Trojan horse FakeAV unable to be deleted by AVG 2011 Free Edition

Status
Not open for further replies.
H

Holsten87

New member
Hello
I have run an ERUNT registry back up. I'm on Vista (pretty old laptop) and have turned off user account control as per instructions on ERUNT site.
AVG found two infected files on my last scan:
1. Object name: C:\Windows\System32\svchost.exe (888)
Detection Name: Trojan horse FakeAV.TMH.dropper
Object Type: process
SDK Type: Core
Result: DELETED
2. Object Name: c:\Windows\System32\svchost.exe (888):\memory_05a00000
Detection Name: Trojan horse FakeAV.TMH.dropper
Object Type: file
SDK Type: core
Result: INFECTED

Going through my scan logs, it appears that there has been an infection which AVG has been unable to resolve an issue that has been there since 06/06/14, which is worrying, as I didn't notice this until now (usually AVG would advise me if it is unable to heal infected files). I'm pretty sure I've run a routine Malware Bytes scan since the 06/06/14. I have not done so this time as wanted some advice before proceeding.

DDS Log:
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
C:\Windows\system32\STacSV.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe
C:\Program Files\iolo\System Mechanic\iologovernor.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\OEM02Mon.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\Winamp\winampa.exe
C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Windows\System32\alg.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Program Files\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgchsvx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\AVG\AVG10\avgscanx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Users\Holly Chapman\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
C:\Program Files\Winamp\winamp.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k WindowsMobile
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.softonic.com/MOY00002/tb_v1?SearchSource=10&cc=&mi=74965616000000000000001cbf915686&toi=16085
uWindow Title = Internet Explorer provided by Dell
uDefault_Page_URL = hxxp://www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=2080117
mDefault_Page_URL = hxxp://www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=2080117
mSearchAssistant = hxxp://search.softonic.com/MOY00002/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=74965616000000000000001cbf915686&toi=16085&r=302
uURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files\avg\avg10\avgssie.dll
BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.6.0\bin\ssv.dll
BHO: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - <orphaned>
BHO: Windows Live Toolbar Helper: {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: {FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} - <orphaned>
TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - c:\program files\windows live\toolbar\wltcore.dll
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [DriverScanner] "c:\program files\uniblue\driverscanner\launcher.exe" delay 20000
uRun: [Xvid] c:\program files\xvid\CheckUpdate.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [OEM02Mon.exe] c:\windows\OEM02Mon.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Windows Mobile Device Center] c:\windows\windowsmobile\wmdc.exe
mRun: [DELL Webcam Manager] "c:\program files\dell\dell webcam manager\DellWMgr.exe" /s
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [RoxWatchTray] "c:\program files\common files\roxio shared\9.0\sharedcom\RoxWatchTray9.exe"
mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
mRun: [PCMService] "c:\program files\dell\mediadirect\PCMService.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [SigmatelSysTrayApp] c:\program files\sigmatel\c-major audio\wdm\sttray.exe
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [Conime] c:\windows\system32\conime.exe
mRun: [EKStatusMonitor] c:\program files\kodak\aio\statusmonitor\EKStatusMonitor.exe
mRun: [EKIJ5000StatusMonitor] c:\windows\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
dRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
StartupFolder: c:\users\hollyc~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{CAB4FF05-07D8-4042-AD88-07AF59D967DB} : DHCPNameServer = 192.168.0.1
Filter: application/x-internet-signup - {A173B69A-1F9B-4823-9FDA-412F641E65D6} - c:\program files\tiscali\tiscali internet\dlls\tiscalifilter.dll
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - <orphaned>
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\holly chapman\appdata\roaming\mozilla\firefox\profiles\7lqvfta1.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.winamp.com/search/search?query={searchTerms}&invocationType=winamp-ff&s_qt=sb&tb_uuid=20111024195737789&tb_oid=25-10-2011&tb_mrud=15-11-2012&query=
FF - prefs.js: browser.startup.homepage - google.co.uk
FF - prefs.js: keyword.URL - hxxp://search.softonic.com/MOY00002/tb_v1?SearchSource=2&cc=&mi=74965616000000000000001cbf915686&toi=16085&q=
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\veoh networks\veohwebplayer\NPVeohTVPlugin.dll
FF - plugin: c:\program files\veoh networks\veohwebplayer\npWebPlayerVideoPluginATL.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_13_0_0_214.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.Softonic.hpOld0 - hxxp://en-GB.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-GB:official
FF - user.js: extensions.Softonic.tlbrSrchUrl - hxxp://search.softonic.com/MOY00002/tb_v1?SearchSource=1&cc=&mi=74965616000000000000001cbf915686&toi=16085&q=
FF - user.js: extensions.Softonic.id - 74965616000000000000001cbf915686
FF - user.js: extensions.Softonic.appId - {7ABBFE1C-E485-44AA-8F36-353751B4124D}
FF - user.js: extensions.Softonic.instlDay - 16085
FF - user.js: extensions.Softonic.vrsn - 1.8.29.3
FF - user.js: extensions.Softonic.vrsni - 1.8.29.3
FF - user.js: extensions.Softonic.vrsnTs - 1.8.29.320:41:43
FF - user.js: extensions.Softonic.prtnrId - softonic
FF - user.js: extensions.Softonic.prdct - Softonic
FF - user.js: extensions.Softonic.aflt - SD
FF - user.js: extensions.Softonic.smplGrp - none
FF - user.js: extensions.Softonic.tlbrId - 2013desingbrand
FF - user.js: extensions.Softonic.instlRef - MOY00002
FF - user.js: extensions.Softonic.dfltLng -
FF - user.js: extensions.Softonic.excTlbr - false
FF - user.js: extensions.Softonic.ffxUnstlRst - false
FF - user.js: extensions.Softonic.admin - false
FF - user.js: extensions.Softonic.autoRvrt - false
FF - user.js: extensions.Softonic.rvrt - false
FF - user.js: extensions.Softonic.hmpg - true
FF - user.js: extensions.Softonic.hmpgUrl - hxxp://search.softonic.com/MOY00002/tb_v1?SearchSource=13&cc=&mi=74965616000000000000001cbf915686&toi=16085
FF - user.js: extensions.Softonic.dfltSrch - true
FF - user.js: extensions.Softonic.srchPrvdr - Search the web (Softonic)
FF - user.js: extensions.Softonic.kw_url - hxxp://search.softonic.com/MOY00002/tb_v1?SearchSource=2&cc=&mi=74965616000000000000001cbf915686&toi=16085&q=
FF - user.js: extensions.Softonic.dnsErr - true
FF - user.js: extensions.Softonic.newTab - true
FF - user.js: extensions.Softonic.newTabUrl - hxxp://search.softonic.com/MOY00002/tb_v1/?SearchSource=15&cc=&mi=74965616000000000000001cbf915686&toi=16085

aswMBR log:
19:42:27.827 OS Version: Windows 6.0.6001 Service Pack 1
19:42:27.827 Number of processors: 2 586 0xF0D
19:42:27.829 ComputerName: THE-BEAST UserName:
19:42:30.994 Initialize success
19:42:31.025 VM: initialized successfully
19:42:31.056 VM: Intel CPU BiosDisabled
19:42:41.812 VM: disk I/O iastor.sys
19:45:35.699 AVAST engine defs: 14062601
19:46:55.447 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
19:46:55.447 Disk 0 Vendor: ST916082 3.CD Size: 152627MB BusType: 3
19:46:55.619 Disk 0 MBR read successfully
19:46:55.634 Disk 0 MBR scan
19:46:55.634 Disk 0 Windows VISTA default MBR code
19:46:55.650 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 117 MB offset 63
19:46:55.681 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10240 MB offset 241664
19:46:55.697 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 139708 MB offset 21213184
19:46:55.697 Disk 0 Partition - 00 0F Extended LBA 2560 MB offset 307335168
19:46:55.744 Disk 0 Partition 4 00 DD MSDOS5.0 2559 MB offset 307337216
19:46:55.759 Disk 0 scanning sectors +312578048
19:46:56.056 Disk 0 scanning C:\Windows\system32\drivers
19:47:09.659 Service scanning
19:47:43.496 Modules scanning
19:47:51.702 Disk 0 trace - called modules:
19:47:51.717 ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll
19:47:51.717 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86355528]
19:47:51.717 3 CLASSPNP.SYS[887a6745] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x85206030]
19:47:53.683 AVAST engine scan C:\Windows
19:47:57.458 AVAST engine scan C:\Windows\system32
19:53:16.077 AVAST engine scan C:\Windows\system32\drivers
19:53:36.061 AVAST engine scan C:\Users\Holly Chapman
20:09:47.192 AVAST engine scan C:\ProgramData
20:15:42.077 Scan finished successfully
21:30:21.804 Disk 0 MBR has been saved successfully to "C:\Users\Holly Chapman\Desktop\MBR.dat"
21:30:21.804 The log file has been saved successfully to "C:\Users\Holly Chapman\Desktop\aswMBR.txt"


Lots of thanks in advance for any help x
.
 
Hi Holsten87,

My name is OCD. I would be more than happy to take a look at your log and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:
  • I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for the issues on this machine.
  • Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
  • It's often worth reading through these instructions and printing them for ease of reference.
  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
  • Please reply to this thread. Do not start a new topic.
  • Copy and Paste logs directly into the reply window. DO NOT attach the logs unless specifically instructed to do so.
IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your Operating System and losing all your programs and data.

Please stay with this topic until I let you know that your system appears to be "All Clear"

Important: All tools MUST be run from the Desktop.

=========================

Your initial DDS log is missing the header information, please run the following scans:

=========================

Security Check

Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
    • Windows XP : Double click on the icon to run it.
    • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
=========================

Download Farbar Recovery Scan Tool and save to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click and select "Run as Administrator" to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply
=========================

In your next post please provide the following:
  • checkup.txt
  • FRST.txt
  • Addition.txt
 
Hi OCD,

Thanks for getting back to me so quickly. Here is the top of the dds log should you need it:

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 7.0.6001.18470 BrowserJavaVersion: 1.6.0
Run by Holly Chapman at 19:34:51 on 2014-06-26
.
Below are the logs you requested:

Checkup.txt:

Results of screen317's Security Check version 0.99.85
Windows Vista Service Pack 1 x86 (UAC is disabled!)
Out of date service pack!!
Internet Explorer 7 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Out of date HijackThis installed!
Malwarebytes Anti-Malware version 1.75.0.1300
HijackThis 2.0.2
AVG PC Tuneup 2011
Java 7 Update 45
Java(TM) SE Runtime Environment 6
Java version out of Date!
Adobe Flash Player 13.0.0.214 Flash Player out of Date!
Adobe Reader 8 Adobe Reader out of Date!
Mozilla Firefox 18.0 Firefox out of Date!
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 34 % Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````

FRST.txt:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:27-06-2014
Ran by Holly Chapman (administrator) on THE-BEAST on 27-06-2014 19:50:49
Running from C:\Users\Holly Chapman\Downloads
Platform: Windows Vista (TM) Home Premium Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 7
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(iolo technologies, LLC) C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
(Eastman Kodak Company) C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
(Eastman Kodak Company) C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
(IDT, Inc.) C:\Windows\System32\stacsv.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgchsvx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgcsrvx.exe
(Uniblue Systems Limited) C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe
(iolo technologies, LLC) C:\Program Files\iolo\System Mechanic\ioloGovernor.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Creative Technology Ltd.) C:\Windows\OEM02Mon.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Sonic Solutions) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
(CyberLink Corp.) C:\Program Files\Dell\MediaDirect\PCMService.exe
(IDT, Inc.) C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgtray.exe
(Nullsoft, Inc.) C:\Program Files\Winamp\winampa.exe
(Eastman Kodak Company) C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Avanquest Software ) C:\Program Files\Digital Line Detect\DLG.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Sonic Solutions) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
() C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Nullsoft, Inc.) C:\Program Files\Winamp\winamp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [857648 2007-04-28] (Synaptics, Inc.)
HKLM\...\Run: [OEM02Mon.exe] => C:\Windows\OEM02Mon.exe [36864 2007-08-29] (Creative Technology Ltd.)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [DELL Webcam Manager] => C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe [118784 2007-07-27] (Creative Technology Ltd.)
HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2006-10-03] (Macrovision Corporation)
HKLM\...\Run: [RoxWatchTray] => C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [221184 2006-11-05] (Sonic Solutions)
HKLM\...\Run: [dscactivate] => C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [16384 2007-11-15] ( )
HKLM\...\Run: [PCMService] => C:\Program Files\Dell\MediaDirect\PCMService.exe [189736 2007-11-01] (CyberLink Corp.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2008-01-11] (Adobe Systems Incorporated)
HKLM\...\Run: [SigmatelSysTrayApp] => C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [405504 2007-09-07] (IDT, Inc.)
HKLM\...\Run: [AVG_TRAY] => C:\Program Files\AVG\AVG10\avgtray.exe [2345592 2012-08-01] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [74752 2011-12-09] (Nullsoft, Inc.)
HKLM\...\Run: [Conime] => C:\Windows\system32\conime.exe [69120 2008-01-18] (Microsoft Corporation)
HKLM\...\Run: [EKStatusMonitor] => C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2844608 2012-10-15] (Eastman Kodak Company)
HKLM\...\Run: [EKIJ5000StatusMonitor] => C:\Windows\system32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe [2804224 2012-10-08] (Eastman Kodak Company)
HKLM\...\InprocServer32: [Default-wbemess] ATTENTION! ====> ZeroAccess?
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\.DEFAULT\...\Run: [msnmsgr] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe [3872080 2010-04-16] (Microsoft Corporation)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-18] (Microsoft Corporation)
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\Run: [uTorrent] => C:\Users\Holly Chapman\AppData\Roaming\uTorrent\uTorrent.exe [1267536 2014-06-16] (BitTorrent Inc.)
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\Run: [DriverScanner] => C:\Program Files\Uniblue\DriverScanner\launcher.exe [338296 2011-05-16] (Uniblue Systems Limited)
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\Run: [Xvid] => C:\Program Files\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\system32\Macromed\Flash\FlashUtil32_13_0_0_214_Plugin.exe [847536 2014-05-13] (Adobe Systems Incorporated)
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\Policies\system: [HideLegacyLogonScripts] 0
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\Policies\system: [HideLogoffScripts] 0
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\Policies\system: [RunLogonScriptSync] 1
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\Policies\system: [RunStartupScriptSync] 0
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\Policies\system: [HideStartupScripts] 0
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\MountPoints2: {1e30d2f0-96c3-11dd-83db-001e4cdc4ef0} - F:\setupSNK.exe
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\MountPoints2: {bea08218-13f7-11df-a7dd-001e4cdc4ef0} - G:\LaunchU3.exe -a
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\MountPoints2: {c03f2a25-14b1-11df-bab4-001e4cdc4ef0} - wd_windows_tools\setup.exe
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\MountPoints2: {cbf9d7f6-b1bb-11dd-9902-001e4cdc4ef0} - F:\setupSNK.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk
ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files\Digital Line Detect\DLG.exe (Avanquest Software )
Startup: C:\Users\Holly Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
ShortcutTarget: ERUNT AutoBackup.lnk -> C:\Program Files\ERUNT\AUTOBACK.EXE ()
BootExecute:

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.softonic.com/MOY00002...mi=74965616000000000000001cbf915686&toi=16085
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=2080117
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=2080117
URLSearchHook: HKCU - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
SearchScopes: HKLM - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678
SearchScopes: HKLM - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
SearchScopes: HKCU - DefaultScope {DCDBBF03-BC10-457D-911F-EFB0321D22BE} URL = ${SRCH_SCP_URL}
SearchScopes: HKCU - {105E99FF-8B9A-4492-B155-06194B9056D2} URL = http://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678
SearchScopes: HKCU - {C0197584-7E91-4454-8177-07E01E8098A6} URL = http://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
SearchScopes: HKCU - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://search.avg.com/route/?d=4d4acdad&v=6.11.25.1&i=26&tp=chrome&q={searchTerms}&lng={language}&iy=&ychte=us
SearchScopes: HKCU - {DCDBBF03-BC10-457D-911F-EFB0321D22BE} URL = ${SRCH_SCP_URL}
SearchScopes: HKCU - {E72EEF90-4393-4B8E-9DCF-9FDFDB659A30} URL = http://internetsearchservice.com/search?q={searchTerms}
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: No Name - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
BHO: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
BHO: No Name - {FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} - No File
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKLM - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKCU - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-internet-signup - {A173B69A-1F9B-4823-9FDA-412F641E65D6} - C:\Program Files\Tiscali\Tiscali Internet\dlls\tiscalifilter.dll ()
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [147456] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default
FF NewTab: hxxp://search.conduit.com/?gd=&ctid=CT3324790&octid=EB_ORIGINAL_CTID&ISID=MBAEA6744-D857-4CE3-8A2A-712EF60CAE3F&SearchSource=69&CUI=&SSPV=&Lay=1&UM=5&UP=SP7D9A60B4-EE90-48AB-ABC1-F7FAB62519F6
FF SearchEngineOrder.1: Search the web (Softonic)
FF Homepage: google.co.uk
FF Keyword.URL: hxxp://search.softonic.com/MOY00002/tb_v1?SearchSource=2&cc=&mi=74965616000000000000001cbf915686&toi=16085&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.46 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.3.46 - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.46 - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @veoh.com/VeohTVPlugin - C:\Program Files\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll (Veoh Networks )
FF Plugin: @veoh.com/VeohWebPlayer - C:\Program Files\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll (Veoh)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF user.js: detected! => C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdnu.dll (AOL LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdnupdater2.dll (AOL LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\searchplugins\softonic.xml
FF Extension: No Name - C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2011-08-15]
FF Extension: 2YourFace - C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\profiles\extensions\support@2yourface.com [2011-08-15]
FF Extension: vis - C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM [2014-01-15]
FF Extension: Zotero Word for Windows Integration - C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\Extensions\zoteroWinWordIntegration@zotero.org [2014-04-30]
FF Extension: Ghostery - C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\Extensions\firefox@ghostery.com.xpi [2013-08-18]
FF Extension: MEGA - C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\Extensions\firefox@mega.co.nz.xpi [2013-12-29]
FF Extension: Zotero - C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\Extensions\zotero@chnm.gmu.edu.xpi [2013-08-12]
FF Extension: Adblock Plus - C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-08-06]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\sotfone-tracker@sotfone.ru [2013-11-07]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-11-07]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-11-07]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-03]
FF HKLM\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files\AVG\AVG10\Firefox4
FF Extension: AVG Safe Search - C:\Program Files\AVG\AVG10\Firefox4 [2011-07-07]
FF HKLM\...\Firefox\Extensions: [crossriderapp435@crossrider.com] - C:\ProgramData\CodecCheck\firefox
FF Extension: Premiumplay Codec-C - C:\ProgramData\CodecCheck\firefox [2011-08-15]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-06-04]
FF HKCU\...\Firefox\Extensions: [web@veoh.com] - C:\Program Files\Veoh Networks\VeohWebPlayer\FFVideoFinder
FF Extension: Veoh Web Player Video Finder - C:\Program Files\Veoh Networks\VeohWebPlayer\FFVideoFinder [2008-11-26]
FF HKCU\...\Firefox\Extensions: [offerboxffx@offerbox.com] - C:\Users\Holly Chapman\AppData\Roaming\OfferBox\offerboxffx@offerbox.com
FF Extension: OfferBox - C:\Users\Holly Chapman\AppData\Roaming\OfferBox\offerboxffx@offerbox.com [2010-06-28]

Chrome:
=======
CHR HomePage: hxxp://search.softonic.com/MOY00002/tb_v1?SearchSource=48&cc=&mi=74965616000000000000001cbf915686&toi=16085
CHR RestoreOnStartup: "hxxp://search.softonic.com/MOY00002/tb_v1?SearchSource=48&cc=&mi=74965616000000000000001cbf915686&toi=16085"
CHR StartupUrls: "hxxp://search.softonic.com/MOY00002/tb_v1?SearchSource=48&cc=&mi=74965616000000000000001cbf915686&toi=16085"
CHR DefaultSearchProvider: Search the web (Softonic)
CHR DefaultSearchURL: http://search.softonic.com/MOY00002/tb_v1?q={searchTerms}&SearchSource=49&cc=&mi=74965616000000000000001cbf915686&toi=16085
CHR Extension: (No Name) - C:\Users\Holly Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab [2014-01-15]
CHR Extension: (AVG Safe Search) - C:\Users\Holly Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla [2011-07-10]
CHR Extension: (No Name) - C:\Users\Holly Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho [2012-03-24]
CHR Extension: (No Name) - C:\Users\Holly Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-01-24]
CHR HKLM\...\Chrome\Extension: [jmfkcklnlgedgbglfkkgedjfmejoahla] - C:\Program Files\AVG\AVG10\Chrome\safesearch.crx [2011-09-09]
CHR HKLM\...\Chrome\Extension: [jpnbdefcbnoefmmcpelplabbkfmfhlho] - C:\ProgramData\CodecCheck\chrome\codec_check.crx [2011-08-15]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]

========================== Services (Whitelisted) =================

R2 AVGIDSAgent; C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [7391072 2012-01-31] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG10\avgwdsvc.exe [269520 2011-02-08] (AVG Technologies CZ, s.r.o.)
R2 Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [229376 2007-07-24] (Apple Inc.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 ioloSystemService; C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe [1168960 2013-12-03] (iolo technologies, LLC)
R2 Kodak AiO Network Discovery Service; C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe [395200 2012-10-19] (Eastman Kodak Company)
R2 Kodak AiO Status Monitor Service; C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [779200 2012-10-15] (Eastman Kodak Company)
S3 RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [880640 2006-11-05] (Sonic Solutions) [File not signed]
S2 RoxWatch9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [159744 2006-11-05] (Sonic Solutions) [File not signed]
S4 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3291008 2013-08-14] (Skype Technologies S.A.)
S4 stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [73728 2006-09-14] (MicroVision Development, Inc.) [File not signed]

==================== Drivers (Whitelisted) ====================

R3 AVGIDSDriver; C:\Windows\System32\DRIVERS\AVGIDSDriver.Sys [134480 2011-05-27] (AVG Technologies CZ, s.r.o. )
R0 AVGIDSEH; C:\Windows\System32\DRIVERS\AVGIDSEH.Sys [22992 2011-02-22] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSFilter; C:\Windows\System32\DRIVERS\AVGIDSFilter.Sys [24144 2011-02-10] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSShim; C:\Windows\System32\DRIVERS\AVGIDSShim.Sys [28624 2011-02-10] (AVG Technologies CZ, s.r.o. )
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [255968 2012-11-12] (AVG Technologies CZ, s.r.o.)
R1 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [34896 2011-03-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [32592 2011-03-16] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [297168 2011-04-05] (AVG Technologies CZ, s.r.o.)
R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [26248 2013-03-18] (EldoS Corporation)
R3 OXSDIDRV_x32; C:\Windows\System32\DRIVERS\OXSDIDRV_x32.sys [52656 2009-09-28] ()
S3 OXUDIDRV; C:\Windows\system32\Drivers\OXUDIDRV_X32.sys [24880 2010-05-25] ()
R2 PDFsFilter; C:\Windows\System32\DRIVERS\PDFsFilter.sys [68464 2013-03-18] (Raxco Software, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-18] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 mcdbus; system32\DRIVERS\mcdbus.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 uafilter; System32\DRIVERS\uafilter.sys [X]
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-27 19:50 - 2014-06-27 19:52 - 00024965 _____ () C:\Users\Holly Chapman\Downloads\FRST.txt
2014-06-27 19:50 - 2014-06-27 19:51 - 00000000 ____D () C:\FRST
2014-06-27 19:50 - 2014-06-27 19:50 - 01073152 _____ (Farbar) C:\Users\Holly Chapman\Downloads\FRST.exe
2014-06-27 19:47 - 2014-06-27 19:47 - 00001399 _____ () C:\Users\Holly Chapman\Desktop\checkup.txt
2014-06-27 19:42 - 2014-06-27 19:42 - 00854390 _____ () C:\Users\Holly Chapman\Downloads\SecurityCheck.exe
2014-06-26 21:30 - 2014-06-26 22:03 - 00004751 _____ () C:\Users\Holly Chapman\Desktop\aswMBR.txt
2014-06-26 21:30 - 2014-06-26 22:03 - 00000512 _____ () C:\Users\Holly Chapman\Desktop\MBR.dat
2014-06-26 19:40 - 2014-06-26 19:41 - 05185536 _____ (AVAST Software) C:\Users\Holly Chapman\Downloads\aswMBR.exe
2014-06-26 19:37 - 2014-06-26 19:37 - 00012876 _____ () C:\Users\Holly Chapman\Desktop\dds.txt
2014-06-26 19:37 - 2014-06-26 19:37 - 00004394 _____ () C:\Users\Holly Chapman\Desktop\attach.txt
2014-06-26 19:34 - 2014-06-26 19:34 - 00688992 ____R (Swearware) C:\Users\Holly Chapman\Downloads\dds.scr
2014-06-26 17:58 - 2014-06-26 17:58 - 00791393 _____ (Lars Hederer ) C:\Users\Holly Chapman\Downloads\erunt-setup(1).exe
2014-06-26 17:58 - 2014-06-26 17:58 - 00000676 _____ () C:\Users\Holly Chapman\Desktop\ERUNT.lnk
2014-06-26 17:58 - 2014-06-26 17:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-06-26 17:43 - 2014-06-26 17:43 - 00791393 _____ (Lars Hederer ) C:\Users\Holly Chapman\Downloads\erunt-setup.exe
2014-06-09 22:41 - 2014-06-09 22:41 - 00000130 _____ () C:\Users\Holly Chapman\Desktop\wine.txt

==================== One Month Modified Files and Folders =======

2014-06-27 19:52 - 2014-06-27 19:50 - 00024965 _____ () C:\Users\Holly Chapman\Downloads\FRST.txt
2014-06-27 19:51 - 2014-06-27 19:50 - 00000000 ____D () C:\FRST
2014-06-27 19:50 - 2014-06-27 19:50 - 01073152 _____ (Farbar) C:\Users\Holly Chapman\Downloads\FRST.exe
2014-06-27 19:47 - 2014-06-27 19:47 - 00001399 _____ () C:\Users\Holly Chapman\Desktop\checkup.txt
2014-06-27 19:42 - 2014-06-27 19:42 - 00854390 _____ () C:\Users\Holly Chapman\Downloads\SecurityCheck.exe
2014-06-27 19:38 - 2013-08-04 19:42 - 00000000 ____D () C:\Users\Holly Chapman\AppData\Roaming\uTorrent
2014-06-27 19:38 - 2009-03-16 21:42 - 00000000 ____D () C:\Users\Holly Chapman\AppData\Roaming\vlc
2014-06-27 19:28 - 2012-04-30 19:04 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-27 19:25 - 2006-11-02 13:47 - 00003568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-27 19:25 - 2006-11-02 13:47 - 00003568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-27 17:16 - 2013-01-16 18:12 - 00000000 ____D () C:\ProgramData\Kodak
2014-06-27 12:09 - 2014-04-24 15:22 - 00000000 ____D () C:\Program Files\MyPC Backup
2014-06-27 08:05 - 2011-02-03 16:40 - 00000000 ____D () C:\Windows\system32\Drivers\AVG
2014-06-27 07:26 - 2011-10-24 20:57 - 00000344 _____ () C:\Windows\Tasks\DriverScanner.job
2014-06-27 07:25 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-26 22:04 - 2008-01-16 23:19 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-06-26 22:04 - 2006-11-02 14:01 - 00032644 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-26 22:03 - 2014-06-26 21:30 - 00004751 _____ () C:\Users\Holly Chapman\Desktop\aswMBR.txt
2014-06-26 22:03 - 2014-06-26 21:30 - 00000512 _____ () C:\Users\Holly Chapman\Desktop\MBR.dat
2014-06-26 19:41 - 2014-06-26 19:40 - 05185536 _____ (AVAST Software) C:\Users\Holly Chapman\Downloads\aswMBR.exe
2014-06-26 19:37 - 2014-06-26 19:37 - 00012876 _____ () C:\Users\Holly Chapman\Desktop\dds.txt
2014-06-26 19:37 - 2014-06-26 19:37 - 00004394 _____ () C:\Users\Holly Chapman\Desktop\attach.txt
2014-06-26 19:34 - 2014-06-26 19:34 - 00688992 ____R (Swearware) C:\Users\Holly Chapman\Downloads\dds.scr
2014-06-26 18:18 - 2008-01-16 23:18 - 01361194 _____ () C:\Windows\WindowsUpdate.log
2014-06-26 17:59 - 2008-07-05 18:40 - 00000000 ____D () C:\Windows\erdnt
2014-06-26 17:58 - 2014-06-26 17:58 - 00791393 _____ (Lars Hederer ) C:\Users\Holly Chapman\Downloads\erunt-setup(1).exe
2014-06-26 17:58 - 2014-06-26 17:58 - 00000676 _____ () C:\Users\Holly Chapman\Desktop\ERUNT.lnk
2014-06-26 17:58 - 2014-06-26 17:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-06-26 17:58 - 2011-01-02 20:45 - 00000000 ____D () C:\Program Files\ERUNT
2014-06-26 17:43 - 2014-06-26 17:43 - 00791393 _____ (Lars Hederer ) C:\Users\Holly Chapman\Downloads\erunt-setup.exe
2014-06-25 20:49 - 2010-12-04 12:27 - 00000490 ____H () C:\Windows\Tasks\Norton Security Scan for Holly Chapman.job
2014-06-24 17:24 - 2008-03-11 17:04 - 00006540 _____ () C:\Users\Holly Chapman\AppData\Local\d3d9caps.dat
2014-06-17 08:29 - 2008-01-16 23:54 - 00121208 _____ () C:\Windows\PFRO.log
2014-06-12 06:22 - 2012-04-26 19:09 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-06-11 17:30 - 2013-11-07 11:06 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-09 22:41 - 2014-06-09 22:41 - 00000130 _____ () C:\Users\Holly Chapman\Desktop\wine.txt
2014-06-08 16:29 - 2008-07-04 21:51 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-28 18:36 - 2008-03-12 12:48 - 00002569 _____ () C:\Users\Holly Chapman\Desktop\Microsoft Office Word 2003.lnk

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-27 19:33

==================== End Of Log ============================

My post is too long to post addition.txt, I will post this on my next reply.

Thanks,

Holly.
 
Addition.txt:

Additional scan result of Farbar Recovery Scan Tool (x86) Version:27-06-2014
Ran by Holly Chapman at 2014-06-27 19:52:29
Running from C:\Users\Holly Chapman\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================


==================== Installed Programs ======================

µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.31395 - BitTorrent Inc.)
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742) (Version: 8.1.2 - Adobe Systems, Inc) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.2.8900 - Adobe Systems Inc.)
Adobe AIR (Version: 1.5.2.8900 - Adobe Systems Inc.) Hidden
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 9.0.124.0 - Adobe Systems Incorporated)
Adobe Reader 8.1.2 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A81200000003}) (Version: 8.1.2 - Adobe Systems Incorporated)
Adobe Shockwave Player 11 (HKLM\...\Adobe Shockwave Player) (Version: 11 - Adobe Systems, Inc.)
Advanced Audio FX Engine (HKLM\...\Advanced Audio FX Engine) (Version: - )
Advanced Video FX Engine (HKLM\...\Advanced Video FX Engine) (Version: - )
Advent AIO Printer (Version: 1.0.6.2 - DSGi) Hidden
Advent Essentials (Version: 1.0.0.0 - DSGi) Hidden
aioprnt (Version: 5.3.1.0 - Eastman Kodak Company) Hidden
aioscnnr (Version: 1.0.6.0 - DSGi) Hidden
aioscnnr (Version: 5.7.5.30 - Your Company Name) Hidden
aioscnnr (Version: 7.6.11.10 - Your Company Name) Hidden
AVG 2011 (HKLM\...\AVG) (Version: 10.0.1432 - AVG Technologies)
AVG 2011 (Version: 10.0.1432 - AVG Technologies) Hidden
AVG 2011 (Version: 10.0.3955 - AVG Technologies) Hidden
AVG PC Tuneup 2011 (HKLM\...\{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1) (Version: 10.0.0.24 - AVG)
Bonjour (HKLM\...\{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}) (Version: 1.0.104 - Apple Inc.)
Broadcom Management Programs (HKLM\...\{C99C0593-3B48-41D9-B42F-6E035B320449}) (Version: 10.15.03 - Broadcom Corporation)
Browser Address Error Redirector (HKLM\...\{62230596-37E5-4618-A329-0D21F529A86F}) (Version: 1.00.0000 - Dell)
C4USelfUpdater (Version: 1.00.0000 - Your Company Name) Hidden
center (Version: 6.2.5.0 - Eastman Kodak Company) Hidden
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6425.1000 - Microsoft Corporation)
Conexant HDA D330 MDC V.92 Modem (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F) (Version: - )
Crossrider Web Apps (HKLM\...\Crossrider) (Version: - ) <==== ATTENTION
Dell Getting Started Guide (HKLM\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Support Center (HKLM\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.0.07311 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 9.1.18.6 - Synaptics)
Dell Webcam Center (HKLM\...\Dell Webcam Center) (Version: - )
Dell Webcam Manager (HKLM\...\Dell Webcam Manager) (Version: - )
Digital Line Detect (HKLM\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.21 - BVRP Software, Inc)
DivX Setup (HKLM\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC)
Download Updater (AOL LLC) (HKLM\...\SoftwareUpdUtility) (Version: - ) <==== ATTENTION
ERUNT 1.1j (HKLM\...\ERUNT_is1) (Version: - Lars Hederer)
essentials (Version: 6.0.14.0 - Eastman Kodak Company) Hidden
ffdshow [rev 1975] [2008-05-26] (HKLM\...\ffdshow_is1) (Version: 1.0 - )
Google Update Helper (Version: 1.3.21.123 - Google Inc.) Hidden
Highlight Viewer (Windows Live Toolbar) (Version: 03.01.0146 - Microsoft Corporation) Hidden
HijackThis 2.0.2 (HKLM\...\HijackThis) (Version: 2.0.2 - TrendMicro)
iolo technologies' System Mechanic (HKLM\...\{55FD1D5A-7AEF-4DA3-8FAF-A71B2A52FFC7}_is1) (Version: 12.5.0 - iolo technologies, LLC)
Iomega Encryption (HKLM\...\{510FD70C-0EBE-40A3-9BB9-0667EA764C7E}) (Version: 1.01.0000 - Iomega an EMC Company)
Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) SE Runtime Environment 6 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160000}) (Version: 1.6.0.0 - Sun Microsystems, Inc.)
Junk Mail filter update (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Kodak AIO Printer (Version: 7.0.3.0 - Eastman Kodak Company) Hidden
KODAK AiO Software (HKLM\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 7.6.12.20 - Eastman Kodak Company)
Laptop Integrated Webcam Driver (1.04.01.1011) (HKLM\...\Creative OEM002) (Version: - )
Live! Cam Avatar Creator (HKLM\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.5.3104.1 - Creative)
Live! Cam Avatar v1.0 (HKLM\...\{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}) (Version: 1.0 - Creative)
Magic ISO Maker v5.5 (build 0273) (HKLM\...\Magic ISO Maker v5.5 (build 0273)) (Version: - )
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Map Button (Windows Live Toolbar) (Version: 03.01.0146 - Microsoft Corporation) Hidden
MediaDirect (HKLM\...\{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}) (Version: 3.5 - Dell)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Standard Edition 2003 (HKLM\...\{91120409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Search Enhancement Pack (Version: 1.2.123.0 - Microsoft Corporation) Hidden
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM\...\{6D52C408-B09A-4520-9B18-475B81D393F1}) (Version: 08.05.0818 - Microsoft Corporation)
Modem Diagnostic Tool (HKLM\...\{F63A3748-B93D-4360-9AD4-B064481A5C7B}) (Version: 1.0.20.0 - Dell)
Mozilla Firefox 18.0 (x86 en-US) (HKLM\...\Mozilla Firefox 18.0 (x86 en-US)) (Version: 18.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.44 - BVRP Software, Inc)
ocr (Version: 6.2.3.50 - Eastman Kodak Company) Hidden
OfferBox (HKLM\...\{2C8574B5-6935-4FCE-860E-F4E8602378FF}) (Version: 2.00.0000 - Secure Digital Services) <==== ATTENTION
OutlookAddinSetup (HKLM\...\{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}) (Version: 1.0.0 - CyberLink)
PreReq (Version: 6.0.5.2 - Eastman Kodak Company) Hidden
PreReq (Version: 6.2.4.0 - Eastman Kodak Company) Hidden
PrintProjects (HKLM\...\PrintProjects) (Version: 1.0.0.9282 - RocketLife Inc.)
QuickSet (HKLM\...\{7F0C4457-8E64-491B-8D7B-991504365D1E}) (Version: 8.0.11 - Dell Inc.)
RealPlayer (HKLM\...\RealPlayer 6.0) (Version: - RealNetworks)
RemoteComms External Disk Access (HKLM\...\{04FCD5DE-1662-4F99-BDA9-C57212113EF2}) (Version: 1.25.0003 - PLX Technology)
RICOH Media Driver ver.2.07.01.04 (HKLM\...\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}) (Version: 2.07.01.04 - RICOH)
Roxio Creator Audio (HKLM\...\{83FFCFC7-88C6-41c6-8752-958A45325C82}) (Version: 3.3.0 - Roxio)
Roxio Creator BDAV Plugin (HKLM\...\{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}) (Version: 3.3.0 - Roxio)
Roxio Creator Copy (HKLM\...\{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}) (Version: 3.3.0 - Roxio)
Roxio Creator Data (HKLM\...\{0D397393-9B50-4c52-84D5-77E344289F87}) (Version: 3.3.0 - Roxio)
Roxio Creator DE (HKLM\...\{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}) (Version: 3.3.0 - Roxio)
Roxio Creator Tools (HKLM\...\{0394CDC8-FABD-4ed8-B104-03393876DFDF}) (Version: 3.3.0 - Roxio)
Roxio Express Labeler (HKLM\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 2.1.0 - Roxio)
Roxio MyDVD DE (HKLM\...\{D639085F-4B6E-4105-9F37-A0DBB023E2FB}) (Version: 9.0.116 - Roxio, Inc.)
Roxio Update Manager (HKLM\...\{30465B6C-B53F-49A1-9EBA-A3F187AD502E}) (Version: 3.0.0 - Roxio)
SecondLifeViewer (remove only) (HKLM\...\SecondLifeViewer) (Version: - )
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.11.13348 - Skype Technologies S.A.)
Skype™ 6.7 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.7.102 - Skype Technologies S.A.)
Smart Menus (Windows Live Toolbar) (Version: 03.01.0146 - Microsoft Corporation) Hidden
Sonic Activation Module (Version: 1.0 - Sonic Solutions) Hidden
System Checkup 3.4 (HKLM\...\{4AC7B4E7-59B7-4E48-A60D-263C486FC33A}_is1) (Version: 3.4.0.47 - iolo technologies, LLC)
Tiscali Internet (HKLM\...\{58B2B6D3-E5FF-4D16-87AC-52CC5717C7C6}) (Version: 1.0.0.38 - Tiscali)
Uniblue DriverScanner (HKLM\...\{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1) (Version: 4.0.1.6 - Uniblue Systems Ltd)
Uniblue RegistryBooster 2 (HKLM\...\RegistryBooster 2_is1) (Version: - Uniblue)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
User's Guides (HKLM\...\{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}) (Version: - )
uTorrentBar Toolbar (HKLM\...\uTorrentBar Toolbar) (Version: 6.2.7.3 - uTorrentBar) <==== ATTENTION
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Veoh Web Player Beta (HKLM\...\Veoh Web Player Beta) (Version: 1.1.2.1036 - Veoh Networks, Inc.)
VIS (HKLM\...\VIS) (Version: - ) <==== ATTENTION
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WIDCOMM Bluetooth Software 6.0.1.3100 (HKLM\...\{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}) (Version: 6.0.1.3100 - Dell)
Widestream6 (HKLM\...\{835525BE-63BD-4EC4-9425-00CEAD4849C2}) (Version: 1.00.0000 - Secure Digital Services)
Winamp (HKLM\...\Winamp) (Version: 5.623 - Nullsoft, Inc)
Winamp Detector Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Call (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Favorites for Windows Live Toolbar (HKLM\...\{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}) (Version: 03.01.0146 - Microsoft Corporation)
Windows Live Mail (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live OneCare safety scanner (HKLM\...\Windows Live OneCare safety scanner) (Version: - Microsoft Corporation)
Windows Live OneCare safety scanner (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Windows Live Sign-in Assistant (HKLM\...\{9422C8EA-B0C6-4197-B8FC-DC797658CA00}) (Version: 5.000.818.6 - Microsoft Corporation)
Windows Live Toolbar (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Toolbar Extension (Windows Live Toolbar) (Version: 03.01.0146 - Microsoft Corporation) Hidden
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Mobile Device Center (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile Device Center Driver Update (HKLM\...\{E7044E25-3038-4A76-9064-344AC038043E}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )
WinZip 15.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240C0}) (Version: 15.0.9334 - WinZip Computing, S.L. )
Xvid Video Codec (HKLM\...\Xvid Video Codec 1.3.0) (Version: 1.3.2 - Xvid Team)
Yontoo 1.10.02 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 1.10.02 - Yontoo LLC) <==== ATTENTION

==================== Restore Points =========================

Could not list Restore Points. Check "winmgmt" service or repair WMI.


==================== Hosts content: ==========================

2006-11-02 11:23 - 2006-09-18 22:41 - 00000736 ____A C:\Windows\system32\Drivers\etc\hosts
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {039D42C0-88DC-4634-B4B0-0A2DA364DA07} - System32\Tasks\Bristol-Eduroam-Tidyup => C:\Windows\Bristol-Eduroam-Tidy.bat [2011-09-15] ()
Task: {08421653-4B7B-4733-A076-CFCF4AD75FF4} - System32\Tasks\Norton PC Checkup Weekday Scanner => C:\Program Files\Norton PC Checkup\PC_Checkup.exe
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-18] (Microsoft Corporation)
Task: {47EE8635-952E-4AAA-BB78-D647A6C950AD} - System32\Tasks\iolo Process Governor => C:\Program Files\iolo\System Mechanic\iologovernor.exe [2013-12-03] (iolo technologies, LLC)
Task: {933E1971-2F33-43CB-A3A7-0CEDD6F0F3D0} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {9D7DC040-72AD-4BCB-B657-FB9C98D117AB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)
Task: {A2176062-C85E-4297-B5AC-615D92C714DF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: {AD534223-1B5D-42EF-A515-7B629F503CE1} - System32\Tasks\Norton Security Scan for Holly Chapman => C:\Program Files\Norton Security Scan\Engine\2.7.3.34\Nss.exe
Task: {C9A5EA02-0D05-4380-B418-912FAF380D8E} - System32\Tasks\DriverScanner => C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe [2011-05-16] (Uniblue Systems Limited)
Task: {DD1A6DDB-F878-4DED-8922-33D00906F0AC} - System32\Tasks\Orb Startup => C:\Program Files\Winamp Remote\bin\OrbTray.exe
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] ()
Task: {EA9476A4-2A03-4151-BF7B-88EA52B9624B} - System32\Tasks\Norton PC Checkup Weekend Scanner => C:\Program Files\Norton PC Checkup\PC_Checkup.exe
Task: {EBCBC9F3-BE5E-4667-9809-10E02D599870} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-18] (Microsoft Corporation)
Task: {F04DEA8D-6E91-422E-BF04-46354F6B88AB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DriverScanner.job => C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe
Task: C:\Windows\Tasks\Norton Security Scan for Holly Chapman.job => C:\Program Files\Norton Security Scan\Engine\2.7.3.34\Nss.exe

==================== Loaded Modules (whitelisted) =============

2008-01-17 07:12 - 2007-09-26 11:47 - 00249856 _____ () C:\Windows\system32\igfxTMM.dll
2006-11-05 11:58 - 2006-11-05 11:58 - 00516096 _____ () C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\LayoutDll9.dll
2006-11-05 11:28 - 2006-11-05 11:28 - 04587520 ____R () C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\ROXIPP41.dll
2011-02-10 07:55 - 2011-02-10 07:55 - 01148256 _____ () C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
2011-12-09 18:23 - 2012-06-05 11:53 - 00417280 _____ () C:\Program Files\Winamp\nsutil.dll
2011-12-09 18:23 - 2012-06-05 11:53 - 00078848 _____ () C:\Program Files\Winamp\nde.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00023040 _____ () C:\Program Files\Winamp\System\albumart.w5s
2011-12-09 18:23 - 2012-06-05 11:54 - 00174080 _____ () C:\Program Files\Winamp\System\auth.w5s
2011-12-09 18:23 - 2012-06-05 11:54 - 00019456 _____ () C:\Program Files\Winamp\System\bmp.w5s
2011-12-09 18:23 - 2012-06-05 11:54 - 00047616 _____ () C:\Program Files\Winamp\zlib.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00044544 _____ () C:\Program Files\Winamp\System\devices.w5s
2011-12-09 18:23 - 2012-06-05 11:54 - 00016896 _____ () C:\Program Files\Winamp\System\dlmgr.w5s
2011-12-09 18:23 - 2012-06-05 11:54 - 00014336 _____ () C:\Program Files\Winamp\System\filereader.w5s
2011-12-09 18:23 - 2012-06-05 11:54 - 00019456 _____ () C:\Program Files\Winamp\System\gif.w5s
2011-12-09 18:23 - 2012-06-05 11:54 - 00016384 _____ () C:\Program Files\Winamp\System\gracenote.w5s
2011-12-09 18:23 - 2012-06-05 11:54 - 00623616 _____ () C:\Program Files\Winamp\System\jnetlib.w5s
2011-12-09 18:23 - 2012-06-05 11:54 - 00154624 _____ () C:\Program Files\Winamp\System\jpeg.w5s
2011-12-09 18:23 - 2012-06-05 11:54 - 00084480 _____ () C:\Program Files\Winamp\System\playlist.w5s
2011-12-09 18:23 - 2012-06-05 11:54 - 00103936 _____ () C:\Program Files\Winamp\System\png.w5s
2011-12-09 18:23 - 2012-06-05 11:54 - 00013824 _____ () C:\Program Files\Winamp\System\primo.w5s
2011-12-09 18:23 - 2012-06-05 11:54 - 00021504 _____ () C:\Program Files\Winamp\System\tagz.w5s
2011-12-09 18:23 - 2012-06-05 11:54 - 00035328 _____ () C:\Program Files\Winamp\System\timer.w5s
2011-12-09 18:23 - 2012-06-05 11:54 - 00090112 _____ () C:\Program Files\Winamp\System\xml.w5s
2011-12-09 18:23 - 2012-06-05 11:54 - 00068608 _____ () C:\Program Files\Winamp\Plugins\in_avi.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00102400 _____ () C:\Program Files\Winamp\Plugins\in_cdda.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00072192 _____ () C:\Program Files\Winamp\Plugins\in_dshow.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00061440 _____ () C:\Program Files\Winamp\Plugins\in_flac.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00043008 _____ () C:\Program Files\Winamp\Plugins\in_flv.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00007168 _____ () C:\Program Files\Winamp\Plugins\in_linein.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00109568 _____ () C:\Program Files\Winamp\Plugins\in_midi.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00049152 _____ () C:\Program Files\Winamp\Plugins\in_mkv.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00165376 _____ () C:\Program Files\Winamp\Plugins\in_mod.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00290304 _____ () C:\Program Files\Winamp\Plugins\in_mp3.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00052736 _____ () C:\Program Files\Winamp\Plugins\in_mp4.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00075264 _____ () C:\Program Files\Winamp\Plugins\in_nsv.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00023552 _____ () C:\Program Files\Winamp\Plugins\in_swf.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00253440 _____ () C:\Program Files\Winamp\Plugins\in_vorbis.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00016896 _____ () C:\Program Files\Winamp\Plugins\in_wave.dll
2011-12-09 18:23 - 2012-06-05 11:53 - 00253440 _____ () C:\Program Files\Winamp\libsndfile.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00313344 _____ () C:\Program Files\Winamp\Plugins\in_wm.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00022528 _____ () C:\Program Files\Winamp\Plugins\out_disk.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00052224 _____ () C:\Program Files\Winamp\Plugins\out_ds.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00018432 _____ () C:\Program Files\Winamp\Plugins\out_wave.dll
2011-12-09 18:23 - 2012-06-05 11:53 - 01737728 _____ () C:\Program Files\Winamp\Plugins\gen_ff.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00083968 _____ () C:\Program Files\Winamp\tataki.dll
2011-12-09 18:23 - 2012-06-05 11:53 - 00340992 _____ () C:\Program Files\Winamp\Plugins\freeform\wacs\freetype\freetype.wac
2011-12-09 18:23 - 2012-06-05 11:53 - 00027648 _____ () C:\Program Files\Winamp\Plugins\gen_hotkeys.dll
2011-11-10 23:10 - 2012-06-05 11:54 - 00185344 _____ () C:\Program Files\Winamp\Plugins\gen_jumpex.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00318464 _____ () C:\Program Files\Winamp\Plugins\gen_ml.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00294400 _____ () C:\Program Files\Winamp\Plugins\ml_local.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00082944 _____ () C:\Program Files\Winamp\Plugins\ml_playlists.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00124928 _____ () C:\Program Files\Winamp\Plugins\ml_online.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00249856 _____ () C:\Program Files\Winamp\Plugins\ml_devices.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00200192 _____ () C:\Program Files\Winamp\Plugins\ml_disc.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00241152 _____ () C:\Program Files\Winamp\Plugins\ml_pmp.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00029184 _____ () C:\Program Files\Winamp\Plugins\pmp_activesync.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00060928 _____ () C:\Program Files\Winamp\Plugins\pmp_android.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00170496 _____ () C:\Program Files\Winamp\Plugins\pmp_ipod.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00020480 _____ () C:\Program Files\Winamp\Plugins\pmp_njb.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00118272 _____ () C:\Program Files\Winamp\Plugins\pmp_p4s.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00053760 _____ () C:\Program Files\Winamp\Plugins\pmp_usb.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00113664 _____ () C:\Program Files\Winamp\Plugins\pmp_wifi.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00028160 _____ () C:\Program Files\Winamp\Plugins\ml_bookmarks.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00052224 _____ () C:\Program Files\Winamp\Plugins\ml_history.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00028672 _____ () C:\Program Files\Winamp\Plugins\ml_autotag.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00057344 _____ () C:\Program Files\Winamp\Plugins\ml_impex.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00083456 _____ () C:\Program Files\Winamp\Plugins\ml_plg.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00033792 _____ () C:\Program Files\Winamp\Plugins\ml_rg.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00032256 _____ () C:\Program Files\Winamp\Plugins\ml_transcode.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00057344 _____ () C:\Program Files\Winamp\Plugins\gen_orgler.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00025600 _____ () C:\Program Files\Winamp\Plugins\gen_tray.dll
2011-12-09 18:23 - 2012-06-05 11:53 - 00180224 _____ () C:\Program Files\Winamp\libmp4v2.dll
2013-11-07 11:06 - 2014-06-11 17:29 - 03852912 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ioloSystemService => ""="Service"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\startupreg: TkBellExe => "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
MSCONFIG\startupreg: VeohPlugin => "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"

==================== Faulty Device Manager Devices =============

Could not list Devices. Check "winmgmt" service or repair WMI.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/27/2014 07:53:07 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll (992) SUS20ClientDataStore: A bad page link (error -338) has been detected in a B-Tree (ObjectId: 28, PgnoRoot: 76) of database C:\Windows\SoftwareDistribution\DataStore\DataStore.edb (76 => 20631, wuaueng.dll0).

Error: (06/27/2014 07:53:07 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll (992) SUS20ClientDataStore: A bad page link (error -338) has been detected in a B-Tree (ObjectId: 28, PgnoRoot: 76) of database C:\Windows\SoftwareDistribution\DataStore\DataStore.edb (76 => 20631, wuaueng.dll0).

Error: (06/27/2014 07:53:07 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll (992) SUS20ClientDataStore: A bad page link (error -338) has been detected in a B-Tree (ObjectId: 28, PgnoRoot: 76) of database C:\Windows\SoftwareDistribution\DataStore\DataStore.edb (76 => 20631, wuaueng.dll0).

Error: (06/27/2014 07:53:07 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll (992) SUS20ClientDataStore: A bad page link (error -338) has been detected in a B-Tree (ObjectId: 28, PgnoRoot: 76) of database C:\Windows\SoftwareDistribution\DataStore\DataStore.edb (76 => 20631, wuaueng.dll0).

Error: (06/27/2014 07:53:07 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll (992) SUS20ClientDataStore: A bad page link (error -338) has been detected in a B-Tree (ObjectId: 28, PgnoRoot: 76) of database C:\Windows\SoftwareDistribution\DataStore\DataStore.edb (76 => 20631, wuaueng.dll0).

Error: (06/27/2014 07:53:07 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll (992) SUS20ClientDataStore: A bad page link (error -338) has been detected in a B-Tree (ObjectId: 28, PgnoRoot: 76) of database C:\Windows\SoftwareDistribution\DataStore\DataStore.edb (76 => 20631, wuaueng.dll0).

Error: (06/27/2014 07:53:07 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll (992) SUS20ClientDataStore: A bad page link (error -338) has been detected in a B-Tree (ObjectId: 28, PgnoRoot: 76) of database C:\Windows\SoftwareDistribution\DataStore\DataStore.edb (76 => 20631, wuaueng.dll0).

Error: (06/27/2014 07:53:07 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll (992) SUS20ClientDataStore: A bad page link (error -338) has been detected in a B-Tree (ObjectId: 28, PgnoRoot: 76) of database C:\Windows\SoftwareDistribution\DataStore\DataStore.edb (76 => 20631, wuaueng.dll0).

Error: (06/27/2014 07:53:07 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll (992) SUS20ClientDataStore: A bad page link (error -338) has been detected in a B-Tree (ObjectId: 28, PgnoRoot: 76) of database C:\Windows\SoftwareDistribution\DataStore\DataStore.edb (76 => 20631, wuaueng.dll0).

Error: (06/27/2014 07:53:07 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll (992) SUS20ClientDataStore: A bad page link (error -338) has been detected in a B-Tree (ObjectId: 28, PgnoRoot: 76) of database C:\Windows\SoftwareDistribution\DataStore\DataStore.edb (76 => 20631, wuaueng.dll0).


System errors:
=============
Error: (04/02/2010 02:46:07 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 14:44:34 on 02/04/2010 was unexpected.

Error: (04/02/2010 02:42:58 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 14:41:19 on 02/04/2010 was unexpected.

Error: (04/02/2010 02:39:01 PM) (Source: Microsoft-Windows-Servicing) (EventID: 4375) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package KB948610 (Update) into Install Requested(Install Requested) state

Error: (04/02/2010 02:39:01 PM) (Source: Microsoft-Windows-Servicing) (EventID: 4375) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package KB948610 (Update) into Install Requested(Install Requested) state

Error: (04/02/2010 02:39:01 PM) (Source: Microsoft-Windows-Servicing) (EventID: 4375) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package KB948610 (Update) into Install Requested(Install Requested) state

Error: (04/02/2010 02:39:01 PM) (Source: Microsoft-Windows-Servicing) (EventID: 4375) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package KB948610 (Update) into Install Requested(Install Requested) state

Error: (04/02/2010 02:39:01 PM) (Source: Microsoft-Windows-Servicing) (EventID: 4375) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package KB948610 (Update) into Install Requested(Install Requested) state

Error: (04/02/2010 02:39:01 PM) (Source: Microsoft-Windows-Servicing) (EventID: 4375) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package KB948610 (Update) into Install Requested(Install Requested) state

Error: (04/02/2010 02:39:01 PM) (Source: Microsoft-Windows-Servicing) (EventID: 4375) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package KB948610 (Update) into Install Requested(Install Requested) state

Error: (04/02/2010 02:39:01 PM) (Source: Microsoft-Windows-Servicing) (EventID: 4375) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package KB948610 (Update) into Install Requested(Install Requested) state


Microsoft Office Sessions:
=========================
Error: (06/27/2014 07:53:07 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll992SUS20ClientDataStore: -3382876C:\Windows\SoftwareDistribution\DataStore\DataStore.edb76206314456497

Error: (06/27/2014 07:53:07 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll992SUS20ClientDataStore: -3382876C:\Windows\SoftwareDistribution\DataStore\DataStore.edb76206314456497

Error: (06/27/2014 07:53:07 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll992SUS20ClientDataStore: -3382876C:\Windows\SoftwareDistribution\DataStore\DataStore.edb76206314456497

Error: (06/27/2014 07:53:07 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll992SUS20ClientDataStore: -3382876C:\Windows\SoftwareDistribution\DataStore\DataStore.edb76206314456497

Error: (06/27/2014 07:53:07 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll992SUS20ClientDataStore: -3382876C:\Windows\SoftwareDistribution\DataStore\DataStore.edb76206314456497

Error: (06/27/2014 07:53:07 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll992SUS20ClientDataStore: -3382876C:\Windows\SoftwareDistribution\DataStore\DataStore.edb76206314456497

Error: (06/27/2014 07:53:07 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll992SUS20ClientDataStore: -3382876C:\Windows\SoftwareDistribution\DataStore\DataStore.edb76206314456497

Error: (06/27/2014 07:53:07 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll992SUS20ClientDataStore: -3382876C:\Windows\SoftwareDistribution\DataStore\DataStore.edb76206314456497

Error: (06/27/2014 07:53:07 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll992SUS20ClientDataStore: -3382876C:\Windows\SoftwareDistribution\DataStore\DataStore.edb76206314456497

Error: (06/27/2014 07:53:07 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll992SUS20ClientDataStore: -3382876C:\Windows\SoftwareDistribution\DataStore\DataStore.edb76206314456497


CodeIntegrity Errors:
===================================
Date: 2014-06-27 19:51:54.579
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-06-27 19:51:54.299
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-06-27 19:51:54.090
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-06-27 19:51:53.803
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-06-27 19:51:53.422
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-06-27 19:51:53.171
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-06-27 19:51:52.935
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-06-27 19:51:52.661
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-06-27 19:51:32.131
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-06-27 19:51:31.889
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 71%
Total physical RAM: 2037.31 MB
Available physical RAM: 590.63 MB
Total Pagefile: 4317.89 MB
Available Pagefile: 2719.87 MB
Total Virtual: 2047.88 MB
Available Virtual: 1907.79 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:136.43 GB) (Free:62.63 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:5.78 GB) NTFS
Drive f: (Iomega_HDD) (Fixed) (Total:930.83 GB) (Free:622.7 GB) NTFS
Drive g: (Virtual CD) (CDROM) (Total:0.08 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149 GB) (Disk ID: 28000000)
Partition 1: (Not Active) - (Size=118 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=136 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=3 GB) - (Type=OF Extended)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 1.

==================== End Of Log ============================
 
Hi Holsten87,

Has this computer been unused for quite awhile?

=========================

  • Windows Vista does not have the latest Service Pack. You should update to the latest service pack before you continue.
  • Go here, and download SP2 for your computer.
  • Expand the Install Instructions, and follow those to install SP2.
  • Reboot after you are done and continue with the instructions.
=========================

TDSSKiller

Please download TDSSKiller.zip - Extract it to your desktop
  • TDSSKiller.exe
    • Windows XP : Double click on the icon to run it.
    • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  • Press Start Scan
    • Only if Malicious objects are found then ensure Cure is selected
    • Then click Continue > Reboot now
  • Copy and paste the log in your next reply
    • A copy of the log will be saved automatically to the root of the drive (typically C:\)
=========================

In your next post please provide the following:

  • TDSSKiller log
 
Opps, sorry! I thought I'd replied to this. Apologies for the late reply- I've been having trouble installing the service pack and have been trying to solve the issue, but not yet successful. I've been using this laptop daily for seven years, but have never been able to install SP2. I will keep on trying, but I'll post the TDSS log in the meantime. It didn't find any threats, but here's the report:

17:07:41.0184 0x15e4 TDSS rootkit removing tool 3.0.0.39 Jun 5 2014 20:35:54
17:07:44.0702 0x15e4 ============================================================
17:07:44.0702 0x15e4 Current date / time: 2014/06/30 17:07:44.0702
17:07:44.0702 0x15e4 SystemInfo:
17:07:44.0702 0x15e4
17:07:44.0702 0x15e4 OS Version: 6.0.6001 ServicePack: 1.0
17:07:44.0702 0x15e4 Product type: Workstation
17:07:44.0702 0x15e4 ComputerName: THE-BEAST
17:07:44.0703 0x15e4 UserName: Holly Chapman
17:07:44.0703 0x15e4 Windows directory: C:\Windows
17:07:44.0703 0x15e4 System windows directory: C:\Windows
17:07:44.0703 0x15e4 Processor architecture: Intel x86
17:07:44.0703 0x15e4 Number of processors: 2
17:07:44.0703 0x15e4 Page size: 0x1000
17:07:44.0703 0x15e4 Boot type: Normal boot
17:07:44.0703 0x15e4 ============================================================
17:07:44.0957 0x15e4 KLMD registered as C:\Windows\system32\drivers\42346196.sys
17:07:45.0199 0x15e4 System UUID: {86624D06-03CC-FC3B-4764-BB75D07C2ADA}
17:07:47.0293 0x15e4 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 ( 149.05 Gb ), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:07:47.0312 0x15e4 Drive \Device\Harddisk1\DR2 - Size: 0xE8B51B6000 ( 930.83 Gb ), SectorSize: 0x1000, Cylinders: 0x3B55, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:07:47.0334 0x15e4 ============================================================
17:07:47.0334 0x15e4 \Device\Harddisk0\DR0:
17:07:47.0334 0x15e4 MBR partitions:
17:07:47.0334 0x15e4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3B000, BlocksNum 0x1400000
17:07:47.0334 0x15e4 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x143B000, BlocksNum 0x110DE000
17:07:47.0350 0x15e4 \Device\Harddisk1\DR2:
17:07:47.0351 0x15e4 MBR partitions:
17:07:47.0351 0x15e4 \Device\Harddisk1\DR2\Partition1: MBR, Type 0x7, StartLBA 0x100, BlocksNum 0xE8B4F00
17:07:47.0351 0x15e4 ============================================================
17:07:47.0387 0x15e4 C: <-> \Device\Harddisk0\DR0\Partition2
17:07:47.0422 0x15e4 D: <-> \Device\Harddisk0\DR0\Partition1
17:07:47.0461 0x15e4 F: <-> \Device\Harddisk1\DR2\Partition1
17:07:47.0462 0x15e4 ============================================================
17:07:47.0462 0x15e4 Initialize success
17:07:47.0462 0x15e4 ============================================================
17:07:51.0781 0x0b38 ============================================================
17:07:51.0781 0x0b38 Scan started
17:07:51.0781 0x0b38 Mode: Manual;
17:07:51.0781 0x0b38 ============================================================
17:07:51.0781 0x0b38 KSN ping started
17:07:52.0305 0x0b38 KSN ping finished: true
17:07:54.0194 0x0b38 ================ Scan system memory ========================
17:07:54.0195 0x0b38 System memory - ok
17:07:54.0196 0x0b38 ================ Scan services =============================
17:07:54.0469 0x0b38 [ FCB8C7210F0135E24C6580F7F649C73C, 7E5E3D0B4F4BD418E6CC551850C672E1AF347CBB2E665B6F72638786CE5079C5 ] ACPI C:\Windows\system32\drivers\acpi.sys
17:07:54.0482 0x0b38 ACPI - ok
17:07:54.0649 0x0b38 [ 09E7C37DF4A911C8A9AA8BF88ACD10AA, E881E0BBDCED58F28E0BA8DC27372EDFFFF2C57EE31CD13A032FDC9F7C831B5A ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:07:54.0738 0x0b38 AdobeFlashPlayerUpdateSvc - ok
17:07:54.0841 0x0b38 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB, 0342700760874683A6DF4F149DACACEF0569D40C45FC5958C67100B3C5D9BBBC ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:07:54.0863 0x0b38 adp94xx - ok
17:07:54.0903 0x0b38 [ B84088CA3CDCA97DA44A984C6CE1CCAD, 87009809FB101BF51483FA32318CBCD209386582880C82417BE4FFAD1B04C8C1 ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:07:54.0915 0x0b38 adpahci - ok
17:07:54.0942 0x0b38 [ 7880C67BCCC27C86FD05AA2AFB5EA469, C8B06E203EEA6EAD19651F212432005ABADFF21E2AA5699E34040527394F2677 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
17:07:54.0958 0x0b38 adpu160m - ok
17:07:54.0969 0x0b38 [ 9AE713F8E30EFC2ABCCD84904333DF4D, B0C7801AC6E0811C38F0474703F34283914C8873D851F59EE232834F7C0D8087 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:07:54.0976 0x0b38 adpu320 - ok
17:07:55.0048 0x0b38 [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:07:55.0057 0x0b38 AeLookupSvc - ok
17:07:55.0130 0x0b38 [ EF1142512BEC12F1C2C87735DA1755BE, 236EFD8FBA717123E0CF5A136ACEBB80A2BE1FA4B1A9A2C74728BC4EB4E787D8 ] AESTFilters C:\Windows\system32\aestsrv.exe
17:07:55.0135 0x0b38 AESTFilters - ok
17:07:55.0183 0x0b38 [ 48EB99503533C27AC6135648E5474457, 344A83008F41AAC3CDFC52EFC4F2EFF441971C58182597D2FBED315B3FC62137 ] AFD C:\Windows\system32\drivers\afd.sys
17:07:55.0234 0x0b38 AFD - ok
17:07:55.0345 0x0b38 [ 8B10CE1C1F9F1D47E4DEB1A547A00CD4, 2E89838BD068314F4BE59753486E5D666FE2A3DD0A616E00EED4E0F83DB87401 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:07:55.0349 0x0b38 agp440 - ok
17:07:55.0362 0x0b38 [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
17:07:55.0367 0x0b38 aic78xx - ok
17:07:55.0434 0x0b38 [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG C:\Windows\System32\alg.exe
17:07:55.0452 0x0b38 ALG - ok
17:07:55.0459 0x0b38 [ DC67A153FDB8105B25D05334B5E1D8E2, 95CD9ABE73EC1E5111F5D599FE16EB1B3A6A87B7FC54922254769032CD2BEF0E ] aliide C:\Windows\system32\drivers\aliide.sys
17:07:55.0462 0x0b38 aliide - ok
17:07:55.0473 0x0b38 [ 848F27E5B27C1C253F6CEFDC1A5D8F21, 0FE955D82CE68A1FC5DCA33626179005B90803821005A370EB36352817433089 ] amdagp C:\Windows\system32\drivers\amdagp.sys
17:07:55.0477 0x0b38 amdagp - ok
17:07:55.0488 0x0b38 [ 835C4C3355088298A5EBD818FA31430F, 947E587F016AD3B2B4606334E03372F34D806ED1AFF4860E7EA2E289D70FB79E ] amdide C:\Windows\system32\drivers\amdide.sys
17:07:55.0491 0x0b38 amdide - ok
17:07:55.0537 0x0b38 [ DC487885BCEF9F28EECE6FAC0E5DDFC5, 24A62F6E628AD46273BC226F7BC3453A9C7B76F81ABB9FB801EBEFADB2AB7C9B ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
17:07:55.0541 0x0b38 AmdK7 - ok
17:07:55.0548 0x0b38 [ 0CA0071DA4315B00FC1328CA86B425DA, 4F816FA2197166A83A266084F9D5ED68876D0521D378F90F1314DD53C6FB8814 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:07:55.0566 0x0b38 AmdK8 - ok
17:07:55.0662 0x0b38 [ C6D704C7F0434DC791AAC37CAC4B6E14, 35CF7D1895F97637E0C678A39F3049B871BCA9526D379C7793ED33B87D2EAC4C ] Appinfo C:\Windows\System32\appinfo.dll
17:07:55.0669 0x0b38 Appinfo - ok
17:07:55.0719 0x0b38 [ 5F673180268BB1FDB69C99B6619FE379, C4307A861163F96648109046A6C7D53AB1C9B10D0B841DD1A7D147D22F462649 ] arc C:\Windows\system32\drivers\arc.sys
17:07:55.0757 0x0b38 arc - ok
17:07:55.0802 0x0b38 [ 957F7540B5E7F602E44648C7DE5A1C05, F03C7708A6C9D2579ECE5A7413AFA068E1067D7191EC653A78BA4FEDE76CFBD8 ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:07:55.0807 0x0b38 arcsas - ok
17:07:55.0859 0x0b38 [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:07:55.0912 0x0b38 AsyncMac - ok
17:07:55.0967 0x0b38 [ 2D9C903DC76A66813D350A562DE40ED9, 82609F01A08C6842E4C17C077BB641C1429C0E6657964B7F2D114035E1BDCBF3 ] atapi C:\Windows\system32\drivers\atapi.sys
17:07:55.0978 0x0b38 atapi - ok
17:07:56.0090 0x0b38 [ 42076E29AAFA0830A2C5D4E310F58DD1, 13BB794C09BB602AECF53DB8147677159DC154E994FFEAE89C0298BD65FA9C7B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:07:56.0111 0x0b38 AudioEndpointBuilder - ok
17:07:56.0157 0x0b38 [ 42076E29AAFA0830A2C5D4E310F58DD1, 13BB794C09BB602AECF53DB8147677159DC154E994FFEAE89C0298BD65FA9C7B ] Audiosrv C:\Windows\System32\Audiosrv.dll
17:07:56.0168 0x0b38 Audiosrv - ok
17:07:57.0151 0x0b38 [ 7A0F6A3E0E41425B9BA54616B482668A, 096BE4C9D44CD8BB63E3415DF70035C63B43B43E191C7311DCA05532C0DDF840 ] AVGIDSAgent C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
17:07:58.0974 0x0b38 AVGIDSAgent - ok
17:07:59.0143 0x0b38 [ 1C8D965BBCAA9EE5DEFDB54743437086, 6B431CA9B20D0E066B71A8CA4430D74C0EA72FF0CB12F0D3A5F4E6A065244A37 ] AVGIDSDriver C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
17:07:59.0151 0x0b38 AVGIDSDriver - ok
17:07:59.0182 0x0b38 [ C59C9BC3F0612BD207CCDC5D8CB9CE39, FA3B991BA47E15C7EBD7D7B9BC28FF976F0EA3A49C68F954FF47BBB8D9EF1C99 ] AVGIDSEH C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
17:07:59.0186 0x0b38 AVGIDSEH - ok
17:07:59.0229 0x0b38 [ C5559DE2EC66CEDE15A1664F6D183D8E, D326E2A290F978E1B3D77E4D9020B5CA12FBF80913D6E5D8AB7327A0D543CF24 ] AVGIDSFilter C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
17:07:59.0238 0x0b38 AVGIDSFilter - ok
17:07:59.0288 0x0b38 [ AE5E9667FA40206796D1BD5BD0427A8A, D829BD90B22228870D0E86F3BFF9234503085605226526FBFCF11DC98397607A ] AVGIDSShim C:\Windows\system32\DRIVERS\AVGIDSShim.Sys
17:07:59.0306 0x0b38 AVGIDSShim - ok
17:07:59.0350 0x0b38 [ 901EB73F900D8DD1E8862C40427B83AE, 6CEC9109CDA7ED3952702773785430C3AE02195EB6D3FDF889C1F9118CF50D11 ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys
17:07:59.0420 0x0b38 Avgldx86 - ok
17:07:59.0505 0x0b38 [ 5639DE66B37D02BD22DF4CF3155FBA60, E7F8E588DA6470DB285EB7EAA199572A84EF6660A9D6B30B1D9BBF096B4D04F1 ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys
17:07:59.0561 0x0b38 Avgmfx86 - ok
17:07:59.0606 0x0b38 [ D1BAF652EDA0AE70896276A1FB32C2D4, 295C26E45C79920EC93FC95891F61E76D09CDF7D18011FE93FC61346A2FA28C9 ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys
17:07:59.0640 0x0b38 Avgrkx86 - ok
17:07:59.0815 0x0b38 [ AAF0EBCAD95F2164CFFB544E00392498, 20ED50D2E33DFCF4B209B76E041DB1483B9A23A12591CC303F4D6C4846DEB7D5 ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys
17:07:59.0844 0x0b38 Avgtdix - ok
17:07:59.0967 0x0b38 [ FC2BC51120A945F7C70376495E4E7737, AA9711093972B6D7690C7662EF45DAAA9499AD36A6191382E43DAE566B64BF12 ] avgwd C:\Program Files\AVG\AVG10\avgwdsvc.exe
17:07:59.0988 0x0b38 avgwd - ok
17:08:00.0066 0x0b38 [ CD4646067CC7DCBA1907FA0ACF7E3966, 705DF801ACB8719213E95D6214E6C30F7A217663305DBB718F7ECD40F0084340 ] bcm4sbxp C:\Windows\system32\DRIVERS\bcm4sbxp.sys
17:08:00.0071 0x0b38 bcm4sbxp - ok
17:08:00.0157 0x0b38 [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep C:\Windows\system32\drivers\Beep.sys
17:08:00.0164 0x0b38 Beep - ok
17:08:00.0238 0x0b38 [ 8582E233C346AEFE759833E8A30DD697, 2B0A4FB7F0C3256A5003821634DFA04BA8C3FBB46E942E8BC5D114AF8D1E5354 ] BFE C:\Windows\System32\bfe.dll
17:08:00.0296 0x0b38 BFE - ok
17:08:00.0483 0x0b38 [ 02ED7B4DBC2A3232A389106DA7515C3D, 0DFCD03CB967D1A980D56124603F353DC1D800E3A5E436EEE95C65FDE17398CF ] BITS C:\Windows\System32\qmgr.dll
17:08:00.0554 0x0b38 BITS - ok
17:08:00.0561 0x0b38 blbdrive - ok
17:08:00.0723 0x0b38 [ CFD4C3352E29A8B729536648466E8DF5, EE2699697931C054A1C82E6FC1B2EA4881C2F9FBF2B7F7E24268450703ED6F9A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:08:00.0777 0x0b38 Bonjour Service - ok
17:08:00.0871 0x0b38 [ 8153396D5551276227FA146900F734E6, 0AE06774162D542D9E95246B7112A40D7C463EF331B4F56C9CF8AD99A0341E38 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:08:00.0980 0x0b38 bowser - ok
17:08:01.0048 0x0b38 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
17:08:01.0063 0x0b38 BrFiltLo - ok
17:08:01.0082 0x0b38 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
17:08:01.0107 0x0b38 BrFiltUp - ok
17:08:01.0144 0x0b38 [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser C:\Windows\System32\browser.dll
17:08:01.0156 0x0b38 Browser - ok
17:08:01.0177 0x0b38 [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid C:\Windows\system32\drivers\brserid.sys
17:08:01.0186 0x0b38 Brserid - ok
17:08:01.0194 0x0b38 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
17:08:01.0203 0x0b38 BrSerWdm - ok
17:08:01.0212 0x0b38 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
17:08:01.0221 0x0b38 BrUsbMdm - ok
17:08:01.0241 0x0b38 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
17:08:01.0321 0x0b38 BrUsbSer - ok
17:08:01.0366 0x0b38 [ DA7B195275BDA7F8FCF79B40E0F45DDE, 1346E9221FD6A1DA27F0BC4F3CF5AFA60B3419931B32468107028BCD4232A708 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
17:08:01.0376 0x0b38 BthEnum - ok
17:08:01.0416 0x0b38 [ 5FFA6988FF9597986FF2ADA736CC90C0, 50F57047CC5CC241DDF9BB8E39E03F91074AC4C7B4CDE6C44FF279A8741384C5 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:08:01.0424 0x0b38 BTHMODEM - ok
17:08:01.0479 0x0b38 [ 5904EFA25F829BF84EA6FB045134A1D8, 66E4160CC404744576BA6E9DD606B533F42B3D4A3E2FDD457DAA016CC72A81CC ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
17:08:01.0496 0x0b38 BthPan - ok
17:08:01.0625 0x0b38 [ 73D53F8E90550BA81E2CF44A0873B410, 2E73A2FCF668F1F18928A293A74370BF3D6DC0208D010D10FD5335DFA3706906 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
17:08:01.0699 0x0b38 BTHPORT - ok
17:08:01.0814 0x0b38 [ 58EE7F5E68310BC8D4E7CEBD8358C12E, 2EBA4A861E2C2AA56016DD8F5AE7C969BF515EF1B3E153F97F1E48E0983F17BB ] BthServ C:\Windows\System32\bthserv.dll
17:08:01.0833 0x0b38 BthServ - ok
17:08:01.0879 0x0b38 [ 32045A4BB143BBC5BAB1298C4E9E309A, 4009AE2D186746E076CF254FD3653AA4B07182521B772CF2825A3BBDEF4288FB ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
17:08:01.0884 0x0b38 BTHUSB - ok
17:08:01.0947 0x0b38 [ 4A28E7BD365377D0512B7EF8C7596D2C, C55337A59929744FD493D1155ED2EF7B0684963D364437767F1567298DCF9290 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
17:08:01.0977 0x0b38 btwaudio - ok
17:08:01.0996 0x0b38 [ 5FFDE57253D665067B0886612817EB11, 5A6FFA7900CD0CCDF5C7FACEDFD6D941EE01527BC1B873676089D8308480D31C ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
17:08:02.0002 0x0b38 btwavdt - ok
17:08:02.0032 0x0b38 [ AB07DC8B05C31A4F95FC73019BE9DB15, A0A0FBD61A63C9374BD1DD9573E2ADD482CC5039CA34E8C0FB9EA3D7762E3D02 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
17:08:02.0038 0x0b38 btwrchid - ok
17:08:02.0062 0x0b38 catchme - ok
17:08:02.0102 0x0b38 [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:08:02.0107 0x0b38 cdfs - ok
17:08:02.0142 0x0b38 [ 1EC25CEA0DE6AC4718BF89F9E1778B57, 019E12C30E7A395259F3906EC55AFF86949CFDBB443060208C8B91B9EB7F9FB7 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:08:02.0148 0x0b38 cdrom - ok
17:08:02.0198 0x0b38 [ 87C2D0377B23E2D8A41093C2F5FB1A5B, 94725CD764318461A1163FCD1B507B92490C5F52CB5089E6C7245FD91F2D1D05 ] CertPropSvc C:\Windows\System32\certprop.dll
17:08:02.0218 0x0b38 CertPropSvc - ok
17:08:02.0287 0x0b38 [ DA8E0AFC7BAA226C538EF53AC2F90897, 2BBB9966671A3B8325D215DBC29FBD7D912C13ADC562A0D4521D1FF9A6F445C0 ] circlass C:\Windows\system32\drivers\circlass.sys
17:08:02.0308 0x0b38 circlass - ok
17:08:02.0344 0x0b38 [ 465745561C832B29F7C48B488AAB3842, B631C61FBF6E2641FED7C4CFC1B179D19143B04CF76DCF48A9C7582E756FFD8C ] CLFS C:\Windows\system32\CLFS.sys
17:08:02.0360 0x0b38 CLFS - ok
17:08:02.0495 0x0b38 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:08:02.0543 0x0b38 clr_optimization_v2.0.50727_32 - ok
17:08:02.0749 0x0b38 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:08:02.0818 0x0b38 clr_optimization_v4.0.30319_32 - ok
17:08:02.0870 0x0b38 [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:08:02.0873 0x0b38 CmBatt - ok
17:08:02.0925 0x0b38 [ E79CBB2195E965F6E3256E2C1B23FD1C, 176819CEDE1BC16499B0E67EBDB46D7A627189D6B0DAF733B10FBE0DD3E030A2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:08:02.0940 0x0b38 cmdide - ok
17:08:02.0974 0x0b38 [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:08:02.0978 0x0b38 Compbatt - ok
17:08:02.0986 0x0b38 COMSysApp - ok
17:08:03.0020 0x0b38 [ 2A213AE086BBEC5E937553C7D9A2B22C, 1F91ACC0426E0ED1717555B282F65629EF15021375B24A63C29C89ADE916EE2A ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:08:03.0027 0x0b38 crcdisk - ok
17:08:03.0094 0x0b38 [ 22A7F883508176489F559EE745B5BF5D, D6341E3FBC8A46D2D1F0477FA60EC4828B585D35B14609CD02868FD04ECD14DB ] Crusoe C:\Windows\system32\drivers\crusoe.sys
17:08:03.0114 0x0b38 Crusoe - ok
17:08:03.0140 0x0b38 [ 6DE363F9F99334514C46AEC02D3E3678, FF403B8A4D7D6B3D2F23E2711D1353CFB0C748AD7D7927CF5DFBD99CD169D826 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:08:03.0146 0x0b38 CryptSvc - ok
17:08:03.0314 0x0b38 [ 301AE00E12408650BADDC04DBC832830, 405A392B83942A17F1EB78943C3A3046B5451EA8CB0082A53571CCC0609275A2 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:08:03.0349 0x0b38 DcomLaunch - ok
17:08:03.0374 0x0b38 [ A3E9FA213F443AC77C7746119D13FEEC, 479B349BFC811D20572C09C4A2228C3880F8F3B4B4BA5F4E56600C7EF583DE7B ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:08:03.0384 0x0b38 DfsC - ok
17:08:03.0699 0x0b38 [ FA3463F25F9CC9C3BCF1E7912FEFF099, 8CFA0F1DFD975ED877B303EB55BE52B0B1EC2B20FEC36820121A0F5E046E0032 ] DFSR C:\Windows\system32\DFSR.exe
17:08:03.0914 0x0b38 DFSR - ok
17:08:04.0109 0x0b38 [ 43A988A9C10333476CB5FB667CBD629D, 7E0DD57E75A50E3671673876631A1E66A4AC16810418BEC1AC2143DFD331F389 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
17:08:04.0117 0x0b38 Dhcp - ok
17:08:04.0210 0x0b38 [ 64109E623ABD6955C8FB110B592E68B7, 964F456EF44F9AE836B8CAB438FEB18303B2548A2B7D85FEBD72F4F80127B0EE ] disk C:\Windows\system32\drivers\disk.sys
17:08:04.0251 0x0b38 disk - ok
17:08:04.0340 0x0b38 [ 4805D9A6D281C7A7DEFD9094DEC6AF7D, 473A5F1C4E795BD6B6DDB32ECB04BA8BF238AA5FBC67FC5D8D8F749464ED0AE9 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:08:04.0381 0x0b38 Dnscache - ok
17:08:04.0408 0x0b38 [ 5AF620A08C614E24206B79E8153CF1A8, 5BB32FF3C9A5C51C2773F0ECF9647749667F4678EF3C75FEB4420EC6C805913E ] dot3svc C:\Windows\System32\dot3svc.dll
17:08:04.0415 0x0b38 dot3svc - ok
17:08:04.0522 0x0b38 [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS C:\Windows\system32\dps.dll
17:08:04.0532 0x0b38 DPS - ok
17:08:04.0646 0x0b38 [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:08:04.0655 0x0b38 drmkaud - ok
17:08:04.0750 0x0b38 [ 85F33880B8CFB554BD3D9CCDB486845A, 2D120F94800AEB886D4BA2A45FE2454EBB1FAC3E57BDE552737EBDE7EF8899CF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:08:04.0870 0x0b38 DXGKrnl - ok
17:08:05.0012 0x0b38 [ 7505290504C8E2D172FA378CC0497BCC, 8DD69E1B27EC13E62529C87B6B796675681E6329C825E64EEC9134B15C08161C ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
17:08:05.0059 0x0b38 e1express - ok
17:08:05.0087 0x0b38 [ F88FB26547FD2CE6D0A5AF2985892C48, F02E06E16830F5D3FAF61991F5A91E54BB3461F58AFE3BFB7A9066CD302B879F ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
17:08:05.0123 0x0b38 E1G60 - ok
17:08:05.0211 0x0b38 [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost C:\Windows\System32\eapsvc.dll
17:08:05.0219 0x0b38 EapHost - ok
17:08:05.0285 0x0b38 [ DD2CD259D83D8B72C02C5F2331FF9D68, 07E758A414442FEAFE55FB28842D960971553DB16C31D5791FDD0843CBF5E2B4 ] Ecache C:\Windows\system32\drivers\ecache.sys
17:08:05.0337 0x0b38 Ecache - ok
17:08:05.0554 0x0b38 [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:08:05.0595 0x0b38 ehRecvr - ok
17:08:05.0672 0x0b38 [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched C:\Windows\ehome\ehsched.exe
17:08:05.0689 0x0b38 ehSched - ok
17:08:05.0713 0x0b38 [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart C:\Windows\ehome\ehstart.dll
17:08:05.0715 0x0b38 ehstart - ok
17:08:05.0803 0x0b38 [ DA8B28199B46B72502D5A3F75D446254, C1895040F30B3FEEDD724FCB7E27E118FA637E3AA420980D0EFB2D069C389925 ] ElRawDisk C:\Windows\system32\drivers\ElRawDsk.sys
17:08:05.0807 0x0b38 ElRawDisk - ok
17:08:05.0859 0x0b38 [ E8F3F21A71720C84BCF423B80028359F, 63114E6120F634224A0E83A5047B37C7D6F26CF99FE3C01CFC0AB8B1763BB084 ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:08:05.0893 0x0b38 elxstor - ok
17:08:05.0991 0x0b38 [ 70B1A86DF0C8EAD17D2BC332EDAE2C7C, 80385AC32CE8388F06341AA4A880F68E0EB5815CCCA5CF8E799846F472DCE360 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
17:08:06.0090 0x0b38 EMDMgmt - ok
17:08:06.0161 0x0b38 [ 3CB3343D720168B575133A0A20DC2465, B356938AC3D9CE833A2C0EBFAA548CDB6B68BEDDB2CCA80222E508BD978FB26B ] EventSystem C:\Windows\system32\es.dll
17:08:06.0173 0x0b38 EventSystem - ok
17:08:06.0265 0x0b38 [ 0D858EB20589A34EFB25695ACAA6AA2D, E5C891D8971173D78194176CB38C0D62C1245C71E04DD94EC742A69C2925F843 ] exfat C:\Windows\system32\drivers\exfat.sys
17:08:06.0276 0x0b38 exfat - ok
17:08:06.0356 0x0b38 [ 3C489390C2E2064563727752AF8EAB9E, BF528F6D4718AC160C103FD89496C6B7BABED7A17A6BD4222D684AF22FE21A49 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:08:06.0380 0x0b38 fastfat - ok
17:08:06.0413 0x0b38 [ 63BDADA84951B9C03E641800E176898A, AD3EA20CAD0E0C438422D5D39AEA9E0AAD9E1DC866A696AE503C76F5FAC4BE6E ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:08:06.0416 0x0b38 fdc - ok
17:08:06.0452 0x0b38 [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost C:\Windows\system32\fdPHost.dll
17:08:06.0454 0x0b38 fdPHost - ok
17:08:06.0485 0x0b38 [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub C:\Windows\system32\fdrespub.dll
17:08:06.0499 0x0b38 FDResPub - ok
17:08:06.0567 0x0b38 [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:08:06.0579 0x0b38 FileInfo - ok
17:08:06.0616 0x0b38 [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:08:06.0643 0x0b38 Filetrace - ok
17:08:06.0695 0x0b38 [ 6603957EFF5EC62D25075EA8AC27DE68, B52D112301A6BFBD60959D7D2502AB2E1EB6BB7F5DCED46899F1F006C7F1E887 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:08:06.0706 0x0b38 flpydisk - ok
17:08:06.0776 0x0b38 [ 05EA53AFE985443011E36DAB07343B46, E033C1C218E9B0D22B63E1B927D7BBE331B59814F26952B68BEDC914EF881E55 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:08:06.0805 0x0b38 FltMgr - ok
17:08:06.0939 0x0b38 [ C9BE08664611DDAF98E2331E9288B00B, C645DDAB5FD588486553DF2DD5750AF5A967FEE988F4EB29E05362E3362DF4A2 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:08:06.0951 0x0b38 FontCache3.0.0.0 - ok
17:08:06.0998 0x0b38 [ 65EA8B77B5851854F0C55C43FA51A198, 150BE6C195094DBEAC4FD73CC1C31FF59B77A73944574E244D280EE2DE69DC2F ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:08:07.0012 0x0b38 Fs_Rec - ok
17:08:07.0060 0x0b38 [ 4E1CD0A45C50A8882616CAE5BF82F3C5, 1B909AF150F7119A5685999451A85012F4A92F15F38390A281EA507E2D247BAE ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:08:07.0071 0x0b38 gagp30kx - ok
17:08:07.0214 0x0b38 [ D9F1113D9401185245573350712F92FC, 7D8E96B61D7FC1FCC7D70A19DB725BCEA78FE94F3D7AFBB1202771D530A628B7 ] gpsvc C:\Windows\System32\gpsvc.dll
17:08:07.0299 0x0b38 gpsvc - ok
17:08:07.0368 0x0b38 [ C87B1EE051C0464491C1A7B03FA0BC99, 0EF498A7D37A454E8B6DB1BE3C0EADA648B51B34A2BB553171E766463E54EE90 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:08:07.0394 0x0b38 HDAudBus - ok
17:08:07.0449 0x0b38 [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:08:07.0452 0x0b38 HidBth - ok
17:08:07.0472 0x0b38 [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr C:\Windows\system32\drivers\hidir.sys
17:08:07.0476 0x0b38 HidIr - ok
17:08:07.0502 0x0b38 [ 8FA640195279ACE21BEA91396A0054FC, 20541E5FA29B3FBD8824F3DF93C7D63AFEE56948F82FFDE20E9E87F5C0A3A789 ] hidserv C:\Windows\system32\hidserv.dll
17:08:07.0505 0x0b38 hidserv - ok
17:08:07.0542 0x0b38 [ 854CA287AB7FAF949617A788306D967E, 8C0BC3727C07634FAD35C7184C72B6D48D428F35E612257A833F00CACF4AAB5D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:08:07.0545 0x0b38 HidUsb - ok
17:08:07.0571 0x0b38 [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc C:\Windows\system32\kmsvc.dll
17:08:07.0593 0x0b38 hkmsvc - ok
17:08:07.0603 0x0b38 [ DF353B401001246853763C4B7AAA6F50, 05C043493BDD99DEFBB0F5C3D8C475B06C2BF5629565ACF6F3B754002519B836 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
17:08:07.0606 0x0b38 HpCISSs - ok
17:08:07.0847 0x0b38 [ E9E589C9AB799F52E18F057635A2B362, 24857D672B09C13EF290E7EA587D25270DE23740EE18E2FCF16716D9E0D0E457 ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
17:08:08.0020 0x0b38 HSF_DPV - ok
17:08:08.0087 0x0b38 [ 7845D2385F4DC7DFB3CCAF0C2FA4948E, 18F01851E18CCF84A7987B739C7661C8BF272CF69F4E6BA87A69FCDBA1B8774A ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
17:08:08.0097 0x0b38 HSXHWAZL - ok
17:08:08.0265 0x0b38 [ 96E241624C71211A79C84F50A8E71CAB, EB6E679218B781F67FBFF4EB12DDE44769ACA7EA3F83A4404A073EA89C902C25 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:08:08.0299 0x0b38 HTTP - ok
17:08:08.0353 0x0b38 [ 324C2152FF2C61ABAE92D09F3CCA4D63, 2D09964C8003277F7DB1FFAA0DAEF15B205F3C4100FF601950BC9E544DC0B91F ] i2omp C:\Windows\system32\drivers\i2omp.sys
17:08:08.0356 0x0b38 i2omp - ok
17:08:08.0489 0x0b38 [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:08:08.0500 0x0b38 i8042prt - ok
17:08:08.0620 0x0b38 [ FD7F9D74C2B35DBDA400804A3F5ED5D8, 93BAEE15428E9B3FF2D5F7EE156697EA8C24E176C3A8E56D1B1AFF4E541867E4 ] iaStor C:\Windows\system32\drivers\iastor.sys
17:08:08.0627 0x0b38 iaStor - ok
17:08:08.0691 0x0b38 [ C957BF4B5D80B46C5017BF0101E6C906, 6B9186335E50E7E0DBAF574A224E524EC526B57AA02F509E4A8D0F905C9CE880 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
17:08:08.0745 0x0b38 iaStorV - ok
17:08:09.0016 0x0b38 [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
17:08:09.0021 0x0b38 IDriverT - ok
17:08:09.0277 0x0b38 [ 7B630ACAED64FEF0C3E1CF255CB56686, 9DCC6953BC6EF77C3916F8AA226CEC0662513A23AB60E9F714D53746E82FB372 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:08:09.0706 0x0b38 idsvc - ok
17:08:09.0890 0x0b38 [ BBACE0293B73BF8C7CB591F2D06F26FA, A28A985633DF171BCB7A2201CB239B8694CE9C89D4A6BF627F2A512B112C131A ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
17:08:10.0030 0x0b38 igfx - ok
17:08:10.0087 0x0b38 [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:08:10.0092 0x0b38 iirsp - ok
17:08:10.0149 0x0b38 [ A3BC480A2BF8AA8E4DABD2D5DCE0AFAC, ED795B07B38EDBB2850384EDFA04C85539D4D22A7AAB8981C83C84E2EAB5976F ] IKEEXT C:\Windows\System32\ikeext.dll
17:08:10.0166 0x0b38 IKEEXT - ok
17:08:10.0221 0x0b38 [ 0084046C084D68E494F8CF36BCF08186, 1A40542A8E7ADE1944892F11DFA85307F342965A31D5697425E0BB86874D45F5 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
17:08:10.0260 0x0b38 intelide - ok
17:08:10.0336 0x0b38 [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:08:10.0344 0x0b38 intelppm - ok
17:08:10.0639 0x0b38 [ 01D805FAC2510E3C963EA4727B1E2F00, EDEC59524A7BFA44929AEF87BF34A7A46D8BC3E9C0C6607138E9014636629D56 ] ioloSystemService C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
17:08:10.0739 0x0b38 ioloSystemService - ok
17:08:10.0807 0x0b38 [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:08:10.0811 0x0b38 IPBusEnum - ok
17:08:10.0832 0x0b38 [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:08:10.0836 0x0b38 IpFilterDriver - ok
17:08:10.0870 0x0b38 [ 6A35D233693EDC29A12742049BC5E37F, 77275407105492A11CDC232E72C8183F0DFD28F8B9AD2A24AAABDB246F14D38F ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:08:10.0897 0x0b38 iphlpsvc - ok
17:08:10.0902 0x0b38 IpInIp - ok
17:08:10.0928 0x0b38 [ 40F34F8ABA2A015D780E4B09138B6C17, 22F86888C6B4F76836E863A90730D8F0DBD518305D87A399A159387E79E9D2F7 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
17:08:10.0932 0x0b38 IPMIDRV - ok
17:08:10.0971 0x0b38 [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
17:08:10.0991 0x0b38 IPNAT - ok
17:08:11.0040 0x0b38 [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:08:11.0047 0x0b38 IRENUM - ok
17:08:11.0054 0x0b38 [ 2F8ECE2699E7E2070545E9B0960A8ED2, 40214A9220C6EC232C245939E4F40A9FF6D30497E180EDC809B87938A922E52D ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:08:11.0060 0x0b38 isapnp - ok
17:08:11.0147 0x0b38 [ F247EEC28317F6C739C16DE420097301, 0F4BE16BB0630DFE2256F70C94D4363B7B71F02F7F6597E7CAE28A3EFEA7BCAD ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
17:08:11.0169 0x0b38 iScsiPrt - ok
17:08:11.0175 0x0b38 [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
17:08:11.0178 0x0b38 iteatapi - ok
17:08:11.0185 0x0b38 [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid C:\Windows\system32\drivers\iteraid.sys
17:08:11.0188 0x0b38 iteraid - ok
17:08:11.0215 0x0b38 [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:08:11.0218 0x0b38 kbdclass - ok
17:08:11.0231 0x0b38 [ 18247836959BA67E3511B62846B9C2E0, 9623FF990A1C11A707C358CC9FDD4306C2992A8C766A50DAFC9534A283AA011D ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:08:11.0260 0x0b38 kbdhid - ok
17:08:11.0304 0x0b38 [ A911ECAC81F94ADEAFBE8E3F7873EDB0, 5FC9667F306E16722A46FABCA8FB9C8E7AC24768B9D8415B03F45567F90B8438 ] KeyIso C:\Windows\system32\lsass.exe
17:08:11.0350 0x0b38 KeyIso - ok
17:08:11.0927 0x0b38 [ 775C6D5D60146D7DB08A01CB596D7EC6, 66D87041DD8E0CF8AFBC155AC709E9A647B765BBA56CDE07EA01468BDAD7C239 ] Kodak AiO Network Discovery Service C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
17:08:11.0983 0x0b38 Kodak AiO Network Discovery Service - ok
17:08:12.0161 0x0b38 [ 17AFF68AB32F8671BC46612D35351099, C782460B99EAAE84DDBEF5AEB628984984B4108A482F023CE62CE1D33A367FEB ] Kodak AiO Status Monitor Service C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
17:08:12.0236 0x0b38 Kodak AiO Status Monitor Service - ok
17:08:12.0334 0x0b38 [ 7A0CF7908B6824D6A2A1D313E5AE3DCA, 903CF1169D984BBDAE114827D82D5CCC88C2BC7CAEE6BB3A299E2572B0751BB6 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:08:12.0376 0x0b38 KSecDD - ok
17:08:12.0448 0x0b38 [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm C:\Windows\system32\msdtckrm.dll
17:08:12.0471 0x0b38 KtmRm - ok
17:08:12.0506 0x0b38 [ 1925E63C91CF1610AE41BFD539062079, C25438D19D51B76A8E4C5F3A5D41C76197321166CB37E224217993A4466EBEF9 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:08:12.0514 0x0b38 LanmanServer - ok
17:08:12.0600 0x0b38 [ 2AE2E1628C5D3F1C0A46A67C9FA1DF15, 7B1FAC42B9EA73A8C4E812F8F729EB882BDFD04D2E68FE354CFD6B8379A46D14 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:08:12.0612 0x0b38 LanmanWorkstation - ok
17:08:12.0682 0x0b38 [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:08:12.0694 0x0b38 lltdio - ok
17:08:12.0785 0x0b38 [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:08:12.0822 0x0b38 lltdsvc - ok
17:08:12.0904 0x0b38 [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:08:12.0909 0x0b38 lmhosts - ok
17:08:12.0949 0x0b38 [ A2262FB9F28935E862B4DB46438C80D2, 792684A68726BC007ACABB584682FDF4F059AE60888FB5B47ED68A97EA0BB5E6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:08:12.0954 0x0b38 LSI_FC - ok
17:08:12.0961 0x0b38 [ 30D73327D390F72A62F32C103DAF1D6D, 7BB5BFB0DCF33AF9907539B52DF7BA1943C1E75A17715B58DBC702ACA6D406EA ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:08:12.0966 0x0b38 LSI_SAS - ok
17:08:13.0003 0x0b38 [ E1E36FEFD45849A95F1AB81DE0159FE3, DA02B23A881D156A02D3874B41E6D042F84AD558B434280A6A6AC6B619668647 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:08:13.0008 0x0b38 LSI_SCSI - ok
17:08:13.0064 0x0b38 [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv C:\Windows\system32\drivers\luafv.sys
17:08:13.0086 0x0b38 luafv - ok
17:08:13.0118 0x0b38 mcdbus - ok
17:08:13.0145 0x0b38 [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:08:13.0150 0x0b38 Mcx2Svc - ok
17:08:13.0215 0x0b38 [ 0CEA2D0D3FA284B85ED5B68365114F76, E6FF0EC98FDC3F628438B613C356C237E68686E3B5B17A58A60C16F4B9A2B968 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
17:08:13.0256 0x0b38 mdmxsdk - ok
17:08:13.0321 0x0b38 [ D153B14FC6598EAE8422A2037553ADCE, D5408B07B6EBA0146A605F11106497DC3DF8EC72E0DCC44BE1366A2A58ABE478 ] megasas C:\Windows\system32\drivers\megasas.sys
17:08:13.0324 0x0b38 megasas - ok
17:08:13.0366 0x0b38 [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS C:\Windows\system32\mmcss.dll
17:08:13.0370 0x0b38 MMCSS - ok
17:08:13.0382 0x0b38 [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem C:\Windows\system32\drivers\modem.sys
17:08:13.0386 0x0b38 Modem - ok
17:08:13.0439 0x0b38 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:08:13.0443 0x0b38 monitor - ok
17:08:13.0475 0x0b38 [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:08:13.0478 0x0b38 mouclass - ok
17:08:13.0490 0x0b38 [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:08:13.0493 0x0b38 mouhid - ok
17:08:13.0523 0x0b38 [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
17:08:13.0535 0x0b38 MountMgr - ok
17:08:13.0654 0x0b38 [ 26EA1DAD601EE3ACAC301D66F07BA219, C9594BB15D53D4AC2156CCCD2DB65B2C20620F1F60DA85F48D1586FC10028096 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:08:13.0710 0x0b38 MozillaMaintenance - ok
17:08:13.0791 0x0b38 [ 583A41F26278D9E0EA548163D6139397, 1F09D2FEEE1A8D4F1D9E53596158154099FD436A408F7E72E40F50778A3838A1 ] mpio C:\Windows\system32\drivers\mpio.sys
17:08:13.0796 0x0b38 mpio - ok
17:08:13.0839 0x0b38 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:08:13.0869 0x0b38 mpsdrv - ok
17:08:13.0917 0x0b38 [ D1639BA315B0D79DEC49A4B0E1FB929B, 96420572029217FDD78CD286A022EB5F8BAB76EE30F75E48CD69AEE1A4846B53 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:08:13.0937 0x0b38 MpsSvc - ok
17:08:13.0980 0x0b38 [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
17:08:13.0984 0x0b38 Mraid35x - ok
17:08:14.0036 0x0b38 [ AE3DE84536B6799D2267443CEC8EDBB9, 787AF9D5BC6D1A1E4A55A66D62F0DF93F45C2FB7EA5BE0BF63F1270604600B40 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:08:14.0061 0x0b38 MRxDAV - ok
17:08:14.0146 0x0b38 [ 5734A0F2BE7E495F7D3ED6EFD4B9F5A1, 2C5F0554D5A763D6B3F1402C9BF36C6091CBBDFFD5139AEE85D69D5B210D2047 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:08:14.0178 0x0b38 mrxsmb - ok
17:08:14.0299 0x0b38 [ 6B5FA5ADFACAC9DBBE0991F4566D7D55, 9BAD029A6AAF4C2292C682B9F07C57051C84F7FA4F3EBEA52C25CAEF1A41121F ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:08:14.0308 0x0b38 mrxsmb10 - ok
17:08:14.0367 0x0b38 [ 5C80D8159181C7ABF1B14BA703B01E0B, 414085AD3C36B8E95D1D49E2958671332DECE38739544CCB70FAB30C408E89A2 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:08:14.0373 0x0b38 mrxsmb20 - ok
17:08:14.0446 0x0b38 [ D420BC42A637AC3CC4F411220549C0DC, D991D19030D29D03BAFA846C095F460F2F31D19793E5582239964F66A837C562 ] msahci C:\Windows\system32\drivers\msahci.sys
17:08:14.0449 0x0b38 msahci - ok
17:08:14.0472 0x0b38 [ 3FC82A2AE4CC149165A94699183D3028, 8575BE62A209672A5D8C68D75BBBB4FF06220CA73A939B0793442DAD2272598C ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:08:14.0477 0x0b38 msdsm - ok
17:08:14.0541 0x0b38 [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC C:\Windows\System32\msdtc.exe
17:08:14.0554 0x0b38 MSDTC - ok
17:08:14.0595 0x0b38 [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:08:14.0613 0x0b38 Msfs - ok
17:08:14.0662 0x0b38 [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:08:14.0666 0x0b38 msisadrv - ok
17:08:14.0765 0x0b38 [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:08:14.0805 0x0b38 MSiSCSI - ok
17:08:14.0840 0x0b38 msiserver - ok
17:08:14.0881 0x0b38 [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:08:14.0908 0x0b38 MSKSSRV - ok
17:08:14.0930 0x0b38 [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:08:14.0933 0x0b38 MSPCLOCK - ok
17:08:14.0938 0x0b38 [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:08:14.0942 0x0b38 MSPQM - ok
17:08:14.0971 0x0b38 [ B5614AECB05A9340AA0FB55BF561CC63, 8D1B5E958A0F721F5A81AD649CC5759B4DECB771FC4654F4EDEB29AC7DF1BD40 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:08:14.0988 0x0b38 MsRPC - ok
17:08:15.0001 0x0b38 [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:08:15.0009 0x0b38 mssmbios - ok
17:08:15.0026 0x0b38 [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:08:15.0031 0x0b38 MSTEE - ok
17:08:15.0044 0x0b38 [ 6DFD1D322DE55B0B7DB7D21B90BEC49C, 95149C41CC9F269C299541A97A9E2E2CCAEE34FE2362EEECD1F813EBC6D4CDC5 ] Mup C:\Windows\system32\Drivers\mup.sys
17:08:15.0048 0x0b38 Mup - ok
17:08:15.0162 0x0b38 [ C43B25863FBD65B6D2A142AF3AE320CA, 88E147751CBECFF31CD65954BC978B86CEA74485EB60DBB25AABAB4601797A4E ] napagent C:\Windows\system32\qagentRT.dll
17:08:15.0179 0x0b38 napagent - ok
17:08:15.0271 0x0b38 [ 3C21CE48FF529BB73DADB98770B54025, B8541E3D2B120B97947AE51B28A99E2623ACAD3790BC282B1251ACBEC7684F8D ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:08:15.0279 0x0b38 NativeWifiP - ok
17:08:15.0402 0x0b38 [ 9BDC71790FA08F0A0B5F10462B1BD0B1, 67605C7A0CB4D9F2C4D0A876651DEB92270B54D0231C35A994F9A739C6075BC0 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:08:15.0449 0x0b38 NDIS - ok
17:08:15.0465 0x0b38 [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:08:15.0491 0x0b38 NdisTapi - ok
17:08:15.0556 0x0b38 [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:08:15.0560 0x0b38 Ndisuio - ok
17:08:15.0613 0x0b38 [ 3D14C3B3496F88890D431E8AA022A411, 9B31451756A35314586F93996172E1039B2CD21132CCBE772B3E61A8D9454A30 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:08:15.0624 0x0b38 NdisWan - ok
17:08:15.0640 0x0b38 [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:08:15.0645 0x0b38 NDProxy - ok
17:08:15.0662 0x0b38 [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:08:15.0666 0x0b38 NetBIOS - ok
17:08:15.0742 0x0b38 [ 7C5FEE5B1C5728507CD96FB4A13E7A02, EDBA08442AD6AF20463A0610FF24D5929574E5EC012495A2C219F6BA84C97F57 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
17:08:15.0772 0x0b38 netbt - ok
17:08:15.0793 0x0b38 [ A911ECAC81F94ADEAFBE8E3F7873EDB0, 5FC9667F306E16722A46FABCA8FB9C8E7AC24768B9D8415B03F45567F90B8438 ] Netlogon C:\Windows\system32\lsass.exe
17:08:15.0796 0x0b38 Netlogon - ok
17:08:15.0862 0x0b38 [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman C:\Windows\System32\netman.dll
17:08:15.0873 0x0b38 Netman - ok
17:08:15.0904 0x0b38 [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm C:\Windows\System32\netprofm.dll
17:08:15.0938 0x0b38 netprofm - ok
17:08:16.0005 0x0b38 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386, 2F23B0979CF2E8DB013D8E58501ACC9265A860FD759E8B741F8FA64F7C2F7756 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:08:16.0030 0x0b38 NetTcpPortSharing - ok
17:08:16.0787 0x0b38 [ 6522DD40A5F67CED020BD81B856613FB, 2242703412FA89B2D6E9A7025D0C14DFC0BFC66890D295BDA839274C313B4BAF ] NETw4v32 C:\Windows\system32\DRIVERS\NETw4v32.sys
17:08:17.0451 0x0b38 NETw4v32 - ok
17:08:17.0594 0x0b38 [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:08:17.0599 0x0b38 nfrd960 - ok
17:08:17.0635 0x0b38 [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc C:\Windows\System32\nlasvc.dll
17:08:17.0643 0x0b38 NlaSvc - ok
17:08:17.0693 0x0b38 [ ECB5003F484F9ED6C608D6D6C7886CBB, 45496B84B2FD156499E9F07FC82BC6F032B8F4D9DC194098CF9F5474D5642F9E ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:08:17.0699 0x0b38 Npfs - ok
17:08:17.0710 0x0b38 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi C:\Windows\system32\nsisvc.dll
17:08:17.0713 0x0b38 nsi - ok
17:08:17.0730 0x0b38 [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:08:17.0733 0x0b38 nsiproxy - ok
17:08:17.0817 0x0b38 [ B4EFFE29EB4F15538FD8A9681108492D, 12AF3C19DD2DE7D92EE4C03AD07BAFD77EB8BFF2333E6FBD9CAAA0F654A35F46 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:08:17.0928 0x0b38 Ntfs - ok
17:08:17.0960 0x0b38 [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
17:08:17.0964 0x0b38 ntrigdigi - ok
17:08:17.0990 0x0b38 [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null C:\Windows\system32\drivers\Null.sys
17:08:17.0995 0x0b38 Null - ok
17:08:18.0002 0x0b38 [ E69E946F80C1C31C53003BFBF50CBB7C, A0A4BC57822B2CBC75602A969E28DCEDE04B41CC084E1EF1532B1BCDAEAA43BB ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:08:18.0007 0x0b38 nvraid - ok
17:08:18.0014 0x0b38 [ 9E0BA19A28C498A6D323D065DB76DFFC, EA9E33ED2820ED39932FAE114A9CF1D87780ED6605D0260A6F22F920B48F34E9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:08:18.0017 0x0b38 nvstor - ok
17:08:18.0025 0x0b38 [ 055081FD5076401C1EE1BCAB08D81911, E6621F2D24E7E2544AFD249660F2D1026B94698CA841E79B3F1199ACB2203995 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:08:18.0031 0x0b38 nv_agp - ok
17:08:18.0036 0x0b38 NwlnkFlt - ok
17:08:18.0041 0x0b38 NwlnkFwd - ok
17:08:18.0086 0x0b38 [ 19CAC780B858822055F46C58A111723C, D91CE501328281B8FEE6943776A145FB3201645B01BA8D1545FFA93A547DE2C7 ] OEM02Dev C:\Windows\system32\DRIVERS\OEM02Dev.sys
17:08:18.0096 0x0b38 OEM02Dev - ok
17:08:18.0122 0x0b38 [ 86326062A90494BDD79CE383511D7D69, 43D5682CA8ECB4BA7CC1A5C4C2BF966EE4802E8C3AA84CDEB634CA3C410DAB89 ] OEM02Vfx C:\Windows\system32\DRIVERS\OEM02Vfx.sys
17:08:18.0126 0x0b38 OEM02Vfx - ok
17:08:18.0188 0x0b38 [ 790E27C3DB53410B40FF9EF2FD10A1D9, FD06F2702B8F7E04ECF1B6E88602F14301E7AE7FC44AD114282E580FAD530A9C ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
17:08:18.0192 0x0b38 ohci1394 - ok
17:08:18.0262 0x0b38 [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:08:18.0268 0x0b38 ose - ok
17:08:18.0365 0x0b38 [ 257190D58444732B68919C573368B64D, 12E4012A31ED2FBE34BDA9B66F686E42EB3B6C91C1B5D1D8B613249E0599026C ] OXSDIDRV_x32 C:\Windows\system32\DRIVERS\OXSDIDRV_x32.sys
17:08:18.0376 0x0b38 OXSDIDRV_x32 - ok
17:08:18.0438 0x0b38 [ 8F534A8630F6BABA92E14531F96906CD, 2685B8D2535F4BA85D7B2907537291A800D40863F2E1897489F565772574076D ] OXUDIDRV C:\Windows\system32\Drivers\OXUDIDRV_X32.sys
17:08:18.0442 0x0b38 OXUDIDRV - ok
17:08:18.0547 0x0b38 [ 5DE1A3972FD3112C75EB17BDCF454169, A3187A9ED867B3B1225A8C3CFB048360C1B92DA823C1B6FF5EF2C17F6BFB6602 ] p2pimsvc C:\Windows\system32\p2psvc.dll
17:08:18.0630 0x0b38 p2pimsvc - ok
17:08:18.0659 0x0b38 [ 5DE1A3972FD3112C75EB17BDCF454169, A3187A9ED867B3B1225A8C3CFB048360C1B92DA823C1B6FF5EF2C17F6BFB6602 ] p2psvc C:\Windows\system32\p2psvc.dll
17:08:18.0701 0x0b38 p2psvc - ok
17:08:18.0748 0x0b38 [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport C:\Windows\system32\drivers\parport.sys
17:08:18.0754 0x0b38 Parport - ok
17:08:18.0822 0x0b38 [ 3B38467E7C3DAED009DFE359E17F139F, 419BD726E511B3FEFBD8204C9E2BF6131EC05C71D15406070F834688EAFB694F ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:08:18.0851 0x0b38 partmgr - ok
17:08:18.0874 0x0b38 [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
17:08:18.0896 0x0b38 Parvdm - ok
17:08:18.0915 0x0b38 [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc C:\Windows\System32\pcasvc.dll
17:08:18.0918 0x0b38 PcaSvc - ok
17:08:18.0958 0x0b38 [ 01B94418DEB235DFF777CC80076354B4, 091C4D5954C5CA1F783748C4D7287DD160C5F3357F2CC448DC5C2935B79AC1E9 ] pci C:\Windows\system32\drivers\pci.sys
17:08:18.0979 0x0b38 pci - ok
17:08:18.0998 0x0b38 [ FC175F5DDAB666D7F4D17449A547626F, 7D6108213D1AD3F97A3B83E491BCCC7D6F5BC72C32A182BDDE8736851A26C8D2 ] pciide C:\Windows\system32\drivers\pciide.sys
17:08:19.0000 0x0b38 pciide - ok
17:08:19.0011 0x0b38 [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:08:19.0037 0x0b38 pcmcia - ok
17:08:19.0126 0x0b38 [ 40C611622882C3FCAFEB845C1E12A10F, A4F5790D9976D06822A656DCFDFEF76831A00089F6AC5519429142E6CBBC3EAC ] PDFsFilter C:\Windows\system32\DRIVERS\PDFsFilter.sys
17:08:19.0146 0x0b38 PDFsFilter - ok
17:08:19.0286 0x0b38 [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:08:19.0352 0x0b38 PEAUTH - ok
17:08:19.0648 0x0b38 [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla C:\Windows\system32\pla.dll
17:08:19.0831 0x0b38 pla - ok
17:08:19.0962 0x0b38 [ 78F975CB6D18265BE6F492EDB2D7BC7B, 112C6FB0A84E605B1EA87F98C8A4C210C9DB84C811029109444AB174011A158C ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:08:20.0021 0x0b38 PlugPlay - ok
17:08:20.0064 0x0b38 [ 5DE1A3972FD3112C75EB17BDCF454169, A3187A9ED867B3B1225A8C3CFB048360C1B92DA823C1B6FF5EF2C17F6BFB6602 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
17:08:20.0131 0x0b38 PNRPAutoReg - ok
17:08:20.0161 0x0b38 [ 5DE1A3972FD3112C75EB17BDCF454169, A3187A9ED867B3B1225A8C3CFB048360C1B92DA823C1B6FF5EF2C17F6BFB6602 ] PNRPsvc C:\Windows\system32\p2psvc.dll
17:08:20.0185 0x0b38 PNRPsvc - ok
17:08:20.0308 0x0b38 [ 47B8F37AA18B74D8C2E1BC1A7A2C8F8A, FAE64867CE80439735F88A9988243667BDE84486B5A768B650E55E1519C85C03 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:08:20.0365 0x0b38 PolicyAgent - ok
17:08:20.0444 0x0b38 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:08:20.0448 0x0b38 PptpMiniport - ok
17:08:20.0481 0x0b38 [ 0E3CEF5D28B40CF273281D620C50700A, 8ADA99B4563AE2129B95136295EE92A94102B035EBBC83D4C8587ECE8B0DEE60 ] Processor C:\Windows\system32\drivers\processr.sys
17:08:20.0485 0x0b38 Processor - ok
17:08:20.0526 0x0b38 [ B627E4FC8585E8843C5905D4D3587A90, 07D7BC1BF8CDD5E34155B260B914D4A9892D3CEAEACDE334D1AF2A608E1FA2D8 ] ProfSvc C:\Windows\system32\profsvc.dll
17:08:20.0533 0x0b38 ProfSvc - ok
17:08:20.0565 0x0b38 [ A911ECAC81F94ADEAFBE8E3F7873EDB0, 5FC9667F306E16722A46FABCA8FB9C8E7AC24768B9D8415B03F45567F90B8438 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:08:20.0568 0x0b38 ProtectedStorage - ok
17:08:20.0601 0x0b38 [ BFEF604508A0ED1EAE2A73E872555FFB, AC817FB5A6126475B4A3CA191AD49651B919FB55429B939D036BC564632E426D ] PSched C:\Windows\system32\DRIVERS\pacer.sys
17:08:20.0626 0x0b38 PSched - ok
17:08:20.0648 0x0b38 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E, 20ABD8372B242FD356AC143E7EB56F93CFEA4988ED1B0C4434CB64C387D7F66C ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
17:08:20.0659 0x0b38 PxHelp20 - ok
17:08:20.0725 0x0b38 [ CCDAC889326317792480C0A67156A1EC, 3D3B561B6D4E12DE442C98993C929765F002AF5CFB5A00EFACE6ABE957F7E8AF ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:08:20.0802 0x0b38 ql2300 - ok
17:08:20.0894 0x0b38 [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:08:20.0924 0x0b38 ql40xx - ok
17:08:21.0020 0x0b38 [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE C:\Windows\system32\qwave.dll
17:08:21.0043 0x0b38 QWAVE - ok
17:08:21.0088 0x0b38 [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:08:21.0111 0x0b38 QWAVEdrv - ok
17:08:21.0370 0x0b38 [ E642B131FB74CAF4BB8A014F31113142, 18A81B27FB2DA556AC51DBA8956203A6E821D75B2B09F11049250E732318F573 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys
17:08:21.0568 0x0b38 R300 - ok
17:08:21.0691 0x0b38 [ 8F97D374AD1857E1EED85A79F29A1D3D, 4B2D1DBB60C0890E3CB497F534D8DE74952AF8774579B62B0F4ED14912CA583C ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
17:08:21.0711 0x0b38 RapiMgr - ok
17:08:21.0761 0x0b38 [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:08:21.0784 0x0b38 RasAcd - ok
17:08:21.0810 0x0b38 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto C:\Windows\System32\rasauto.dll
17:08:21.0815 0x0b38 RasAuto - ok
17:08:21.0857 0x0b38 [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:08:21.0884 0x0b38 Rasl2tp - ok
17:08:21.0945 0x0b38 [ 6E7C284FC5C4EC07AD164D93810385A6, FDBF80C8DE53E56A3515353129C6912E8CAEC2B2DA9AB3A4B027CB73BDF1EC60 ] RasMan C:\Windows\System32\rasmans.dll
17:08:21.0955 0x0b38 RasMan - ok
17:08:21.0973 0x0b38 [ 3E9D9B048107B40D87B97DF2E48E0744, F7B8DAE57B9372CEB21A912379FC7670B099A9642CF2E7EA8D335ADBD4CF86A2 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:08:21.0977 0x0b38 RasPppoe - ok
17:08:22.0026 0x0b38 [ A7D141684E9500AC928A772ED8E6B671, C9329ECA4190EE1F4A6F186D45EA42ACF60C04CDBAFEB19973F3C2DF04A1BCEE ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:08:22.0048 0x0b38 RasSstp - ok
17:08:22.0164 0x0b38 [ 6E1C5D0457622F9EE35F683110E93D14, 9C6BE049FDA5E6CBA486EE33F01AADDD6085CC5F1F08409EC439ADE9137D3F5F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:08:22.0319 0x0b38 rdbss - ok
17:08:22.0345 0x0b38 [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:08:22.0363 0x0b38 RDPCDD - ok
17:08:22.0453 0x0b38 [ 0245418224CFA77BF4B41C2FE0622258, 532A8ABB476A1723FDD25A12EA07C97F2588F24D0AE6F86C0105112A9AECCDB9 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
17:08:22.0471 0x0b38 rdpdr - ok
17:08:22.0507 0x0b38 [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:08:22.0534 0x0b38 RDPENCDD - ok
17:08:22.0563 0x0b38 [ E1C18F4097A5ABCEC941DC4B2F99DB7E, B38AC355042F18A41F83BF088FE7EB867184C7FE37820365314419BD3810BB68 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:08:22.0572 0x0b38 RDPWD - ok
17:08:22.0666 0x0b38 [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess C:\Windows\System32\mprdim.dll
17:08:22.0671 0x0b38 RemoteAccess - ok
17:08:22.0697 0x0b38 [ CC4E32400F3C7253400CF8F3F3A0B676, D2A874BE3D365260AD7C10C30F2DE22F818CBFC12D65AADE2203B9ED02C9BEB5 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:08:22.0703 0x0b38 RemoteRegistry - ok
17:08:22.0739 0x0b38 [ 34CC78C06587718C2AD6D3AA83B1F072, 35973BBFF7C6119287B4C3C47A54C626A8623C9F18062597AD7D3ADDF0094ED8 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
17:08:22.0744 0x0b38 RFCOMM - ok
17:08:22.0785 0x0b38 [ EA885E7A56F1BE1F14C372337C42FE48, 2C6F0FCB95D4A04E9BC26765B1EB856D3D40811F8B0D090C0E8AB571FF4D1C7A ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
17:08:22.0789 0x0b38 rimmptsk - ok
17:08:22.0817 0x0b38 [ D7E09BC852684A7B1FC0F74FE090D45A, 97D6ABCDA50C4FC5BE8B5532FF013EC9AF4AA098D7EB450EB1C3A358BD8E6B2D ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
17:08:22.0821 0x0b38 rimsptsk - ok
17:08:22.0849 0x0b38 [ B0A7494A9BA7909EFAC64E05D3F160DB, 3B2C362F70C53CF12DD36C1888292FB5C9E05CB711B30B22C1FBE330C5E635BE ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys
17:08:22.0854 0x0b38 rismxdp - ok
17:08:22.0920 0x0b38 [ FDEB76BED9C0A75329CA426623297158, 83B79222569FA0B77C59A41E4F6065740F48EFAD1EFEFF76F258FB995E27DCF6 ] RMCAST C:\Windows\system32\DRIVERS\RMCAST.sys
17:08:22.0930 0x0b38 RMCAST - ok
17:08:23.0089 0x0b38 [ EBCDE8B48FADC6479D96A56D0A432160, 2F73D8656A929321D8B651FCFF55DFF5F90489CE9BEB7BB7DC3C7444D9A3C0FD ]
 
RoxMediaDB9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
17:08:23.0311 0x0b38 RoxMediaDB9 - ok
17:08:23.0369 0x0b38 [ AB2B1DE1C8F31EFCE2384B14B3DC4260, 5E67354010A19726810C172775C39C9A9AD3AAE1EB09CF2C552473D75ABD01BD ] RoxWatch9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
17:08:23.0769 0x0b38 RoxWatch9 - ok
17:08:23.0801 0x0b38 [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator C:\Windows\system32\locator.exe
17:08:23.0803 0x0b38 RpcLocator - ok
17:08:23.0868 0x0b38 [ 301AE00E12408650BADDC04DBC832830, 405A392B83942A17F1EB78943C3A3046B5451EA8CB0082A53571CCC0609275A2 ] RpcSs C:\Windows\system32\rpcss.dll
17:08:23.0884 0x0b38 RpcSs - ok
17:08:23.0943 0x0b38 [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:08:23.0960 0x0b38 rspndr - ok
17:08:23.0996 0x0b38 [ A911ECAC81F94ADEAFBE8E3F7873EDB0, 5FC9667F306E16722A46FABCA8FB9C8E7AC24768B9D8415B03F45567F90B8438 ] SamSs C:\Windows\system32\lsass.exe
17:08:23.0999 0x0b38 SamSs - ok
17:08:24.0107 0x0b38 [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:08:24.0123 0x0b38 sbp2port - ok
17:08:24.0157 0x0b38 [ 11387E32642269C7E62E8B52C060B3C6, 6225FA14CBDC1D30F2E4CDC2059773DA49C67BE2C00A1DE582E8E07717F20425 ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:08:24.0167 0x0b38 SCardSvr - ok
17:08:24.0265 0x0b38 [ 7B587B8A6D4A99F79D2902D0385F29BD, C29F2EE25F7B11E1821832CB7F4F8506C2AB20804D6702CC5EAF5BA1F3FCA972 ] Schedule C:\Windows\system32\schedsvc.dll
17:08:24.0293 0x0b38 Schedule - ok
17:08:24.0340 0x0b38 [ 87C2D0377B23E2D8A41093C2F5FB1A5B, 94725CD764318461A1163FCD1B507B92490C5F52CB5089E6C7245FD91F2D1D05 ] SCPolicySvc C:\Windows\System32\certprop.dll
17:08:24.0342 0x0b38 SCPolicySvc - ok
17:08:24.0411 0x0b38 [ 126EA89BCC413EE45E3004FB0764888F, 367BE2B56113177AE867E00D019C707C6449E0FC4A642101B11036A0534D6901 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
17:08:24.0416 0x0b38 sdbus - ok
17:08:24.0482 0x0b38 [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:08:24.0491 0x0b38 SDRSVC - ok
17:08:24.0593 0x0b38 [ D358E077A0A05D9B12DA22D137EE8464, 7B6493B199DEF411596B1A6F479F57838202B102C3324333B620E212E0AE9053 ] SeaPort C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
17:08:24.0603 0x0b38 SeaPort - ok
17:08:24.0631 0x0b38 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:08:24.0635 0x0b38 secdrv - ok
17:08:24.0652 0x0b38 [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon C:\Windows\system32\seclogon.dll
17:08:24.0655 0x0b38 seclogon - ok
17:08:24.0740 0x0b38 [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS C:\Windows\system32\sens.dll
17:08:24.0760 0x0b38 SENS - ok
17:08:24.0792 0x0b38 [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum C:\Windows\system32\drivers\serenum.sys
17:08:24.0796 0x0b38 Serenum - ok
17:08:24.0804 0x0b38 [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial C:\Windows\system32\drivers\serial.sys
17:08:24.0809 0x0b38 Serial - ok
17:08:24.0832 0x0b38 [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:08:24.0835 0x0b38 sermouse - ok
17:08:24.0923 0x0b38 [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv C:\Windows\system32\sessenv.dll
17:08:24.0957 0x0b38 SessionEnv - ok
17:08:24.0965 0x0b38 [ 51CF56AA8BCC241F134B420B8F850406, 41DA7438039C791C35BDA5BD255D2CCFA85E5250325FAE4D5A4182AD819E71F1 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:08:24.0967 0x0b38 sffdisk - ok
17:08:24.0974 0x0b38 [ 96DED8B20C734AC41641CE275250E55D, E88317D0B31A98917AD30AD9F8CF6B59C1141FFBF7A150D8675A29B95FF150F3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:08:24.0976 0x0b38 sffp_mmc - ok
17:08:24.0985 0x0b38 [ 8B08CAB1267B2C377883FC9E56981F90, 4444AC438E805129103FAA48F22D0D6893AC5BD8FCA2A6D4DA51EBD8C75B7529 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:08:24.0988 0x0b38 sffp_sd - ok
17:08:25.0056 0x0b38 [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:08:25.0060 0x0b38 sfloppy - ok
17:08:25.0105 0x0b38 [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:08:25.0117 0x0b38 SharedAccess - ok
17:08:25.0251 0x0b38 [ 1E3FDB80E40A3CE645F229DFBDFB7694, C58D04CB86E314FC768F2729AC77A7097AFA9C80A35D8AB72690B7005E83D1D6 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:08:25.0262 0x0b38 ShellHWDetection - ok
17:08:25.0300 0x0b38 [ 08072B2FB92477FC813271A84B3A8698, A97ABDEB5E37F7B50DD6168FAAD524BE82418FC7818BB667C10951408FB6EB70 ] sisagp C:\Windows\system32\drivers\sisagp.sys
17:08:25.0325 0x0b38 sisagp - ok
17:08:25.0368 0x0b38 [ CEDD6F4E7D84E9F98B34B3FE988373AA, E102977E6FAC30B5ABEEC0B412A9F2A10C5C42F4D9C3AD69296BF9E1E88B6141 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
17:08:25.0389 0x0b38 SiSRaid2 - ok
17:08:25.0398 0x0b38 [ DF843C528C4F69D12CE41CE462E973A7, A2BEC74FCB8D8B6B9D8DD4746C013DFDF1DD662AEFE9B88CA495E5B83B4A76F9 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:08:25.0405 0x0b38 SiSRaid4 - ok
17:08:25.0981 0x0b38 [ D0776778A9FC5E37F2E9EB21FC8A9709, 37FA45B666DE664FDA378AA755F2FC9E1DF4674651EEE451253D99C04488CCD9 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
17:08:27.0049 0x0b38 Skype C2C Service - ok
17:08:27.0379 0x0b38 [ 004179B6C039D39B71FBE3D07C5DFE79, 4B4FCD4F33D81AF6A787DD0F1DED84874961D3488A8E2B0BF1D4D1A9EFDD25BC ]
SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
17:08:27.0387 0x0b38 SkypeUpdate - ok
17:08:27.0648 0x0b38 [ 0BA91E1358AD25236863039BB2609A2E, ECB3C8E3D9C6FA77C0CF5A898FB90BB9474C6EFBE3698B56C93ECE44535EDACE ] slsvc C:\Windows\system32\SLsvc.exe
17:08:27.0902 0x0b38 slsvc - ok
17:08:28.0038 0x0b38 [ 7C6DC44CA0BFA6291629AB764200D1D4, 747CDA89C6F94F8314E5E5C425387ABDF9FF8528D82422F8FF66D96307B47B13 ] SLUINotify C:\Windows\system32\SLUINotify.dll
17:08:28.0042 0x0b38 SLUINotify - ok
17:08:28.0091 0x0b38 [ 031E6BCD53C9B2B9ACE111EAFEC347B6, B934129BD77CA6A1434C59EA82B5E93FD4089608E0E41242B6E68070A0F33FB8 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:08:28.0127 0x0b38 Smb - ok
17:08:28.0164 0x0b38 [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:08:28.0188 0x0b38 SNMPTRAP - ok
17:08:28.0229 0x0b38 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr C:\Windows\system32\drivers\spldr.sys
17:08:28.0233 0x0b38 spldr - ok
17:08:28.0314 0x0b38 [ 3665F79026A3F91FBCA63F2C65A09B19, A9AAE9B4006B5BC6EF4A7AB4CAB131687E4055E7C56900BBD24F78BA155C458A ] Spooler C:\Windows\System32\spoolsv.exe
17:08:28.0321 0x0b38 Spooler - ok
17:08:28.0396 0x0b38 [ 2252AEF839B1093D16761189F45AF885, D7B79E1B9CD73EDEA855DBE120ED470CC0F67D1AA44038E6051A4C5BCE361DE3 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:08:28.0411 0x0b38 srv - ok
17:08:28.0432 0x0b38 [ B7FF59408034119476B00A81BB53D5D1, 365D8E719D729D56082F5A6EEB65B31EB5DB5D15A5346D05E7130F41F2F97D46 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:08:28.0453 0x0b38 srv2 - ok
17:08:28.0485 0x0b38 [ 2ACCC9B12AF02030F531E6CCA6F8B76E, D1BA17C7BFE02347824DEEB1B7362FD251769ECB92B14EB3C600C85AB7E04D1B ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:08:28.0491 0x0b38 srvnet - ok
17:08:28.0520 0x0b38 [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:08:28.0528 0x0b38 SSDPSRV - ok
17:08:28.0582 0x0b38 [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:08:28.0588 0x0b38 SstpSvc - ok
17:08:28.0630 0x0b38 [ 799AA3E04879B3FED31ECEA02B1CAA9A, EECEE3F666EE3722B5655E596CF4128303AD6CA3C5B45C3501B4D1D2CEC9FD75 ] STacSV C:\Windows\system32\STacSV.exe
17:08:28.0655 0x0b38 STacSV - ok
17:08:28.0736 0x0b38 [ 5AF135B2E2097D4494B9067CE84E2665, E7517C43BB81B6AE017172BA5389F6B0FC17CF9E60AAB3453A6D80A087C86592 ] STHDA C:\Windows\system32\drivers\stwrt.sys
17:08:28.0769 0x0b38 STHDA - ok
17:08:28.0835 0x0b38 [ EF70B3D22B4BFFDA6EA851ECB063EFAA, 1666572F8F988805C3A2E949FA6B060B35B72DBB115B86F4CFC710FB6A86C3E3 ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
17:08:28.0851 0x0b38 StillCam - ok
17:08:28.0986 0x0b38 [ 7DD08A597BC56051F320DA0BAF69E389, ACC59CF80765248705FFCE65DC9B5D072DC054F08C02FB4D16BA0E84D8BED0A4 ] stisvc C:\Windows\System32\wiaservc.dll
17:08:29.0064 0x0b38 stisvc - ok
17:08:29.0128 0x0b38 [ 51778FD315C9882F1CBD932743E62A72, 5127292970ABC2966723CC5535DD547C77AAC132AAA849BCBD90D0F00EDD08C0 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
17:08:29.0136 0x0b38 stllssvr - ok
17:08:29.0170 0x0b38 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:08:29.0219 0x0b38 swenum - ok
17:08:29.0286 0x0b38 [ B36C7CDB86F7F7A8E884479219766950, F3EA381A84CD6950BF71A56E9ABAD5010F226C5254CB936699A38BA4C85F7367 ] swprv C:\Windows\System32\swprv.dll
17:08:29.0349 0x0b38 swprv - ok
17:08:29.0401 0x0b38 [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
17:08:29.0404 0x0b38 Symc8xx - ok
17:08:29.0421 0x0b38 [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
17:08:29.0424 0x0b38 Sym_hi - ok
17:08:29.0432 0x0b38 [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
17:08:29.0435 0x0b38 Sym_u3 - ok
17:08:29.0493 0x0b38 [ DD17B63F26430E179EF6BDEF5AC735BD, EA736CBD7001891F1823B8626964AC37952A86DEC1022EDE913259E8B1FA1D1F ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
17:08:29.0544 0x0b38 SynTP - ok
17:08:29.0602 0x0b38 [ 8710A92D0024B03B5FB9540DF1F71F1D, B72A968A7966DC16A1D69A8D53012A4307EEBDC4CB8E1D9C93BFB88D996E490F ] SysMain C:\Windows\system32\sysmain.dll
17:08:29.0672 0x0b38 SysMain - ok
17:08:29.0700 0x0b38 [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:08:29.0707 0x0b38 TabletInputService - ok
17:08:29.0793 0x0b38 [ 680916BB09EE0F3A6ACA7C274B0D633F, 008B6EE41FA4D371258F0A656AE96B3E3F487BE5B9E0654B920013B4F1C0DFD8 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:08:29.0827 0x0b38 TapiSrv - ok
17:08:29.0850 0x0b38 [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS C:\Windows\System32\tbssvc.dll
17:08:29.0854 0x0b38 TBS - ok
17:08:29.0943 0x0b38 [ 782568AB6A43160A159B6215B70BCCE9, 11FDD484743985D2F41098C191926BFE8010D4E432CA20CCEB6219B514F9838A ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:08:30.0044 0x0b38 Tcpip - ok
17:08:30.0120 0x0b38 [ 782568AB6A43160A159B6215B70BCCE9, 11FDD484743985D2F41098C191926BFE8010D4E432CA20CCEB6219B514F9838A ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
17:08:30.0145 0x0b38 Tcpip6 - ok
17:08:30.0170 0x0b38 [ D4A2E4A4B011F3A883AF77315A5AE76B, 29E18087236A592638570F76691BC5C64CCA383F43EE22DF122413860E2D882C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:08:30.0174 0x0b38 tcpipreg - ok
17:08:30.0212 0x0b38 [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:08:30.0216 0x0b38 TDPIPE - ok
17:08:30.0236 0x0b38 [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:08:30.0326 0x0b38 TDTCP - ok
17:08:30.0373 0x0b38 [ D09276B1FAB033CE1D40DCBDF303D10F, 2CB47CB522B4E1C091DE30AF0EB4E21D321C42D2A5BA9647CBD078652680D8FF ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:08:30.0398 0x0b38 tdx - ok
17:08:30.0438 0x0b38 [ A048056F5E1A96A9BF3071B91741A5AA, CFDE51D106A6CC4A5638BCD458505F5831636D2203F7C949273BDA446AC7C5F3 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:08:30.0442 0x0b38 TermDD - ok
17:08:30.0524 0x0b38 [ D605031E225AACCBCEB5B76A4F1603A6, 27D78644CADBC11C3AB5E0C10F854FD43BCD43B6E91C1ED1F6D35BC501147701 ] TermService C:\Windows\System32\termsrv.dll
17:08:30.0601 0x0b38 TermService - ok
17:08:30.0626 0x0b38 [ 1E3FDB80E40A3CE645F229DFBDFB7694, C58D04CB86E314FC768F2729AC77A7097AFA9C80A35D8AB72690B7005E83D1D6 ] Themes C:\Windows\system32\shsvcs.dll
17:08:30.0637 0x0b38 Themes - ok
17:08:30.0662 0x0b38 [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER C:\Windows\system32\mmcss.dll
17:08:30.0665 0x0b38 THREADORDER - ok
17:08:30.0698 0x0b38 [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks C:\Windows\System32\trkwks.dll
17:08:30.0721 0x0b38 TrkWks - ok
17:08:30.0834 0x0b38 [ 16613A1BAD034D4ECF957AF18B7C2FF5, 75499618187ED4385984F608D134BB298A4CCB339F70B31E4A8B2CF3E3558396 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:08:30.0836 0x0b38 TrustedInstaller - ok
17:08:30.0865 0x0b38 [ DCF0F056A2E4F52287264F5AB29CF206, D9F770BD65AE4320A8C130DEA1D093AA4E37FCA573BBE6A59D6D045452EA711D ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:08:30.0882 0x0b38 tssecsrv - ok
17:08:30.0912 0x0b38 [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
17:08:30.0914 0x0b38 tunmp - ok
17:08:30.0947 0x0b38 [ 6042505FF6FA9AC1EF7684D0E03B6940, D09CF14A6C0C760238792DDA4ECB6FBB6CA645BB91BD62585EBD050226BDB5A7 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:08:30.0950 0x0b38 tunnel - ok
17:08:30.0961 0x0b38 uafilter - ok
17:08:30.0988 0x0b38 [ C3ADE15414120033A36C0F293D4A4121, 74A002C4B5EBD94E33EDEACB6639AF44ED72A8DDE3083C6DE71C1EE937EF1A9C ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:08:31.0031 0x0b38 uagp35 - ok
17:08:31.0060 0x0b38 [ 8B5088058FA1D1CD897A2113CCFF6C58, 1616EDB66C3E2DA7B09EA4FE46A3FC7087D6201F2195D76118A93B0B065D1623 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:08:31.0080 0x0b38 udfs - ok
17:08:31.0114 0x0b38 [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:08:31.0121 0x0b38 UI0Detect - ok
17:08:31.0129 0x0b38 [ 6D72EF05921ABDF59FC45C7EBFE7E8DD, 9102CB4B5E8B858B61DE1508C6A00D75584741891899966258E510173DBF7BB9 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:08:31.0133 0x0b38 uliagpkx - ok
17:08:31.0180 0x0b38 [ 3CD4EA35A6221B85DCC25DAA46313F8D, 100A7E12B8EA395F70A00874328E87B930CE88FF442F3576FE88B105A22E04C5 ] uliahci C:\Windows\system32\drivers\uliahci.sys
17:08:31.0191 0x0b38 uliahci - ok
17:08:31.0200 0x0b38 [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata C:\Windows\system32\drivers\ulsata.sys
17:08:31.0206 0x0b38 UlSata - ok
17:08:31.0216 0x0b38 [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
17:08:31.0223 0x0b38 ulsata2 - ok
17:08:31.0316 0x0b38 [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:08:31.0367 0x0b38 umbus - ok
17:08:31.0418 0x0b38 [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost C:\Windows\System32\upnphost.dll
17:08:31.0441 0x0b38 upnphost - ok
17:08:31.0455 0x0b38 USBAAPL - ok
17:08:31.0517 0x0b38 [ 292A25BB75A568AE2C67169BA2C6365A, EE8B50DD446ECDEBC8B27D015FA9DE18F918ABBA8CF277B799D71CC9D79842FC ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
17:08:31.0522 0x0b38 usbaudio - ok
17:08:31.0557 0x0b38 [ CAF811AE4C147FFCD5B51750C7F09142, BD670CF88D8F932AD1C6BA91FB68A7204BC473657C6A057C92AFB84D164D393C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:08:31.0572 0x0b38 usbccgp - ok
17:08:31.0589 0x0b38 [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:08:31.0595 0x0b38 usbcir - ok
17:08:31.0639 0x0b38 [ CEBE90821810E76320155BEBA722FCF9, AD27B032520BE2A45690DD1AFDDA632B934AB7F815CD313B19CD692790C761D8 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:08:31.0643 0x0b38 usbehci - ok
17:08:31.0685 0x0b38 [ CC6B28E4CE39951357963119CE47B143, 0BC653B51A33709AADD8B5A2B8102DBCB3C1EE14BDDF4C58813FDCA43FF7C1B2 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:08:31.0695 0x0b38 usbhub - ok
17:08:31.0701 0x0b38 [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:08:31.0705 0x0b38 usbohci - ok
17:08:31.0724 0x0b38 [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:08:31.0728 0x0b38 usbprint - ok
17:08:31.0767 0x0b38 [ A508C9BD8724980512136B039BBA65E9, B39B72471C468AC997AEC528599EDC98A031F5A7EB91C4F9471402D48D2D4E3E ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
17:08:31.0771 0x0b38 usbscan - ok
17:08:31.0797 0x0b38 [ 87BA6B83C5D19B69160968D07D6E2982, 9E039DF4BBE53CA22A0ACE486B9867F99FFFE086CCAF6A83BD78770E4631F3F8 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:08:31.0817 0x0b38 USBSTOR - ok
17:08:31.0840 0x0b38 [ 814D653EFC4D48BE3B04A307ECEFF56F, D73D62F51AEFE2F8F2B938B20107C246F2AC2F62ED49112DBD092A5D2E4024B3 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
17:08:31.0844 0x0b38 usbuhci - ok
17:08:31.0877 0x0b38 [ 032A0ACC3909AE7215D524E29D536797, 51E36ED5953C0880BE508837181925A0F677842E8A5BA98099700E6ED691A783 ] UxSms C:\Windows\System32\uxsms.dll
17:08:31.0883 0x0b38 UxSms - ok
17:08:31.0907 0x0b38 [ B13BC395B9D6116628F5AF47E0802AC4, 36E023A07E56588A8C26EF95E4F99303659E4783E0D9E8AEF193CA77A7AF91BA ] vds C:\Windows\System32\vds.exe
17:08:31.0933 0x0b38 vds - ok
17:08:31.0968 0x0b38 [ 7D92BE0028ECDEDEC74617009084B5EF, D0749CE6FA3415BA4364299F8D6D53F133E8D2F44C6F1057996243415A540A53 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:08:31.0980 0x0b38 vga - ok
17:08:32.0017 0x0b38 [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave C:\Windows\System32\drivers\vga.sys
17:08:32.0020 0x0b38 VgaSave - ok
17:08:32.0028 0x0b38 [ D5929A28BDFF4367A12CAF06AF901971, DE2A60A9EE1ABACEE6221E4AD5D4AA4CBA12FED448EB36CA3B7A9A5F09A8DC8C ] viaagp C:\Windows\system32\drivers\viaagp.sys
17:08:32.0032 0x0b38 viaagp - ok
17:08:32.0038 0x0b38 [ 56A4DE5F02F2E88182B0981119B4DD98, 36FC94BCFD41907838DBCB02E6EA24065FDED4224239CD19E90D14433BE9108B ] ViaC7 C:\Windows\system32\drivers\viac7.sys
17:08:32.0042 0x0b38 ViaC7 - ok
17:08:32.0048 0x0b38 [ F3B4762EB85A2AFF4999401F14C3262B, 462B3A61AE82307292C8C75041514789AD2D1E3CF31A8A35E39A19989FD394C3 ] viaide C:\Windows\system32\drivers\viaide.sys
17:08:32.0053 0x0b38 viaide - ok
17:08:32.0069 0x0b38 [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:08:32.0074 0x0b38 volmgr - ok
17:08:32.0096 0x0b38 [ 98F5FFE6316BD74E9E2C97206C190196, CA9FA0EE5515D26F9406FF95F728E7F2CC29A8B7C97BC69FC2E95BBC60A2D261 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:08:32.0112 0x0b38 volmgrx - ok
17:08:32.0176 0x0b38 [ D8B4A53DD2769F226B3EB374374987C9, 49314B3E53FBF40A60E272C5B3B79FD1EFABFE1215DA5B030571B4DDF5592896 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:08:32.0187 0x0b38 volsnap - ok
17:08:32.0234 0x0b38 [ D984439746D42B30FC65A4C3546C6829, B134A9890638C2B4964A9C30812A2828A3E0CC641690CBF22D9FCE65EE3C2385 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:08:32.0240 0x0b38 vsmraid - ok
17:08:32.0331 0x0b38 [ D5FB73D19C46ADE183F968E13F186B23, D35432BE4FF462FCEA958CF646D5572B6D78058BC2F1F324C9F50A0B14B02259 ] VSS C:\Windows\system32\vssvc.exe
17:08:32.0574 0x0b38 VSS - ok
17:08:32.0684 0x0b38 [ 1CF9206966A8458CDA9A8B20DF8AB7D3, 405D5FE96DA7ED03D4124EF6C692F80E88E5982B90DF46E353E94FFF576A5570 ] W32Time C:\Windows\system32\w32time.dll
17:08:32.0726 0x0b38 W32Time - ok
17:08:32.0747 0x0b38 [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:08:32.0751 0x0b38 WacomPen - ok
17:08:32.0791 0x0b38 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
17:08:32.0796 0x0b38 Wanarp - ok
17:08:32.0802 0x0b38 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:08:32.0804 0x0b38 Wanarpv6 - ok
17:08:32.0859 0x0b38 [ 59E19BD13C3BDB857646B9E436BA27F7, CC84C607E15F5F29D93510387D5486BAF320BDAF79026A0BECE0D242F7B1DF3E ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
17:08:32.0887 0x0b38 WcesComm - ok
17:08:32.0959 0x0b38 [ F3A5C2E1A6533192B070D06ECF6BE796, CBA11D9E60A04A0B82C6934A53EA859513CD476FF047DD3D59727B10CE7DB2DA ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:08:32.0993 0x0b38 wcncsvc - ok
17:08:33.0028 0x0b38 [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:08:33.0032 0x0b38 WcsPlugInService - ok
17:08:33.0070 0x0b38 [ AFC5AD65B991C1E205CF25CFDBF7A6F4, 544173AE85A11B99B9221DB30B6803DAEB3EB7FCA57FE62F0D13EF70B9C69A89 ] Wd C:\Windows\system32\drivers\wd.sys
17:08:33.0073 0x0b38 Wd - ok
17:08:33.0127 0x0b38 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96, 6A6EFFDB538DE1E201058A00F3E056F1256E92EED943FBFBCE28E54BE751E33D ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:08:33.0168 0x0b38 Wdf01000 - ok
17:08:33.0201 0x0b38 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:08:33.0207 0x0b38 WdiServiceHost - ok
17:08:33.0213 0x0b38 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:08:33.0218 0x0b38 WdiSystemHost - ok
17:08:33.0283 0x0b38 [ CF9A5F41789B642DB967021DE06A2713, A541F9D87CBDE2A4E48C5D5363736EF603B2701741D3044232474F179884AD7B ] WebClient C:\Windows\System32\webclnt.dll
17:08:33.0338 0x0b38 WebClient - ok
17:08:33.0356 0x0b38 [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:08:33.0381 0x0b38 Wecsvc - ok
17:08:33.0415 0x0b38 [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:08:33.0431 0x0b38 wercplsupport - ok
17:08:33.0465 0x0b38 [ FD1965AAA112C6818A30AB02742D0461, 6779D836934412907390DC85FA2A8C3BB1CC31FD4151830275B773FD13CFFBC2 ] WerSvc C:\Windows\System32\WerSvc.dll
17:08:33.0484 0x0b38 WerSvc - ok
17:08:33.0562 0x0b38 [ 4DACA8F07537D4D7E3534BB99294AA26, 8418B5A83D945FF1827C5B19A57BE7FFE1FD523C6795B0ACE88E4A906C82BA2C ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
17:08:33.0619 0x0b38 winachsf - ok
17:08:33.0688 0x0b38 [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
17:08:33.0700 0x0b38 WinDefend - ok
17:08:33.0707 0x0b38 WinHttpAutoProxySvc - ok
17:08:33.0791 0x0b38 [ 00B79A7C984678F24CF052E5BEB3A2F5, 4D8E4394C926D2B1C71613D309F2D62A663B0ADB73A036F5E9E7D1AFF605CA2A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:08:33.0798 0x0b38 Winmgmt - ok
17:08:33.0927 0x0b38 [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM C:\Windows\system32\WsmSvc.dll
17:08:34.0231 0x0b38 WinRM - ok
17:08:34.0292 0x0b38 [ 275F4346E569DF56CFB95243BD6F6FF0, 9C85246BF99119DBD6E0B5D38F96B8BC00F3C87618D17BC0E0A063A0D9A03440 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:08:34.0330 0x0b38 Wlansvc - ok
17:08:34.0447 0x0b38 [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
17:08:34.0450 0x0b38 WmiAcpi - ok
17:08:34.0485 0x0b38 [ ABA4CF9F856D9A3A25F4DDD7690A6E9D, 07C1DAF3DA3CDA84FBE4C7576372115FCAAAAFC332F252C03625E53C7F3C6EE5 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:08:34.0491 0x0b38 wmiApSrv - ok
17:08:34.0867 0x0b38 [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
17:08:34.0956 0x0b38 WMPNetworkSvc - ok
17:08:35.0017 0x0b38 [ 5D94CD167751294962BA238D82DD1BB8, 62C7A31706F1C33A2C1C68006191AEE85A98885D23EC582EF2F88AAF604AC9A7 ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:08:35.0031 0x0b38 WPCSvc - ok
17:08:35.0053 0x0b38 [ 396D406292B0CD26E3504FFE82784702, 5F9015BB515AC13D4DFE8F4B532352CF2C5B61DEFD3D0D61BCD82C781D36E7AF ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:08:35.0060 0x0b38 WPDBusEnum - ok
17:08:35.0206 0x0b38 [ 0CEC23084B51B8288099EB710224E955, E1AAB1E08E1745313D0A149A645AA878148D2DBE5CCC23C4ECCFC5003945C22B ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
17:08:35.0210 0x0b38 WpdUsb - ok
17:08:35.0341 0x0b38 [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
17:08:35.0392 0x0b38 WPFFontCache_v0400 - ok
17:08:35.0461 0x0b38 [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:08:35.0496 0x0b38 ws2ifsl - ok
17:08:35.0533 0x0b38 [ 683DD16B590372F2C9661D277F35E49C, 29D86389D95256EEF37BA01D403494385015D926E851A39EC7948FF6EF4E8481 ] wscsvc C:\Windows\system32\wscsvc.dll
17:08:35.0552 0x0b38 wscsvc - ok
17:08:35.0557 0x0b38 WSearch - ok
17:08:36.0029 0x0b38 [ 6298277B73C77FA99106B271A7525163, 9E076697F025167B57D8D66ED0862B184D70324E058BFA36E42D0C6728720B31 ] wuauserv C:\Windows\system32\wuaueng.dll
17:08:36.0420 0x0b38 wuauserv - ok
17:08:36.0772 0x0b38 [ AC13CB789D93412106B0FB6C7EB2BCB6, 8F5B0BD0CBBAB182A400F8994D4727BC0C978D749B6429A2D41B412AE97428B6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:08:36.0778 0x0b38 WUDFRd - ok
17:08:36.0800 0x0b38 [ 575A4190D989F64732119E4114045A4F, 373C344B106AFDB1E6125A21DFE28CA6CFC77FA87FE904656A4F209DB2ED69C7 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:08:36.0805 0x0b38 wudfsvc - ok
17:08:36.0838 0x0b38 [ 5A7FF9A18FF6D7E0527FE3ABF9204EF8, 3660379AADB6DB56E54D9C680929CD3882CDE4E6A8BB888FC892110D6B50C627 ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
17:08:36.0841 0x0b38 XAudio - ok
17:08:36.0871 0x0b38 [ 28DC5D626E036A75A572556F0A6EB1F6, 9AE635C08B87AD85A552ADE0AF8BA10DC258E0DEFE133A2A74EFCD43B7A38A98 ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
17:08:36.0933 0x0b38 XAudioService - ok
17:08:36.0945 0x0b38 ================ Scan global ===============================
17:08:37.0018 0x0b38 [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
17:08:37.0146 0x0b38 [ F42F8855CB5C22E203C6672B124F17FD, 3A1BBCC916A02CFB5621FD32B336DDACCFBFB4E418B7FA48653DF2FA1CF563A5 ] C:\Windows\system32\winsrv.dll
17:08:37.0241 0x0b38 [ F42F8855CB5C22E203C6672B124F17FD, 3A1BBCC916A02CFB5621FD32B336DDACCFBFB4E418B7FA48653DF2FA1CF563A5 ] C:\Windows\system32\winsrv.dll
17:08:37.0373 0x0b38 [ 2B336AB6286D6C81FA02CBAB914E3C6C, C5ADF6D5BFC00375BA6D0E5D96F36D36ADFBF66325A48358C6317E387FB220EC ] C:\Windows\system32\services.exe
17:08:37.0422 0x0b38 [ Global ] - ok
17:08:37.0428 0x0b38 ================ Scan MBR ==================================
17:08:37.0463 0x0b38 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
17:08:39.0906 0x0b38 \Device\Harddisk0\DR0 - ok
17:08:39.0956 0x0b38 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR2
17:08:39.0991 0x0b38 \Device\Harddisk1\DR2 - ok
17:08:39.0993 0x0b38 ================ Scan VBR ==================================
17:08:40.0032 0x0b38 [ 2FF9357D589AE84717398A93BCC56E8B ] \Device\Harddisk0\DR0\Partition1
17:08:40.0058 0x0b38 \Device\Harddisk0\DR0\Partition1 - ok
17:08:40.0084 0x0b38 [ 8BF3C2DFC2C0DF9255A43749D01A0678 ] \Device\Harddisk0\DR0\Partition2
17:08:40.0241 0x0b38 \Device\Harddisk0\DR0\Partition2 - ok
17:08:40.0248 0x0b38 [ 1FE9AD2C9FAF0B103E9111E53D3B150B ] \Device\Harddisk1\DR2\Partition1
17:08:40.0251 0x0b38 \Device\Harddisk1\DR2\Partition1 - ok
17:08:40.0252 0x0b38 ================ Scan generic autorun ======================
17:08:40.0560 0x0b38 [ D8B83790F45403B83D24FC63310E3BC7, 627245DC56B55EC3851DC6BA594175841EA38D67C27A53B020C9C97859257AA4 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
17:08:40.0659 0x0b38 SynTPEnh - ok
17:08:40.0834 0x0b38 [ 23242FD6C7D4C61807E84FD3A79248C4, 6E53D0815B4552A05A0EC28871E5E9F0D14815FB52FCDD612C96050B7093493C ] C:\Windows\OEM02Mon.exe
17:08:40.0857 0x0b38 OEM02Mon.exe - ok
17:08:40.0898 0x0b38 [ FF850C34ECDD73EB989D3B0CAA36229E, E7F54E33E0CE20BD14F098476A1D34BD8E0D651974FAD984F2A5AA9AF8CAA405 ] C:\Windows\system32\igfxtray.exe
17:08:40.0932 0x0b38 IgfxTray - ok
17:08:40.0987 0x0b38 [ E23BF454E2B9049B3093033E0735E39C, 2701E102CB3E1590284542A04F8C4BC27830662F038E1E09F3E2911FA03878B6 ] C:\Windows\system32\hkcmd.exe
17:08:40.0996 0x0b38 HotKeysCmds - ok
17:08:41.0098 0x0b38 [ 27BD1461ED8E7F84BFBA1A34F51F5CCF, 8C51769C922989EF28B6C42C6C0FFCFE6F3BD5131118CBBD0D8F68C610EEB174 ] C:\Windows\system32\igfxpers.exe
17:08:41.0153 0x0b38 Persistence - ok
17:08:41.0222 0x0b38 [ 96B3C4E20F02CA16AA1E3E425BFFCC8B, F94A548244071D406BDD6F770D4705B92F5485CA509B699A33472DFE7563BA39 ] C:\Windows\WindowsMobile\wmdc.exe
17:08:41.0315 0x0b38 Windows Mobile Device Center - ok
17:08:41.0455 0x0b38 [ DAC9B43BBFA0359E252DDB0CB91DEA6D, 2A109ABECF757567735C439663ED618B49EF7749ABEE6AEF8A100B2028C31A38 ] C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
17:08:41.0506 0x0b38 DELL Webcam Manager - ok
17:08:41.0603 0x0b38 [ FF3BF05021BFECC92DB81B8257EEB026, E09DF383DCFF34B8B9491AF258220117A1CDFBA544F90A70E954BF54E4A0521D ] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
17:08:41.0648 0x0b38 ISUSScheduler - ok
17:08:41.0686 0x0b38 [ 1AAD451CCBECE62987591B35AE8037A8, 5B94F0493CDC62B275A27BE4948A82EAC9D7EB6610CBE4362E018B87759692E5 ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
17:08:41.0811 0x0b38 RoxWatchTray - ok
17:08:41.0924 0x0b38 [ 267B3A856E9F4DB1CABD4E6DB71E07D2, E384B0204375A8E9DCAFB3FD6E72442F3E9418812637F4EFA2653F946EBE8E26 ] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe
17:08:41.0962 0x0b38 dscactivate - ok
17:08:42.0027 0x0b38 [ B6687CA43A44F0D8732A22191028912F, 0B6B43143D3B750880884D7E561359467B786A3788BD6FBA105EC24B14A52F79 ] C:\Program Files\Dell\MediaDirect\PCMService.exe
17:08:42.0048 0x0b38 PCMService - ok
17:08:42.0215 0x0b38 [ 8B9145D229D4E89D15ACB820D4A3A90F, F3831D9AE752B6AFBD3380E0BC849E4B051D6E06A88C1F61293A6DE4F66794E1 ] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
17:08:42.0269 0x0b38 Adobe Reader Speed Launcher - ok
17:08:42.0550 0x0b38 [ 485A4912B2D639694F836451A2B30435, B913073813BD933D882AC9ABC5CE84F96D3238622FFA97BDE8EDED629454F778 ] C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
17:08:42.0832 0x0b38 SigmatelSysTrayApp - ok
17:08:44.0279 0x0b38 [ 06105D08927E3498B3D380CBF0688E78, 76CEBECFBEC01C75A94E0A3E04B5AEDB5ECA0C19EBCDC8F30009B09678510D73 ] C:\Program Files\AVG\AVG10\avgtray.exe
17:08:45.0507 0x0b38 AVG_TRAY - ok
17:08:45.0727 0x0b38 [ 5944DC25A337F489679388E3308DD6AC, 0CC6F129B67DAE67DE0278AA68AFA6597EACA1521E19099109DEFCB0D386FCA1 ] C:\Program Files\Winamp\winampa.exe
17:08:45.0847 0x0b38 WinampAgent - ok
17:08:46.0080 0x0b38 [ F96EBC5A624349D81DCC7600A3C5DC43, 7812184AFC24F7A245D3D140EB0C1A4A23E73B34BC0A8C1556715368086F0376 ] C:\Windows\system32\conime.exe
17:08:46.0175 0x0b38 Conime - ok
17:08:47.0409 0x0b38 [ 5C59E612AA95F10DBD29F6249EA379D3, CC1B5D70960C49DAEBD0BBFA908A1F6D823FCF5030AEBEEA646A04DAC338579B ] C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
17:08:49.0042 0x0b38 EKStatusMonitor - ok
17:08:49.0958 0x0b38 [ BB3B08157FA22769B7ED9D2C44081D5A, 0653EA6D992A9FA09BB1756F6671C8FD9D518C60471B0F6420A7FC1DA2D3B6FA ] C:\Windows\system32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe
17:08:51.0375 0x0b38 EKIJ5000StatusMonitor - ok
17:08:51.0643 0x0b38 [ FD278E51A7D6F52D22FCE6C67E037AD6, F0FF20E00AD3EE17A2E46B1B6D099E87330BBE57941F6DB1D8159D70EFD2CFEB ] C:\Program Files\Windows Sidebar\Sidebar.exe
17:08:51.0707 0x0b38 Sidebar - ok
17:08:51.0714 0x0b38 WindowsWelcomeCenter - ok
17:08:51.0903 0x0b38 [ FD278E51A7D6F52D22FCE6C67E037AD6, F0FF20E00AD3EE17A2E46B1B6D099E87330BBE57941F6DB1D8159D70EFD2CFEB ] C:\Program Files\Windows Sidebar\Sidebar.exe
17:08:51.0942 0x0b38 Sidebar - ok
17:08:51.0949 0x0b38 WindowsWelcomeCenter - ok
17:08:52.0089 0x0b38 [ BF08674925F151BD4537B89A493E3E0C, 6A97562E998A2B90649FF7986313AD33823053FF98BBE163AD39AAA5E01FC545 ] C:\Windows\ehome\ehTray.exe
17:08:52.0094 0x0b38 ehTray.exe - ok
17:08:52.0862 0x0b38 [ FD1AAB63DA3A91A04F34E64CF047309E, 2E17BC863C57BA02180F5DEE8D5D93D096DC9D868AF5402EF842E16B89794377 ] C:\Users\Holly Chapman\AppData\Roaming\uTorrent\uTorrent.exe
17:08:53.0426 0x0b38 uTorrent - ok
17:08:53.0625 0x0b38 [ 98D7C3F58884D89D1F16F4F77BCD00EE, 0C97B2D85205D0F573B2D0C3E61C9EB42B43786252F0B86761FAD1F361EDEFED ] C:\Program Files\Uniblue\DriverScanner\launcher.exe
17:08:53.0803 0x0b38 DriverScanner - ok
17:08:53.0912 0x0b38 [ 6D9E1356A9C1B5F36698FAFF9205E34A, A7E37C2C0F1F35F5434144D5F1D282858D6B3CE995BE6612BA22FB7E83793F77 ] C:\Program Files\Xvid\CheckUpdate.exe
17:08:53.0914 0x0b38 Xvid - ok
17:08:53.0915 0x0b38 Waiting for KSN requests completion. In queue: 8
17:08:55.0112 0x0b38 Win FW state via NFP2: enabled
17:08:55.0286 0x0b38 ============================================================
17:08:55.0286 0x0b38 Scan finished
17:08:55.0286 0x0b38 ============================================================
17:08:55.0298 0x0804 Detected object count: 0
17:08:55.0298 0x0804 Actual detected object count: 0
 
Hi Holsten87,

What error message, if any do you get when trying to install SP2?
 
Hi Holsten87,

Farbar Service Scanner

Please download Farbar Service Scanner and save it to your desktop.
  • Right click and select "Run as Administrator"
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.
=========================

In your next post please provide the following:
  • FSS.txt
 
Hi OCD,

Here is the Farbar Service Scanner log:

Farbar Service Scanner Version: 10-06-2014
Ran by Holly Chapman (administrator) on 03-07-2014 at 19:37:20
Running from "C:\Users\Holly Chapman\Downloads"
Windows Vista (TM) Home Premium Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => File is digitally signed
C:\Windows\system32\Drivers\nsiproxy.sys => File is digitally signed
C:\Windows\system32\dhcpcsvc.dll => File is digitally signed
C:\Windows\system32\Drivers\afd.sys => File is digitally signed
C:\Windows\system32\Drivers\tdx.sys => File is digitally signed
C:\Windows\system32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\system32\dnsrslvr.dll => File is digitally signed
C:\Windows\system32\mpssvc.dll => File is digitally signed
C:\Windows\system32\bfe.dll => File is digitally signed
C:\Windows\system32\Drivers\mpsdrv.sys => File is digitally signed
C:\Windows\system32\SDRSVC.dll => File is digitally signed
C:\Windows\system32\vssvc.exe => File is digitally signed
C:\Windows\system32\wscsvc.dll => File is digitally signed
C:\Windows\system32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\system32\wuaueng.dll => File is digitally signed
C:\Windows\system32\qmgr.dll => File is digitally signed
C:\Windows\system32\es.dll => File is digitally signed
C:\Windows\system32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed


**** End of log ****
 
Hi Holsten87,

Tweaking.com - Windows Repair

Disable your Anti-Virus software BEFORE running this tool.
Tutorials: here.

=========================

Download Tweaking.com Windows Repair from here or here and save it to your desktop.
  • Windows XP : Double click on the icon to run it.
  • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
Once the program opens you will be at the Welcome tab.



=========================

Step 4: Create a System Restore Point & Create a Registry Back-up



Create a Restore Point:
  • Select the Create button to create a new restore point
  • Wait, confirmation will be displayed below the Restore button
=========================

Back-up the Registry:
  • Select the Back-up button,Tweaking.com Registry Back-up window will open and begin the back-up
  • It will close automatically. (that's normal)
=========================

Step 5: Start Repairs



Select the Start button to continue, the window below will open.

Repair Window settings



In the Repair Options window, place a check mark next to the following items: (not select all)

  • Reset Registry Permissions
  • Reset File Permissions
  • Repair WMI
  • Repair Windows Firewall
  • Repair Internet Explorer
  • Repair Hosts File
  • Remove Policies Set By Infections
  • Repair Winsock & DNS Cache
  • Repair Windows Updates
  • Repair MSI (Windows Installer)
  • Restore Important Windows Services
  • Set Windows Services To Default Startup
=========================

  • Locate the Restart/Shutdown System when Finished, select the box, then choose Restart System
  • Click the Start button, a DOS window will/may appear during the repair process.
  • Acknowledge the System reboot when finished

=========================

Log files can be located by going to the Settings tab in the Windows Repair program and clicking the Open Log Folder button
The default location for the logs is : C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs\

=========================

In your next post please provide the following:
  • Windows Repair Log (default location listed above)
 
Hi OCD,

I've run the repair. When I disabled AVG I only had the option to disable it for up to 15mins, and so had to re-disable during the repair process twice. Hopefully this didn't cause any problems. Please see the repair log below:


System Variables
--------------------------------------------------------------------------------
OS: Windows Vista (TM) Home Premium
OS Architecture: 32-bit
OS Version: 6.0.6001
OS Service Pack: Service Pack 1
Computer Name: THE-BEAST
Windows Drive: C:\
Windows Path: C:\Windows
Current Profile: C:\Users\Holly Chapman
Current Profile SID: S-1-5-21-1025113376-2626304966-3518894149-1000
Current Profile Classes: S-1-5-21-1025113376-2626304966-3518894149-1000_Classes
Profiles Location: C:\Users
Profiles Location 2: C:\Windows\ServiceProfiles
Local Settings AppData: C:\Users\Holly Chapman\AppData\Local
--------------------------------------------------------------------------------

System Information
--------------------------------------------------------------------------------
System Up Time: 0 Days 01:36:50

Process Count: 66
Commit Total: 1.46 GB
Commit Limit: 4.22 GB
Commit Peak: 1.83 GB
Handle Count: 18980
Kernel Total: 184.18 MB
Kernel Paged: 92.34 MB
Kernel Non Paged: 91.84 MB
System Cache: 994.71 MB
Thread Count: 803
--------------------------------------------------------------------------------

Memory Before Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 1.99 GB
Memory Used: 1.22 GB(61.1954%)
Memory Avail.: 790.57 MB
--------------------------------------------------------------------------------

Cleaning Memory Before Starting Repairs...

Memory After Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 1.99 GB
Memory Used: 960.92 MB(47.166%)
Memory Avail.: 1.05 GB
--------------------------------------------------------------------------------

Starting Repairs...
Start (06/07/2014 10:41:18)

01 - Reset Registry Permissions 01/03
HKEY_CURRENT_USER & Sub Keys
Start (06/07/2014 10:41:23)
Running Repair Under Current User Account
Done (06/07/2014 10:41:57)

01 - Reset Registry Permissions 02/03
HKEY_LOCAL_MACHINE & Sub Keys
Start (06/07/2014 10:41:57)
Running Repair Under System Account
Done (06/07/2014 10:51:30)

01 - Reset Registry Permissions 03/03
HKEY_CLASSES_ROOT & Sub Keys
Start (06/07/2014 10:51:30)
Running Repair Under System Account
Done (06/07/2014 10:53:52)

02 - Reset File Permissions: C:
C: & Sub Folders
Start (06/07/2014 10:53:52)
Running Repair Under System Account
Done (06/07/2014 11:01:49)

02 - Reset File Permissions: D:
D: & Sub Folders
Start (06/07/2014 11:01:49)
Running Repair Under System Account
Done (06/07/2014 11:02:15)

02 - Reset File Permissions: All Profiles
C:\Users & Sub Folders
Start (06/07/2014 11:02:15)
Running Repair Under System Account
Done (06/07/2014 11:05:32)

02 - Reset File Permissions: Current Profile
C:\Users\Holly Chapman & Sub Folders
Start (06/07/2014 11:05:32)
Running Repair Under System Account
Done (06/07/2014 11:08:38)

02 - Reset File Permissions: Cleanup
Repairing Restricted Folders Permissions To Avoid Infinite Loops
Start (06/07/2014 11:08:38)
Running Repair Under System Account
Processing ACL of: <\\?\C:\Documents and Settings>

SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Desktop>

SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Documents>

SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Favorites>

SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Start Menu>

SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Templates>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Desktop>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Documents>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Favorites>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Start Menu>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Templates>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default User>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Cookies>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Local Settings>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\My Documents>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\NetHood>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\PrintHood>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Recent>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\SendTo>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Start Menu>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Templates>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\AppData\Local\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\AppData\Local\History>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\AppData\Local\Temporary Internet Files>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Documents\My Music>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Documents\My Pictures>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Documents\My Videos>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Public\Documents\My Music>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Public\Documents\My Pictures>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Public\Documents\My Videos>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Administrator\Application Data>
Reading the SD from <\\?\C:\Users\Administrator\Application Data> failed with: The system cannot find the file specified.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.

Processing ACL of: <\\?\C:\Users\Administrator\Cookies>
Reading the SD from <\\?\C:\Users\Administrator\Cookies> failed with: The system cannot find the file specified.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.

Processing ACL of: <\\?\C:\Users\Administrator\Local Settings>
Reading the SD from <\\?\C:\Users\Administrator\Local Settings> failed with: The system cannot find the file specified.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.

Processing ACL of: <\\?\C:\Users\Administrator\My Documents>
Reading the SD from <\\?\C:\Users\Administrator\My Documents> failed with: The system cannot find the file specified.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.

Processing ACL of: <\\?\C:\Users\Administrator\NetHood>
Reading the SD from <\\?\C:\Users\Administrator\NetHood> failed with: The system cannot find the file specified.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.

Processing ACL of: <\\?\C:\Users\Administrator\PrintHood>
Reading the SD from <\\?\C:\Users\Administrator\PrintHood> failed with: The system cannot find the file specified.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.

Processing ACL of: <\\?\C:\Users\Administrator\Recent>
Reading the SD from <\\?\C:\Users\Administrator\Recent> failed with: The system cannot find the file specified.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.

Processing ACL of: <\\?\C:\Users\Administrator\SendTo>
Reading the SD from <\\?\C:\Users\Administrator\SendTo> failed with: The system cannot find the file specified.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.

Processing ACL of: <\\?\C:\Users\Administrator\Start Menu>
Reading the SD from <\\?\C:\Users\Administrator\Start Menu> failed with: The system cannot find the file specified.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.

Processing ACL of: <\\?\C:\Users\Administrator\Templates>
Reading the SD from <\\?\C:\Users\Administrator\Templates> failed with: The system cannot find the file specified.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.

Processing ACL of: <\\?\C:\Users\Administrator\AppData\Local\Application Data>
Reading the SD from <\\?\C:\Users\Administrator\AppData\Local\Application Data> failed with: The system cannot find the file specified.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.

Processing ACL of: <\\?\C:\Users\Administrator\AppData\Local\History>
Reading the SD from <\\?\C:\Users\Administrator\AppData\Local\History> failed with: The system cannot find the file specified.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.

Processing ACL of: <\\?\C:\Users\Administrator\AppData\Local\Temporary Internet Files>
Reading the SD from <\\?\C:\Users\Administrator\AppData\Local\Temporary Internet Files> failed with: The system cannot find the file specified.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.

Processing ACL of: <\\?\C:\Users\Administrator\Documents\My Music>
Reading the SD from <\\?\C:\Users\Administrator\Documents\My Music> failed with: The system cannot find the path specified.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the path specified.

Processing ACL of: <\\?\C:\Users\Administrator\Documents\My Pictures>
Reading the SD from <\\?\C:\Users\Administrator\Documents\My Pictures> failed with: The system cannot find the path specified.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the path specified.

Processing ACL of: <\\?\C:\Users\Administrator\Documents\My Videos>
Reading the SD from <\\?\C:\Users\Administrator\Documents\My Videos> failed with: The system cannot find the path specified.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the path specified.

Processing ACL of: <\\?\C:\Users\Holly Chapman\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Holly Chapman\Cookies>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Holly Chapman\Local Settings>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Holly Chapman\My Documents>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Holly Chapman\NetHood>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Holly Chapman\PrintHood>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Holly Chapman\Recent>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Holly Chapman\SendTo>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Holly Chapman\Start Menu>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Holly Chapman\Templates>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Holly Chapman\AppData\Local\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Holly Chapman\AppData\Local\History>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Holly Chapman\AppData\Local\Temporary Internet Files>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Holly Chapman\Documents\My Music>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Holly Chapman\Documents\My Pictures>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Holly Chapman\Documents\My Videos>

SetACL finished successfully.
Done (06/07/2014 11:08:42)

05 - Repair WMI
Start (06/07/2014 11:08:42)

Starting Security Center So We Can Export The Security Info.

Exporting Antivirus Info...
No Antivirus Products Reported.

Exporting AntiSpyware Info...
No AntiSpyware Products Reported.

Exporting 3rd Party Firewall Info...
No Firewall Products Reported.

Running Repair Under Current User Account
Done (06/07/2014 11:10:30)

06 - Repair Windows Firewall
Start (06/07/2014 11:10:30)
Running Repair Under Current User Account
Running Repair Under System Account
Done (06/07/2014 11:11:10)

07 - Repair Internet Explorer
Start (06/07/2014 11:11:10)
Running Repair Under Current User Account
Running Repair Under System Account
Done (06/07/2014 11:11:59)

09 - Repair Hosts File
Start (06/07/2014 11:11:59)
Running Repair Under System Account
Done (06/07/2014 11:12:01)

10 - Remove Policies Set By Infections
Start (06/07/2014 11:12:01)
Running Repair Under Current User Account
Running Repair Under System Account
Done (06/07/2014 11:12:06)

14 - Remove Temp Files
Start (06/07/2014 11:12:06)
Running Repair Under System Account
Done (06/07/2014 11:12:17)

17 - Repair Windows Updates
Start (06/07/2014 11:12:17)
Running Repair Under Current User Account
Running Repair Under System Account
Done (06/07/2014 11:13:22)

21 - Repair MSI (Windows Installer)
Start (06/07/2014 11:13:22)
Running Repair Under Current User Account
Running Repair Under System Account
Done (06/07/2014 11:13:35)

26 - Restore Important Windows Services
Start (06/07/2014 11:13:35)
Running Repair Under Current User Account
Running Repair Under System Account
Done (06/07/2014 11:13:44)

27 - Set Windows Services To Default Startup
Start (06/07/2014 11:13:44)
Running Repair Under Current User Account
Running Repair Under System Account
Done (06/07/2014 11:13:49)

Cleaning up empty logs...

All Selected Repairs Done.
Done (06/07/2014 11:13:49)
Total Repair Time: 00:32:32


...YOU MUST RESTART YOUR SYSTEM...
Running Repair Under Current User Account
 
Hi Holsten87,

Thanks for the log. Now, referring back to my instructions from post # 5 see if you can update to SP2.

Reply with the results.
 
Hi OCD,

I'm still having trouble with the SP2 update, this time I'm getting error message:
Class not registered
REGDB_E_CLASSNOTREG(0x80040154)
 
Hi Holsten87,

Obviously, getting this corrected is getting a bit frustrating. Let's move onto getting the computer clean, then refocus on the update issue.

Your system is severely fragmented, let's try running the defrag utility.
Total Fragmentation on Drive C: 34 % Defragment your hard drive soon!

Disk Defragmenter for Vista
  • Open Disk Defragmenter by clicking the Start button, > All Programs, > Accessories, > System Tools and then clicking Disk Defragmenter..
  • If you are prompted for an administrator password or confirmation, type the password or provide confirmation.
  • Click Defragment Now.
Disk Defragmenter might take from several minutes to a few hours to finish, depending on the size and degree of fragmentation of your hard disk. You can still use your computer during the defragmentation process.

Tutorial: http://windows.microsoft.com/en-US/windows-vista/improve-performance-by-defragmenting-your-hard-disk

=========================

Reply with results.
 
Hi OCD,

Sorry for the late reply, I was away for the last three days. Just doing the defrag now (it's taking a little while but I guess that is to be expected considering the state of my harddrive). I will post the results asap.
 
Hi OCD,

Unfortunately not. I had it on all day yesterday and it didn't completed the defrag process. My PC seems to be very slow starting up now however. Should I keep trying? Is it ok to keep stopping and starting the degrag process?
 
Status
Not open for further replies.
Back
Top