Name = toshiba-PC | Source = Service Control Manager | ID = 7031
Description =


< End of report >

Think that this completes the set that you asked for!
Thanks again - really interesting so far!!

Thanks,
S :)
walshie
Regular Member
 
Posts: 61
Joined: December 17th, 2005, 1:06 pm

Re: Really poor performace!

Unread postby pgmigg » July 18th, 2015, 3:50 pm

Hello walshie,

Very good job, thank you! :D

While I am analyzing all your logs, please tell me:
  1. Do you really use the LeapFrog stuff?
  2. Do you really need to keep Rapport and Trusteer Endpoint Protection software?

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3181
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Really poor performace!

Unread postby walshie » July 18th, 2015, 4:28 pm

Hi ,
Sorry - took me a whil eot check with the friend who's machine we're working on.
She does need to keep LeapFrog for her kids, and the Trusteer and Rapport are all recommended by her bank to support her online banking.
Look like they may have to stay too!
Sorry - I tried!!
:roll:
walshie
Regular Member
 
Posts: 61
Joined: December 17th, 2005, 1:06 pm
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: pgmigg and 29 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware