Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HijackThis Log: Please help Diagnose (SVP, de l'aide pour le diagnostic )


  • This topic is locked This topic is locked
10 replies to this topic

#1 deido

deido

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:52 AM

Posted 21 November 2013 - 10:20 AM

Hello.
First, sorry for my English. I speak better French. My problem is this. In recent days, my nephew used my computer to play and since then my computer has become very slow and I think it was a virus and my antivirus (avira) became useless. The memory of my computer is 100% permanence. I used AdwCleaner, ccleaner, spybot etc .... But in vain because nothing changes. So I ask you for help. Please .... Please help me solve this problem. Thank you in advance


Bonjour.
Tout d'abord , désolé pour mon anglais. Je parles mieux francais. Mon probleme est le suivant. Depuis quelques jours, mon neveu a utilisé mon ordinateur pour jouer et depuis , mon ordinateur est devenu très lent et je penses qu'il a été infecté par un virus et mon antivirus ( avira ) est devenu inutile. La memoire de mon ordinateur est en permanance à 100%. J'ai utilisé adwcleaner, ccleaner, spybot etc....Mais en vain car rien ne change. Je vous demande donc de l'aide. S'il vous plait....Aidez moi à resoudre ce problème. Merci par avance

--------------

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:18:39, on 21/11/2013
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.17267)
Boot mode: Normal

Running processes:
C:\Users\Nicolas\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Nicolas\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Nicolas\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Nicolas\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Nicolas\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Nicolas\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Nicolas\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: ZoneAlarm Toolbar Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: Metamail IEPlugin - {C09C9904-FD44-11D6-A711-00105AC8F168} - C:\PROGRA~1\METAMA~1\METAMA~1\IE\IEPlugIn.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: ZoneAlarm Toolbar - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_02CAFC180B8703DE544B2E88EDBEFF28] "C:\Users\Nicolas\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O15 - Trusted Zone: *.dell.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~3\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Digidesign MME Refresh Service (DigiRefresh) - Unknown owner - (no file)
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: PACE License Services (PaceLicenseDServices) - PACE Anti-Piracy, Inc. - C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\peerdistsvc.dll,-9000 (PeerDistSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: SwitchBoard - Unknown owner - (no file)
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Programme d’installation pour les modules Windows (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: XAudioService - Unknown owner - C:\Windows\system32\DRIVERS\xaudio64.exe (file missing)

--
End of file - 18039 bytes

 


Edited by deido, 21 November 2013 - 10:41 AM.


BC AdBot (Login to Remove)

 


#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:52 AM

Posted 21 November 2013 - 11:01 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 

 

Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)

  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.

 

 

 

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt


Please post the contents of that log in your next reply.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 deido

deido
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:52 AM

Posted 21 November 2013 - 11:08 AM

Thank you Marius for your response .... I execute your orders right away :-) .... And I'll let you know



#4 deido

deido
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:52 AM

Posted 21 November 2013 - 11:51 AM



Dear Marius......FRST.txt


--------------------------------------






Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-11-2013
Ran by Nicolas (administrator) on NICOLAS-PC on 21-11-2013 17:14:38
Running from C:\Users\Nicolas\Downloads
Windows 7 Ultimate (X64) OS Language: French Standard
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) =================

() C:\Windows\SysWOW64\WLTRYSVC.EXE
(Dell Inc.) C:\Windows\SysWOW64\bcmwltry.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(Conexant Systems, Inc.) C:\Windows\system32\DRIVERS\xaudio64.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Users\Nicolas\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Nicolas\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Nicolas\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Nicolas\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Nicolas\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Nicolas\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Nicolas\AppData\Local\Google\Chrome\Application\chrome.exe
(Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Microsoft Corporation) C:\Program Files\Windows NT\Accessories\WORDPAD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe

==================== Registry (Whitelisted) ==================

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [GoogleChromeAutoLaunch_02CAFC180B8703DE544B2E88EDBEFF28] - C:\Users\Nicolas\AppData\Local\Google\Chrome\Application\chrome.exe [863184 2013-11-14] (Google Inc.)
MountPoints2: {27c52ec5-2683-11e3-8b34-827ece74ee3e} - F:\AutoRun.exe
MountPoints2: {96868a54-29e5-11e3-bd5f-d224c1af000e} - F:\AutoRun.exe
MountPoints2: {c331c2d2-3854-11e1-85c3-001a6b11a91d} - F:\AutoRun.exe
MountPoints2: {ca3f027f-00e2-11e2-a413-ae3a8e68e08a} - F:\AutoRun.exe
MountPoints2: {ccf24d4f-18f0-11e3-ba9a-bc0e5bf9f11d} - F:\AutoRun.exe
MountPoints2: {f61d9b44-a3cd-11e1-b10e-ba2771e5d559} - F:\product/ACLMX_en-II_setup.exe
HKLM-x32\...\Run: [ZoneAlarm Client] - C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe [1038848 2010-07-20] (Check Point Software Technologies LTD)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_search_url = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_page_url = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - ${searchCLSID} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
BHO: ZoneAlarm Toolbar Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: ZoneAlarm Toolbar Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
BHO-x32: MCIEPlugIn Class - {C09C9904-FD44-11D6-A711-00105AC8F168} - C:\Program Files\Metamail Inc\Metamail Reader\IE\IEPlugIn.dll (Metamail Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - ZoneAlarm Toolbar - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
Toolbar: HKLM-x32 - ZoneAlarm Toolbar - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
Toolbar: HKCU - ZoneAlarm Toolbar - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter-x32: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} -  No File
ShellExecuteHooks-x32: MCOEShellHook Class - {B9E618A2-A4FE-11D4-83C2-005004636C96} - C:\Program Files\Metamail Inc\Metamail Reader\OE\OESHook.dll [36864 2003-05-09] (Metamail Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 212.27.40.241 212.27.40.240

FireFox:
========
FF ProfilePath: C:\Users\Nicolas\AppData\Roaming\Mozilla\Firefox\Profiles\28p40t7p.default
FF NewTab: https://www.google.fr
FF Homepage: https://www.google.fr/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Nicolas\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Nicolas\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Nicolas\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-france.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\cnrtl-tlfi-fr.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-france.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-france.xml
FF Extension: DownloadHelper - C:\Users\Nicolas\AppData\Roaming\Mozilla\Firefox\Profiles\28p40t7p.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: Bitdefender QuickScan - C:\Users\Nicolas\AppData\Roaming\Mozilla\Firefox\Profiles\28p40t7p.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
FF Extension: firefox - C:\Users\Nicolas\AppData\Roaming\Mozilla\Firefox\Profiles\28p40t7p.default\Extensions\firefox@kozaka.net.xpi
FF Extension: defaults - C:\Users\Nicolas\AppData\Roaming\Mozilla\Firefox\Profiles\28p40t7p.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi
FF HKLM\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] - C:\Program Files\CheckPoint\ZAForceField\TrustChecker
FF Extension: No Name - C:\Program Files\CheckPoint\ZAForceField\TrustChecker
FF HKLM-x32\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF Extension: ForceField Toolbar - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF HKLM-x32\...\Firefox\Extensions: [PHPEditXdebugExtension@waterproof.fr] - C:\Program Files\WaterProof\PHPEdit\4.0.2\Tools\FirefoxExtension\unpacked
FF Extension: PHPEdit Xdebug Extension - C:\Program Files\WaterProof\PHPEdit\4.0.2\Tools\FirefoxExtension\unpacked
FF HKCU\...\Firefox\Extensions: [PHPEditXdebugExtension@waterproof.fr] - C:\Program Files\WaterProof\PHPEdit\4.0.2\Tools\FirefoxExtension\unpacked
FF Extension: PHPEdit Xdebug Extension - C:\Program Files\WaterProof\PHPEdit\4.0.2\Tools\FirefoxExtension\unpacked

Chrome:
=======
CHR HomePage: hxxp://search.avira.com/?l=dis&o=APN10398&gct=hp&dc=EU&locale=fr_FR
CHR RestoreOnStartup: "hxxp://search.babylon.com/?AF=109130&babsrc=HP_ss&mntrId=7ace9bd2000000000000001e101f0815", "", "hxxp://www.google.fr/", "hxxp://www.google.com"
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Nicolas\AppData\Local\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Nicolas\AppData\Local\Google\Chrome\Application\31.0.1650.57\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Nicolas\AppData\Local\Google\Chrome\Application\31.0.1650.57\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Nicolas\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Google Update) - C:\Users\Nicolas\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Extension: (Floorplanner) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\abopacaefhbognnmeigicfpgnmpideag\13_0
CHR Extension: (Turn Off the Lights) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.2.0.28_0
CHR Extension: (YouTube) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (TV) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bppbpeijolfcampacpljolaegibfhjph\2.5_0
CHR Extension: (QR Code Generator) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnehiohlphfeeoajihccdlbioaickhak\1.2.0_0
CHR Extension: (Google Search) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (SEO SERP Workbench) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehbgolklgacemnfnmkkpgekngaaggjjl\1.2_0
CHR Extension: (Photo Zoom for Facebook) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi\1.1208.30.1_0
CHR Extension: (Web Studio Live) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgeflbghffbcgaiflbbefplgipglnfcj\8_0
CHR Extension: (Hide My IP) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjpcflinanhbcodekkdlmkjmjcenghij\1.1.5_0
CHR Extension: (Select and Speak) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfjopfpjmkcfgjpogepmdjmcnihfpokn\0.2.1_0
CHR Extension: (Magisto) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghmngbmfdgknokcefmkbjlcjabdklnlk\1.2.11471_0
CHR Extension: (PageRank Status) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdkkfheckcdppiaiabobmennhijkknn\8.6.0.0_0
CHR Extension: (My Cloud9) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfggcpfepgbdjcpbbgckllhjmnpnhbcc\1.0.1.0_0
CHR Extension: (PDF Mergy) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgecghmkcdefnknohcimkoemhaofpoha\0.5.3_0
CHR Extension: (Ultimate Fonts) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hncjmpdfkpibcjpadejncnfejlbdfhnb\1.0.0_0
CHR Extension: (IP Address) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnjjlbngpejmmhgcaagljaomgnginml\7.1_0
CHR Extension: (HootSuite) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\kneloppijbcidgidihgdjnooihjcdbij\5.244_0
CHR Extension: (Presefy: Broadcast slide presentation) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\laceanlcibahaedgdbmaehhdemabnppf\1.5_0
CHR Extension: (Facebook Album & Photo Manager) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgiedegfmekolcplboelnmfoiefpcpfg\1.5_0
CHR Extension: (Simplebooklet) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhfhnhfkmicpmbafobnpegjhaihjinph\8.14_0
CHR Extension: (WeVideo Next) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\limlkeaboocfcfncjkkghclkjidbedem\1.0.11150_0
CHR Extension: (DoYouBuzz) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbacbidnjfnobmifmhnkmahdgmjceach\1.16_0
CHR Extension: (Google Wallet) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (WeVideo - Video Editor and Maker) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\okgjbfikepgflmlelgfgecmgjnmnmnnb\3.3.3_0
CHR Extension: (youbeQ) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\phkafliagmkbcljlohnjkffbfggifgfi\0.2_0
CHR Extension: (Gmail) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR StartMenuInternet: Google Chrome - C:\Users\Nicolas\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

S4 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-12] (Avira Operations GmbH & Co. KG)
S4 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-12] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [815160 2013-09-12] (Avira Operations GmbH & Co. KG)
S4 Crypkey License; C:\Windows\System32\crypserv.exe [122880 2008-05-08] (CrypKey (Canada) Ltd.)
S4 DCService.exe; C:\ProgramData\DatacardService\DCService.exe [229376 2010-05-08] ()
S4 hasplms; C:\Windows\system32\hasplms.exe [3750400 2009-12-16] (SafeNet Inc.)
S4 IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [823272 2010-06-15] (Check Point Software Technologies)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S4 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
S4 NitroDriverReadSpool; C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe [341312 2010-06-24] (Nitro PDF Software)
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
S2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
S4 vsmon; C:\Windows\SysWOW64\ZoneLabs\vsmon.exe [2434568 2010-07-20] (Check Point Software Technologies LTD)
R2 wltrysvc; C:\Windows\SysWow64\WLTRYSVC.EXE [20480 2007-03-16] ()
S2 DigiRefresh;
S3 SwitchBoard;

==================== Drivers (Whitelisted) ====================

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [29288 2010-12-24] (Wondershare)
S1 Aspi32; C:\Windows\SysWow64\Drivers\Aspi32.sys [25244 2009-10-05] (Adaptec)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132088 2013-09-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-09-02] (Avira Operations GmbH & Co. KG)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [252928 2010-04-30] (Huawei Technologies Co., Ltd.)
S3 icsak; C:\Program Files\CheckPoint\ZAForceField\AK\icsak.sys [44784 2010-06-15] (Check Point Software Technologies)
R2 ISWKL; C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [33008 2010-06-15] (Check Point Software Technologies)
R1 kl1; C:\Windows\System32\DRIVERS\kl1.sys [157712 2009-10-12] (Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [351248 2009-10-12] (Kaspersky Lab)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R3 NETw4x64; C:\Windows\System32\DRIVERS\NETw4x64.sys [3137536 2007-09-26] (Intel Corporation)
R1 NetworkX; C:\Windows\system32\ckldrv.sys [28664 2008-03-17] ()
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [142120 2007-04-27] (SafeNet, Inc.)
S3 UsbEvdoAtc; C:\Windows\System32\DRIVERS\lgevdo64atc.sys [27136 2007-08-28] (LG Electronics Inc.)
S3 usbevdobus; C:\Windows\System32\DRIVERS\lgevdo64bus.sys [17408 2007-08-28] (LG Electronics Inc.)
S3 UsbEvdoDiag; C:\Windows\System32\DRIVERS\lgevdo64diag.sys [27136 2007-08-28] (LG Electronics Inc.)
S3 USBEVDOModem; C:\Windows\System32\DRIVERS\lgevdo64modem.sys [29696 2007-08-28] (LG Electronics Inc.)
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [456280 2010-06-09] (Check Point Software Technologies LTD)
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [x]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-12-01 18:49 - 2012-12-16 17:52 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-12-01 18:49 - 2012-12-16 15:40 - 00367616 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-12-01 18:49 - 2012-12-16 15:25 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-12-01 18:49 - 2012-12-16 15:25 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-11-21 17:22 - 2013-11-21 17:23 - 04101441 _____ C:\Users\Nicolas\Downloads\tdsskiller.zip
2013-11-21 17:14 - 2013-11-21 17:34 - 00020292 _____ C:\Users\Nicolas\Downloads\FRST.txt
2013-11-21 17:14 - 2013-11-21 17:14 - 00000000 ____D C:\FRST
2013-11-21 17:10 - 2013-11-21 17:12 - 01090881 _____ (Farbar) C:\Users\Nicolas\Downloads\FRST.exe
2013-11-21 17:09 - 2013-11-21 17:13 - 01957964 _____ (Farbar) C:\Users\Nicolas\Downloads\FRST64.exe
2013-11-21 15:22 - 2013-11-21 16:18 - 00018041 _____ C:\Users\Nicolas\Desktop\hijackthis.log
2013-11-21 14:59 - 2013-11-21 14:59 - 00002977 _____ C:\Users\Nicolas\Desktop\HiJackThis.lnk
2013-11-21 14:59 - 2013-11-21 14:59 - 00000000 ____D C:\Users\Nicolas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2013-11-21 14:59 - 2013-11-21 14:59 - 00000000 ____D C:\Program Files (x86)\Trend Micro
2013-11-21 14:57 - 2013-11-21 14:57 - 01402880 _____ C:\Users\Nicolas\Downloads\hijackthis_hijackthis_2.0.4_anglais_17891(1).msi
2013-11-21 14:15 - 2013-11-21 14:17 - 01402880 _____ C:\Users\Nicolas\Downloads\hijackthis_hijackthis_2.0.4_anglais_17891.msi
2013-11-21 10:08 - 2013-11-21 10:09 - 00000000 ____D C:\Users\Nicolas\AppData\Roaming\QuickScan
2013-11-21 09:03 - 2013-11-21 09:03 - 00000000 ____D C:\Program Files (x86)\ESET
2013-11-21 08:57 - 2013-11-21 08:58 - 02347384 _____ (ESET) C:\Users\Nicolas\Downloads\esetsmartinstaller_enu.exe
2013-11-20 16:05 - 2013-11-20 16:05 - 00000000 ____D C:\Users\Nicolas\Documents\ProcAlyzer Dumps
2013-11-20 10:33 - 2013-11-19 11:21 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-20 10:12 - 2013-11-20 10:12 - 00001912 _____ C:\Windows\epplauncher.mif
2013-11-20 10:10 - 2013-11-20 10:11 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-11-20 10:10 - 2013-11-20 10:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-11-20 10:07 - 2013-11-20 10:09 - 11152208 _____ (Microsoft Corporation) C:\Users\Nicolas\Downloads\mseinstall(1).exe
2013-11-20 09:56 - 2013-11-20 09:58 - 13692600 _____ (Microsoft Corporation) C:\Users\Nicolas\Downloads\mseinstall.exe
2013-11-20 09:46 - 2013-11-20 09:46 - 00000000 _____ C:\Users\Nicolas\Downloads\kav14.0.0.4651aFR_4874.exe
2013-11-20 09:45 - 2013-11-20 09:47 - 06332857 _____ C:\Users\Nicolas\Downloads\kav14.0.0.4651aFR_4874.exe.part
2013-11-20 09:43 - 2013-11-20 09:43 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2013-11-20 09:41 - 2013-11-20 09:41 - 00001246 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-11-20 09:40 - 2013-11-20 09:50 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-11-20 09:40 - 2009-01-25 13:14 - 00017272 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2013-11-20 09:30 - 2013-11-20 09:37 - 37672592 _____ (Safer-Networking Ltd.                                       ) C:\Users\Nicolas\Downloads\spybotsd-2.1.21-SR2.exe
2013-11-19 10:39 - 2013-11-19 10:39 - 00000982 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-11-19 10:39 - 2013-11-19 10:39 - 00000000 ____D C:\Users\Nicolas\AppData\Roaming\Malwarebytes
2013-11-19 10:39 - 2013-11-19 10:39 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-19 10:38 - 2013-11-19 10:39 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-19 10:38 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-11-19 10:35 - 2013-11-19 10:36 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Nicolas\Downloads\malwarebytes-anti-malware_1.75.0.1300_fr_215092.exe
2013-11-19 08:43 - 2013-11-19 08:43 - 02296952 _____ C:\Users\Nicolas\Downloads\avira_free_antivirus.exe
2013-11-18 20:38 - 2013-11-18 20:39 - 00000148 _____ C:\CONNEXIONS FREE SFR.txt
2013-11-18 20:36 - 2013-11-18 20:36 - 00000148 _____ C:\Users\Nicolas\Desktop\CONNEXIONS FREE SFR.txt
2013-11-16 18:02 - 2013-11-16 18:02 - 00000000 _____ C:\Users\Nicolas\Desktop\Nouveau document texte (3).txt
2013-11-16 14:56 - 2013-11-16 14:56 - 00001860 _____ C:\Users\Nicolas\Desktop\QUAD Registry Cleaner.exe.lnk
2013-11-16 11:40 - 2013-11-16 11:40 - 00001680 _____ C:\Users\Nicolas\Documents\cc_20131116_114034.reg
2013-11-16 11:37 - 2013-11-16 11:38 - 00029522 _____ C:\Users\Nicolas\Documents\cc_20131116_113738.reg
2013-11-16 11:34 - 2013-11-16 11:35 - 00386720 _____ C:\Users\Nicolas\Documents\cc_20131116_113425.reg
2013-11-16 11:02 - 2013-11-16 11:02 - 00002776 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-11-16 11:01 - 2013-11-16 11:01 - 00000695 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-11-16 11:01 - 2013-11-16 11:01 - 00000000 ____D C:\Program Files\CCleaner
2013-11-16 10:59 - 2013-11-16 10:59 - 04379048 _____ (Piriform Ltd) C:\Users\Nicolas\Downloads\ccsetup407.exe
2013-11-16 09:36 - 2013-11-16 10:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-15 09:58 - 2013-11-06 08:20 - 01073262 _____ C:\Users\Nicolas\Desktop\adwcleaner.exe
2013-11-14 11:15 - 2013-11-16 14:03 - 00000000 ____D C:\Users\Nicolas\Desktop\SEO CAMERFEELING
2013-11-14 08:56 - 2013-11-14 09:00 - 00000000 ____D C:\Users\Nicolas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome
2013-11-14 08:56 - 2013-11-14 08:56 - 00002248 _____ C:\Users\Nicolas\Desktop\Lanceur d'applications Google Chrome.lnk
2013-11-13 09:34 - 2013-11-13 09:37 - 00000017 _____ C:\Users\Nicolas\Desktop\num tonton alex.txt
2013-11-12 16:40 - 2013-11-12 19:32 - 00000000 ____D C:\Users\Nicolas\AppData\Local\Microsoft Games
2013-11-10 23:20 - 2013-11-10 23:20 - 00000000 ____D C:\Users\Nicolas\Desktop\inventel-g-usb2
2013-11-09 12:33 - 2013-11-09 12:33 - 00000000 ____D C:\Users\Nicolas\AppData\Roaming\Adobe
2013-11-09 12:33 - 2013-11-09 12:33 - 00000000 ____D C:\ProgramData\FLEXnet
2013-11-09 12:33 - 2013-11-09 12:33 - 00000000 ____D C:\ProgramData\Adobe
2013-11-08 18:56 - 2013-11-08 18:56 - 00023849 _____ C:\Users\Nicolas\Desktop\template.css
2013-11-06 22:06 - 2013-11-06 22:06 - 00000000 _____ C:\Users\Nicolas\Desktop\Nouveau document texte (2).txt
2013-11-06 22:04 - 2013-11-06 22:04 - 03419360 _____ C:\Users\Nicolas\Downloads\Pièces jointes_2013116.zip
2013-11-06 20:58 - 2013-11-06 20:58 - 00000000 ____D C:\Users\Nicolas\Downloads\Doc1 - Copie
2013-11-06 20:58 - 2013-11-06 19:45 - 00974826 _____ C:\Users\Nicolas\Downloads\Doc1 - Copie.zip
2013-11-05 09:20 - 2013-11-05 09:21 - 00000421 _____ C:\Users\Nicolas\Desktop\Nouveau document texte.txt
2013-11-05 08:10 - 2013-11-05 08:10 - 00003124 _____ C:\Windows\System32\Tasks\YourFile DownloaderUpdate
2013-11-04 11:01 - 2013-11-04 11:01 - 01660210 _____ C:\Users\Nicolas\Downloads\advanced-zip-password-recovery_advanced_zip_password_recovery_4.0_francais_10139.zip
2013-11-03 08:44 - 2013-11-03 08:44 - 00018699 _____ C:\Users\Nicolas\Documents\Bourse Interministérielle de l'emploi public.htm
2013-11-03 08:44 - 2013-11-03 08:44 - 00000000 ____D C:\Users\Nicolas\Documents\Bourse Interministérielle de l'emploi public_fichiers
2013-10-30 22:40 - 2013-10-30 22:40 - 00016132 _____ C:\Users\Nicolas\Documents\adb studio de création graphique à Lyon, design graphique, logo, webdesign, graphiste lyon.htm
2013-10-30 22:40 - 2013-10-30 22:40 - 00000000 ____D C:\Users\Nicolas\Documents\adb studio de création graphique à Lyon, design graphique, logo, webdesign, graphiste lyon_fichiers
2013-10-30 22:33 - 2013-10-30 22:33 - 00071684 _____ C:\Users\Nicolas\Documents\GDMDADM.htm
2013-10-30 22:33 - 2013-10-30 22:33 - 00000000 ____D C:\Users\Nicolas\Documents\GDMDADM_fichiers
2013-10-30 11:31 - 2013-10-30 11:31 - 00000000 ____D C:\Digidesign Databases
2013-10-30 08:27 - 2013-10-30 08:42 - 185112060 _____ C:\Users\Nicolas\Downloads\MD3.v1.2.1.1.Enterprise.x64.FiXED.RETAIL-ZeuS-MaddMaxx.rar
2013-10-30 03:17 - 2013-10-30 03:32 - 180997196 _____ C:\Users\Nicolas\Downloads\MD3.v1.2.1.1.Enterprise.x86.FiXED.RETAIL-ZeuS-MaddMaxx.rar
2013-10-29 11:09 - 2013-10-29 11:10 - 60678120 _____ (                                                            ) C:\Users\Nicolas\Downloads\video-editor_full1084.exe
2013-10-26 23:27 - 2013-10-26 23:27 - 00135827 _____ C:\Users\Nicolas\Desktop\Google AdSense   Modifications du code JavaScript autorisé - WebLife.htm
2013-10-26 23:27 - 2013-10-26 23:27 - 00000000 ____D C:\Users\Nicolas\Desktop\Google AdSense   Modifications du code JavaScript autorisé - WebLife_fichiers
2013-10-26 23:26 - 2013-10-26 23:26 - 00162596 _____ C:\Users\Nicolas\Desktop\Google AdSense   Adapter la publicité au responsive design - WebLife.htm
2013-10-26 23:26 - 2013-10-26 23:26 - 00000000 ____D C:\Users\Nicolas\Desktop\Google AdSense   Adapter la publicité au responsive design - WebLife_fichiers
2013-10-26 23:16 - 2013-10-26 23:16 - 00010303 _____ C:\Users\Nicolas\Desktop\page_site.css
2013-10-26 21:24 - 2013-10-27 01:28 - 00015749 _____ C:\Users\Nicolas\Desktop\styleaccueil.css
2013-10-25 11:18 - 2013-10-25 11:18 - 00004766 _____ C:\Users\Nicolas\Desktop\responsivetemp.css
2013-10-25 07:34 - 2013-10-25 07:34 - 00180347 _____ C:\Users\Nicolas\Downloads\fashion.zip
2013-10-25 07:33 - 2013-10-25 07:33 - 00094093 _____ C:\Users\Nicolas\Downloads\ost-magazine.zip
2013-10-25 07:31 - 2013-10-25 07:31 - 00258450 _____ C:\Users\Nicolas\Downloads\vibrant_professional_webdesign_code.zip
2013-10-25 07:31 - 2013-10-25 07:31 - 00015517 _____ C:\Users\Nicolas\Downloads\final.html
2013-10-25 07:28 - 2013-10-25 07:28 - 00044435 _____ C:\Users\Nicolas\Downloads\demo.zip
2013-10-25 07:27 - 2013-10-25 07:26 - 00006495 _____ C:\Users\Nicolas\Documents\index.html
2013-10-25 07:24 - 2013-10-25 07:24 - 07542612 _____ C:\Users\Nicolas\Downloads\vivid-photo-2.zip
2013-10-25 07:22 - 2013-10-25 07:22 - 00128210 _____ C:\Users\Nicolas\Downloads\owmx-2.0.zip
2013-10-24 12:06 - 2013-10-24 12:06 - 00000000 _____ C:\CEPxAAF0.tmp
2013-10-22 21:59 - 2013-10-23 07:30 - 00000000 ____D C:\Users\Nicolas\Desktop\photo
2013-10-22 17:09 - 2013-10-22 17:09 - 00000000 ____D C:\Users\Nicolas\Downloads\Blazer-iCAR
2013-10-22 16:47 - 2013-10-22 19:12 - 00000000 ____D C:\Program Files (x86)\WAV to MP3 Encoder
2013-10-22 16:47 - 2002-08-22 22:27 - 00348160 _____ (DevPower Development Tools) C:\Windows\SysWOW64\FlatBtn6.ocx
2013-10-22 16:47 - 2001-12-12 10:35 - 00348160 _____ (DGP) C:\Windows\SysWOW64\MEnc.ocx
2013-10-22 16:47 - 1998-06-24 00:00 - 00140096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Comdlg32.ocx
2013-10-22 15:39 - 2013-10-22 15:41 - 00000000 ____D C:\Users\Nicolas\AppData\Local\Ubisoft Game Launcher
2013-10-22 15:17 - 2013-10-22 15:17 - 00000000 ____D C:\Program Files (x86)\Ubisoft

==================== One Month Modified Files and Folders =======

2013-11-21 17:34 - 2013-11-21 17:14 - 00020292 _____ C:\Users\Nicolas\Downloads\FRST.txt
2013-11-21 17:23 - 2013-11-21 17:22 - 04101441 _____ C:\Users\Nicolas\Downloads\tdsskiller.zip
2013-11-21 17:19 - 2013-08-30 15:10 - 00014016 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-21 17:19 - 2013-08-30 15:10 - 00014016 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-21 17:17 - 2013-08-30 14:07 - 00001104 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1180132301-609503288-3925327000-1000UA.job
2013-11-21 17:14 - 2013-11-21 17:14 - 00000000 ____D C:\FRST
2013-11-21 17:13 - 2013-11-21 17:09 - 01957964 _____ (Farbar) C:\Users\Nicolas\Downloads\FRST64.exe
2013-11-21 17:13 - 2012-07-30 08:15 - 00000000 ____D C:\Users\Nicolas\Desktop\RECUP BUREAU
2013-11-21 17:12 - 2013-11-21 17:10 - 01090881 _____ (Farbar) C:\Users\Nicolas\Downloads\FRST.exe
2013-11-21 17:01 - 2013-08-30 14:07 - 00001086 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1180132301-609503288-3925327000-1000UA.job
2013-11-21 17:00 - 2013-08-30 14:07 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-21 16:18 - 2013-11-21 15:22 - 00018041 _____ C:\Users\Nicolas\Desktop\hijackthis.log
2013-11-21 15:50 - 2012-07-14 20:34 - 00000000 ____D C:\Users\Nicolas\AppData\Roaming\Nitro PDF
2013-11-21 14:59 - 2013-11-21 14:59 - 00002977 _____ C:\Users\Nicolas\Desktop\HiJackThis.lnk
2013-11-21 14:59 - 2013-11-21 14:59 - 00000000 ____D C:\Users\Nicolas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2013-11-21 14:59 - 2013-11-21 14:59 - 00000000 ____D C:\Program Files (x86)\Trend Micro
2013-11-21 14:57 - 2013-11-21 14:57 - 01402880 _____ C:\Users\Nicolas\Downloads\hijackthis_hijackthis_2.0.4_anglais_17891(1).msi
2013-11-21 14:17 - 2013-11-21 14:15 - 01402880 _____ C:\Users\Nicolas\Downloads\hijackthis_hijackthis_2.0.4_anglais_17891.msi
2013-11-21 14:13 - 2012-05-25 07:02 - 00000000 ____D C:\Users\Nicolas\AppData\Roaming\QUAD Backups
2013-11-21 13:18 - 2013-08-30 14:07 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-21 11:17 - 2013-08-30 14:07 - 00001082 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1180132301-609503288-3925327000-1000Core.job
2013-11-21 10:09 - 2013-11-21 10:08 - 00000000 ____D C:\Users\Nicolas\AppData\Roaming\QuickScan
2013-11-21 09:03 - 2013-11-21 09:03 - 00000000 ____D C:\Program Files (x86)\ESET
2013-11-21 08:58 - 2013-11-21 08:57 - 02347384 _____ (ESET) C:\Users\Nicolas\Downloads\esetsmartinstaller_enu.exe
2013-11-21 05:07 - 2013-08-30 14:07 - 00001034 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1180132301-609503288-3925327000-1000Core.job
2013-11-20 16:05 - 2013-11-20 16:05 - 00000000 ____D C:\Users\Nicolas\Documents\ProcAlyzer Dumps
2013-11-20 16:05 - 2012-07-31 08:09 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-11-20 16:04 - 2012-12-02 17:20 - 00000384 _____ C:\Boot.ini
2013-11-20 10:12 - 2013-11-20 10:12 - 00001912 _____ C:\Windows\epplauncher.mif
2013-11-20 10:11 - 2013-11-20 10:10 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-11-20 10:10 - 2013-11-20 10:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-11-20 10:09 - 2013-11-20 10:07 - 11152208 _____ (Microsoft Corporation) C:\Users\Nicolas\Downloads\mseinstall(1).exe
2013-11-20 09:58 - 2013-11-20 09:56 - 13692600 _____ (Microsoft Corporation) C:\Users\Nicolas\Downloads\mseinstall.exe
2013-11-20 09:50 - 2013-11-20 09:40 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-11-20 09:47 - 2013-11-20 09:45 - 06332857 _____ C:\Users\Nicolas\Downloads\kav14.0.0.4651aFR_4874.exe.part
2013-11-20 09:46 - 2013-11-20 09:46 - 00000000 _____ C:\Users\Nicolas\Downloads\kav14.0.0.4651aFR_4874.exe
2013-11-20 09:43 - 2013-11-20 09:43 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2013-11-20 09:41 - 2013-11-20 09:41 - 00001246 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-11-20 09:37 - 2013-11-20 09:30 - 37672592 _____ (Safer-Networking Ltd.                                       ) C:\Users\Nicolas\Downloads\spybotsd-2.1.21-SR2.exe
2013-11-20 08:46 - 2013-08-30 14:07 - 00032482 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-11-19 16:54 - 2012-01-18 13:47 - 00000000 ____D C:\Users\Nicolas\AppData\Roaming\Skype
2013-11-19 11:21 - 2013-11-20 10:33 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-19 10:51 - 2013-10-21 20:29 - 00000000 ____D C:\AdwCleaner
2013-11-19 10:39 - 2013-11-19 10:39 - 00000982 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-11-19 10:39 - 2013-11-19 10:39 - 00000000 ____D C:\Users\Nicolas\AppData\Roaming\Malwarebytes
2013-11-19 10:39 - 2013-11-19 10:39 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-19 10:39 - 2013-11-19 10:38 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-19 10:36 - 2013-11-19 10:35 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Nicolas\Downloads\malwarebytes-anti-malware_1.75.0.1300_fr_215092.exe
2013-11-19 08:43 - 2013-11-19 08:43 - 02296952 _____ C:\Users\Nicolas\Downloads\avira_free_antivirus.exe
2013-11-18 20:39 - 2013-11-18 20:38 - 00000148 _____ C:\CONNEXIONS FREE SFR.txt
2013-11-18 20:36 - 2013-11-18 20:36 - 00000148 _____ C:\Users\Nicolas\Desktop\CONNEXIONS FREE SFR.txt
2013-11-17 09:46 - 2013-08-30 15:38 - 00000144 _____ C:\Windows\SysWOW64\pdfl.dat
2013-11-16 18:02 - 2013-11-16 18:02 - 00000000 _____ C:\Users\Nicolas\Desktop\Nouveau document texte (3).txt
2013-11-16 14:56 - 2013-11-16 14:56 - 00001860 _____ C:\Users\Nicolas\Desktop\QUAD Registry Cleaner.exe.lnk
2013-11-16 14:23 - 2013-08-31 07:48 - 00000000 ____D C:\Users\Nicolas\AppData\Local\Deployment
2013-11-16 14:03 - 2013-11-14 11:15 - 00000000 ____D C:\Users\Nicolas\Desktop\SEO CAMERFEELING
2013-11-16 12:05 - 2013-08-30 15:12 - 01718658 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-16 12:05 - 2013-08-30 15:12 - 00769670 _____ C:\Windows\system32\perfh00C.dat
2013-11-16 12:05 - 2013-08-30 15:12 - 00158538 _____ C:\Windows\system32\perfc00C.dat
2013-11-16 11:49 - 2012-05-03 13:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-16 11:40 - 2013-11-16 11:40 - 00001680 _____ C:\Users\Nicolas\Documents\cc_20131116_114034.reg
2013-11-16 11:38 - 2013-11-16 11:37 - 00029522 _____ C:\Users\Nicolas\Documents\cc_20131116_113738.reg
2013-11-16 11:35 - 2013-11-16 11:34 - 00386720 _____ C:\Users\Nicolas\Documents\cc_20131116_113425.reg
2013-11-16 11:29 - 2013-09-02 17:10 - 00000000 ____D C:\Users\Nicolas\AppData\Roaming\Media Player Classic
2013-11-16 11:29 - 2012-05-22 11:25 - 00000000 ____D C:\Users\Nicolas\AppData\Roaming\DAEMON Tools Lite
2013-11-16 11:29 - 2012-02-02 20:44 - 00000000 ____D C:\Users\Nicolas\AppData\Roaming\BitTorrent
2013-11-16 11:29 - 2012-01-13 13:07 - 00000000 ____D C:\Users\Nicolas\AppData\Roaming\FileZilla
2013-11-16 11:27 - 2013-08-30 15:00 - 00000000 ____D C:\Windows\Panther
2013-11-16 11:02 - 2013-11-16 11:02 - 00002776 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-11-16 11:01 - 2013-11-16 11:01 - 00000695 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-11-16 11:01 - 2013-11-16 11:01 - 00000000 ____D C:\Program Files\CCleaner
2013-11-16 10:59 - 2013-11-16 10:59 - 04379048 _____ (Piriform Ltd) C:\Users\Nicolas\Downloads\ccsetup407.exe
2013-11-16 10:44 - 2013-11-16 09:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-15 06:33 - 2013-06-12 23:04 - 00000000 ____D C:\telech
2013-11-15 06:08 - 2013-08-13 18:13 - 00000000 ____D C:\photos
2013-11-14 23:05 - 2012-12-03 01:18 - 00002220 _____ C:\Users\Nicolas\Desktop\Google Chrome.lnk
2013-11-14 14:48 - 2012-01-18 12:55 - 00000000 ____D C:\ProgramData\Skype
2013-11-14 11:50 - 2013-08-30 15:14 - 00000000 ____D C:\Windows\system32\NDF
2013-11-14 09:00 - 2013-11-14 08:56 - 00000000 ____D C:\Users\Nicolas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome
2013-11-14 08:56 - 2013-11-14 08:56 - 00002248 _____ C:\Users\Nicolas\Desktop\Lanceur d'applications Google Chrome.lnk
2013-11-14 08:56 - 2012-01-10 09:35 - 00000000 ____D C:\Users\Nicolas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-11-13 09:37 - 2013-11-13 09:34 - 00000017 _____ C:\Users\Nicolas\Desktop\num tonton alex.txt
2013-11-12 19:32 - 2013-11-12 16:40 - 00000000 ____D C:\Users\Nicolas\AppData\Local\Microsoft Games
2013-11-10 23:20 - 2013-11-10 23:20 - 00000000 ____D C:\Users\Nicolas\Desktop\inventel-g-usb2
2013-11-10 14:43 - 2012-01-12 19:23 - 00000000 ____D C:\Users\Nicolas\AppData\Roaming\XnView
2013-11-09 12:33 - 2013-11-09 12:33 - 00000000 ____D C:\Users\Nicolas\AppData\Roaming\Adobe
2013-11-09 12:33 - 2013-11-09 12:33 - 00000000 ____D C:\ProgramData\FLEXnet
2013-11-09 12:33 - 2013-11-09 12:33 - 00000000 ____D C:\ProgramData\Adobe
2013-11-08 18:56 - 2013-11-08 18:56 - 00023849 _____ C:\Users\Nicolas\Desktop\template.css
2013-11-07 01:07 - 2012-11-02 00:55 - 00000000 ____D C:\Users\Nicolas\Desktop\banniere
2013-11-06 22:06 - 2013-11-06 22:06 - 00000000 _____ C:\Users\Nicolas\Desktop\Nouveau document texte (2).txt
2013-11-06 22:04 - 2013-11-06 22:04 - 03419360 _____ C:\Users\Nicolas\Downloads\Pièces jointes_2013116.zip
2013-11-06 20:58 - 2013-11-06 20:58 - 00000000 ____D C:\Users\Nicolas\Downloads\Doc1 - Copie
2013-11-06 19:45 - 2013-11-06 20:58 - 00974826 _____ C:\Users\Nicolas\Downloads\Doc1 - Copie.zip
2013-11-06 08:20 - 2013-11-15 09:58 - 01073262 _____ C:\Users\Nicolas\Desktop\adwcleaner.exe
2013-11-05 09:21 - 2013-11-05 09:20 - 00000421 _____ C:\Users\Nicolas\Desktop\Nouveau document texte.txt
2013-11-05 08:38 - 2012-01-20 08:57 - 00000000 ____D C:\Users\Nicolas\AppData\Local\Mirillis
2013-11-05 08:10 - 2013-11-05 08:10 - 00003124 _____ C:\Windows\System32\Tasks\YourFile DownloaderUpdate
2013-11-04 11:01 - 2013-11-04 11:01 - 01660210 _____ C:\Users\Nicolas\Downloads\advanced-zip-password-recovery_advanced_zip_password_recovery_4.0_francais_10139.zip
2013-11-03 13:57 - 2013-03-27 20:41 - 00000000 ____D C:\Mes Sites Web
2013-11-03 08:44 - 2013-11-03 08:44 - 00018699 _____ C:\Users\Nicolas\Documents\Bourse Interministérielle de l'emploi public.htm
2013-11-03 08:44 - 2013-11-03 08:44 - 00000000 ____D C:\Users\Nicolas\Documents\Bourse Interministérielle de l'emploi public_fichiers
2013-10-30 22:40 - 2013-10-30 22:40 - 00016132 _____ C:\Users\Nicolas\Documents\adb studio de création graphique à Lyon, design graphique, logo, webdesign, graphiste lyon.htm
2013-10-30 22:40 - 2013-10-30 22:40 - 00000000 ____D C:\Users\Nicolas\Documents\adb studio de création graphique à Lyon, design graphique, logo, webdesign, graphiste lyon_fichiers
2013-10-30 22:33 - 2013-10-30 22:33 - 00071684 _____ C:\Users\Nicolas\Documents\GDMDADM.htm
2013-10-30 22:33 - 2013-10-30 22:33 - 00000000 ____D C:\Users\Nicolas\Documents\GDMDADM_fichiers
2013-10-30 17:51 - 2013-10-09 21:53 - 00000000 _____ C:\Windows\system32\Drivers\lvuvc.hs
2013-10-30 11:31 - 2013-10-30 11:31 - 00000000 ____D C:\Digidesign Databases
2013-10-30 08:42 - 2013-10-30 08:27 - 185112060 _____ C:\Users\Nicolas\Downloads\MD3.v1.2.1.1.Enterprise.x64.FiXED.RETAIL-ZeuS-MaddMaxx.rar
2013-10-30 03:32 - 2013-10-30 03:17 - 180997196 _____ C:\Users\Nicolas\Downloads\MD3.v1.2.1.1.Enterprise.x86.FiXED.RETAIL-ZeuS-MaddMaxx.rar
2013-10-30 03:24 - 2012-12-03 01:07 - 00011264 _____ C:\Users\Nicolas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-29 11:10 - 2013-10-29 11:09 - 60678120 _____ (                                                            ) C:\Users\Nicolas\Downloads\video-editor_full1084.exe
2013-10-29 11:06 - 2011-12-30 09:54 - 00000000 ____D C:\Users\Public\Documents\Avid Media Composer
2013-10-29 10:56 - 2011-06-23 12:51 - 00000000 ___HD C:\Users\Nicolas\AppData\Local\ANCB3zQJyTl
2013-10-27 01:28 - 2013-10-26 21:24 - 00015749 _____ C:\Users\Nicolas\Desktop\styleaccueil.css
2013-10-26 23:27 - 2013-10-26 23:27 - 00135827 _____ C:\Users\Nicolas\Desktop\Google AdSense   Modifications du code JavaScript autorisé - WebLife.htm
2013-10-26 23:27 - 2013-10-26 23:27 - 00000000 ____D C:\Users\Nicolas\Desktop\Google AdSense   Modifications du code JavaScript autorisé - WebLife_fichiers
2013-10-26 23:26 - 2013-10-26 23:26 - 00162596 _____ C:\Users\Nicolas\Desktop\Google AdSense   Adapter la publicité au responsive design - WebLife.htm
2013-10-26 23:26 - 2013-10-26 23:26 - 00000000 ____D C:\Users\Nicolas\Desktop\Google AdSense   Adapter la publicité au responsive design - WebLife_fichiers
2013-10-26 23:16 - 2013-10-26 23:16 - 00010303 _____ C:\Users\Nicolas\Desktop\page_site.css
2013-10-25 11:18 - 2013-10-25 11:18 - 00004766 _____ C:\Users\Nicolas\Desktop\responsivetemp.css
2013-10-25 07:34 - 2013-10-25 07:34 - 00180347 _____ C:\Users\Nicolas\Downloads\fashion.zip
2013-10-25 07:33 - 2013-10-25 07:33 - 00094093 _____ C:\Users\Nicolas\Downloads\ost-magazine.zip
2013-10-25 07:31 - 2013-10-25 07:31 - 00258450 _____ C:\Users\Nicolas\Downloads\vibrant_professional_webdesign_code.zip
2013-10-25 07:31 - 2013-10-25 07:31 - 00015517 _____ C:\Users\Nicolas\Downloads\final.html
2013-10-25 07:28 - 2013-10-25 07:28 - 00044435 _____ C:\Users\Nicolas\Downloads\demo.zip
2013-10-25 07:26 - 2013-10-25 07:27 - 00006495 _____ C:\Users\Nicolas\Documents\index.html
2013-10-25 07:24 - 2013-10-25 07:24 - 07542612 _____ C:\Users\Nicolas\Downloads\vivid-photo-2.zip
2013-10-25 07:22 - 2013-10-25 07:22 - 00128210 _____ C:\Users\Nicolas\Downloads\owmx-2.0.zip
2013-10-24 19:26 - 2012-11-03 23:18 - 00000000 ____D C:\musiq nico
2013-10-24 12:06 - 2013-10-24 12:06 - 00000000 _____ C:\CEPxAAF0.tmp
2013-10-23 07:30 - 2013-10-22 21:59 - 00000000 ____D C:\Users\Nicolas\Desktop\photo
2013-10-22 19:12 - 2013-10-22 16:47 - 00000000 ____D C:\Program Files (x86)\WAV to MP3 Encoder
2013-10-22 17:09 - 2013-10-22 17:09 - 00000000 ____D C:\Users\Nicolas\Downloads\Blazer-iCAR
2013-10-22 15:41 - 2013-10-22 15:39 - 00000000 ____D C:\Users\Nicolas\AppData\Local\Ubisoft Game Launcher
2013-10-22 15:17 - 2013-10-22 15:17 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2013-10-22 15:17 - 2011-12-30 09:53 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-22 08:00 - 2012-05-21 12:51 - 00000000 ____D C:\Program Files (x86)\Sudden Strike

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-20 21:25

==================== End Of Log ============================



#5 deido

deido
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:52 AM

Posted 21 November 2013 - 11:56 AM

the Addition.txt.

 

------------------------

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-11-2013
Ran by Nicolas at 2013-11-21 17:40:52
Running from C:\Users\Nicolas\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

ADG Panorama Pro 5.2.0.32 (x32 Version: 5.2.0.32)
Adobe AIR (x32 Version: 3.3.0.3650)
Adobe Community Help (x32 Version: 3.0.0)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Reader X (10.1.1) - Français (x32 Version: 10.1.1)
Age of Empires III (x32 Version: 1.00.0000)
Apple Application Support (x32 Version: 2.1.5)
Apple Software Update (x32 Version: 2.1.3.127)
Avid AMA Plug-in for AVCHD (x32)
Avid Codecs LE (x32 Version: 2.3.4)
Avid Codecs LE (x32 Version: 2.3.7)
Avid DVD by Sonic (x32 Version: 6.4.4)
Avid EDL Manager (x32 Version: 28.0.0)
Avid FilmScribe (x32 Version: 28.0.0)
Avid License Control (x32 Version: 6.0.0)
Avid Log Exchange (x32 Version: 28.0.0)
Avid Media Composer (x32 Version: 5.5.3)
Avid MediaLog (x32 Version: 28.0.0)
Avid Studio Bonus Content (x32 Version: 1.0.0.325)
AvidCoreRuntime (x32 Version: 5.10.0)
Avira Free Antivirus (x32 Version: 13.0.0.4042)
AVS Update Manager 1.0 (x32)
AVS Video Converter 8 (x32)
AVS4YOU Software Navigator 1.4 (x32)
BCC for Avid XPress DV (x32)
BitTorrent (HKCU Version: 7.8.2.30182)
Boris RED 5 (32 Bit) (x32 Version: 5.00.0000)
CCleaner (Version: 4.07)
Combined Community Codec Pack 2013-05-30 (x32 Version: 2013.05.30.0)
Complément Office 2007 - Microsoft Enregistrer en tant que PDF ou XPS (Beta) (x32 Version: 12.0.4407.1005)
Conexant HDA D110 MDC V.92 Modem
Cool Edit Pro v1.2 (x32)
Dell System Detect (HKCU Version: 5.1.0.41)
Dell Wireless WLAN Card (Version: 4.100.15.8)
ESET Online Scanner v3 (x32)
Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287)
ffdshow [rev 2033] [2008-07-05] (x32 Version: 1.0)
FileZilla Client 3.6.0.1 (x32 Version: 3.6.0.1)
Free DigiRack Plug-Ins 8.0 (x32 Version: 8.0)
French App Name (x32 Version: 1.8)
FXhome PhotoKey 3 Pro (remove only) (x32)
GenArts Sapphire Plug-ins 6.03 for Avid AVX Products
Google Chrome (HKCU Version: 31.0.1650.57)
HiJackThis (x32 Version: 1.0.0)
HP Deskjet 2050 J510 series - Enquête sur l'amélioration du produit (Version: 22.50.231.0)
HP Deskjet 2050 J510 series Aide (x32 Version: 140.0.61.61)
HP Photo Creations (x32 Version: 1.0.0.3781)
HP Update (x32 Version: 5.002.006.003)
iClone 3DXchange v5.5 Pipeline (x32 Version: 5.5.2007.1)
iClone v5.5 PRO (x32 Version: 5.5.3207.1)
ImgBurn (x32 Version: 2.5.7.0)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.1930)
Internet Mobile (x32 Version: 11.302.09.05.162)
Internet Mobile+ (x32 Version: 16.002.10.02.04)
Java 7 Update 9 (x32 Version: 7.0.90)
Java Auto Updater (x32 Version: 2.1.9.0)
Java™ SE Runtime Environment 6 Update 6 (Version: 1.6.0.60)
License Support (Version: 1.2.0.5555)
License Support (x32 Version: 1.2.0.5555)
Logiciel de base du périphérique HP Deskjet 2050 J510 series (Version: 22.50.231.0)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Office Access MUI (French) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Excel MUI (French) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office InfoPath MUI (French) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014)
Microsoft Office Outlook MUI (French) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office PowerPoint MUI (French) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Professional Plus 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proof (Arabic) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proof (Dutch) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing (French) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (French) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Shared 64-bit MUI (French) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared MUI (French) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Word MUI (French) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Reader Text-to-Speech pour le français (x32 Version: 01.00.0000)
Microsoft Security Client (Version: 4.4.0304.0)
Microsoft Security Essentials (Version: 4.4.304.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (x32 Version: 1.00.0000)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Mozilla Firefox 25.0.1 (x86 fr) (x32 Version: 25.0.1)
Mozilla Maintenance Service (x32 Version: 25.0.1)
MSVCRT Redists (Version: 1.0)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
MySQL Connector/ODBC 3.51 (x32 Version: 3.51.12)
NeoKwinto (x32 Version: 2007-10-24)
NextUp-ScanSoft Sebastien French Voice (x32 Version: 4.0.0)
NextUp-ScanSoft Virgine French Voice (x32 Version: 4.0.0)
Nitro PDF Professional (Version: 6.1.2.1)
PDF Settings CS5 (x32 Version: 10.0)
Pharaon (x32)
Photovista Panorama 3.0 (x32 Version: 3.0.0.1450)
PHPEdit 4.0.2 (x32 Version: 4.0.2)
Pilote vidéo Pinnacle (Version: 12.1.0.030)
Pinnacle Creative Pack Volume 1 (x32 Version: 1.20.0000.04)
Pinnacle Studio 16 (x32 Version: 16.0.0.75)
QuickTime (x32 Version: 7.71.80.42)
Sentinel Protection Installer 7.4.0 (x32 Version: 7.4.0)
Skype™ 6.10 (x32 Version: 6.10.104)
Smart File Advisor 1.1.1 (x32 Version: 1.1.1)
SmartSound Common Data (x32 Version: 1.1.0)
SmartSound Sonicfire Pro 5 (x32 Version: 5.7.3)
Splash PRO EX (x32 Version: 1.11.0)
Spybot - Search & Destroy (x32 Version: 2.1.21)
The Logo Creator v4 (x32)
TitleExtreme (x32 Version: 1.00.0000)
Ubisoft Game Launcher (x32 Version: 1.0.0.0)
Unlocker 1.9.2 (Version: 1.9.2)
Vegas Pro 11.0 (64-bit) (Version: 11.0.371)
Visual C++ 64-bit Redistributables (Version: 1.2.0.5555)
Visual C++ 64-bit Redistributables (x32 Version: 1.2.0.5555)
Visual C++ Redistributables (x32 Version: 1.2.0.5555)
WidgetCast PRO (x32 Version: 2.5.1927.1)
WinRAR archiver (x32)
ZoneAlarm Extreme Security (x32 Version: 9.3.014.000)

==================== Restore Points  =========================

Could not list Restore Points. Check WMI.


==================== Hosts content: ==========================

2013-08-30 15:18 - 2010-04-30 14:56 - 00001798 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1                activate.adobe.com
127.0.0.1                practivate.adobe.com
127.0.0.1                ereg.adobe.com
127.0.0.1                activate.wip3.adobe.com
127.0.0.1                wip3.adobe.com
127.0.0.1                3dns-3.adobe.com
127.0.0.1                3dns-2.adobe.com
127.0.0.1                adobe-dns.adobe.com
127.0.0.1                adobe-dns-2.adobe.com
127.0.0.1                adobe-dns-3.adobe.com
127.0.0.1                ereg.wip3.adobe.com
127.0.0.1                activate-sea.adobe.com
127.0.0.1                wwis-dubc1-vip60.adobe.com
127.0.0.1                activate-sjc0.adobe.com
127.0.0.1                               adobe.activate.com
127.0.0.1                               adobeereg.com                        
127.0.0.1                               www.adobeereg.com                    
127.0.0.1                               wwis-dubc1-vip60.adobe.com           
127.0.0.1                               125.252.224.90                       
127.0.0.1                               125.252.224.91
127.0.0.1                               hl2rcv.adobe.com


==================== Scheduled Tasks (whitelisted) =============

Task: {03E2A2CC-4F6C-43BB-9C08-0182F1744C0B} - System32\Tasks\HPCustParticipation HP Deskjet 2050 J510 series => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {08BE4A31-DA86-407A-8BA3-2A7EBD663D66} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {09B120A2-2997-40E4-9624-92CBDEE1F26D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1180132301-609503288-3925327000-1000Core => C:\Users\Nicolas\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-10] (Google Inc.)
Task: {4F4D2D9C-7CD8-41D0-B552-27A8B1D425FE} - System32\Tasks\AdobeAAMUpdater-1.0-Nicolas-PC-Nicolas => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {4F5A4AA2-1D14-4FF9-A3B1-F6179938E98A} - System32\Tasks\Registry Reviver indítása => C:\Users\Nicolas\AppData\Local\Temp\RarSFX0\RegistryReviver.exe
Task: {5753EA19-1F2F-47C7-8879-CBA832659048} - System32\Tasks\{06519E64-58B7-4070-BCB2-9D773B2FCC00} => C:\Users\Nicolas\Desktop\pharaon\SETUP.EXE
Task: {5D9F49B6-72F1-4B9D-B203-07F06230EBFE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09] (Adobe Systems Incorporated)
Task: {70FBC212-EC98-445B-9A89-617072639D57} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2009-07-14] (Microsoft Corporation)
Task: {9962D1AA-6165-4F65-8ABA-43D57A1E4D82} - System32\Tasks\YourFile DownloaderUpdate => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe
Task: {A1DFDDD6-6291-46ED-9A78-8D856E07B6D1} - System32\Tasks\{24387C9E-2EE5-4D1F-A46B-BE4CFE68F057} => C:\Program Files (x86)\iseemedia\Photovista 3.0\PVista.exe
Task: {B19025E4-1742-4FAF-B3DB-BFE07B47321D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1180132301-609503288-3925327000-1000UA => C:\Users\Nicolas\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-10] (Google Inc.)
Task: {B8021FA1-C24E-49C0-9053-29DC18F2BEFA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-22] (Piriform Ltd)
Task: {BB0887ED-489C-4F19-A966-E22E682134DF} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1180132301-609503288-3925327000-1000UA => C:\Users\Nicolas\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-28] (Facebook Inc.)
Task: {BE66E8BB-1DC2-44AD-820C-F51DCE115BBE} - System32\Tasks\Express Files Updater => C:\Program Files (x86)\ExpressFiles\EFupdater.exe
Task: {BEF903B4-4BC2-4D6E-B374-3AD959016591} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1180132301-609503288-3925327000-1000Core => C:\Users\Nicolas\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-28] (Facebook Inc.)
Task: {D3384C26-60AD-460F-996F-767DCF9FEC95} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {D6BF523D-D656-4F2B-B4A5-DE17A1D36685} - System32\Tasks\{E8B32096-2860-4039-991A-0D52B9A8C1BA} => C:\Program Files (x86)\iseemedia\Photovista 3.0\PVista.exe
Task: {E4BD4788-0C02-4DC5-979E-48FB41B1E8C4} - System32\Tasks\{AB2E5F3A-484A-4A23-BCD0-1C6FB3170F75} => Firefox.exe http://ui.skype.com/ui/0/4.2.0.169/fr/abandoninstall?source=lightinstaller&amp;page=tsProblems&amp;LastError=404&amp;installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;userlevelpresent
Task: {F38713B7-B5AD-4143-81A7-897E684C79F8} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {F4513B73-C28C-4201-A1CA-9934EBA42D72} - System32\Tasks\{39120D37-8BA5-4362-B0EB-0389B79122C1} => Firefox.exe http://www.skype.com/go/downloading?source=lightinstaller&amp;ver=4.2.0.169&amp;LastError=12007
Task: {FBC0022F-9898-4427-906E-DBFFFADAABB0} - System32\Tasks\{ED6A0870-1A11-4ECE-A1F3-E58E5D790590} => C:\Program Files (x86)\iseemedia\Photovista 3.0\PVista.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1180132301-609503288-3925327000-1000Core.job => C:\Users\Nicolas\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1180132301-609503288-3925327000-1000UA.job => C:\Users\Nicolas\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1180132301-609503288-3925327000-1000Core.job => C:\Users\Nicolas\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1180132301-609503288-3925327000-1000UA.job => C:\Users\Nicolas\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-12-02 23:32 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-12-02 23:52 - 2010-01-23 14:45 - 00052224 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2012-12-02 23:32 - 2012-11-18 14:53 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2013-11-14 23:05 - 2013-11-14 12:29 - 04055504 _____ () C:\Users\Nicolas\AppData\Local\Google\Chrome\Application\31.0.1650.57\pdf.dll
2013-11-14 23:05 - 2013-11-14 12:29 - 00399312 _____ () C:\Users\Nicolas\AppData\Local\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll
2013-11-14 23:05 - 2013-11-14 12:28 - 01619408 _____ () C:\Users\Nicolas\AppData\Local\Google\Chrome\Application\31.0.1650.57\ffmpegsumo.dll
2013-10-09 22:41 - 2013-10-09 22:41 - 04591616 _____ () C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.5.0\libglesv2.dll
2013-10-09 22:41 - 2013-10-09 22:41 - 00112128 _____ () C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.5.0\libegl.dll
2013-11-16 09:37 - 2013-11-16 09:38 - 03363952 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-10-09 01:03 - 2013-10-09 01:03 - 16233864 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\ProgramData\Microsoft:6HOFc8dbGsadM3JPKIKMiJ
AlternateDataStreams: C:\ProgramData\Microsoft:iubvmchXvQg6Tp6z3dSOl7H
AlternateDataStreams: C:\Users\Nicolas\AppData\Local\ANCB3zQJyTl:t4ZM1Gu60Iyprsq6Yb

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/21/2013 02:59:14 PM) (Source: SideBySide) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1 ». Erreur dans le fichier de manifeste ou de stratégie « C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2 » à la ligne C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active.
Les composants en conflit sont :
Composant 1 : C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Composant 2 : C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (11/21/2013 01:19:42 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Le service Services de chiffrement n’a pas pu initialiser l’objet sauvegarde VSS « System Writer ».


Details:
System Writer object failed to initialize VSS.

System Error:
Défaillance irrémédiable
.

Error: (11/21/2013 00:50:28 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Le service Services de chiffrement n’a pas pu initialiser l’objet sauvegarde VSS « System Writer ».


Details:
System Writer object failed to initialize VSS.

System Error:
Défaillance irrémédiable
.

Error: (11/21/2013 00:37:27 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Le service Services de chiffrement n’a pas pu initialiser l’objet sauvegarde VSS « System Writer ».


Details:
System Writer object failed to initialize VSS.

System Error:
Défaillance irrémédiable
.

Error: (11/21/2013 09:34:08 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Échec de la récupération de la mise à jour automatique du certificat racine tiers à partir de : <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/8F43288AD272F3103B6FB1428485EA3014C0BCFE.crt> avec l’erreur : Le serveur spécifié ne peut pas exécuter l’opération demandée.
.

Error: (11/21/2013 09:33:16 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Échec de la récupération de la mise à jour automatique du certificat racine tiers à partir de : <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/8F43288AD272F3103B6FB1428485EA3014C0BCFE.crt> avec l’erreur : Cette opération s’est terminée car le délai d’attente a expiré.
.

Error: (11/21/2013 09:25:15 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Échec de la récupération de la mise à jour automatique du certificat racine tiers à partir de : <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/8F43288AD272F3103B6FB1428485EA3014C0BCFE.crt> avec l’erreur : Cette opération s’est terminée car le délai d’attente a expiré.
.

Error: (11/21/2013 09:03:33 AM) (Source: SideBySide) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1 ». Erreur dans le fichier de manifeste ou de stratégie « C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2 » à la ligne C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active.
Les composants en conflit sont :
Composant 1 : C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Composant 2 : C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (11/21/2013 08:37:34 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Le service Services de chiffrement n’a pas pu initialiser l’objet sauvegarde VSS « System Writer ».


Details:
System Writer object failed to initialize VSS.

System Error:
Défaillance irrémédiable
.

Error: (11/21/2013 02:19:23 AM) (Source: Google Update) (User: Nicolas-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned


System errors:
=============
Error: (11/21/2013 01:28:55 PM) (Source: Microsoft Antimalware) (User: )
Description: %AUTORITE NT60 a rencontré une erreur lors de la tentative de mise à jour des signatures.

    Nouvelle version des signatures :

    Version précédente des signatures : 1.163.155.0

    Source de la mise à jour : %AUTORITE NT59

    Étape de la mise à jour : 4.4.0304.00

    Chemin d'accès source : 4.4.0304.01

    Type de signature : %AUTORITE NT602

    Type de la mise à jour : %AUTORITE NT604

    Utilisateur : AUTORITE NT\Système

    Version actuelle du moteur : %AUTORITE NT605

    Version précédente du moteur : %AUTORITE NT606

    Code d'erreur : %AUTORITE NT607

    Description de l'erreur : %AUTORITE NT608

Error: (11/21/2013 01:19:42 PM) (Source: Service Control Manager) (User: )
Description: Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se charger :
Aspi32

Error: (11/21/2013 01:19:41 PM) (Source: Service Control Manager) (User: )
Description: Le service Serveur s’est arrêté avec l’erreur :
%%126

Error: (11/21/2013 01:19:41 PM) (Source: Service Control Manager) (User: )
Description: Le service Spybot-S&D 2 Updating Service n’a pas pu démarrer en raison de l’erreur :
%%1053

Error: (11/21/2013 01:19:41 PM) (Source: Service Control Manager) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Spybot-S&D 2 Updating Service.

Error: (11/21/2013 01:19:10 PM) (Source: Service Control Manager) (User: )
Description: Le service Spybot-S&D 2 Security Center Service dépend du service suivant : wscsvc. Ce dernier n’est peut-être pas installé.

Error: (11/21/2013 01:19:10 PM) (Source: Service Control Manager) (User: )
Description: Le service Spybot-S&D 2 Scanner Service n’a pas pu démarrer en raison de l’erreur :
%%1053

Error: (11/21/2013 01:19:10 PM) (Source: Service Control Manager) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Spybot-S&D 2 Scanner Service.

Error: (11/21/2013 01:18:35 PM) (Source: Service Control Manager) (User: )
Description: Le service Digidesign MME Refresh Service n’a pas pu démarrer en raison de l’erreur :
%%3

Error: (11/21/2013 01:16:48 PM) (Source: volmgr) (User: )
Description: L'initialisation du fichier de vidage sur incident a échoué.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2013-11-15 16:23:49.969
  Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\AK\icsak.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système.

  Date: 2013-11-15 16:23:48.008
  Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système.

  Date: 2013-11-15 16:18:37.675
  Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\AK\icsak.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système.

  Date: 2013-11-15 16:18:36.912
  Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système.

  Date: 2013-11-15 16:12:44.370
  Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\AK\icsak.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système.

  Date: 2013-11-15 16:12:43.568
  Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système.

  Date: 2013-11-15 16:01:23.297
  Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\AK\icsak.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système.

  Date: 2013-11-15 16:01:22.482
  Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système.

  Date: 2013-11-15 15:47:14.587
  Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\AK\icsak.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système.

  Date: 2013-11-15 15:47:13.201
  Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système.


==================== Memory info ===========================

Percentage of memory in use: 46%
Total physical RAM: 3318.12 MB
Available physical RAM: 1765.72 MB
Total Pagefile: 6634.38 MB
Available Pagefile: 4879.19 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:100.01 GB) (Free:6.39 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:198.08 GB) (Free:5.64 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 39A439A3)
Partition 1: (Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=198 GB) - (Type=OF Extended)

==================== End Of Log ============================



#6 deido

deido
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:52 AM

Posted 21 November 2013 - 12:09 PM

TDSS-Killer report

 

---------------------------------------------------

 

18:00:00.0287 0x0f94  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
18:00:09.0516 0x0f94  ============================================================
18:00:09.0517 0x0f94  Current date / time: 2013/11/21 18:00:09.0516
18:00:09.0517 0x0f94  SystemInfo:
18:00:09.0517 0x0f94  
18:00:09.0519 0x0f94  OS Version: 6.1.7600 ServicePack: 0.0
18:00:09.0519 0x0f94  Product type: Workstation
18:00:09.0523 0x0f94  ComputerName: NICOLAS-PC
18:00:09.0540 0x0f94  UserName: Nicolas
18:00:09.0541 0x0f94  Windows directory: C:\Windows
18:00:09.0541 0x0f94  System windows directory: C:\Windows
18:00:09.0541 0x0f94  Running under WOW64
18:00:09.0541 0x0f94  Processor architecture: Intel x64
18:00:09.0542 0x0f94  Number of processors: 2
18:00:09.0542 0x0f94  Page size: 0x1000
18:00:09.0542 0x0f94  Boot type: Normal boot
18:00:09.0542 0x0f94  ============================================================
18:00:12.0189 0x0f94  KLMD registered as C:\Windows\system32\drivers\38792489.sys
18:00:14.0192 0x0f94  System UUID: {40BC7699-FCA5-9B63-610D-4C16BC120B0A}
18:00:21.0816 0x0f94  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:00:21.0901 0x0f94  ============================================================
18:00:21.0902 0x0f94  \Device\Harddisk0\DR0:
18:00:21.0903 0x0f94  MBR partitions:
18:00:21.0903 0x0f94  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC803400
18:00:21.0921 0x0f94  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC80347E, BlocksNum 0x18C2A243
18:00:21.0923 0x0f94  ============================================================
18:00:21.0964 0x0f94  C: <-> \Device\Harddisk0\DR0\Partition1
18:00:22.0051 0x0f94  D: <-> \Device\Harddisk0\DR0\Partition2
18:00:22.0055 0x0f94  ============================================================
18:00:22.0056 0x0f94  Initialize success
18:00:22.0056 0x0f94  ============================================================
18:00:26.0733 0x006c  ============================================================
18:00:26.0733 0x006c  Scan started
18:00:26.0734 0x006c  Mode: Manual;
18:00:26.0734 0x006c  ============================================================
18:00:26.0734 0x006c  KSN ping started
18:00:43.0918 0x006c  KSN ping finished: true
18:00:45.0565 0x006c  ================ Scan system memory ========================
18:00:45.0565 0x006c  System memory - ok
18:00:45.0594 0x006c  ================ Scan services =============================
18:00:46.0114 0x006c  [ 1B00662092F9F9568B995902F0CC40D5, D345014CF146FA57B2682C189D5E7F27D4C78F321F2723D912D623E777C2BB70 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
18:00:46.0176 0x006c  1394ohci - ok
18:00:46.0452 0x006c  [ E0A8525A951ADDB4655BC2068566407D, 7C08B9DB7C281422FD64219DF81B7064CE16EA53CF00EB1FC33CB0741CE6605F ] 61883           C:\Windows\system32\DRIVERS\61883.sys
18:00:46.0474 0x006c  61883 - ok
18:00:46.0627 0x006c  [ 6F11E88748CDEFD2F76AA215F97DDFE5, BD0B3561EDCDE5EFD89372793CFD09DF879709BF469542F4A049705CBA9FD060 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
18:00:46.0717 0x006c  ACPI - ok
18:00:46.0791 0x006c  [ 63B05A0420CE4BF0E4AF6DCC7CADA254, 56BCC219D6B886FD42B7D335B4A7BBA3C9BC148220CBD99F8583FB505DAE63BF ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys
18:00:46.0805 0x006c  AcpiPmi - ok
18:00:47.0095 0x006c  [ A283108E14F3970432C21AF4C0CB1BCE, 1D3219EF916D54232838870EDE557296AACB714B456ED0AAE0DE3CE3822F4643 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:00:47.0180 0x006c  AdobeFlashPlayerUpdateSvc - ok
18:00:47.0404 0x006c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
18:00:47.0533 0x006c  adp94xx - ok
18:00:47.0703 0x006c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
18:00:47.0800 0x006c  adpahci - ok
18:00:47.0938 0x006c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
18:00:47.0987 0x006c  adpu320 - ok
18:00:48.0102 0x006c  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:00:48.0126 0x006c  AeLookupSvc - ok
18:00:48.0327 0x006c  [ DB9D6C6B2CD95A9CA414D045B627422E, A4A0B2ACBFE311C20EF9F06A49DBE02CE90433C2364B292F6E8F78F6C274DF88 ] AFD             C:\Windows\system32\drivers\afd.sys
18:00:48.0464 0x006c  AFD - ok
18:00:48.0550 0x006c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
18:00:48.0572 0x006c  agp440 - ok
18:00:48.0667 0x006c  [ 95BC4330FA44240CA00C641A73C7E62D, 5D90D9B7D03E15B1A358582834B03A043187CDF6790EE7D3E4CCA03CE77010CA ] aksdf           C:\Windows\system32\drivers\aksdf.sys
18:00:48.0691 0x006c  aksdf - ok
18:00:48.0841 0x006c  [ E2E5CF34D6C56ACE5E986969A3D9B0B5, 1A5D328B924CB945F1F48B3E1956F1123BEA0C285E92BFA5BA12E5063049B8B7 ] aksfridge       C:\Windows\system32\drivers\aksfridge.sys
18:00:48.0877 0x006c  aksfridge - ok
18:00:48.0964 0x006c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
18:00:49.0005 0x006c  ALG - ok
18:00:49.0067 0x006c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
18:00:49.0079 0x006c  aliide - ok
18:00:49.0148 0x006c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
18:00:49.0162 0x006c  amdide - ok
18:00:49.0253 0x006c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
18:00:49.0288 0x006c  AmdK8 - ok
18:00:49.0368 0x006c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
18:00:49.0389 0x006c  AmdPPM - ok
18:00:49.0484 0x006c  [ EC7EBAB00A4D8448BAB68D1E49B4BEB9, 786B30C86FA7FEC6BA2569FF818044AA0F7C134693304ED0FF7BD0541F9A755F ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:00:49.0519 0x006c  amdsata - ok
18:00:49.0643 0x006c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
18:00:49.0694 0x006c  amdsbs - ok
18:00:49.0771 0x006c  [ DB27766102C7BF7E95140A2AA81D042E, 489F812B596EA06E53D891CD05047AA17CDF752854BBD553BA65D10799AF78DF ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:00:49.0783 0x006c  amdxata - ok
18:00:49.0966 0x006c  [ 8769E2D1072B62AB071F166F03B3E3DC, 86224B6AB25FD8A4BCD9B73C46945773CF93C06C9A255BB8253445D2882E3ACE ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
18:00:49.0995 0x006c  AntiVirSchedulerService - ok
18:00:50.0127 0x006c  [ AD1D13E6326E0B8DA2A7BE13B39A8FE0, 923C6C5C7163044C05C3CC22DFE808287E1A5345DFA2957E8382B66EB49526DE ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
18:00:50.0161 0x006c  AntiVirService - ok
18:00:50.0440 0x006c  [ 07E1BF2B3776AA67A621DED3810C1626, F7C305CA6EF319B3F15FDB75E1DB65DB6200D2E0909AF358A766584A4F51AE11 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
18:00:50.0658 0x006c  AntiVirWebService - ok
18:00:50.0763 0x006c  [ AD12F5C7251BB8D575D560894E73CBBA, FAAA1440CBBDC889C0B8917065B932A9CC86E5C0FD5845D8830482915AF83F40 ] Apowersoft_AudioDevice C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys
18:00:50.0777 0x006c  Apowersoft_AudioDevice - ok
18:00:50.0865 0x006c  [ 42FD751B27FA0E9C69BB39F39E409594, DE349CAA570957868CA1CB0BE0FAF551CD4D44FD53EBC4391B9C1C7B9CF295D2 ] AppID           C:\Windows\system32\drivers\appid.sys
18:00:50.0885 0x006c  AppID - ok
18:00:50.0970 0x006c  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:00:50.0988 0x006c  AppIDSvc - ok
18:00:51.0066 0x006c  [ D065BE66822847B7F127D1F90158376E, 20F911F390FF23C2C42361A449C4344DB59F1DC21EDD1E7EBC4E80914DEF7824 ] Appinfo         C:\Windows\System32\appinfo.dll
18:00:51.0099 0x006c  Appinfo - ok
18:00:51.0224 0x006c  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
18:00:51.0336 0x006c  AppMgmt - ok
18:00:51.0433 0x006c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
18:00:51.0460 0x006c  arc - ok
18:00:51.0565 0x006c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
18:00:51.0597 0x006c  arcsas - ok
18:00:51.0823 0x006c  Aspi32 - ok
18:00:52.0018 0x006c  [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:00:52.0035 0x006c  aspnet_state - ok
18:00:52.0115 0x006c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:00:52.0128 0x006c  AsyncMac - ok
18:00:52.0197 0x006c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
18:00:52.0210 0x006c  atapi - ok
18:00:52.0478 0x006c  [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:00:52.0660 0x006c  AudioEndpointBuilder - ok
18:00:52.0953 0x006c  [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
18:00:53.0132 0x006c  AudioSrv - ok
18:00:53.0262 0x006c  [ 16FABE84916623D0607E4A975544032C, 9D960CAE27B1769ED5B024C0A3375912432521C73C1F59E21111596A7981BDC3 ] Avc             C:\Windows\system32\DRIVERS\avc.sys
18:00:53.0284 0x006c  Avc - ok
18:00:53.0366 0x006c  [ 155F536D6181508929F4FE177F4167CE, 479B100DA05EDFADEDC6853B561FF3AC6A00403AB8A54F83887B8D0BB4D76886 ] AVCSTRM         C:\Windows\system32\DRIVERS\avcstrm.sys
18:00:53.0386 0x006c  AVCSTRM - ok
18:00:53.0522 0x006c  [ 0D5C96FD25D6455D97A5C4D7706DFAB1, AD55CA587EA009292E1B3C37D0F374201DBC68CFE4A4751AFAAADECF8E26B04A ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
18:00:53.0553 0x006c  avgntflt - ok
18:00:53.0664 0x006c  [ E26B3C8E9C3DDE047B32C5719955D715, F7E968FC23F167496E48BE8E3CF824821D3A074D20EA7A8C22BB722F590CADC7 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
18:00:53.0704 0x006c  avipbb - ok
18:00:53.0799 0x006c  [ 490FA25161BF3E51993EB724ECF0ACEB, C9F35F342A301E99D8E756A7422D5CD0DEFE233921207051D5146110E3F10ED9 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
18:00:53.0813 0x006c  avkmgr - ok
18:00:53.0951 0x006c  [ B20B5FA5CA050E9926E4D1DB81501B32, 91B9038349BA07E32DE809E6798167EE44087809EB1174B84EC16580040F1BE0 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:00:53.0987 0x006c  AxInstSV - ok
18:00:54.0167 0x006c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
18:00:54.0293 0x006c  b06bdrv - ok
18:00:54.0451 0x006c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
18:00:54.0523 0x006c  b57nd60a - ok
18:00:54.0721 0x006c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:00:54.0730 0x006c  Beep - ok
18:00:55.0052 0x006c  [ 4992C609A6315671463E30F6512BC022, 3020034556EAC25CD90F41D3BFFDD0BB2C3D1C5BAC4359F4B71B84A9FC404495 ] BFE             C:\Windows\System32\bfe.dll
18:00:55.0290 0x006c  BFE - ok
18:00:55.0669 0x006c  [ 7F0C323FE3DA28AA4AA1BDA3F575707F, 7FF09CBC16A9E5F357A76FF79A3F0DD047957D474031F51A6BB4916C7911F005 ] BITS            C:\Windows\System32\qmgr.dll
18:00:55.0969 0x006c  BITS - ok
18:00:56.0080 0x006c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
18:00:56.0098 0x006c  blbdrive - ok
18:00:56.0221 0x006c  [ 19D20159708E152267E53B66677A4995, 6401FA5C3EFF26BED075FEC68F868CD8D0598FDB45EA9381810615F7252F7A9A ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:00:56.0249 0x006c  bowser - ok
18:00:56.0318 0x006c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:00:56.0331 0x006c  BrFiltLo - ok
18:00:56.0393 0x006c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:00:56.0403 0x006c  BrFiltUp - ok
18:00:56.0557 0x006c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
18:00:56.0637 0x006c  Brserid - ok
18:00:56.0714 0x006c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:00:56.0736 0x006c  BrSerWdm - ok
18:00:56.0812 0x006c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:00:56.0823 0x006c  BrUsbMdm - ok
18:00:56.0892 0x006c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:00:56.0904 0x006c  BrUsbSer - ok
18:00:56.0994 0x006c  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
18:00:57.0012 0x006c  BthEnum - ok
18:00:57.0121 0x006c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
18:00:57.0144 0x006c  BTHMODEM - ok
18:00:57.0236 0x006c  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
18:00:57.0286 0x006c  BthPan - ok
18:00:57.0559 0x006c  [ 21084CEB85280468C9ACA3C805C0F8CF, 6DD9FF432255F84B5DC5541D4900EC4A03F8E8AB0EC7517BD276A770464CCA97 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
18:00:57.0721 0x006c  BTHPORT - ok
18:00:57.0867 0x006c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
18:00:57.0897 0x006c  bthserv - ok
18:00:57.0979 0x006c  [ 8504842634DD144C075B6B0C982CCEC4, BFBB8D67F146FBD4813BB8B29A3865C222966DA2B043732A5BCD759A40F4E5CE ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
18:00:58.0026 0x006c  BTHUSB - ok
18:00:58.0245 0x006c  [ 0CA8ED7F262A3D0034F156BDFDF4814C, D1507D831AAF3508086D416BCA3A07C9DDCAAAED8B34A42F2B28BD0D808200DB ] CAXHWAZL        C:\Windows\system32\DRIVERS\CAXHWAZL.sys
18:00:58.0326 0x006c  CAXHWAZL - ok
18:00:58.0421 0x006c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:00:58.0454 0x006c  cdfs - ok
18:00:58.0581 0x006c  [ 83D2D75E1EFB81B3450C18131443F7DB, F2C686C980D818E797818E75B808E1E0B51B2045840A4BFC32D860B7DB4DFA22 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
18:00:58.0624 0x006c  cdrom - ok
18:00:58.0704 0x006c  [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] CertPropSvc     C:\Windows\System32\certprop.dll
18:00:58.0769 0x006c  CertPropSvc - ok
18:00:58.0847 0x006c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
18:00:58.0866 0x006c  circlass - ok
18:00:59.0063 0x006c  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
18:00:59.0169 0x006c  CLFS - ok
18:00:59.0338 0x006c  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:00:59.0363 0x006c  clr_optimization_v2.0.50727_32 - ok
18:00:59.0495 0x006c  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:00:59.0526 0x006c  clr_optimization_v2.0.50727_64 - ok
18:00:59.0696 0x006c  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:00:59.0746 0x006c  clr_optimization_v4.0.30319_32 - ok
18:00:59.0863 0x006c  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:00:59.0909 0x006c  clr_optimization_v4.0.30319_64 - ok
18:00:59.0985 0x006c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
18:00:59.0999 0x006c  CmBatt - ok
18:01:00.0092 0x006c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
18:01:00.0105 0x006c  cmdide - ok
18:01:00.0328 0x006c  [ CA7720B73446FDDEC5C69519C1174C98, F24796765587CC1D653A04783B1659564F42E600DA3AFA3DED724592B291D033 ] CNG             C:\Windows\system32\Drivers\cng.sys
18:01:00.0519 0x006c  CNG - ok
18:01:00.0594 0x006c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
18:01:00.0636 0x006c  Compbatt - ok
18:01:00.0743 0x006c  [ F26B3A86F6FA87CA360B879581AB4123, 723904362614FE47F6CC0EA0656BA1B47EA32D73BAFB61688A5E5CAE4340B1BF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
18:01:00.0767 0x006c  CompositeBus - ok
18:01:00.0965 0x006c  COMSysApp - ok
18:01:01.0035 0x006c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
18:01:01.0055 0x006c  crcdisk - ok
18:01:01.0142 0x006c  Crypkey License - ok
18:01:01.0368 0x006c  [ BAF19B633933A9FB4883D27D66C39E9A, 2D8ABB5161736CCCADA67B3E6A8D70B0B5E1E3FE6084561891F394DA191B3439 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:01:01.0434 0x006c  CryptSvc - ok
18:01:01.0823 0x006c  [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:01:01.0974 0x006c  DcomLaunch - ok
18:01:02.0247 0x006c  [ CC8B5C964B777F4EC3E89F13B4B5FF0F, 75E161265CCFFCB61FCE855C9790E2E06531E6B1C3DCCB1E3018466D03AD3919 ] DCService.exe   C:\ProgramData\DatacardService\DCService.exe
18:01:02.0315 0x006c  DCService.exe - ok
18:01:02.0488 0x006c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
18:01:02.0576 0x006c  defragsvc - ok
18:01:02.0759 0x006c  [ 9C253CE7311CA60FC11C774692A13208, 23507138576DB75AA8B7415140F7B5D8A90CB2661796223870461C721A36AEBF ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:01:02.0792 0x006c  DfsC - ok
18:01:02.0934 0x006c  [ CE3B9562D997F69B330D181A8875960F, 6FEE6622859198C5C13545867EF7CFE8EDC991360E976F792313DAA9C82CC5C8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:01:03.0021 0x006c  Dhcp - ok
18:01:03.0124 0x006c  [ FAA97C2E28A2A7AFBB156B78FF30F710, 9F562DAFE056F0987643DF6E727C1EE836CF807624F81756E9CD7087F33D98C2 ] DigiNet         C:\Windows\system32\DRIVERS\diginet.sys
18:01:03.0141 0x006c  DigiNet - ok
18:01:03.0315 0x006c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
18:01:03.0330 0x006c  discache - ok
18:01:03.0447 0x006c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
18:01:03.0478 0x006c  Disk - ok
18:01:03.0610 0x006c  [ 85CF424C74A1D5EC33533E1DBFF9920A, 882D5FA0D5EC053D76A0C46A6047A621D607651693CF94E5506219EECCC8D079 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:01:03.0670 0x006c  Dnscache - ok
18:01:03.0856 0x006c  [ 14452ACDB09B70964C8C21BF80A13ACB, DA0AAAC04626EFF4256D7095FF1DDA1F1B17676E26990C418BDF5090476F2AB4 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:01:03.0934 0x006c  dot3svc - ok
18:01:04.0073 0x006c  [ 8C2BA6BEA949EE6E68385F5692BAFB94, 1047F473DCE0FB56BEA5C1B7929752C1FBAB5983C8202ABB4EEA48FCD60A353A ] DPS             C:\Windows\system32\dps.dll
18:01:04.0126 0x006c  DPS - ok
18:01:04.0236 0x006c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:01:04.0245 0x006c  drmkaud - ok
18:01:04.0571 0x006c  [ 1633B9ABF52784A1331476397A48CBEF, 697780697C4C55FCCF5FB65C93FB37B3F5A43BF0C59FDBB9EF822D0E993E47BD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:01:04.0838 0x006c  DXGKrnl - ok
18:01:04.0972 0x006c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
18:01:05.0012 0x006c  EapHost - ok
18:01:06.0228 0x006c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
18:01:07.0114 0x006c  ebdrv - ok
18:01:07.0349 0x006c  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] EFS             C:\Windows\System32\lsass.exe
18:01:07.0376 0x006c  EFS - ok
18:01:07.0597 0x006c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
18:01:07.0741 0x006c  elxstor - ok
18:01:07.0822 0x006c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys
18:01:07.0840 0x006c  ErrDev - ok
18:01:08.0121 0x006c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
18:01:08.0239 0x006c  EventSystem - ok
18:01:08.0418 0x006c  [ DA7CEF9FFBBD6498DF106BCAB84EB10A, 470510356961B1C03773435EA2EBB0F25B40255414B7B188A091D03C2490FBCA ] ewusbnet        C:\Windows\system32\DRIVERS\ewusbnet.sys
18:01:08.0485 0x006c  ewusbnet - ok
18:01:08.0588 0x006c  [ E2CBB821C7CAE0EF8B56DE28ED85C740, 4AB358FEBC7B57774B2DD54705FAD3F5E0308F1E1FECBED73231DCEF11CF7D3B ] ew_hwusbdev     C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
18:01:08.0622 0x006c  ew_hwusbdev - ok
18:01:08.0754 0x006c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
18:01:08.0813 0x006c  exfat - ok
18:01:08.0983 0x006c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:01:09.0049 0x006c  fastfat - ok
18:01:09.0371 0x006c  [ D607B2F1BEE3992AA6C2C92C0A2F0855, E22301C8F01DBF0A38A85165959BB070647C996CB1BCD50FDFE3DDDCA427DF2A ] Fax             C:\Windows\system32\fxssvc.exe
18:01:09.0568 0x006c  Fax - ok
18:01:09.0662 0x006c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
18:01:09.0678 0x006c  fdc - ok
18:01:09.0778 0x006c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
18:01:09.0797 0x006c  fdPHost - ok
18:01:09.0886 0x006c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:01:09.0910 0x006c  FDResPub - ok
18:01:09.0997 0x006c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:01:10.0023 0x006c  FileInfo - ok
18:01:10.0100 0x006c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:01:10.0126 0x006c  Filetrace - ok
18:01:10.0211 0x006c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
18:01:10.0226 0x006c  flpydisk - ok
18:01:10.0376 0x006c  [ F7866AF72ABBAF84B1FA5AA195378C59, 9D522044FE9C18FB3EC327E675737C01F2A8231DDE900421D3A431596946A7F8 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:01:10.0469 0x006c  FltMgr - ok
18:01:10.0896 0x006c  [ CB5E4B9C319E3C6BB363EB7E58A4A051, C9DCF2C2A6AFE0A0F3E23A265843D0C423C08B2E54702C5B389CF293D9A6BAC5 ] FontCache       C:\Windows\system32\FntCache.dll
18:01:11.0212 0x006c  FontCache - ok
18:01:11.0420 0x006c  [ 8D89E3131C27FDD6932189CB785E1B7A, AC7DA4C5E6D2E41D1A1DE146E46F034FAF0FB11AD801F070F2D5CD08166E9EB7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:01:11.0441 0x006c  FontCache3.0.0.0 - ok
18:01:11.0541 0x006c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:01:11.0562 0x006c  FsDepends - ok
18:01:11.0675 0x006c  [ D3E3F93D67821A2DB2B3D9FAC2DC2064, 727FAA7E15A20ED3A37668D294ABDE6EAF1C87C34EE283C99EE3303E85001404 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:01:11.0729 0x006c  Fs_Rec - ok
18:01:11.0832 0x006c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
18:01:11.0854 0x006c  gagp30kx - ok
18:01:12.0146 0x006c  [ FE5AB4525BC2EC68B9119A6E5D40128B, 088DE37982CEE78A0C1181389A3BFF1E352DF504074B3E8F3EA244DB271BF216 ] gpsvc           C:\Windows\System32\gpsvc.dll
18:01:12.0367 0x006c  gpsvc - ok
18:01:12.0575 0x006c  [ 78FAD9117E4527F2CA82259DA10F40BD, 9CE5102C681B8147BFC189897C19852D2BF82A9B95DE6301EBBCD13A604A41F3 ] hardlock        C:\Windows\system32\drivers\hardlock.sys
18:01:12.0660 0x006c  hardlock - ok
18:01:12.0732 0x006c  hasplms - ok
18:01:12.0821 0x006c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:01:12.0845 0x006c  hcw85cir - ok
18:01:13.0041 0x006c  [ 6410F6F415B2A5A9037224C41DA8BF12, 5B8452BC49FDA2215281D27B22FA9BE46B0460F51C4DC70E58B687CFB541F3A5 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:01:13.0134 0x006c  HdAudAddService - ok
18:01:13.0244 0x006c  [ 0A49913402747A0B67DE940FB42CBDBB, 61A45DBDCEB4A2D5C3C28F6BC8C5ADC51D0240A7553DF44BCC4355FC06F72B83 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
18:01:13.0281 0x006c  HDAudBus - ok
18:01:13.0348 0x006c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
18:01:13.0363 0x006c  HidBatt - ok
18:01:13.0512 0x006c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
18:01:13.0542 0x006c  HidBth - ok
18:01:13.0623 0x006c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
18:01:13.0645 0x006c  HidIr - ok
18:01:13.0776 0x006c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
18:01:13.0806 0x006c  hidserv - ok
18:01:13.0897 0x006c  [ B3BF6B5B50006DEF50B66306D99FCF6F, D39A1DEBE7C464922919826D15199ED25E263BF58633593DD412D78F98921417 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
18:01:13.0913 0x006c  HidUsb - ok
18:01:14.0033 0x006c  [ EFA58EDE58DD74388FFD04CB32681518, 76D81F9BC1A4D85A779B79DEC23B79F1568AA236CD49247414093CDC1FCC150F ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:01:14.0076 0x006c  hkmsvc - ok
18:01:14.0224 0x006c  [ 046B2673767CA626E2CFB7FDF735E9E8, 9C932DCC5DE9B1919AB38C01D76AD7BBAF491DE6D158662407974748BC0B4C6C ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:01:14.0325 0x006c  HomeGroupListener - ok
18:01:14.0459 0x006c  [ 06A7422224D9865A5613710A089987DF, EF604B4B6918D3FDC8E90ED9004E6E7340E0F399C214C65CCE3A7C8C576FA1C0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:01:14.0540 0x006c  HomeGroupProvider - ok
18:01:14.0617 0x006c  [ 0886D440058F203EBA0E1825E4355914, BC49C4CEFE324A08C864A4BF4FEA9A70151FAB7CC30BDC28344F3FFD2F500070 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys
18:01:14.0644 0x006c  HpSAMD - ok
18:01:15.0160 0x006c  [ 8774D021A3FFFE44150F8510381DEEE6, A72D2FBCE94A147F26410CE9DCE46FAF428F3A7075CCEF739CEA0A9F61F21A77 ] HSF_DPV         C:\Windows\system32\DRIVERS\CAX_DPV.sys
18:01:15.0573 0x006c  HSF_DPV - ok
18:01:15.0984 0x006c  [ CEE049CAC4EFA7F4E1E4AD014414A5D4, 433AE2D845850F1D7A48275BBD87B3F0E7DD48F2282C727C4B777ECD92CC331D ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:01:16.0182 0x006c  HTTP - ok
18:01:16.0333 0x006c  [ 6DBD08BC1331C78548298E82C4B667C5, FB7E50CBA773AC1D568D8629E89E85C9FACDFD494966791D770CD116D2064615 ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
18:01:16.0362 0x006c  huawei_enumerator - ok
18:01:16.0626 0x006c  [ 6E5CD3984742A922D0C183C7E82C3C94, EE350C8736F0AC6751E18694E1F1142477112C8C2D83347C1EE9483BEC0DA117 ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
18:01:16.0664 0x006c  hwdatacard - ok
18:01:16.0752 0x006c  [ F17766A19145F111856378DF337A5D79, FC1633FB865A5324EBCBE5F97D297B899FABBDD965D862C2EFC743CD36F47E62 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:01:16.0765 0x006c  hwpolicy - ok
18:01:16.0884 0x006c  hwusbdev - ok
18:01:17.0051 0x006c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
18:01:17.0082 0x006c  i8042prt - ok
18:01:17.0330 0x006c  [ B75E45C564E944A2657167D197AB29DA, 622EA73F4D9CAE17628C18148FB241817A0AE6D80A74B099204ED27C1A750B24 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:01:17.0438 0x006c  iaStorV - ok
18:01:17.0598 0x006c  [ 80C99B4EA746CAE9A32E4B05949BF288, F079BC3768F3B829E5CDE246D3AEC01920106B65E7D92BA44FB0553CD0FFF826 ] icsak           C:\Program Files\CheckPoint\ZAForceField\AK\icsak.sys
18:01:17.0616 0x006c  icsak - ok
18:01:17.0788 0x006c  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
18:01:17.0813 0x006c  IDriverT - ok
18:01:18.0182 0x006c  [ 2F2BE70D3E02B6FA877921AB9516D43C, E04255EE4BD95FC1539EB1EB9F702B039F65993D31A4531DA487274543EF5226 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:01:18.0417 0x006c  idsvc - ok
18:01:20.0209 0x006c  [ 24CC43ECDEEFD4C19FBBEE4951B647F1, 416799965E6602F8F03E2A92E8BB42B1D5643C65EF09815FC5A56A2FA73E6773 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
18:01:21.0883 0x006c  igfx - ok
18:01:22.0181 0x006c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
18:01:22.0203 0x006c  iirsp - ok
18:01:22.0520 0x006c  [ C5B4683680DF085B57BC53E5EF34861F, 9C06517DFCB3ED7BB1166F7EB6CCC8713E6B68283C75420C0EDC182094AA1B8F ] IKEEXT          C:\Windows\System32\ikeext.dll
18:01:22.0757 0x006c  IKEEXT - ok
18:01:22.0902 0x006c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
18:01:22.0913 0x006c  intelide - ok
18:01:23.0025 0x006c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:01:23.0046 0x006c  intelppm - ok
18:01:23.0154 0x006c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:01:23.0198 0x006c  IPBusEnum - ok
18:01:23.0337 0x006c  [ 722DD294DF62483CECAAE6E094B4D695, 41ABB42EF969EA8A84B546908EBBDC2411D964DE101CE6DD3D7ECF109085E0C0 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:01:23.0364 0x006c  IpFilterDriver - ok
18:01:23.0587 0x006c  [ F8E058D17363EC580E4B7232778B6CB5, 02352919F349C57930A0B032FBDC45327FB473D310DE7AC721F4694FDE7D21FB ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:01:23.0751 0x006c  iphlpsvc - ok
18:01:23.0875 0x006c  [ E2B4A4494DB7CB9B89B55CA268C337C5, C59BC4AA03D10647641EC7533F78BC7E2EA6FC48B8B2CF1A49B5148EF40A90FB ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys
18:01:23.0903 0x006c  IPMIDRV - ok
18:01:24.0025 0x006c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:01:24.0066 0x006c  IPNAT - ok
18:01:24.0163 0x006c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:01:24.0178 0x006c  IRENUM - ok
18:01:24.0259 0x006c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys
18:01:24.0272 0x006c  isapnp - ok
18:01:24.0450 0x006c  [ FA4D2557DE56D45B0A346F93564BE6E1, 2827EC3582FF59FFD55BBD4A4F0DDFFEAD4F2537FA043B3A69904FE920B1619C ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
18:01:24.0509 0x006c  iScsiPrt - ok
18:01:24.0622 0x006c  [ 88219EB5EA938BF6F2BBF8D40127F8F5, 34CE371F512CB07CC23C6AEB1EE877ADBA32D8F7398BECBFEDC632E7608FFB7C ] ISWKL           C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
18:01:24.0643 0x006c  ISWKL - ok
18:01:24.0967 0x006c  [ 9BE441BBD70906E8AFEF7CE941AB20F7, 423BC9096AE40CFEE059173A7BD7DA5EFFC0739F7331E7359434D4C59FD4345E ] IswSvc          C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
18:01:25.0191 0x006c  IswSvc - ok
18:01:25.0306 0x006c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
18:01:25.0330 0x006c  kbdclass - ok
18:01:25.0427 0x006c  [ 6DEF98F8541E1B5DCEB2C822A11F7323, F6EE4A7A6A7A1F243D32CA9241CA4816C92EB7BF2AADDD09234968C2CAAE6C0D ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
18:01:25.0444 0x006c  kbdhid - ok
18:01:25.0540 0x006c  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] KeyIso          C:\Windows\system32\lsass.exe
18:01:25.0565 0x006c  KeyIso - ok
18:01:25.0674 0x006c  [ 6C5461EEB3FFA1B1DCF9A07F8C3B3AFE, B3ECBCA1D8F997495491CC1DAFE05AD022A75B679F91BE156B87C01F83288190 ] kl1             C:\Windows\system32\DRIVERS\kl1.sys
18:01:25.0740 0x006c  kl1 - ok
18:01:25.0936 0x006c  [ 340DD771B79F5B6EB88C4EAFECE3DD3F, 3CD6752C3CC2478DA06B8D4DCEB1E2D4BAFD94AA911BD932B8528B05475FEAAE ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
18:01:26.0033 0x006c  KLIF - ok
18:01:26.0150 0x006c  [ 4F4B5FDE429416877DE7143044582EB5, A28FFEA078DBD91F3CC28088810EEEB727107B3F0F48370B44D87DC8F8C55B99 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:01:26.0179 0x006c  KSecDD - ok
18:01:26.0337 0x006c  [ 6F40465A44ECDC1731BEFAFEC5BDD03C, 317334D414D0AF73CB4D9CA11EA80C641E786760B8800F2795D0CB38378DBB80 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:01:26.0383 0x006c  KSecPkg - ok
18:01:26.0458 0x006c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:01:26.0476 0x006c  ksthunk - ok
18:01:26.0668 0x006c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:01:26.0786 0x006c  KtmRm - ok
18:01:26.0987 0x006c  [ 81F1D04D4D0E433099365127375FD501, C2A81B5A482C974E8108806486EC28CB2D81400D42639682FE7B7A9BDF14BA9B ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:01:27.0078 0x006c  LanmanServer - ok
18:01:27.0198 0x006c  [ 27026EAC8818E8A6C00A1CAD2F11D29A, A12858CCB3B2419D66C667A46B106DA7A7BA97FFFA9634BFAE95DDF193C430D5 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:01:27.0262 0x006c  LanmanWorkstation - ok
18:01:27.0443 0x006c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:01:27.0465 0x006c  lltdio - ok
18:01:27.0645 0x006c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:01:27.0736 0x006c  lltdsvc - ok
18:01:27.0883 0x006c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:01:27.0916 0x006c  lmhosts - ok
18:01:28.0168 0x006c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
18:01:28.0202 0x006c  LSI_FC - ok
18:01:28.0302 0x006c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
18:01:28.0337 0x006c  LSI_SAS - ok
18:01:28.0446 0x006c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:01:28.0470 0x006c  LSI_SAS2 - ok
18:01:28.0582 0x006c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:01:28.0618 0x006c  LSI_SCSI - ok
18:01:28.0741 0x006c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
18:01:28.0776 0x006c  luafv - ok
18:01:30.0314 0x006c  [ FF3A488924B0032B1A9CA6948C1FA9E8, 6F05852B75498210926F5CDF49D2A6DD97C39CD93D32E3200D7240AADA3E7BEE ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
18:01:31.0605 0x006c  LVUVC64 - ok
18:01:31.0941 0x006c  [ 024DA28053D57E9E32BEE52600576BBB, 8EC636DAB90A835DEBA2EC6176F4547EEF557415FF77C6378EF423569702731E ] MarvinBus       C:\Windows\system32\DRIVERS\MarvinBus64.sys
18:01:32.0008 0x006c  MarvinBus - ok
18:01:32.0148 0x006c  [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
18:01:32.0163 0x006c  MBAMProtector - ok
18:01:32.0471 0x006c  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:01:32.0579 0x006c  MBAMScheduler - ok
18:01:32.0877 0x006c  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
18:01:33.0071 0x006c  MBAMService - ok
18:01:33.0192 0x006c  [ E4F44EC214B3E381E1FC844A02926666, 6EE8C87EFCEFFBEA08B9B9DA036B37564542EE4D31942115CDBF895295DD5FE2 ] mdmxsdk         C:\Windows\system32\DRIVERS\mdmxsdk.sys
18:01:33.0203 0x006c  mdmxsdk - ok
18:01:33.0304 0x006c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
18:01:33.0320 0x006c  megasas - ok
18:01:33.0477 0x006c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
18:01:33.0558 0x006c  MegaSR - ok
18:01:33.0686 0x006c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
18:01:33.0726 0x006c  MMCSS - ok
18:01:33.0836 0x006c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
18:01:33.0881 0x006c  Modem - ok
18:01:33.0970 0x006c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:01:33.0984 0x006c  monitor - ok
18:01:34.0090 0x006c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:01:34.0110 0x006c  mouclass - ok
18:01:34.0208 0x006c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:01:34.0225 0x006c  mouhid - ok
18:01:34.0353 0x006c  [ 791AF66C4D0E7C90A3646066386FB571, BF67643099494AEADDDC85E4D97AFF1017806A1DF554F9BE6C864FFECC9EAF42 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:01:34.0382 0x006c  mountmgr - ok
18:01:34.0579 0x006c  [ 5E0686615A80A6279B2314E13CD23F6E, 659931AB2DD395FAA2E5036D02BC6AAE8A7E4C9FF1A902B1FF9C15E878C89E77 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:01:34.0618 0x006c  MozillaMaintenance - ok
18:01:34.0823 0x006c  [ C6B88D62F20AC646C6BD5C032EC2FAF9, 111A07939F3C5A46F0C51B9D6F5C1D8478099E32EFD88BC260467109ADD975F8 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
18:01:34.0887 0x006c  MpFilter - ok
18:01:35.0041 0x006c  [ 609D1D87649ECC19796F4D76D4C15CEA, 5369F4C83FBAE9C4CFB9ACD36F07479E3F3FD784D79B82AE8D95B818B9F9CE00 ] mpio            C:\Windows\system32\DRIVERS\mpio.sys
18:01:35.0087 0x006c  mpio - ok
18:01:35.0197 0x006c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:01:35.0223 0x006c  mpsdrv - ok
18:01:35.0579 0x006c  [ AECAB449567D1846DAD63ECE49E893E3, 7A67A16A3E04574B7CAD097632ABA9B361BBEFDD6B36B7B8E3A1996EC529C2DC ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:01:35.0814 0x006c  MpsSvc - ok
18:01:35.0980 0x006c  [ 040D62A9D8AD28922632137ACDD984F2, D9457BDA88C2E3AA4E716C0657B77A4A3E212328CDABD5C18279B6440E1C1594 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:01:36.0032 0x006c  mrxsmb - ok
18:01:36.0205 0x006c  [ F0067552F8F9B33D7C59403AB808A3CB, 698B63528E1943BB4253BF7578DC128AA824C71BD04FF0521277E68B20656C02 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:01:36.0288 0x006c  mrxsmb10 - ok
18:01:36.0428 0x006c  [ 3C142D31DE9F2F193218A53FE2632051, 026B3A932A95D5160B64E470FC414F3D388D429317D5EAEA2D476F715C4CAE75 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:01:36.0466 0x006c  mrxsmb20 - ok
18:01:36.0588 0x006c  [ 5C37497276E3B3A5488B23A326A754B7, 9982FCDAFB963868EB93A4DEF811A3167488EB5246BAC3F4AE960506FDF63967 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
18:01:36.0608 0x006c  msahci - ok
18:01:36.0738 0x006c  [ 8D27B597229AED79430FB9DB3BCBFBD0, 3D58E08B47E8AE419D405BF263929DFA6F2F5F0C2D79FD8D6F2CED6452F6F248 ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys
18:01:36.0784 0x006c  msdsm - ok
18:01:36.0947 0x006c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
18:01:37.0006 0x006c  MSDTC - ok
18:01:37.0253 0x006c  [ 72949A24D37A20A54B3D4D3DADBB55E9, 580B59EF2DFA4F6EE27BA37904F0705CBCD74F9B07D2D795093C045F94AE6DB5 ] MSDV            C:\Windows\system32\DRIVERS\msdv.sys
18:01:37.0283 0x006c  MSDV - ok
18:01:37.0411 0x006c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:01:37.0427 0x006c  Msfs - ok
18:01:37.0537 0x006c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:01:37.0549 0x006c  mshidkmdf - ok
18:01:37.0685 0x006c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys
18:01:37.0696 0x006c  msisadrv - ok
18:01:37.0880 0x006c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:01:37.0947 0x006c  MSiSCSI - ok
18:01:38.0045 0x006c  msiserver - ok
18:01:38.0210 0x006c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:01:38.0223 0x006c  MSKSSRV - ok
18:01:38.0362 0x006c  [ 7675E15D1B2180745E4DA4D26AAD7385, 729AA6C610F67028CFFFF64B772FFA1CAE7581D37F8909BDA423D52AF85C92C8 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
18:01:38.0374 0x006c  MsMpSvc - ok
18:01:38.0459 0x006c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:01:38.0470 0x006c  MSPCLOCK - ok
18:01:38.0591 0x006c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:01:38.0601 0x006c  MSPQM - ok
18:01:38.0821 0x006c  [ 89CB141AA8616D8C6A4610FA26C60964, 76E72F6A0348EDC58A8E6F88C7F024B8B077670400BD5A833811DAFCF9F517CC ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:01:38.0917 0x006c  MsRPC - ok
18:01:39.0097 0x006c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
18:01:39.0113 0x006c  mssmbios - ok
18:01:39.0227 0x006c  [ 966EC55988D580B9823C453781309450, 52942A68A3DE6C6A9730D27667A0AAA35B65889C37B243B83CC9B54DFAFE4A2D ] MSTAPE          C:\Windows\system32\DRIVERS\mstape.sys
18:01:39.0252 0x006c  MSTAPE - ok
18:01:39.0362 0x006c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:01:39.0372 0x006c  MSTEE - ok
18:01:39.0448 0x006c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
18:01:39.0462 0x006c  MTConfig - ok
18:01:39.0595 0x006c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
18:01:39.0624 0x006c  Mup - ok
18:01:39.0853 0x006c  [ 4987E079A4530FA737A128BE54B63B12, 27E51CC7D4D90DC4397575491DE7EFE15808709F097E2828E46AA73C771A47A4 ] napagent        C:\Windows\system32\qagentRT.dll
18:01:40.0002 0x006c  napagent - ok
18:01:40.0203 0x006c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:01:40.0287 0x006c  NativeWifiP - ok
18:01:40.0695 0x006c  [ CAD515DBD07D082BB317D9928CE8962C, 7AFA6D6154AC68F9FCC37B7B3324F7A170AE91035805026445F24F6EB4FB7F2E ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:01:40.0993 0x006c  NDIS - ok
18:01:41.0136 0x006c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:01:41.0155 0x006c  NdisCap - ok
18:01:41.0253 0x006c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:01:41.0281 0x006c  NdisTapi - ok
18:01:41.0384 0x006c  [ F105BA1E22BF1F2EE8F005D4305E4BEC, 723DA09E13D0F50634D9F114590B837D16F7B36AA0DA2AB8F8C2D9991624EA8F ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:01:41.0424 0x006c  Ndisuio - ok
18:01:41.0563 0x006c  [ 557DFAB9CA1FCB036AC77564C010DAD3, 8A21B342AFE5B498FB62EDDC81A3ADA9570677B7A382666090E0ABB1F85FEF29 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:01:41.0610 0x006c  NdisWan - ok
18:01:41.0743 0x006c  [ 659B74FB74B86228D6338D643CD3E3CF, 83D741B7A2A204A661A80C226212749F514800060D05E217FA6DC14D62F38F80 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:01:41.0764 0x006c  NDProxy - ok
18:01:41.0872 0x006c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:01:41.0890 0x006c  NetBIOS - ok
18:01:42.0069 0x006c  [ 9162B273A44AB9DCE5B44362731D062A, 5A1BA6DBFEBB2618DC9D4CC55FA071C170A5D22FFB24CE62DD5B3210D8B45F39 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:01:42.0142 0x006c  NetBT - ok
18:01:42.0276 0x006c  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] Netlogon        C:\Windows\system32\lsass.exe
18:01:42.0302 0x006c  Netlogon - ok
18:01:42.0506 0x006c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
18:01:42.0620 0x006c  Netman - ok
18:01:42.0782 0x006c  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:01:42.0825 0x006c  NetMsmqActivator - ok
18:01:42.0938 0x006c  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:01:42.0972 0x006c  NetPipeActivator - ok
18:01:43.0239 0x006c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
18:01:43.0391 0x006c  netprofm - ok
18:01:43.0513 0x006c  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:01:43.0552 0x006c  NetTcpActivator - ok
18:01:43.0666 0x006c  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:01:43.0707 0x006c  NetTcpPortSharing - ok
18:01:44.0721 0x006c  [ B9FCC4FE653AE8F4338E153D789445E8, DABE0273C99C76F27697F9350A2BF10E46757605688934DCC7FAC982ABBA7AA9 ] NETw4x64        C:\Windows\system32\DRIVERS\NETw4x64.sys
18:01:45.0577 0x006c  NETw4x64 - ok
18:01:47.0301 0x006c  [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
18:01:48.0895 0x006c  netw5v64 - ok
18:01:49.0183 0x006c  [ 2263727032E9B19231A706046B8C82D3, AAAE23FF8164BC03F9C331C324F4C4AC7298535CC0BBBB14E9319D009D92D9E1 ] NetworkX        C:\Windows\system32\ckldrv.sys
18:01:49.0200 0x006c  NetworkX - ok
18:01:49.0407 0x006c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
18:01:49.0427 0x006c  nfrd960 - ok
18:01:49.0620 0x006c  [ ACE8C64C57E4A711473C8BC10ADF692B, 53D8083CE78DB5527080B4570AC28ABAA262667744A319707AE0C46E46B297F9 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
18:01:49.0660 0x006c  NisDrv - ok
18:01:49.0845 0x006c  [ 6247E8B31ED0A9D6BC5A26276E49BEB3, 230C0C560492C454B9EB14B50EB4A78DC74FAB6B662449A0EA3114B3E671BFF3 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
18:01:49.0946 0x006c  NisSrv - ok
18:01:50.0218 0x006c  [ 3500F7EE1B8EC623F4170721A5AE1050, 7F65603DB3F10A320420A2CB921247B7F8E1D2E3079B7F8887C8D3D06E05B03B ] NitroDriverReadSpool C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe
18:01:50.0313 0x006c  NitroDriverReadSpool - ok
18:01:50.0513 0x006c  [ D9A0CE66046D6EFA0C61BAA885CBA0A8, 06C3331C7F3EE0E0B95E8302CB80315E965587C4D6231785B8ACF3FAE4731FAF ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:01:50.0616 0x006c  NlaSvc - ok
18:01:50.0876 0x006c  [ 3E28B6B2D0A3880EFB21A2EAD1AE539E, 7B90C465E9C6D7CE405BE32490134508560D963DAFD724ADE5C2AADBB415D513 ] nlsX86cc        C:\Windows\SysWOW64\NLSSRV32.EXE
18:01:50.0919 0x006c  nlsX86cc - ok
18:01:51.0034 0x006c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:01:51.0054 0x006c  Npfs - ok
18:01:51.0152 0x006c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
18:01:51.0199 0x006c  nsi - ok
18:01:51.0323 0x006c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:01:51.0338 0x006c  nsiproxy - ok
18:01:52.0005 0x006c  [ 9A6089B056EA1B83B36424FC9D0A300E, EA60282C5A32B497921B568C1FE735F5BDB9D954DDC4E609F7F3CAE5ED823CEC ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:01:52.0438 0x006c  Ntfs - ok
18:01:52.0650 0x006c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
18:01:52.0660 0x006c  Null - ok
18:01:52.0813 0x006c  [ A4D9C9A608A97F59307C2F2600EDC6A4, D786F4CA2D10BAC31CE14A338C442F7027D4BB2E955AB99BC44C2F241D383BBE ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:01:52.0881 0x006c  nvraid - ok
18:01:53.0027 0x006c  [ 6C1D5F70E7A6A3FD1C90D840EDC048B9, 8D5337742A0F5B04D636C163CE77D4A9B3684CF81170026912A402513B44BA77 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:01:53.0074 0x006c  nvstor - ok
18:01:53.0224 0x006c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys
18:01:53.0265 0x006c  nv_agp - ok
18:01:53.0555 0x006c  [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:01:53.0677 0x006c  odserv - ok
18:01:53.0821 0x006c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
18:01:53.0847 0x006c  ohci1394 - ok
18:01:54.0017 0x006c  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:01:54.0060 0x006c  ose - ok
18:01:55.0018 0x006c  [ 673E36852E2F9FA778D5D3DDCEFA591B, A15EF7E93F7101A7AC34FCF4912755A3DA35013FFB225A53A370C183110B26DC ] PaceLicenseDServices C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
18:01:55.0794 0x006c  PaceLicenseDServices - ok
18:01:56.0043 0x006c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
18:01:56.0073 0x006c  Parport - ok
18:01:56.0224 0x006c  [ 90061B1ACFE8CCAA5345750FFE08D8B8, 76309683FFDF380AF9C6E1D9A52E46B011A0BF1026D747181D01F3312B7541C7 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:01:56.0248 0x006c  partmgr - ok
18:01:56.0440 0x006c  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:01:56.0512 0x006c  PcaSvc - ok
18:01:56.0676 0x006c  [ F36F6504009F2FB0DFD1B17A116AD74B, 33A4C217F7DC5E5B7E1B6CF335327C8FE6CC5D6D048D420252965574CAD83918 ] pci             C:\Windows\system32\DRIVERS\pci.sys
18:01:56.0726 0x006c  pci - ok
18:01:56.0835 0x006c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
18:01:56.0847 0x006c  pciide - ok
18:01:57.0018 0x006c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
18:01:57.0075 0x006c  pcmcia - ok
18:01:57.0192 0x006c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:01:57.0212 0x006c  pcw - ok
18:01:57.0518 0x006c  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:01:57.0682 0x006c  PEAUTH - ok
18:01:58.0212 0x006c  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
18:01:58.0605 0x006c  PeerDistSvc - ok
18:01:58.0901 0x006c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:01:58.0924 0x006c  PerfHost - ok
18:01:59.0685 0x006c  [ 557E9A86F65F0DE18C9B6751DFE9D3F1, 630EE5A80335929517A22D130C75CBCE882B92978372A6F36C30B9D353C7BB07 ] pla             C:\Windows\system32\pla.dll
18:02:00.0095 0x006c  pla - ok
18:02:00.0375 0x006c  [ 98B1721B8718164293B9701B98C52D77, 27F5F00D4AA394D4D8D0A0062EDC3F944B603E07CAAEDC5CC959BA1E8C208C2A ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:02:00.0565 0x006c  PlugPlay - ok
18:02:01.0003 0x006c  [ 166EB40D1F5B47E615DE3D0FFFE5F243, E32BCCA0D25CD631C221986EBE9F6C54BF2F12DE1672D69CCC4E22AD07D0525A ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:02:01.0362 0x006c  PolicyAgent - ok
18:02:01.0824 0x006c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
18:02:01.0953 0x006c  Power - ok
18:02:02.0160 0x006c  [ 27CC19E81BA5E3403C48302127BDA717, C580FC552DDF9C163FC325B38B05C06FFD696495E4C01514BCD6346CFE4F0B40 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:02:02.0196 0x006c  PptpMiniport - ok
18:02:02.0401 0x006c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
18:02:02.0473 0x006c  Processor - ok
18:02:02.0696 0x006c  [ F381975E1F4346DE875CB07339CE8D3A, 867BFC2E9A08E026289794019B8DE651A8604D06DD6A9BF166C29AFC24B6D26E ] ProfSvc         C:\Windows\system32\profsvc.dll
18:02:02.0809 0x006c  ProfSvc - ok
18:02:02.0986 0x006c  [ EE992183BD8EAEFD9973F352E587A299, 6B28930FAA0A54FAADDAF2231553D7F5D45C7227454C6D49A86DFC9EF6BC9043 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:02:03.0023 0x006c  Psched - ok
18:02:03.0200 0x006c  [ F2EECF8977BD3FE4E38743DDCFBECD20, 37AC3692C9159289C0675886930AA1999AE55196192F4EB22634D8DB46E4D9CC ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
18:02:03.0220 0x006c  PxHlpa64 - ok
18:02:03.0923 0x006c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
18:02:04.0371 0x006c  ql2300 - ok
18:02:04.0602 0x006c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
18:02:04.0642 0x006c  ql40xx - ok
18:02:04.0846 0x006c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
18:02:04.0944 0x006c  QWAVE - ok
18:02:05.0097 0x006c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:02:05.0117 0x006c  QWAVEdrv - ok
18:02:05.0268 0x006c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:02:05.0302 0x006c  RasAcd - ok
18:02:05.0541 0x006c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:02:05.0582 0x006c  RasAgileVpn - ok
18:02:05.0759 0x006c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
18:02:05.0810 0x006c  RasAuto - ok
18:02:05.0954 0x006c  [ 87A6E852A22991580D6D39ADC4790463, 0F757C6E5B57DFC239CE1BEC88EF16C07E7F1A40D629A9A6DF3CB6B88FB9E642 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:02:06.0005 0x006c  Rasl2tp - ok
18:02:06.0206 0x006c  [ 47394ED3D16D053F5906EFE5AB51CC83, FE5D1249788DB6D85C55769251B0AED738D3BBA04DF57124E03397D3C0599286 ] RasMan          C:\Windows\System32\rasmans.dll
18:02:06.0327 0x006c  RasMan - ok
18:02:06.0466 0x006c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:02:06.0496 0x006c  RasPppoe - ok
18:02:06.0642 0x006c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:02:06.0674 0x006c  RasSstp - ok
18:02:06.0910 0x006c  [ 3BAC8142102C15D59A87757C1D41DCE5, C0C2C6887EA5A439E69221196348382ACE3E1942C9C6E0A970E153890F71724C ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:02:06.0995 0x006c  rdbss - ok
18:02:07.0141 0x006c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
18:02:07.0155 0x006c  rdpbus - ok
18:02:07.0280 0x006c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:02:07.0299 0x006c  RDPCDD - ok
18:02:07.0611 0x006c  [ 9706B84DBABFC4B4CA46C5A82B14DFA3, AFDC07C257BCB768861483A1842FFB647523946B16DA2812EFAE4FD3252BA303 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
18:02:07.0668 0x006c  RDPDR - ok
18:02:07.0825 0x006c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:02:07.0834 0x006c  RDPENCDD - ok
18:02:08.0079 0x006c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
18:02:08.0092 0x006c  RDPREFMP - ok
18:02:08.0304 0x006c  [ 447DE7E3DEA39D422C1504F245B668B1, C54D90D2F9405E011E490D3C2F0F64488B87B969C95E367C076BBFCFD8654909 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:02:08.0365 0x006c  RDPWD - ok
18:02:08.0587 0x006c  [ 634B9A2181D98F15941236886164EC8B, 15C55F05FD3CD751F619F18E2ADF91552AE82146501CD031402277F496A5B7D8 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:02:08.0662 0x006c  rdyboost - ok
18:02:08.0844 0x006c  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
18:02:08.0889 0x006c  RFCOMM - ok
18:02:09.0046 0x006c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:02:09.0086 0x006c  RpcEptMapper - ok
18:02:09.0242 0x006c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
18:02:09.0268 0x006c  RpcLocator - ok
18:02:09.0527 0x006c  [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] RpcSs           C:\Windows\system32\rpcss.dll
18:02:09.0677 0x006c  RpcSs - ok
18:02:09.0846 0x006c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:02:09.0872 0x006c  rspndr - ok
18:02:09.0990 0x006c  [ 88AF6E02AB19DF7FD07ECDF9C91E9AF6, C890DCCC875F957CAAD4655EBFF384E3C5998040CA2BA360E92C96A647D1C399 ] s3cap           C:\Windows\system32\DRIVERS\vms3cap.sys
18:02:10.0001 0x006c  s3cap - ok
18:02:10.0124 0x006c  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] SamSs           C:\Windows\system32\lsass.exe
18:02:10.0150 0x006c  SamSs - ok
18:02:10.0292 0x006c  [ E3BBB89983DAF5622C1D50CF49F28227, 49370DC142D577D657BF5755AA9B8625C35D3DDAF1F9466B4888507FB8E6FF07 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
18:02:10.0327 0x006c  sbp2port - ok
18:02:10.0489 0x006c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:02:10.0565 0x006c  SCardSvr - ok
18:02:10.0700 0x006c  [ C94DA20C7E3BA1DCA269BC8460D98387, E1A5629728A79233B62BA87B4354BC3A332A853CC36A60E77B34923F4BCA8A61 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:02:10.0719 0x006c  scfilter - ok
18:02:11.0131 0x006c  [ 624D0F5FF99428BB90A5B8A4123E918E, 90A43E6F09B56CB86A3E3851F8E5ABB74905AEB70296F4B87BEDBC3027E65E86 ] Schedule        C:\Windows\system32\schedsvc.dll
18:02:11.0463 0x006c  Schedule - ok
18:02:11.0666 0x006c  [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:02:11.0698 0x006c  SCPolicySvc - ok
18:02:11.0880 0x006c  [ 765A27C3279CE11D14CB9E4F5869FCA5, B6C2EFFBA938828FEF7FE992A4C88B3154D053763C38762DCE13252FE9571FA1 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:02:11.0959 0x006c  SDRSVC - ok
18:02:12.0631 0x006c  [ 95AA9E165C7DE1B64A11E8B18E91E499, 505BB51F358EAE5835071A89069530DFDA99E9C5220EA6A648842C15E74E4907 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
18:02:13.0110 0x006c  SDScannerService - ok
18:02:13.0595 0x006c  [ D31398D4BB4907B517B6E784C2100C4A, 36BDB2BFAC2C0ADF8C6DF6D1511ECF43C8F6ED7D4D76244DC5232AD97BA5E9C9 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
18:02:13.0879 0x006c  SDUpdateService - ok
18:02:14.0090 0x006c  [ 6AE8E702D1027A9627DDE2B77BB9992B, 5EA68E2A487D252A68DB0861E7FAFA69956D266CBAA5A1D77751F7E6BD4169B7 ] SDWSCService    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
18:02:14.0138 0x006c  SDWSCService - ok
18:02:14.0286 0x006c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:02:14.0302 0x006c  secdrv - ok
18:02:14.0474 0x006c  [ 463B386EBC70F98DA5DFF85F7E654346, 8E27B18B04AF587719D1DAE75A042DB998E06CAE112BD68626EF046036D2DCDC ] seclogon        C:\Windows\system32\seclogon.dll
18:02:14.0506 0x006c  seclogon - ok
18:02:14.0670 0x006c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
18:02:14.0719 0x006c  SENS - ok
18:02:14.0859 0x006c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:02:14.0895 0x006c  SensrSvc - ok
18:02:15.0065 0x006c  [ 84AC127242DD3CCDE02F9A4673214B1F, 87E229138AAF10951C153F0BEC9B46CB459FE80074E02DE1DA0BC0FA5A11F237 ] Sentinel64      C:\Windows\System32\Drivers\Sentinel64.sys
18:02:15.0109 0x006c  Sentinel64 - ok
18:02:15.0267 0x006c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
18:02:15.0283 0x006c  Serenum - ok
18:02:15.0434 0x006c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
18:02:15.0467 0x006c  Serial - ok
18:02:15.0590 0x006c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
18:02:15.0605 0x006c  sermouse - ok
18:02:16.0043 0x006c  [ C3BC61CE47FF6F4E88AB8A3B429A36AF, 6CA53AD0CB7215BAE3467EC1FD490E3A18504BD6CD4F0FABF9BD37516AB9DFE0 ] SessionEnv      C:\Windows\system32\sessenv.dll
18:02:16.0095 0x006c  SessionEnv - ok
18:02:16.0227 0x006c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
18:02:16.0242 0x006c  sffdisk - ok
18:02:16.0359 0x006c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:02:16.0371 0x006c  sffp_mmc - ok
18:02:16.0477 0x006c  [ 178298F767FE638C9FEDCBDEF58BB5E4, 053D12CFEE5C54EA7D06F9C9CAE93544FE258A4825CDE2A14090BC81A96E1CF7 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
18:02:16.0490 0x006c  sffp_sd - ok
18:02:16.0630 0x006c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
18:02:16.0650 0x006c  sfloppy - ok
18:02:16.0952 0x006c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:02:17.0069 0x006c  SharedAccess - ok
18:02:17.0291 0x006c  [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF, 1C1D17301A4D37DBF906955CCABD2A3FDA47AFB24CBA978CF851123762249848 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:02:17.0405 0x006c  ShellHWDetection - ok
18:02:17.0537 0x006c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:02:17.0556 0x006c  SiSRaid2 - ok
18:02:17.0698 0x006c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
18:02:17.0728 0x006c  SiSRaid4 - ok
18:02:17.0924 0x006c  [ F5BBEDF602C310B00036EB2DBF4348A5, AC2712E639F0C54BCF00EB4E90E805335871EA27AE8A45DFC53EDF28822318C4 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
18:02:17.0974 0x006c  SkypeUpdate - ok
18:02:18.0135 0x006c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:02:18.0165 0x006c  Smb - ok
18:02:18.0460 0x006c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:02:18.0491 0x006c  SNMPTRAP - ok
18:02:18.0640 0x006c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:02:18.0652 0x006c  spldr - ok
18:02:18.0963 0x006c  [ F8E1FA03CB70D54A9892AC88B91D1E7B, 55EECAAD4C7EC0868BE937F4ADDA026AFDFCC614E94DE4B3248BFF2BE7FF13E8 ] Spooler         C:\Windows\System32\spoolsv.exe
18:02:19.0129 0x006c  Spooler - ok
18:02:20.0241 0x006c  [ 913D843498553A1BC8F8DBAD6358E49F, F8B931FDABF669D642CBDCD2FF31E07F8A5E2D5F72E11D4A8FF219CCFB5825E9 ] sppsvc          C:\Windows\system32\sppsvc.exe
18:02:21.0207 0x006c  sppsvc - ok
18:02:21.0506 0x006c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
18:02:21.0549 0x006c  sppuinotify - ok
18:02:21.0845 0x006c  [ 2408C0366D96BCDF63E8F1C78E4A29C5, 66F646890695B5D80536E88B1566C8765D89CFE25954ED650F6D773EFF045016 ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:02:21.0985 0x006c  srv - ok
18:02:22.0206 0x006c  [ 76548F7B818881B47D8D1AE1BE9C11F8, 8F1356B07A6A55746FC71B6DB0322128941AE890850196F2B19BC01E6FC9B41C ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:02:22.0325 0x006c  srv2 - ok
18:02:22.0491 0x006c  [ 0AF6E19D39C70844C5CAA8FB0183C36E, 4494EEFDEA7198888D32E74727E5BC0AC628FFA70B1FE7EB59DBEEDC1A95D0DD ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:02:22.0548 0x006c  srvnet - ok
18:02:22.0720 0x006c  [ 8F8324ED1DE63FFC7B1A02CD2D963C72, E58603F81DEAFF1D45CB83FB6E625E6A13868741B833B1C9E60D672179D18EE0 ] ssadbus         C:\Windows\system32\DRIVERS\ssadbus.sys
18:02:22.0778 0x006c  ssadbus - ok
18:02:22.0907 0x006c  [ 58221EFCB74167B73667F0024C661CE0, D9B67A8897B4DC3E4729187F17ABEB4710CF57440D718E17ED828439198D34DB ] ssadmdfl        C:\Windows\system32\DRIVERS\ssadmdfl.sys
18:02:22.0922 0x006c  ssadmdfl - ok
18:02:23.0108 0x006c  [ 4DA7C71BFAC5AD71255B7E4CAB980163, 4CC0F9C8E96ECEF36EEB021E448A9734B63512D030516DC38B1A2EEAA1043AEC ] ssadmdm         C:\Windows\system32\DRIVERS\ssadmdm.sys
18:02:23.0161 0x006c  ssadmdm - ok
18:02:23.0329 0x006c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:02:23.0401 0x006c  SSDPSRV - ok
18:02:23.0550 0x006c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:02:23.0603 0x006c  SstpSvc - ok
18:02:23.0729 0x006c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
18:02:23.0749 0x006c  stexstor - ok
18:02:24.0057 0x006c  [ 52D0E33B681BD0F33FDC08812FEE4F7D, BBEBC0773402F6697D2F14F63E5E4FDC2180466E7FDBD306E408535B10160249 ] stisvc          C:\Windows\System32\wiaservc.dll
18:02:24.0249 0x006c  stisvc - ok
18:02:24.0432 0x006c  [ FFD7A6F15B14234B5B0E5D49E7961895, 9553BDB65D021DA621BDFF1C180B9F4C6355FC748BAE854CE114D4B3EFF307B7 ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
18:02:24.0450 0x006c  storflt - ok
18:02:24.0598 0x006c  [ 8FCCBEFC5C440B3C23454656E551B09A, 392A38D0B18B7FD08ACBE3E56ADCB235FA49BDB99F81E0820434D57332FA8FF7 ] storvsc         C:\Windows\system32\DRIVERS\storvsc.sys
18:02:24.0616 0x006c  storvsc - ok
18:02:24.0754 0x006c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
18:02:24.0767 0x006c  swenum - ok
18:02:25.0529 0x006c  [ 3C1284516A62078FB68F768DE4F1A7BE, 67ECD462335EF88773E4BAEAB230A68EC92A25F8CD8F115873F669205AE6A1A9 ] SysMain         C:\Windows\system32\sysmain.dll
18:02:26.0041 0x006c  SysMain - ok
18:02:26.0316 0x006c  [ 884264AC597B690C5707C89723BB8E7B, 9BF209A4128019421F7EC4AFF71103C5F411DB6CFB32AAC1633E789AD7A30708 ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:02:26.0422 0x006c  TapiSrv - ok
18:02:26.0584 0x006c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
18:02:26.0628 0x006c  TBS - ok
18:02:27.0278 0x006c  [ 5CFB7AB8F9524D1A1E14369DE63B83CC, BC22FC5714A6A8F8CF95D3D9656332D7B315FF7CFA50C0DEB7437A30651D10C7 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:02:27.0819 0x006c  Tcpip - ok
18:02:28.0483 0x006c  [ 5CFB7AB8F9524D1A1E14369DE63B83CC, BC22FC5714A6A8F8CF95D3D9656332D7B315FF7CFA50C0DEB7437A30651D10C7 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:02:28.0991 0x006c  TCPIP6 - ok
18:02:29.0360 0x006c  [ 76D078AF6F587B162D50210F761EB9ED, 3813171036B4036306CADC29F877ADAE44B241DDF65B3699C352B7CDA9EC68C9 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:02:29.0379 0x006c  tcpipreg - ok
18:02:29.0604 0x006c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:02:29.0619 0x006c  TDPIPE - ok
18:02:29.0734 0x006c  [ 7518F7BCFD4B308ABC9192BACAF6C970, CF08E547EF4059DA3F5A2FCBA98939E84092BB6E0E37F9BBCD1E4D9EBB8A58BB ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:02:29.0755 0x006c  TDTCP - ok
18:02:29.0934 0x006c  [ 079125C4B17B01FCAEEBCE0BCB290C0F, B2DF1F2317EF5DCF0A89327332E9F2770ED604005B3138C095FF01AA63B91437 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:02:29.0968 0x006c  tdx - ok
18:02:30.0116 0x006c  [ C448651339196C0E869A355171875522, C12441CF21D7D47804952B968689D78E3BA0323A90C4C811B54A6B2E6260BAD4 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
18:02:30.0143 0x006c  TermDD - ok
18:02:30.0455 0x006c  [ 0F05EC2887BFE197AD82A13287D2F404, 78C8A8FE9B1101430CA79875DA34413C35B6D7A5EE1932E454C50731335437A6 ] TermService     C:\Windows\System32\termsrv.dll
18:02:30.0676 0x006c  TermService - ok
18:02:30.0834 0x006c  [ 9201BE2BAB8A9FF8E20D8439AE3BB04D, D973C4FE5B8D02B15476D72B49105840A04DBFF8BCB77117C0354D046E6C02FB ] Themes          C:\Windows\system32\themeservice.dll
18:02:30.0871 0x006c  Themes - ok
18:02:31.0017 0x006c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
18:02:31.0054 0x006c  THREADORDER - ok
18:02:31.0253 0x006c  [ BA73D503348F3323BD8E995860323442, A01A16283D19F28D4BA41E4FF7A699F07B278317D436E7503F255AF4F89999A2 ] Tpkd            C:\Windows\system32\drivers\Tpkd.sys
18:02:31.0284 0x006c  Tpkd - ok
18:02:31.0465 0x006c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
18:02:31.0523 0x006c  TrkWks - ok
18:02:31.0721 0x006c  [ 840F7FB849F5887A49BA18C13B2DA920, A59C40A090E03C0136A865FC54508BA938E7B467C8198BC009FE263E6C275781 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:02:31.0780 0x006c  TrustedInstaller - ok
18:02:32.0016 0x006c  [ 61B96C26131E37B24E93327A0BD1FB95, 7C551B6FD0447258BC3FDED72D8D41A0E8B731562170C264295592D45F85D9FF ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:02:32.0034 0x006c  tssecsrv - ok
18:02:32.0209 0x006c  [ 3836171A2CDF3AF8EF10856DB9835A70, 74CD0A21B4E5B47E8D762CC28282CA8D512D424EC591D90099B9F8D034AA2FC2 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:02:32.0249 0x006c  tunnel - ok
18:02:32.0393 0x006c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
18:02:32.0416 0x006c  uagp35 - ok
18:02:32.0627 0x006c  [ D47BAEAD86C65D4F4069D7CE0A4EDCEB, DBAEA010F11A5EFD961B1841308EA3F220A9FFB01F364BA9B8F72200DA2BBCD8 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:02:32.0711 0x006c  udfs - ok
18:02:33.0072 0x006c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:02:33.0113 0x006c  UI0Detect - ok
18:02:33.0253 0x006c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys
18:02:33.0281 0x006c  uliagpkx - ok
18:02:33.0431 0x006c  [ EAB6C35E62B1B0DB0D1B48B671D3A117, E65034BF757AE4D21F69D7A91A7990E326A29A0CE9F871FD704B5E6CCC821FF0 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
18:02:33.0451 0x006c  umbus - ok
18:02:33.0581 0x006c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
18:02:33.0592 0x006c  UmPass - ok
18:02:33.0796 0x006c  [ AF0AC98EE5077EB844413EB54287FDE3, 1586326510DE94E2735EFAD94A68D06DB5B7347B68055A9EA8B95E19D91A2E69 ] UmRdpService    C:\Windows\System32\umrdp.dll
18:02:33.0879 0x006c  UmRdpService - ok
18:02:34.0186 0x006c  [ 67A95B9D129ED5399E7965CD09CF30E7, F1F2F684146F1CCB293BB9871117B8CFC1D04588A830F67CE5D3F0D034D93B2A ] UMVPFSrv        C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
18:02:34.0305 0x006c  UMVPFSrv - ok
18:02:34.0477 0x006c  [ 9DC07E73A4ABB9ACF692113B36A5009F, CA7176FC219515D58DCFA66EC61880ECE5617275C9B83701BB74D8B60E733D34 ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
18:02:34.0488 0x006c  UnlockerDriver5 - ok
18:02:34.0727 0x006c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
18:02:34.0847 0x006c  upnphost - ok
18:02:35.0036 0x006c  [ 7B6A127C93EE590E4D79A5F2A76FE46F, 6F178916EF6D58D1E5B26C0D9D95C276B776505BFC9F716BB1E3ABD3B2B72FCE ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:02:35.0066 0x006c  usbccgp - ok
18:02:35.0210 0x006c  [ 92969BA5AC44E229C55A332864F79677, 4ED1E1049E7641D3FFF5D296F2D59060225CE52AB9F7B5CA618898B46A772F98 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
18:02:35.0233 0x006c  usbehci - ok
18:02:35.0403 0x006c  [ 4176A410D726FEFF1DFEF6A001E0F5C5, 0C2142B1C687896F879757B5DD4087C29828189BF4BDFE39BADCE90BC86A82C9 ] UsbEvdoAtc      C:\Windows\system32\DRIVERS\lgevdo64atc.sys
18:02:35.0418 0x006c  UsbEvdoAtc - ok
18:02:35.0548 0x006c  [ BED88393AE289908D1BA506FAC8D5F9B, 9B4ADA812A80FBCCCC06514523D82E4E16342D8BECA5F904435030130BDEDD60 ] usbevdobus      C:\Windows\system32\DRIVERS\lgevdo64bus.sys
18:02:35.0563 0x006c  usbevdobus - ok
18:02:35.0725 0x006c  [ E837E343058EE2C33E2EADD3A82D937A, C2C74A51F5D6A218B939EEEC05780DC687624F3CEF0F435B408D0D997974369C ] UsbEvdoDiag     C:\Windows\system32\DRIVERS\lgevdo64diag.sys
18:02:35.0743 0x006c  UsbEvdoDiag - ok
18:02:35.0914 0x006c  [ 4D173CC869969E6441A5553B62A7FA15, 5C07A1380A3E4463F4D5CA0B03B5D2392BA61A741707DBB1E74A223D88A55211 ] USBEVDOModem    C:\Windows\system32\DRIVERS\lgevdo64modem.sys
18:02:35.0929 0x006c  USBEVDOModem - ok
18:02:36.0138 0x006c  [ E7DF1CFD28CA86B35EF5ADD0735CEEF3, AA751288EC34D61D934D7E8C036B60BBCEDC2A746815623478BB015D87D6A998 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:02:36.0235 0x006c  usbhub - ok
18:02:36.0374 0x006c  [ F1BB1E55F1E7A65C5839CCC7B36D773E, 4F517F81FA5688D78D3627EA7D2EA16AD4EB410D7624FE483C7AF26951E579A9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
18:02:36.0389 0x006c  usbohci - ok
18:02:36.0533 0x006c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
18:02:36.0556 0x006c  usbprint - ok
18:02:36.0711 0x006c  [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
18:02:36.0731 0x006c  usbscan - ok
18:02:36.0887 0x006c  [ F39983647BC1F3E6100778DDFE9DCE29, 3BD36594F7C753680DB5A4354B1D6A33FC3011631D2D56DD4B2464AA99C85F7B ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:02:36.0916 0x006c  USBSTOR - ok
18:02:37.0053 0x006c  [ BC3070350A491D84B518D7CCA9ABD36F, 96FFF9F76A93CF4806297AE7C11A5C6D1E7A9980260E6CFC960F8247D5032161 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
18:02:37.0071 0x006c  usbuhci - ok
18:02:37.0278 0x006c  [ 7CB8C573C6E4A2714402CC0A36EAB4FE, FCD65AA3723617F58F77C4DA93CE910C712B8AA9411B5C4A60DC6C684EA53C1B ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
18:02:37.0329 0x006c  usbvideo - ok
18:02:37.0487 0x006c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
18:02:37.0528 0x006c  UxSms - ok
18:02:37.0671 0x006c  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] VaultSvc        C:\Windows\system32\lsass.exe
18:02:37.0697 0x006c  VaultSvc - ok
18:02:37.0867 0x006c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys
18:02:37.0888 0x006c  vdrvroot - ok
18:02:38.0153 0x006c  [ 44D73E0BBC1D3C8981304BA15135C2F2, 2849387BBCFB0189AF5604D2F7A631BD5D6BBB2CA73AF6E870069AF382A74DED ] vds             C:\Windows\System32\vds.exe
18:02:38.0319 0x006c  vds - ok
18:02:38.0479 0x006c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:02:38.0504 0x006c  vga - ok
18:02:38.0642 0x006c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:02:38.0659 0x006c  VgaSave - ok
18:02:38.0872 0x006c  [ C82E748660F62A242B2DFAC1442F22A4, 24AD6CAA918C5AB6F461D88825885C8637C224001AAD7A80BDC240368CDB0B7E ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
18:02:38.0934 0x006c  vhdmp - ok
18:02:39.0086 0x006c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\DRIVERS\viaide.sys
18:02:39.0099 0x006c  viaide - ok
18:02:39.0309 0x006c  [ 1501699D7EDA984ABC4155A7DA5738D1, 448DFEFF565F1467F387E4EC9782DDD48B8FFDDF6B1EA46A790C2782C20BD952 ] vmbus           C:\Windows\system32\DRIVERS\vmbus.sys
18:02:39.0368 0x006c  vmbus - ok
18:02:39.0502 0x006c  [ AE10C35761889E65A6F7176937C5592C, 9DC27647B6149C9B2523799F85B18122CCE749264624FE2E5FE843FE00642BBE ] VMBusHID        C:\Windows\system32\DRIVERS\VMBusHID.sys
18:02:39.0519 0x006c  VMBusHID - ok
18:02:39.0670 0x006c  [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3, 91F2B935E1E88C5542650F7D679A75D0562F4A5812179D1EC146D4B6351361E2 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys
18:02:39.0695 0x006c  volmgr - ok
18:02:39.0939 0x006c  [ 99B0CBB569CA79ACAED8C91461D765FB, 5BE394A39A941DE2AA1212E66B7068F90D423FA816238657CB9B2DA8BBE69B9B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:02:40.0045 0x006c  volmgrx - ok
18:02:40.0289 0x006c  [ 9E425AC5C9A5A973273D169F43B4F5E1, 64C9A9D4A39865E56F01B4FDE1B56034C4B2A2AEF2ABE15EC1C37911C59595B0 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:02:40.0373 0x006c  volsnap - ok
18:02:40.0645 0x006c  [ 064BA38175E9DBBEAF1D791E9364C6D9, FBAEB072126C3795DD5E708959750455607E726BBEB28D1AC9358E40AEF8B355 ] Vsdatant        C:\Windows\system32\DRIVERS\vsdatant.sys
18:02:40.0767 0x006c  Vsdatant - ok
18:02:40.0928 0x006c  vsmon - ok
18:02:41.0136 0x006c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
18:02:41.0186 0x006c  vsmraid - ok
18:02:41.0482 0x006c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
18:02:41.0496 0x006c  vwifibus - ok
18:02:41.0871 0x006c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
18:02:41.0991 0x006c  W32Time - ok
18:02:42.0252 0x006c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
18:02:42.0272 0x006c  WacomPen - ok
18:02:42.0466 0x006c  [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:02:42.0498 0x006c  WANARP - ok
18:02:42.0637 0x006c  [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:02:42.0669 0x006c  Wanarpv6 - ok
18:02:43.0200 0x006c  [ 5AB1BB85BD8B5089CC5D64200DEDAE68, 28777D4F3CD07C8E3465B6DA0FCA994E0B93071A3A0D4D1D64C1DF633DD1C64F ] wbengine        C:\Windows\system32\wbengine.exe
18:02:43.0627 0x006c  wbengine - ok
18:02:43.0892 0x006c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:02:43.0976 0x006c  WbioSrvc - ok
18:02:44.0217 0x006c  [ DD1BAE8EBFC653824D29CCF8C9054D68, 81D6640222FE276D721168745F6BB905D4E756909A9B2C706AF25465D748772D ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:02:44.0367 0x006c  wcncsvc - ok
18:02:44.0532 0x006c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:02:44.0574 0x006c  WcsPlugInService - ok
18:02:44.0729 0x006c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
18:02:44.0748 0x006c  Wd - ok
18:02:45.0064 0x006c  [ 441BD2D7B4F98134C3A4F9FA570FD250, FF20815273014C5A27C2B75E2C70FE674809293627056199F502DFDF4CECFCA1 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:02:45.0242 0x006c  Wdf01000 - ok
18:02:45.0445 0x006c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:02:45.0500 0x006c  WdiServiceHost - ok
18:02:45.0632 0x006c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:02:45.0688 0x006c  WdiSystemHost - ok
18:02:45.0916 0x006c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:02:46.0007 0x006c  Wecsvc - ok
18:02:46.0169 0x006c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
18:02:46.0181 0x006c  WfpLwf - ok
18:02:46.0330 0x006c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:02:46.0346 0x006c  WIMMount - ok
18:02:46.0706 0x006c  [ 47E8FE123D0A99DC0E172F89425B9342, 85E197DC7858A8396BA49E93CD1A35503F6546EEB24B7986E3D2D8C071CC46AA ] winachsf        C:\Windows\system32\DRIVERS\CAX_CNXT.sys
18:02:46.0897 0x006c  winachsf - ok
18:02:47.0236 0x006c  WinHttpAutoProxySvc - ok
18:02:47.0551 0x006c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:02:47.0617 0x006c  Winmgmt - ok
18:02:48.0351 0x006c  [ 41FBB751936B387F9179E7F03A74FE29, 7A73D887BEC19DFC485ED42B4E6ABEBF824555139B81EA30731A00773E707464 ] WinRM           C:\Windows\system32\WsmSvc.dll
18:02:48.0946 0x006c  WinRM - ok
18:02:49.0404 0x006c  [ 817EAFF5D38674EDD7713B9DFB8E9791, F6E0BFC503BA7395F92989C11B454D1F1E58E29302BA203801449A2C5236E84D ] WinUsb          C:\Windows\system32\DRIVERS\WinUSB.sys
18:02:49.0423 0x006c  WinUsb - ok
18:02:49.0799 0x006c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:02:50.0082 0x006c  Wlansvc - ok
18:02:50.0241 0x006c  wltrysvc - ok
18:02:50.0416 0x006c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
18:02:50.0430 0x006c  WmiAcpi - ok
18:02:50.0761 0x006c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:02:50.0815 0x006c  wmiApSrv - ok
18:02:50.0960 0x006c  WMPNetworkSvc - ok
18:02:51.0107 0x006c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:02:51.0155 0x006c  WPCSvc - ok
18:02:51.0343 0x006c  [ 2E57DDF2880A7E52E76F41C7E96D327B, D24E19B6091C197D77D71BC044CE2E5A57BE0A2F00D1BB0732E380A398230E63 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:02:51.0399 0x006c  WPDBusEnum - ok
18:02:51.0535 0x006c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:02:51.0556 0x006c  ws2ifsl - ok
18:02:51.0723 0x006c  WSearch - ok
18:02:52.0719 0x006c  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:02:53.0423 0x006c  wuauserv - ok
18:02:53.0765 0x006c  [ 7CADC74271DD6461C452C271B30BD378, D58C2094C36FC665C03A6A269EED80DC71F330C3DCF40A27A3C8F56AB7A96861 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:02:53.0800 0x006c  WudfPf - ok
18:02:53.0995 0x006c  [ 3B197AF0FFF08AA66B6B2241CA538D64, BC94E5EFF38B9C6A37717B2A6CA56679781A4872A0C4298056E074033571BE79 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:02:54.0047 0x006c  WUDFRd - ok
18:02:54.0216 0x006c  [ B551D6637AA0E132C18AC6E504F7B79B, FA6495533A14E01ABB0F6689AB7503B1B439D3ADA7457DFCB7D81714A9817327 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:02:54.0271 0x006c  wudfsvc - ok
18:02:54.0474 0x006c  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:02:54.0576 0x006c  WwanSvc - ok
18:02:54.0727 0x006c  [ E288FA83C178A3458BAC1FA80B346C06, 72EA793EFECCC36930D04820FCFBB3064873FB7B65D010EA9B77FCD9ACFE8C12 ] XAudio          C:\Windows\system32\DRIVERS\xaudio64.sys
18:02:54.0740 0x006c  XAudio - ok
18:02:55.0043 0x006c  [ 510652A925B5D6C3892379D263A87F00, A4F5425349444463E7D55AA65B0ACDCACDBC6B2193CBC4F0CA73286857737B54 ] XAudioService   C:\Windows\system32\DRIVERS\xaudio64.exe
18:02:55.0164 0x006c  XAudioService - ok
18:02:55.0666 0x006c  [ DD0042F0C3B606A6A8B92D49AFB18AD6, 8D3BE4C93D02AF5F42EC46AF598D6DA40C61D467CB2FEE5E222F9C1E7A84B852 ] YahooAUService  C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
18:02:55.0833 0x006c  YahooAUService - ok
18:02:56.0439 0x006c  ================ Scan global ===============================
18:02:56.0526 0x006c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
18:02:56.0676 0x006c  [ 3FB74FF230B5D240A57AE1C4A3D0459D, 7A4036CAC3BAAEC719E4152F2CAA9D9B69DACBDC7502147D7160D04AE70BC8DF ] C:\Windows\system32\winsrv.dll
18:02:56.0867 0x006c  [ 3FB74FF230B5D240A57AE1C4A3D0459D, 7A4036CAC3BAAEC719E4152F2CAA9D9B69DACBDC7502147D7160D04AE70BC8DF ] C:\Windows\system32\winsrv.dll
18:02:57.0009 0x006c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
18:02:57.0182 0x006c  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
18:02:57.0294 0x006c  [ Global ] - ok
18:02:57.0298 0x006c  ================ Scan MBR ==================================
18:02:57.0344 0x006c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:02:58.0154 0x006c  \Device\Harddisk0\DR0 - ok
18:02:58.0159 0x006c  ================ Scan VBR ==================================
18:02:58.0203 0x006c  [ BA068C146D5F6B6F5ACE076F13FEC1D4 ] \Device\Harddisk0\DR0\Partition1
18:02:58.0218 0x006c  \Device\Harddisk0\DR0\Partition1 - ok
18:02:58.0275 0x006c  [ BAE668D637B812E67A86DEE739685BF1 ] \Device\Harddisk0\DR0\Partition2
18:02:58.0291 0x006c  \Device\Harddisk0\DR0\Partition2 - ok
18:02:58.0298 0x006c  Waiting for KSN requests completion. In queue: 196
18:02:59.0304 0x006c  Waiting for KSN requests completion. In queue: 196
18:03:00.0305 0x006c  Waiting for KSN requests completion. In queue: 196
18:03:01.0305 0x006c  Waiting for KSN requests completion. In queue: 196
18:03:02.0305 0x006c  Waiting for KSN requests completion. In queue: 196
18:03:03.0305 0x006c  Waiting for KSN requests completion. In queue: 196
18:03:04.0305 0x006c  Waiting for KSN requests completion. In queue: 196
18:03:05.0305 0x006c  Waiting for KSN requests completion. In queue: 196
18:03:06.0305 0x006c  Waiting for KSN requests completion. In queue: 196
18:03:07.0305 0x006c  Waiting for KSN requests completion. In queue: 196
18:03:08.0791 0x006c  Win FW state via NFP2: enabled
18:03:26.0745 0x006c  ============================================================
18:03:26.0745 0x006c  Scan finished
18:03:26.0745 0x006c  ============================================================
18:03:26.0855 0x0bf0  Detected object count: 0
18:03:26.0855 0x0bf0  Actual detected object count: 0
18:06:56.0311 0x078c  Deinitialize success

 


Edited by deido, 21 November 2013 - 12:19 PM.


#7 deido

deido
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:52 AM

Posted 22 November 2013 - 12:01 AM

HijackThis Log: Please help

#8 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:52 AM

Posted 22 November 2013 - 03:31 AM

Your logs show obvious signs of having cracked software on your system. This is the main reason your computer is infected. Visiting cracksites/warezsites - and other questionable/illegal sites is always a risk.

Even a single click on the site can drop multiple forms of very serious malware, many of which disable your onboard protection, and System Restore.

If you install the cracked software, you are running executable files from these dubious, unknown sources. You are in effect giving these sources access to information on your hard disk, and potential control over the operation of your computer.

Additionally, cracked programs are illegal. Referring to the Forum Rules which you should have read at the time of Registering at this forum, this forum does not support illegal activity. As such, be advised that any request for assistance in removing malware may go unanswered, or may be discontinued, if the cracked (illegal) software is still present on the machine

Having said that we can help you clean your machine this time BUT this would be a ONCE ONLY offer on the understanding that all cracks are removed. This would apply not only here but at many other Malware Support forums if you were to appear again with cracks onboard, as many of us analysts work at multiple support sites. Please remove all cracked software and illegally obtained copyrighted material you have on the system so we may continue with the clean up.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#9 deido

deido
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:52 AM

Posted 22 November 2013 - 11:07 AM

Thanks........I'm looking for now.  i m go to move all illegal software



#10 deido

deido
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:52 AM

Posted 23 November 2013 - 02:56 AM

Hello. I think I'm finally format my computer because there are too many programs that I do not know the origin and especially that my computer has become very slow. As a play, it was downloads. Sorry and thank you for your help.



#11 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:52 AM

Posted 25 November 2013 - 03:15 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users