Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Peerblock blocking connections from a botnet


  • Please log in to reply
8 replies to this topic

#1 Pineapple23

Pineapple23

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:03 AM

Posted 20 December 2013 - 01:19 AM

I noticed today that Peerblock is blocking a large amount of connections from a few different IPs listed as botnets. Here's the names of the connections being blocked: 

 

botnet on MTN Rwandacell
botnet on Smart Broadband
ap2p on MTN RwandaCell

botnet on Planet Ltd
 
As far as I can tell, this all started tonight (the 19th), at around 11:20pm, shortly after I started a torrent for the BF2 mod "Project Reality". I ran a quickscan through Malwarebytes, and another through MSE, both came up with nothing, I'm now running a full scan through Malwarebytes. I'm running Windows 7 64bit.



BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:03 AM

Posted 20 December 2013 - 02:15 AM

Please download MINITOOLBOX and run it.

Checkmark following boxes:



Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.

 

 


Download Security Check by screen317 from here.


  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Download Autoruns and Autorunsc Unzip it to your desktop and then double click autoruns.exe After the scan is finished then click on File>>>>>>>>>>>Save The default name will be autoruns.arn make sure to save it as Autoruns.txt under the file type option. in other words make sure it is a .txt file instead of .arn Attach the text in your next reply.

 

 


Update and do a quick scan with Malwarebytes remove all that it finds and reboot.
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

Post the log here,

  • Please download Adware cleaner from the link below.
  • http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner
  • Save it to your desktop.
  • Right click run as admin.
  • Hit the scan button.
  • Allow completion.
  • Make sure all items are ticked.
  • Hit the clean button.
  • Even if no items are displayed to be ticked hit the clean button anyway.
  • The machine will reboot this is normal.
  • Post the log in your next reply.

 

Please download JRT from here & double click to start the program.

  1. Hit any key when prompted and allow it to run through it's process.

    H2HaYv4.png
  2. Post the log when it's finished.


#3 Pineapple23

Pineapple23
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:03 AM

Posted 20 December 2013 - 03:46 AM

I'm unable to attach files so I'll just paste the AutoRuns.txt into my reply, I hope that's okay.
 
MiniToolBox by Farbar  Version: 18-12-2013
Ran by Tanner (administrator) on 20-12-2013 at 02:08:54
Running from "C:\Users\Tanner\Desktop"
Microsoft Windows 7 Ultimate  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
Hamachi Network Interface = Hamachi (Disconnected)
Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="Hamachi" nexthop=25.0.0.1 publish=Yes
set interface interface="Hamachi" forwarding=disabled advertise=disabled metric=9000 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Pineapple-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : gateway.pace.com
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : gateway.pace.com
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 08-60-6E-81-A9-B2
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::2441:700a:656e:dd5a%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.74(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Tuesday, December 17, 2013 12:37:39 AM
   Lease Expires . . . . . . . . . . : Saturday, December 21, 2013 12:40:23 AM
   Default Gateway . . . . . . . . . : 192.168.1.254
   DHCP Server . . . . . . . . . . . : 192.168.1.254
   DHCPv6 IAID . . . . . . . . . . . : 235429998
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-80-0E-BB-08-60-6E-81-A9-B2
   DNS Servers . . . . . . . . . . . : 192.168.1.254
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.gateway.pace.com:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:2cf4:3c6c:9cd1:2e0c(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::2cf4:3c6c:9cd1:2e0c%12(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  homeportal
Address:  192.168.1.254
 
Name:    google.com
Addresses:  2607:f8b0:4000:801::1001
 173.194.115.68
 173.194.115.71
 173.194.115.70
 173.194.115.64
 173.194.115.65
 173.194.115.66
 173.194.115.78
 173.194.115.67
 173.194.115.72
 173.194.115.69
 173.194.115.73
 
 
Pinging google.com [173.194.115.36] with 32 bytes of data:
Reply from 173.194.115.36: bytes=32 time=32ms TTL=54
Reply from 173.194.115.36: bytes=32 time=31ms TTL=54
 
Ping statistics for 173.194.115.36:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 31ms, Maximum = 32ms, Average = 31ms
Server:  homeportal
Address:  192.168.1.254
 
Name:    yahoo.com
Addresses:  98.138.253.109
 206.190.36.45
 98.139.183.24
 
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=70ms TTL=46
Reply from 98.138.253.109: bytes=32 time=69ms TTL=46
 
Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 69ms, Maximum = 70ms, Average = 69ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=8ms TTL=128
Reply from 127.0.0.1: bytes=32 time=3ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 3ms, Maximum = 8ms, Average = 5ms
===========================================================================
Interface List
 11...08 60 6e 81 a9 b2 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254     192.168.1.74     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link      192.168.1.74    276
     192.168.1.74  255.255.255.255         On-link      192.168.1.74    276
    192.168.1.255  255.255.255.255         On-link      192.168.1.74    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.1.74    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.1.74    276
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
          0.0.0.0          0.0.0.0         25.0.0.1  Default 
===========================================================================
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 12     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 12     58 2001::/32                On-link
 12    306 2001:0:9d38:6ab8:2cf4:3c6c:9cd1:2e0c/128
                                    On-link
 11    276 fe80::/64                On-link
 12    306 fe80::/64                On-link
 11    276 fe80::2441:700a:656e:dd5a/128
                                    On-link
 12    306 fe80::2cf4:3c6c:9cd1:2e0c/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    306 ff00::/8                 On-link
 11    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
 If Metric Network Destination      Gateway
  0 4294967295 2620:9b::/96             On-link
  0   9000 ::/0                     2620:9b::1900:1
===========================================================================
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (12/19/2013 00:39:42 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (12/19/2013 00:39:42 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (12/16/2013 06:38:46 PM) (Source: Application Error) (User: )
Description: Faulting application name: aion.bin, version: 4313.403.1112.7588, time stamp: 0x5281d1ad
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0150014
Fault offset: 0x000000000006f873
Faulting process id: 0x1fec
Faulting application start time: 0xaion.bin0
Faulting application path: aion.bin1
Faulting module path: aion.bin2
Report Id: aion.bin3
 
Error: (12/16/2013 06:38:45 PM) (Source: Application Error) (User: )
Description: Faulting application name: aion.bin, version: 4313.403.1112.7588, time stamp: 0x5281d1ad
Faulting module name: aegisty64.bin, version: 2012.7.20.1, time stamp: 0x5008bfb9
Exception code: 0xc0000005
Fault offset: 0x0000000000036d3a
Faulting process id: 0x1fec
Faulting application start time: 0xaion.bin0
Faulting application path: aion.bin1
Faulting module path: aion.bin2
Report Id: aion.bin3
 
Error: (12/15/2013 07:26:00 PM) (Source: Application Error) (User: )
Description: Faulting application name: aion.bin, version: 4313.403.1112.7588, time stamp: 0x5281d1ad
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0150014
Fault offset: 0x000000000006f873
Faulting process id: 0x16b8
Faulting application start time: 0xaion.bin0
Faulting application path: aion.bin1
Faulting module path: aion.bin2
Report Id: aion.bin3
 
Error: (12/15/2013 07:25:54 PM) (Source: Application Error) (User: )
Description: Faulting application name: aion.bin, version: 4313.403.1112.7588, time stamp: 0x5281d1ad
Faulting module name: aegisty64.bin, version: 2012.7.20.1, time stamp: 0x5008bfb9
Exception code: 0xc0000005
Fault offset: 0x0000000000036d3a
Faulting process id: 0x16b8
Faulting application start time: 0xaion.bin0
Faulting application path: aion.bin1
Faulting module path: aion.bin2
Report Id: aion.bin3
 
Error: (12/15/2013 01:42:41 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/15/2013 01:15:52 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/12/2013 03:21:57 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/10/2013 03:58:27 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
 
System errors:
=============
Error: (12/19/2013 02:55:33 AM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
 
Error: (12/17/2013 09:49:58 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
 
Error: (12/16/2013 11:28:58 PM) (Source: Service Control Manager) (User: )
Description: The Steam Client Service service failed to start due to the following error: 
%%1053
 
Error: (12/16/2013 11:28:58 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
 
Error: (12/15/2013 06:45:32 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
 
Error: (12/15/2013 01:41:10 PM) (Source: Service Control Manager) (User: )
Description: The Razer Overlay Subsystem Emergency Service service failed to start due to the following error: 
%%2
 
Error: (12/15/2013 01:15:41 PM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
 
Error: (12/15/2013 01:14:34 PM) (Source: Service Control Manager) (User: )
Description: The Razer Overlay Subsystem Emergency Service service failed to start due to the following error: 
%%2
 
Error: (12/12/2013 06:20:16 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
 
Error: (12/12/2013 03:20:47 AM) (Source: Service Control Manager) (User: )
Description: The Razer Overlay Subsystem Emergency Service service failed to start due to the following error: 
%%2
 
 
Microsoft Office Sessions:
=========================
Error: (12/19/2013 00:39:42 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\Downloads\esetsmartinstaller_enu.exe
 
Error: (12/19/2013 00:39:42 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\Downloads\esetsmartinstaller_enu (1).exe
 
Error: (12/16/2013 06:38:46 PM) (Source: Application Error)(User: )
Description: aion.bin4313.403.1112.75885281d1adntdll.dll6.1.7601.18247521eaf24c0150014000000000006f8731fec01cefab8990f1c06D:\Program Files (x86)\NCSOFT\Aion\bin64\aion.binC:\Windows\SYSTEM32\ntdll.dll964e90c0-66b3-11e3-87bb-08606e81a9b2
 
Error: (12/16/2013 06:38:45 PM) (Source: Application Error)(User: )
Description: aion.bin4313.403.1112.75885281d1adaegisty64.bin2012.7.20.15008bfb9c00000050000000000036d3a1fec01cefab8990f1c06D:\Program Files (x86)\NCSOFT\Aion\bin64\aion.binD:\Program Files (x86)\NCSOFT\Aion\bin64\aegisty64.bin95597eca-66b3-11e3-87bb-08606e81a9b2
 
Error: (12/15/2013 07:26:00 PM) (Source: Application Error)(User: )
Description: aion.bin4313.403.1112.75885281d1adntdll.dll6.1.7601.18247521eaf24c0150014000000000006f87316b801cef9f012dc3b9dD:\Program Files (x86)\NCSOFT\Aion\bin64\aion.binC:\Windows\SYSTEM32\ntdll.dll05095ca4-65f1-11e3-87bb-08606e81a9b2
 
Error: (12/15/2013 07:25:54 PM) (Source: Application Error)(User: )
Description: aion.bin4313.403.1112.75885281d1adaegisty64.bin2012.7.20.15008bfb9c00000050000000000036d3a16b801cef9f012dc3b9dD:\Program Files (x86)\NCSOFT\Aion\bin64\aion.binD:\Program Files (x86)\NCSOFT\Aion\bin64\aegisty64.bin011900e0-65f1-11e3-87bb-08606e81a9b2
 
Error: (12/15/2013 01:42:41 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/15/2013 01:15:52 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/12/2013 03:21:57 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/10/2013 03:58:27 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\Downloads\esetsmartinstaller_enu.exe
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-10-10 14:16:18.273
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-10-10 14:16:18.242
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-10-10 14:16:18.211
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-10-10 14:16:18.180
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-10-08 21:43:43.197
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-10-08 21:43:43.162
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-10-08 21:43:43.132
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-10-08 21:43:43.102
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-10-08 14:59:09.266
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-10-08 14:59:09.235
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
=========================== Installed Programs ============================
 
µTorrent (Version: 3.3.2.30303)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.170)
Adobe Flash Player 11 Plugin (Version: 11.9.900.170)
Adobe Reader XI (11.0.02) (Version: 11.0.02)
Age of Empires II: HD Edition
Aion (Version: 4.0.0.3)
AMD Accelerated Video Transcoding (Version: 13.20.100.31029)
AMD Catalyst Control Center (Version: 2013.1029.1737.29798)
AMD Catalyst Install Manager (Version: 8.0.915.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2013.1029.1737.29798)
AMD Media Foundation Decoders (Version: 1.0.81029.1757)
AMD OverDrive Beta (Version: 4.2.3.0625)
AMD Steady Video Plug-In  (Version: 2.06.0000)
AMD Wireless Display v3.0 (Version: 1.0.0.14)
ARMA 2 Operation Arrowhead Uninstall
ArmA 2 Uninstall
Arma 3 Alpha
AutoHotkey 1.1.13.00 (Version: 1.1.13.00)
Bandisoft MPEG-1 Decoder
Battle.net
Battlefield 2 (Version: 1.5.0.0)
Battlefield 4™ (Version: 1.0.0.1)
Battlelog Web Plugins (Version: 2.3.2)
BattlEye for OA Uninstall
BattlEye Uninstall
Bear Force II 0.3 (Version: 0.3)
BOSS (Version: 2.1.1)
Capsule (Version: 1.0.000)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2013.1029.1737.29798)
Catalyst Control Center InstallProxy (Version: 2013.1029.1737.29798)
Catalyst Control Center Localization All (Version: 2013.1029.1737.29798)
CCC Help Chinese Standard (Version: 2013.1029.1736.29798)
CCC Help Chinese Traditional (Version: 2013.1029.1736.29798)
CCC Help Czech (Version: 2013.1029.1736.29798)
CCC Help Danish (Version: 2013.1029.1736.29798)
CCC Help Dutch (Version: 2013.1029.1736.29798)
CCC Help English (Version: 2013.1029.1736.29798)
CCC Help Finnish (Version: 2013.1029.1736.29798)
CCC Help French (Version: 2013.1029.1736.29798)
CCC Help German (Version: 2013.1029.1736.29798)
CCC Help Greek (Version: 2013.1029.1736.29798)
CCC Help Hungarian (Version: 2013.1029.1736.29798)
CCC Help Italian (Version: 2013.1029.1736.29798)
CCC Help Japanese (Version: 2013.1029.1736.29798)
CCC Help Korean (Version: 2013.1029.1736.29798)
CCC Help Norwegian (Version: 2013.1029.1736.29798)
CCC Help Polish (Version: 2013.1029.1736.29798)
CCC Help Portuguese (Version: 2013.1029.1736.29798)
CCC Help Russian (Version: 2013.1029.1736.29798)
CCC Help Spanish (Version: 2013.1029.1736.29798)
CCC Help Swedish (Version: 2013.1029.1736.29798)
CCC Help Thai (Version: 2013.1029.1736.29798)
CCC Help Turkish (Version: 2013.1029.1736.29798)
ccc-utility64 (Version: 2013.1029.1737.29798)
CCleaner (Version: 3.26)
Core Temp 1.0 RC4 (Version: 1.0)
Counter-Strike: Global Offensive
Counter-Strike: Source
CPUID CPU-Z 1.67.1
CPUID HWMonitor 1.21
Curse Client (Version: 5.1.1.792)
DAEMON Tools Lite (Version: 4.46.1.0328)
DivX Setup (Version: 2.6.1.44)
ERUNT 1.1j
ESN Sonar (Version: 0.70.4)
Europa Universalis IV
f.lux
foobar2000 v1.2 (Version: 1.2)
Fraps
GIGABYTE FORCE Driver
Google Chrome (Version: 30.0.1599.69)
Guild Wars 2
Happy Cloud Client (Version: 1.386)
Hearthstone
HWiNFO64 Version 4.08 (Version: 4.08)
Java 7 Update 40 (Version: 7.0.400)
Java 7 Update 45 (64-bit) (Version: 7.0.450)
Java 7 Update 45 (Version: 7.0.450)
Java Auto Updater (Version: 2.1.9.8)
Just Cause 2: Multiplayer Mod
K-Lite Codec Pack 9.8.0 (64-bit) (Version: 9.8.0)
K-Lite Codec Pack 9.8.0 (Standard) (Version: 9.8.0)
LogMeIn Hamachi (Version: 2.2.0.109)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
ManyCam 3.1.43 (Version: 3.1.43)
MechWarrior 3 Pirate's Moon
MechWarrior Online (Version: 1.2.0.0)
Medieval II: Total War Kingdoms
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (Version: 3.5.30730.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft IntelliType Pro 8.2 (Version: 8.20.469.0)
Microsoft Security Client (Version: 4.4.0304.0)
Microsoft Security Essentials (Version: 4.4.304.0)
Microsoft Visual Basic PowerPacks 10.0 (Version: 10.0.20911)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (Version: 11.0.60610.1)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (Version: 11.0.60610.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft XNA Framework Redistributable 3.1 (Version: 3.1.10527.0)
Microsoft XNA Framework Redistributable 4.0 (Version: 4.0.20823.0)
Mount & Blade: Warband
Mozilla Firefox 25.0.1 (x86 en-US) (Version: 25.0.1)
Mozilla Maintenance Service (Version: 25.0.1)
MSI Afterburner 2.3.1 (Version: 2.3.1)
NCSOFT Game Launcher
Nexon Game Manager
Nexus Mod Manager (Version: 0.44.16)
NVIDIA 3D Vision Controller Driver 310.90 (Version: 310.90)
NVIDIA 3D Vision Driver 310.90 (Version: 310.90)
NVIDIA HD Audio Driver 1.3.18.0 (Version: 1.3.18.0)
NVIDIA PhysX (Version: 9.12.1031)
NVIDIA PhysX System Software 9.12.1031 (Version: 9.12.1031)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.1090)
ooVoo (Version: 3.5.9056)
OpenAL
Origin (Version: 9.1.3.2637)
Paint.NET v3.5.10 (Version: 3.60.0)
PeerBlock 1.1 (r518) (Version: 1.1.0.518)
PlanetSide 2
PunkBuster Services (Version: 0.993)
puush (Version: 1.0.0.0)
Python 3.3.2 (Version: 3.3.2150)
RadeonPro 1.0 (Build 1.1.1.0)
RaidCall (Version: 7.2.6-1.0.8500.17)
Realtek Ethernet Controller Driver (Version: 7.52.203.2012)
Realtek High Definition Audio Driver (Version: 6.0.1.6526)
SC4DatPacker 2008
Search Protection (Version: 7.5.0.1)
ShiftWindow 1.02
Sid Meier's Civilization V
Skype™ 6.3 (Version: 6.3.107)
Starbound - Annoyed Koala
Starbound - Irritated Koala Update [13/12/06]
StarCitizen (Version: 1.0)
Steam (Version: 1.0.0.0)
TeamSpeak 3 Client (Version: 3.0.13)
Terraria
The Anglo Zulu war (Version: 1.0.0)
The Elder Scrolls V Skyrim Dragonborn © Bethesda Softworks version 1 (Version: 1)
The Weather Channel App
Unity Web Player (Version: )
Uplay (Version: 2.0)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Ventrilo Client for Windows x64 (Version: 3.0.8.0)
VLC media player 2.1.0 (Version: 2.1.0)
War Thunder
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
WinRAR 4.20 (64-bit) (Version: 4.20.0)
WorldPainter 1.7.1 (Version: 1.7.1)
Xiph.Org Open Codecs 0.85.17777 (Version: 0.85.17777)
 
========================= Devices: ================================
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Hamachi Network Interface
Description: Hamachi Network Interface
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn, Inc.
Service: hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 51%
Total physical RAM: 8190.12 MB
Available physical RAM: 3985.23 MB
Total Pagefile: 16378.41 MB
Available Pagefile: 10888.83 MB
Total Virtual: 4095.88 MB
Available Virtual: 3957.45 MB
 
========================= Partitions: =====================================
 
1 Drive c: (Windows) (Fixed) (Total:43.94 GB) (Free:11.42 GB) NTFS
2 Drive d: (Everything else) (Fixed) (Total:537.11 GB) (Free:131.04 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\PINEAPPLE-PC
 
Administrator            Guest                    Tanner                   
UpdatusUser              
 
 
**** End of log ****
 
 

 Results of screen317's Security Check version 0.99.77  
 Windows 7 Service Pack 1 x64 (UAC is disabled!)
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
Microsoft Security Essentials   
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Java 7 Update 40  
 Java 7 Update 45  
 Adobe Flash Player 11.9.900.170  
 Adobe Reader XI  
 Mozilla Firefox (25.0.1) 
 Google Chrome 29.0.1547.76  
 Google Chrome 30.0.1599.69  
````````Process Check: objlist.exe by Laurent````````
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamgui.exe  
 Malwarebytes' Anti-Malware mbamscheduler.exe   
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 1% 
````````````````````End of Log``````````````````````
 
 
 
 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell" "" "" "" "11/12/2013 3:21 AM"
+ "Explorer.exe" "Windows Explorer" "(Not verified) Microsoft Corporation" "c:\windows\explorer.exe" "11/20/2010 4:21 AM"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" "" "11/12/2013 3:19 AM"
+ "itype" "IType.exe" "(Verified) Microsoft Corporation" "c:\program files\microsoft intellitype pro\itype.exe" "8/9/2011 5:57 PM"
+ "MSC" "Microsoft Security Client User Interface" "(Verified) Microsoft Corporation" "c:\program files\microsoft security client\msseces.exe" "10/23/2013 6:12 PM"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" "" "12/15/2013 1:40 PM"
+ "GMouse" "GIGABYTE FORCE" "" "d:\gigabyte force\gigabyte force.exe" "10/4/2012 12:12 AM"
+ "LogMeIn Hamachi Ui" "Hamachi Client Application" "(Verified) LogMeIn" "d:\program files (x86)\logmein hamachi\hamachi-2-ui.exe" "11/29/2013 9:07 AM"
+ "NCUpdateHelper" "NCUpdateHelper Module" "(Verified) NCsoft Corp." "c:\program files (x86)\ncwest\nclauncher\ncupdatehelper.exe" "6/12/2013 10:14 AM"
+ "StartCCC" "Catalyst® Control Center Launcher" "(Verified) Advanced Micro Devices" "d:\program files\ati technologies\ati.ace\core-static\amd64\clistart.exe" "10/29/2013 3:30 PM"
"C:\Users\Tanner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" "" "10/11/2013 2:55 PM"
+ "CurseClientStartup.ccip" "" "" "c:\users\tanner\appdata\roaming\microsoft\windows\start menu\programs\startup\curseclientstartup.ccip" "10/11/2013 2:55 PM"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" "" "10/10/2013 6:49 PM"
+ "Internet Explorer" "" "" "File not found: C:\Windows\system32\ie4uinit.exe" ""
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" "" "12/9/2013 12:35 PM"
+ "f.lux" "f.lux" "(Verified) Michael Herf" "c:\users\tanner\appdata\local\fluxsoftware\flux\flux.exe" "10/15/2013 5:06 PM"
+ "PeerBlock" "PeerBlock" "(Verified) PeerBlock" "d:\program files\peerblock\peerblock.exe" "11/6/2010 8:24 PM"
+ "puush" "puush" "(Verified) Dean Herbert" "d:\program files (x86)\puush\puush.exe" "7/14/2013 7:30 PM"
+ "SearchProtection" "Search Protection" "(Verified) Spigot" "c:\users\tanner\appdata\roaming\search protection\searchprotection.exe" "9/3/2013 3:17 PM"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" "" "7/13/2009 10:53 PM"
+ "video/mp4" "MIME Video Detector for IE" "(Verified) Advanced Micro Devices" "c:\program files\amd\steadyvideo\videomimefilter.dll" "5/20/2011 9:40 AM"
+ "video/x-flv" "MIME Video Detector for IE" "(Verified) Advanced Micro Devices" "c:\program files\amd\steadyvideo\videomimefilter.dll" "5/20/2011 9:40 AM"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" "" "7/13/2009 10:53 PM"
+ "EPP" "Microsoft Security Client Shell Extension" "(Verified) Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll" "10/23/2013 6:12 PM"
+ "WinRAR" "WinRAR shell extension" "(Not verified) Alexander Roshal" "c:\program files\winrar\rarext.dll" "6/9/2012 7:20 AM"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" "" "7/13/2009 10:53 PM"
+ "WinRAR32" "WinRAR shell extension" "(Not verified) Alexander Roshal" "c:\program files\winrar\rarext32.dll" "6/9/2012 7:20 AM"
"HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers" "" "" "" "1/10/2013 12:02 AM"
+ "EPP" "Microsoft Security Client Shell Extension" "(Verified) Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll" "10/23/2013 6:12 PM"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" "" "7/13/2009 10:53 PM"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "(Verified) Malwarebytes Corporation" "d:\program files (x86)\malwarebytes' anti-malware\mbamext.dll" "2/28/2013 2:39 PM"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" "" "7/13/2009 10:53 PM"
+ "EPP" "Microsoft Security Client Shell Extension" "(Verified) Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll" "10/23/2013 6:12 PM"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" "" "7/13/2009 10:53 PM"
+ "ACE" "AMD Desktop Control Panel" "(Not verified) Advanced Micro Devices, Inc." "d:\program files\ati technologies\ati.ace\core-static\atiacm64.dll" "10/29/2013 3:31 PM"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" "" "4/28/2013 1:29 PM"
+ "PDF Shell Extension" "PDF Shell Extension" "(Verified) Adobe Systems" "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll" "12/18/2012 12:06 PM"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" "" "4/28/2013 1:29 PM"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "(Verified) Malwarebytes Corporation" "d:\program files (x86)\malwarebytes' anti-malware\mbamext.dll" "2/28/2013 2:39 PM"
+ "WinRAR" "WinRAR shell extension" "(Not Verified) Alexander Roshal" "c:\program files\winrar\rarext.dll" "6/9/2012 7:20 AM"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" "" "4/28/2013 1:29 PM"
+ "WinRAR32" "WinRAR shell extension" "(Not Verified) Alexander Roshal" "c:\program files\winrar\rarext32.dll" "6/9/2012 7:20 AM"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" "" "4/28/2013 1:29 PM"
+ "WinRAR" "WinRAR shell extension" "(Not Verified) Alexander Roshal" "c:\program files\winrar\rarext.dll" "6/9/2012 7:20 AM"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers" "" "" "" "4/28/2013 1:29 PM"
+ "WinRAR32" "WinRAR shell extension" "(Not Verified) Alexander Roshal" "c:\program files\winrar\rarext32.dll" "6/9/2012 7:20 AM"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" "" "12/15/2013 1:41 PM"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "(Verified) Oracle America" "c:\program files\java\jre7\bin\jp2ssv.dll" "10/8/2013 7:33 AM"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "(Verified) Oracle America" "c:\program files\java\jre7\bin\ssv.dll" "10/8/2013 7:33 AM"
+ "SteadyVideoBHO Class" "This plugin allows the user to turn AMD SteadyVideo on or off when video is detected on the web." "(Verified) Advanced Micro Devices" "c:\program files\amd\steadyvideo\steadyvideo.dll" "2/13/2012 12:32 PM"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "(Verified) Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll" "8/18/2009 1:47 PM"
"Task Scheduler" "" "" "" ""
+ "\Adobe Flash Player Updater" "Adobe® Flash® Player Update Service 11.9 r900" "(Verified) Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe" "12/1/2013 12:09 PM"
+ "\CCleanerSkipUAC" "CCleaner" "(Verified) Piriform Ltd" "c:\program files\ccleaner\ccleaner.exe" "12/19/2012 11:17 AM"
+ "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "(Verified) Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe" "10/23/2013 6:11 PM"
+ "\Microsoft_Hardware_Launch_IType_exe" "IType.exe" "(Verified) Microsoft Corporation" "c:\program files\microsoft intellitype pro\itype.exe" "8/9/2011 5:57 PM"
"HKLM\System\CurrentControlSet\Services" "" "" "" "12/16/2013 1:57 PM"
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "(Verified) Adobe Systems" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe" "12/3/2012 1:34 AM"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "(Verified) Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe" "12/1/2013 12:09 PM"
+ "AMD External Events Utility" "AMD External Events Service Module" "(Verified) Advanced Micro Devices" "c:\windows\system32\atiesrxx.exe" "10/29/2013 3:29 PM"
+ "AMD FUEL Service" "Provides FUEL Functionality" "(Not verified) Advanced Micro Devices, Inc." "d:\program files\ati technologies\ati.ace\fuel\fuel.service.exe" "10/29/2013 3:40 PM"
+ "AODService" "AOD assistant service" "(Verified) Advanced Micro Devices" "d:\program files (x86)\amd\overdrive\aodassist.exe" "9/20/2012 9:51 PM"
+ "aspnet_state" "Provides support for out-of-process session states for ASP.NET. If this service is stopped, out-of-process requests will not be processed. If this service is disabled, any services that explicitly depend on it will fail to start." "(Verified) Microsoft Corporation" "c:\windows\microsoft.net\framework64\v4.0.30319\aspnet_state.exe" "7/8/2012 10:26 PM"
+ "BEService" "" "" "c:\program files (x86)\common files\battleye\beservice.exe" "2/3/2013 9:02 AM"
+ "clr_optimization_v4.0.30319_32" "Microsoft .NET Framework NGEN" "(Verified) Microsoft Dynamic Code Publisher" "c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe" "7/8/2012 9:54 PM"
+ "clr_optimization_v4.0.30319_64" "Microsoft .NET Framework NGEN" "(Verified) Microsoft Dynamic Code Publisher" "c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe" "7/8/2012 10:00 PM"
+ "Hamachi2Svc" "Hamachi Client Tunneling Engine" "(Verified) LogMeIn" "d:\program files (x86)\logmein hamachi\hamachi-2.exe" "11/29/2013 9:14 AM"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "(Verified) Malwarebytes Corporation" "d:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe" "2/28/2013 2:38 PM"
+ "MBAMService" "Malwarebytes Anti-Malware service" "(Verified) Malwarebytes Corporation" "d:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe" "2/28/2013 2:38 PM"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "(Verified) Mozilla Corporation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe" "11/12/2013 7:14 PM"
+ "MsMpSvc" "Helps protect users from malware and other potentially unwanted software" "(Verified) Microsoft Corporation" "c:\program files\microsoft security client\msmpeng.exe" "10/23/2013 6:11 PM"
+ "NisSrv" "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols" "(Verified) Microsoft Corporation" "c:\program files\microsoft security client\nissrv.exe" "10/23/2013 6:11 PM"
+ "PnkBstrA" "PunkBuster Service Component [v1036] http://www.evenbalance.com" "(Verified) Even Balance" "c:\windows\syswow64\pnkbstra.exe" "12/19/2011 2:53 PM"
+ "RadeonPro Support Service" "RadeonPro Support Service" "(Verified) JOHN MAUTARI" "d:\program files (x86)\radeonpro\radeonprosupport.exe" "4/13/2013 7:57 AM"
+ "RzOvlMon" "" "" "File not found: C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe" ""
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "(Verified) Skype Technologies SA" "c:\program files (x86)\skype\updater\updater.exe" "2/28/2013 12:45 PM"
+ "Steam Client Service" "Steam Client Service monitors and updates Steam content" "(Verified) Valve" "c:\program files (x86)\common files\steam\steamservice.exe" "12/11/2013 12:57 PM"
+ "Stereo Service" "Provides system support for NVIDIA Stereoscopic 3D driver" "(Verified) NVIDIA Corporation" "c:\program files (x86)\nvidia corporation\3d vision\nvscpapisvr.exe" "12/29/2012 2:30 AM"
+ "wlidsvc" "Enables Windows Live ID authentication." "(Verified) Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe" "8/18/2009 1:47 PM"
"HKLM\System\CurrentControlSet\Services" "" "" "" "12/16/2013 1:57 PM"
+ "amdkmdag" "ATI Radeon Kernel Mode Driver" "(Verified) Advanced Micro Devices" "c:\windows\system32\drivers\atikmdag.sys" "10/29/2013 3:55 PM"
+ "amdkmdap" "AMD multi-vendor Miniport Driver" "(Verified) Advanced Micro Devices" "c:\windows\system32\drivers\atikmpag.sys" "10/29/2013 2:59 PM"
+ "AODDriver4.2.0" "AMD OverDrive Service Driver" "(Verified) Advanced Micro Devices" "d:\program files (x86)\amd\overdrive\amd64\aoddriver2.sys" "4/17/2012 8:19 PM"
+ "dtsoftbus01" "DAEMON Tools Virtual Bus Driver" "(Verified) DT Soft Ltd" "c:\windows\system32\drivers\dtsoftbus01.sys" "1/13/2012 7:45 AM"
+ "EagleX64" "" "" "File not found: C:\Windows\system32\drivers\EagleX64.sys" ""
+ "gdrv" "GIGABYTE Tools" "(Verified) Giga-Byte Technology" "c:\windows\gdrv.sys" "3/12/2009 9:22 PM"
+ "hamachi" "Hamachi Virtual Network Interface Driver" "(Verified) LogMeIn" "c:\windows\system32\drivers\hamachi.sys" "2/19/2009 4:36 AM"
+ "HWiNFO32" "HWiNFO AMD64 Kernel Driver" "(Verified) Martin Malik - REALiX" "c:\windows\system32\drivers\hwinfo64a.sys" "11/14/2012 5:15 AM"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "(Verified) Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys" "2/28/2013 2:33 PM"
+ "MpKsld0bfbc2c" "KSLDriver" "(Verified) Microsoft Corporation" "c:\programdata\microsoft\microsoft antimalware\definition updates\{9fa4a573-c74f-4fe9-83fe-b475b0ff6187}\mpksld0bfbc2c.sys" "8/21/2013 4:51 PM"
+ "pbfilter" "" "(Verified) PeerBlock" "d:\program files\peerblock\pbfilter.sys" "11/6/2010 8:23 PM"
+ "RTCore64" "" "(Verified) MICRO-STAR INTERNATIONAL CO." "d:\program files (x86)\msi afterburner\rtcore64.sys" "9/6/2011 6:24 AM"
+ "RzDxgk" "Razer Ovrlay Support" "(Verified) Razer USA Ltd" "c:\windows\system32\drivers\rzdxgk.sys" "4/9/2013 12:23 PM"
+ "RzFilter" "Kernel-mode user input redirection driver" "(Verified) Razer USA Ltd" "c:\windows\system32\drivers\rzfilter.sys" "4/9/2013 12:23 PM"
+ "SaiK0CC3" "Saitek Hid Driver" "(Verified) Madcatz Europe Ltd" "c:\windows\system32\drivers\saik0cc3.sys" "9/20/2012 4:03 AM"
+ "SaiMini" "Saitek Magic Mini Driver" "(Verified) Madcatz Europe Ltd" "c:\windows\system32\drivers\saimini.sys" "4/16/2013 11:17 AM"
+ "SaiNtBus" "Smart Technology Helpers" "(Verified) Madcatz Europe Ltd" "c:\windows\system32\drivers\saibus.sys" "4/16/2013 11:17 AM"
+ "SaiU0CC3" "Saitek Usb Driver" "(Verified) Madcatz Europe Ltd" "c:\windows\system32\drivers\saiu0cc3.sys" "9/20/2012 4:03 AM"
+ "VGPU" "" "" "File not found: System32\drivers\rdvgkmd.sys" ""
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" "" "11/12/2013 3:21 AM"
+ "msacm.bdmpeg" "" "" "c:\windows\system32\bdmpega64.acm" "5/31/2011 12:38 AM"
+ "VIDC.FFDS" "ffdshow VFW" "" "c:\windows\system32\ff_vfw.dll" "3/6/2013 3:30 PM"
+ "VIDC.FPS1" "Fraps" "(Not verified) Beepa P/L" "c:\windows\system32\frapsv64.dll" "8/30/2012 7:46 AM"
+ "VIDC.LAGS" "Lagarith" "(Not verified)  " "c:\windows\system32\lagarith.dll" "12/7/2011 6:37 PM"
+ "vidc.mjpg" "" "" "c:\windows\system32\bdmjpeg64.dll" "5/31/2011 12:38 AM"
+ "vidc.mpeg" "" "" "c:\windows\system32\bdmpegv64.dll" "5/31/2011 12:39 AM"
+ "VIDC.RTV1" "" "" "c:\windows\system32\rtvcvfw64.dll" "9/28/2012 1:45 PM"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" "" "12/15/2013 1:40 PM"
+ "msacm.bdmpeg" "" "" "c:\windows\syswow64\bdmpega.acm" "5/31/2011 12:38 AM"
+ "vidc.DIVX" "DivX" "(Not verified) DivX, Inc." "c:\windows\syswow64\divx.dll" "2/19/2010 1:26 PM"
+ "VIDC.FPS1" "Fraps" "(Not verified) Beepa P/L" "c:\windows\syswow64\frapsvid.dll" "8/30/2012 7:46 AM"
+ "vidc.mjpg" "" "" "c:\windows\syswow64\bdmjpeg.dll" "5/31/2011 12:38 AM"
+ "vidc.mpeg" "" "" "c:\windows\syswow64\bdmpegv.dll" "5/31/2011 12:39 AM"
+ "VIDC.RTV1" "" "" "c:\windows\syswow64\rtvcvfw32.dll" "9/28/2012 1:45 PM"
+ "vidc.VP60" "VP6 VIDEO FOR WINDOWS CODEC " "(Verified) Electronic Arts" "c:\windows\syswow64\vp6vfw.dll" "10/2/2003 2:38 PM"
+ "vidc.VP61" "VP6 VIDEO FOR WINDOWS CODEC " "(Verified) Electronic Arts" "c:\windows\syswow64\vp6vfw.dll" "10/2/2003 2:38 PM"
+ "vidc.yv12" "DivX" "(Not Verified) DivX, Inc." "c:\windows\syswow64\divx.dll" "2/19/2010 1:26 PM"
"HKLM\Software\Classes\Filter" "" "" "" "12/19/2013 11:53 PM"
+ "MainConcept MPEG Demultiplexer" "MPEG-1/2 Demultiplexer" "(Verified) Rovi" "c:\program files (x86)\divx\divx transcode engine\plugins\mc_demux_mp2_ds.ax" "4/10/2013 5:21 AM"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" "" "7/13/2009 10:53 PM"
+ "AMD MJPEG Decoder" "ATI MPEG Encoder" "(Not Verified) Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll" "10/29/2013 4:27 PM"
+ "ATI MPEG Audio Encoder" "ATI MPEG Encoder" "(Not Verified) Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll" "10/29/2013 4:27 PM"
+ "ATI MPEG File Writer" "ATI MPEG Encoder" "(Not verified) Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll" "10/29/2013 4:27 PM"
+ "ATI MPEG Multiplexer" "ATI MPEG Encoder" "(Not Verified) Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll" "10/29/2013 4:27 PM"
+ "ATI MPEG Video Decoder" "ATI MPEG Encoder" "(Not Verified) Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll" "10/29/2013 4:27 PM"
+ "ATI MPEG Video Encoder" "ATI MPEG Encoder" "(Not Verified) Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll" "10/29/2013 4:27 PM"
+ "ATI Video Rotation Filter" "ATI MPEG Encoder" "(Not Verified) Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll" "10/29/2013 4:27 PM"
+ "ATI Video Scaler Filter" "ATI MPEG Encoder" "(Not Verified) Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll" "10/29/2013 4:27 PM"
+ "Bandisoft MPEG-1 Audio Decoder" "Bandisoft Directshow Filter" "(Not Verified) www.Bandisoft.com" "c:\program files (x86)\bandimpeg1\bdfilters64.dll" "5/31/2011 12:40 AM"
+ "Bandisoft MPEG-1 Video Decoder" "Bandisoft Directshow Filter" "(Not verified) www.Bandisoft.com" "c:\program files (x86)\bandimpeg1\bdfilters64.dll" "5/31/2011 12:40 AM"
+ "DirectVobSub" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "(Not verified) xy-VSFilter Team" "d:\program files\k-lite codec pack x64\filters\vsfilter.dll" "12/13/2012 1:43 PM"
+ "DirectVobSub (auto-loading version)" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "(Not Verified) xy-VSFilter Team" "d:\program files\k-lite codec pack x64\filters\vsfilter.dll" "12/13/2012 1:43 PM"
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "d:\program files\k-lite codec pack x64\filters\ffdshow\ffdshow.ax" "3/6/2013 3:30 PM"
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "d:\program files\k-lite codec pack x64\filters\ffdshow\ffdshow.ax" "3/6/2013 3:30 PM"
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "d:\program files\k-lite codec pack x64\filters\ffdshow\ffdshow.ax" "3/6/2013 3:30 PM"
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "d:\program files\k-lite codec pack x64\filters\ffdshow\ffdshow.ax" "3/6/2013 3:30 PM"
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "d:\program files\k-lite codec pack x64\filters\ffdshow\ffdshow.ax" "3/6/2013 3:30 PM"
+ "Haali Matroska Muxer" "Haali Media Splitter" "" "d:\program files\k-lite codec pack x64\filters\haali\splitter.x64.ax" "9/8/2011 7:59 AM"
+ "Haali Media Splitter" "Haali Media Splitter" "" "d:\program files\k-lite codec pack x64\filters\haali\splitter.x64.ax" "9/8/2011 7:59 AM"
+ "Haali Media Splitter (AR)" "Haali Media Splitter" "" "d:\program files\k-lite codec pack x64\filters\haali\splitter.x64.ax" "9/8/2011 7:59 AM"
+ "Haali Simple Media Splitter" "Haali Media Splitter" "" "d:\program files\k-lite codec pack x64\filters\haali\splitter.x64.ax" "9/8/2011 7:59 AM"
+ "Haali Video Sink" "Haali Media Splitter" "" "d:\program files\k-lite codec pack x64\filters\haali\splitter.x64.ax" "9/8/2011 7:59 AM"
+ "LAV Audio Decoder" "LAV Audio Decoder - DirectShow Audio Decoder" "(Not verified) 1f0.de - Hendrik Leppkes" "d:\program files\k-lite codec pack x64\filters\lav\lavaudio.ax" "2/10/2013 12:56 PM"
+ "LAV Splitter" "LAV Splitter - DirectShow Media Splitter" "(Not verified) 1f0.de - Hendrik Leppkes" "d:\program files\k-lite codec pack x64\filters\lav\lavsplitter.ax" "2/10/2013 12:56 PM"
+ "LAV Splitter Source" "LAV Splitter - DirectShow Media Splitter" "(Not Verified) 1f0.de - Hendrik Leppkes" "d:\program files\k-lite codec pack x64\filters\lav\lavsplitter.ax" "2/10/2013 12:56 PM"
+ "LAV Video Decoder" "LAV Video Decoder - DirectShow Video Decoder" "(Not verified) 1f0.de - Hendrik Leppkes" "d:\program files\k-lite codec pack x64\filters\lav\lavvideo.ax" "2/10/2013 12:56 PM"
+ "Theora Encode Filter" "" "" "c:\program files (x86)\xiph.org\open codecs\x64\dsftheoraencoder.dll" "1/11/2011 6:56 PM"
+ "WebM Muxer Filter" "WebM Multiplexer Filter" "(Not verified) Google" "c:\program files (x86)\xiph.org\open codecs\x64\webmmux.dll" "1/11/2011 6:57 PM"
+ "WebM Splitter Filter" "Webm Splitter Filter" "(Not verified) Google" "c:\program files (x86)\xiph.org\open codecs\x64\webmsplit.dll" "1/11/2011 6:57 PM"
+ "WebM VP8 Decoder Filter" "WebM VP8 Decoder Filter" "(Not verified) Google" "c:\program files (x86)\xiph.org\open codecs\x64\vp8decoder.dll" "1/11/2011 6:58 PM"
+ "WebM VP8 Encoder Filter" "WebM VP8 Encoder Filter" "(Not verified) Google" "c:\program files (x86)\xiph.org\open codecs\x64\vp8encoder.dll" "1/11/2011 6:58 PM"
+ "Xiph.Org FLAC Decoder" "" "" "c:\program files (x86)\xiph.org\open codecs\x64\dsfflacdecoder.dll" "1/11/2011 6:57 PM"
+ "Xiph.Org FLAC Encoder" "" "" "c:\program files (x86)\xiph.org\open codecs\x64\dsfflacencoder.dll" "1/11/2011 6:57 PM"
+ "Xiph.Org Native FLAC Decoder" "" "" "c:\program files (x86)\xiph.org\open codecs\x64\dsfnativeflacsource.dll" "1/11/2011 6:57 PM"
+ "Xiph.Org Ogg Demuxer" "" "" "c:\program files (x86)\xiph.org\open codecs\x64\dsfoggdemux2.dll" "1/11/2011 6:56 PM"
+ "Xiph.Org Ogg Muxer" "" "" "c:\program files (x86)\xiph.org\open codecs\x64\dsfoggmux.dll" "1/11/2011 6:57 PM"
+ "Xiph.Org Speex Decoder" "" "" "c:\program files (x86)\xiph.org\open codecs\x64\dsfspeexdecoder.dll" "1/11/2011 6:56 PM"
+ "Xiph.Org Speex Encoder" "" "" "c:\program files (x86)\xiph.org\open codecs\x64\dsfspeexencoder.dll" "1/11/2011 6:56 PM"
+ "Xiph.Org Theora Decoder" "" "" "c:\program files (x86)\xiph.org\open codecs\x64\dsftheoradecoder.dll" "1/11/2011 6:56 PM"
+ "Xiph.Org Vorbis Decoder" "" "" "c:\program files (x86)\xiph.org\open codecs\x64\dsfvorbisdecoder.dll" "1/11/2011 6:56 PM"
+ "Xiph.Org Vorbis Encoder" "" "" "c:\program files (x86)\xiph.org\open codecs\x64\dsfvorbisencoder.dll" "1/11/2011 6:56 PM"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" "" "7/13/2009 10:53 PM"
+ "AMD MJPEG Decoder" "ATI MPEG Encoder" "(Not Verified) Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll" "10/29/2013 4:22 PM"
+ "ATI MPEG Audio Encoder" "ATI MPEG Encoder" "(Not Verified) Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll" "10/29/2013 4:22 PM"
+ "ATI MPEG File Writer" "ATI MPEG Encoder" "(Not verified) Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll" "10/29/2013 4:22 PM"
+ "ATI MPEG Multiplexer" "ATI MPEG Encoder" "(Not Verified) Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll" "10/29/2013 4:22 PM"
+ "ATI MPEG Video Decoder" "ATI MPEG Encoder" "(Not Verified) Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll" "10/29/2013 4:22 PM"
+ "ATI MPEG Video Encoder" "ATI MPEG Encoder" "(Not Verified) Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll" "10/29/2013 4:22 PM"
+ "ATI Ticker" "" "" "d:\program files\ati technologies\ati.ace\graphics-previews-common\ticker.ax" "10/29/2013 3:30 PM"
+ "ATI Video Rotation Filter" "ATI MPEG Encoder" "(Not Verified) Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll" "10/29/2013 4:22 PM"
+ "ATI Video Scaler Filter" "ATI MPEG Encoder" "(Not Verified) Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll" "10/29/2013 4:22 PM"
+ "Bandisoft MPEG-1 Audio Decoder" "Bandisoft Directshow Filter" "(Not Verified) www.Bandisoft.com" "c:\program files (x86)\bandimpeg1\bdfilters.dll" "5/31/2011 12:40 AM"
+ "Bandisoft MPEG-1 Video Decoder" "Bandisoft Directshow Filter" "(Not verified) www.Bandisoft.com" "c:\program files (x86)\bandimpeg1\bdfilters.dll" "5/31/2011 12:40 AM"
+ "DirectVobSub" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "(Not verified) xy-VSFilter Team" "d:\program files (x86)\k-lite codec pack\filters\vsfilter.dll" "12/13/2012 1:42 PM"
+ "DirectVobSub (auto-loading version)" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "(Not Verified) xy-VSFilter Team" "d:\program files (x86)\k-lite codec pack\filters\vsfilter.dll" "12/13/2012 1:42 PM"
+ "DivX AAC Decoder" "AAC audio decoder filter" "(Not verified) DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\daac.ax" "3/5/2011 11:28 AM"
+ "DivX Decoder Filter" "DivX Decoder Filter" "(Not verified) DivX, Inc." "c:\program files (x86)\divx\divx codec\divxdec.ax" "7/26/2011 12:51 PM"
+ "DivX Demux Filter" "DivX Plus DMF Navigator Filter" "(Not verified) DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\directshowdemuxfilter.dll" "11/5/2012 10:04 PM"
+ "DivX Demux Filter (Unrestricted Edition)" "DivX Plus DMF Navigator Filter" "(Not Verified) DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\directshowdemuxfilter.dll" "11/5/2012 10:04 PM"
+ "DivX H.264 Decoder" "DivX H.264 Decoder Filter" "(Not verified) DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\divxdech264.ax" "4/2/2010 3:00 PM"
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "d:\program files (x86)\k-lite codec pack\filters\ffdshow\ffdshow.ax" "3/6/2013 3:29 PM"
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "d:\program files (x86)\k-lite codec pack\filters\ffdshow\ffdshow.ax" "3/6/2013 3:29 PM"
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "d:\program files (x86)\k-lite codec pack\filters\ffdshow\ffdshow.ax" "3/6/2013 3:29 PM"
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "d:\program files (x86)\k-lite codec pack\filters\ffdshow\ffdshow.ax" "3/6/2013 3:29 PM"
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "d:\program files (x86)\k-lite codec pack\filters\ffdshow\ffdshow.ax" "3/6/2013 3:29 PM"
+ "Haali Matroska Muxer" "Haali Media Splitter" "" "d:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax" "9/8/2011 8:01 AM"
+ "Haali Media Splitter" "Haali Media Splitter" "" "d:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax" "9/8/2011 8:01 AM"
+ "Haali Media Splitter (AR)" "Haali Media Splitter" "" "d:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax" "9/8/2011 8:01 AM"
+ "Haali Simple Media Splitter" "Haali Media Splitter" "" "d:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax" "9/8/2011 8:01 AM"
+ "Haali Video Renderer" "" "" "d:\program files (x86)\k-lite codec pack\filters\haali\dxr.dll" "9/8/2011 8:00 AM"
+ "Haali Video Sink" "Haali Media Splitter" "" "d:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax" "9/8/2011 8:01 AM"
+ "LAV Audio Decoder" "LAV Audio Decoder - DirectShow Audio Decoder" "(Not verified) 1f0.de - Hendrik Leppkes" "d:\program files (x86)\k-lite codec pack\filters\lav\lavaudio.ax" "2/10/2013 12:53 PM"
+ "LAV Splitter" "LAV Splitter - DirectShow Media Splitter" "(Not verified) 1f0.de - Hendrik Leppkes" "d:\program files (x86)\k-lite codec pack\filters\lav\lavsplitter.ax" "2/10/2013 12:53 PM"
+ "LAV Splitter Source" "LAV Splitter - DirectShow Media Splitter" "(Not Verified) 1f0.de - Hendrik Leppkes" "d:\program files (x86)\k-lite codec pack\filters\lav\lavsplitter.ax" "2/10/2013 12:53 PM"
+ "LAV Video Decoder" "LAV Video Decoder - DirectShow Video Decoder" "(Not verified) 1f0.de - Hendrik Leppkes" "d:\program files (x86)\k-lite codec pack\filters\lav\lavvideo.ax" "2/10/2013 12:53 PM"
+ "MainConcept MPEG Demultiplexer" "MPEG-1/2 Demultiplexer" "(Verified) Rovi" "c:\program files (x86)\divx\divx transcode engine\plugins\mc_demux_mp2_ds.ax" "4/10/2013 5:21 AM"
+ "MainConcept Stream Parser" "MPEG-1/2 Demultiplexer" "(Verified) Rovi" "c:\program files (x86)\divx\divx transcode engine\plugins\mc_demux_mp2_ds.ax" "4/10/2013 5:21 AM"
+ "MMACE Deinterlace" "" "" "d:\program files\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll" "10/29/2013 3:30 PM"
+ "MMACE ProcAmp" "" "" "d:\program files\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll" "10/29/2013 3:30 PM"
+ "MMACE SoftEmu" "" "" "d:\program files\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll" "10/29/2013 3:30 PM"
+ "Theora Encode Filter" "" "" "c:\program files (x86)\xiph.org\open codecs\dsftheoraencoder.dll" "1/11/2011 6:51 PM"
+ "WebM Muxer Filter" "WebM Multiplexer Filter" "(Not verified) Google" "c:\program files (x86)\xiph.org\open codecs\webmmux.dll" "1/11/2011 6:52 PM"
+ "WebM Source Filter" "WebM Source Filter" "(Not verified) Google" "d:\program files (x86)\bin\webmsource.dll" "12/16/2010 2:39 PM"
+ "WebM Splitter Filter" "Webm Splitter Filter" "(Not verified) Google" "c:\program files (x86)\xiph.org\open codecs\webmsplit.dll" "1/11/2011 6:52 PM"
+ "WebM VP8 Decoder Filter" "WebM VP8 Decoder Filter" "(Not verified) Google" "c:\program files (x86)\xiph.org\open codecs\vp8decoder.dll" "1/11/2011 6:52 PM"
+ "WebM VP8 Encoder Filter" "WebM VP8 Encoder Filter" "(Not verified) Google" "c:\program files (x86)\xiph.org\open codecs\vp8encoder.dll" "1/11/2011 6:52 PM"
+ "Xiph.Org FLAC Decoder" "" "" "c:\program files (x86)\xiph.org\open codecs\dsfflacdecoder.dll" "1/11/2011 6:51 PM"
+ "Xiph.Org FLAC Encoder" "" "" "c:\program files (x86)\xiph.org\open codecs\dsfflacencoder.dll" "1/11/2011 6:51 PM"
+ "Xiph.Org Native FLAC Decoder" "" "" "c:\program files (x86)\xiph.org\open codecs\dsfnativeflacsource.dll" "1/11/2011 6:51 PM"
+ "Xiph.Org Ogg Demuxer" "" "" "c:\program files (x86)\xiph.org\open codecs\dsfoggdemux2.dll" "1/11/2011 6:51 PM"
+ "Xiph.Org Ogg Muxer" "" "" "c:\program files (x86)\xiph.org\open codecs\dsfoggmux.dll" "1/11/2011 6:51 PM"
+ "Xiph.Org Speex Decoder" "" "" "c:\program files (x86)\xiph.org\open codecs\dsfspeexdecoder.dll" "1/11/2011 6:51 PM"
+ "Xiph.Org Speex Encoder" "" "" "c:\program files (x86)\xiph.org\open codecs\dsfspeexencoder.dll" "1/11/2011 6:51 PM"
+ "Xiph.Org Theora Decoder" "" "" "c:\program files (x86)\xiph.org\open codecs\dsftheoradecoder.dll" "1/11/2011 6:51 PM"
+ "Xiph.Org Vorbis Decoder" "" "" "c:\program files (x86)\xiph.org\open codecs\dsfvorbisdecoder.dll" "1/11/2011 6:51 PM"
+ "Xiph.Org Vorbis Encoder" "" "" "c:\program files (x86)\xiph.org\open codecs\dsfvorbisencoder.dll" "1/11/2011 6:51 PM"
+ "YUV Transform" "YUV-RGB Converter" "(Not verified) GDCL (http://www.gdcl.co.uk)" "d:\program files (x86)\bin\yuvxfm.dll" "10/17/2005 7:24 AM"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" "" "7/13/2009 10:53 PM"
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "(Verified) Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll" "8/18/2009 1:47 PM"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" "" "2/14/2013 11:26 PM"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "(Verified) Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll" "8/18/2009 12:28 PM"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "(Verified) Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll" "8/18/2009 12:28 PM"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" "" "2/14/2013 11:26 PM"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "(Verified) Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll" "8/18/2009 1:47 PM"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "(Verified) Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll" "8/18/2009 1:47 PM"
"HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Security Packages" "" "" "" "12/15/2013 1:14 PM"
+ "livessp" "LiveSSP" "(Verified) Microsoft Corporation" "c:\windows\system32\livessp.dll" "8/18/2009 1:47 PM"
 
 
Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.12.20.02
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Tanner :: PINEAPPLE-PC [administrator]
 
Protection: Enabled
 
12/20/2013 2:14:26 AM
mbam-log-2013-12-20 (02-14-26).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 224771
Time elapsed: 2 minute(s), 48 second(s)
 
Memory Processes Detected: 1
C:\Users\Tanner\AppData\Roaming\Search Protection\SearchProtection.exe (PUP.Optional.SearchProtection.A) -> 2320 -> Delete on reboot.
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|SearchProtection (PUP.Optional.SearchProtection.A) -> Data: "C:\Users\Tanner\AppData\Roaming\Search Protection\SearchProtection.EXE" /autostart -> Quarantined and deleted successfully.
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 1
C:\Users\Tanner\AppData\Roaming\Search Protection\SearchProtection.exe (PUP.Optional.SearchProtection.A) -> Delete on reboot.
 
(end)
 
 
# AdwCleaner v3.015 - Report created 20/12/2013 at 02:27:31
# Updated 10/12/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Tanner - PINEAPPLE-PC
# Running from : C:\Users\Tanner\Desktop\adwcleaner (1).exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Users\Tanner\AppData\Local\PackageAware
Folder Deleted : C:\Users\Tanner\AppData\Roaming\Search Protection
File Deleted : C:\Users\Tanner\AppData\Local\Temp\Uninstall.exe
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\Software\PIP
Key Deleted : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16428
 
 
-\\ Mozilla Firefox v25.0.1 (en-US)
 
[ File : C:\Users\Tanner\AppData\Roaming\Mozilla\Firefox\Profiles\bdbpj75t.default\prefs.js ]
 
 
-\\ Google Chrome v
 
[ File : C:\Users\Tanner\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [948 octets] - [08/10/2013 14:56:56]
AdwCleaner[R1].txt - [1249 octets] - [20/12/2013 02:25:59]
AdwCleaner[S0].txt - [1180 octets] - [20/12/2013 02:27:31]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1240 octets] ##########
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Ultimate x64
Ran by Tanner on Fri 12/20/2013 at  2:33:14.43
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 12/20/2013 at  2:37:37.34
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 



#4 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:03 AM

Posted 20 December 2013 - 04:09 AM

I would suggest that you remove MSE then run the removal tool.

http://www.bleepingcomputer.com/download/microsoft-security-essentials-removal-tool/

 

Reboot and install Either

 

Avast

http://files.avast.com/iavs5x/avast_free_antivirus_setup.exe

 

or Avira

http://www.avira.com/en/avira-free-antivirus#start-download-win

.

 

 

 

 

Please download FarbarServiceScanner and run it on the computer with the issue.


Make sure the following options are checked:
Internet Services
Windows Firewall
System Restore
Security Center/Action Center
Windows Update

Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.

 

___________________-

 

Download tdss killer

http://support.kaspersky.com/downloads/utils/tdsskiller.exe


Right Click it Run As Admin xp users double click . Click on Change parameters Select TDLFS file system

Hit the Scan button Post the LOG In your next reply

Do not change the default options on scan results

 

___________________________________________-
 

 

Download, & save & then run the MS Safety scanner
Run a Full Scan
http://www.microsoft.com/security/scanner/en-us/default.aspx
Post. the result.

The safety scanner log should be called msert.txt
It should be located in the same folder as where you had msert.exe
If not there, then look for it under c:\windows

 

 

 

____________________________________________-

 

Run a scan with Eset. You will need to disable your antivirus during this scan.
http://www.eset.com/us/online-scanner/
Make sure remove found threats and scan archives is checked.
When the scan finish list found threats save to clipboard copy to notepad Post the log here.


Tell me how the machine is running now.



#5 Pineapple23

Pineapple23
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:03 AM

Posted 20 December 2013 - 06:40 PM

Peerblock hasn't shown any blocked connections since 12:10am this morning, so that's good. 

 

Farbar Service Scanner Version: 05-12-2013
Ran by Tanner (administrator) on 20-12-2013 at 12:19:05
Running from "C:\Users\Tanner\Desktop"
Microsoft Windows 7 Ultimate  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
 
 
**** End of log ****
 
12:21:10.0117 0x1448  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
12:21:14.0387 0x1448  ============================================================
12:21:14.0387 0x1448  Current date / time: 2013/12/20 12:21:14.0387
12:21:14.0387 0x1448  SystemInfo:
12:21:14.0387 0x1448  
12:21:14.0387 0x1448  OS Version: 6.1.7601 ServicePack: 1.0
12:21:14.0387 0x1448  Product type: Workstation
12:21:14.0387 0x1448  ComputerName: PINEAPPLE-PC
12:21:14.0387 0x1448  UserName: Tanner
12:21:14.0387 0x1448  Windows directory: C:\Windows
12:21:14.0387 0x1448  System windows directory: C:\Windows
12:21:14.0387 0x1448  Running under WOW64
12:21:14.0387 0x1448  Processor architecture: Intel x64
12:21:14.0387 0x1448  Number of processors: 4
12:21:14.0387 0x1448  Page size: 0x1000
12:21:14.0387 0x1448  Boot type: Normal boot
12:21:14.0387 0x1448  ============================================================
12:21:15.0530 0x1448  KLMD registered as C:\Windows\system32\drivers\22208827.sys
12:21:15.0670 0x1448  System UUID: {2C52AE01-21DF-1486-DB6A-99EA66A71BCE}
12:21:16.0202 0x1448  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:21:16.0205 0x1448  ============================================================
12:21:16.0205 0x1448  \Device\Harddisk0\DR0:
12:21:16.0205 0x1448  MBR partitions:
12:21:16.0205 0x1448  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:21:16.0205 0x1448  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x57E2000
12:21:16.0205 0x1448  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x5814800, BlocksNum 0x43237258
12:21:16.0205 0x1448  ============================================================
12:21:16.0231 0x1448  C: <-> \Device\Harddisk0\DR0\Partition2
12:21:16.0266 0x1448  D: <-> \Device\Harddisk0\DR0\Partition3
12:21:16.0266 0x1448  ============================================================
12:21:16.0267 0x1448  Initialize success
12:21:16.0267 0x1448  ============================================================
12:21:36.0440 0x16cc  ============================================================
12:21:36.0440 0x16cc  Scan started
12:21:36.0440 0x16cc  Mode: Manual; TDLFS; 
12:21:36.0440 0x16cc  ============================================================
12:21:36.0440 0x16cc  KSN ping started
12:22:01.0539 0x16cc  KSN ping finished: true
12:22:02.0427 0x16cc  ================ Scan system memory ========================
12:22:02.0427 0x16cc  System memory - ok
12:22:02.0428 0x16cc  ================ Scan services =============================
12:22:02.0543 0x16cc  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
12:22:02.0552 0x16cc  1394ohci - ok
12:22:02.0586 0x16cc  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
12:22:02.0597 0x16cc  ACPI - ok
12:22:02.0610 0x16cc  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
12:22:02.0613 0x16cc  AcpiPmi - ok
12:22:02.0670 0x16cc  [ 3927397AC60D943DAF8808AFFED582B7, 2688254085C219E8CA9C5494ABDAD8FAE52533CEF7FA3C152715E0B78D591BCF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:22:02.0676 0x16cc  AdobeARMservice - ok
12:22:02.0771 0x16cc  [ 1BA1AB4141A92EB34DA99F1249CA2D4D, 43ADF35146E61E0DE58D2ACC2994538F6025135ECEB30073BEF05A804BB38107 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:22:02.0782 0x16cc  AdobeFlashPlayerUpdateSvc - ok
12:22:02.0808 0x16cc  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
12:22:02.0824 0x16cc  adp94xx - ok
12:22:02.0850 0x16cc  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
12:22:02.0867 0x16cc  adpahci - ok
12:22:02.0886 0x16cc  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
12:22:02.0892 0x16cc  adpu320 - ok
12:22:02.0924 0x16cc  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:22:02.0930 0x16cc  AeLookupSvc - ok
12:22:02.0984 0x16cc  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
12:22:02.0991 0x16cc  AFD - ok
12:22:03.0011 0x16cc  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
12:22:03.0015 0x16cc  agp440 - ok
12:22:03.0028 0x16cc  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
12:22:03.0033 0x16cc  ALG - ok
12:22:03.0042 0x16cc  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:22:03.0045 0x16cc  aliide - ok
12:22:03.0094 0x16cc  [ 9DAC3A334D6433C71D019F12318E29BE, C98BBCE68DCE0868C54CC02B1280E794FA9EED3C0726621140826C1663922B7E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:22:03.0103 0x16cc  AMD External Events Utility - ok
12:22:03.0186 0x16cc  AMD FUEL Service - ok
12:22:03.0207 0x16cc  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
12:22:03.0210 0x16cc  amdide - ok
12:22:03.0225 0x16cc  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
12:22:03.0230 0x16cc  AmdK8 - ok
12:22:03.0586 0x16cc  [ C8ECF8F598291F76164AE217C3778C90, 878F181BFB4D2100254EF5DF062A110B2182A2C3CF643D8FB04AB3048AE6F884 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
12:22:03.0923 0x16cc  amdkmdag - ok
12:22:03.0977 0x16cc  [ C941A8DAA56E0E93E2D4644644861E11, CDD0C1CE75779B419331210ED27DE7DCE0B3649FFF74A629DA9D545E0F740872 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
12:22:04.0002 0x16cc  amdkmdap - ok
12:22:04.0013 0x16cc  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
12:22:04.0018 0x16cc  AmdPPM - ok
12:22:04.0034 0x16cc  [ 6EC6D772EAE38DC17C14AED9B178D24B, B4FB936B31B1265B8CC6B426C64965C34D0CCF1638E645ACD65E88F4AFFC57A6 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
12:22:04.0040 0x16cc  amdsata - ok
12:22:04.0055 0x16cc  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
12:22:04.0063 0x16cc  amdsbs - ok
12:22:04.0075 0x16cc  [ 1142A21DB581A84EA5597B03A26EBAA0, F94EB140D0CD068760D7EB081FF75154C75DAC75E5E24B6DE4E4F9CE65A70343 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
12:22:04.0079 0x16cc  amdxata - ok
12:22:04.0313 0x16cc  [ FE79366FECD444A16CCA9979134DBEA8, 91D2301E35C89B9FAD5680124EA51DC346159DC78556ACCD935F9B236B9FDCBC ] AntiVirSchedulerService D:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
12:22:04.0325 0x16cc  AntiVirSchedulerService - ok
12:22:04.0398 0x16cc  [ FDE9C7030FB1E9E2715E113EE6A10F90, 541F278D743C34C6D9940FC1250B90674EB88EC429D481012F27817DAB1B557A ] AntiVirService  D:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
12:22:04.0410 0x16cc  AntiVirService - ok
12:22:04.0478 0x16cc  [ 8D69B1551F51E18AE12E01DE6A2050EA, E1BF3E1AB82E90DC32811C934933D761340DAE44B7ACDF3B9C19725465BE3590 ] AntiVirWebService D:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
12:22:04.0502 0x16cc  AntiVirWebService - ok
12:22:04.0574 0x16cc  [ 5C8CEB540585CC2DF086D0610207623F, A541B92CEF14C74F9F5393981D2D23B3574E0FC489AB547D1D7D19B329ADFDB0 ] AODDriver4.2.0  D:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys
12:22:04.0579 0x16cc  AODDriver4.2.0 - ok
12:22:04.0618 0x16cc  [ 2203FDE3F6D5BBB3BF25F34C9207EBDC, 108F66C2E7F852CF2E3A4F6386B3CB2D3FEAFF085AAC7F92AF8C66DFD1717A9C ] AODService      D:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
12:22:04.0625 0x16cc  AODService - ok
12:22:04.0683 0x16cc  [ BEF294FFE5F40BE768BDCBE1837DFABE, A5EBC3289758E2E152BA1571BB288FA33D7E2D23FE715CB51D39992369FDFC19 ] APNMCP          C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
12:22:04.0691 0x16cc  APNMCP - ok
12:22:04.0724 0x16cc  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
12:22:04.0729 0x16cc  AppID - ok
12:22:04.0746 0x16cc  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
12:22:04.0753 0x16cc  AppIDSvc - ok
12:22:04.0777 0x16cc  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
12:22:04.0783 0x16cc  Appinfo - ok
12:22:04.0814 0x16cc  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
12:22:04.0822 0x16cc  AppMgmt - ok
12:22:04.0845 0x16cc  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
12:22:04.0850 0x16cc  arc - ok
12:22:04.0863 0x16cc  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
12:22:04.0869 0x16cc  arcsas - ok
12:22:04.0950 0x16cc  [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:22:04.0955 0x16cc  aspnet_state - ok
12:22:04.0986 0x16cc  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:22:04.0989 0x16cc  AsyncMac - ok
12:22:05.0003 0x16cc  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
12:22:05.0004 0x16cc  atapi - ok
12:22:05.0040 0x16cc  [ 770A3B0D78232B0C1054495392A1FBA3, 733BB08BAFE42E848F3A3CDFD80A2C37DB829CAD2E18B3D6299FDEE6EF30C9CD ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
12:22:05.0046 0x16cc  AtiHDAudioService - ok
12:22:05.0070 0x16cc  [ C07A040D6B5A42DD41EE386CF90974C8, 8D47815F99C79B795504C3172B5FBBDBA6AFACC004B17AA3954A06BE713FACAE ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie.sys
12:22:05.0073 0x16cc  AtiPcie - ok
12:22:05.0115 0x16cc  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:22:05.0139 0x16cc  AudioEndpointBuilder - ok
12:22:05.0164 0x16cc  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
12:22:05.0175 0x16cc  AudioSrv - ok
12:22:05.0219 0x16cc  [ 7806BFCD1D7FA5EC23F7324D4EAFD25B, 4EDFD9DE520728AF6578BED0054ED6A4976A7F020F3329EA6681D6E361D9DB2D ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
12:22:05.0226 0x16cc  avgntflt - ok
12:22:05.0282 0x16cc  [ C3A58DBD18786C338126D30BF8C33D72, 4DF4D37AB5139548C2DA4B4C8D6B933A7F4ED001BCA089EFBC8C57EEDE8785A6 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
12:22:05.0289 0x16cc  avipbb - ok
12:22:05.0314 0x16cc  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
12:22:05.0318 0x16cc  avkmgr - ok
12:22:05.0354 0x16cc  [ 3DE0EBA0BF4771C897F544CBF7CB8973, 6A032503561414EDCE0D123947AECACBAFE4BBF7D9849BA2DF010E28235973AB ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
12:22:05.0359 0x16cc  avnetflt - ok
12:22:05.0379 0x16cc  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
12:22:05.0388 0x16cc  AxInstSV - ok
12:22:05.0420 0x16cc  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
12:22:05.0437 0x16cc  b06bdrv - ok
12:22:05.0456 0x16cc  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
12:22:05.0471 0x16cc  b57nd60a - ok
12:22:05.0491 0x16cc  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
12:22:05.0499 0x16cc  BDESVC - ok
12:22:05.0531 0x16cc  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:22:05.0533 0x16cc  Beep - ok
12:22:05.0569 0x16cc  [ 06C1E887BF34C0E31EB8E2C999E4842F, 3D6E84F2939B06ED7FD4F57D109B0B1402B7C21BFC801F36EEFC250DEBFE174C ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
12:22:05.0574 0x16cc  BEService - ok
12:22:05.0617 0x16cc  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
12:22:05.0628 0x16cc  BFE - ok
12:22:05.0686 0x16cc  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
12:22:05.0700 0x16cc  BITS - ok
12:22:05.0729 0x16cc  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
12:22:05.0732 0x16cc  blbdrive - ok
12:22:05.0759 0x16cc  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:22:05.0765 0x16cc  bowser - ok
12:22:05.0776 0x16cc  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
12:22:05.0778 0x16cc  BrFiltLo - ok
12:22:05.0788 0x16cc  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
12:22:05.0791 0x16cc  BrFiltUp - ok
12:22:05.0821 0x16cc  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
12:22:05.0826 0x16cc  BridgeMP - ok
12:22:05.0843 0x16cc  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
12:22:05.0853 0x16cc  Browser - ok
12:22:05.0895 0x16cc  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
12:22:05.0904 0x16cc  Brserid - ok
12:22:05.0919 0x16cc  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
12:22:05.0923 0x16cc  BrSerWdm - ok
12:22:05.0931 0x16cc  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
12:22:05.0934 0x16cc  BrUsbMdm - ok
12:22:05.0940 0x16cc  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
12:22:05.0943 0x16cc  BrUsbSer - ok
12:22:05.0965 0x16cc  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
12:22:05.0969 0x16cc  BTHMODEM - ok
12:22:06.0009 0x16cc  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
12:22:06.0017 0x16cc  bthserv - ok
12:22:06.0039 0x16cc  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:22:06.0044 0x16cc  cdfs - ok
12:22:06.0061 0x16cc  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
12:22:06.0068 0x16cc  cdrom - ok
12:22:06.0087 0x16cc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
12:22:06.0096 0x16cc  CertPropSvc - ok
12:22:06.0112 0x16cc  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
12:22:06.0117 0x16cc  circlass - ok
12:22:06.0141 0x16cc  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
12:22:06.0157 0x16cc  CLFS - ok
12:22:06.0210 0x16cc  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:22:06.0216 0x16cc  clr_optimization_v2.0.50727_32 - ok
12:22:06.0246 0x16cc  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:22:06.0251 0x16cc  clr_optimization_v2.0.50727_64 - ok
12:22:06.0308 0x16cc  [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:22:06.0316 0x16cc  clr_optimization_v4.0.30319_32 - ok
12:22:06.0338 0x16cc  [ 86329C35FF23CFEF0FB6C0023BA06BCE, D915CE7AD564F97A1C3B047D5248B7EF67ADDC59687FBC90F1776C21DAA0D3FD ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:22:06.0346 0x16cc  clr_optimization_v4.0.30319_64 - ok
12:22:06.0352 0x16cc  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
12:22:06.0355 0x16cc  CmBatt - ok
12:22:06.0364 0x16cc  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:22:06.0367 0x16cc  cmdide - ok
12:22:06.0406 0x16cc  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
12:22:06.0422 0x16cc  CNG - ok
12:22:06.0438 0x16cc  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
12:22:06.0441 0x16cc  Compbatt - ok
12:22:06.0454 0x16cc  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
12:22:06.0459 0x16cc  CompositeBus - ok
12:22:06.0465 0x16cc  COMSysApp - ok
12:22:06.0477 0x16cc  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
12:22:06.0480 0x16cc  crcdisk - ok
12:22:06.0516 0x16cc  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:22:06.0519 0x16cc  CryptSvc - ok
12:22:06.0552 0x16cc  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
12:22:06.0566 0x16cc  CSC - ok
12:22:06.0591 0x16cc  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
12:22:06.0616 0x16cc  CscService - ok
12:22:06.0643 0x16cc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:22:06.0652 0x16cc  DcomLaunch - ok
12:22:06.0689 0x16cc  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
12:22:06.0705 0x16cc  defragsvc - ok
12:22:06.0718 0x16cc  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:22:06.0724 0x16cc  DfsC - ok
12:22:06.0753 0x16cc  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
12:22:06.0759 0x16cc  Dhcp - ok
12:22:06.0770 0x16cc  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
12:22:06.0774 0x16cc  discache - ok
12:22:06.0798 0x16cc  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
12:22:06.0803 0x16cc  Disk - ok
12:22:06.0831 0x16cc  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
12:22:06.0836 0x16cc  dmvsc - ok
12:22:06.0867 0x16cc  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:22:06.0870 0x16cc  Dnscache - ok
12:22:06.0886 0x16cc  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:22:06.0903 0x16cc  dot3svc - ok
12:22:06.0915 0x16cc  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
12:22:06.0923 0x16cc  DPS - ok
12:22:06.0943 0x16cc  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:22:06.0945 0x16cc  drmkaud - ok
12:22:06.0980 0x16cc  [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
12:22:06.0996 0x16cc  dtsoftbus01 - ok
12:22:07.0041 0x16cc  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:22:07.0074 0x16cc  DXGKrnl - ok
12:22:07.0106 0x16cc  EagleX64 - ok
12:22:07.0122 0x16cc  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
12:22:07.0131 0x16cc  EapHost - ok
12:22:07.0232 0x16cc  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
12:22:07.0316 0x16cc  ebdrv - ok
12:22:07.0341 0x16cc  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
12:22:07.0345 0x16cc  EFS - ok
12:22:07.0399 0x16cc  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
12:22:07.0422 0x16cc  ehRecvr - ok
12:22:07.0435 0x16cc  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
12:22:07.0442 0x16cc  ehSched - ok
12:22:07.0485 0x16cc  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
12:22:07.0518 0x16cc  elxstor - ok
12:22:07.0534 0x16cc  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
12:22:07.0536 0x16cc  ErrDev - ok
12:22:07.0562 0x16cc  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
12:22:07.0568 0x16cc  EventSystem - ok
12:22:07.0586 0x16cc  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
12:22:07.0602 0x16cc  exfat - ok
12:22:07.0612 0x16cc  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:22:07.0629 0x16cc  fastfat - ok
12:22:07.0671 0x16cc  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
12:22:07.0696 0x16cc  Fax - ok
12:22:07.0708 0x16cc  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
12:22:07.0711 0x16cc  fdc - ok
12:22:07.0722 0x16cc  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
12:22:07.0726 0x16cc  fdPHost - ok
12:22:07.0732 0x16cc  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:22:07.0739 0x16cc  FDResPub - ok
12:22:07.0750 0x16cc  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:22:07.0755 0x16cc  FileInfo - ok
12:22:07.0762 0x16cc  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:22:07.0765 0x16cc  Filetrace - ok
12:22:07.0779 0x16cc  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
12:22:07.0783 0x16cc  flpydisk - ok
12:22:07.0798 0x16cc  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:22:07.0808 0x16cc  FltMgr - ok
12:22:07.0862 0x16cc  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
12:22:07.0895 0x16cc  FontCache - ok
12:22:07.0931 0x16cc  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:22:07.0936 0x16cc  FontCache3.0.0.0 - ok
12:22:07.0944 0x16cc  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
12:22:07.0949 0x16cc  FsDepends - ok
12:22:07.0964 0x16cc  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:22:07.0968 0x16cc  Fs_Rec - ok
12:22:07.0986 0x16cc  [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
12:22:07.0996 0x16cc  fvevol - ok
12:22:08.0019 0x16cc  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
12:22:08.0023 0x16cc  gagp30kx - ok
12:22:08.0046 0x16cc  [ 7907E14F9BCF3A4689C9A74A1A873CB6, 17927B93B2D6AB4271C158F039CAE2D60591D6A14458F5A5690AEC86F5D54229 ] gdrv            C:\Windows\gdrv.sys
12:22:08.0050 0x16cc  gdrv - ok
12:22:08.0084 0x16cc  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
12:22:08.0106 0x16cc  gpsvc - ok
12:22:08.0133 0x16cc  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
12:22:08.0137 0x16cc  hamachi - ok
12:22:08.0273 0x16cc  [ E24E88736B13BC54CA93E7F86A0F4FCF, 0BD480373AE40C1155E4B4C1D5607C7DF9CD4C5D9C5034F7A35993180BDF2665 ] Hamachi2Svc     D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
12:22:08.0314 0x16cc  Hamachi2Svc - ok
12:22:08.0331 0x16cc  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
12:22:08.0335 0x16cc  hcw85cir - ok
12:22:08.0367 0x16cc  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:22:08.0378 0x16cc  HdAudAddService - ok
12:22:08.0406 0x16cc  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
12:22:08.0413 0x16cc  HDAudBus - ok
12:22:08.0424 0x16cc  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
12:22:08.0427 0x16cc  HidBatt - ok
12:22:08.0443 0x16cc  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
12:22:08.0448 0x16cc  HidBth - ok
12:22:08.0464 0x16cc  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
12:22:08.0468 0x16cc  HidIr - ok
12:22:08.0481 0x16cc  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
12:22:08.0489 0x16cc  hidserv - ok
12:22:08.0519 0x16cc  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
12:22:08.0522 0x16cc  HidUsb - ok
12:22:08.0535 0x16cc  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:22:08.0544 0x16cc  hkmsvc - ok
12:22:08.0556 0x16cc  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:22:08.0572 0x16cc  HomeGroupListener - ok
12:22:08.0597 0x16cc  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:22:08.0606 0x16cc  HomeGroupProvider - ok
12:22:08.0626 0x16cc  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
12:22:08.0632 0x16cc  HpSAMD - ok
12:22:08.0660 0x16cc  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:22:08.0680 0x16cc  HTTP - ok
12:22:08.0705 0x16cc  [ 012015A7DA5D7DD5DDDF3BE4C34CBE3B, 60EA4363B4BEAA40FF4DFA1F18747DA8306F19FE742AC9427B93820731C59A32 ] HWiNFO32        C:\Windows\system32\drivers\HWiNFO64A.SYS
12:22:08.0709 0x16cc  HWiNFO32 - ok
12:22:08.0721 0x16cc  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
12:22:08.0724 0x16cc  hwpolicy - ok
12:22:08.0742 0x16cc  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
12:22:08.0749 0x16cc  i8042prt - ok
12:22:08.0770 0x16cc  [ 3DF4395A7CF8B7A72A5F4606366B8C2D, 483588B8FC6E05488ED631C4E1CFC398553FEBFA2CD2BB527B4DF12D19774F80 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
12:22:08.0786 0x16cc  iaStorV - ok
12:22:08.0834 0x16cc  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:22:08.0867 0x16cc  idsvc - ok
12:22:08.0904 0x16cc  IEEtwCollectorService - ok
12:22:08.0919 0x16cc  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
12:22:08.0923 0x16cc  iirsp - ok
12:22:08.0965 0x16cc  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
12:22:08.0998 0x16cc  IKEEXT - ok
12:22:09.0138 0x16cc  [ 150AC23F21DBDBF8488408BA944B0D65, 77A3A0FB5208AA061224CFACC4D136A260132CC4BA01D105AE1532B749968708 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:22:09.0265 0x16cc  IntcAzAudAddService - ok
12:22:09.0288 0x16cc  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
12:22:09.0292 0x16cc  intelide - ok
12:22:09.0312 0x16cc  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
12:22:09.0317 0x16cc  intelppm - ok
12:22:09.0338 0x16cc  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:22:09.0347 0x16cc  IPBusEnum - ok
12:22:09.0357 0x16cc  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:22:09.0363 0x16cc  IpFilterDriver - ok
12:22:09.0385 0x16cc  [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:22:09.0409 0x16cc  iphlpsvc - ok
12:22:09.0420 0x16cc  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
12:22:09.0425 0x16cc  IPMIDRV - ok
12:22:09.0449 0x16cc  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
12:22:09.0454 0x16cc  IPNAT - ok
12:22:09.0476 0x16cc  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:22:09.0479 0x16cc  IRENUM - ok
12:22:09.0491 0x16cc  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:22:09.0495 0x16cc  isapnp - ok
12:22:09.0513 0x16cc  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
12:22:09.0523 0x16cc  iScsiPrt - ok
12:22:09.0550 0x16cc  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
12:22:09.0554 0x16cc  kbdclass - ok
12:22:09.0579 0x16cc  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
12:22:09.0582 0x16cc  kbdhid - ok
12:22:09.0591 0x16cc  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
12:22:09.0592 0x16cc  KeyIso - ok
12:22:09.0622 0x16cc  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:22:09.0628 0x16cc  KSecDD - ok
12:22:09.0639 0x16cc  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
12:22:09.0646 0x16cc  KSecPkg - ok
12:22:09.0653 0x16cc  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
12:22:09.0656 0x16cc  ksthunk - ok
12:22:09.0675 0x16cc  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:22:09.0700 0x16cc  KtmRm - ok
12:22:09.0723 0x16cc  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
12:22:09.0739 0x16cc  LanmanServer - ok
12:22:09.0759 0x16cc  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:22:09.0767 0x16cc  LanmanWorkstation - ok
12:22:09.0789 0x16cc  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:22:09.0793 0x16cc  lltdio - ok
12:22:09.0824 0x16cc  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:22:09.0840 0x16cc  lltdsvc - ok
12:22:09.0853 0x16cc  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:22:09.0857 0x16cc  lmhosts - ok
12:22:09.0882 0x16cc  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
12:22:09.0888 0x16cc  LSI_FC - ok
12:22:09.0904 0x16cc  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
12:22:09.0909 0x16cc  LSI_SAS - ok
12:22:09.0919 0x16cc  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
12:22:09.0924 0x16cc  LSI_SAS2 - ok
12:22:09.0936 0x16cc  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
12:22:09.0941 0x16cc  LSI_SCSI - ok
12:22:09.0961 0x16cc  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
12:22:09.0967 0x16cc  luafv - ok
12:22:09.0994 0x16cc  [ DE585D1D266805E5EEDAE911FDD16F38, D954C1795D98653F1FB0AE8650FF0DEDDAA730B98C9449E6F608154D573DAB27 ] ManyCam         C:\Windows\system32\DRIVERS\mcvidrv_x64.sys
12:22:09.0998 0x16cc  ManyCam - ok
12:22:10.0079 0x16cc  [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
12:22:10.0083 0x16cc  MBAMProtector - ok
12:22:10.0160 0x16cc  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
12:22:10.0173 0x16cc  MBAMScheduler - ok
12:22:10.0240 0x16cc  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
12:22:10.0257 0x16cc  MBAMService - ok
12:22:10.0283 0x16cc  [ 5858C4ABE87D0A842A941D6BD08038F1, FA082135752ECE107AC5E94066541F07FC1D56CE070CE8476A30375308F290A9 ] mcaudrv_simple  C:\Windows\system32\drivers\mcaudrv_x64.sys
12:22:10.0286 0x16cc  mcaudrv_simple - ok
12:22:10.0306 0x16cc  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
12:22:10.0315 0x16cc  Mcx2Svc - ok
12:22:10.0327 0x16cc  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
12:22:10.0331 0x16cc  megasas - ok
12:22:10.0460 0x16cc  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
12:22:10.0485 0x16cc  MegaSR - ok
12:22:10.0569 0x16cc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
12:22:10.0574 0x16cc  MMCSS - ok
12:22:10.0590 0x16cc  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
12:22:10.0594 0x16cc  Modem - ok
12:22:10.0620 0x16cc  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:22:10.0624 0x16cc  monitor - ok
12:22:10.0635 0x16cc  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
12:22:10.0640 0x16cc  mouclass - ok
12:22:10.0656 0x16cc  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:22:10.0659 0x16cc  mouhid - ok
12:22:10.0673 0x16cc  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
12:22:10.0679 0x16cc  mountmgr - ok
12:22:10.0708 0x16cc  [ 5E0686615A80A6279B2314E13CD23F6E, 659931AB2DD395FAA2E5036D02BC6AAE8A7E4C9FF1A902B1FF9C15E878C89E77 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:22:10.0715 0x16cc  MozillaMaintenance - ok
12:22:10.0745 0x16cc  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
12:22:10.0753 0x16cc  mpio - ok
12:22:10.0770 0x16cc  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:22:10.0771 0x16cc  mpsdrv - ok
12:22:10.0797 0x16cc  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:22:10.0810 0x16cc  MpsSvc - ok
12:22:10.0827 0x16cc  [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:22:10.0834 0x16cc  MRxDAV - ok
12:22:10.0856 0x16cc  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:22:10.0863 0x16cc  mrxsmb - ok
12:22:10.0880 0x16cc  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:22:10.0896 0x16cc  mrxsmb10 - ok
12:22:10.0911 0x16cc  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:22:10.0917 0x16cc  mrxsmb20 - ok
12:22:10.0933 0x16cc  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
12:22:10.0936 0x16cc  msahci - ok
12:22:10.0954 0x16cc  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
12:22:10.0961 0x16cc  msdsm - ok
12:22:10.0973 0x16cc  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
12:22:10.0980 0x16cc  MSDTC - ok
12:22:10.0995 0x16cc  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:22:10.0999 0x16cc  Msfs - ok
12:22:11.0006 0x16cc  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
12:22:11.0008 0x16cc  mshidkmdf - ok
12:22:11.0019 0x16cc  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:22:11.0022 0x16cc  msisadrv - ok
12:22:11.0044 0x16cc  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:22:11.0053 0x16cc  MSiSCSI - ok
12:22:11.0056 0x16cc  msiserver - ok
12:22:11.0069 0x16cc  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:22:11.0071 0x16cc  MSKSSRV - ok
12:22:11.0084 0x16cc  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:22:11.0086 0x16cc  MSPCLOCK - ok
12:22:11.0092 0x16cc  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:22:11.0095 0x16cc  MSPQM - ok
12:22:11.0111 0x16cc  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:22:11.0133 0x16cc  MsRPC - ok
12:22:11.0142 0x16cc  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
12:22:11.0146 0x16cc  mssmbios - ok
12:22:11.0157 0x16cc  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:22:11.0160 0x16cc  MSTEE - ok
12:22:11.0171 0x16cc  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
12:22:11.0174 0x16cc  MTConfig - ok
12:22:11.0190 0x16cc  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
12:22:11.0195 0x16cc  Mup - ok
12:22:11.0225 0x16cc  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
12:22:11.0249 0x16cc  napagent - ok
12:22:11.0276 0x16cc  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:22:11.0291 0x16cc  NativeWifiP - ok
12:22:11.0337 0x16cc  [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB55FD3EB992FF2D ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:22:11.0363 0x16cc  NDIS - ok
12:22:11.0376 0x16cc  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
12:22:11.0380 0x16cc  NdisCap - ok
12:22:11.0397 0x16cc  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:22:11.0400 0x16cc  NdisTapi - ok
12:22:11.0410 0x16cc  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:22:11.0414 0x16cc  Ndisuio - ok
12:22:11.0431 0x16cc  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:22:11.0438 0x16cc  NdisWan - ok
12:22:11.0461 0x16cc  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:22:11.0466 0x16cc  NDProxy - ok
12:22:11.0475 0x16cc  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:22:11.0479 0x16cc  NetBIOS - ok
12:22:11.0494 0x16cc  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
12:22:11.0503 0x16cc  NetBT - ok
12:22:11.0516 0x16cc  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
12:22:11.0517 0x16cc  Netlogon - ok
12:22:11.0548 0x16cc  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
12:22:11.0564 0x16cc  Netman - ok
12:22:11.0592 0x16cc  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:22:11.0601 0x16cc  NetMsmqActivator - ok
12:22:11.0608 0x16cc  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:22:11.0611 0x16cc  NetPipeActivator - ok
12:22:11.0634 0x16cc  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
12:22:11.0658 0x16cc  netprofm - ok
12:22:11.0664 0x16cc  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:22:11.0666 0x16cc  NetTcpActivator - ok
12:22:11.0671 0x16cc  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:22:11.0673 0x16cc  NetTcpPortSharing - ok
12:22:11.0693 0x16cc  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
12:22:11.0698 0x16cc  nfrd960 - ok
12:22:11.0717 0x16cc  [ 1EE99A89CC788ADA662441D1E9830529, 6B4FDD74BB81E12BD4B25A3E8AECB0FA77FA0075D454DD1D6DC1790ADF1F2AA8 ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:22:11.0733 0x16cc  NlaSvc - ok
12:22:11.0743 0x16cc  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:22:11.0747 0x16cc  Npfs - ok
12:22:11.0767 0x16cc  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
12:22:11.0768 0x16cc  nsi - ok
12:22:11.0778 0x16cc  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:22:11.0778 0x16cc  nsiproxy - ok
12:22:11.0839 0x16cc  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:22:11.0905 0x16cc  Ntfs - ok
12:22:11.0921 0x16cc  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
12:22:11.0923 0x16cc  Null - ok
12:22:11.0959 0x16cc  [ 1F07B814C0BB5AABA703ABFF1F31F2E8, 07F578686CAE0FAB5462B472A03DD1BC5DFE0D5DA6307895534CECC330C3D220 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
12:22:11.0975 0x16cc  NVHDA - ok
12:22:11.0994 0x16cc  [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48, 7738785DE8B50D69993F4408498B812D0283FEE5C04FF5B89C20F149B44E9737 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:22:12.0000 0x16cc  nvraid - ok
12:22:12.0011 0x16cc  [ F7CD50FE7139F07E77DA8AC8033D1832, DA96F4B15C8165E6AE1D00E03A062C66CA3A3089E4FF0E9E11CE00B154DD12EC ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:22:12.0018 0x16cc  nvstor - ok
12:22:12.0035 0x16cc  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:22:12.0041 0x16cc  nv_agp - ok
12:22:12.0048 0x16cc  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
12:22:12.0053 0x16cc  ohci1394 - ok
12:22:12.0077 0x16cc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
12:22:12.0093 0x16cc  p2pimsvc - ok
12:22:12.0115 0x16cc  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
12:22:12.0140 0x16cc  p2psvc - ok
12:22:12.0161 0x16cc  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
12:22:12.0166 0x16cc  Parport - ok
12:22:12.0192 0x16cc  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:22:12.0197 0x16cc  partmgr - ok
12:22:12.0229 0x16cc  [ 7C0582921913D00180EC2B8518BA135C, E44FA5FF498CC5C7E7CE120A6C5E1AAE206A450963335379FBE67C6B9E6F64B2 ] pbfilter        D:\Program Files\PeerBlock\pbfilter.sys
12:22:12.0232 0x16cc  pbfilter - ok
12:22:12.0250 0x16cc  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:22:12.0259 0x16cc  PcaSvc - ok
12:22:12.0277 0x16cc  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
12:22:12.0285 0x16cc  pci - ok
12:22:12.0292 0x16cc  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
12:22:12.0295 0x16cc  pciide - ok
12:22:12.0310 0x16cc  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
12:22:12.0318 0x16cc  pcmcia - ok
12:22:12.0334 0x16cc  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
12:22:12.0338 0x16cc  pcw - ok
12:22:12.0358 0x16cc  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:22:12.0382 0x16cc  PEAUTH - ok
12:22:12.0430 0x16cc  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
12:22:12.0480 0x16cc  PeerDistSvc - ok
12:22:12.0543 0x16cc  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
12:22:12.0548 0x16cc  PerfHost - ok
12:22:12.0591 0x16cc  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
12:22:12.0632 0x16cc  pla - ok
12:22:12.0678 0x16cc  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:22:12.0702 0x16cc  PlugPlay - ok
12:22:12.0711 0x16cc  PnkBstrA - ok
12:22:12.0722 0x16cc  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
12:22:12.0730 0x16cc  PNRPAutoReg - ok
12:22:12.0751 0x16cc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
12:22:12.0757 0x16cc  PNRPsvc - ok
12:22:12.0789 0x16cc  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:22:12.0813 0x16cc  PolicyAgent - ok
12:22:12.0841 0x16cc  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
12:22:12.0849 0x16cc  Power - ok
12:22:12.0876 0x16cc  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:22:12.0882 0x16cc  PptpMiniport - ok
12:22:12.0895 0x16cc  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
12:22:12.0900 0x16cc  Processor - ok
12:22:12.0913 0x16cc  [ 5C78838B4D166D1A27DB3A8A820C799A, BBF7E1D0B6754CF06BF3936671FDF5BF6E845CA5678D0940EA54E9212B539B7F ] ProfSvc         C:\Windows\system32\profsvc.dll
12:22:12.0929 0x16cc  ProfSvc - ok
12:22:12.0941 0x16cc  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
12:22:12.0942 0x16cc  ProtectedStorage - ok
12:22:12.0963 0x16cc  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
12:22:12.0970 0x16cc  Psched - ok
12:22:13.0017 0x16cc  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
12:22:13.0059 0x16cc  ql2300 - ok
12:22:13.0079 0x16cc  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
12:22:13.0086 0x16cc  ql40xx - ok
12:22:13.0107 0x16cc  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
12:22:13.0123 0x16cc  QWAVE - ok
12:22:13.0139 0x16cc  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:22:13.0143 0x16cc  QWAVEdrv - ok
12:22:13.0207 0x16cc  [ 0CAA9F394453F7BBEEE2124017B1B842, 2DC64564FAF8CB00842260368CA9CF58EC0312471603FD18E812DC3971E9A3DD ] RadeonPro Support Service D:\Program Files (x86)\RadeonPro\RadeonProSupport.exe
12:22:13.0211 0x16cc  RadeonPro Support Service - ok
12:22:13.0230 0x16cc  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:22:13.0233 0x16cc  RasAcd - ok
12:22:13.0267 0x16cc  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
12:22:13.0272 0x16cc  RasAgileVpn - ok
12:22:13.0282 0x16cc  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
12:22:13.0291 0x16cc  RasAuto - ok
12:22:13.0303 0x16cc  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:22:13.0309 0x16cc  Rasl2tp - ok
12:22:13.0325 0x16cc  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
12:22:13.0342 0x16cc  RasMan - ok
12:22:13.0355 0x16cc  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:22:13.0361 0x16cc  RasPppoe - ok
12:22:13.0369 0x16cc  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:22:13.0374 0x16cc  RasSstp - ok
12:22:13.0394 0x16cc  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:22:13.0404 0x16cc  rdbss - ok
12:22:13.0416 0x16cc  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
12:22:13.0419 0x16cc  rdpbus - ok
12:22:13.0432 0x16cc  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:22:13.0434 0x16cc  RDPCDD - ok
12:22:13.0462 0x16cc  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
12:22:13.0469 0x16cc  RDPDR - ok
12:22:13.0478 0x16cc  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:22:13.0481 0x16cc  RDPENCDD - ok
12:22:13.0492 0x16cc  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
12:22:13.0494 0x16cc  RDPREFMP - ok
12:22:13.0533 0x16cc  [ 70CBA1A0C98600A2AA1863479B35CB90, 91A133297921B4955817176251AFC5283DA3C7D2099700C4C92ECC94DBE9A99E ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:22:13.0536 0x16cc  RdpVideoMiniport - ok
12:22:13.0558 0x16cc  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:22:13.0567 0x16cc  RDPWD - ok
12:22:13.0591 0x16cc  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
12:22:13.0599 0x16cc  rdyboost - ok
12:22:13.0619 0x16cc  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:22:13.0628 0x16cc  RemoteAccess - ok
12:22:13.0638 0x16cc  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:22:13.0646 0x16cc  RemoteRegistry - ok
12:22:13.0658 0x16cc  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
12:22:13.0663 0x16cc  RpcEptMapper - ok
12:22:13.0686 0x16cc  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
12:22:13.0689 0x16cc  RpcLocator - ok
12:22:13.0702 0x16cc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
12:22:13.0711 0x16cc  RpcSs - ok
12:22:13.0720 0x16cc  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:22:13.0724 0x16cc  rspndr - ok
12:22:13.0797 0x16cc  [ 6FA271B6816AFFAEF640808FC51AC8AF, 696679114F6A106EC94C21E2A33FE17AF86368BCF9A796AAEA37EA6E8748AD6A ] RTCore64        D:\Program Files (x86)\MSI Afterburner\RTCore64.sys
12:22:13.0800 0x16cc  RTCore64 - ok
12:22:13.0855 0x16cc  [ 8181B5E7BFC040E0B26349C73E719335, EBB244A7E8E2CDC51041B2C2A78DCB77324F9E3746942C84902FCD928ADED897 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
12:22:13.0880 0x16cc  RTL8167 - ok
12:22:13.0956 0x16cc  [ 4FACBCF427B0BB87D5E2FD2F986A7B85, E93B89C92C572338D716D425E47CBEAAF29C4C81E8D5F0A5D7C48585436C4468 ] RzDxgk          C:\Windows\system32\drivers\RzDxgk.sys
12:22:13.0962 0x16cc  RzDxgk - ok
12:22:14.0015 0x16cc  [ 3DCDA3B114E50EFC17AEDBFBF494F02E, B427CE21C8B0B77FB15ECF8356FE3EBD0E882275D6B21BE46CC3B0DBD70A2BCD ] RzFilter        C:\Windows\system32\drivers\RzFilter.sys
12:22:14.0020 0x16cc  RzFilter - ok
12:22:14.0030 0x16cc  RzOvlMon - ok
12:22:14.0046 0x16cc  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
12:22:14.0048 0x16cc  s3cap - ok
12:22:14.0087 0x16cc  [ F50CFDB1DA64E271D031BF35A2BF6BC2, 727EF23B8CD3023DAF9308E32DB1BD32262173A680491363195ADB2AC3622BD5 ] SaiK0CC3        C:\Windows\system32\DRIVERS\SaiK0CC3.sys
12:22:14.0095 0x16cc  SaiK0CC3 - ok
12:22:14.0126 0x16cc  [ B08581EDF3290210D3366CD2D992F6C2, FF1BE97B8F37FF39B784CAB254F2460B7F7A84C45BAD5CDB06FE5C29CF293BE5 ] SaiMini         C:\Windows\system32\DRIVERS\SaiMini.sys
12:22:14.0130 0x16cc  SaiMini - ok
12:22:14.0166 0x16cc  [ D086C2F45D328C2F63FC6B4CD79FCB66, BF3D27D95C83D2454AE62BAFE9297E08BB58EA4C7FBFBDEE075A4FFC6085735C ] SaiNtBus        C:\Windows\system32\drivers\SaiBus.sys
12:22:14.0171 0x16cc  SaiNtBus - ok
12:22:14.0195 0x16cc  [ C1A1CE0B198C08F0A295787E36A53459, 00736AFF2585DAF9631FDD9BDF48F007B804997EA7011FA30AFEEBFD028603E9 ] SaiU0CC3        C:\Windows\system32\DRIVERS\SaiU0CC3.sys
12:22:14.0200 0x16cc  SaiU0CC3 - ok
12:22:14.0207 0x16cc  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe
12:22:14.0208 0x16cc  SamSs - ok
12:22:14.0220 0x16cc  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:22:14.0226 0x16cc  sbp2port - ok
12:22:14.0247 0x16cc  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:22:14.0257 0x16cc  SCardSvr - ok
12:22:14.0282 0x16cc  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
12:22:14.0286 0x16cc  scfilter - ok
12:22:14.0321 0x16cc  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
12:22:14.0361 0x16cc  Schedule - ok
12:22:14.0386 0x16cc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:22:14.0388 0x16cc  SCPolicySvc - ok
12:22:14.0404 0x16cc  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:22:14.0407 0x16cc  SDRSVC - ok
12:22:14.0431 0x16cc  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:22:14.0434 0x16cc  secdrv - ok
12:22:14.0443 0x16cc  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
12:22:14.0448 0x16cc  seclogon - ok
12:22:14.0454 0x16cc  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
12:22:14.0461 0x16cc  SENS - ok
12:22:14.0473 0x16cc  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
12:22:14.0481 0x16cc  SensrSvc - ok
12:22:14.0491 0x16cc  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
12:22:14.0495 0x16cc  Serenum - ok
12:22:14.0515 0x16cc  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
12:22:14.0520 0x16cc  Serial - ok
12:22:14.0532 0x16cc  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
12:22:14.0535 0x16cc  sermouse - ok
12:22:14.0557 0x16cc  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
12:22:14.0566 0x16cc  SessionEnv - ok
12:22:14.0570 0x16cc  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
12:22:14.0572 0x16cc  sffdisk - ok
12:22:14.0587 0x16cc  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:22:14.0590 0x16cc  sffp_mmc - ok
12:22:14.0601 0x16cc  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
12:22:14.0604 0x16cc  sffp_sd - ok
12:22:14.0610 0x16cc  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
12:22:14.0613 0x16cc  sfloppy - ok
12:22:14.0651 0x16cc  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:22:14.0675 0x16cc  SharedAccess - ok
12:22:14.0698 0x16cc  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:22:14.0710 0x16cc  ShellHWDetection - ok
12:22:14.0734 0x16cc  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
12:22:14.0739 0x16cc  SiSRaid2 - ok
12:22:14.0750 0x16cc  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
12:22:14.0755 0x16cc  SiSRaid4 - ok
12:22:14.0790 0x16cc  [ 7C15061CD0372487903B07B9BB03AFAD, FB96CDA29C7C1E8A315BA89E8B150918E59F32CE749D3EF43FCBEB3FB57BF1C6 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
12:22:14.0825 0x16cc  SkypeUpdate - ok
12:22:14.0843 0x16cc  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:22:14.0848 0x16cc  Smb - ok
12:22:14.0866 0x16cc  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:22:14.0870 0x16cc  SNMPTRAP - ok
12:22:14.0882 0x16cc  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
12:22:14.0886 0x16cc  spldr - ok
12:22:14.0908 0x16cc  [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler         C:\Windows\System32\spoolsv.exe
12:22:14.0924 0x16cc  Spooler - ok
12:22:15.0022 0x16cc  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
12:22:15.0117 0x16cc  sppsvc - ok
12:22:15.0135 0x16cc  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
12:22:15.0144 0x16cc  sppuinotify - ok
12:22:15.0176 0x16cc  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:22:15.0190 0x16cc  srv - ok
12:22:15.0212 0x16cc  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:22:15.0226 0x16cc  srv2 - ok
12:22:15.0268 0x16cc  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:22:15.0276 0x16cc  srvnet - ok
12:22:15.0297 0x16cc  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:22:15.0347 0x16cc  SSDPSRV - ok
12:22:15.0398 0x16cc  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:22:15.0403 0x16cc  SstpSvc - ok
12:22:15.0490 0x16cc  [ A87A39F9B42D82F5D60D36BB1D3CC9D3, F609CC721B898B5053FE34B24C94970453BD57441F9A2C93D4F77CB297D56169 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
12:22:15.0508 0x16cc  Steam Client Service - ok
12:22:15.0582 0x16cc  [ 00FCEC4DA4198F5F2B9BBD9225842568, 95CE48CC4238FB4D95E2EFFF195C38C321D3F7B513C779FDFBB3F77F9C72EA05 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
12:22:15.0597 0x16cc  Stereo Service - ok
12:22:15.0615 0x16cc  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
12:22:15.0619 0x16cc  stexstor - ok
12:22:15.0667 0x16cc  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
12:22:15.0691 0x16cc  stisvc - ok
12:22:15.0713 0x16cc  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
12:22:15.0717 0x16cc  storflt - ok
12:22:15.0742 0x16cc  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
12:22:15.0746 0x16cc  storvsc - ok
12:22:15.0754 0x16cc  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
12:22:15.0758 0x16cc  swenum - ok
12:22:15.0788 0x16cc  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
12:22:15.0822 0x16cc  swprv - ok
12:22:15.0864 0x16cc  [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc      C:\Windows\system32\drivers\synth3dvsc.sys
12:22:15.0870 0x16cc  Synth3dVsc - ok
12:22:15.0924 0x16cc  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
12:22:15.0971 0x16cc  SysMain - ok
12:22:15.0986 0x16cc  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:22:15.0995 0x16cc  TabletInputService - ok
12:22:16.0011 0x16cc  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:22:16.0027 0x16cc  TapiSrv - ok
12:22:16.0034 0x16cc  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
12:22:16.0042 0x16cc  TBS - ok
12:22:16.0110 0x16cc  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:22:16.0139 0x16cc  Tcpip - ok
12:22:16.0201 0x16cc  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
12:22:16.0231 0x16cc  TCPIP6 - ok
12:22:16.0245 0x16cc  [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:22:16.0249 0x16cc  tcpipreg - ok
12:22:16.0258 0x16cc  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:22:16.0261 0x16cc  TDPIPE - ok
12:22:16.0280 0x16cc  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:22:16.0283 0x16cc  TDTCP - ok
12:22:16.0299 0x16cc  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:22:16.0301 0x16cc  tdx - ok
12:22:16.0310 0x16cc  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
12:22:16.0315 0x16cc  TermDD - ok
12:22:16.0324 0x16cc  [ 2B5BDFF688EC9871D7EC5837833374E9, BD6C629FA2938987ABF95B790B20F0B7D4D023D5013E575F343A802D6213074E ] terminpt        C:\Windows\system32\drivers\terminpt.sys
12:22:16.0328 0x16cc  terminpt - ok
12:22:16.0357 0x16cc  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
12:22:16.0382 0x16cc  TermService - ok
12:22:16.0393 0x16cc  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
12:22:16.0401 0x16cc  Themes - ok
12:22:16.0419 0x16cc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
12:22:16.0421 0x16cc  THREADORDER - ok
12:22:16.0436 0x16cc  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
12:22:16.0443 0x16cc  TrkWks - ok
12:22:16.0479 0x16cc  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:22:16.0486 0x16cc  TrustedInstaller - ok
12:22:16.0502 0x16cc  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:22:16.0506 0x16cc  tssecsrv - ok
12:22:16.0523 0x16cc  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
12:22:16.0528 0x16cc  TsUsbFlt - ok
12:22:16.0537 0x16cc  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
12:22:16.0541 0x16cc  TsUsbGD - ok
12:22:16.0557 0x16cc  [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
12:22:16.0563 0x16cc  tsusbhub - ok
12:22:16.0584 0x16cc  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:22:16.0590 0x16cc  tunnel - ok
12:22:16.0607 0x16cc  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
12:22:16.0612 0x16cc  uagp35 - ok
12:22:16.0628 0x16cc  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:22:16.0638 0x16cc  udfs - ok
12:22:16.0659 0x16cc  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:22:16.0664 0x16cc  UI0Detect - ok
12:22:16.0690 0x16cc  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:22:16.0695 0x16cc  uliagpkx - ok
12:22:16.0719 0x16cc  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
12:22:16.0723 0x16cc  umbus - ok
12:22:16.0739 0x16cc  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
12:22:16.0741 0x16cc  UmPass - ok
12:22:16.0763 0x16cc  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
12:22:16.0773 0x16cc  UmRdpService - ok
12:22:16.0792 0x16cc  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
12:22:16.0809 0x16cc  upnphost - ok
12:22:16.0821 0x16cc  [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829, 5D6E404FE0AB875202CA1A3E8E9D2F4368DF6ACCFA1C872ECFAF8399CBA3A485 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
12:22:16.0826 0x16cc  usbccgp - ok
12:22:16.0866 0x16cc  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
12:22:16.0873 0x16cc  usbcir - ok
12:22:16.0888 0x16cc  [ 74EE782B1D9C241EFE425565854C661C, E8258EA65B0FCAD4E077B176E9D9324646B652D6E651241E397346A39770D065 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
12:22:16.0892 0x16cc  usbehci - ok
12:22:16.0909 0x16cc  [ DC96BD9CCB8403251BCF25047573558E, 66EBF8A6B3BC0634F32DDCC8BA31F1EB5987E8C6853E1DC26005E3EED0945565 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
12:22:16.0925 0x16cc  usbhub - ok
12:22:16.0939 0x16cc  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
12:22:16.0942 0x16cc  usbohci - ok
12:22:16.0955 0x16cc  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
12:22:16.0958 0x16cc  usbprint - ok
12:22:16.0973 0x16cc  [ D76510CFA0FC09023077F22C2F979D86, 5662281C6D515423255D3C262EA368DBAFC250235E535FBFA3E59D3487695439 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:22:16.0978 0x16cc  USBSTOR - ok
12:22:16.0992 0x16cc  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
12:22:16.0995 0x16cc  usbuhci - ok
12:22:17.0004 0x16cc  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
12:22:17.0009 0x16cc  UxSms - ok
12:22:17.0012 0x16cc  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
12:22:17.0013 0x16cc  VaultSvc - ok
12:22:17.0018 0x16cc  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
12:22:17.0022 0x16cc  vdrvroot - ok
12:22:17.0050 0x16cc  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
12:22:17.0075 0x16cc  vds - ok
12:22:17.0084 0x16cc  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:22:17.0087 0x16cc  vga - ok
12:22:17.0101 0x16cc  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:22:17.0104 0x16cc  VgaSave - ok
12:22:17.0107 0x16cc  VGPU - ok
12:22:17.0128 0x16cc  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
12:22:17.0137 0x16cc  vhdmp - ok
12:22:17.0152 0x16cc  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
12:22:17.0155 0x16cc  viaide - ok
12:22:17.0174 0x16cc  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
12:22:17.0182 0x16cc  vmbus - ok
12:22:17.0193 0x16cc  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
12:22:17.0196 0x16cc  VMBusHID - ok
12:22:17.0244 0x16cc  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:22:17.0249 0x16cc  volmgr - ok
12:22:17.0269 0x16cc  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:22:17.0285 0x16cc  volmgrx - ok
12:22:17.0302 0x16cc  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:22:17.0312 0x16cc  volsnap - ok
12:22:17.0340 0x16cc  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
12:22:17.0346 0x16cc  vsmraid - ok
12:22:17.0410 0x16cc  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
12:22:17.0435 0x16cc  VSS - ok
12:22:17.0452 0x16cc  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
12:22:17.0455 0x16cc  vwifibus - ok
12:22:17.0470 0x16cc  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
12:22:17.0486 0x16cc  W32Time - ok
12:22:17.0491 0x16cc  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
12:22:17.0495 0x16cc  WacomPen - ok
12:22:17.0508 0x16cc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
12:22:17.0513 0x16cc  WANARP - ok
12:22:17.0517 0x16cc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:22:17.0518 0x16cc  Wanarpv6 - ok
12:22:17.0572 0x16cc  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
12:22:17.0613 0x16cc  WatAdminSvc - ok
12:22:17.0663 0x16cc  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
12:22:17.0704 0x16cc  wbengine - ok
12:22:17.0719 0x16cc  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
12:22:17.0735 0x16cc  WbioSrvc - ok
12:22:17.0756 0x16cc  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:22:17.0772 0x16cc  wcncsvc - ok
12:22:17.0780 0x16cc  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:22:17.0788 0x16cc  WcsPlugInService - ok
12:22:17.0803 0x16cc  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
12:22:17.0807 0x16cc  Wd - ok
12:22:17.0841 0x16cc  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:22:17.0866 0x16cc  Wdf01000 - ok
12:22:17.0893 0x16cc  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:22:17.0900 0x16cc  WdiServiceHost - ok
12:22:17.0903 0x16cc  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:22:17.0906 0x16cc  WdiSystemHost - ok
12:22:17.0917 0x16cc  [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient       C:\Windows\System32\webclnt.dll
12:22:17.0933 0x16cc  WebClient - ok
12:22:17.0949 0x16cc  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:22:17.0966 0x16cc  Wecsvc - ok
12:22:17.0975 0x16cc  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:22:17.0984 0x16cc  wercplsupport - ok
12:22:18.0002 0x16cc  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:22:18.0011 0x16cc  WerSvc - ok
12:22:18.0029 0x16cc  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
12:22:18.0032 0x16cc  WfpLwf - ok
12:22:18.0042 0x16cc  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
12:22:18.0046 0x16cc  WIMMount - ok
12:22:18.0058 0x16cc  WinDefend - ok
12:22:18.0063 0x16cc  WinHttpAutoProxySvc - ok
12:22:18.0122 0x16cc  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:22:18.0126 0x16cc  Winmgmt - ok
12:22:18.0180 0x16cc  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
12:22:18.0238 0x16cc  WinRM - ok
12:22:18.0280 0x16cc  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:22:18.0313 0x16cc  Wlansvc - ok
12:22:18.0427 0x16cc  [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:22:18.0467 0x16cc  wlidsvc - ok
12:22:18.0482 0x16cc  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
12:22:18.0485 0x16cc  WmiAcpi - ok
12:22:18.0498 0x16cc  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:22:18.0514 0x16cc  wmiApSrv - ok
12:22:18.0526 0x16cc  WMPNetworkSvc - ok
12:22:18.0535 0x16cc  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:22:18.0541 0x16cc  WPCSvc - ok
12:22:18.0555 0x16cc  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:22:18.0562 0x16cc  WPDBusEnum - ok
12:22:18.0573 0x16cc  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:22:18.0576 0x16cc  ws2ifsl - ok
12:22:18.0584 0x16cc  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
12:22:18.0587 0x16cc  wscsvc - ok
12:22:18.0590 0x16cc  WSearch - ok
12:22:18.0672 0x16cc  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
12:22:18.0711 0x16cc  wuauserv - ok
12:22:18.0728 0x16cc  [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
12:22:18.0734 0x16cc  WudfPf - ok
12:22:18.0753 0x16cc  [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
12:22:18.0760 0x16cc  WUDFRd - ok
12:22:18.0775 0x16cc  [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:22:18.0784 0x16cc  wudfsvc - ok
12:22:18.0802 0x16cc  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
12:22:18.0818 0x16cc  WwanSvc - ok
12:22:18.0870 0x16cc  [ 4A5CE13408945E525503B5F73D29B9C5, D58BB31AF17752508EA67931BF170CE46877DC204FC5DA7EED5A078AEB0CA0FD ] xnacc           C:\Windows\system32\DRIVERS\xnacc.sys
12:22:18.0895 0x16cc  xnacc - ok
12:22:18.0911 0x16cc  ================ Scan global ===============================
12:22:18.0937 0x16cc  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:22:18.0971 0x16cc  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:22:18.0996 0x16cc  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:22:19.0012 0x16cc  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:22:19.0033 0x16cc  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
12:22:19.0045 0x16cc  [ Global ] - ok
12:22:19.0045 0x16cc  ================ Scan MBR ==================================
12:22:19.0050 0x16cc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:22:19.0451 0x16cc  \Device\Harddisk0\DR0 - ok
12:22:19.0451 0x16cc  ================ Scan VBR ==================================
12:22:19.0453 0x16cc  [ 2BE24C03FACDB721978E2855AF6D3206 ] \Device\Harddisk0\DR0\Partition1
12:22:19.0454 0x16cc  \Device\Harddisk0\DR0\Partition1 - ok
12:22:19.0484 0x16cc  [ F23C20FCD0B6297241EC1982CEA5EB5E ] \Device\Harddisk0\DR0\Partition2
12:22:19.0485 0x16cc  \Device\Harddisk0\DR0\Partition2 - ok
12:22:19.0497 0x16cc  [ 7ACA95FEA2F53BCD20F181B4CDF2348D ] \Device\Harddisk0\DR0\Partition3
12:22:19.0498 0x16cc  \Device\Harddisk0\DR0\Partition3 - ok
12:22:19.0498 0x16cc  Waiting for KSN requests completion. In queue: 315
12:22:20.0498 0x16cc  Waiting for KSN requests completion. In queue: 315
12:22:21.0498 0x16cc  Waiting for KSN requests completion. In queue: 315
12:22:22.0518 0x16cc  AV detected via SS2: Avira Desktop, D:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.2.234 ), 0x41000 ( enabled : updated )
12:22:22.0528 0x16cc  Win FW state via NFP2: enabled
12:22:25.0389 0x16cc  ============================================================
12:22:25.0389 0x16cc  Scan finished
12:22:25.0389 0x16cc  ============================================================
12:22:25.0394 0x1414  Detected object count: 0
12:22:25.0394 0x1414  Actual detected object count: 0
12:23:16.0571 0x0e44  Deinitialize success
 
 
---------------------------------------------------------------------------------------
 
Microsoft Safety Scanner v1.0, (build 1.165.338.0)
Started On Fri Dec 20 12:25:10 2013
 
Extended Scan Results
----------------
->Scan ERROR: resource process://pid:328 (code 0x00000005 (5))
->Scan ERROR: resource file://C:\pagefile.sys (code 0x00000020 (32))
->Scan ERROR: resource file://C:\pagefile.sys (code 0x0000054F (1359))
->Scan ERROR: resource file://C:\pagefile.sys (code 0x00000020 (32))
->Scan ERROR: resource file://C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5))
->Scan ERROR: resource file://C:\System Volume Information\{c6390c28-65c0-11e3-87bb-08606e81a9b2}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5))
->Scan ERROR: resource file://C:\System Volume Information\{c6cef9f4-6950-11e3-9a35-08606e81a9b2}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5))
->Scan ERROR: resource file://C:\Windows\temp\TMP0000000C1F09104CCBDD7632 (code 0x00000002 (2))
->Scan ERROR: resource file://C:\Windows\temp\TMP0000000D2FF8587AD7259CDE (code 0x00000002 (2))
No infection found as part of the extended scan
 
Results Summary:
----------------
No infection found.
Microsoft Safety Scanner Finished On Fri Dec 20 14:51:47 2013
 
 
Return code: 0 (0x0)
 
----------------------------------------------------------------------
 
ESET:
 
D:\Program Files (x86)\Hammerwatch\steam_api.dll a variant of Win32/Packed.VMProtect.ABD trojan cleaned by deleting - quarantined
 


#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,288 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:03 AM

Posted 21 December 2013 - 07:45 AM

I noticed today that Peerblock is blocking a large amount of connections from a few different IPs listed as botnets.


It is not unusual for firewalls, IP blocking software (i.e. PeerBlock) and some anti-virus programs to provide numerous alerts regarding probing and intrustion attempts to access your computer. Botnets and Zombie computers scour the net, randomly scanning a block of IP addresses, searching for vulnerable ports - commonly probed ports and make repeated attempts to access them. Hackers use "port scanning", a popular reconnaissance technique, to search for vulnerable computers with open ports using IP addresses or a group of random IP address ranges so they can break in and install malicious programs. Your security software is doing its job by blocking this kind of traffic and alerting you about these intrusion attempts.

However, not all unrequested traffic is malevolent. Even your ISP will send out regular checks to see if your computer is still there. If your computer is sending out large amounts of data, that can indicate that your system may have a Trojan.

Malwarebytes Anti-Malware Malicious Website Blocking (IP Protection) is part of the Protection Module in the Pro version and works after it is enabled. When attempting to go to a potential malicious website, Malwarebytes will block the attempt and provide an alert. An outgoing IP alert indicates that a process on the system tried to load a malicious IP and was prevented from loading content. No action is required unless you're also experiencing malware symptoms or there are multiple IPs. A browser does not have to be running...just an active Internet connection with processes running. Notification that an outgoing IP address has been blocked does not necessarily mean the computer is infected. Some legitimate programs on your computer (i.e. iTunes, Instant Messenger client, SKYPE, P2P software, web browsers) have access to the Internet and that action can trigger an IP alert if it tried to access a malicious IP address. Your firewall should be able to give you a list of such programs so you can confirm if they are legitimate. IP alerts are also triggered by banner ads running on websites. IP Protection is also designed to block incoming connections it determines to be malicious.

For more information about Malicious Website Blocking (IP Protection), please refer to:


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 Pineapple23

Pineapple23
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:03 AM

Posted 21 December 2013 - 01:55 PM

Alright, those were my thoughts as well but I figure better safe than sorry.



#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,288 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:03 AM

Posted 21 December 2013 - 02:10 PM

I agree but in never hurts to investigate.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#9 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:03 AM

Posted 22 December 2013 - 03:29 AM

I would like you to run a full scan with Norman malware cleaner a log will be produced on your desktop when done please post it here.

 

http://normanasa.vo.llnwd.net/o29/public/Norman_Malware_Cleaner.exe

 

After that please download rkill save it to your desktop run it as admin and post the log.

http://www.bleepingcomputer.com/download/rkill/

 

We are almost done here. :)

 

 

 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users