PDA

View Full Version : Computer is too slow to use.



Ekuegiap
2013-10-16, 10:34
Wife wants to replace! Help, please. So slow it is frustrating to the point of just wanting to give up using it.

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 10.0.9200.16720
Run by Owner at 1:28:30 on 2013-10-16
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.1013.110 [GMT -5:00]
.
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ================
.
C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\AERTSrv.exe
C:\Program Files\AVG\AVG2013\avgidsagent.exe
C:\Program Files\AVG\AVG2013\avgwdsvc.exe
C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE
C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
C:\Program Files\Flip Video\FlipShareServer\FlipShareServer.exe
C:\Windows\system32\lxducoms.exe
C:\Program Files\AVG\AVG2013\avgnsx.exe
C:\Program Files\AVG\AVG2013\avgemcx.exe
C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
C:\Windows\system32\fxssvc.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Epson Software\Event Manager\EEventManager.exe
C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Users\Owner\Downloads\uTorrent.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskhost.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\vssvc.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k swprv
.
============== Pseudo HJT Report ===============
.
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - LocalServer32 - <no file>
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
uRun: [Epson Stylus NX430(Network)] c:\windows\system32\spool\drivers\w32x86\3\e_fatihba.exe /fu "c:\users\owner\appdata\local\temp\E_SD35C.tmp" /EF "HKCU"
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\TomTomHOMERunner.exe"
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [EEventManager] "c:\program files\epson software\event manager\EEventManager.exe"
mRun: [Carbonite Backup] c:\program files\carbonite\carbonite backup\CarboniteUI.exe
mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~1\office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 4.2.2.1 4.2.2.2
TCP: Interfaces\{1698D5E8-97B0-47AC-8A6A-DD756E414743} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{88C25230-17F3-4B78-9065-D1AA8B9351D6} : DHCPNameServer = 4.2.2.1 4.2.2.2
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-7-20 60216]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-7-20 246072]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-7-1 96568]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-9-5 39224]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-7-20 208184]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2013-9-10 22328]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-7-20 171320]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2013-3-21 182072]
R2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2007-12-5 77824]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2013-7-4 4939312]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2013-7-23 283136]
R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\common files\epson\epw!3 ssrp\E_S50RP7.EXE [2013-2-6 142432]
R2 EpsonCustomerParticipation;EpsonCustomerParticipation;c:\program files\epson\epsoncustomerparticipation\EPCP.exe [2011-6-9 521600]
R2 FlipShareServer;FlipShare Server;c:\program files\flip video\flipshareserver\FlipShareServer.exe [2011-5-6 1085440]
R2 lxdu_device;lxdu_device;c:\windows\system32\lxducoms.exe -service --> c:\windows\system32\lxducoms.exe -service [?]
R3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\drivers\RTL8192su.sys [2013-6-22 602216]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\avg\avg pc tuneup\TuneUpUtilitiesDriver32.sys [2013-9-18 12320]
R3 VST_DPV;VST_DPV;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
R3 VSTHWBS2;VSTHWBS2;c:\windows\system32\drivers\VSTBS23.SYS [2009-7-13 266752]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 SWDUMon;SWDUMon;c:\windows\system32\drivers\SWDUMon.sys [2012-4-3 12984]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-3-17 52224]
.
=============== Created Last 30 ================
.
2013-10-15 19:40:16 76288 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-10-15 19:40:15 6016 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-10-15 19:40:15 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-10-15 19:40:15 284672 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-10-15 19:40:15 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-10-15 19:40:13 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-10-15 19:40:13 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-10-13 16:51:07 530432 ----a-w- c:\windows\system32\comctl32.dll
2013-10-13 16:51:06 55808 ----a-w- c:\windows\system32\drivers\hidclass.sys
2013-10-13 16:51:06 36352 ----a-w- c:\windows\system32\drivers\usbscan.sys
2013-10-13 16:51:06 25728 ----a-w- c:\windows\system32\drivers\hidparse.sys
2013-10-13 16:51:04 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2013-10-13 16:51:04 231424 ----a-w- c:\windows\system32\mswsock.dll
2013-10-13 16:51:04 1294272 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-10-13 16:51:00 729024 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-10-01 17:09:41 -------- d-----w- c:\users\owner\appdata\roaming\Malwarebytes
2013-10-01 17:07:51 -------- d-----w- c:\programdata\Malwarebytes
2013-10-01 17:07:20 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-10-01 17:07:17 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-10-01 17:06:29 -------- d-----w- c:\users\owner\appdata\local\Programs
2013-10-01 13:52:00 36152 ----a-w- c:\windows\system32\TURegOpt.exe
2013-10-01 13:51:53 25400 ----a-w- c:\windows\system32\authuitu.dll
2013-10-01 13:50:47 -------- d-----w- c:\users\owner\appdata\roaming\AVG
2013-10-01 13:47:31 -------- d-----w- c:\programdata\AVG
2013-10-01 13:45:32 -------- d-sh--w- c:\programdata\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
.
==================== Find3M ====================
.
2013-10-13 17:11:52 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-13 17:11:52 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-09-22 23:28:06 1767936 ----a-w- c:\windows\system32\wininet.dll
2013-09-22 23:27:49 2876928 ----a-w- c:\windows\system32\jscript9.dll
2013-09-22 23:27:48 61440 ----a-w- c:\windows\system32\iesetup.dll
2013-09-22 23:27:48 109056 ----a-w- c:\windows\system32\iesysprep.dll
2013-09-21 03:30:24 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-09-21 02:39:47 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-09-10 06:34:48 22328 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
2013-09-05 06:43:42 39224 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2013-08-29 01:51:45 3969472 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-08-29 01:51:45 3914176 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-08-29 01:50:30 1289096 ----a-w- c:\windows\system32\ntdll.dll
2013-08-29 01:50:16 619520 ----a-w- c:\windows\system32\tdh.dll
2013-08-29 01:48:17 640512 ----a-w- c:\windows\system32\advapi32.dll
2013-08-28 01:04:30 2348544 ----a-w- c:\windows\system32\win32k.sys
2013-08-28 00:57:20 434688 ----a-w- c:\windows\system32\scavengeui.dll
2013-08-05 01:56:47 133056 ----a-w- c:\windows\system32\drivers\ataport.sys
2013-08-02 01:50:36 169984 ----a-w- c:\windows\system32\winsrv.dll
2013-08-02 01:49:19 293376 ----a-w- c:\windows\system32\KernelBase.dll
2013-08-02 00:52:57 271360 ----a-w- c:\windows\system32\conhost.exe
2013-08-02 00:43:05 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-08-02 00:43:05 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 00:43:05 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 00:43:05 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-07-25 08:57:27 1620992 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-20 10:33:12 102608 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-07-20 06:51:00 246072 ----a-w- c:\windows\system32\drivers\avglogx.sys
2013-07-20 06:50:56 60216 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2013-07-20 06:50:56 208184 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2013-07-20 06:50:50 171320 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2013-07-19 01:41:01 2048 ----a-w- c:\windows\system32\tzres.dll
.
============= FINISH: 1:30:16.27 ===============

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-10-16 01:41:04
-----------------------------
01:41:04.601 OS Version: Windows 6.1.7601 Service Pack 1
01:41:04.602 Number of processors: 1 586 0x1601
01:41:04.604 ComputerName: OWNER-PC UserName: Owner
01:41:06.545 Initialize success
01:47:52.196 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
01:47:52.219 Disk 0 Vendor: ST3160318AS CC45 Size: 152587MB BusType: 3
01:47:52.227 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-5
01:47:52.232 Disk 1 Vendor: WDC_WD3200AAKS-61L9A0 01.03E01 Size: 305245MB BusType: 3
01:47:52.347 Disk 0 MBR read successfully
01:47:52.353 Disk 0 MBR scan
01:47:52.361 Disk 0 Windows 7 default MBR code
01:47:52.373 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
01:47:52.389 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 152485 MB offset 206848
01:47:52.398 Disk 0 scanning sectors +312496128
01:47:52.483 Disk 0 scanning C:\Windows\system32\drivers
01:48:01.125 Service scanning
01:48:24.651 Modules scanning
01:49:32.134 Disk 0 trace - called modules:
01:49:32.514 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys VSTCNXT3.SYS dxgkrnl.sys igdkmd32.sys dxgmms1.sys
01:49:32.524 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8550f030]
01:49:32.534 3 CLASSPNP.SYS[873ba59e] -> nt!IofCallDriver -> [0x8509c918]
01:49:32.544 5 ACPI.sys[870ab3d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x85094908]
01:49:32.555 Scan finished successfully
01:51:10.032 Disk 0 MBR has been saved successfully to "C:\Users\Owner\Desktop\MBR.dat"
01:51:10.047 The log file has been saved successfully to "C:\Users\Owner\Desktop\aswMBR.txt"

Thank you so much!

ken545
2013-10-24, 18:32
:welcome:

Sorry for the late reply, it appears your thread was just missed but I have you now. Still need help ?

Ekuegiap
2013-10-25, 17:12
I ran adwcleaner since I posted logs. I don't think I did anything else except run Malwarebyte again. No noticeable change in performance. Thank you for coming to the rescue!

ken545
2013-10-25, 18:27
Can you find the log from AdwCleaner, it should be on your desktop, did you run it just to scan or did you have it clean what it found ?


If you didnt clean with it than here are instructions

Double click on AdwCleaner.exe to run the tool again.

Click on the Scan button.
AdwCleaner will begin to scan your computer like it did before.
After the scan has finished...
This time, click on the Clean button.
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
Copy and paste the contents of that logfile in your next reply.
A copy of that logfile will also be saved in the C:\AdwCleaner folder.



Also, what if any did Malwarebytes find, you can open Malwarebytes and go to the Report tab, click on the last one you ran, open it and post that log also, if it didn't find anything that no need to post it.



http://imageshack.us/a/img841/7292/thisisujrt.gif Please download Junkware Removal Tool (http://thisisudax.org/downloads/JRT.exe) to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.







OTL by OldTimer

Download OTL (http://oldtimer.geekstogo.com/OTL.exe) to your desktop.
Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
When the window appears, underneath Output at the top change it to Minimal Output.
Click the "Scan All Users" checkbox.
Check the boxes beside LOP Check and Purity Check.
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.

Ekuegiap
2013-10-26, 08:41
Log on AdwCleaner:
# AdwCleaner v3.010 - Report created 22/10/2013 at 09:22:41
# Updated 20/10/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (32 bits)
# Username : Owner - OWNER-PC
# Running from : C:\Users\Owner\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Djenadi\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Folder Deleted : C:\Users\Luke.Owner-PC.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16720


-\\ Google Chrome v

[ File : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Mark.Owner-PC\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Djenadi.Owner-PC.002\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Luke.Owner-PC.000\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1835 octets] - [22/10/2013 09:11:45]
AdwCleaner[S0].txt - [1772 octets] - [22/10/2013 09:22:41]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1832 octets] ##########


JRT log:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.1.1 (07.15.2013:2)
OS: Windows 7 Professional x86
Ran by Owner on Fri 10/25/2013 at 23:49:36.58
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] "C:\Windows\system32\turegopt.exe"



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 10/25/2013 at 23:53:56.37
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

OTL.txt:
OTL logfile created on: 10/26/2013 12:10:09 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Owner\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1013.18 Mb Total Physical Memory | 420.50 Mb Available Physical Memory | 41.50% Memory free
2.16 Gb Paging File | 0.96 Gb Available in Paging File | 44.35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 148.91 Gb Total Space | 59.23 Gb Free Space | 39.78% Space Free | Partition Type: NTFS
Drive E: | 298.09 Gb Total Space | 224.49 Gb Free Space | 75.31% Space Free | Partition Type: NTFS

Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Owner\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe (AVG)
PRC - C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe (AVG)
PRC - C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2013\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2013\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2013\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\AVG\AVG2013\avgemcx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2013\avgcfgex.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
PRC - C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe (Carbonite, Inc. (www.carbonite.com))
PRC - C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
PRC - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE (SEIKO EPSON CORPORATION)
PRC - C:\Program Files\epson\EpsonCustomerParticipation\EPCP.exe (SEIKO EPSON CORPORATION)
PRC - C:\Program Files\Flip Video\FlipShare\FlipShareService.exe ()
PRC - C:\Program Files\Flip Video\FlipShareServer\FlipShareServer.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
PRC - C:\Windows\System32\lxducoms.exe ( )
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Windows\System32\AERTSrv.exe (Andrea Electronics Corporation)
PRC - C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe (SEIKO EPSON CORPORATION)


========== Modules (No Company Name) ==========


========== Services (SafeList) ==========

SRV - (SBSDWSCService) -- C:\Program Files\Spybot File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe (AVG)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (AVG)
SRV - (avgwd) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (CarboniteService) -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe (Carbonite, Inc. (www.carbonite.com))
SRV - (EPSON_PM_RPCV4_04) -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE (SEIKO EPSON CORPORATION)
SRV - (EpsonCustomerParticipation) -- C:\Program Files\epson\EpsonCustomerParticipation\EPCP.exe (SEIKO EPSON CORPORATION)
SRV - (FlipShare Service) -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe ()
SRV - (FlipShareServer) -- C:\Program Files\Flip Video\FlipShareServer\FlipShareServer.exe ()
SRV - (lxdu_device) -- C:\Windows\System32\lxducoms.exe ( )
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (AERTFilters) -- C:\Windows\System32\AERTSrv.exe (Andrea Electronics Corporation)
SRV - (EpsonBidirectionalService) -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe (SEIKO EPSON CORPORATION)


========== Driver Services (SafeList) ==========

DRV - (TuneUpUtilitiesDrv) -- C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (AVGIDSShim) -- C:\Windows\System32\drivers\avgidsshimx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgrkx86) -- C:\Windows\System32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avglogx) -- C:\Windows\System32\drivers\avglogx.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSDriver) -- C:\Windows\System32\drivers\avgidsdriverx.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSHX) -- C:\Windows\System32\drivers\avgidshx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgldx86) -- C:\Windows\System32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgmfx86) -- C:\Windows\System32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgtdix) -- C:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (SWDUMon) -- C:\Windows\System32\drivers\SWDUMon.sys ()
DRV - (RTL8192su) -- C:\Windows\System32\drivers\RTL8192su.sys (Realtek Semiconductor Corporation )
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (VSTHWBS2) -- C:\Windows\System32\drivers\VSTBS23.SYS (Conexant Systems, Inc.)
DRV - (e1express) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2579285414-3998430583-2402241036-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2579285414-3998430583-2402241036-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKU\S-1-5-21-2579285414-3998430583-2402241036-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 93 73 8B 8B 6A F0 CD 01 [binary data]
IE - HKU\S-1-5-21-2579285414-3998430583-2402241036-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2579285414-3998430583-2402241036-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)


[2012/05/18 16:43:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions
[2012/05/18 16:43:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: chrome://newtab
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\30.0.1599.101\gcswf32.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Owner\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: YouTube = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Gmail = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2012/04/03 12:12:06 | 000,441,500 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.123fporn.info
O1 - Hosts: 15173 more lines...
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Carbonite Backup] C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKU\S-1-5-21-2579285414-3998430583-2402241036-1000..\Run: [Epson Stylus NX430(Network)] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIHBA.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-2579285414-3998430583-2402241036-1000..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-2579285414-3998430583-2402241036-1000..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2579285414-3998430583-2402241036-1000\..Trusted Domains: localhost ([]* in Local intranet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 4.2.2.1 4.2.2.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1698D5E8-97B0-47AC-8A6A-DD756E414743}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{88C25230-17F3-4B78-9065-D1AA8B9351D6}: DhcpNameServer = 4.2.2.1 4.2.2.2
O18 - Protocol\Handler\linkscanner - No CLSID value found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011/03/29 14:31:00 | 000,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/10/26 00:06:11 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2013/10/25 23:49:29 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/10/23 08:31:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2013/10/22 09:11:40 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/10/21 08:04:34 | 000,025,400 | ---- | C] (AVG) -- C:\Windows\System32\authuitu.dll
[2013/10/21 08:04:24 | 000,035,640 | ---- | C] (AVG) -- C:\Windows\System32\uxtuneup.dll
[2013/10/16 17:24:28 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\for spybot forum inquiry 10-16-13
[2013/10/16 01:23:46 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2013/10/16 01:21:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2013/10/16 01:21:46 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\ERUNT
[2013/10/15 14:40:15 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2013/10/15 14:40:15 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2013/10/14 09:21:30 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/10/14 09:21:29 | 002,876,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/10/14 09:21:28 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/10/14 09:21:27 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/10/14 09:21:27 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013/10/14 09:21:26 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/10/14 09:21:25 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013/10/14 09:21:25 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013/10/14 09:21:25 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013/10/14 09:21:25 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013/10/13 11:51:06 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2013/10/13 11:51:06 | 000,025,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidparse.sys
[2013/10/13 11:50:57 | 003,969,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013/10/13 11:50:57 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013/10/13 11:50:57 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdh.dll
[2013/10/13 11:50:53 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2013/10/13 11:50:50 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2013/10/13 11:50:50 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2013/10/13 11:50:49 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2013/10/13 11:50:49 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2013/10/13 11:50:46 | 000,434,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavengeui.dll
[2013/10/13 11:50:30 | 002,348,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013/10/01 12:09:41 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Malwarebytes
[2013/10/01 12:07:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/10/01 12:07:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/10/01 12:07:20 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013/10/01 12:07:17 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/10/01 12:06:29 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Programs
[2013/10/01 08:51:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2014
[2013/10/01 08:50:47 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\AVG
[2013/10/01 08:47:31 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG
[2013/10/01 08:45:32 | 000,000,000 | -HSD | C] -- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}

========== Files - Modified Within 30 Days ==========

[2013/10/26 00:11:06 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/10/26 00:06:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2013/10/26 00:02:04 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2579285414-3998430583-2402241036-1000UA.job
[2013/10/25 23:57:04 | 000,000,942 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2579285414-3998430583-2402241036-1009UA.job
[2013/10/25 23:44:00 | 000,014,592 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/10/25 23:44:00 | 000,014,592 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/10/25 23:36:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2579285414-3998430583-2402241036-1012UA.job
[2013/10/25 23:34:02 | 000,000,922 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2579285414-3998430583-2402241036-1004UA.job
[2013/10/25 23:13:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/10/25 23:12:59 | 796,790,784 | -HS- | M] () -- C:\hiberfil.sys
[2013/10/25 11:57:00 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2579285414-3998430583-2402241036-1009Core.job
[2013/10/25 10:34:00 | 000,000,870 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2579285414-3998430583-2402241036-1004Core.job
[2013/10/23 08:31:02 | 000,000,935 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2013/10/23 03:01:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2579285414-3998430583-2402241036-1000Core.job
[2013/10/22 22:36:00 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2579285414-3998430583-2402241036-1012Core.job
[2013/10/21 08:12:26 | 000,002,368 | ---- | M] () -- C:\Users\Owner\Desktop\Google Chrome.lnk
[2013/10/16 01:51:10 | 000,000,512 | ---- | M] () -- C:\Users\Owner\Desktop\MBR.dat
[2013/10/16 01:21:52 | 000,000,543 | ---- | M] () -- C:\Users\Owner\Desktop\ERUNT.lnk
[2013/10/15 17:08:47 | 000,623,940 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/10/15 17:08:47 | 000,106,316 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/10/14 09:42:16 | 000,409,096 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/10/13 12:11:52 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/10/13 12:11:52 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/10/08 06:46:22 | 000,035,640 | ---- | M] (AVG) -- C:\Windows\System32\uxtuneup.dll
[2013/10/08 06:46:22 | 000,025,400 | ---- | M] (AVG) -- C:\Windows\System32\authuitu.dll
[2013/10/07 14:48:22 | 000,734,918 | ---- | M] () -- C:\Users\Owner\Documents\Honda tow bill 9.28.13.jpg
[2013/10/01 12:08:07 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/10/01 11:31:15 | 000,961,683 | ---- | M] () -- C:\Users\Owner\Documents\How Long Does it Take to Make Petrified Wood_ _ LiveScience.pdf
[2013/10/01 08:51:40 | 000,002,175 | ---- | M] () -- C:\Users\Public\Desktop\AVG 1-Click Maintenance.lnk
[2013/10/01 08:51:40 | 000,002,149 | ---- | M] () -- C:\Users\Public\Desktop\AVG PC TuneUp 2014.lnk

========== Files Created - No Company Name ==========

[2013/10/16 01:51:10 | 000,000,512 | ---- | C] () -- C:\Users\Owner\Desktop\MBR.dat
[2013/10/16 01:21:52 | 000,000,543 | ---- | C] () -- C:\Users\Owner\Desktop\ERUNT.lnk
[2013/10/07 14:48:19 | 000,734,918 | ---- | C] () -- C:\Users\Owner\Documents\Honda tow bill 9.28.13.jpg
[2013/10/01 12:08:07 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/10/01 11:31:00 | 000,961,683 | ---- | C] () -- C:\Users\Owner\Documents\How Long Does it Take to Make Petrified Wood_ _ LiveScience.pdf
[2013/10/01 08:51:40 | 000,002,175 | ---- | C] () -- C:\Users\Public\Desktop\AVG 1-Click Maintenance.lnk
[2013/10/01 08:51:40 | 000,002,149 | ---- | C] () -- C:\Users\Public\Desktop\AVG PC TuneUp 2014.lnk
[2013/10/01 08:51:20 | 000,002,161 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2014.lnk
[2012/09/05 02:11:47 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\lxduih.exe
[2012/09/05 02:11:47 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxduvs.dll
[2012/09/05 02:11:41 | 001,069,056 | ---- | C] ( ) -- C:\Windows\System32\lxduserv.dll
[2012/09/05 02:11:40 | 000,651,264 | ---- | C] ( ) -- C:\Windows\System32\lxdupmui.dll
[2012/09/05 02:11:40 | 000,589,824 | ---- | C] ( ) -- C:\Windows\System32\lxducoms.exe
[2012/09/05 02:11:39 | 000,577,536 | ---- | C] ( ) -- C:\Windows\System32\lxdulmpm.dll
[2012/09/05 02:11:37 | 000,376,832 | ---- | C] ( ) -- C:\Windows\System32\lxducomm.dll
[2012/09/05 02:11:36 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxduinpa.dll
[2012/09/05 02:11:34 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\lxduiesc.dll
[2012/09/05 02:11:33 | 000,761,856 | ---- | C] ( ) -- C:\Windows\System32\lxducomc.dll
[2012/09/05 02:11:32 | 000,860,160 | ---- | C] ( ) -- C:\Windows\System32\lxduusb1.dll
[2012/09/05 02:11:31 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxduhbn3.dll
[2012/09/05 02:11:23 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxducfg.exe
[2012/09/05 02:11:19 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxdugrd.dll
[2012/07/06 20:22:14 | 000,004,608 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/04/03 13:27:49 | 000,012,984 | ---- | C] () -- C:\Windows\System32\drivers\SWDUMon.sys
[2012/04/02 23:22:19 | 000,000,071 | ---- | C] () -- C:\Windows\ENX430.ini
[2012/03/17 13:16:15 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe

========== ZeroAccess Check ==========

[2009/07/13 23:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 20:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 20:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/02/07 09:24:24 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2013/02/07 09:24:24 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
[2012/04/06 15:04:00 | 000,000,000 | ---D | M] -- C:\Users\Djenadi\AppData\Roaming\Charles Schwab
[2012/04/06 15:04:01 | 000,000,000 | ---D | M] -- C:\Users\Djenadi\AppData\Roaming\Epson
[2012/04/06 15:04:05 | 000,000,000 | ---D | M] -- C:\Users\Djenadi\AppData\Roaming\Flip Video
[2013/10/05 17:12:20 | 000,000,000 | ---D | M] -- C:\Users\Djenadi.Owner-PC.002\AppData\Roaming\AVG
[2013/04/06 20:34:27 | 000,000,000 | ---D | M] -- C:\Users\Djenadi.Owner-PC.002\AppData\Roaming\AVG2013
[2013/05/13 19:44:36 | 000,000,000 | ---D | M] -- C:\Users\Djenadi.Owner-PC.002\AppData\Roaming\Epson
[2012/08/07 20:59:47 | 000,000,000 | ---D | M] -- C:\Users\Djenadi.Owner-PC.002\AppData\Roaming\Flip Video
[2012/05/15 22:07:11 | 000,000,000 | ---D | M] -- C:\Users\Djenadi.Owner-PC.002\AppData\Roaming\TomTom
[2013/08/15 22:24:21 | 000,000,000 | ---D | M] -- C:\Users\Luke.Owner-PC.000\AppData\Roaming\AVG2013
[2012/04/13 08:37:14 | 000,000,000 | ---D | M] -- C:\Users\Luke.Owner-PC.000\AppData\Roaming\Epson
[2013/10/01 09:00:56 | 000,000,000 | ---D | M] -- C:\Users\Mark.Owner-PC\AppData\Roaming\AVG
[2013/04/11 14:39:16 | 000,000,000 | ---D | M] -- C:\Users\Mark.Owner-PC\AppData\Roaming\AVG2013
[2012/04/06 11:54:59 | 000,000,000 | ---D | M] -- C:\Users\Mark.Owner-PC\AppData\Roaming\Epson
[2012/07/22 10:18:23 | 000,000,000 | ---D | M] -- C:\Users\Mark.Owner-PC\AppData\Roaming\Flip Video
[2013/10/01 08:17:04 | 000,000,000 | ---D | M] -- C:\Users\Mark.Owner-PC\AppData\Roaming\TuneUp Software
[2013/10/01 08:50:47 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\AVG
[2013/04/03 08:47:20 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\AVG2013
[2013/04/29 16:04:55 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Epson
[2012/07/06 20:21:15 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Flip Video
[2012/04/02 23:38:58 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Leadertech
[2012/05/18 16:43:36 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\TomTom
[2013/04/02 21:40:50 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\TuneUp Software
[2013/10/16 02:05:19 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\uTorrent

========== Purity Check ==========



< End of report >

OTL Extras in following reply...

Ekuegiap
2013-10-26, 08:43
OTL Extras.txt:

OTL Extras logfile created on: 10/26/2013 12:10:10 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Owner\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1013.18 Mb Total Physical Memory | 420.50 Mb Available Physical Memory | 41.50% Memory free
2.16 Gb Paging File | 0.96 Gb Available in Paging File | 44.35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 148.91 Gb Total Space | 59.23 Gb Free Space | 39.78% Space Free | Partition Type: NTFS
Drive E: | 298.09 Gb Total Space | 224.49 Gb Free Space | 75.31% Space Free | Partition Type: NTFS

Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{003085C7-CFA2-48DB-A5A1-3685AFD8FEE8}" = rport=138 | protocol=17 | dir=out | app=system |
"{0157BC29-D552-4363-9574-EFD75EA7C2A8}" = lport=137 | protocol=17 | dir=in | app=system |
"{0ADDFCCB-3AEC-4E71-837E-5F3DC011F839}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0D1DE511-50E1-4815-8D92-804EBC3D4317}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1B0787E1-408A-4A96-87AD-695CB5FC238A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1EFB8CA2-FA3A-432B-B9B2-E1781F5CA1A0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{24B0C303-0790-46B0-9A65-C530FB04B82B}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{28E8385E-36BA-412F-AE59-5D1011913FBF}" = lport=445 | protocol=6 | dir=in | app=system |
"{2E3F8A9D-66D4-4B83-A048-C07AFAA2BF68}" = lport=138 | protocol=17 | dir=in | app=system |
"{43365484-49A8-4A54-9CCC-6D8B5FBDFFE9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5414A60C-A8E7-40F8-82D1-A6D798AA6D2F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5848487A-6151-42B8-825F-32A8C103C3B5}" = rport=139 | protocol=6 | dir=out | app=system |
"{A610900A-6331-4B9C-97ED-4860A07EDE47}" = lport=24727 | protocol=6 | dir=in | name=flipshareserver |
"{AC665FF9-44C2-46B5-A1F2-50D2188AFEAD}" = rport=10243 | protocol=6 | dir=out | app=system |
"{B955B9CA-12C7-4CC9-8C69-B9E59EB5A436}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{CA2832C8-B85C-4313-A7BE-5EBB0E679A5E}" = rport=137 | protocol=17 | dir=out | app=system |
"{CD3F98A5-0031-4CFB-BD50-4A1F7D49D22D}" = lport=10243 | protocol=6 | dir=in | app=system |
"{D107B730-F81B-461F-8EEC-1D9F9F2C3266}" = lport=24726 | protocol=6 | dir=in | name=flipshareserver |
"{D9C92148-F6FA-4BC3-8BD2-8C875871B94C}" = lport=139 | protocol=6 | dir=in | app=system |
"{D9E22BFB-C5C5-4182-8A93-C42E4C30E48E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DBE50089-9F60-4396-AFBF-E3683C4EB2DD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E5C6B080-1D30-4CD7-BE9C-588626803689}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{ECCD660A-2192-4186-B9F8-CB410BDF4496}" = lport=2869 | protocol=6 | dir=in | app=system |
"{EFC6464A-7D3C-4BDF-B2B6-264ACF5E58AC}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{F76CD3BB-1D47-4E0D-AE9C-50484A5B679C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FA01EA4C-4F81-4B7F-A542-775AEA367F8F}" = rport=445 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{060B9E47-18E8-42CC-90B1-D287AD3C7405}" = protocol=17 | dir=in | app=c:\program files\carbonite\carbonite backup\carbonitesetup.exe |
"{2572F9F5-2B87-46D9-8094-28EB5F49B382}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{26F61306-4630-4B0D-810C-492CE2FFBD26}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2C8C2455-BE9C-4ED7-9D26-A28777A90B2A}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{33CB0AA4-25DF-4FEA-B429-DEF8B3CCC665}" = protocol=6 | dir=in | app=c:\program files\carbonite\carbonite backup\carbonitesetup.exe |
"{36F098A7-5D03-4141-A033-9CAE94D459EC}" = protocol=6 | dir=in | app=c:\program files\carbonite\carbonite backup\carboniteui.exe |
"{3E2682B3-382F-42AD-AA0D-867453B5A8AA}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{4123758E-455B-47A0-8CB2-DC9C31F58ED9}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe |
"{41D672BD-BC0A-44EE-AA25-A8685AECF94E}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe |
"{52C4F351-A88B-4C89-9114-DFC35A51FFA0}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe |
"{54691B83-F914-4A00-9B17-170983052576}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{59BC17D5-AFEF-4B79-85BD-B5C705F51924}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{5CDCAD89-3626-4938-B44B-DA4BF2803DDA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{60A4E4C7-86EA-4114-85D2-E636C16D6C9B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{658D7723-F5B8-402E-A43B-EF8C6199A2A0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{65A23835-64B3-4770-A153-8C67798F83B1}" = protocol=17 | dir=in | app=c:\program files\carbonite\carbonite backup\carboniteui.exe |
"{689D8EB7-3A7D-46C9-9925-7FC5D571ADDE}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe |
"{6C1E35BB-2513-434C-A33A-F286AA75076A}" = protocol=17 | dir=in | app=c:\program files\carbonite\carbonite backup\carboniteservice.exe |
"{784C98D5-143D-44B9-AE33-F8A9E4B8ED10}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{83E5C8DE-3508-40C8-BB01-9E63C5593498}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{876C6671-F09F-4579-A352-A2CA30A05B39}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{90091825-31DC-44AA-A9DF-D5A53AA54C6E}" = protocol=6 | dir=out | app=system |
"{96918426-7AA2-4D6C-AE5E-831F2EC67C3F}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{970EDF7B-163D-4BFC-BBF7-41B9FC624D9D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B0731D9A-A126-4AAE-B407-EADDAA07105F}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe |
"{B5A695C2-B24A-4DB9-9409-71A3D83DD573}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe |
"{B792FEAE-C3F5-45A2-99BA-CD2F72662136}" = protocol=17 | dir=in | app=c:\windows\system32\lxducoms.exe |
"{BCE1E22B-EE88-4E51-91F8-F90BCE4C1989}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe |
"{BF3DB5F5-4C32-46AA-991D-E192298EE6DE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C1DA2DA3-9DDD-4E20-921D-1E9D91A762A0}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{C42382DE-6E9A-41A4-ABE2-D9432F1EF232}" = protocol=6 | dir=in | app=c:\program files\carbonite\carbonite backup\carboniteservice.exe |
"{CB3185D0-5180-4C0F-8808-EC3031E2864B}" = protocol=6 | dir=in | app=c:\windows\system32\lxducoms.exe |
"{D8723751-07DB-4A7C-BCCC-450A85FC9497}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe |
"{DB55A98A-14BF-42DC-9CF4-C44239CBAE43}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe |
"{DCFEBEDF-49D3-4E62-AA6F-641A44524802}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E1AD518A-DC10-407A-8896-02DFC0D1C701}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe |
"{E5DCB21E-22E6-4104-8469-12DC03B358BA}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{EB54173A-1CCA-42FC-A5EC-8756A5F7BB3F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{ECA51359-4A14-4E16-A946-2D2FFE4A9054}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe |
"{F00BEEB3-4867-49AB-BA62-DC270BDCACA2}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F8066175-B394-407A-BEF1-1AF132494358}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe |
"{FC2A5121-7582-4EEC-B57C-E0CAA63476A5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{00F11932-3FA9-42F9-8833-EC510430A66F}C:\users\owner\downloads\utorrent.exe" = protocol=6 | dir=in | app=c:\users\owner\downloads\utorrent.exe |
"TCP Query User{18B1CE8F-4D31-401A-9120-096B919AC00D}C:\users\public\documents\rsvs_lite\rsvsliteview.exe" = protocol=6 | dir=in | app=c:\users\public\documents\rsvs_lite\rsvsliteview.exe |
"TCP Query User{431E38ED-8F7B-4A3B-85E0-0EC39DBC6879}C:\users\owner\downloads\utorrent.exe" = protocol=6 | dir=in | app=c:\users\owner\downloads\utorrent.exe |
"TCP Query User{807F5298-576A-42C5-BB08-8DCB10D1778B}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
"TCP Query User{A40FDADF-1EFF-44B5-9375-D3B121BAA78C}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
"TCP Query User{EF51774B-339A-4A39-96EA-1FC347A8B88D}C:\windows\system32\wfs.exe" = protocol=6 | dir=in | app=c:\windows\system32\wfs.exe |
"UDP Query User{02D658AA-B91E-4EE4-9F1F-3A93F35BCB69}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
"UDP Query User{2A0248FC-FC14-4C84-8DEC-F7662C487AAC}C:\windows\system32\wfs.exe" = protocol=17 | dir=in | app=c:\windows\system32\wfs.exe |
"UDP Query User{525A7080-E9AC-4CD6-B096-2224585728DC}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
"UDP Query User{6869DFB5-1434-4385-A36C-CDDE37CD0EFB}C:\users\owner\downloads\utorrent.exe" = protocol=17 | dir=in | app=c:\users\owner\downloads\utorrent.exe |
"UDP Query User{A30D61F7-67C2-4A7D-A5D3-C7DF34F54E29}C:\users\public\documents\rsvs_lite\rsvsliteview.exe" = protocol=17 | dir=in | app=c:\users\public\documents\rsvs_lite\rsvsliteview.exe |
"UDP Query User{E68F0A5D-2AD5-4834-92DD-5BBF94B91873}C:\users\owner\downloads\utorrent.exe" = protocol=17 | dir=in | app=c:\users\owner\downloads\utorrent.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01BD4FC9-2F86-4706-A62E-774BB7E9D308}" = AVG PC TuneUp 2014
"{10F63395-157F-4B93-AB4D-702A2FF11942}" = Epson Download Navigator
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{549CE1BD-88E4-4C5E-BF75-B155624714CC}" = Belkin USB Wireless Adapter
"{6280C3D1-00A3-4E79-BDF6-98332A29B706}" = AVG 2013
"{631E66F3-5BCC-4FF8-9F42-95AF0BFA38B7}" = AVG 2013
"{64BA551C-9AF6-495C-93F3-D1270E0045FC}" = Epson Connect
"{814FA673-A085-403C-9545-747FC1495069}" = Epson Customer Participation
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8CD86D42-C4DD-4E40-9211-164DFFBCA4DB}" = AVG PC TuneUp 2014 (en-US)
"{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}" = Epson Event Manager
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{97C658D2-61FB-027F-0D76-E9CDC84AFEC7}" = FlipShare
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.8)
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"AVG" = AVG 2013
"AVG PC TuneUp" = AVG PC TuneUp 2014
"AVG PC TuneUp 2014" = AVG PC TuneUp 2014
"Carbonite Backup" = Carbonite
"EPSON NX430 Series" = EPSON NX430 Series Printer Uninstall
"EPSON Scanner" = EPSON Scan
"ERUNT_is1" = ERUNT 1.1j
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"InstallShield_{549CE1BD-88E4-4C5E-BF75-B155624714CC}" = Belkin USB Wireless Adapter
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Office14.SingleImage" = Microsoft Office Professional 2010
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.4

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2579285414-3998430583-2402241036-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ System Events ]
Error - 10/26/2013 1:03:15 AM | Computer Name = Owner-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume \Device\HarddiskVolumeShadowCopy8.


< End of report >

Thank you so much!!!

ken545
2013-10-26, 14:31
Good Morning,

These are my thoughts

1.
Not really looking at any Malware or viruses

2.
uTorrent" = µTorrent <--If you use File Sharing Programs like this you will eventually infect this computer, the bad guys are in tune to File Sharing and its one of the ways they try to infect you, you should uninstall this program via Programs and Features in the Control Panel

3.
AVG PC Tune Up, its possible that it may have caused some issues especially if it removed registry entries by mistake, been at this stuff for many years and never had any use for any types of programs like this.

4.
Carbonite back up, nice program, dont use it my self but wonder if its using up a lot of system resouces, not sure

5.
This is what I am concerned about

[ System Events ]
Error - 10/26/2013 1:03:15 AM | Computer Name = Owner-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume \Device\HarddiskVolumeShadowCopy8.

Its possible your file system has gotten corrupt, if it is this opens up another can of worms. Running chkdsk could possibly fix it. But before I link you to another windows forum to help you run this free online virus scanner and lets make sure we didnt miss anything



ESET Online Scanner
I'd like us to scan your machine with ESET OnlineScan

*Note
It is recommended to disable onboard antivirus program and antispyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your antivirus along with your antispyware programs.



Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan (http://eset.com/onlinescan)
Click the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetOnline.png button.
For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
Click on http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetSmartInstall.png to download the ESET Smart Installer. Save it to your desktop.
Double click on the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetSmartInstallDesktopIcon.png icon on your desktop.

Check http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetAcceptTerms.png
Click the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetStart.png button.
Accept any security warnings from your browser.
Check http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetScanArchives.png
Make sure that the option "Remove found threats" is Unchecked
Push the Start button.
ESET will then download updates for itself, install itself, and begin
scanning your computer. Please be patient as this can take some time.
When the scan completes, push http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetListThreats.png
Push http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetExport.png, and save the file to your desktop using a unique name, such as
ESETScan. Include the contents of this report in your next reply.
Push the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetBack.png button.
Push http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetFinish.png
Please make sure you include the following items in your next post:
The log that was produced after running ESET Online Scanner.

Ekuegiap
2013-10-28, 17:56
I ran the ESET scan. I finished with "no threats found." So, there was no "back" button, and there was no option for finding any kind of log.

Thanks.

ken545
2013-10-28, 19:05
Things running any better ?

Ekuegiap
2013-10-29, 01:17
Haven't used it enough yet to really know. I'll try later to use it (I'm on my laptop now). But it does seem to be faster loading up the browser. I'll let you know soon. Thank you.

ken545
2013-10-29, 02:21
Why dont you run this quick fix with OTL, where not really removing anything except temp files and such, it may speed you up a bit when done

Open OTL.exe

Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL




:OTL

:Services

:Reg

:Files
ipconfig /flushdns /c


:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Then click the Run Fix button at the top. <--Not run Scan
Let the program run unhindered, reboot when it is done
Then post the results of the log it produces

Ekuegiap
2013-10-29, 15:52
It is still sluggish, but it is definitely better. Thank you.

Should I run check disk?

ken545
2013-10-29, 16:41
Lets do this first , its a double check to make sure there isnt a rootkit infection underfoot


Please download TDSSKiller.zip (http://support.kaspersky.com/downloads/utils/tdsskiller.zip)

Extract it to your desktop
Double click TDSSKiller.exe
when the window opens, click on Change Parameters
under ”Additional options”, put a check mark in the box next to “Detect TDLFS File System”
click OK
Press Start Scan

As we are only looking for a log of what is on the machine right now > choose to skip whatever is found
Then click Continue > Reboot now

Copy and paste the log in your next reply

A copy of the log will be saved automatically to the root of the drive (typically C:\)

Ekuegiap
2013-10-29, 20:40
It is definitely better. It is still pretty sluggish, though. Should I run checkdisk or something else?
Thank you for your help. (it seems to me now that it is at least usable - hope my wife thinks so!)

Thank you.

Ekuegiap
2013-10-29, 21:13
TDSSKILLER logs:

13:54:56.0028 5160 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
13:54:58.0047 5160 ============================================================
13:54:58.0047 5160 Current date / time: 2013/10/29 13:54:58.0047
13:54:58.0047 5160 SystemInfo:
13:54:58.0047 5160
13:54:58.0047 5160 OS Version: 6.1.7601 ServicePack: 1.0
13:54:58.0047 5160 Product type: Workstation
13:54:58.0047 5160 ComputerName: OWNER-PC
13:54:58.0048 5160 UserName: Owner
13:54:58.0048 5160 Windows directory: C:\Windows
13:54:58.0048 5160 System windows directory: C:\Windows
13:54:58.0048 5160 Processor architecture: Intel x86
13:54:58.0048 5160 Number of processors: 1
13:54:58.0048 5160 Page size: 0x1000
13:54:58.0048 5160 Boot type: Normal boot
13:54:58.0048 5160 ============================================================
13:55:02.0497 5160 Drive \Device\Harddisk0\DR0 - Size: 0x2540BE4000 (149.01 Gb), SectorSize: 0x200, Cylinders: 0x50BB, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050
13:55:07.0278 5160 Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:55:07.0339 5160 ============================================================
13:55:07.0339 5160 \Device\Harddisk0\DR0:
13:55:07.0350 5160 MBR partitions:
13:55:07.0351 5160 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
13:55:07.0351 5160 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x129D2800
13:55:07.0351 5160 \Device\Harddisk1\DR1:
13:55:07.0351 5160 MBR partitions:
13:55:07.0351 5160 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D682
13:55:07.0351 5160 ============================================================
13:55:07.0386 5160 C: <-> \Device\Harddisk0\DR0\Partition2
13:55:07.0400 5160 E: <-> \Device\Harddisk1\DR1\Partition1
13:55:07.0411 5160 ============================================================
13:55:07.0411 5160 Initialize success
13:55:07.0411 5160 ============================================================
13:57:21.0368 4580 Deinitialize success


13:57:55.0600 0x1138 TDSS rootkit removing tool 3.0.0.14 Oct 15 2013 15:35:38
13:58:10.0561 0x1138 ============================================================
13:58:10.0561 0x1138 Current date / time: 2013/10/29 13:58:10.0561
13:58:10.0561 0x1138 SystemInfo:
13:58:10.0655 0x1138
13:58:10.0655 0x1138 OS Version: 6.1.7601 ServicePack: 1.0
13:58:10.0655 0x1138 Product type: Workstation
13:58:10.0655 0x1138 ComputerName: OWNER-PC
13:58:10.0656 0x1138 UserName: Owner
13:58:10.0656 0x1138 Windows directory: C:\Windows
13:58:10.0656 0x1138 System windows directory: C:\Windows
13:58:10.0656 0x1138 Processor architecture: Intel x86
13:58:10.0656 0x1138 Number of processors: 1
13:58:10.0656 0x1138 Page size: 0x1000
13:58:10.0656 0x1138 Boot type: Normal boot
13:58:10.0656 0x1138 ============================================================
13:58:15.0358 0x1138 System UUID: {43676F91-1940-8A2B-FBEF-93E1954F3D4C}
13:58:18.0628 0x1138 Drive \Device\Harddisk0\DR0 - Size: 0x2540BE4000 (149.01 Gb), SectorSize: 0x200, Cylinders: 0x50BB, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050
13:58:18.0629 0x1138 Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:58:18.0674 0x1138 ============================================================
13:58:18.0674 0x1138 \Device\Harddisk0\DR0:
13:58:18.0675 0x1138 MBR partitions:
13:58:18.0675 0x1138 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
13:58:18.0675 0x1138 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x129D2800
13:58:18.0675 0x1138 \Device\Harddisk1\DR1:
13:58:18.0675 0x1138 MBR partitions:
13:58:18.0675 0x1138 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D682
13:58:18.0675 0x1138 ============================================================
13:58:18.0707 0x1138 C: <-> \Device\Harddisk0\DR0\Partition2
13:58:18.0735 0x1138 E: <-> \Device\Harddisk1\DR1\Partition1
13:58:18.0735 0x1138 ============================================================
13:58:18.0736 0x1138 Initialize success
13:58:18.0736 0x1138 ============================================================
13:59:06.0725 0x0e3c ============================================================
13:59:06.0725 0x0e3c Scan started
13:59:06.0725 0x0e3c Mode: Manual; TDLFS;
13:59:06.0725 0x0e3c ============================================================
13:59:06.0725 0x0e3c KSN ping started
13:59:09.0382 0x0e3c KSN ping finished: true
13:59:10.0077 0x0e3c ================ Scan system memory ========================
13:59:10.0078 0x0e3c System memory - ok
13:59:10.0082 0x0e3c ================ Scan services =============================
13:59:10.0229 0x0e3c [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
13:59:10.0360 0x0e3c 1394ohci - ok
13:59:10.0427 0x0e3c [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:59:10.0437 0x0e3c ACPI - ok
13:59:10.0476 0x0e3c [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:59:10.0512 0x0e3c AcpiPmi - ok
13:59:10.0612 0x0e3c [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
13:59:10.0648 0x0e3c AdobeARMservice - ok
13:59:10.0759 0x0e3c [ A283108E14F3970432C21AF4C0CB1BCE, 1D3219EF916D54232838870EDE557296AACB714B456ED0AAE0DE3CE3822F4643 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:59:10.0780 0x0e3c AdobeFlashPlayerUpdateSvc - ok
13:59:10.0866 0x0e3c [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
13:59:10.0912 0x0e3c adp94xx - ok
13:59:10.0959 0x0e3c [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
13:59:10.0984 0x0e3c adpahci - ok
13:59:11.0031 0x0e3c [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
13:59:11.0053 0x0e3c adpu320 - ok
13:59:11.0108 0x0e3c [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:59:11.0118 0x0e3c AeLookupSvc - ok
13:59:11.0161 0x0e3c [ 330A1E4DF07C2E29949ED8631CD8828E, 139127405B2D635B0252FF8D7308D671546F20B051C93C50A9013E7AB9D54835 ] AERTFilters C:\Windows\system32\AERTSrv.exe
13:59:11.0165 0x0e3c AERTFilters - ok
13:59:11.0225 0x0e3c [ F81BB7E487EDCEAB630A7EE66CF23913, 7D1638FD7E388EF670FA0A421762E0413351058A20DDF0F9988A383F05395A68 ] AFD C:\Windows\system32\drivers\afd.sys
13:59:11.0236 0x0e3c AFD - ok
13:59:11.0273 0x0e3c [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\drivers\agp440.sys
13:59:11.0300 0x0e3c agp440 - ok
13:59:11.0350 0x0e3c [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
13:59:11.0367 0x0e3c aic78xx - ok
13:59:11.0418 0x0e3c [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
13:59:11.0442 0x0e3c ALG - ok
13:59:11.0474 0x0e3c [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\drivers\aliide.sys
13:59:11.0490 0x0e3c aliide - ok
13:59:11.0530 0x0e3c [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
13:59:11.0540 0x0e3c amdagp - ok
13:59:11.0564 0x0e3c [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\drivers\amdide.sys
13:59:11.0581 0x0e3c amdide - ok
13:59:11.0631 0x0e3c [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
13:59:11.0668 0x0e3c AmdK8 - ok
13:59:11.0706 0x0e3c [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
13:59:11.0724 0x0e3c AmdPPM - ok
13:59:11.0777 0x0e3c [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:59:11.0793 0x0e3c amdsata - ok
13:59:11.0836 0x0e3c [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
13:59:11.0844 0x0e3c amdsbs - ok
13:59:11.0881 0x0e3c [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:59:11.0913 0x0e3c amdxata - ok
13:59:11.0954 0x0e3c [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID C:\Windows\system32\drivers\appid.sys
13:59:11.0997 0x0e3c AppID - ok
13:59:12.0037 0x0e3c [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:59:12.0057 0x0e3c AppIDSvc - ok
13:59:12.0117 0x0e3c [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo C:\Windows\System32\appinfo.dll
13:59:12.0126 0x0e3c Appinfo - ok
13:59:12.0180 0x0e3c [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt C:\Windows\System32\appmgmts.dll
13:59:12.0239 0x0e3c AppMgmt - ok
13:59:12.0277 0x0e3c [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\DRIVERS\arc.sys
13:59:12.0282 0x0e3c arc - ok
13:59:12.0312 0x0e3c [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
13:59:12.0317 0x0e3c arcsas - ok
13:59:12.0349 0x0e3c [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:59:12.0362 0x0e3c AsyncMac - ok
13:59:12.0387 0x0e3c [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\drivers\atapi.sys
13:59:12.0389 0x0e3c atapi - ok
13:59:12.0452 0x0e3c [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:59:12.0467 0x0e3c AudioEndpointBuilder - ok
13:59:12.0503 0x0e3c [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] Audiosrv C:\Windows\System32\Audiosrv.dll
13:59:12.0516 0x0e3c Audiosrv - ok
13:59:12.0799 0x0e3c [ 4DB93F4DB7077801D2D82013506AC1D0, 3D71655D1557021D5D828E37EAFDBA35C631061E48D64B9D376746F8FCC760B3 ] AVGIDSAgent C:\Program Files\AVG\AVG2013\avgidsagent.exe
13:59:12.0992 0x0e3c AVGIDSAgent - ok
13:59:13.0079 0x0e3c [ 4D7E34E36E586EA26F171A258341BD80, B11B750930382B19A257A7B259EBEDAE884971A59E649F4E346B285DCBF29D4A ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdriverx.sys
13:59:13.0101 0x0e3c AVGIDSDriver - ok
13:59:13.0164 0x0e3c [ 7C8E88549BCDAAC965B1B724C175F7A9, 86240BF965C60FFAF381879D1B2DD7190FAD597E7534AEE9A9E48A2BDEC119BA ] AVGIDSHX C:\Windows\system32\DRIVERS\avgidshx.sys
13:59:13.0207 0x0e3c AVGIDSHX - ok
13:59:13.0286 0x0e3c [ 2717EBC35166B8793DBFFB4390B8F2E7, F04307734F7C474320353AC4109FCF3D03D0BAFAF3C52209D2A3BD9FAFE9E784 ] AVGIDSShim C:\Windows\system32\DRIVERS\avgidsshimx.sys
13:59:13.0342 0x0e3c AVGIDSShim - ok
13:59:13.0390 0x0e3c [ 2018C4E9A40B122408763A5635CF14D9, E0BF5D5C7CFDD078F8BBA9627F1F8E0434B38A23FA9E039B37A22D7E1AD4EFFA ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys
13:59:13.0396 0x0e3c Avgldx86 - ok
13:59:13.0464 0x0e3c [ E2B9CF2CF787C6978E7CC898E9684E48, 73D5D8514EF1BF3BCC64DC158C68189D07B3940641F1155823C6822D03BC761B ] Avglogx C:\Windows\system32\DRIVERS\avglogx.sys
13:59:13.0474 0x0e3c Avglogx - ok
13:59:13.0505 0x0e3c [ 3F59750A3AA55C46663801E7C2FD1E2B, F748EB6552889974CB1FC6F666F2D78F654CAA990A339C741255355295CD46E8 ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys
13:59:13.0510 0x0e3c Avgmfx86 - ok
13:59:13.0574 0x0e3c [ CBCE8ED318DB8EA431F9D25AC9B7FF41, 14CD6A0A1FAFD37540953AE534F44378C14E43AD248DF6064E939B2ADE334F04 ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys
13:59:13.0578 0x0e3c Avgrkx86 - ok
13:59:13.0630 0x0e3c [ 14370FB29526F593C04FA48B5D69F7F0, EE5BBE674210AC3BC4103B6D43BABDCCCE681F3B0E93075F93CD453730C316B8 ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys
13:59:13.0641 0x0e3c Avgtdix - ok
13:59:13.0692 0x0e3c [ 48939D9F350AEF9370F03A1E49A49BE2, 889FC07FE2DC4262055F37F8EEFFE15D5F12615FF797951BE445B42152076327 ] avgwd C:\Program Files\AVG\AVG2013\avgwdsvc.exe
13:59:13.0714 0x0e3c avgwd - ok
13:59:13.0760 0x0e3c [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:59:13.0766 0x0e3c AxInstSV - ok
13:59:13.0819 0x0e3c [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
13:59:13.0841 0x0e3c b06bdrv - ok
13:59:13.0894 0x0e3c [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
13:59:13.0922 0x0e3c b57nd60x - ok
13:59:13.0998 0x0e3c [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
13:59:14.0043 0x0e3c BDESVC - ok
13:59:14.0089 0x0e3c [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
13:59:14.0092 0x0e3c Beep - ok
13:59:14.0137 0x0e3c [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\Windows\System32\bfe.dll
13:59:14.0153 0x0e3c BFE - ok
13:59:14.0211 0x0e3c [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\Windows\System32\qmgr.dll
13:59:14.0282 0x0e3c BITS - ok
13:59:14.0307 0x0e3c [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:59:14.0327 0x0e3c blbdrive - ok
13:59:14.0373 0x0e3c [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:59:14.0377 0x0e3c bowser - ok
13:59:14.0410 0x0e3c [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:59:14.0436 0x0e3c BrFiltLo - ok
13:59:14.0458 0x0e3c [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:59:14.0487 0x0e3c BrFiltUp - ok
13:59:14.0541 0x0e3c [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\Windows\System32\browser.dll
13:59:14.0562 0x0e3c Browser - ok
13:59:14.0607 0x0e3c [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:59:14.0661 0x0e3c Brserid - ok
13:59:14.0726 0x0e3c [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:59:14.0736 0x0e3c BrSerWdm - ok
13:59:14.0770 0x0e3c [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:59:14.0788 0x0e3c BrUsbMdm - ok
13:59:14.0808 0x0e3c [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:59:14.0817 0x0e3c BrUsbSer - ok
13:59:14.0848 0x0e3c [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
13:59:14.0852 0x0e3c BTHMODEM - ok
13:59:14.0906 0x0e3c [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
13:59:14.0928 0x0e3c bthserv - ok
13:59:15.0145 0x0e3c [ 3CCEE41F40015801D045BBBD9B5ED31B, 74583E6B15F5C7FE053502A1E5D27619FA8149FDBE571D1AEF1EDFF6BA347968 ] CarboniteService C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
13:59:15.0351 0x0e3c CarboniteService - ok
13:59:15.0417 0x0e3c [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:59:15.0422 0x0e3c cdfs - ok
13:59:15.0466 0x0e3c [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\Windows\system32\drivers\cdrom.sys
13:59:15.0471 0x0e3c cdrom - ok
13:59:15.0508 0x0e3c [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\Windows\System32\certprop.dll
13:59:15.0524 0x0e3c CertPropSvc - ok
13:59:15.0574 0x0e3c [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
13:59:15.0578 0x0e3c circlass - ok
13:59:15.0619 0x0e3c [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS C:\Windows\system32\CLFS.sys
13:59:15.0628 0x0e3c CLFS - ok
13:59:15.0693 0x0e3c [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:59:15.0754 0x0e3c clr_optimization_v2.0.50727_32 - ok
13:59:15.0825 0x0e3c [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:59:15.0942 0x0e3c clr_optimization_v4.0.30319_32 - ok
13:59:15.0979 0x0e3c [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
13:59:15.0998 0x0e3c CmBatt - ok
13:59:16.0042 0x0e3c [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:59:16.0045 0x0e3c cmdide - ok
13:59:16.0097 0x0e3c [ 247B4CE2DAB1160CD422D532D5241E1F, CFE04DBE48B23B084C3F4C3D0F483B26F322E4693176D8739A412BE5D8BE597E ] CNG C:\Windows\system32\Drivers\cng.sys
13:59:16.0131 0x0e3c CNG - ok
13:59:16.0170 0x0e3c [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
13:59:16.0183 0x0e3c Compbatt - ok
13:59:16.0213 0x0e3c [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
13:59:16.0217 0x0e3c CompositeBus - ok
13:59:16.0244 0x0e3c COMSysApp - ok
13:59:16.0269 0x0e3c [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
13:59:16.0272 0x0e3c crcdisk - ok
13:59:16.0332 0x0e3c [ 7CA1BECEA5DE2643ADDAD32670E7A4C9, E3AB4CC52A97E3855D7EAB87363F807FDD2162ED8C76A036CD71549ED64E7797 ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:59:16.0346 0x0e3c CryptSvc - ok
13:59:16.0396 0x0e3c [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC C:\Windows\system32\drivers\csc.sys
13:59:16.0430 0x0e3c CSC - ok
13:59:16.0486 0x0e3c [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService C:\Windows\System32\cscsvc.dll
13:59:16.0512 0x0e3c CscService - ok
13:59:16.0558 0x0e3c [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\Windows\system32\rpcss.dll
13:59:16.0571 0x0e3c DcomLaunch - ok
13:59:16.0610 0x0e3c [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
13:59:16.0619 0x0e3c defragsvc - ok
13:59:16.0671 0x0e3c [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:59:16.0676 0x0e3c DfsC - ok
13:59:16.0734 0x0e3c [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\Windows\system32\dhcpcore.dll
13:59:16.0743 0x0e3c Dhcp - ok
13:59:16.0775 0x0e3c [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
13:59:16.0779 0x0e3c discache - ok
13:59:16.0814 0x0e3c [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\DRIVERS\disk.sys
13:59:16.0818 0x0e3c Disk - ok
13:59:16.0855 0x0e3c [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:59:16.0861 0x0e3c Dnscache - ok
13:59:16.0904 0x0e3c [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\Windows\System32\dot3svc.dll
13:59:16.0931 0x0e3c dot3svc - ok
13:59:16.0984 0x0e3c [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\Windows\system32\dps.dll
13:59:16.0990 0x0e3c DPS - ok
13:59:17.0038 0x0e3c [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:59:17.0186 0x0e3c drmkaud - ok
13:59:17.0254 0x0e3c [ 71BC35067CABC02C9453AEAA42B2E43E, 713B19F2C08EA5E4C087F7A74A8856932CF33E19D63384823DD4E02ED8798619 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:59:17.0320 0x0e3c DXGKrnl - ok
13:59:17.0359 0x0e3c [ CF0A6015F437161698C5B2A0A12CF052, C23A777CF5D34C96B16A4A6197DA3F14CC2F8C56421E422BBD46617C941DBBCE ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
13:59:17.0381 0x0e3c e1express - ok
13:59:17.0433 0x0e3c [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
13:59:17.0438 0x0e3c EapHost - ok
13:59:17.0596 0x0e3c [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
13:59:17.0703 0x0e3c ebdrv - ok
13:59:17.0767 0x0e3c [ 81951F51E318AECC2D68559E47485CC4, ACF76395EF4A2ED03AB919A9DA04D3A4C03B4D0EDC60BE123B3BE1AFE78BC71B ] EFS C:\Windows\System32\lsass.exe
13:59:17.0771 0x0e3c EFS - ok
13:59:17.0842 0x0e3c [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:59:17.0876 0x0e3c ehRecvr - ok
13:59:17.0923 0x0e3c [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
13:59:17.0963 0x0e3c ehSched - ok
13:59:18.0040 0x0e3c [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
13:59:18.0068 0x0e3c elxstor - ok
13:59:18.0126 0x0e3c [ ABDD5AD016AFFD34AD40E944CE94BF59, 61089124CD8FEA31142CD4D3C47224A6310B9BE7B7FA974956D9EDDAD4381503 ] EpsonBidirectionalService C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
13:59:18.0131 0x0e3c EpsonBidirectionalService - ok
13:59:18.0194 0x0e3c [ B78436CA173FF723A1EACE5CD4900375, 6B80EAD3111FB0A48AFF35C07F0FF7BEDDF1E34200EFC599B8E92CEE4B372736 ] EpsonCustomerParticipation C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
13:59:18.0221 0x0e3c EpsonCustomerParticipation - ok
13:59:18.0289 0x0e3c [ A2349A0013832F58260FC0C95914AA22, 1DB38BEB8FF743D327E84C7D70F7D4CE4049689389A5E10346C2C151D66D26CA ] EPSON_PM_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE
13:59:18.0336 0x0e3c EPSON_PM_RPCV4_04 - ok
13:59:18.0419 0x0e3c [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:59:18.0424 0x0e3c ErrDev - ok
13:59:18.0500 0x0e3c [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
13:59:18.0519 0x0e3c EventSystem - ok
13:59:18.0553 0x0e3c [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
13:59:18.0568 0x0e3c exfat - ok
13:59:18.0605 0x0e3c [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:59:18.0632 0x0e3c fastfat - ok
13:59:18.0706 0x0e3c [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\Windows\system32\fxssvc.exe
13:59:18.0723 0x0e3c Fax - ok
13:59:18.0761 0x0e3c [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
13:59:18.0770 0x0e3c fdc - ok
13:59:18.0809 0x0e3c [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
13:59:18.0812 0x0e3c fdPHost - ok
13:59:18.0838 0x0e3c [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
13:59:18.0841 0x0e3c FDResPub - ok
13:59:18.0857 0x0e3c [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:59:18.0865 0x0e3c FileInfo - ok
13:59:18.0889 0x0e3c [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:59:18.0899 0x0e3c Filetrace - ok
13:59:18.0973 0x0e3c [ B8602C90D3C427D8A86CE60437615CF5, E8058E71FD60D21884CBCF398338A65A92926BAC406F96713A262BDFDD04C80A ] FlipShare Service C:\Program Files\Flip Video\FlipShare\FlipShareService.exe

Ekuegiap
2013-10-29, 21:17
13:59:19.0002 0x0e3c FlipShare Service - ok
13:59:19.0089 0x0e3c [ AC5FB7094F31534594CAE48306972CBD, DB5A0F63EF6ABF68B1A952A05646A163A5C075E3571682FC1C4B32918E1569FC ] FlipShareServer C:\Program Files\Flip Video\FlipShareServer\FlipShareServer.exe
13:59:19.0138 0x0e3c FlipShareServer - ok
13:59:19.0175 0x0e3c [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
13:59:19.0178 0x0e3c flpydisk - ok
13:59:19.0222 0x0e3c [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:59:19.0230 0x0e3c FltMgr - ok
13:59:19.0315 0x0e3c [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache C:\Windows\system32\FntCache.dll
13:59:19.0356 0x0e3c FontCache - ok
13:59:19.0412 0x0e3c [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:59:19.0436 0x0e3c FontCache3.0.0.0 - ok
13:59:19.0467 0x0e3c [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:59:19.0471 0x0e3c FsDepends - ok
13:59:19.0507 0x0e3c [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:59:19.0512 0x0e3c Fs_Rec - ok
13:59:19.0589 0x0e3c [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:59:19.0600 0x0e3c fvevol - ok
13:59:19.0644 0x0e3c [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
13:59:19.0653 0x0e3c gagp30kx - ok
13:59:19.0707 0x0e3c [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\Windows\System32\gpsvc.dll
13:59:19.0733 0x0e3c gpsvc - ok
13:59:19.0773 0x0e3c [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:59:19.0835 0x0e3c hcw85cir - ok
13:59:19.0888 0x0e3c [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:59:19.0938 0x0e3c HdAudAddService - ok
13:59:19.0983 0x0e3c [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
13:59:19.0988 0x0e3c HDAudBus - ok
13:59:20.0020 0x0e3c [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
13:59:20.0023 0x0e3c HidBatt - ok
13:59:20.0052 0x0e3c [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
13:59:20.0061 0x0e3c HidBth - ok
13:59:20.0098 0x0e3c [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
13:59:20.0102 0x0e3c HidIr - ok
13:59:20.0132 0x0e3c [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\system32\hidserv.dll
13:59:20.0153 0x0e3c hidserv - ok
13:59:20.0217 0x0e3c [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
13:59:20.0232 0x0e3c HidUsb - ok
13:59:20.0274 0x0e3c [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\Windows\system32\kmsvc.dll
13:59:20.0280 0x0e3c hkmsvc - ok
13:59:20.0314 0x0e3c [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:59:20.0322 0x0e3c HomeGroupListener - ok
13:59:20.0348 0x0e3c [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:59:20.0356 0x0e3c HomeGroupProvider - ok
13:59:20.0401 0x0e3c [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:59:20.0424 0x0e3c HpSAMD - ok
13:59:20.0479 0x0e3c [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:59:20.0498 0x0e3c HTTP - ok
13:59:20.0527 0x0e3c [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:59:20.0530 0x0e3c hwpolicy - ok
13:59:20.0572 0x0e3c [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
13:59:20.0597 0x0e3c i8042prt - ok
13:59:20.0662 0x0e3c [ 934AF4D7C5F457B9F0743F4299B77B67, F232554352BB7CD716D6173FC1AB2661E49480994BB22E9A6FE7A33B51F0A51B ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:59:20.0681 0x0e3c iaStorV - ok
13:59:20.0765 0x0e3c [ C521D7EB6497BB1AF6AFA89E322FB43C, BDDCFCBB5B76A9295669B5AC9F732D6127199ED5C300770B554C4E4794F66BB7 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:59:20.0834 0x0e3c idsvc - ok
13:59:21.0081 0x0e3c [ 9467514EA189475A6E7FDC5D7BDE9D3F, E6F5B99BF6B614832770F9310B06334A8174C7660DDEC7589433640527A14683 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
13:59:21.0367 0x0e3c igfx - ok
13:59:21.0445 0x0e3c [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
13:59:21.0455 0x0e3c iirsp - ok
13:59:21.0505 0x0e3c [ F95622F161474511B8D80D6B093AA610, F2320E25EB9B4AA9A8366BD3AA23EABEBE111A5610D3A62EBA47D90427D5BC26 ] IKEEXT C:\Windows\System32\ikeext.dll
13:59:21.0538 0x0e3c IKEEXT - ok
13:59:21.0658 0x0e3c [ F8F53C5449F15B23D4C61D51D2701DA8, BDAE41E3A5798FA11E979DAE84EB5F21D9C271196A757429ED1DACD732822CF9 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
13:59:24.0680 0x0e3c IntcAzAudAddService - ok
13:59:24.0759 0x0e3c [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\drivers\intelide.sys
13:59:24.0851 0x0e3c intelide - ok
13:59:24.0947 0x0e3c [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:59:24.0981 0x0e3c intelppm - ok
13:59:25.0131 0x0e3c [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:59:25.0156 0x0e3c IPBusEnum - ok
13:59:25.0205 0x0e3c [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:59:25.0238 0x0e3c IpFilterDriver - ok
13:59:25.0484 0x0e3c [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:59:25.0536 0x0e3c iphlpsvc - ok
13:59:25.0614 0x0e3c [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
13:59:25.0672 0x0e3c IPMIDRV - ok
13:59:25.0712 0x0e3c [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:59:25.0718 0x0e3c IPNAT - ok
13:59:25.0789 0x0e3c [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:59:25.0814 0x0e3c IRENUM - ok
13:59:25.0853 0x0e3c [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:59:25.0892 0x0e3c isapnp - ok
13:59:25.0944 0x0e3c [ CB7A9ABB12B8415BCE5D74994C7BA3AE, 464BFF3F5EEE985BE075E23E1813F5CB82A9A0771A92C6D889B13B867BCDF647 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
13:59:25.0961 0x0e3c iScsiPrt - ok
13:59:26.0005 0x0e3c [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:59:26.0023 0x0e3c kbdclass - ok
13:59:26.0060 0x0e3c [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
13:59:26.0077 0x0e3c kbdhid - ok
13:59:26.0110 0x0e3c [ 81951F51E318AECC2D68559E47485CC4, ACF76395EF4A2ED03AB919A9DA04D3A4C03B4D0EDC60BE123B3BE1AFE78BC71B ] KeyIso C:\Windows\system32\lsass.exe
13:59:26.0114 0x0e3c KeyIso - ok
13:59:26.0150 0x0e3c [ B7895B4182C0D16F6EFADEB8081E8D36, BAC3BAD22207C8826125FD7721C96F2C7A238960FD9398A3D4573E14648E9DB9 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:59:26.0174 0x0e3c KSecDD - ok
13:59:26.0198 0x0e3c [ D30159AC9237519FBC62C6EC247D2D46, 10BDE041C95D0CCD3591ED497002043FEC3A5F732D7AE311FBA457E0FE16CE4B ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:59:26.0207 0x0e3c KSecPkg - ok
13:59:26.0247 0x0e3c [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
13:59:26.0274 0x0e3c KtmRm - ok
13:59:26.0331 0x0e3c [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\Windows\system32\srvsvc.dll
13:59:26.0340 0x0e3c LanmanServer - ok
13:59:26.0390 0x0e3c [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:59:26.0397 0x0e3c LanmanWorkstation - ok
13:59:26.0449 0x0e3c [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:59:26.0453 0x0e3c lltdio - ok
13:59:26.0490 0x0e3c [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:59:26.0514 0x0e3c lltdsvc - ok
13:59:26.0548 0x0e3c [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:59:26.0551 0x0e3c lmhosts - ok
13:59:26.0594 0x0e3c [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
13:59:26.0605 0x0e3c LSI_FC - ok
13:59:26.0637 0x0e3c [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
13:59:26.0642 0x0e3c LSI_SAS - ok
13:59:26.0670 0x0e3c [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:59:26.0698 0x0e3c LSI_SAS2 - ok
13:59:26.0728 0x0e3c [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:59:26.0736 0x0e3c LSI_SCSI - ok
13:59:26.0767 0x0e3c [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
13:59:26.0771 0x0e3c luafv - ok
13:59:26.0812 0x0e3c lxdu_device - ok
13:59:26.0854 0x0e3c [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:59:26.0865 0x0e3c Mcx2Svc - ok
13:59:26.0895 0x0e3c [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
13:59:26.0898 0x0e3c megasas - ok
13:59:26.0937 0x0e3c [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
13:59:26.0950 0x0e3c MegaSR - ok
13:59:26.0984 0x0e3c [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
13:59:26.0990 0x0e3c MMCSS - ok
13:59:27.0010 0x0e3c [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
13:59:27.0014 0x0e3c Modem - ok
13:59:27.0048 0x0e3c [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:59:27.0051 0x0e3c monitor - ok
13:59:27.0080 0x0e3c [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:59:27.0083 0x0e3c mouclass - ok
13:59:27.0126 0x0e3c [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:59:27.0130 0x0e3c mouhid - ok
13:59:27.0185 0x0e3c [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:59:27.0191 0x0e3c mountmgr - ok
13:59:27.0229 0x0e3c [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\Windows\system32\drivers\mpio.sys
13:59:27.0269 0x0e3c mpio - ok
13:59:27.0320 0x0e3c [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:59:27.0330 0x0e3c mpsdrv - ok
13:59:27.0394 0x0e3c [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:59:27.0428 0x0e3c MpsSvc - ok
13:59:27.0470 0x0e3c [ 21F4B24ACFC79A483515BD986DD9043F, 22681907E02E0B723ABE2CEF0602D36C8EF862E7E2B62A9B40A5EF582E58D7BA ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:59:27.0540 0x0e3c MRxDAV - ok
13:59:27.0579 0x0e3c [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:59:27.0584 0x0e3c mrxsmb - ok
13:59:27.0620 0x0e3c [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:59:27.0628 0x0e3c mrxsmb10 - ok
13:59:27.0661 0x0e3c [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:59:27.0666 0x0e3c mrxsmb20 - ok
13:59:27.0711 0x0e3c [ 4326D168944123F38DD3B2D9C37A0B12, 322AE93418BE3BA6B3E11C86431EC3F4B23CADC3B968B92978A08A7C0D0D8902 ] msahci C:\Windows\system32\drivers\msahci.sys
13:59:27.0715 0x0e3c msahci - ok
13:59:27.0745 0x0e3c [ 455029C7174A2DBB03DBA8A0D8BDDD9A, 614D71978B024109ADD9A7A74F74ABD5FAA1C36A2E859AF288398EAE7CD76DF2 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:59:27.0756 0x0e3c msdsm - ok
13:59:27.0797 0x0e3c [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
13:59:27.0805 0x0e3c MSDTC - ok
13:59:27.0854 0x0e3c [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:59:27.0862 0x0e3c Msfs - ok
13:59:27.0885 0x0e3c [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:59:27.0887 0x0e3c mshidkmdf - ok
13:59:27.0927 0x0e3c [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:59:27.0930 0x0e3c msisadrv - ok
13:59:27.0974 0x0e3c [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:59:27.0980 0x0e3c MSiSCSI - ok
13:59:27.0999 0x0e3c msiserver - ok
13:59:28.0044 0x0e3c [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:59:28.0048 0x0e3c MSKSSRV - ok
13:59:28.0074 0x0e3c [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:59:28.0083 0x0e3c MSPCLOCK - ok
13:59:28.0109 0x0e3c [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:59:28.0113 0x0e3c MSPQM - ok
13:59:28.0143 0x0e3c [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:59:28.0150 0x0e3c MsRPC - ok
13:59:28.0188 0x0e3c [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
13:59:28.0192 0x0e3c mssmbios - ok
13:59:28.0221 0x0e3c [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:59:28.0228 0x0e3c MSTEE - ok
13:59:28.0260 0x0e3c [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
13:59:28.0264 0x0e3c MTConfig - ok
13:59:28.0286 0x0e3c [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
13:59:28.0294 0x0e3c Mup - ok
13:59:28.0340 0x0e3c [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\Windows\system32\qagentRT.dll
13:59:28.0363 0x0e3c napagent - ok
13:59:28.0414 0x0e3c [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:59:28.0423 0x0e3c NativeWifiP - ok
13:59:28.0496 0x0e3c [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS C:\Windows\system32\drivers\ndis.sys
13:59:28.0521 0x0e3c NDIS - ok
13:59:28.0562 0x0e3c [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:59:28.0588 0x0e3c NdisCap - ok
13:59:28.0625 0x0e3c [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:59:28.0650 0x0e3c NdisTapi - ok
13:59:28.0696 0x0e3c [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:59:28.0719 0x0e3c Ndisuio - ok
13:59:28.0752 0x0e3c [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:59:28.0764 0x0e3c NdisWan - ok
13:59:28.0805 0x0e3c [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:59:28.0841 0x0e3c NDProxy - ok
13:59:28.0882 0x0e3c [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:59:28.0886 0x0e3c NetBIOS - ok
13:59:28.0919 0x0e3c [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:59:28.0927 0x0e3c NetBT - ok
13:59:28.0948 0x0e3c [ 81951F51E318AECC2D68559E47485CC4, ACF76395EF4A2ED03AB919A9DA04D3A4C03B4D0EDC60BE123B3BE1AFE78BC71B ] Netlogon C:\Windows\system32\lsass.exe
13:59:28.0951 0x0e3c Netlogon - ok
13:59:29.0007 0x0e3c [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
13:59:29.0019 0x0e3c Netman - ok
13:59:29.0050 0x0e3c [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
13:59:29.0063 0x0e3c netprofm - ok
13:59:29.0104 0x0e3c [ F476EC40033CDB91EFBE73EB99B8362D, B17535037BC070F9AE1F6B381C2DBEE27658A8FDE15FB0E061F485EA7C7CBE59 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:59:29.0119 0x0e3c NetTcpPortSharing - ok
13:59:29.0168 0x0e3c [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
13:59:29.0184 0x0e3c nfrd960 - ok
13:59:29.0238 0x0e3c [ 374071043F9E4231EE43BE2BB48DD36D, C4FA3FC40CC49DBBB91901D14210A55D3831FAC9F9B3FF45FCA7F5CF242C9E92 ] NlaSvc C:\Windows\System32\nlasvc.dll
13:59:29.0248 0x0e3c NlaSvc - ok
13:59:29.0270 0x0e3c [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:59:29.0293 0x0e3c Npfs - ok
13:59:29.0358 0x0e3c [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
13:59:29.0408 0x0e3c nsi - ok
13:59:29.0474 0x0e3c [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:59:29.0623 0x0e3c nsiproxy - ok
13:59:29.0719 0x0e3c [ 5E43D2B0EE64123D4880DFA6626DEFDE, 164413A22DE58B19EA2B4120034B46D6BE1F424B80C3421E10BE5C81153D049F ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:59:29.0829 0x0e3c Ntfs - ok
13:59:29.0870 0x0e3c [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
13:59:29.0900 0x0e3c Null - ok
13:59:29.0939 0x0e3c [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:59:29.0981 0x0e3c nvraid - ok
13:59:30.0036 0x0e3c [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:59:30.0077 0x0e3c nvstor - ok
13:59:30.0111 0x0e3c [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:59:30.0136 0x0e3c nv_agp - ok
13:59:30.0159 0x0e3c [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:59:30.0214 0x0e3c ohci1394 - ok
13:59:30.0257 0x0e3c [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:59:30.0268 0x0e3c ose - ok
13:59:30.0472 0x0e3c [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:59:30.0647 0x0e3c osppsvc - ok
13:59:30.0744 0x0e3c [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:59:30.0755 0x0e3c p2pimsvc - ok
13:59:30.0805 0x0e3c [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
13:59:30.0817 0x0e3c p2psvc - ok
13:59:30.0859 0x0e3c [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\DRIVERS\parport.sys
13:59:30.0863 0x0e3c Parport - ok
13:59:30.0905 0x0e3c [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:59:30.0908 0x0e3c partmgr - ok
13:59:30.0938 0x0e3c [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
13:59:30.0956 0x0e3c Parvdm - ok
13:59:31.0028 0x0e3c [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc C:\Windows\System32\pcasvc.dll
13:59:31.0036 0x0e3c PcaSvc - ok
13:59:31.0061 0x0e3c [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\Windows\system32\drivers\pci.sys
13:59:31.0067 0x0e3c pci - ok
13:59:31.0097 0x0e3c [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\drivers\pciide.sys
13:59:31.0118 0x0e3c pciide - ok
13:59:31.0209 0x0e3c [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
13:59:31.0216 0x0e3c pcmcia - ok
13:59:31.0255 0x0e3c [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
13:59:31.0265 0x0e3c pcw - ok
13:59:31.0418 0x0e3c [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:59:31.0478 0x0e3c PEAUTH - ok
13:59:31.0550 0x0e3c [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
13:59:31.0628 0x0e3c PeerDistSvc - ok
13:59:32.0130 0x0e3c [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\Windows\system32\pla.dll
13:59:32.0188 0x0e3c pla - ok
13:59:32.0252 0x0e3c [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:59:32.0268 0x0e3c PlugPlay - ok
13:59:32.0296 0x0e3c [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:59:32.0323 0x0e3c PNRPAutoReg - ok
13:59:32.0388 0x0e3c [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:59:32.0398 0x0e3c PNRPsvc - ok
13:59:32.0450 0x0e3c [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:59:32.0462 0x0e3c PolicyAgent - ok
13:59:32.0526 0x0e3c [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\Windows\system32\umpo.dll
13:59:32.0540 0x0e3c Power - ok
13:59:32.0580 0x0e3c [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:59:32.0609 0x0e3c PptpMiniport - ok
13:59:32.0642 0x0e3c [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\DRIVERS\processr.sys
13:59:32.0646 0x0e3c Processor - ok
13:59:32.0692 0x0e3c [ CADEFAC453040E370A1BDFF3973BE00D, 2E3DD8DA702468D8AB0F3CE27188B1991D4CB015FB36BAE4C6E7996B61CF49B8 ] ProfSvc C:\Windows\system32\profsvc.dll
13:59:32.0737 0x0e3c ProfSvc - ok
13:59:32.0761 0x0e3c [ 81951F51E318AECC2D68559E47485CC4, ACF76395EF4A2ED03AB919A9DA04D3A4C03B4D0EDC60BE123B3BE1AFE78BC71B ] ProtectedStorage C:\Windows\system32\lsass.exe
13:59:32.0764 0x0e3c ProtectedStorage - ok
13:59:32.0817 0x0e3c [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:59:32.0825 0x0e3c Psched - ok
13:59:32.0920 0x0e3c [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
13:59:33.0021 0x0e3c ql2300 - ok
13:59:33.0057 0x0e3c [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
13:59:33.0089 0x0e3c ql40xx - ok
13:59:33.0154 0x0e3c [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
13:59:33.0164 0x0e3c QWAVE - ok
13:59:33.0199 0x0e3c [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:59:33.0202 0x0e3c QWAVEdrv - ok
13:59:33.0239 0x0e3c [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:59:33.0255 0x0e3c RasAcd - ok
13:59:33.0290 0x0e3c [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:59:33.0294 0x0e3c RasAgileVpn - ok
13:59:33.0335 0x0e3c [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
13:59:33.0344 0x0e3c RasAuto - ok
13:59:33.0377 0x0e3c [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:59:33.0381 0x0e3c Rasl2tp - ok
13:59:33.0461 0x0e3c [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\Windows\System32\rasmans.dll
13:59:33.0476 0x0e3c RasMan - ok
13:59:33.0512 0x0e3c [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:59:33.0516 0x0e3c RasPppoe - ok
13:59:33.0559 0x0e3c [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:59:33.0585 0x0e3c RasSstp - ok
13:59:33.0643 0x0e3c [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:59:33.0666 0x0e3c rdbss - ok
13:59:33.0695 0x0e3c [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
13:59:33.0706 0x0e3c rdpbus - ok
13:59:33.0748 0x0e3c [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:59:33.0751 0x0e3c RDPCDD - ok
13:59:33.0815 0x0e3c [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
13:59:33.0875 0x0e3c RDPDR - ok
13:59:33.0915 0x0e3c [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:59:33.0918 0x0e3c RDPENCDD - ok
13:59:33.0990 0x0e3c [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:59:34.0011 0x0e3c RDPREFMP - ok
13:59:34.0073 0x0e3c [ F031683E6D1FEA157ABB2FF260B51E61, 83B552819A5964152882C527E1421DBCEAACC74DEB897E3C4B53F52F1467FED3 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:59:34.0150 0x0e3c RDPWD - ok
13:59:34.0194 0x0e3c [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:59:34.0218 0x0e3c rdyboost - ok
13:59:34.0248 0x0e3c [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:59:34.0281 0x0e3c RemoteAccess - ok
13:59:34.0327 0x0e3c [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:59:34.0359 0x0e3c RemoteRegistry - ok
13:59:34.0407 0x0e3c [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:59:34.0428 0x0e3c RpcEptMapper - ok
13:59:34.0480 0x0e3c [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
13:59:34.0492 0x0e3c RpcLocator - ok
13:59:34.0532 0x0e3c [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\Windows\system32\rpcss.dll
13:59:34.0544 0x0e3c RpcSs - ok
13:59:34.0590 0x0e3c [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:59:34.0595 0x0e3c rspndr - ok
13:59:34.0726 0x0e3c [ 031C4928ABA3E209CD6F96B7F4B085ED, 1D3E60B0603365831676E8B537E74453A22A2297FB3C8B6F01975E68B6DC0BCB ] RTL8192su C:\Windows\system32\DRIVERS\RTL8192su.sys
13:59:34.0798 0x0e3c RTL8192su - ok
13:59:34.0833 0x0e3c [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap C:\Windows\system32\drivers\vms3cap.sys
13:59:34.0857 0x0e3c s3cap - ok
13:59:34.0892 0x0e3c [ 81951F51E318AECC2D68559E47485CC4, ACF76395EF4A2ED03AB919A9DA04D3A4C03B4D0EDC60BE123B3BE1AFE78BC71B ] SamSs C:\Windows\system32\lsass.exe
13:59:34.0895 0x0e3c SamSs - ok
13:59:34.0927 0x0e3c [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:59:34.0932 0x0e3c sbp2port - ok
13:59:35.0148 0x0e3c [ 794D4B48DFB6E999537C7C3947863463, 93DA8AA20D6B02A3360E7F56150F126E75266E9372E6409D42B89DA588EF49C3 ] SBSDWSCService C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
13:59:35.0198 0x0e3c SBSDWSCService - ok
13:59:35.0270 0x0e3c [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:59:35.0278 0x0e3c SCardSvr - ok
13:59:35.0318 0x0e3c [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:59:35.0323 0x0e3c scfilter - ok
13:59:35.0433 0x0e3c [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule C:\Windows\system32\schedsvc.dll
13:59:35.0469 0x0e3c Schedule - ok
13:59:35.0497 0x0e3c [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\Windows\System32\certprop.dll
13:59:35.0499 0x0e3c SCPolicySvc - ok
13:59:35.0553 0x0e3c [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:59:35.0629 0x0e3c SDRSVC - ok
13:59:35.0668 0x0e3c [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:59:35.0683 0x0e3c secdrv - ok
13:59:35.0714 0x0e3c [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\Windows\system32\seclogon.dll
13:59:35.0720 0x0e3c seclogon - ok
13:59:35.0741 0x0e3c [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\System32\sens.dll
13:59:35.0747 0x0e3c SENS - ok
13:59:35.0796 0x0e3c [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:59:35.0820 0x0e3c SensrSvc - ok
13:59:35.0857 0x0e3c [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
13:59:35.0872 0x0e3c Serenum - ok
13:59:35.0921 0x0e3c [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\DRIVERS\serial.sys
13:59:35.0926 0x0e3c Serial - ok
13:59:35.0969 0x0e3c [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
13:59:35.0977 0x0e3c sermouse - ok
13:59:36.0045 0x0e3c [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\Windows\system32\sessenv.dll
13:59:36.0053 0x0e3c SessionEnv - ok
13:59:36.0085 0x0e3c [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:59:36.0087 0x0e3c sffdisk - ok
13:59:36.0122 0x0e3c [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:59:36.0139 0x0e3c sffp_mmc - ok
13:59:36.0169 0x0e3c [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:59:36.0172 0x0e3c sffp_sd - ok
13:59:36.0221 0x0e3c [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
13:59:36.0223 0x0e3c sfloppy - ok
13:59:36.0278 0x0e3c [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:59:36.0307 0x0e3c SharedAccess - ok
13:59:36.0387 0x0e3c [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:59:36.0412 0x0e3c ShellHWDetection - ok
13:59:36.0450 0x0e3c [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\drivers\sisagp.sys
13:59:36.0454 0x0e3c sisagp - ok
13:59:36.0496 0x0e3c [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:59:36.0500 0x0e3c SiSRaid2 - ok
13:59:36.0524 0x0e3c [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
13:59:36.0529 0x0e3c SiSRaid4 - ok
13:59:36.0563 0x0e3c [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:59:36.0572 0x0e3c Smb - ok
13:59:36.0646 0x0e3c [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:59:36.0660 0x0e3c SNMPTRAP - ok
13:59:36.0717 0x0e3c [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
13:59:36.0766 0x0e3c spldr - ok
13:59:36.0819 0x0e3c [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler C:\Windows\System32\spoolsv.exe
13:59:36.0852 0x0e3c Spooler - ok
13:59:36.0997 0x0e3c [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\Windows\system32\sppsvc.exe
13:59:37.0138 0x0e3c sppsvc - ok
13:59:37.0181 0x0e3c [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:59:37.0193 0x0e3c sppuinotify - ok
13:59:37.0264 0x0e3c [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv C:\Windows\system32\DRIVERS\srv.sys
13:59:37.0288 0x0e3c srv - ok
13:59:37.0332 0x0e3c [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:59:37.0345 0x0e3c srv2 - ok
13:59:37.0402 0x0e3c [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:59:37.0407 0x0e3c srvnet - ok
13:59:37.0449 0x0e3c [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:59:37.0458 0x0e3c SSDPSRV - ok
13:59:37.0490 0x0e3c [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:59:37.0497 0x0e3c SstpSvc - ok
13:59:37.0532 0x0e3c [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
13:59:37.0548 0x0e3c stexstor - ok
13:59:37.0629 0x0e3c [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\Windows\System32\wiaservc.dll
13:59:37.0652 0x0e3c StiSvc - ok
13:59:37.0680 0x0e3c [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt C:\Windows\system32\drivers\vmstorfl.sys
13:59:37.0691 0x0e3c storflt - ok
13:59:37.0726 0x0e3c [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc C:\Windows\system32\storsvc.dll
13:59:37.0748 0x0e3c StorSvc - ok
13:59:37.0795 0x0e3c [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc C:\Windows\system32\drivers\storvsc.sys
13:59:37.0798 0x0e3c storvsc - ok
13:59:37.0841 0x0e3c [ A089FA4AF3D36AE69A349627A15BCA4C, 730729A721EE81444A5CE757360097B9FB40A41DEC9CACD13823EFFA8F82E133 ] SWDUMon C:\Windows\system32\DRIVERS\SWDUMon.sys
13:59:37.0849 0x0e3c SWDUMon - ok
13:59:37.0881 0x0e3c [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\drivers\swenum.sys
13:59:37.0891 0x0e3c swenum - ok
13:59:37.0972 0x0e3c [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
13:59:37.0985 0x0e3c swprv - ok
13:59:38.0088 0x0e3c [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain C:\Windows\system32\sysmain.dll
13:59:38.0158 0x0e3c SysMain - ok
13:59:38.0197 0x0e3c [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
13:59:38.0233 0x0e3c TabletInputService - ok
13:59:38.0260 0x0e3c [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\Windows\System32\tapisrv.dll
13:59:38.0294 0x0e3c TapiSrv - ok
13:59:38.0341 0x0e3c [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\Windows\System32\tbssvc.dll
13:59:38.0372 0x0e3c TBS - ok
13:59:38.0451 0x0e3c [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:59:38.0518 0x0e3c Tcpip - ok
13:59:38.0638 0x0e3c [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:59:38.0692 0x0e3c TCPIP6 - ok
13:59:38.0764 0x0e3c [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:59:38.0769 0x0e3c tcpipreg - ok
13:59:38.0816 0x0e3c [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:59:38.0837 0x0e3c TDPIPE - ok
13:59:38.0872 0x0e3c [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:59:38.0920 0x0e3c TDTCP - ok
13:59:38.0979 0x0e3c [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

Ekuegiap
2013-10-29, 21:19
13:59:39.0012 0x0e3c tdx - ok
13:59:39.0057 0x0e3c [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\Windows\system32\drivers\termdd.sys
13:59:39.0067 0x0e3c TermDD - ok
13:59:39.0128 0x0e3c [ 382C804C92811BE57829D8E550A900E2, 5F52C2E7902024CF1C9CC0069F411C3F19CCA3DB209F437FA0F3932D4898EB50 ] TermService C:\Windows\System32\termsrv.dll
13:59:39.0148 0x0e3c TermService - ok
13:59:39.0176 0x0e3c [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
13:59:39.0181 0x0e3c Themes - ok
13:59:39.0214 0x0e3c [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
13:59:39.0218 0x0e3c THREADORDER - ok
13:59:39.0250 0x0e3c [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
13:59:39.0261 0x0e3c TrkWks - ok
13:59:39.0338 0x0e3c [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:59:39.0354 0x0e3c TrustedInstaller - ok
13:59:39.0424 0x0e3c [ B37B08F2E5EEB1A37E448E09BACE1101, 32CC9E06B88BAB6FAB4696B744548DFCE9199A7FD2BA8B019F269CA75895852C ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:59:39.0492 0x0e3c tssecsrv - ok
13:59:39.0528 0x0e3c [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:59:39.0537 0x0e3c TsUsbFlt - ok
13:59:39.0784 0x0e3c [ 37B1903A5E74CDF04DA4FDAA48578873, 9CC0DA9D90A93EBB3119215BB2C7F5324A53348B40024D4E7A1A1818BA22AC33 ] TuneUp.UtilitiesSvc C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
13:59:39.0884 0x0e3c TuneUp.UtilitiesSvc - ok
13:59:39.0984 0x0e3c [ E5049C43601473B5A909058596111229, 96CFE481F767C66FA2877594384086C1BE8B2BADBF12DBF4CB72CF73898D0876 ] TuneUpUtilitiesDrv C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys
13:59:39.0986 0x0e3c TuneUpUtilitiesDrv - ok
13:59:40.0039 0x0e3c [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:59:40.0046 0x0e3c tunnel - ok
13:59:40.0080 0x0e3c [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
13:59:40.0091 0x0e3c uagp35 - ok
13:59:40.0150 0x0e3c [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:59:40.0159 0x0e3c udfs - ok
13:59:40.0223 0x0e3c [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:59:40.0229 0x0e3c UI0Detect - ok
13:59:40.0263 0x0e3c [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:59:40.0266 0x0e3c uliagpkx - ok
13:59:40.0310 0x0e3c [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:59:40.0314 0x0e3c umbus - ok
13:59:40.0360 0x0e3c [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
13:59:40.0373 0x0e3c UmPass - ok
13:59:40.0459 0x0e3c [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService C:\Windows\System32\umrdp.dll
13:59:40.0469 0x0e3c UmRdpService - ok
13:59:40.0510 0x0e3c [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
13:59:40.0521 0x0e3c upnphost - ok
13:59:40.0577 0x0e3c [ 71D97F1A3CC47A56728F7A400A3F8295, ED3FDB73D8A98D9BAF702C0F5C7AD79D525D19DCE1487D442536913BEA5C7F15 ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
13:59:41.0193 0x0e3c usbccgp - ok
13:59:41.0245 0x0e3c [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:59:41.0273 0x0e3c usbcir - ok
13:59:41.0307 0x0e3c [ C4FB8E7ADEA9B5CEEA885A1B504B7E40, 3E0AE5D236890452F2EA33504309A7E5FE49C567FF6F68A83A5987F05ED01BF0 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
13:59:41.0687 0x0e3c usbehci - ok
13:59:41.0739 0x0e3c [ 86AA95ACB611001E26CD2C0145F2225A, 584D26E8C9407A4E717DCBF2D3819DB441C2D455B5FDA6654FBA3794E19B4D51 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:59:42.0280 0x0e3c usbhub - ok
13:59:42.0305 0x0e3c [ DCDF9855145A14DFCA0AB32308871961, 9A21013AD032195D54CE655DE5363E78BB74CC55C40B889520B478892F4BA40A ] usbohci C:\Windows\system32\drivers\usbohci.sys
13:59:42.0625 0x0e3c usbohci - ok
13:59:42.0680 0x0e3c [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:59:42.0682 0x0e3c usbprint - ok
13:59:42.0738 0x0e3c [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan C:\Windows\system32\drivers\usbscan.sys
13:59:42.0784 0x0e3c usbscan - ok
13:59:42.0839 0x0e3c [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:59:42.0849 0x0e3c USBSTOR - ok
13:59:42.0887 0x0e3c [ 8E51D04175BAA14C4F79AA5F6D248770, 6CE2E45E272734A5D1D0C4CE2BD7B61C61C7538903E87203E376495D198EFBD0 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
13:59:43.0171 0x0e3c usbuhci - ok
13:59:43.0275 0x0e3c [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
13:59:43.0302 0x0e3c usbvideo - ok
13:59:43.0344 0x0e3c [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
13:59:43.0349 0x0e3c UxSms - ok
13:59:43.0451 0x0e3c [ 406CCEFB10D580CB93B9E51979C8C0B8, A7B6DF69E9C62320E8D14373273A8EB62038613A918B104E1E88C15512208761 ] UxTuneUp C:\Windows\System32\uxtuneup.dll
13:59:43.0465 0x0e3c UxTuneUp - ok
13:59:43.0509 0x0e3c [ 81951F51E318AECC2D68559E47485CC4, ACF76395EF4A2ED03AB919A9DA04D3A4C03B4D0EDC60BE123B3BE1AFE78BC71B ] VaultSvc C:\Windows\system32\lsass.exe
13:59:43.0514 0x0e3c VaultSvc - ok
13:59:43.0554 0x0e3c [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
13:59:43.0558 0x0e3c vdrvroot - ok
13:59:43.0673 0x0e3c [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\Windows\System32\vds.exe
13:59:43.0697 0x0e3c vds - ok
13:59:43.0746 0x0e3c [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:59:43.0749 0x0e3c vga - ok
13:59:43.0773 0x0e3c [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys
13:59:43.0776 0x0e3c VgaSave - ok
13:59:43.0842 0x0e3c [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
13:59:43.0874 0x0e3c vhdmp - ok
13:59:43.0907 0x0e3c [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\drivers\viaagp.sys
13:59:43.0924 0x0e3c viaagp - ok
13:59:43.0979 0x0e3c [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
13:59:43.0983 0x0e3c ViaC7 - ok
13:59:44.0013 0x0e3c [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\drivers\viaide.sys
13:59:44.0024 0x0e3c viaide - ok
13:59:44.0070 0x0e3c [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus C:\Windows\system32\drivers\vmbus.sys
13:59:44.0087 0x0e3c vmbus - ok
13:59:44.0127 0x0e3c [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
13:59:44.0148 0x0e3c VMBusHID - ok
13:59:44.0185 0x0e3c [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:59:44.0224 0x0e3c volmgr - ok
13:59:44.0273 0x0e3c [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:59:44.0290 0x0e3c volmgrx - ok
13:59:44.0325 0x0e3c [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:59:44.0341 0x0e3c volsnap - ok
13:59:44.0391 0x0e3c [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
13:59:44.0434 0x0e3c vsmraid - ok
13:59:44.0508 0x0e3c [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\Windows\system32\vssvc.exe
13:59:44.0554 0x0e3c VSS - ok
13:59:44.0606 0x0e3c [ 682FCF7D2EB5158CD30408E976562408, F54477B6A140E975CBF41DE853822F5F453FE7AF9F6A256335CD52A5ECC29423 ] VSTHWBS2 C:\Windows\system32\DRIVERS\VSTBS23.SYS
13:59:44.0637 0x0e3c VSTHWBS2 - ok
13:59:44.0810 0x0e3c [ CEB4E3B6890E1E42DCA6694D9E59E1A0, 00D841690A88F1051A238F67AACCE905E8A59C86070F215A8D31FA3E68C6BF35 ] VST_DPV C:\Windows\system32\DRIVERS\VSTDPV3.SYS
13:59:44.0873 0x0e3c VST_DPV - ok
13:59:44.0906 0x0e3c [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
13:59:44.0926 0x0e3c vwifibus - ok
13:59:44.0981 0x0e3c [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
13:59:45.0006 0x0e3c vwififlt - ok
13:59:45.0068 0x0e3c [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll
13:59:45.0080 0x0e3c W32Time - ok
13:59:45.0125 0x0e3c [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
13:59:45.0151 0x0e3c WacomPen - ok
13:59:45.0184 0x0e3c [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:59:45.0212 0x0e3c WANARP - ok
13:59:45.0227 0x0e3c [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:59:45.0249 0x0e3c Wanarpv6 - ok
13:59:45.0396 0x0e3c [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
13:59:45.0493 0x0e3c WatAdminSvc - ok
13:59:45.0659 0x0e3c [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\Windows\system32\wbengine.exe
13:59:45.0773 0x0e3c wbengine - ok
13:59:45.0838 0x0e3c [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:59:45.0871 0x0e3c WbioSrvc - ok
13:59:45.0925 0x0e3c [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:59:45.0941 0x0e3c wcncsvc - ok
13:59:45.0982 0x0e3c [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:59:46.0007 0x0e3c WcsPlugInService - ok
13:59:46.0045 0x0e3c [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\DRIVERS\wd.sys
13:59:46.0056 0x0e3c Wd - ok
13:59:46.0107 0x0e3c [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:59:46.0151 0x0e3c Wdf01000 - ok
13:59:46.0203 0x0e3c [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:59:46.0211 0x0e3c WdiServiceHost - ok
13:59:46.0225 0x0e3c [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:59:46.0231 0x0e3c WdiSystemHost - ok
13:59:46.0287 0x0e3c [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient C:\Windows\System32\webclnt.dll
13:59:46.0298 0x0e3c WebClient - ok
13:59:46.0324 0x0e3c [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:59:46.0347 0x0e3c Wecsvc - ok
13:59:46.0387 0x0e3c [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:59:46.0404 0x0e3c wercplsupport - ok
13:59:46.0449 0x0e3c [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll
13:59:46.0456 0x0e3c WerSvc - ok
13:59:46.0508 0x0e3c [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:59:46.0540 0x0e3c WfpLwf - ok
13:59:46.0576 0x0e3c [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:59:46.0603 0x0e3c WIMMount - ok
13:59:46.0692 0x0e3c [ BC0C7EA89194C299F051C24119000E17, F5FB21F7AD7370F3D5DF7C23F33118ECF19865B995AF12E9A8A8D893E7E6264F ] winachsf C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
13:59:46.0756 0x0e3c winachsf - ok
13:59:46.0881 0x0e3c [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
13:59:46.0925 0x0e3c WinDefend - ok
13:59:46.0959 0x0e3c WinHttpAutoProxySvc - ok
13:59:47.0024 0x0e3c [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:59:47.0066 0x0e3c Winmgmt - ok
13:59:47.0144 0x0e3c [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM C:\Windows\system32\WsmSvc.dll
13:59:47.0213 0x0e3c WinRM - ok
13:59:47.0316 0x0e3c [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll
13:59:47.0381 0x0e3c Wlansvc - ok
13:59:47.0426 0x0e3c [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:59:47.0479 0x0e3c WmiAcpi - ok
13:59:47.0558 0x0e3c [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:59:47.0574 0x0e3c wmiApSrv - ok
13:59:47.0884 0x0e3c [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
13:59:47.0943 0x0e3c WMPNetworkSvc - ok
13:59:48.0000 0x0e3c [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:59:48.0021 0x0e3c WPCSvc - ok
13:59:48.0087 0x0e3c [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:59:48.0103 0x0e3c WPDBusEnum - ok
13:59:48.0166 0x0e3c [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:59:48.0184 0x0e3c ws2ifsl - ok
13:59:48.0235 0x0e3c [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\System32\wscsvc.dll
13:59:48.0244 0x0e3c wscsvc - ok
13:59:48.0260 0x0e3c WSearch - ok
13:59:48.0390 0x0e3c [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv C:\Windows\system32\wuaueng.dll
13:59:48.0462 0x0e3c wuauserv - ok
13:59:48.0543 0x0e3c [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:59:48.0553 0x0e3c WudfPf - ok
13:59:48.0590 0x0e3c [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:59:48.0612 0x0e3c WUDFRd - ok
13:59:48.0683 0x0e3c [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:59:48.0698 0x0e3c wudfsvc - ok
13:59:48.0763 0x0e3c [ 3C5E51C05BE9B56EAFF4E388C3AB25E4, 10D9FDEDAB1FB2E76D54661AFA5C1A6B1B0980525F38F5D061537077841C6AEE ] WwanSvc C:\Windows\System32\wwansvc.dll
13:59:48.0808 0x0e3c WwanSvc - ok
13:59:48.0870 0x0e3c ================ Scan global ===============================
13:59:48.0919 0x0e3c [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
13:59:48.0969 0x0e3c [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
13:59:48.0994 0x0e3c [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
13:59:49.0047 0x0e3c [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
13:59:49.0101 0x0e3c [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
13:59:49.0112 0x0e3c [ Global ] - ok
13:59:49.0117 0x0e3c ================ Scan MBR ==================================
13:59:49.0130 0x0e3c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:59:50.0127 0x0e3c \Device\Harddisk0\DR0 - ok
13:59:50.0143 0x0e3c [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
13:59:50.0354 0x0e3c \Device\Harddisk1\DR1 - ok
13:59:50.0359 0x0e3c ================ Scan VBR ==================================
13:59:50.0386 0x0e3c [ ADA7B2B081D04164EF7A318FE8AE3B6E ] \Device\Harddisk0\DR0\Partition1
13:59:50.0464 0x0e3c \Device\Harddisk0\DR0\Partition1 - ok
13:59:50.0487 0x0e3c [ BFEEB83307650050F6E814505E59CD50 ] \Device\Harddisk0\DR0\Partition2
13:59:50.0514 0x0e3c \Device\Harddisk0\DR0\Partition2 - ok
13:59:50.0525 0x0e3c [ B44057F231109BC102B52E74F6C566BC ] \Device\Harddisk1\DR1\Partition1
13:59:50.0527 0x0e3c \Device\Harddisk1\DR1\Partition1 - ok
13:59:50.0528 0x0e3c Waiting for KSN requests completion. In queue: 269
13:59:51.0528 0x0e3c Waiting for KSN requests completion. In queue: 269
13:59:52.0528 0x0e3c Waiting for KSN requests completion. In queue: 269
13:59:53.0528 0x0e3c Waiting for KSN requests completion. In queue: 269
13:59:54.0655 0x0e3c AV detected via SS2: AVG AntiVirus Free Edition 2013, C:\Program Files\AVG\AVG2013\avgwsc.exe ( 13.0.0.3300 ), 0x41000 ( enabled : updated )
13:59:54.0762 0x0e3c Win FW state via NFP2: enabled
13:59:57.0489 0x0e3c ============================================================
13:59:57.0489 0x0e3c Scan finished
13:59:57.0489 0x0e3c ============================================================
13:59:57.0520 0x0510 Detected object count: 0
13:59:57.0520 0x0510 Actual detected object count: 0
14:00:31.0150 0x06e0 Deinitialize success

I hope that made it okay.

Thank you.

ken545
2013-10-29, 22:24
The last program we ran was to check for a Rootkit, its a computer infection that hides from the Operating System and looking at the TDSSKiller log your system is free, no rootkit was detected.

This is what I would like you to do.

Go here and register, use your same user name that your using here, like Safer its free
www.whatthetech.com

After you register post here in the windows forum, explain your problem, link them to this thread so they can see what we have done and tell them I suggested you post here
http://forums.whatthetech.com/index.php?showforum=119


Be sure to point this out and let them decide what to do
[ System Events ]
Error - 10/26/2013 1:03:15 AM | Computer Name = Owner-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume \Device\HarddiskVolumeShadowCopy8.


One you register and post I will be able to find you and offer my 2 cents