Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Using computer again/ CPU maxes out/ runs slow [Closed]


  • This topic is locked This topic is locked

#1
dave423

dave423

    Member

  • Member
  • PipPip
  • 62 posts

I haven't used this little ASUS netbook in a while, but I'm scheduled for open heart surgery in a couple of weeks and wanted to take it along for the hospital stay.  My wife has used it for games and may have been on some dodgey sites. I ran Hit Man pro/ Super Anti Spywear/ and MSE and removed all cookies. It still loads up the CPU and sometimes will jump to a different screen in the middle of something. Here are the scans you  required:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-05-2015 01
Ran by owner (administrator) on OWNER-PC on 14-05-2015 13:18:02
Running from C:\Users\owner\Downloads
Loaded Profiles: owner &  (Available profiles: owner)
Platform: Microsoft Windows 7 Starter  Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
() C:\Windows\System32\AsusService.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(ASUS) C:\Windows\AsScrPro.exe
() C:\Program Files\ASUS\Eee Docking\Eee Docking.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\ASUS\LiveUpdate\LiveUpdate.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(ASUSTeK Computer Inc.) C:\Program Files\EeePC\HotkeyService\HotkeyService.exe
(ASUSTeK Computer Inc.) C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe
(ASUSTeK Computer Inc.) C:\Program Files\EeePC\SHE\SuperHybridEngine.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
() C:\Users\owner\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\Windows-KB890830-V5.24.exe
(Microsoft Corporation) C:\0b7d2a87d8783290ec785185\mrtstub.exe
(Microsoft Corporation) C:\Windows\System32\MRT.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ASUS Screen Saver Protector] => C:\Windows\AsScrPro.exe [3058304 2009-11-10] (ASUS)
HKLM\...\Run: [Eee Docking] => C:\Program Files\ASUS\Eee Docking\Eee Docking.exe [402608 2009-09-25] ()
HKLM\...\Run: [LiveUpdate] => C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe [803304 2009-08-27] ()
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1545512 2009-07-20] (Synaptics Incorporated)
HKLM\...\Run: [HotkeyMon] => C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe [100328 2009-09-11] (ASUSTeK Computer Inc.)
HKLM\...\Run: [HotkeyService] => C:\Program Files\EeePC\HotkeyService\HotkeyService.exe [1021424 2009-10-17] (ASUSTeK Computer Inc.)
HKLM\...\Run: [SuperHybridEngine] => C:\Program Files\EeePC\SHE\SuperHybridEngine.exe [413688 2009-10-26] (ASUSTeK Computer Inc.)
HKLM\...\Run: [SynAsusAcpi] => C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [83240 2009-07-20] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7744032 2009-09-29] (Realtek Semiconductor)
HKLM\...\Run: [OOBESetup] => C:\Program Files\asus\OOBERegBackup\OOBERegBackup.exe [338096 2009-09-30] (ASUSTeK Computer Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [978520 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [ASUSWebStorage] => C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [737104 2011-07-29] (ecareme)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [SPReview] => C:\windows\System32\SPReview\SPReview.exe [280576 2013-05-19] (Microsoft Corporation)
HKU\S-1-5-21-3413888707-1841287775-265487829-1000\...\Run: [Google Update] => C:\Users\owner\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-05-16] (Google Inc.)
HKU\S-1-5-21-3413888707-1841287775-265487829-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6718744 2015-05-12] (SUPERAntiSpyware)
HKU\S-1-5-21-3413888707-1841287775-265487829-1000\...\Run: [Amazon Cloud Player] => C:\Users\owner\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3113792 2013-05-29] ()
HKU\S-1-5-21-3413888707-1841287775-265487829-1000\...\Run: [OneDrive] => C:\Users\owner\AppData\Local\Microsoft\OneDrive\OneDrive.exe [281248 2015-04-06] (Microsoft Corporation)
HKU\S-1-5-21-3413888707-1841287775-265487829-1000\...\MountPoints2: {4aa5404d-a71c-11e4-8d91-e0cb4e8fc6a9} - D:\LaunchU3.exe -a
HKU\S-1-5-21-3413888707-1841287775-265487829-1000\...\MountPoints2: {4aa54057-a71c-11e4-8d91-e0cb4e8fc6a9} - D:\LaunchU3.exe -a
HKU\S-1-5-21-3413888707-1841287775-265487829-1000\...\MountPoints2: {bab43fed-6015-11e4-b3f0-e0cb4e8fc6a9} - D:\iStudio.exe
HKU\S-1-5-21-3413888707-1841287775-265487829-1000\...\Winlogon: [Shell] C:\Program Files\asus\SystemSetting\WallPaperAgent.exe [115888 2009-09-25] (ASUSTeK Computer Inc.) <==== ATTENTION
HKU\S-1-5-21-3413888707-1841287775-265487829-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\WLXPGSS.SCR [307576 2009-02-06] (Microsoft Corporation)
HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Google Update] => C:\Users\owner\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-05-16] (Google Inc.)
HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6718744 2015-05-12] (SUPERAntiSpyware)
HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Amazon Cloud Player] => C:\Users\owner\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3113792 2013-05-29] ()
HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [OneDrive] => C:\Users\owner\AppData\Local\Microsoft\OneDrive\OneDrive.exe [281248 2015-04-06] (Microsoft Corporation)
HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {4aa5404d-a71c-11e4-8d91-e0cb4e8fc6a9} - D:\LaunchU3.exe -a
HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {4aa54057-a71c-11e4-8d91-e0cb4e8fc6a9} - D:\LaunchU3.exe -a
HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {bab43fed-6015-11e4-b3f0-e0cb4e8fc6a9} - D:\iStudio.exe
HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Winlogon: [Shell] C:\Program Files\asus\SystemSetting\WallPaperAgent.exe [115888 2009-09-25] (ASUSTeK Computer Inc.) <==== ATTENTION
HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\WLXPGSS.SCR [307576 2009-02-06] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\windows\System32\SPReview\SPReview.exe [280576 2013-05-19] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk [2013-05-19]
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\owner\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll [2015-04-06] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\owner\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll [2015-04-06] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\owner\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll [2015-04-06] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {CC5FC992-B0AA-47CD-9DC2-83445083CBB8} => C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt.dll [2010-09-02] ()
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {618A47A2-528B-4D9A-AFC8-97D3233511E2} => C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt.dll [2010-09-02] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3413888707-1841287775-265487829-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
HKU\S-1-5-21-3413888707-1841287775-265487829-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://eeepc.asus.com
HKU\S-1-5-21-3413888707-1841287775-265487829-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://eeepc.asus.com
HKU\S-1-5-21-3413888707-1841287775-265487829-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://asus.us.msn.com/?ocid=iehp
HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://eeepc.asus.com
HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://eeepc.asus.com
HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://asus.us.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope value is missing.
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3413888707-1841287775-265487829-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3413888707-1841287775-265487829-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
BHO: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO: ASUS Windows 7 Starter Helper -> {D381FF29-7CFB-4D4E-B92A-C4EDDC696614} -> C:\Program Files\asus\SystemSetting\StarterHelper.dll [2009-09-25] (ASUSTeK Computer Inc.)
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll [2009-02-06] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-07] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll [2009-02-06] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1

FireFox:
========
FF ProfilePath: C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\gbdc3lvi.default
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-05-14] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8064.0206 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-02-06] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-04-14] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3413888707-1841287775-265487829-1000: @tools.google.com/Google Update;version=3 -> C:\Users\owner\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin HKU\S-1-5-21-3413888707-1841287775-265487829-1000: @tools.google.com/Google Update;version=9 -> C:\Users\owner\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=3 -> C:\Users\owner\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=9 -> C:\Users\owner\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\owner\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2014-10-29] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\owner\AppData\Roaming\mozilla\plugins\npo1d.dll [2014-10-29] (Google)
FF Extension: samfind Bookmarks Bar - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\gbdc3lvi.default\Extensions\[email protected] [2013-09-08]
FF Extension: WOT - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\gbdc3lvi.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-01-01]
FF Extension: Unit Layers - C:\Program Files\Mozilla Firefox\extensions\[email protected] [2015-04-06]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-04-06]
FF ExtraCheck: C:\Program Files\mozilla firefox\firefox.cfg [2015-04-06] <==== ATTENTION

Chrome:
=======
CHR HomePage: Default -> https://www.google.com/
CHR DefaultSearchKeyword: Default -> start.sweetim.com
CHR DefaultSearchURL: Default -> http://start.sweetpa...006.10042&st=23
CHR DefaultSuggestURL: Default ->
CHR Plugin: (Shockwave Flash) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.202\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\40.0.2214.111\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\40.0.2214.111\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Google Talk Plugin) - C:\Users\owner\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\owner\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll No File
CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\owner\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Profile: C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Angry Birds) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2013-05-16]
CHR Extension: (Google Docs) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-05-16]
CHR Extension: (Google Drive) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-16]
CHR Extension: (YouTube) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-05-16]
CHR Extension: (Google Cast) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-01-02]
CHR Extension: (Earth for Chrome) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfiocoehplocalbhdpckfoiameeefkna [2013-05-16]
CHR Extension: (Google Search) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-05-16]
CHR Extension: (No Name) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbnipjaemkjjckbnmnpipbojmjfehgcg [2013-06-01]
CHR Extension: (Cigarbid.com Freefall Watcher) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcecdnbdgabpkbkcjepmhicbkmbipjeh [2013-05-16]
CHR Extension: (CigarBid Free Fall Plugin) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\haggdgmfhabhnmfmcmodogfmehljdoco [2013-05-16]
CHR Extension: (Skype Click to Call) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-07-08]
CHR Extension: (The Fancy Pants Adventure: World 2) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\loamdenijebhollnjgehcfbnpeelfhlk [2013-05-16]
CHR Extension: (Facebook Notifications) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmameahlembdcigphohgiodcgjomcgeo [2013-05-20]
CHR Extension: (Google Wallet) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-26]
CHR Extension: (Gmail) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-05-16]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2015-02-01] (SUPERAntiSpyware.com)
R2 AsusService; C:\Windows\System32\AsusService.exe [219136 2009-08-18] () [File not signed]
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [106248 2015-05-12] (SurfRight B.V.)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22184 2015-01-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [284472 2015-01-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsUpIO; C:\windows\System32\drivers\AsUpIO.sys [11448 2009-07-05] ()
R3 hitmanpro37; C:\windows\system32\drivers\hitmanpro37.sys [35992 2015-05-12] ()
R3 kbfiltr; C:\windows\System32\DRIVERS\kbfiltr.sys [13880 2009-07-20] ( )
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-05-13] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)
R0 MpFilter; C:\windows\System32\DRIVERS\MpFilter.sys [239224 2014-11-15] (Microsoft Corporation)
R1 MpKsle5196d2c; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{72613A00-436F-4B40-BE1C-26D7B9F9F47D}\MpKsle5196d2c.sys [39464 2015-05-13] (Microsoft Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 btwaudio; system32\drivers\btwaudio.sys [X]
S3 btwavdt; \SystemRoot\system32\DRIVERS\btwavdt.sys [X]
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; \SystemRoot\system32\DRIVERS\btwrchid.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-14 13:18 - 2015-05-14 13:19 - 00024270 _____ () C:\Users\owner\Downloads\FRST.txt.txt
2015-05-14 13:16 - 2015-05-14 13:18 - 00000000 ____D () C:\FRST
2015-05-14 13:13 - 2015-05-14 13:16 - 00001403 _____ () C:\Users\owner\Desktop\FRST - Shortcut.lnk
2015-05-14 13:08 - 2015-05-14 13:12 - 01144832 _____ (Farbar) C:\Users\owner\Downloads\FRST.exe
2015-05-14 13:08 - 2015-05-14 13:09 - 00000000 ____D () C:\0b7d2a87d8783290ec785185
2015-05-12 20:55 - 2015-05-13 18:38 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-12 20:54 - 2015-05-13 14:41 - 00001060 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-12 20:54 - 2015-05-13 14:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-12 20:53 - 2015-05-13 14:41 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-05-12 20:53 - 2015-04-14 09:37 - 00092888 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-05-12 20:53 - 2015-04-14 09:37 - 00051928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-05-12 20:04 - 2015-05-12 20:04 - 00035992 _____ () C:\windows\system32\Drivers\hitmanpro37.sys
2015-05-12 18:15 - 2015-05-12 18:38 - 00000000 ___SD () C:\windows\system32\GWX

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-14 13:17 - 2009-07-14 00:34 - 00016160 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-14 13:17 - 2009-07-14 00:34 - 00016160 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-14 13:09 - 2013-08-16 03:15 - 00000000 ____D () C:\windows\system32\MRT
2015-05-14 13:09 - 2013-06-22 11:04 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-05-14 13:03 - 2009-11-10 19:42 - 00000000 ____D () C:\ProgramData\Skype
2015-05-14 13:02 - 2014-11-22 11:45 - 00000000 ___RD () C:\Program Files\Skype
2015-05-14 12:53 - 2009-07-13 22:37 - 00000000 ____D () C:\windows\Microsoft.NET
2015-05-14 12:43 - 2013-05-16 19:18 - 00000886 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-14 12:35 - 2013-05-21 21:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-14 12:32 - 2013-05-21 21:23 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-14 12:31 - 2013-05-16 19:31 - 00000908 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3413888707-1841287775-265487829-1000UA.job
2015-05-14 12:21 - 2013-06-22 11:04 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2015-05-14 12:21 - 2013-06-22 11:04 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2015-05-14 12:17 - 2013-05-18 12:46 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-05-13 15:23 - 2013-03-14 15:41 - 00000000 ____D () C:\ProgramData\GoBoingo
2015-05-13 13:06 - 2013-03-14 15:30 - 01253288 _____ () C:\windows\WindowsUpdate.log
2015-05-13 13:03 - 2014-10-28 08:29 - 00000882 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore1cff2aad0fca37c.job
2015-05-13 13:03 - 2013-05-16 19:18 - 00000882 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-13 13:03 - 2009-07-14 00:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-05-13 13:02 - 2009-07-14 00:53 - 00032602 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2015-05-12 20:54 - 2013-05-18 13:35 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Malwarebytes
2015-05-12 20:53 - 2013-05-20 14:31 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2015-05-12 20:53 - 2013-05-18 13:32 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-12 20:31 - 2013-05-16 19:31 - 00000856 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3413888707-1841287775-265487829-1000Core.job
2015-05-12 19:59 - 2009-07-14 00:39 - 00065508 _____ () C:\windows\setupact.log
2015-05-12 18:49 - 2013-06-25 16:36 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-12 18:47 - 2009-07-25 03:50 - 00781298 _____ () C:\windows\system32\PerfStringBackup.INI
2015-05-12 18:37 - 2009-07-14 00:33 - 00334936 _____ () C:\windows\system32\FNTCACHE.DAT
2015-04-30 10:07 - 2013-05-20 06:42 - 137310008 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-04-14 09:37 - 2013-05-20 14:31 - 00023256 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys

==================== Files in the root of some directories =======

2013-05-17 06:58 - 2013-10-28 04:49 - 0007607 _____ () C:\Users\owner\AppData\Local\Resmon.ResmonCfg
2013-05-16 19:50 - 2013-05-16 19:50 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2009-11-10 19:49 - 2009-09-10 11:34 - 0131368 _____ () C:\ProgramData\FullRemove.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-07 19:41

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 14-05-2015 01
Ran by owner at 2015-05-14 13:29:15
Running from C:\Users\owner\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3413888707-1841287775-265487829-500 - Administrator - Disabled)
Guest (S-1-5-21-3413888707-1841287775-265487829-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3413888707-1841287775-265487829-1004 - Limited - Enabled)
owner (S-1-5-21-3413888707-1841287775-265487829-1000 - Administrator - Enabled) => C:\Users\owner

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Amazon Cloud Player (HKU\S-1-5-21-3413888707-1841287775-265487829-1000\...\Amazon Amazon Cloud Player) (Version: 1.0.3.316 - Amazon Services LLC)
Amazon Cloud Player (HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Amazon Amazon Cloud Player) (Version: 1.0.3.316 - Amazon Services LLC)
ASUS WebStorage (HKLM\...\ASUS WebStorage) (Version: 3.0.108.222 - eCareme Technologies, Inc.)
ASUSUpdate for Eee PC (HKLM\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: 1.03.04 - ASUSTeK Computer Inc.)
AsusVibe2.0 (HKLM\...\Asus Vibe2.0) (Version: 2.0.9.157 - ASUSTEK)
Atheros Client Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.10 - Atheros Communications Inc.)
Choice Guard (Version: 1.2.87.0 - Microsoft Corporation) Hidden
ChromecastApp (HKU\S-1-5-21-3413888707-1841287775-265487829-1000\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1383.0 - Google Inc.)
ChromecastApp (HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1383.0 - Google Inc.)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
E-Cam (HKLM\...\{185AFA7A-F63E-450B-94AA-011CAC18090E}) (Version: 2.0.2.1 - )
Eee Docking 3.3.0 (HKLM\...\Eee Docking_is1) (Version: 3.3.0 - ASUSTek Computer Inc.)
Eee PC 1005P Series Screen Saver (HKLM\...\Eee PC 1005P Series) (Version:  - )
EeeSplendid (HKLM\...\{6333FC29-BFE5-4024-AC78-958A1A7555D1}) (Version: 5.1.2.0004 - ASUS)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
FontResizer (HKLM\...\{FAD8718D-950E-468D-BDE2-17D4D6F1EA6A}) (Version: 1.01.0007 - ASUS)
Google Chrome (HKLM\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.241 - SurfRight B.V.)
Hotkey Service (HKLM\...\{71C0E38E-09F2-4386-9977-404D4F6640CD}) (Version: 1.15 - AsusTek Computer)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.14.10.1929 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Junk Mail filter update (Version: 14.0.8064.206 - Microsoft Corporation) Hidden
LiveUpdate (HKLM\...\{38E5A3B1-ADF1-47E0-8024-76310A30EB36}) (Version: 1.19 - Asus)
LocaleMe (HKLM\...\{F58C1D44-4AC9-48E8-9049-7A6CDFCB415C}) (Version: 1.3 - ASUS)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0100-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0100-0410-0000-0000000FF1CE}_OMUI.it-it_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0100-0413-0000-0000000FF1CE}_OMUI.nl-nl_{26257879-B20D-4D30-A429-B387A4890929}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Excel 2007 Help - Aggiornamento (KB963678) (HKLM\...\{90120000-0016-0410-0000-0000000FF1CE}_OMUI.it-it_{9F57BDED-B51B-4D2F-B360-5B4EFAAF0F1A}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - Dutch/Nederlands (HKLM\...\OMUI.nl-nl) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - French/Français (HKLM\...\OMUI.fr-fr) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - German/Deutsch (HKLM\...\OMUI.de-de) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - Italian/Italiano (HKLM\...\OMUI.it-it) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook 2007 Help - Aggiornamento (KB963677) (HKLM\...\{90120000-001A-0410-0000-0000000FF1CE}_OMUI.it-it_{2278E02A-AB15-4BF7-B2B4-5C0EEB4B7EEB}) (Version:  - Microsoft)
Microsoft Office Powerpoint 2007 Help - Aggiornamento (KB963669) (HKLM\...\{90120000-0018-0410-0000-0000000FF1CE}_OMUI.it-it_{C76C02F1-B07F-4974-876A-A18DEC9887C8}) (Version:  - Microsoft)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word 2007 Help - Aggiornamento (KB963665) (HKLM\...\{90120000-001B-0410-0000-0000000FF1CE}_OMUI.it-it_{E5B82DB3-DD7D-4C45-BC5E-09864B26F9BC}) (Version:  - Microsoft)
Microsoft OneDrive (HKU\S-1-5-21-3413888707-1841287775-265487829-1000\...\OneDriveSetup.exe) (Version: 17.3.4726.0226 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\OneDriveSetup.exe) (Version: 17.3.4726.0226 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Mise à jour Microsoft Office Excel 2007 Help  (KB963678) (HKLM\...\{90120000-0016-040C-0000-0000000FF1CE}_OMUI.fr-fr_{B761869A-B85C-40E2-994C-A1CE78AC8F2C}) (Version:  - Microsoft)
Mise à jour Microsoft Office Outlook 2007 Help  (KB963677) (HKLM\...\{90120000-001A-040C-0000-0000000FF1CE}_OMUI.fr-fr_{51EFB347-1F3D-4BAC-8B79-F056B904FE21}) (Version:  - Microsoft)
Mise à jour Microsoft Office Powerpoint 2007 Help  (KB963669) (HKLM\...\{90120000-0018-040C-0000-0000000FF1CE}_OMUI.fr-fr_{C3DCA38E-005E-41BA-A52A-7C3429F351C3}) (Version:  - Microsoft)
Mise à jour Microsoft Office Word 2007 Help  (KB963665) (HKLM\...\{90120000-001B-040C-0000-0000000FF1CE}_OMUI.fr-fr_{81536A04-DBFB-4DB3-978F-0F284590C223}) (Version:  - Microsoft)
Mozilla Firefox 37.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 37.0.1 (x86 en-US)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 33.0.2 - Mozilla)
OOBERegBackup (HKLM\...\OOBERegBackup_is1) (Version:  - ASUSTeK Computer Inc.)
OpenAL (HKLM\...\OpenAL) (Version:  - )
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}) (Version: 3.60.0 - dotPDN LLC)
Ralink RT2860 Wireless LAN Card (HKLM\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 1.2.0.1 - Ralink)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5948 - Realtek Semiconductor Corp.)
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Super Hybrid Engine (HKLM\...\{88F08F98-12BC-4613-81A2-8F9B88CFC73E}) (Version: 2.10 - AsusTek Computer)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1020 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.6.1 - Synaptics Incorporated)
SystemSetting (HKLM\...\SystemSetting_is1) (Version:  - ASUSTeK Computer Inc.)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Update voor Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0413-0000-0000000FF1CE}_OMUI.nl-nl_{5CF7002F-6F49-4482-9564-5614FBE560FA}) (Version:  - Microsoft)
Update voor Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0413-0000-0000000FF1CE}_OMUI.nl-nl_{15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5}) (Version:  - Microsoft)
Update voor Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0413-0000-0000000FF1CE}_OMUI.nl-nl_{A66AE6A1-8D8C-4102-BC18-38CBDE40F809}) (Version:  - Microsoft)
VLC media player 2.0.6 (HKLM\...\VLC media player) (Version: 2.0.6 - VideoLAN)
Warzone 2100-3.1.0 (HKLM\...\Warzone 2100-3.1.0) (Version: 3.1.0 - Warzone 2100 Project)
Windows Driver Package - Broadcom Bluetooth  (07/17/2009 6.2.0.9403) (HKLM\...\B41C7C96D83162A676DA7365ADEFD6C1AF62A4EE) (Version: 07/17/2009 6.2.0.9403 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (07/29/2009 6.1.7100.0) (HKLM\...\B5C82F3814F82FB37F1513B3185399BD88892B08) (Version: 07/29/2009 6.1.7100.0 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8064.0206 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}) (Version: 14.0.8064.206 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\owner\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.25.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\owner\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\owner\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.21.149\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\owner\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\owner\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\owner\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\owner\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.26.9\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\owner\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.25.11\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.26.9\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\owner\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\owner\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncApi.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\owner\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.25.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\owner\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\owner\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.21.149\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\owner\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\owner\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\owner\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\owner\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.26.9\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\owner\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.25.11\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.26.9\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\owner\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\owner\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncApi.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File

==================== Restore Points  =========================

01-02-2015 02:10:51 Windows Update
04-02-2015 00:15:00 Windows Update
08-02-2015 21:21:22 Windows Modules Installer
09-02-2015 19:42:41 Windows Update
13-02-2015 22:34:16 Windows Update
16-02-2015 15:50:14 Windows Update
17-02-2015 05:44:04 Windows Update
05-03-2015 04:17:05 Windows Update
07-03-2015 03:43:19 Windows Update
06-04-2015 07:53:23 Windows Update
09-04-2015 12:27:50 Windows Update
12-05-2015 19:08:42 Windows Update
13-05-2015 15:21:54 Removed Boingo Wi-Fi
14-05-2015 12:21:41 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:04 - 2009-06-10 17:39 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {00AA1695-EF92-4320-BB8E-788B40CF34A2} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {04023014-1014-41FA-BF02-885637CD9FBE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3413888707-1841287775-265487829-1000Core => C:\Users\owner\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-16] (Google Inc.)
Task: {0410457A-088D-4298-B6D4-85CD62D0CD8D} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {05DC6093-9121-45CF-92F0-F0808B9E64EF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3413888707-1841287775-265487829-1000UA => C:\Users\owner\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-16] (Google Inc.)
Task: {0B2901BB-1340-473E-96E3-55E6702996B4} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {0B85B38C-1915-48B6-B2F9-92FC44CE0584} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-14] (Adobe Systems Incorporated)
Task: {29121278-0AFC-4F63-8B9F-18B8D2DC4219} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {308E4658-12FA-4E53-A33C-E122F91F360D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-05-16] (Google Inc.)
Task: {36C19E1F-F13A-49B6-B1B8-D248642C20D1} - System32\Tasks\BrowserProtect => Sc.exe start BrowserProtect <==== ATTENTION
Task: {4C74FA75-7951-41AF-B9CA-FB1884F9A479} - System32\Tasks\GoogleUpdateTaskMachineCore1cff2aad0fca37c => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-05-16] (Google Inc.)
Task: {5013EDA0-765B-485B-AD2B-9FE89D276AB1} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {72A17EB4-8287-4537-904D-81D0D594A823} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-05-16] (Google Inc.)
Task: {B7CD2E3C-EE93-4546-8205-8F78EC18EA84} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {CC9DDAAC-8AFC-46D5-A253-1F885C4D3C9B} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {CD86A0B7-6B0B-48CC-9F48-2D793795A6F1} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {DA2E00A5-340E-4E97-A68D-BCCA0FF0D56D} - System32\Tasks\{34C2920C-D458-4D22-BCB7-965BD96D62E9} => pcalua.exe -a C:\Users\owner\Downloads\erunt\ERUNT.EXE -d C:\Users\owner\Downloads\erunt
Task: {FBEB862E-2B1A-4C9A-8A14-204AF38B10AE} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore1cff2aad0fca37c.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3413888707-1841287775-265487829-1000Core.job => C:\Users\owner\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3413888707-1841287775-265487829-1000UA.job => C:\Users\owner\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2010-09-02 07:08 - 2010-09-02 07:08 - 00118784 _____ () C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt.dll
2009-11-10 20:02 - 2009-08-18 21:35 - 00219136 _____ () C:\Windows\System32\AsusService.exe
2009-11-10 19:46 - 2009-09-25 18:02 - 00402608 _____ () C:\Program Files\ASUS\Eee Docking\Eee Docking.exe
2009-08-27 19:38 - 2009-08-27 19:38 - 00803304 _____ () C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe
2009-08-27 19:45 - 2009-08-27 19:45 - 00120808 _____ () C:\Program Files\Asus\LiveUpdate\ClientSocket.dll
2009-08-27 20:29 - 2009-08-27 20:29 - 00182240 _____ () C:\Program Files\Asus\LiveUpdate\Parser.dll
2009-08-27 20:22 - 2009-08-27 20:22 - 00161768 _____ () C:\Program Files\Asus\LiveUpdate\Enumeration.dll
2013-05-26 15:29 - 2013-05-29 15:10 - 03113792 _____ () C:\Users\owner\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\06462425.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\06462425.sys => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3413888707-1841287775-265487829-1000\Control Panel\Desktop\\Wallpaper -> %windir%\web\wallpaper\windows\img0.jpg
HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> %windir%\web\wallpaper\windows\img0.jpg
DNS Servers: 10.0.0.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [{F693EB1B-DC73-4879-B69B-5273A67B699A}] => (Allow) C:\Program Files\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{7418AD32-A0CA-4C3C-93C5-C80C4B5BCB38}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{BEC7932F-A811-4466-875B-B3105248EF72}] => (Allow) svchost.exe
FirewallRules: [{2B1C3BDE-CC45-4840-AB68-7D14F1C5AA36}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{3D126336-1565-4066-A9DA-58C0F963C417}] => (Allow) C:\Users\owner\AppData\Local\Temp\migD943.tmp\migwiz.exe
FirewallRules: [{BA4AF1FA-C4B5-4B5B-8DA6-898F393952AB}] => (Allow) C:\Users\owner\AppData\Local\Temp\migD943.tmp\migwiz.exe
FirewallRules: [{0E4A6049-1EBA-46D0-9704-1C6055B97D1C}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{EA38F2B0-1848-45AD-B4A2-D0E24556A270}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{AF4B60E8-4CF0-43F3-B358-136A20D097CE}] => (Allow) C:\Windows\System32\ARFC\wrtc.exe
FirewallRules: [{8C44C5A8-40A5-43D7-B5D1-E03C961E9CEA}] => (Allow) C:\Windows\System32\ARFC\wrtc.exe
FirewallRules: [{FE0E1DF7-A7AC-4965-9143-1F778A8E3100}] => (Allow) C:\Users\owner\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{8E276DF0-9EA5-41BE-9C7B-C3894664E43E}] => (Allow) C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{2BC6C318-E4A1-4F96-A223-BA5A5F8D7446}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{7C28159F-C6D0-4012-8792-1F954A1E86CB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{438E6C17-2A70-438C-8E0F-486A6FFAF4B5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{FED97D86-7BB2-4BB8-AC76-54C93A03512A}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: MpKsl15a2a67d
Description: MpKsl15a2a67d
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: MpKsl15a2a67d
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/12/2015 06:42:58 PM) (Source: MsiInstaller) (EventID: 1024) (User: owner-PC)
Description: Product: Adobe Reader XI (11.0.10) - Update '{AC76BA86-7AD7-0000-2550-7A8C40011011}' could not be installed. Error code 1625. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft....k/?LinkId=23127

Error: (04/06/2015 07:56:13 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program firefox.exe version 35.0.1.5500 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1630

Start Time: 01d065ecdfbfcd85

Termination Time: 1413

Application Path: C:\Program Files\Mozilla Firefox\firefox.exe

Report Id: 83703e6e-dc53-11e4-b962-e0cb4e8fc6a9

Error: (03/24/2015 00:41:57 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program firefox.exe version 35.0.1.5500 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 17d8

Start Time: 01d065ec6d25026a

Termination Time: 48

Application Path: C:\Program Files\Mozilla Firefox\firefox.exe

Report Id: 0ec6c68f-d1e0-11e4-b962-e0cb4e8fc6a9

Error: (03/05/2015 04:14:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: hmpsched.exe, version: 3.7.0.5, time stamp: 0x54b11522
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x4ac
Faulting application start time: 0xhmpsched.exe0
Faulting application path: hmpsched.exe1
Faulting module path: hmpsched.exe2
Report Id: hmpsched.exe3

Error: (02/20/2015 03:04:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: hmpsched.exe, version: 3.7.0.5, time stamp: 0x54b11522
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x4b8
Faulting application start time: 0xhmpsched.exe0
Faulting application path: hmpsched.exe1
Faulting module path: hmpsched.exe2
Report Id: hmpsched.exe3

Error: (02/20/2015 02:58:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: hmpsched.exe, version: 3.7.0.5, time stamp: 0x54b11522
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x4d0
Faulting application start time: 0xhmpsched.exe0
Faulting application path: hmpsched.exe1
Faulting module path: hmpsched.exe2
Report Id: hmpsched.exe3

Error: (02/09/2015 07:30:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: hmpsched.exe, version: 3.7.0.5, time stamp: 0x54b11522
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x4c0
Faulting application start time: 0xhmpsched.exe0
Faulting application path: hmpsched.exe1
Faulting module path: hmpsched.exe2
Report Id: hmpsched.exe3

Error: (02/08/2015 09:40:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program wlmail.exe version 14.0.8064.206 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 6a0

Start Time: 01d0403b84c44cf3

Termination Time: 733

Application Path: C:\Program Files\Windows Live\Mail\wlmail.exe

Report Id: 9983d9e0-affc-11e4-873c-e0cb4e8fc6a9

Error: (02/08/2015 09:40:28 PM) (Source: ESENT) (EventID: 623) (User: )
Description: wuaueng.dll (1044) SUS20ClientDataStore: The version store for this instance (0) has reached its maximum size of 32Mb. It is likely that a long-running transaction is preventing cleanup of the version store and causing it to build up in size. Updates will be rejected until the long-running transaction has been completely committed or rolled back.

Possible long-running transaction:

    SessionId: 0x007A0320

    Session-context: 0x00000000

    Session-context ThreadId: 0x00001740

    Cleanup: 1

Error: (02/08/2015 09:20:56 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\windows\system32\svchost.exe -k netsvcs; Description = Windows Update; Error = 0x81000101).


System errors:
=============
Error: (05/14/2015 01:22:21 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 (KB3061518).

Error: (05/14/2015 00:19:08 PM) (Source: BROWSER) (EventID: 8032) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{910EFAE6-E9AE-43BD-8718-E5F656234DE6}.
The backup browser is stopping.

Error: (05/13/2015 01:07:40 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error:
%%1056

Error: (05/13/2015 01:07:40 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Computer Browser service, but this action failed with the following error:
%%1056

Error: (05/13/2015 01:04:40 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Server service, but this action failed with the following error:
%%1056

Error: (05/13/2015 01:04:40 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Background Intelligent Transfer Service service, but this action failed with the following error:
%%1056

Error: (05/13/2015 01:02:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Update service terminated unexpectedly.  It has done this 2 time(s).

Error: (05/13/2015 01:02:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Management Instrumentation service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 300000 milliseconds: Restart the service.

Error: (05/13/2015 01:02:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Themes service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (05/13/2015 01:02:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The System Event Notification Service service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 300000 milliseconds: Restart the service.


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: Intel® Atom™ CPU N450 @ 1.66GHz
Percentage of memory in use: 62%
Total physical RAM: 2038.18 MB
Available physical RAM: 766.43 MB
Total Pagefile: 4076.36 MB
Available Pagefile: 2315.84 MB
Total Virtual: 2047.88 MB
Available Virtual: 1905.09 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.86 GB) (Free:169.05 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 31990983)
Partition 1: (Active) - (Size=222.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=10 GB) - (Type=1B)
Partition 3: (Not Active) - (Size=19 MB) - (Type=EF)

==================== End Of Log ============================

 

Thanks for your help.

 

Dave


  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi after this could you let me know what problems you are experiencing

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

CreateRestorePoint:
HKU\S-1-5-21-3413888707-1841287775-265487829-1000\...\Winlogon: [Shell] C:\Program Files\asus\SystemSetting\WallPaperAgent.exe [115888 2009-09-25] (ASUSTeK Computer Inc.) <==== ATTENTION
HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Winlogon: [Shell] C:\Program Files\asus\SystemSetting\WallPaperAgent.exe [115888 2009-09-25] (ASUSTeK Computer Inc.) <==== ATTENTION
SearchScopes: HKLM -> DefaultScope value is missing.
FF ExtraCheck: C:\Program Files\mozilla firefox\firefox.cfg [2015-04-06] <==== ATTENTION
CHR DefaultSearchKeyword: Default -> start.sweetim.com
CHR DefaultSearchURL: Default -> http://start.sweetpa...006.10042&st=23
CHR Extension: (No Name) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbnipjaemkjjckbnmnpipbojmjfehgcg [2013-06-01]
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.25.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.21.149\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.25.11\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No Fil
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.25.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.21.149\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.25.11\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File
Task: {36C19E1F-F13A-49B6-B1B8-D248642C20D1} - System32\Tasks\BrowserProtect => Sc.exe start BrowserProtect <==== ATTENTION
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S0].txt as well.

  • 0

#3
dave423

dave423

    Member

  • Topic Starter
  • Member
  • PipPip
  • 62 posts

Thanks for helping me.  Here are the logs of the scans:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 19-05-2015
Ran by owner at 2015-05-19 23:34:26 Run:2
Running from C:\Users\owner\Desktop
Loaded Profiles: owner (Available profiles: owner)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
CreateRestorePoint:
HKU\S-1-5-21-3413888707-1841287775-265487829-1000\...\Winlogon: [Shell] C:\Program Files\asus\SystemSetting\WallPaperAgent.exe [115888 2009-09-25] (ASUSTeK Computer Inc.) <==== ATTENTION
HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Winlogon: [Shell] C:\Program Files\asus\SystemSetting\WallPaperAgent.exe [115888 2009-09-25] (ASUSTeK Computer Inc.) <==== ATTENTION
SearchScopes: HKLM -> DefaultScope value is missing.
FF ExtraCheck: C:\Program Files\mozilla firefox\firefox.cfg [2015-04-06] <==== ATTENTION
CHR DefaultSearchKeyword: Default -> start.sweetim.com
CHR DefaultSearchURL: Default -> http://start.sweetpa...006.10042&st=23
CHR Extension: (No Name) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbnipjaemkjjckbnmnpipbojmjfehgcg [2013-06-01]
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.25.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.21.149\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.25.11\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No Fil
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.25.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.21.149\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.25.11\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File
Task: {36C19E1F-F13A-49B6-B1B8-D248642C20D1} - System32\Tasks\BrowserProtect => Sc.exe start BrowserProtect <==== ATTENTION
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers
*****************

Restore point was successfully created.
HKU\S-1-5-21-3413888707-1841287775-265487829-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value deleted successfully.
HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"C:\Program Files\mozilla firefox\firefox.cfg" => not found.
Chrome DefaultSearchKeyword not detected.
Chrome DefaultSearchURL not detected.
C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbnipjaemkjjckbnmnpipbojmjfehgcg directory not found.
HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB} => Key not found.
HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208} => Key not found.
HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1} => Key not found.
HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0} => Key not found.
HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892} => Key not found.
HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5} => Key not found.
HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008} => Key not found.
HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61} => Key not found.
HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB} => Key not found.
HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9} => Key not found.
HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6} => Key not found.
HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93} => Key not found.
HKU\S-1-5-21-3413888707-1841287775-265487829-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E} => Key not found.
HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB} => Key not found.
HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208} => Key not found.
HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1} => Key not found.
HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0} => Key not found.
HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892} => Key not found.
HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5} => Key not found.
HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008} => Key not found.
HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61} => Key not found.
HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB} => Key not found.
HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9} => Key not found.
HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6} => Key not found.
HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93} => Key not found.
HKU\S-1-5-21-3413888707-1841287775-265487829-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{36C19E1F-F13A-49B6-B1B8-D248642C20D1} => Key not found.
C:\Windows\System32\Tasks\BrowserProtect not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserProtect => Key not found.

========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========

The operation completed successfully.



========= End of Reg: =========


========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========

The operation completed successfully.



========= End of Reg: =========


========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value deleted successfully.
HKU\S-1-5-21-3413888707-1841287775-265487829-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value deleted successfully.
HKU\S-1-5-21-3413888707-1841287775-265487829-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value deleted successfully.


========= End of RemoveProxy: =========


=========  bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to cancel {86614267-88AB-4BB5-98F4-3C3609097963}.
0 out of 1 jobs canceled.

========= End of CMD: =========

EmptyTemp: => Removed 64 MB temporary data.


The system needed a reboot.

==== End of Fixlog 23:36:32 ====

 

 

# AdwCleaner v4.204 - Logfile created 19/05/2015 at 23:59:56
# Updated 12/05/2015 by Xplode
# Database : 2015-05-12.2 [Server]
# Operating system : Windows 7 Starter Service Pack 1 (x86)
# Username : owner - OWNER-PC
# Running from : C:\Users\owner\Desktop\AdwCleaner.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17801


-\\ Mozilla Firefox v37.0.1 (x86 en-US)


-\\ Google Chrome v41.0.2272.118


*************************

AdwCleaner[R0].txt - [1815 bytes] - [19/05/2015 21:31:26]
AdwCleaner[R1].txt - [1874 bytes] - [19/05/2015 21:38:06]
AdwCleaner[R2].txt - [963 bytes] - [19/05/2015 23:54:56]
AdwCleaner[S0].txt - [1976 bytes] - [19/05/2015 21:41:27]
AdwCleaner[S1].txt - [889 bytes] - [19/05/2015 23:59:56]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [947  bytes] ##########
 

============================

 

The little computer still runs slow.  Something is using up all the CPU.  When I look at processes from all users in Task Manager it shows TrustedInstaller.exe is using a lot of the CPU. Also svchost.exe uses quite a bit. The total usage is going up to 100% which makes everything slow down, even while keying in this reply the letters on the screen sometimes lag behind my keystrokes, and while I key pretty fast for an old guy, I shouldn't be ahead of the screen.

 

Thanks once again for all your help,

 

Dave


  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK they are both system files ... Lets see if we can determine where the problem lies

In the search box type Msconfig and select the programme that appears at the top

1.In the System Configuration Utility dialog box, click Selective Startup on the General tab.
Cleanboot1.JPG
2.Click to clear the Load Startup Items check box.
NoteThe Use Original Boot.ini check box is unavailable.
3.Click the Services tab.
4.Click to select the Hide All Microsoft Services check box.
cleanboot2.JPG
5.Click Disable All, and then click OK.
6.When you are prompted, click Restart.
7.After the restart let me know if there is any difference in the computer behaviour
  • 0

#5
dave423

dave423

    Member

  • Topic Starter
  • Member
  • PipPip
  • 62 posts

I have  followed your instructions and the computer is still running slow. I have attached a screen shot of the preformance screen in task master to illustrate what is still happening. Thanks again.

 

DaveScreenShot1.jpg


  • 0

#6
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hmm that is a mega amount of CPU for a clean boot

Download the latest version of TDSSKiller from here and save it to your Desktop.


  • Doubleclick on TDSSKiller.exe to run the application
    tdss%20start.JPG
  • Then click on Change parameters.

    tdss%20Change%20param.JPG
  • Check the boxes beside Verify Driver Digital Signature, Detect TDLFS file system and Use KSN to scan objects , then click OK.
  • Click the Start Scan button.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    tdss%20threat.JPG
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
  • Get the report by selecting Reports

    tdss%20report.JPG
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
Please copy and paste its contents on your next reply.
  • 0

#7
dave423

dave423

    Member

  • Topic Starter
  • Member
  • PipPip
  • 62 posts

I ran the scan as instructed.  Here is the log::

 

16:04:16.0096 0x0898  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
16:04:22.0772 0x0898  ============================================================
16:04:22.0773 0x0898  Current date / time: 2015/05/20 16:04:22.0772
16:04:22.0773 0x0898  SystemInfo:
16:04:22.0773 0x0898  
16:04:22.0774 0x0898  OS Version: 6.1.7601 ServicePack: 1.0
16:04:22.0774 0x0898  Product type: Workstation
16:04:22.0774 0x0898  ComputerName: OWNER-PC
16:04:22.0775 0x0898  UserName: owner
16:04:22.0775 0x0898  Windows directory: C:\windows
16:04:22.0775 0x0898  System windows directory: C:\windows
16:04:22.0775 0x0898  Processor architecture: Intel x86
16:04:22.0775 0x0898  Number of processors: 2
16:04:22.0775 0x0898  Page size: 0x1000
16:04:22.0775 0x0898  Boot type: Normal boot
16:04:22.0776 0x0898  ============================================================
16:04:24.0861 0x0898  KLMD registered as C:\windows\system32\drivers\60510065.sys
16:04:26.0613 0x0898  System UUID: {D95B9841-3A27-69F0-6D9C-6EA82DB4D333}
16:04:29.0664 0x0898  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:04:29.0671 0x0898  ============================================================
16:04:29.0672 0x0898  \Device\Harddisk0\DR0:
16:04:29.0672 0x0898  MBR partitions:
16:04:29.0672 0x0898  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1BDBA800
16:04:29.0672 0x0898  ============================================================
16:04:29.0703 0x0898  C: <-> \Device\Harddisk0\DR0\Partition1
16:04:29.0704 0x0898  ============================================================
16:04:29.0704 0x0898  Initialize success
16:04:29.0704 0x0898  ============================================================
 

 

The CPU seems to be improving. Here is a screen shot.SS2.jpg


  • 0

#8
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Did TDSSKiller detect anything ? There should be a full log available could you run it and click reports
  • 0

#9
dave423

dave423

    Member

  • Topic Starter
  • Member
  • PipPip
  • 62 posts

I saw no threats after running TDSSKiller.  Here is the latest log.

 

17:19:49.0394 0x0c0c  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
17:19:54.0526 0x0c0c  ============================================================
17:19:54.0526 0x0c0c  Current date / time: 2015/05/20 17:19:54.0526
17:19:54.0526 0x0c0c  SystemInfo:
17:19:54.0526 0x0c0c  
17:19:54.0526 0x0c0c  OS Version: 6.1.7601 ServicePack: 1.0
17:19:54.0526 0x0c0c  Product type: Workstation
17:19:54.0526 0x0c0c  ComputerName: OWNER-PC
17:19:54.0526 0x0c0c  UserName: owner
17:19:54.0526 0x0c0c  Windows directory: C:\windows
17:19:54.0526 0x0c0c  System windows directory: C:\windows
17:19:54.0526 0x0c0c  Processor architecture: Intel x86
17:19:54.0526 0x0c0c  Number of processors: 2
17:19:54.0526 0x0c0c  Page size: 0x1000
17:19:54.0526 0x0c0c  Boot type: Normal boot
17:19:54.0526 0x0c0c  ============================================================
17:19:58.0551 0x0c0c  KLMD registered as C:\windows\system32\drivers\53306878.sys
17:20:00.0470 0x0c0c  System UUID: {D95B9841-3A27-69F0-6D9C-6EA82DB4D333}
17:20:03.0933 0x0c0c  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:20:03.0948 0x0c0c  ============================================================
17:20:03.0948 0x0c0c  \Device\Harddisk0\DR0:
17:20:03.0964 0x0c0c  MBR partitions:
17:20:03.0964 0x0c0c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1BDBA800
17:20:03.0964 0x0c0c  ============================================================
17:20:03.0995 0x0c0c  C: <-> \Device\Harddisk0\DR0\Partition1
17:20:03.0995 0x0c0c  ============================================================
17:20:03.0995 0x0c0c  Initialize success
17:20:03.0995 0x0c0c  ============================================================
 

 

 

That's it. What do you think?


  • 0

#10
dave423

dave423

    Member

  • Topic Starter
  • Member
  • PipPip
  • 62 posts

That last report looked too short so I ran it again.  Here it is.19:00:27.0282 0x05c4  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
19:00:40.0558 0x05c4  ============================================================
19:00:40.0558 0x05c4  Current date / time: 2015/05/20 19:00:40.0558
19:00:40.0558 0x05c4  SystemInfo:
19:00:40.0558 0x05c4  
19:00:40.0558 0x05c4  OS Version: 6.1.7601 ServicePack: 1.0
19:00:40.0558 0x05c4  Product type: Workstation
19:00:40.0558 0x05c4  ComputerName: OWNER-PC
19:00:40.0558 0x05c4  UserName: owner
19:00:40.0558 0x05c4  Windows directory: C:\windows
19:00:40.0558 0x05c4  System windows directory: C:\windows
19:00:40.0558 0x05c4  Processor architecture: Intel x86
19:00:40.0558 0x05c4  Number of processors: 2
19:00:40.0558 0x05c4  Page size: 0x1000
19:00:40.0558 0x05c4  Boot type: Normal boot
19:00:40.0558 0x05c4  ============================================================
19:00:46.0595 0x05c4  KLMD registered as C:\windows\system32\drivers\55484637.sys
19:00:49.0356 0x05c4  System UUID: {D95B9841-3A27-69F0-6D9C-6EA82DB4D333}
19:00:54.0395 0x05c4  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:00:54.0489 0x05c4  ============================================================
19:00:54.0489 0x05c4  \Device\Harddisk0\DR0:
19:00:54.0489 0x05c4  MBR partitions:
19:00:54.0489 0x05c4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1BDBA800
19:00:54.0489 0x05c4  ============================================================
19:00:54.0520 0x05c4  C: <-> \Device\Harddisk0\DR0\Partition1
19:00:54.0567 0x05c4  ============================================================
19:00:54.0567 0x05c4  Initialize success
19:00:54.0567 0x05c4  ============================================================
19:01:37.0217 0x0f78  ============================================================
19:01:37.0217 0x0f78  Scan started
19:01:37.0217 0x0f78  Mode: Manual; SigCheck; TDLFS;
19:01:37.0217 0x0f78  ============================================================
19:01:37.0217 0x0f78  KSN ping started
19:01:40.0914 0x0f78  KSN ping finished: true
19:01:41.0507 0x0f78  ================ Scan system memory ========================
19:01:41.0507 0x0f78  System memory - ok
19:01:41.0507 0x0f78  ================ Scan services =============================
19:01:41.0679 0x0f78  [ 72D6D8E2D4F82C6E829125C7EC2A88F9, F357CFC3D04EB3F8E1A504D531D099698C6E2B29EB6CEDF75C08BF8917C46573 ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
19:01:42.0896 0x0f78  !SASCORE - ok
19:01:43.0270 0x0f78  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
19:01:43.0457 0x0f78  1394ohci - ok
19:01:43.0551 0x0f78  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\windows\system32\drivers\ACPI.sys
19:01:43.0629 0x0f78  ACPI - ok
19:01:43.0691 0x0f78  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys
19:01:43.0800 0x0f78  AcpiPmi - ok
19:01:43.0972 0x0f78  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
19:01:44.0019 0x0f78  AdobeARMservice - ok
19:01:44.0144 0x0f78  [ B04A4810C6CC205F9DC72DC22E4AB236, 547321F5C28C80D4818372D65E2A33D4BAC593015DD6613B24586FE4B4A95D5D ] AdobeFlashPlayerUpdateSvc C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:01:44.0206 0x0f78  AdobeFlashPlayerUpdateSvc - ok
19:01:44.0331 0x0f78  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\windows\system32\DRIVERS\adp94xx.sys
19:01:44.0440 0x0f78  adp94xx - ok
19:01:44.0502 0x0f78  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\windows\system32\DRIVERS\adpahci.sys
19:01:44.0565 0x0f78  adpahci - ok
19:01:44.0643 0x0f78  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\windows\system32\DRIVERS\adpu320.sys
19:01:44.0705 0x0f78  adpu320 - ok
19:01:44.0768 0x0f78  [ 12E6A172D72AFC626727B8635DD17E39, 33B3D109C39DF6EA86AFC3C89A93657906E981D3D22FF854401BC7326990CC08 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
19:01:44.0877 0x0f78  AeLookupSvc - ok
19:01:45.0002 0x0f78  [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD             C:\windows\system32\drivers\afd.sys
19:01:45.0204 0x0f78  AFD - ok
19:01:45.0267 0x0f78  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\windows\system32\drivers\agp440.sys
19:01:45.0314 0x0f78  agp440 - ok
19:01:45.0407 0x0f78  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\windows\system32\DRIVERS\djsvs.sys
19:01:45.0470 0x0f78  aic78xx - ok
19:01:45.0532 0x0f78  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\windows\System32\alg.exe
19:01:45.0626 0x0f78  ALG - ok
19:01:45.0688 0x0f78  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\windows\system32\drivers\aliide.sys
19:01:45.0750 0x0f78  aliide - ok
19:01:45.0813 0x0f78  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\windows\system32\drivers\amdagp.sys
19:01:45.0860 0x0f78  amdagp - ok
19:01:45.0906 0x0f78  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\windows\system32\drivers\amdide.sys
19:01:45.0969 0x0f78  amdide - ok
19:01:46.0016 0x0f78  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\windows\system32\DRIVERS\amdk8.sys
19:01:46.0125 0x0f78  AmdK8 - ok
19:01:46.0156 0x0f78  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\windows\system32\DRIVERS\amdppm.sys
19:01:46.0234 0x0f78  AmdPPM - ok
19:01:46.0374 0x0f78  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\windows\system32\drivers\amdsata.sys
19:01:46.0437 0x0f78  amdsata - ok
19:01:46.0515 0x0f78  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\windows\system32\DRIVERS\amdsbs.sys
19:01:46.0577 0x0f78  amdsbs - ok
19:01:46.0624 0x0f78  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\windows\system32\drivers\amdxata.sys
19:01:46.0671 0x0f78  amdxata - ok
19:01:46.0749 0x0f78  [ 81F97D8F8B3FB94A451CC6F7CF8B2965, 8DEBA4E47E1016D69740C0BB7CDD23852D86E0D42C1C1EA5A847ECB115C38CB1 ] AppID           C:\windows\system32\drivers\appid.sys
19:01:46.0858 0x0f78  AppID - ok
19:01:46.0905 0x0f78  [ F5090F8FA6757C58E17BAEAA86093636, 5E14CF3032DF5801240F45C59AA93962EA41AA5648A0C6458D16D9B9D95A131F ] AppIDSvc        C:\windows\System32\appidsvc.dll
19:01:46.0998 0x0f78  AppIDSvc - ok
19:01:47.0061 0x0f78  [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo         C:\windows\System32\appinfo.dll
19:01:47.0170 0x0f78  Appinfo - ok
19:01:47.0232 0x0f78  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\windows\system32\DRIVERS\arc.sys
19:01:47.0295 0x0f78  arc - ok
19:01:47.0326 0x0f78  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\windows\system32\DRIVERS\arcsas.sys
19:01:47.0404 0x0f78  arcsas - ok
19:01:47.0529 0x0f78  [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state    C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
19:01:47.0607 0x0f78  aspnet_state - ok
19:01:47.0669 0x0f78  [ E67493490466B5F04B58C22D2590E8CA, 5E6B448A26FD735A962703FFB3C61D5A14A0B71CEFA999BA7879F5B05FD5FC73 ] AsUpIO          C:\windows\system32\drivers\AsUpIO.sys
19:01:47.0763 0x0f78  AsUpIO - ok
19:01:47.0825 0x0f78  [ C4FB2613D3C75364BB159B9C23A00E7A, 945AD13620BBEFFC382EDC3B3337975D158C7EDB4E3782021FCBE3B49A8A1F57 ] AsusService     C:\Windows\System32\AsusService.exe
19:01:48.0543 0x0f78  AsusService - detected UnsignedFile.Multi.Generic ( 1 )
19:01:49.0167 0x0f78  Detect skipped due to KSN trusted
19:01:49.0167 0x0f78  AsusService - ok
19:01:49.0229 0x0f78  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
19:01:49.0650 0x0f78  AsyncMac - ok
19:01:49.0728 0x0f78  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\windows\system32\drivers\atapi.sys
19:01:49.0791 0x0f78  atapi - ok
19:01:49.0978 0x0f78  [ B01751CC563AECAC09BBE36AAA21FBEF, 453CAED322CC13155D3BD1F5BF9ABC9FA7F74D9C17E712DAEC63E9518F0E9229 ] athr            C:\windows\system32\DRIVERS\athr.sys
19:01:50.0274 0x0f78  athr - ok
19:01:50.0384 0x0f78  [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
19:01:50.0493 0x0f78  AudioEndpointBuilder - ok
19:01:50.0586 0x0f78  [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv        C:\windows\System32\Audiosrv.dll
19:01:50.0680 0x0f78  Audiosrv - ok
19:01:50.0883 0x0f78  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\windows\System32\AxInstSV.dll
19:01:51.0008 0x0f78  AxInstSV - ok
19:01:51.0101 0x0f78  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\windows\system32\DRIVERS\bxvbdx.sys
19:01:51.0226 0x0f78  b06bdrv - ok
19:01:51.0304 0x0f78  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\windows\system32\DRIVERS\b57nd60x.sys
19:01:51.0398 0x0f78  b57nd60x - ok
19:01:51.0538 0x0f78  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\windows\System32\bdesvc.dll
19:01:51.0632 0x0f78  BDESVC - ok
19:01:51.0663 0x0f78  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\windows\system32\drivers\Beep.sys
19:01:51.0803 0x0f78  Beep - ok
19:01:51.0912 0x0f78  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\windows\System32\bfe.dll
19:01:52.0053 0x0f78  BFE - ok
19:01:52.0162 0x0f78  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\windows\System32\qmgr.dll
19:01:52.0443 0x0f78  BITS - ok
19:01:52.0505 0x0f78  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys
19:01:52.0568 0x0f78  blbdrive - ok
19:01:52.0646 0x0f78  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
19:01:52.0724 0x0f78  bowser - ok
19:01:52.0770 0x0f78  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\windows\system32\DRIVERS\BrFiltLo.sys
19:01:52.0895 0x0f78  BrFiltLo - ok
19:01:52.0911 0x0f78  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\windows\system32\DRIVERS\BrFiltUp.sys
19:01:52.0973 0x0f78  BrFiltUp - ok
19:01:53.0036 0x0f78  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\windows\System32\browser.dll
19:01:53.0129 0x0f78  Browser - ok
19:01:53.0192 0x0f78  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\windows\System32\Drivers\Brserid.sys
19:01:53.0301 0x0f78  Brserid - ok
19:01:53.0332 0x0f78  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
19:01:53.0457 0x0f78  BrSerWdm - ok
19:01:53.0519 0x0f78  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
19:01:53.0597 0x0f78  BrUsbMdm - ok
19:01:53.0644 0x0f78  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
19:01:53.0769 0x0f78  BrUsbSer - ok
19:01:53.0862 0x0f78  [ 2865A5C8E98C70C605F417908CEBB3A4, B1C5AC228BD7072AF8668C009C6CDC13EE9FCB9481F57524300F37C40BF1E935 ] BthEnum         C:\windows\system32\drivers\BthEnum.sys
19:01:54.0003 0x0f78  BthEnum - ok
19:01:54.0065 0x0f78  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\windows\system32\DRIVERS\bthmodem.sys
19:01:54.0190 0x0f78  BTHMODEM - ok
19:01:54.0268 0x0f78  [ AD1872E5829E8A2C3B5B4B641C3EAB0E, 8C2DBCAC08DDB41E2B44E257C55FA2D0272959B308EFF9EAF5FF9AE1E4A0AA39 ] BthPan          C:\windows\system32\DRIVERS\bthpan.sys
19:01:54.0377 0x0f78  BthPan - ok
19:01:54.0486 0x0f78  [ 1153DE2E4F5941E10C399CB5592F78A1, 2B88AF246D62F72FA9F5B921B0375AE59A0F263672472D5EC9FDB5CA5EF51C31 ] BTHPORT         C:\windows\System32\Drivers\BTHport.sys
19:01:54.0611 0x0f78  BTHPORT - ok
19:01:54.0705 0x0f78  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\windows\system32\bthserv.dll
19:01:54.0861 0x0f78  bthserv - ok
19:01:54.0923 0x0f78  [ C81E9413A25A439F436B1D4B6A0CF9E9, A4C290163207AED22C70C7F90B28F6FC24892889643D60D915059405AC5A4A72 ] BTHUSB          C:\windows\System32\Drivers\BTHUSB.sys
19:01:54.0986 0x0f78  BTHUSB - ok
19:01:55.0048 0x0f78  [ 92C5B845803F3662637EB691AC0B250F, FD5807316C548D858B48C91E2BCEAF61B6F5D4361ED0751BBF6AA66B00AF51D5 ] btusbflt        C:\windows\system32\drivers\btusbflt.sys
19:01:55.0079 0x0f78  btusbflt - ok
19:01:55.0110 0x0f78  btwaudio - ok
19:01:55.0157 0x0f78  btwavdt - ok
19:01:55.0188 0x0f78  btwl2cap - ok
19:01:55.0220 0x0f78  btwrchid - ok
19:01:55.0500 0x0f78  [ 1F79342D9EB530A48742F651E570983A, 99E0B613C23FA8591E248DFA6FF2D3EE19E262BE6E070A0E43E256B69687017F ] c2cautoupdatesvc C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
19:01:55.0703 0x0f78  c2cautoupdatesvc - ok
19:01:56.0015 0x0f78  [ E4938E0A376CF0B9D989EE5C0A146891, 9DF6AB5781CD60862D9664CA9A8AF0696A1FB6D09D804CD8DE9630F40DE59E90 ] c2cpnrsvc       C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
19:01:56.0312 0x0f78  c2cpnrsvc - ok
19:01:56.0374 0x0f78  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
19:01:56.0670 0x0f78  cdfs - ok
19:01:56.0780 0x0f78  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\windows\system32\DRIVERS\cdrom.sys
19:01:56.0873 0x0f78  cdrom - ok
19:01:56.0998 0x0f78  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\windows\System32\certprop.dll
19:01:57.0107 0x0f78  CertPropSvc - ok
19:01:57.0185 0x0f78  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\windows\system32\DRIVERS\circlass.sys
19:01:57.0279 0x0f78  circlass - ok
19:01:57.0341 0x0f78  [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS            C:\windows\system32\CLFS.sys
19:01:57.0435 0x0f78  CLFS - ok
19:01:57.0560 0x0f78  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:01:57.0606 0x0f78  clr_optimization_v2.0.50727_32 - ok
19:01:57.0684 0x0f78  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:01:57.0872 0x0f78  clr_optimization_v4.0.30319_32 - ok
19:01:57.0918 0x0f78  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\windows\system32\DRIVERS\CmBatt.sys
19:01:58.0043 0x0f78  CmBatt - ok
19:01:58.0074 0x0f78  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\windows\system32\drivers\cmdide.sys
19:01:58.0137 0x0f78  cmdide - ok
19:01:58.0246 0x0f78  [ 3051724F223EA48968B19567DE2A81F4, DCC27DE1B2B35866FC6DBDE95A368E7D0D346B6C3F31D0BACA63DD39B0A8874E ] CNG             C:\windows\system32\Drivers\cng.sys
19:01:58.0386 0x0f78  CNG - ok
19:01:58.0464 0x0f78  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\windows\system32\DRIVERS\compbatt.sys
19:01:58.0527 0x0f78  Compbatt - ok
19:01:58.0605 0x0f78  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\windows\system32\drivers\CompositeBus.sys
19:01:58.0792 0x0f78  CompositeBus - ok
19:01:58.0854 0x0f78  COMSysApp - ok
19:01:58.0901 0x0f78  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\windows\system32\DRIVERS\crcdisk.sys
19:01:58.0964 0x0f78  crcdisk - ok
19:01:59.0073 0x0f78  [ 49474B3E37969AF4B5C076F42B623AFF, BDA6B57E9B60EF1B67C74099263D33A367AAA035667239F76AB8B268FD3E8F23 ] CryptSvc        C:\windows\system32\cryptsvc.dll
19:01:59.0151 0x0f78  CryptSvc - ok
19:01:59.0260 0x0f78  [ BFA04E060F1F26C92F62958757C47BDB, 3378E26E115B1FA7AA9D5DAF825C130180F52C61F0F08D35715C4FCE8F0E5634 ] dc3d            C:\windows\system32\DRIVERS\dc3d.sys
19:01:59.0307 0x0f78  dc3d - ok
19:01:59.0447 0x0f78  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\windows\system32\rpcss.dll
19:01:59.0619 0x0f78  DcomLaunch - ok
19:01:59.0697 0x0f78  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\windows\System32\defragsvc.dll
19:01:59.0837 0x0f78  defragsvc - ok
19:01:59.0900 0x0f78  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\windows\system32\Drivers\dfsc.sys
19:02:00.0087 0x0f78  DfsC - ok
19:02:00.0212 0x0f78  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\windows\system32\dhcpcore.dll
19:02:00.0368 0x0f78  Dhcp - ok
19:02:00.0664 0x0f78  [ E95DE5B790B2D16706DAC8472E51F31A, 9D7A72742D369B9F0E4ACEC9C1850D0D60E975AEBEFF5BA06B954EA3AB3E9FF6 ] DiagTrack       C:\windows\system32\diagtrack.dll
19:02:00.0945 0x0f78  DiagTrack - ok
19:02:01.0007 0x0f78  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\windows\system32\drivers\discache.sys
19:02:01.0179 0x0f78  discache - ok
19:02:01.0273 0x0f78  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\windows\system32\DRIVERS\disk.sys
19:02:01.0351 0x0f78  Disk - ok
19:02:01.0444 0x0f78  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\windows\System32\dnsrslvr.dll
19:02:01.0553 0x0f78  Dnscache - ok
19:02:01.0647 0x0f78  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\windows\System32\dot3svc.dll
19:02:01.0803 0x0f78  dot3svc - ok
19:02:01.0928 0x0f78  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\windows\system32\dps.dll
19:02:02.0084 0x0f78  DPS - ok
19:02:02.0177 0x0f78  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
19:02:02.0302 0x0f78  drmkaud - ok
19:02:02.0443 0x0f78  [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
19:02:02.0567 0x0f78  DXGKrnl - ok
19:02:02.0708 0x0f78  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\windows\System32\eapsvc.dll
19:02:02.0848 0x0f78  EapHost - ok
19:02:04.0065 0x0f78  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\windows\system32\DRIVERS\evbdx.sys
19:02:04.0705 0x0f78  ebdrv - ok
19:02:04.0829 0x0f78  [ 1667D76FBF42B24B9DE3E8B0A7CF06BE, AB9FD4F7B007633FEC552D14932CDEB56DBCE56D152C0EDC91FAFD08E636AADC ] EFS             C:\windows\System32\lsass.exe
19:02:04.0954 0x0f78  EFS - ok
19:02:05.0219 0x0f78  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\windows\system32\DRIVERS\elxstor.sys
19:02:05.0344 0x0f78  elxstor - ok
19:02:05.0407 0x0f78  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\windows\system32\drivers\errdev.sys
19:02:05.0485 0x0f78  ErrDev - ok
19:02:05.0687 0x0f78  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\windows\system32\es.dll
19:02:05.0937 0x0f78  EventSystem - ok
19:02:05.0984 0x0f78  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\windows\system32\drivers\exfat.sys
19:02:06.0202 0x0f78  exfat - ok
19:02:06.0280 0x0f78  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\windows\system32\drivers\fastfat.sys
19:02:06.0499 0x0f78  fastfat - ok
19:02:06.0623 0x0f78  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\windows\system32\fxssvc.exe
19:02:06.0857 0x0f78  Fax - ok
19:02:06.0920 0x0f78  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\windows\system32\DRIVERS\fdc.sys
19:02:06.0998 0x0f78  fdc - ok
19:02:07.0060 0x0f78  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\windows\system32\fdPHost.dll
19:02:07.0216 0x0f78  fdPHost - ok
19:02:07.0263 0x0f78  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\windows\system32\fdrespub.dll
19:02:07.0403 0x0f78  FDResPub - ok
19:02:07.0481 0x0f78  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
19:02:07.0544 0x0f78  FileInfo - ok
19:02:07.0591 0x0f78  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
19:02:07.0762 0x0f78  Filetrace - ok
19:02:07.0809 0x0f78  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\windows\system32\DRIVERS\flpydisk.sys
19:02:07.0887 0x0f78  flpydisk - ok
19:02:07.0981 0x0f78  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
19:02:08.0105 0x0f78  FltMgr - ok
19:02:08.0339 0x0f78  [ 6EC244F102C7F129678E5F7309D1366D, C30DA201AC623DA440B0A0716534557C578218C2A591FA8893CCCBD96B4518F9 ] FontCache       C:\windows\system32\FntCache.dll
19:02:08.0605 0x0f78  FontCache - ok
19:02:08.0729 0x0f78  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:02:08.0807 0x0f78  FontCache3.0.0.0 - ok
19:02:08.0870 0x0f78  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
19:02:08.0932 0x0f78  FsDepends - ok
19:02:08.0979 0x0f78  [ 574CEA4D3510EC905C0163C42D305BA5, F73FE540E5BD92AACFBFBA20AE49D968B6AC08A5E537D09FE97090B8E7FE5924 ] fssfltr         C:\windows\system32\DRIVERS\fssfltr.sys
19:02:09.0041 0x0f78  fssfltr - ok
19:02:09.0166 0x0f78  [ 9B1622EBEB31B3411B13382FFCB8737D, 528CBDE1B92EB27B0FE7D7F5944A3828C26E51A27532BB434D66A3886AED3901 ] fsssvc          C:\Program Files\Windows Live\Family Safety\fsssvc.exe
19:02:09.0275 0x0f78  fsssvc - ok
19:02:09.0338 0x0f78  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
19:02:09.0400 0x0f78  Fs_Rec - ok
19:02:09.0478 0x0f78  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
19:02:09.0556 0x0f78  fvevol - ok
19:02:09.0619 0x0f78  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\windows\system32\DRIVERS\gagp30kx.sys
19:02:09.0665 0x0f78  gagp30kx - ok
19:02:09.0821 0x0f78  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\windows\System32\gpsvc.dll
19:02:10.0009 0x0f78  gpsvc - ok
19:02:10.0274 0x0f78  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
19:02:10.0336 0x0f78  gupdate - ok
19:02:10.0383 0x0f78  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
19:02:10.0445 0x0f78  gupdatem - ok
19:02:10.0508 0x0f78  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
19:02:10.0664 0x0f78  hcw85cir - ok
19:02:10.0820 0x0f78  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
19:02:10.0960 0x0f78  HdAudAddService - ok
19:02:11.0069 0x0f78  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\windows\system32\drivers\HDAudBus.sys
19:02:11.0179 0x0f78  HDAudBus - ok
19:02:11.0288 0x0f78  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\windows\system32\DRIVERS\HidBatt.sys
19:02:11.0381 0x0f78  HidBatt - ok
19:02:11.0444 0x0f78  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\windows\system32\DRIVERS\hidbth.sys
19:02:11.0522 0x0f78  HidBth - ok
19:02:11.0569 0x0f78  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\windows\system32\DRIVERS\hidir.sys
19:02:11.0693 0x0f78  HidIr - ok
19:02:11.0818 0x0f78  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\windows\system32\hidserv.dll
19:02:11.0943 0x0f78  hidserv - ok
19:02:12.0115 0x0f78  [ 25072FB35AC90B25F9E4E3BACF774102, EBCE089947CC5A251A517CB91E81FCB948B18405FBACA04C874D4A48AF88676D ] HidUsb          C:\windows\system32\drivers\hidusb.sys
19:02:12.0224 0x0f78  HidUsb - ok
19:02:12.0458 0x0f78  [ D8CA09A59B330F0968E2AC4DD957060E, 30A4835BDB2719A117E0506BD3E7DB674C78FE0765DFFAB0C9EE8CDA92ADF3C0 ] hitmanpro37     C:\windows\system32\drivers\hitmanpro37.sys
19:02:12.0520 0x0f78  hitmanpro37 - ok
19:02:12.0645 0x0f78  [ C04C5487155FF65CEA329BF3368787E0, 92EAF39B04F2E01AB69A4D4A7D6E401B95132C7784A8DF90B277BE539EE7B646 ] HitmanProScheduler C:\Program Files\HitmanPro\hmpsched.exe
19:02:12.0692 0x0f78  HitmanProScheduler - ok
19:02:12.0785 0x0f78  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\windows\system32\kmsvc.dll
19:02:12.0941 0x0f78  hkmsvc - ok
19:02:13.0051 0x0f78  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\windows\system32\ListSvc.dll
19:02:13.0191 0x0f78  HomeGroupListener - ok
19:02:13.0253 0x0f78  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\windows\system32\provsvc.dll
19:02:13.0363 0x0f78  HomeGroupProvider - ok
19:02:13.0456 0x0f78  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
19:02:13.0503 0x0f78  HpSAMD - ok
19:02:13.0675 0x0f78  [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP            C:\windows\system32\drivers\HTTP.sys
19:02:13.0862 0x0f78  HTTP - ok
19:02:13.0955 0x0f78  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
19:02:14.0002 0x0f78  hwpolicy - ok
19:02:14.0127 0x0f78  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\windows\system32\drivers\i8042prt.sys
19:02:14.0236 0x0f78  i8042prt - ok
19:02:14.0486 0x0f78  [ 7548066DF68A8A1A56B043359F915F37, 6225DDE554E45858374CBD284A85A00F773089A667C08492187A637232B8BD9A ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
19:02:14.0564 0x0f78  IAANTMON - ok
19:02:14.0704 0x0f78  [ D483687EACE0C065EE772481A96E05F5, A22200E90C78DFE73FE0FBEED5331AB43CD7133651FD125595C4DB604AD71B29 ] iaStor          C:\windows\system32\DRIVERS\iaStor.sys
19:02:14.0767 0x0f78  iaStor - ok
19:02:14.0923 0x0f78  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
19:02:15.0001 0x0f78  iaStorV - ok
19:02:15.0235 0x0f78  [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc           C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:02:15.0453 0x0f78  idsvc - ok
19:02:15.0531 0x0f78  IEEtwCollectorService - ok
19:02:16.0093 0x0f78  [ 81F7C715528AB621C6AF58869D4B07B9, 999341B68BB63C50A08311D6FD50470CBC5B6B66EBFCACFE7768F36ECA547EAC ] igfx            C:\windows\system32\DRIVERS\igdkmd32.sys
19:02:16.0763 0x0f78  igfx - ok
19:02:16.0841 0x0f78  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\windows\system32\DRIVERS\iirsp.sys
19:02:16.0904 0x0f78  iirsp - ok
19:02:17.0060 0x0f78  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\windows\System32\ikeext.dll
19:02:17.0231 0x0f78  IKEEXT - ok
19:02:17.0746 0x0f78  [ DB96B8BD676BB24BD4F1DC53CA1F182C, 42E8A43E35520793A3A34BA6F70A631D629194C8C882EB62BBF296D9F731D6CD ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHDA.sys
19:02:18.0136 0x0f78  IntcAzAudAddService - ok
19:02:18.0214 0x0f78  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\windows\system32\drivers\intelide.sys
19:02:18.0277 0x0f78  intelide - ok
19:02:18.0355 0x0f78  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys
19:02:18.0433 0x0f78  intelppm - ok
19:02:18.0511 0x0f78  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\windows\system32\ipbusenum.dll
19:02:18.0667 0x0f78  IPBusEnum - ok
19:02:18.0713 0x0f78  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
19:02:18.0823 0x0f78  IpFilterDriver - ok
19:02:18.0947 0x0f78  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
19:02:19.0088 0x0f78  iphlpsvc - ok
19:02:19.0135 0x0f78  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys
19:02:19.0213 0x0f78  IPMIDRV - ok
19:02:19.0275 0x0f78  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\windows\system32\drivers\ipnat.sys
19:02:19.0415 0x0f78  IPNAT - ok
19:02:19.0462 0x0f78  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\windows\system32\drivers\irenum.sys
19:02:19.0556 0x0f78  IRENUM - ok
19:02:19.0603 0x0f78  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\windows\system32\drivers\isapnp.sys
19:02:19.0681 0x0f78  isapnp - ok
19:02:19.0727 0x0f78  [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
19:02:19.0790 0x0f78  iScsiPrt - ok
19:02:19.0852 0x0f78  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\windows\system32\DRIVERS\kbdclass.sys
19:02:19.0899 0x0f78  kbdclass - ok
19:02:19.0961 0x0f78  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\windows\system32\DRIVERS\kbdhid.sys
19:02:20.0024 0x0f78  kbdhid - ok
19:02:20.0102 0x0f78  [ 3EB803312987FF44265C87CB960DF6AB, D6F44702F92089A0C847044A3933F7311D6A72C4647C3FECB35CDBF96A913A40 ] kbfiltr         C:\windows\system32\DRIVERS\kbfiltr.sys
19:02:20.0133 0x0f78  kbfiltr - ok
19:02:20.0195 0x0f78  [ 1667D76FBF42B24B9DE3E8B0A7CF06BE, AB9FD4F7B007633FEC552D14932CDEB56DBCE56D152C0EDC91FAFD08E636AADC ] KeyIso          C:\windows\system32\lsass.exe
19:02:20.0258 0x0f78  KeyIso - ok
19:02:20.0305 0x0f78  [ 6DD2A1064DD8AFBED22E71176E2AF59B, 915F36860DAA72DA89E906A7F6F255A854A2A91EEA536A7C2EDB4A63250F66CC ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
19:02:20.0367 0x0f78  KSecDD - ok
19:02:20.0398 0x0f78  [ 76C0D35167B1369C68388FEDB56A3048, 2788962AB21DBB0A4D130AE5F822E9FDB96D7FF6320E2798714BF18BCB9CAE4F ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
19:02:20.0461 0x0f78  KSecPkg - ok
19:02:20.0539 0x0f78  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\windows\system32\msdtckrm.dll
19:02:20.0710 0x0f78  KtmRm - ok
19:02:20.0773 0x0f78  [ A158CEA8644B8A5C1EC0E9A81B70F65A, 70B4726BFB652CB41F06F60AE2A780A521E7B783F0B38BE55E8A566A915929F5 ] L1C             C:\windows\system32\DRIVERS\L1C62x86.sys
19:02:20.0835 0x0f78  L1C - ok
19:02:20.0897 0x0f78  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\windows\system32\srvsvc.dll
19:02:21.0038 0x0f78  LanmanServer - ok
19:02:21.0069 0x0f78  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
19:02:21.0209 0x0f78  LanmanWorkstation - ok
19:02:21.0287 0x0f78  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
19:02:21.0412 0x0f78  lltdio - ok
19:02:21.0475 0x0f78  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\windows\System32\lltdsvc.dll
19:02:21.0615 0x0f78  lltdsvc - ok
19:02:21.0631 0x0f78  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\windows\System32\lmhsvc.dll
19:02:21.0771 0x0f78  lmhosts - ok
19:02:21.0849 0x0f78  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\windows\system32\DRIVERS\lsi_fc.sys
19:02:21.0896 0x0f78  LSI_FC - ok
19:02:21.0943 0x0f78  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\windows\system32\DRIVERS\lsi_sas.sys
19:02:21.0989 0x0f78  LSI_SAS - ok
19:02:22.0021 0x0f78  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\windows\system32\DRIVERS\lsi_sas2.sys
19:02:22.0083 0x0f78  LSI_SAS2 - ok
19:02:22.0130 0x0f78  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\windows\system32\DRIVERS\lsi_scsi.sys
19:02:22.0177 0x0f78  LSI_SCSI - ok
19:02:22.0270 0x0f78  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\windows\system32\drivers\luafv.sys
19:02:22.0395 0x0f78  luafv - ok
19:02:22.0473 0x0f78  [ 3C21F7E95FFCA33EF1A83AA33D9663CF, C843116969E1CDBA45AEF98B33BEDBA9200C62CDB52CD7056CE6768A1EF3A637 ] MBAMProtector   C:\windows\system32\drivers\mbam.sys
19:02:22.0520 0x0f78  MBAMProtector - ok
19:02:22.0754 0x0f78  [ 516E29AD03BDF610CC36A95AE692FE42, 09F913B169AD775FF587AE59AEC5DD2A2D8646803F48BF616C74EEC0DE3BE7A2 ] MBAMScheduler   C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
19:02:23.0003 0x0f78  MBAMScheduler - ok
19:02:23.0175 0x0f78  [ 2B983F067AEE3F9EB4DF5E97F45D21D1, 0B9ED0E91FF01A5445927650113E320C3C0EA16F1401AA55A509DDBF704DF22F ] MBAMService     C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
19:02:23.0315 0x0f78  MBAMService - ok
19:02:23.0440 0x0f78  [ 04B309A1A653177994630C2773E659F1, 1D9F81D2DF513FE177E5308E3DE0CE416109F87FDBD00FE7453FEB6074216C3C ] MBAMSwissArmy   C:\windows\system32\drivers\MBAMSwissArmy.sys
19:02:23.0487 0x0f78  MBAMSwissArmy - ok
19:02:23.0518 0x0f78  [ 167BCE00050B19DA25065335645A3C7A, 5CD3EA3E09B4ED318AB6151F56A17B0E4C8CE32DBB77342A39DEF53908F7D2F0 ] MBAMWebAccessControl C:\windows\system32\drivers\mwac.sys
19:02:23.0549 0x0f78  MBAMWebAccessControl - ok
19:02:23.0596 0x0f78  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\windows\system32\DRIVERS\megasas.sys
19:02:23.0659 0x0f78  megasas - ok
19:02:23.0721 0x0f78  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\windows\system32\DRIVERS\MegaSR.sys
19:02:23.0815 0x0f78  MegaSR - ok
19:02:23.0846 0x0f78  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\windows\system32\mmcss.dll
19:02:24.0002 0x0f78  MMCSS - ok
19:02:24.0033 0x0f78  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\windows\system32\drivers\modem.sys
19:02:24.0205 0x0f78  Modem - ok
19:02:24.0298 0x0f78  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\windows\system32\DRIVERS\monitor.sys
19:02:24.0392 0x0f78  monitor - ok
19:02:24.0439 0x0f78  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
19:02:24.0501 0x0f78  mouclass - ok
19:02:24.0563 0x0f78  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
19:02:24.0641 0x0f78  mouhid - ok
19:02:24.0704 0x0f78  [ 644905A19D0F37F2233DFCE53BC4BC19, F52CB40AA0FD1EBF8CBF0F3BFB20C47142C637719840877FB93F10D085EB8C2B ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
19:02:24.0782 0x0f78  mountmgr - ok
19:02:24.0875 0x0f78  [ 269BDB3CB77EB77BABE2862BEAB1F208, EC693365C73D59244CB77E181042128A9901BA5C1109CD4F1B9A2008DF1F9582 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:02:24.0938 0x0f78  MozillaMaintenance - ok
19:02:25.0047 0x0f78  [ F112DA773EC3E9D3CDE9221ED300E033, 693C416B281DA3489C096812D0E4E0413C05798D36AF534624C3B29551CE68A4 ] MpFilter        C:\windows\system32\DRIVERS\MpFilter.sys
19:02:25.0141 0x0f78  MpFilter - ok
19:02:25.0187 0x0f78  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\windows\system32\drivers\mpio.sys
19:02:25.0265 0x0f78  mpio - ok
19:02:25.0406 0x0f78  [ 65C34426C83EFA32D48380A97717997B, CD7EB6BFBB0BE382BA21055460D9A72323F09AF3194A22D8EDB28D5DB3BAE8E7 ] MpKsla12bf967   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B030F168-5114-44A3-AEB8-6BE6494F9665}\MpKsla12bf967.sys
19:02:25.0468 0x0f78  MpKsla12bf967 - ok
19:02:25.0546 0x0f78  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
19:02:25.0671 0x0f78  mpsdrv - ok
19:02:25.0796 0x0f78  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\windows\system32\mpssvc.dll
19:02:25.0983 0x0f78  MpsSvc - ok
19:02:26.0061 0x0f78  [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
19:02:26.0264 0x0f78  MRxDAV - ok
19:02:26.0389 0x0f78  [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
19:02:26.0513 0x0f78  mrxsmb - ok
19:02:26.0607 0x0f78  [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
19:02:26.0747 0x0f78  mrxsmb10 - ok
19:02:26.0810 0x0f78  [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
19:02:26.0950 0x0f78  mrxsmb20 - ok
19:02:27.0013 0x0f78  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\windows\system32\drivers\msahci.sys
19:02:27.0075 0x0f78  msahci - ok
19:02:27.0137 0x0f78  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\windows\system32\drivers\msdsm.sys
19:02:27.0215 0x0f78  msdsm - ok
19:02:27.0278 0x0f78  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\windows\System32\msdtc.exe
19:02:27.0371 0x0f78  MSDTC - ok
19:02:27.0449 0x0f78  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\windows\system32\drivers\Msfs.sys
19:02:27.0699 0x0f78  Msfs - ok
19:02:27.0746 0x0f78  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
19:02:27.0902 0x0f78  mshidkmdf - ok
19:02:27.0949 0x0f78  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
19:02:27.0995 0x0f78  msisadrv - ok
19:02:28.0058 0x0f78  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\windows\system32\iscsiexe.dll
19:02:28.0229 0x0f78  MSiSCSI - ok
19:02:28.0261 0x0f78  msiserver - ok
19:02:28.0339 0x0f78  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
19:02:28.0463 0x0f78  MSKSSRV - ok
19:02:28.0541 0x0f78  [ CC09BB7FDEFC5763CCB3CF7DAE2D76CF, F8F00900EDBA2F64BF136DD0B6C83CAF07C72F24F3D49C78B7EA24757FDBC6D0 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
19:02:28.0604 0x0f78  MsMpSvc - ok
19:02:28.0666 0x0f78  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
19:02:28.0791 0x0f78  MSPCLOCK - ok
19:02:28.0838 0x0f78  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
19:02:28.0994 0x0f78  MSPQM - ok
19:02:29.0072 0x0f78  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
19:02:29.0134 0x0f78  MsRPC - ok
19:02:29.0181 0x0f78  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\windows\system32\drivers\mssmbios.sys
19:02:29.0259 0x0f78  mssmbios - ok
19:02:29.0321 0x0f78  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
19:02:29.0446 0x0f78  MSTEE - ok
19:02:29.0509 0x0f78  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\windows\system32\DRIVERS\MTConfig.sys
19:02:29.0587 0x0f78  MTConfig - ok
19:02:29.0665 0x0f78  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\windows\system32\Drivers\mup.sys
19:02:29.0727 0x0f78  Mup - ok
19:02:29.0821 0x0f78  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\windows\system32\qagentRT.dll
19:02:29.0992 0x0f78  napagent - ok
19:02:30.0117 0x0f78  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
19:02:30.0211 0x0f78  NativeWifiP - ok
19:02:30.0351 0x0f78  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\windows\system32\drivers\ndis.sys
19:02:30.0476 0x0f78  NDIS - ok
19:02:30.0554 0x0f78  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
19:02:30.0741 0x0f78  NdisCap - ok
19:02:30.0803 0x0f78  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
19:02:30.0913 0x0f78  NdisTapi - ok
19:02:31.0006 0x0f78  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
19:02:31.0147 0x0f78  Ndisuio - ok
19:02:31.0225 0x0f78  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
19:02:31.0334 0x0f78  NdisWan - ok
19:02:31.0396 0x0f78  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
19:02:31.0521 0x0f78  NDProxy - ok
19:02:31.0583 0x0f78  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
19:02:31.0739 0x0f78  NetBIOS - ok
19:02:31.0817 0x0f78  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
19:02:31.0958 0x0f78  NetBT - ok
19:02:32.0005 0x0f78  [ 1667D76FBF42B24B9DE3E8B0A7CF06BE, AB9FD4F7B007633FEC552D14932CDEB56DBCE56D152C0EDC91FAFD08E636AADC ] Netlogon        C:\windows\system32\lsass.exe
19:02:32.0067 0x0f78  Netlogon - ok
19:02:32.0176 0x0f78  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\windows\System32\netman.dll
19:02:32.0348 0x0f78  Netman - ok
19:02:32.0441 0x0f78  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:02:32.0535 0x0f78  NetMsmqActivator - ok
19:02:32.0566 0x0f78  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:02:32.0629 0x0f78  NetPipeActivator - ok
19:02:32.0722 0x0f78  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\windows\System32\netprofm.dll
19:02:32.0878 0x0f78  netprofm - ok
19:02:32.0909 0x0f78  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:02:32.0987 0x0f78  NetTcpActivator - ok
19:02:33.0019 0x0f78  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:02:33.0081 0x0f78  NetTcpPortSharing - ok
19:02:33.0159 0x0f78  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\windows\system32\DRIVERS\nfrd960.sys
19:02:33.0221 0x0f78  nfrd960 - ok
19:02:33.0299 0x0f78  [ 780FF28BCD8470C5FDDEEF69982AA295, 1ED386E87E0AA733F23D554D2BF4EF4168DB9A419B7BA0BA8FBA20F118BE21DF ] NisDrv          C:\windows\system32\DRIVERS\NisDrvWFP.sys
19:02:33.0362 0x0f78  NisDrv - ok
19:02:33.0455 0x0f78  [ 3FF257F54649D4F19E39263C5D581CD1, 1F201EEE770A452AA30C6270AAA456A77F9F3A102F473E12C22D3B8809932C1B ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
19:02:33.0533 0x0f78  NisSrv - ok
19:02:33.0596 0x0f78  [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc          C:\windows\System32\nlasvc.dll
19:02:33.0736 0x0f78  NlaSvc - ok
19:02:33.0799 0x0f78  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\windows\system32\drivers\Npfs.sys
19:02:33.0923 0x0f78  Npfs - ok
19:02:33.0986 0x0f78  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\windows\system32\nsisvc.dll
19:02:34.0142 0x0f78  nsi - ok
19:02:34.0173 0x0f78  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
19:02:34.0298 0x0f78  nsiproxy - ok
19:02:34.0469 0x0f78  [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
19:02:34.0641 0x0f78  Ntfs - ok
19:02:34.0703 0x0f78  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\windows\system32\drivers\Null.sys
19:02:34.0828 0x0f78  Null - ok
19:02:34.0875 0x0f78  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\windows\system32\drivers\nvraid.sys
19:02:34.0937 0x0f78  nvraid - ok
19:02:35.0015 0x0f78  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\windows\system32\drivers\nvstor.sys
19:02:35.0062 0x0f78  nvstor - ok
19:02:35.0140 0x0f78  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
19:02:35.0203 0x0f78  nv_agp - ok
19:02:35.0327 0x0f78  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:02:35.0437 0x0f78  odserv - ok
19:02:35.0499 0x0f78  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\windows\system32\drivers\ohci1394.sys
19:02:35.0546 0x0f78  ohci1394 - ok
19:02:35.0639 0x0f78  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:02:35.0686 0x0f78  ose - ok
19:02:35.0780 0x0f78  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
19:02:35.0905 0x0f78  p2pimsvc - ok
19:02:35.0983 0x0f78  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\windows\system32\p2psvc.dll
19:02:36.0092 0x0f78  p2psvc - ok
19:02:36.0154 0x0f78  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\windows\system32\DRIVERS\parport.sys
19:02:36.0248 0x0f78  Parport - ok
19:02:36.0310 0x0f78  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\windows\system32\drivers\partmgr.sys
19:02:36.0373 0x0f78  partmgr - ok
19:02:36.0435 0x0f78  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\windows\system32\DRIVERS\parvdm.sys
19:02:36.0513 0x0f78  Parvdm - ok
19:02:36.0575 0x0f78  [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc          C:\windows\System32\pcasvc.dll
19:02:36.0685 0x0f78  PcaSvc - ok
19:02:36.0763 0x0f78  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\windows\system32\drivers\pci.sys
19:02:36.0825 0x0f78  pci - ok
19:02:36.0887 0x0f78  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\windows\system32\drivers\pciide.sys
19:02:36.0950 0x0f78  pciide - ok
19:02:37.0043 0x0f78  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\windows\system32\DRIVERS\pcmcia.sys
19:02:37.0106 0x0f78  pcmcia - ok
19:02:37.0153 0x0f78  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\windows\system32\drivers\pcw.sys
19:02:37.0215 0x0f78  pcw - ok
19:02:37.0355 0x0f78  [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH          C:\windows\system32\drivers\peauth.sys
19:02:37.0480 0x0f78  PEAUTH - ok
19:02:37.0699 0x0f78  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\windows\system32\pla.dll
19:02:38.0011 0x0f78  pla - ok
19:02:38.0104 0x0f78  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\windows\system32\umpnpmgr.dll
19:02:38.0229 0x0f78  PlugPlay - ok
19:02:38.0276 0x0f78  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
19:02:38.0338 0x0f78  PNRPAutoReg - ok
19:02:38.0385 0x0f78  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
19:02:38.0463 0x0f78  PNRPsvc - ok
19:02:38.0525 0x0f78  [ 56E08C5366865A8DE8D106BFC27490A4, 32DA00ADF32D1087988F3E87D273A2B559683BE626CD5C5FFC1702D28D8AF822 ] Point32         C:\windows\system32\DRIVERS\point32.sys
19:02:38.0572 0x0f78  Point32 - ok
19:02:38.0650 0x0f78  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
19:02:38.0791 0x0f78  PolicyAgent - ok
19:02:38.0853 0x0f78  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\windows\system32\umpo.dll
19:02:38.0978 0x0f78  Power - ok
19:02:39.0040 0x0f78  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
19:02:39.0165 0x0f78  PptpMiniport - ok
19:02:39.0196 0x0f78  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\windows\system32\DRIVERS\processr.sys
19:02:39.0259 0x0f78  Processor - ok
19:02:39.0321 0x0f78  [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc         C:\windows\system32\profsvc.dll
19:02:39.0477 0x0f78  ProfSvc - ok
19:02:39.0508 0x0f78  [ 1667D76FBF42B24B9DE3E8B0A7CF06BE, AB9FD4F7B007633FEC552D14932CDEB56DBCE56D152C0EDC91FAFD08E636AADC ] ProtectedStorage C:\windows\system32\lsass.exe
19:02:39.0571 0x0f78  ProtectedStorage - ok
19:02:39.0649 0x0f78  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\windows\system32\DRIVERS\pacer.sys
19:02:39.0789 0x0f78  Psched - ok
19:02:39.0945 0x0f78  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\windows\system32\DRIVERS\ql2300.sys
19:02:40.0148 0x0f78  ql2300 - ok
19:02:40.0210 0x0f78  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\windows\system32\DRIVERS\ql40xx.sys
19:02:40.0273 0x0f78  ql40xx - ok
19:02:40.0351 0x0f78  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\windows\system32\qwave.dll
19:02:40.0475 0x0f78  QWAVE - ok
19:02:40.0522 0x0f78  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
19:02:40.0616 0x0f78  QWAVEdrv - ok
19:02:40.0647 0x0f78  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
19:02:40.0772 0x0f78  RasAcd - ok
19:02:40.0834 0x0f78  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
19:02:40.0975 0x0f78  RasAgileVpn - ok
19:02:41.0037 0x0f78  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\windows\System32\rasauto.dll
19:02:41.0162 0x0f78  RasAuto - ok
19:02:41.0224 0x0f78  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
19:02:41.0333 0x0f78  Rasl2tp - ok
19:02:41.0427 0x0f78  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\windows\System32\rasmans.dll
19:02:41.0583 0x0f78  RasMan - ok
19:02:41.0661 0x0f78  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
19:02:41.0801 0x0f78  RasPppoe - ok
19:02:41.0848 0x0f78  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
19:02:41.0957 0x0f78  RasSstp - ok
19:02:42.0035 0x0f78  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
19:02:42.0160 0x0f78  rdbss - ok
19:02:42.0238 0x0f78  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\windows\system32\DRIVERS\rdpbus.sys
19:02:42.0316 0x0f78  rdpbus - ok
19:02:42.0394 0x0f78  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
19:02:42.0535 0x0f78  RDPCDD - ok
19:02:42.0613 0x0f78  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
19:02:42.0753 0x0f78  RDPENCDD - ok
19:02:42.0815 0x0f78  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
19:02:42.0925 0x0f78  RDPREFMP - ok
19:02:42.0971 0x0f78  [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
19:02:43.0127 0x0f78  RDPWD - ok
19:02:43.0205 0x0f78  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
19:02:43.0268 0x0f78  rdyboost - ok
19:02:43.0330 0x0f78  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\windows\System32\mprdim.dll
19:02:43.0455 0x0f78  RemoteAccess - ok
19:02:43.0517 0x0f78  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\windows\system32\regsvc.dll
19:02:43.0798 0x0f78  RemoteRegistry - ok
19:02:43.0892 0x0f78  [ CB928D9E6DAF51879DD6BA8D02F01321, DFD263B67DDF98AE09AF6D6986CBC7BE3206BCE8403AAC51BCF9459E78233D12 ] RFCOMM          C:\windows\system32\DRIVERS\rfcomm.sys
19:02:43.0970 0x0f78  RFCOMM - ok
19:02:44.0017 0x0f78  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
19:02:44.0157 0x0f78  RpcEptMapper - ok
19:02:44.0219 0x0f78  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\windows\system32\locator.exe
19:02:44.0266 0x0f78  RpcLocator - ok
19:02:44.0344 0x0f78  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\windows\system32\rpcss.dll
19:02:44.0500 0x0f78  RpcSs - ok
19:02:44.0578 0x0f78  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
19:02:44.0703 0x0f78  rspndr - ok
19:02:44.0765 0x0f78  [ 1667D76FBF42B24B9DE3E8B0A7CF06BE, AB9FD4F7B007633FEC552D14932CDEB56DBCE56D152C0EDC91FAFD08E636AADC ] SamSs           C:\windows\system32\lsass.exe
19:02:44.0828 0x0f78  SamSs - ok
19:02:44.0968 0x0f78  [ 39763504067962108505BFF25F024345, 73C9710B61EDC7FBEDE1D7A767AA3D3A169E7AD012494D05CB5EE7E5C5752BB9 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
19:02:44.0999 0x0f78  SASDIFSV - ok
19:02:45.0046 0x0f78  [ 77B9FC20084B48408AD3E87570EB4A85, B5BC5FEC1356DECB66A7A671DB67112BDAC8F942BF1C4B986B1805B41EF362B1 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
19:02:45.0093 0x0f78  SASKUTIL - ok
19:02:45.0187 0x0f78  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
19:02:45.0249 0x0f78  sbp2port - ok
19:02:45.0327 0x0f78  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\windows\System32\SCardSvr.dll
19:02:45.0467 0x0f78  SCardSvr - ok
19:02:45.0530 0x0f78  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
19:02:45.0639 0x0f78  scfilter - ok
19:02:45.0795 0x0f78  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\windows\system32\schedsvc.dll
19:02:46.0029 0x0f78  Schedule - ok
19:02:46.0091 0x0f78  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\windows\System32\certprop.dll
19:02:46.0201 0x0f78  SCPolicySvc - ok
19:02:46.0263 0x0f78  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\windows\System32\SDRSVC.dll
19:02:46.0372 0x0f78  SDRSVC - ok
19:02:46.0435 0x0f78  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\windows\system32\drivers\secdrv.sys
19:02:46.0559 0x0f78  secdrv - ok
19:02:46.0622 0x0f78  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\windows\system32\seclogon.dll
19:02:46.0747 0x0f78  seclogon - ok
19:02:46.0809 0x0f78  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\windows\System32\sens.dll
19:02:46.0918 0x0f78  SENS - ok
19:02:46.0965 0x0f78  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\windows\system32\DRIVERS\serenum.sys
19:02:47.0027 0x0f78  Serenum - ok
19:02:47.0105 0x0f78  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\windows\system32\DRIVERS\serial.sys
19:02:47.0168 0x0f78  Serial - ok
19:02:47.0199 0x0f78  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\windows\system32\DRIVERS\sermouse.sys
19:02:47.0277 0x0f78  sermouse - ok
19:02:47.0402 0x0f78  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\windows\system32\sessenv.dll
19:02:47.0558 0x0f78  SessionEnv - ok
19:02:47.0636 0x0f78  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\windows\system32\drivers\sffdisk.sys
19:02:47.0729 0x0f78  sffdisk - ok
19:02:47.0761 0x0f78  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys
19:02:47.0839 0x0f78  sffp_mmc - ok
19:02:47.0885 0x0f78  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys
19:02:47.0948 0x0f78  sffp_sd - ok
19:02:48.0010 0x0f78  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\windows\system32\DRIVERS\sfloppy.sys
19:02:48.0073 0x0f78  sfloppy - ok
19:02:48.0166 0x0f78  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\windows\System32\ipnathlp.dll
19:02:48.0338 0x0f78  SharedAccess - ok
19:02:48.0416 0x0f78  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\windows\System32\shsvcs.dll
19:02:48.0572 0x0f78  ShellHWDetection - ok
19:02:48.0650 0x0f78  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\windows\system32\drivers\sisagp.sys
19:02:48.0712 0x0f78  sisagp - ok
19:02:48.0775 0x0f78  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\windows\system32\DRIVERS\SiSRaid2.sys
19:02:48.0837 0x0f78  SiSRaid2 - ok
19:02:48.0884 0x0f78  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\windows\system32\DRIVERS\sisraid4.sys
19:02:48.0946 0x0f78  SiSRaid4 - ok
19:02:49.0040 0x0f78  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
19:02:49.0118 0x0f78  SkypeUpdate - ok
19:02:49.0211 0x0f78  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\windows\system32\DRIVERS\smb.sys
19:02:49.0336 0x0f78  Smb - ok
19:02:49.0430 0x0f78  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
19:02:49.0523 0x0f78  SNMPTRAP - ok
19:02:49.0570 0x0f78  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\windows\system32\drivers\spldr.sys
19:02:49.0617 0x0f78  spldr - ok
19:02:49.0695 0x0f78  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\windows\System32\spoolsv.exe
19:02:49.0820 0x0f78  Spooler - ok
19:02:50.0179 0x0f78  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\windows\system32\sppsvc.exe
19:02:50.0725 0x0f78  sppsvc - ok
19:02:50.0803 0x0f78  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\windows\system32\sppuinotify.dll
19:02:50.0943 0x0f78  sppuinotify - ok
19:02:51.0005 0x0f78  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\windows\system32\DRIVERS\srv.sys
19:02:51.0115 0x0f78  srv - ok
19:02:51.0161 0x0f78  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
19:02:51.0239 0x0f78  srv2 - ok
19:02:51.0286 0x0f78  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
19:02:51.0364 0x0f78  srvnet - ok
19:02:51.0427 0x0f78  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
19:02:51.0551 0x0f78  SSDPSRV - ok
19:02:51.0598 0x0f78  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\windows\system32\sstpsvc.dll
19:02:51.0739 0x0f78  SstpSvc - ok
19:02:51.0785 0x0f78  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\windows\system32\DRIVERS\stexstor.sys
19:02:51.0832 0x0f78  stexstor - ok
19:02:51.0926 0x0f78  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\windows\System32\wiaservc.dll
19:02:52.0051 0x0f78  StiSvc - ok
19:02:52.0097 0x0f78  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\windows\system32\drivers\swenum.sys
19:02:52.0144 0x0f78  swenum - ok
19:02:52.0207 0x0f78  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\windows\System32\swprv.dll
19:02:52.0363 0x0f78  swprv - ok
19:02:52.0441 0x0f78  [ 8BD10DC8809DC69A1C5A795CB10ADD76, 92ED1BC580DC2BE539296D69775368C974FBB0145A5114BA250261E49E073960 ] SynTP           C:\windows\system32\DRIVERS\SynTP.sys
19:02:52.0503 0x0f78  SynTP - ok
19:02:52.0643 0x0f78  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\windows\system32\sysmain.dll
19:02:52.0831 0x0f78  SysMain - ok
19:02:52.0893 0x0f78  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\windows\System32\TabSvc.dll
19:02:52.0987 0x0f78  TabletInputService - ok
19:02:53.0049 0x0f78  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\windows\System32\tapisrv.dll
19:02:53.0221 0x0f78  TapiSrv - ok
19:02:53.0283 0x0f78  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\windows\System32\tbssvc.dll
19:02:53.0392 0x0f78  TBS - ok
19:02:53.0595 0x0f78  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip           C:\windows\system32\drivers\tcpip.sys
19:02:53.0798 0x0f78  Tcpip - ok
19:02:54.0001 0x0f78  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
19:02:54.0141 0x0f78  TCPIP6 - ok
19:02:54.0188 0x0f78  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
19:02:54.0235 0x0f78  tcpipreg - ok
19:02:54.0297 0x0f78  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys
19:02:54.0375 0x0f78  TDPIPE - ok
19:02:54.0406 0x0f78  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys
19:02:54.0453 0x0f78  TDTCP - ok
19:02:54.0500 0x0f78  [ 7FE680A3DFA421C4A8E4879AE4C5AAB0, A4C64E155AB2843823CD3586756BA7681CFDEA50812095468221503BBAD30DCD ] tdx             C:\windows\system32\DRIVERS\tdx.sys
19:02:54.0593 0x0f78  tdx - ok
19:02:54.0656 0x0f78  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\windows\system32\drivers\termdd.sys
19:02:54.0687 0x0f78  TermDD - ok
19:02:54.0765 0x0f78  [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService     C:\windows\System32\termsrv.dll
19:02:54.0905 0x0f78  TermService - ok
19:02:54.0952 0x0f78  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\windows\system32\themeservice.dll
19:02:55.0061 0x0f78  Themes - ok
19:02:55.0124 0x0f78  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\windows\system32\mmcss.dll
19:02:55.0249 0x0f78  THREADORDER - ok
19:02:55.0295 0x0f78  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\windows\System32\trkwks.dll
19:02:55.0483 0x0f78  TrkWks - ok
19:02:55.0576 0x0f78  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
19:02:55.0717 0x0f78  TrustedInstaller - ok
19:02:55.0779 0x0f78  [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys
19:02:55.0857 0x0f78  tssecsrv - ok
19:02:55.0919 0x0f78  [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
19:02:56.0013 0x0f78  TsUsbFlt - ok
19:02:56.0107 0x0f78  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
19:02:56.0263 0x0f78  tunnel - ok
19:02:56.0309 0x0f78  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\windows\system32\DRIVERS\uagp35.sys
19:02:56.0387 0x0f78  uagp35 - ok
19:02:56.0450 0x0f78  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
19:02:56.0606 0x0f78  udfs - ok
19:02:56.0684 0x0f78  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\windows\system32\UI0Detect.exe
19:02:56.0777 0x0f78  UI0Detect - ok
19:02:56.0824 0x0f78  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
19:02:56.0887 0x0f78  uliagpkx - ok
19:02:56.0949 0x0f78  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\windows\system32\drivers\umbus.sys
19:02:57.0027 0x0f78  umbus - ok
19:02:57.0058 0x0f78  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\windows\system32\DRIVERS\umpass.sys
19:02:57.0136 0x0f78  UmPass - ok
19:02:57.0214 0x0f78  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\windows\System32\upnphost.dll
19:02:57.0386 0x0f78  upnphost - ok
19:02:57.0433 0x0f78  [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys
19:02:57.0511 0x0f78  usbccgp - ok
19:02:57.0557 0x0f78  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\windows\system32\drivers\usbcir.sys
19:02:57.0635 0x0f78  usbcir - ok
19:02:57.0682 0x0f78  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\windows\system32\drivers\usbehci.sys
19:02:57.0745 0x0f78  usbehci - ok
19:02:57.0838 0x0f78  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
19:02:57.0932 0x0f78  usbhub - ok
19:02:57.0979 0x0f78  [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci         C:\windows\system32\drivers\usbohci.sys
19:02:58.0041 0x0f78  usbohci - ok
19:02:58.0088 0x0f78  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\windows\system32\DRIVERS\usbprint.sys
19:02:58.0150 0x0f78  usbprint - ok
19:02:58.0197 0x0f78  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS
19:02:58.0275 0x0f78  USBSTOR - ok
19:02:58.0337 0x0f78  [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci         C:\windows\system32\drivers\usbuhci.sys
19:02:58.0400 0x0f78  usbuhci - ok
19:02:58.0478 0x0f78  [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys
19:02:58.0525 0x0f78  usbvideo - ok
19:02:58.0571 0x0f78  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\windows\System32\uxsms.dll
19:02:58.0696 0x0f78  UxSms - ok
19:02:58.0743 0x0f78  [ 1667D76FBF42B24B9DE3E8B0A7CF06BE, AB9FD4F7B007633FEC552D14932CDEB56DBCE56D152C0EDC91FAFD08E636AADC ] VaultSvc        C:\windows\system32\lsass.exe
19:02:58.0805 0x0f78  VaultSvc - ok
19:02:58.0868 0x0f78  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
19:02:58.0930 0x0f78  vdrvroot - ok
19:02:59.0024 0x0f78  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\windows\System32\vds.exe
19:02:59.0211 0x0f78  vds - ok
19:02:59.0289 0x0f78  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\windows\system32\DRIVERS\vgapnp.sys
19:02:59.0367 0x0f78  vga - ok
19:02:59.0414 0x0f78  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\windows\System32\drivers\vga.sys
19:02:59.0570 0x0f78  VgaSave - ok
19:02:59.0819 0x0f78  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\windows\system32\drivers\vhdmp.sys
19:02:59.0913 0x0f78  vhdmp - ok
19:03:00.0022 0x0f78  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\windows\system32\drivers\viaagp.sys
19:03:00.0131 0x0f78  viaagp - ok
19:03:00.0209 0x0f78  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\windows\system32\DRIVERS\viac7.sys
19:03:00.0319 0x0f78  ViaC7 - ok
19:03:00.0365 0x0f78  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\windows\system32\drivers\viaide.sys
19:03:00.0428 0x0f78  viaide - ok
19:03:00.0631 0x0f78  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\windows\system32\drivers\volmgr.sys
19:03:00.0724 0x0f78  volmgr - ok
19:03:00.0802 0x0f78  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
19:03:00.0927 0x0f78  volmgrx - ok
19:03:01.0036 0x0f78  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\windows\system32\drivers\volsnap.sys
19:03:01.0130 0x0f78  volsnap - ok
19:03:01.0223 0x0f78  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\windows\system32\DRIVERS\vsmraid.sys
19:03:01.0286 0x0f78  vsmraid - ok
19:03:01.0489 0x0f78  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\windows\system32\vssvc.exe
19:03:01.0723 0x0f78  VSS - ok
19:03:01.0785 0x0f78  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys
19:03:01.0879 0x0f78  vwifibus - ok
19:03:01.0910 0x0f78  [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
19:03:02.0019 0x0f78  vwififlt - ok
19:03:02.0050 0x0f78  [ A3F04CBEA6C2A10E6CB01F8B47611882, 32AFE18B07FECA30BC95831A5DC94C784E543784DF16165334A777DC84E91EF3 ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
19:03:02.0128 0x0f78  vwifimp - ok
19:03:02.0206 0x0f78  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\windows\system32\w32time.dll
19:03:02.0378 0x0f78  W32Time - ok
19:03:02.0440 0x0f78  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\windows\system32\DRIVERS\wacompen.sys
19:03:02.0518 0x0f78  WacomPen - ok
19:03:02.0596 0x0f78  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys
19:03:02.0737 0x0f78  WANARP - ok
19:03:02.0768 0x0f78  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
19:03:02.0893 0x0f78  Wanarpv6 - ok
19:03:03.0049 0x0f78  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\windows\system32\wbengine.exe
19:03:03.0345 0x0f78  wbengine - ok
19:03:03.0407 0x0f78  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
19:03:03.0548 0x0f78  WbioSrvc - ok
19:03:03.0657 0x0f78  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\windows\System32\wcncsvc.dll
19:03:03.0782 0x0f78  wcncsvc - ok
19:03:03.0829 0x0f78  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
19:03:03.0891 0x0f78  WcsPlugInService - ok
19:03:03.0938 0x0f78  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\windows\system32\DRIVERS\wd.sys
19:03:03.0985 0x0f78  Wd - ok
19:03:04.0063 0x0f78  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
19:03:04.0156 0x0f78  Wdf01000 - ok
19:03:04.0203 0x0f78  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost  C:\windows\system32\wdi.dll
19:03:04.0359 0x0f78  WdiServiceHost - ok
19:03:04.0390 0x0f78  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost   C:\windows\system32\wdi.dll
19:03:04.0484 0x0f78  WdiSystemHost - ok
19:03:04.0562 0x0f78  [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient       C:\windows\System32\webclnt.dll
19:03:04.0671 0x0f78  WebClient - ok
19:03:04.0733 0x0f78  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\windows\system32\wecsvc.dll
19:03:04.0905 0x0f78  Wecsvc - ok
19:03:04.0936 0x0f78  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\windows\System32\wercplsupport.dll
19:03:05.0077 0x0f78  wercplsupport - ok
19:03:05.0170 0x0f78  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\windows\System32\WerSvc.dll
19:03:05.0311 0x0f78  WerSvc - ok
19:03:05.0342 0x0f78  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys
19:03:05.0482 0x0f78  WfpLwf - ok
19:03:05.0529 0x0f78  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\windows\system32\drivers\wimmount.sys
19:03:05.0591 0x0f78  WIMMount - ok
19:03:05.0716 0x0f78  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
19:03:05.0888 0x0f78  WinDefend - ok
19:03:05.0935 0x0f78  WinHttpAutoProxySvc - ok
19:03:06.0028 0x0f78  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
19:03:06.0184 0x0f78  Winmgmt - ok
19:03:06.0356 0x0f78  [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM           C:\windows\system32\WsmSvc.dll
19:03:06.0699 0x0f78  WinRM - ok
19:03:06.0824 0x0f78  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\windows\system32\drivers\WinUsb.sys
19:03:07.0198 0x0f78  WinUsb - ok
19:03:07.0323 0x0f78  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\windows\System32\wlansvc.dll
19:03:07.0619 0x0f78  Wlansvc - ok
19:03:07.0697 0x0f78  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\windows\system32\drivers\wmiacpi.sys
19:03:07.0885 0x0f78  WmiAcpi - ok
19:03:07.0978 0x0f78  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
19:03:08.0150 0x0f78  wmiApSrv - ok
19:03:08.0353 0x0f78  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
19:03:08.0649 0x0f78  WMPNetworkSvc - ok
19:03:08.0711 0x0f78  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\windows\System32\wpcsvc.dll
19:03:08.0805 0x0f78  WPCSvc - ok
19:03:08.0867 0x0f78  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
19:03:08.0992 0x0f78  WPDBusEnum - ok
19:03:09.0039 0x0f78  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
19:03:09.0179 0x0f78  ws2ifsl - ok
19:03:09.0226 0x0f78  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\windows\System32\wscsvc.dll
19:03:09.0367 0x0f78  wscsvc - ok
19:03:09.0398 0x0f78  WSearch - ok
19:03:09.0663 0x0f78  [ 7E5C454A3F986FEBAD075DB8D915917E, 9E9147DDACD075958689523130DB92FC4ED0E38433461D8AB8792BCFBD9376DA ] wuauserv        C:\windows\system32\wuaueng.dll
19:03:10.0084 0x0f78  wuauserv - ok
19:03:10.0162 0x0f78  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
19:03:10.0318 0x0f78  WudfPf - ok
19:03:10.0396 0x0f78  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\windows\system32\drivers\WUDFRd.sys
19:03:10.0552 0x0f78  WUDFRd - ok
19:03:10.0661 0x0f78  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\windows\System32\WUDFSvc.dll
19:03:10.0849 0x0f78  wudfsvc - ok
19:03:10.0911 0x0f78  [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc         C:\windows\System32\wwansvc.dll
19:03:11.0207 0x0f78  WwanSvc - ok
19:03:11.0363 0x0f78  ================ Scan global ===============================
19:03:11.0395 0x0f78  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\windows\system32\basesrv.dll
19:03:11.0457 0x0f78  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\windows\system32\winsrv.dll
19:03:11.0519 0x0f78  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\windows\system32\winsrv.dll
19:03:11.0582 0x0f78  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\windows\system32\sxssrv.dll
19:03:11.0644 0x0f78  [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\windows\system32\services.exe
19:03:11.0675 0x0f78  [ Global ] - ok
19:03:11.0691 0x0f78  ================ Scan MBR ==================================
19:03:11.0722 0x0f78  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:03:12.0175 0x0f78  \Device\Harddisk0\DR0 - ok
19:03:12.0190 0x0f78  ================ Scan VBR ==================================
19:03:12.0206 0x0f78  [ C9C7878519AE85EE604372B427E07BA3 ] \Device\Harddisk0\DR0\Partition1
19:03:12.0206 0x0f78  \Device\Harddisk0\DR0\Partition1 - ok
19:03:12.0221 0x0f78  ================ Scan generic autorun ======================
19:03:12.0440 0x0f78  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
19:03:12.0923 0x0f78  Sidebar - ok
19:03:12.0955 0x0f78  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
19:03:13.0173 0x0f78  mctadmin - ok
19:03:13.0360 0x0f78  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
19:03:13.0610 0x0f78  Sidebar - ok
19:03:13.0703 0x0f78  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
19:03:13.0859 0x0f78  mctadmin - ok
19:03:14.0452 0x0f78  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.8.204.0 ), 0x61000 ( enabled : updated )
19:03:14.0639 0x0f78  Win FW state via NFP2: enabled
19:03:14.0639 0x0f78  ============================================================
19:03:14.0639 0x0f78  Scan finished
19:03:14.0639 0x0f78  ============================================================
19:03:14.0686 0x0cfc  Detected object count: 0
19:03:14.0686 0x0cfc  Actual detected object count: 0
 

I hope this helps.

 

Dave


  • 0

Advertisements


#11
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hmm if it took out something it was very early on in the first run.. Is the CPU still stable ?
  • 0

#12
dave423

dave423

    Member

  • Topic Starter
  • Member
  • PipPip
  • 62 posts

Nope.  It's still jumping all over the place.  It seems to calm down sometimes, but then spikes back up if I restart the computer. Here are a couple of screenshotsss3.jpg sst1.jpg

 

Baffels the heck outta me.


  • 0

#13
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you go to control panel > administrative tools > services
Locate and select Windows management Instrumentation

Then on the left select restart

Capture.JPG

Does the cpu load then drop ?
  • 0

#14
dave423

dave423

    Member

  • Topic Starter
  • Member
  • PipPip
  • 62 posts

Nope. It's still bouncing.  What next?


  • 0

#15
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
It appears to be WMI, based on the screenshot you put up

Could you run the MSHotfix from here http://www.microsoft...lang=en&id=1157
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP