Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Plz Help!!!!!!!!!


  • Please log in to reply
23 replies to this topic

#1 zorch240

zorch240

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:06:24 PM

Posted 23 December 2013 - 07:07 PM

Lenovo Touch All in One C540
4.00 GB of Ram 
Windows 8.1

I just ran a full scan with AVG and it found 579 Locked/Infected files on my pc.I have been dealing with a nasty rootkit infection embedded on my hardrive for a couple months now.I have tried "everything under the sun" to remove it including many rescue cd's,every rootkit remover out there,Antivirus boot cd's,countless wipes with Killdisk,clean installs,etc......It is"always"rearing its head again right after a fresh windows install.If I run regrun Warrior CD,it tells me services.exe and explorer.exe and many other system files are infected along with my Volume Boot Record.If I try to remove those files,windows fails to boot "ever again" until I reinstall the operating system.I feel as though as my hands are tied at this point and I may never be able to use my pc again.I am at my wit's end!!!!the only other security programs I have installed "at this point" are Malwarebytes,Spybot,and YAC.If anyone out there can help or has any suggestions it would be much appreciated!!!!!!!!!!

 

 

Rkill 2.6.4 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 12/23/2013 03:15:43 PM in x64 mode.
Windows Version: Windows 8.1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * @(BrandName) (WinDefend) is not Running.
   Startup Type set to: Manual

 * AllUserInstallAgent [Missing Service]
 * SDRSVC [Missing Service]
 * adp94xx [Missing Service]
 * adpahci [Missing Service]
 * adpu320 [Missing Service]
 * arc [Missing Service]
 * AsyncMac [Missing Service]
 * discache [Missing Service]
 * iirsp [Missing Service]
 * LSI_SCSI [Missing Service]
 * nfrd960 [Missing Service]
 * PptpMiniport [Missing Service]
 * RasAgileVpn [Missing Service]
 * Rasl2tp [Missing Service]
 * Wanarp [Missing Service]
 * Wanarpv6 [Missing Service]
 * Wd [Missing Service]
 * AppMgmt [Missing Service]
 * CSC [Missing Service]
 * CscService [Missing Service]
 * PeerDistSvc [Missing Service]

 * SystemEventsBroker => %SystemRoot%\system32\svchost.exe -k DcomLaunch [Incorrect ImagePath]
 * WinDefend => %SystemRoot%\System32\svchost.exe -k secsvcs [Incorrect ImagePath]
 * WSService => %SystemRoot%\System32\svchost.exe -k wsappx [Incorrect ImagePath]

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * Cannot edit the HOSTS file.
 * Permissions Fixed. Administrators can now edit the HOSTS file.

 * HOSTS file entries found:

  127.0.0.1 localhost
  127.0.0.1 www.007guard.com
  127.0.0.1 007guard.com
  127.0.0.1 008i.com
  127.0.0.1 www.008k.com
  127.0.0.1 008k.com
  127.0.0.1 www.00hq.com
  127.0.0.1 00hq.com
  127.0.0.1 010402.com
  127.0.0.1 www.032439.com
  127.0.0.1 032439.com
  127.0.0.1 www.0scan.com
  127.0.0.1 0scan.com
  127.0.0.1 1000gratisproben.com
  127.0.0.1 www.1000gratisproben.com
  127.0.0.1 1001namen.com
  127.0.0.1 www.1001namen.com
  127.0.0.1 100888290cs.com
  127.0.0.1 www.100888290cs.com
  127.0.0.1 www.100sexlinks.com

  20 out of 15491 HOSTS entries shown.
  Please review HOSTS file for further entries.

Program finished at: 12/23/2013 03:15:46 PM
Execution time: 0 hours(s), 0 minute(s), and 3 seconds(s)

 

 

 

 

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 7:06:04 PM, on 12/23/2013
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.16384)

Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\iSafe\iSafeTray.exe
C:\Program Files (x86)\iSafe\iSafe.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\Brown\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel® Integrated Clock Controller Service - Intel® ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: iSafeService - Elex do Brasil Participações Ltda - C:\Program Files (x86)\iSafe\iSafeSvc.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 7784 bytes



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,743 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:24 PM

Posted 28 December 2013 - 07:10 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/518435 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 zorch240

zorch240
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:06:24 PM

Posted 29 December 2013 - 12:36 PM

My problems never end,"no matter what".After "every" clean install,I am infected "immediately" and whatever it is hijacks all of my windows files and services soon thereafter.Apparently,according to regrun warrior cd my Volume Boot Record is infected with a rootkit.I have done numerous disk wipes,disk checks,and clean installs.....none of it helps.I find various infections with Rogue Killer,Panda cloud cleaner,spybot,and TDSSkiller....but once disinfected or removed,they "always" come back.Its at the point it is driving me mad,have not been able to use my pc in 2 months.I will try running DDS again,but I don't think it is compatible with the windows 8.1-64 that I currently have installed.I have an original disc for my operating system.I look forward to hearing from someone who can hopefully assist me in resolving my issues!



#4 zorch240

zorch240
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:06:24 PM

Posted 29 December 2013 - 12:39 PM

DDS gives error that its "not meant to run in compatibility mode".



#5 zorch240

zorch240
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:06:24 PM

Posted 29 December 2013 - 04:39 PM

anyone there?



#6 nasdaq

nasdaq

  • Malware Response Team
  • 40,227 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:24 PM

Posted 30 December 2013 - 08:13 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

You are correct DDS is not ready for Windows 8.1
Please download and run these tool. I will see what I can do to help.

--RogueKiller--
  • Download & SAVE to your Desktop RogueKiller for 32bit or Roguekiller for 64bit
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+
==============

Download correct tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
===

Please post the logs for my review. Do not attach them.

#7 zorch240

zorch240
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:06:24 PM

Posted 30 December 2013 - 12:15 PM

RogueKiller V8.8.0 _x64_ [Dec 27 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 8 (6.2.9200 ) 64 bits version
Started in : Normal mode
User : Brown [Admin rights]
Mode : Remove -- Date : 12/30/2013 12:13:53
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 2 ¤¤¤
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

 

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST1000DM003-1CH162 ATA Device +++++
--- User ---
[MBR] 065776980c8e7e65bc244918424cce79
[BSP] ed40ec0df4116f66600d0c09b75eb7be : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953867 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_D_12302013_121353.txt >>
RKreport[0]_S_12302013_121349.txt


RogueKiller V8.8.0 _x64_ [Dec 27 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 8 (6.2.9200 ) 64 bits version
Started in : Normal mode
User : Brown [Admin rights]
Mode : Scan -- Date : 12/30/2013 12:13:49
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 2 ¤¤¤
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

 

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST1000DM003-1CH162 ATA Device +++++
--- User ---
[MBR] 065776980c8e7e65bc244918424cce79
[BSP] ed40ec0df4116f66600d0c09b75eb7be : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953867 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_S_12302013_121349.txt >>

 

 



#8 zorch240

zorch240
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:06:24 PM

Posted 30 December 2013 - 12:17 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-12-2013 01
Ran by Brown (administrator) on Family on 30-12-2013 12:15:57
Running from C:\Users\Brown\Downloads
Windows 8 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
() C:\Users\Brown\Downloads\RogueKillerX64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wowreg32.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16384_none_622908ad510eb05b\TiWorker.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - "C:\Windows\system32\hkcmd.exe"
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xCBE783FE8105CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US,en;q=0.5

==================== Services (Whitelisted) =================

R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [15440 2012-07-25] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R3 RTL8192Ce; C:\Windows\system32\DRIVERS\rtwlane.sys [1119232 2012-06-29] (Realtek Semiconductor Corporation                           )

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-12-30 12:15 - 2013-12-30 12:16 - 00002053 _____ C:\Users\Brown\Downloads\FRST.txt
2013-12-30 12:15 - 2013-12-30 12:15 - 00000000 ____D C:\Windows\LastGood
2013-12-30 12:15 - 2013-12-30 12:15 - 00000000 ____D C:\Program Files\Intel
2013-12-30 12:15 - 2013-12-30 12:15 - 00000000 ____D C:\Program Files (x86)\Intel
2013-12-30 12:15 - 2013-12-30 12:15 - 00000000 ____D C:\Intel
2013-12-30 12:15 - 2013-12-30 12:15 - 00000000 ____D C:\FRST
2013-12-30 12:15 - 2013-12-21 00:02 - 00064000 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL
2013-12-30 12:15 - 2013-12-21 00:02 - 00060416 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.DLL
2013-12-30 12:14 - 2013-12-30 12:14 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1707442784-1462152904-2062007286-1001
2013-12-30 12:13 - 2013-12-30 12:13 - 15283200 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 03295984 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\evbda.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 02224880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 01934064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 01448688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 01119232 _____ (Realtek Semiconductor Corporation                           ) C:\Windows\system32\Drivers\rtwlane.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 01000688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00859136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00804864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00785512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00589824 _____ (Realtek                                            ) C:\Windows\system32\Drivers\Rt630x64.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00496368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00496368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00487664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00465136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00445168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00444144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00416768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00411888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00411888 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00390896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00378608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00374512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00368128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00353008 _____ (LSI Corporation, Inc.) C:\Windows\system32\Drivers\MegaSR.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00339968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00337136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00332016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00329968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00322800 _____ (VIA Corporation) C:\Windows\system32\Drivers\VSTXRAID.SYS.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00321024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00303856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00283888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00277744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00258288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00237808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcmcia.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00234224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00217328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00212208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00210672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00210304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00193264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00172784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scsiport.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00172272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00168176 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00164080 _____ (VIA Technologies Inc.,Ltd) C:\Windows\system32\Drivers\vsmraid.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00150256 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00148720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipnat.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00137832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbus.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NdisImPlatform.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00125168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00124144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00123632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irda.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00120048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00119024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00116976 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_scsi.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspptp.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00113904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\EhStorTcgDrv.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00108784 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_sas.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00107760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sbp2port.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00106224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VerifierExt.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\parport.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00102640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00100080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Ndu.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00097008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\uaspstor.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00096496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00093936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rassstp.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00092400 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_sas2.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00091888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipfltdrv.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00086632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbkmcl.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00083696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00083184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspppoe.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00081648 _____ (Silicon Integrated Systems) C:\Windows\system32\Drivers\sisraid4.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00081136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\EhStorClass.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00081136 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_sss.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rspndr.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00078576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00077552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storahci.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serial.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00071920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fileinfo.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00068848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mslldp.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00067824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpci.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00066800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00066800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\GAGP30KX.SYS.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00065776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UAGP35.SYS.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00064752 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\HpSAMD.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00064240 _____ (Marvell Semiconductor, Inc.) C:\Windows\system32\Drivers\mvumis.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\SerCx.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00062568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhv.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00062496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\lltdio.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\SpbCx.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00057584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fsdepends.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00056560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdstor.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00056344 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00052464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcw.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00052464 _____ (IBM Corporation) C:\Windows\system32\Drivers\nfrd960.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00051952 _____ (LSI Corporation) C:\Windows\system32\Drivers\megasas.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\discache.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00049904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciidex.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00048368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umbus.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\watchdog.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\qwavedrv.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiscap.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidir.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00045808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00045296 _____ (Intel Corp./ICP vortex GmbH) C:\Windows\system32\Drivers\iirsp.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00045160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmstorfl.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wpcfltr.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00044784 _____ (Silicon Integrated Systems Corp.) C:\Windows\system32\Drivers\sisraid2.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\modem.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidi2c.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00037992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsc.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00037616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00036592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\terminpt.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00036592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00036080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\filetrace.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00034216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00034032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dumpata.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00033520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wimmount.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dmvsc.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00033024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbrpm.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00030960 _____ (Promise Technology, Inc.) C:\Windows\system32\Drivers\stexstor.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fdc.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdi.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tape.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00028400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpiowin32.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00027888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbatt.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00027008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wacompen.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00025328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00024816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HyperVideo.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\flpydisk.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifibus.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00023792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wd.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npsvctrig.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00023280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WppRecorder.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serenum.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00023040 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\Windows\system32\Drivers\secdrv.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ws2ifsl.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpbus.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fxppm.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00022256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00022144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VMBusHID.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mcd.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00021744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00021376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksthunk.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00020720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tbs.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smclib.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WpdUpFltr.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00019184 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viaide.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00018672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelide.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kdnic.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irenum.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00017648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmilib.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00017136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sfloppy.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasacd.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dmpusbstor.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MTConfig.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00014064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciide.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00013680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmgencounter.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umpass.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rootmdm.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hyperkbd.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00011008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mskssrv.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mshidumdf.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\errdev.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mshidkmdf.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mstee.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vms3cap.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspclock.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00006912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspqm.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\null.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00001510 _____ C:\Users\Brown\Desktop\RKreport[0]_D_12302013_121353.txt
2013-12-30 12:13 - 2013-12-30 12:13 - 00001461 _____ C:\Users\Brown\Desktop\RKreport[0]_S_12302013_121349.txt
2013-12-30 12:12 - 2013-12-30 12:13 - 00055024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys.bak
2013-12-30 12:12 - 2013-12-30 12:13 - 00000000 ____D C:\Users\Brown\Desktop\RK_Quarantine
2013-12-30 12:12 - 2013-12-30 12:12 - 00562400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00561152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00539376 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bxvbda.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00492272 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adp94xx.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00424688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00361200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00340720 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpahci.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00336624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00258288 _____ (AMD Technologies Inc.) C:\Windows\system32\Drivers\amdsbs.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394ohci.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00190704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00184048 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpu320.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00108272 _____ (PMC-Sierra, Inc.) C:\Windows\system32\Drivers\arcsas.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00106736 _____ (LSI) C:\Windows\system32\Drivers\3ware.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00104688 _____ (PMC-Sierra, Inc.) C:\Windows\system32\Drivers\arc.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00077040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpiex.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00076016 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthmodem.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00063216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00061680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicDisplay.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\circlass.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CompositeBus.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\condrv.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00033520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\battc.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00031104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthAvrcpTg.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00029952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthhfHid.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\asyncmac.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00026352 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00025840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\atapi.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CmBatt.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BtaMPM.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpipmi.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpitime.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpipagr.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\beep.sys.bak
2013-12-30 12:11 - 2013-12-30 12:11 - 04406784 _____ C:\Users\Brown\Downloads\RogueKillerX64.exe
2013-12-30 12:11 - 2013-12-30 12:11 - 01931302 _____ (Farbar) C:\Users\Brown\Downloads\FRST64.exe
2013-12-30 12:10 - 2013-12-30 12:10 - 00000000 ____D C:\Users\Brown\AppData\Roaming\Macromedia
2013-12-30 12:07 - 2013-12-30 12:07 - 00001435 _____ C:\Users\Brown\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-30 12:07 - 2013-12-30 12:07 - 00000000 ___RD C:\Users\Brown\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-30 12:07 - 2013-12-30 12:07 - 00000000 ___RD C:\Users\Brown\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-12-30 12:07 - 2013-12-30 12:07 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-30 12:07 - 2013-12-30 12:07 - 00000000 ____D C:\Users\Brown\AppData\Roaming\Adobe
2013-12-30 12:06 - 2013-12-30 12:14 - 00175302 _____ C:\Windows\WindowsUpdate.log
2013-12-30 12:06 - 2013-12-30 12:07 - 00000000 ____D C:\Users\Brown\AppData\Local\Packages
2013-12-30 12:06 - 2013-12-30 12:07 - 00000000 ____D C:\Users\Brown
2013-12-30 12:06 - 2013-12-30 12:07 - 00000000 ____D C:\ProgramData\PRICache
2013-12-30 12:06 - 2013-12-30 12:06 - 00000020 ___SH C:\Users\Brown\ntuser.ini
2013-12-30 12:06 - 2013-12-30 12:06 - 00000000 ____D C:\Users\Brown\AppData\Local\VirtualStore
2013-12-30 12:06 - 2012-07-26 03:13 - 00000000 ___RD C:\Users\Brown\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-12-30 12:06 - 2012-07-26 03:13 - 00000000 ___RD C:\Users\Brown\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-12-30 12:06 - 2012-07-26 03:13 - 00000000 ___RD C:\Users\Brown\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-12-30 12:06 - 2012-07-26 03:13 - 00000000 ____D C:\Users\Brown\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-12-30 12:05 - 2013-12-30 12:05 - 00001027 _____ C:\Windows\system32\netcfg-454250.txt
2013-12-30 12:05 - 2013-12-30 12:05 - 00000117 _____ C:\Windows\system32\netcfg-454203.txt
2013-12-30 12:05 - 2013-12-30 12:05 - 00000117 _____ C:\Windows\system32\netcfg-450968.txt
2013-12-30 12:05 - 2013-12-30 12:05 - 00000117 _____ C:\Windows\system32\netcfg-450437.txt
2013-12-30 12:05 - 2013-12-30 12:05 - 00000117 _____ C:\Windows\system32\netcfg-448031.txt
2013-12-30 11:58 - 2013-12-30 11:58 - 00000000 __SHD C:\Recovery
2013-12-30 11:56 - 2013-12-30 11:56 - 00001136 _____ C:\Windows\system32\netcfg-49343.txt
2013-12-30 11:56 - 2013-12-30 11:56 - 00001135 _____ C:\Windows\system32\netcfg-38390.txt
2013-12-30 11:56 - 2013-12-30 11:56 - 00000197 _____ C:\Windows\system32\netcfg-52250.txt
2013-12-30 11:56 - 2013-12-30 11:56 - 00000185 _____ C:\Windows\system32\netcfg-38109.txt
2013-12-30 11:56 - 2013-12-30 11:56 - 00000164 _____ C:\Windows\system32\netcfg-32875.txt
2013-12-30 11:56 - 2013-12-30 11:56 - 00000161 _____ C:\Windows\system32\netcfg-35234.txt
2013-12-30 11:56 - 2013-12-30 11:56 - 00000160 _____ C:\Windows\system32\netcfg-34937.txt
2013-12-30 11:56 - 2013-12-30 11:56 - 00000160 _____ C:\Windows\system32\netcfg-33906.txt
2013-12-30 11:56 - 2013-12-30 11:56 - 00000160 _____ C:\Windows\system32\netcfg-31015.txt
2013-12-30 11:56 - 2013-12-30 11:56 - 00000159 _____ C:\Windows\system32\netcfg-33640.txt
2013-12-30 11:56 - 2013-12-30 11:56 - 00000157 _____ C:\Windows\system32\netcfg-34406.txt
2013-12-30 11:56 - 2013-12-30 11:56 - 00000157 _____ C:\Windows\system32\netcfg-33156.txt
2013-12-30 11:56 - 2013-12-30 11:56 - 00000150 _____ C:\Windows\system32\netcfg-33406.txt
2013-12-30 11:55 - 2013-12-30 12:06 - 00000000 ____D C:\Windows\Panther
2013-12-30 11:55 - 2013-12-30 11:55 - 00008192 __RSH C:\BOOTSECT.BAK
2013-12-30 11:55 - 2013-12-30 11:55 - 00000432 _____ C:\Windows\PFRO.log
2013-12-21 00:03 - 2013-12-21 00:03 - 00729088 _____ (Intel Corporation) C:\Windows\system32\MetroIntelGenericUIFramework.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 26002432 _____ (Intel Corporation) C:\Windows\system32\igdfcl64.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 20974592 _____ (Intel Corporation) C:\Windows\SysWOW64\igdfcl32.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 12297728 _____ (Intel Corporation) C:\Windows\system32\igd10iumd64.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 11673600 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10iumd32.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 10591744 _____ (Intel Corporation) C:\Windows\system32\igdumdim64.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 09870848 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdim32.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 09081856 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 07877120 _____ (Intel Corporation) C:\Windows\system32\ig7icd64.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 07596504 _____ (Intel Corporation) C:\Windows\system32\GfxUIEx.exe
2013-12-21 00:02 - 2013-12-21 00:02 - 06202368 _____ (Intel Corporation) C:\Windows\SysWOW64\ig7icd32.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 04471808 _____ (Intel Corporation) C:\Windows\system32\igdusc64.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 04216320 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2013-12-21 00:02 - 2013-12-21 00:02 - 03557376 _____ (Intel Corporation) C:\Windows\SysWOW64\igdusc32.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 03207680 _____ (Intel Corporation) C:\Windows\system32\igdrcl64.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 02882048 _____ (Intel Corporation) C:\Windows\SysWOW64\igdrcl32.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 02813952 _____ C:\Windows\system32\iglhxa64.cpa
2013-12-21 00:02 - 2013-12-21 00:02 - 02384896 _____ C:\Windows\system32\GfxRes.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 02065920 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 01815040 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 01127424 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 01123328 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00906200 _____ (Intel Corporation) C:\Windows\system32\igfxstarter.exe
2013-12-21 00:02 - 2013-12-21 00:02 - 00845272 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2013-12-21 00:02 - 2013-12-21 00:02 - 00771544 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2013-12-21 00:02 - 2013-12-21 00:02 - 00770520 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2013-12-21 00:02 - 2013-12-21 00:02 - 00755160 _____ (Intel Corporation) C:\Windows\system32\GfxUIHotKeyMenu.exe
2013-12-21 00:02 - 2013-12-21 00:02 - 00624640 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00548864 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00530904 _____ (Intel Corporation) C:\Windows\system32\DPTopologyApp.exe
2013-12-21 00:02 - 2013-12-21 00:02 - 00527872 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00527360 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00527360 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00527360 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00526848 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00526848 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00526336 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00526336 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00526336 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00525824 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00525824 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00525824 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00525824 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00525824 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00525312 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00525312 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00525312 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00524800 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00524800 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00524288 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00524288 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00523776 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00522240 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00521728 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00517632 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00516096 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00514048 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00513536 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00493056 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00397784 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2013-12-21 00:02 - 2013-12-21 00:02 - 00396760 _____ (Intel Corporation) C:\Windows\system32\CustomModeApp.exe
2013-12-21 00:02 - 2013-12-21 00:02 - 00391128 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2013-12-21 00:02 - 2013-12-21 00:02 - 00371200 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00347648 _____ C:\Windows\system32\igdmd64.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00346624 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00329216 _____ (Intel Corporation) C:\Windows\system32\igdbcl64.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00320512 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00290816 _____ (Intel Corporation) C:\Windows\SysWOW64\igdbcl32.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00280064 _____ C:\Windows\SysWOW64\igdmd32.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00279040 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2013-12-21 00:02 - 2013-12-21 00:02 - 00279000 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2013-12-21 00:02 - 2013-12-21 00:02 - 00267407 _____ C:\Windows\system32\Gfxres.th-TH.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00265216 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00253466 _____ C:\Windows\system32\Gfxres.el-GR.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00243712 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00235401 _____ C:\Windows\system32\Gfxres.ru-RU.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00224256 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00222208 _____ C:\Windows\system32\igdde64.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00214528 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00201128 _____ C:\Windows\system32\Gfxres.ar-SA.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00198725 _____ C:\Windows\system32\Gfxres.ja-JP.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00194560 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00192758 _____ C:\Windows\system32\Gfxres.he-IL.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00182784 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v3379.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00182272 _____ C:\Windows\SysWOW64\igdde32.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00180936 _____ C:\Windows\system32\Gfxres.ko-KR.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00180850 _____ C:\Windows\system32\Gfxres.it-IT.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00179712 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00178473 _____ C:\Windows\system32\Gfxres.es-ES.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00178290 _____ C:\Windows\system32\Gfxres.fr-FR.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00178123 _____ C:\Windows\system32\Gfxres.de-DE.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00176838 _____ C:\Windows\system32\Gfxres.ro-RO.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00175862 _____ C:\Windows\system32\Gfxres.hu-HU.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00175571 _____ C:\Windows\system32\Gfxres.tr-TR.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00175067 _____ C:\Windows\system32\Gfxres.nl-NL.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00174802 _____ C:\Windows\system32\Gfxres.pl-PL.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00174269 _____ C:\Windows\system32\Gfxres.pt-BR.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00173792 _____ C:\Windows\system32\Gfxres.fi-FI.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00173276 _____ C:\Windows\system32\Gfxres.sk-SK.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00173059 _____ C:\Windows\system32\Gfxres.sv-SE.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00172833 _____ C:\Windows\system32\Gfxres.pt-PT.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00172554 _____ C:\Windows\system32\Gfxres.cs-CZ.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00171691 _____ C:\Windows\system32\Gfxres.hr-HR.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00168215 _____ C:\Windows\system32\Gfxres.sl-SI.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00166833 _____ C:\Windows\system32\Gfxres.nb-NO.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00166220 _____ C:\Windows\system32\Gfxres.da-DK.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00163840 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00161534 _____ C:\Windows\system32\Gfxres.en-US.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00160256 _____ C:\Windows\system32\igdail64.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00155136 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00154805 _____ C:\Windows\system32\Gfxres.zh-TW.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00153048 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2013-12-21 00:02 - 2013-12-21 00:02 - 00152993 _____ C:\Windows\system32\Gfxres.zh-CN.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00142848 _____ C:\Windows\SysWOW64\igdail32.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00137728 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00133632 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00094208 _____ C:\Windows\system32\IccLibDll_x64.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00066560 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00064000 _____ (Khronos Group) C:\Windows\system32\Intel_OpenCL_ICD64.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00060416 _____ (Khronos Group) C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00044025 _____ C:\Windows\system32\iglhxo64.vp
2013-12-21 00:02 - 2013-12-21 00:02 - 00043816 _____ C:\Windows\system32\iglhxc64_dev.vp
2013-12-21 00:02 - 2013-12-21 00:02 - 00043494 _____ C:\Windows\system32\iglhxc64.vp
2013-12-21 00:02 - 2013-12-21 00:02 - 00043298 _____ C:\Windows\system32\iglhxg64_dev.vp
2013-12-21 00:02 - 2013-12-21 00:02 - 00043256 _____ C:\Windows\system32\iglhxg64.vp
2013-12-21 00:02 - 2013-12-21 00:02 - 00042079 _____ C:\Windows\system32\iglhxo64_dev.vp
2013-12-21 00:02 - 2013-12-21 00:02 - 00029696 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00025600 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00012288 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00002940 _____ C:\Windows\system32\iglhxs64.vp
2013-12-21 00:02 - 2013-12-21 00:02 - 00001125 _____ C:\Windows\system32\iglhxa64.vp

==================== One Month Modified Files and Folders =======

2013-12-30 12:16 - 2013-12-30 12:15 - 00002053 _____ C:\Users\Brown\Downloads\FRST.txt
2013-12-30 12:15 - 2013-12-30 12:15 - 00000000 ____D C:\Windows\LastGood
2013-12-30 12:15 - 2013-12-30 12:15 - 00000000 ____D C:\Program Files\Intel
2013-12-30 12:15 - 2013-12-30 12:15 - 00000000 ____D C:\Program Files (x86)\Intel
2013-12-30 12:15 - 2013-12-30 12:15 - 00000000 ____D C:\Intel
2013-12-30 12:15 - 2013-12-30 12:15 - 00000000 ____D C:\FRST
2013-12-30 12:14 - 2013-12-30 12:14 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1707442784-1462152904-2062007286-1001
2013-12-30 12:14 - 2013-12-30 12:06 - 00175302 _____ C:\Windows\WindowsUpdate.log
2013-12-30 12:13 - 2013-12-30 12:13 - 15283200 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 03295984 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\evbda.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 02224880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 01934064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 01448688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 01119232 _____ (Realtek Semiconductor Corporation                           ) C:\Windows\system32\Drivers\rtwlane.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 01000688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00859136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00804864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00785512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00589824 _____ (Realtek                                            ) C:\Windows\system32\Drivers\Rt630x64.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00496368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00496368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00487664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00465136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00445168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00444144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00416768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00411888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00411888 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00390896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00378608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00374512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00368128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00353008 _____ (LSI Corporation, Inc.) C:\Windows\system32\Drivers\MegaSR.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00339968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00337136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00332016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00329968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00322800 _____ (VIA Corporation) C:\Windows\system32\Drivers\VSTXRAID.SYS.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00321024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00303856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00283888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00277744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00258288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00237808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcmcia.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00234224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00217328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00212208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00210672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00210304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00193264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00172784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scsiport.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00172272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00168176 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00164080 _____ (VIA Technologies Inc.,Ltd) C:\Windows\system32\Drivers\vsmraid.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00150256 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00148720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipnat.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00137832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbus.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NdisImPlatform.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00125168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00124144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00123632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irda.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00120048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00119024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00116976 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_scsi.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspptp.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00113904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\EhStorTcgDrv.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00108784 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_sas.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00107760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sbp2port.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00106224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VerifierExt.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\parport.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00102640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00100080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Ndu.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00097008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\uaspstor.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00096496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00093936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rassstp.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00092400 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_sas2.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00091888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipfltdrv.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00086632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbkmcl.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00083696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00083184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspppoe.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00081648 _____ (Silicon Integrated Systems) C:\Windows\system32\Drivers\sisraid4.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00081136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\EhStorClass.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00081136 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_sss.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rspndr.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00078576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00077552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storahci.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serial.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00071920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fileinfo.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00068848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mslldp.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00067824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpci.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00066800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00066800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\GAGP30KX.SYS.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00065776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UAGP35.SYS.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00064752 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\HpSAMD.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00064240 _____ (Marvell Semiconductor, Inc.) C:\Windows\system32\Drivers\mvumis.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\SerCx.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00062568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhv.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00062496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\lltdio.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\SpbCx.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00057584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fsdepends.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00056560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdstor.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00056344 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00052464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcw.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00052464 _____ (IBM Corporation) C:\Windows\system32\Drivers\nfrd960.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00051952 _____ (LSI Corporation) C:\Windows\system32\Drivers\megasas.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\discache.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00049904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciidex.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00048368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umbus.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\watchdog.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\qwavedrv.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiscap.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidir.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00045808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00045296 _____ (Intel Corp./ICP vortex GmbH) C:\Windows\system32\Drivers\iirsp.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00045160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmstorfl.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wpcfltr.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00044784 _____ (Silicon Integrated Systems Corp.) C:\Windows\system32\Drivers\sisraid2.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\modem.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidi2c.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00037992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsc.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00037616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00036592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\terminpt.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00036592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00036080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\filetrace.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00034216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00034032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dumpata.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00033520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wimmount.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dmvsc.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00033024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbrpm.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00030960 _____ (Promise Technology, Inc.) C:\Windows\system32\Drivers\stexstor.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fdc.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdi.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tape.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00028400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpiowin32.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00027888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbatt.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00027008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wacompen.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00025328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00024816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HyperVideo.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\flpydisk.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifibus.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00023792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wd.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npsvctrig.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00023280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WppRecorder.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serenum.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00023040 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\Windows\system32\Drivers\secdrv.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ws2ifsl.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpbus.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fxppm.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00022256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00022144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VMBusHID.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mcd.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00021744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00021376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksthunk.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00020720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tbs.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smclib.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WpdUpFltr.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00019184 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viaide.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00018672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelide.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kdnic.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irenum.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00017648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmilib.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00017136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sfloppy.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasacd.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dmpusbstor.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MTConfig.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00014064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciide.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00013680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmgencounter.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umpass.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rootmdm.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hyperkbd.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00011008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mskssrv.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mshidumdf.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\errdev.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mshidkmdf.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mstee.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vms3cap.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspclock.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00006912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspqm.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\null.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys.bak
2013-12-30 12:13 - 2013-12-30 12:13 - 00001510 _____ C:\Users\Brown\Desktop\RKreport[0]_D_12302013_121353.txt
2013-12-30 12:13 - 2013-12-30 12:13 - 00001461 _____ C:\Users\Brown\Desktop\RKreport[0]_S_12302013_121349.txt
2013-12-30 12:13 - 2013-12-30 12:12 - 00055024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys.bak
2013-12-30 12:13 - 2013-12-30 12:12 - 00000000 ____D C:\Users\Brown\Desktop\RK_Quarantine
2013-12-30 12:12 - 2013-12-30 12:12 - 00562400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00561152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00539376 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bxvbda.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00492272 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adp94xx.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00424688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00361200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00340720 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpahci.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00336624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00258288 _____ (AMD Technologies Inc.) C:\Windows\system32\Drivers\amdsbs.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394ohci.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00190704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00184048 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpu320.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00108272 _____ (PMC-Sierra, Inc.) C:\Windows\system32\Drivers\arcsas.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00106736 _____ (LSI) C:\Windows\system32\Drivers\3ware.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00104688 _____ (PMC-Sierra, Inc.) C:\Windows\system32\Drivers\arc.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00077040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpiex.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00076016 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthmodem.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00063216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00061680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicDisplay.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\circlass.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CompositeBus.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\condrv.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00033520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\battc.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00031104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthAvrcpTg.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00029952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthhfHid.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\asyncmac.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00026352 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00025840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\atapi.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CmBatt.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BtaMPM.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpipmi.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpitime.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpipagr.sys.bak
2013-12-30 12:12 - 2013-12-30 12:12 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\beep.sys.bak
2013-12-30 12:11 - 2013-12-30 12:11 - 04406784 _____ C:\Users\Brown\Downloads\RogueKillerX64.exe
2013-12-30 12:11 - 2013-12-30 12:11 - 01931302 _____ (Farbar) C:\Users\Brown\Downloads\FRST64.exe
2013-12-30 12:10 - 2013-12-30 12:10 - 00000000 ____D C:\Users\Brown\AppData\Roaming\Macromedia
2013-12-30 12:09 - 2012-07-26 02:28 - 00803370 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-30 12:07 - 2013-12-30 12:07 - 00001435 _____ C:\Users\Brown\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-30 12:07 - 2013-12-30 12:07 - 00000000 ___RD C:\Users\Brown\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-30 12:07 - 2013-12-30 12:07 - 00000000 ___RD C:\Users\Brown\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-12-30 12:07 - 2013-12-30 12:07 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-30 12:07 - 2013-12-30 12:07 - 00000000 ____D C:\Users\Brown\AppData\Roaming\Adobe
2013-12-30 12:07 - 2013-12-30 12:06 - 00000000 ____D C:\Users\Brown\AppData\Local\Packages
2013-12-30 12:07 - 2013-12-30 12:06 - 00000000 ____D C:\Users\Brown
2013-12-30 12:07 - 2013-12-30 12:06 - 00000000 ____D C:\ProgramData\PRICache
2013-12-30 12:06 - 2013-12-30 12:06 - 00000020 ___SH C:\Users\Brown\ntuser.ini
2013-12-30 12:06 - 2013-12-30 12:06 - 00000000 ____D C:\Users\Brown\AppData\Local\VirtualStore
2013-12-30 12:06 - 2013-12-30 11:55 - 00000000 ____D C:\Windows\Panther
2013-12-30 12:06 - 2012-07-26 03:12 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2013-12-30 12:06 - 2012-07-26 03:12 - 00000000 ____D C:\Windows\WinStore
2013-12-30 12:05 - 2013-12-30 12:05 - 00001027 _____ C:\Windows\system32\netcfg-454250.txt
2013-12-30 12:05 - 2013-12-30 12:05 - 00000117 _____ C:\Windows\system32\netcfg-454203.txt
2013-12-30 12:05 - 2013-12-30 12:05 - 00000117 _____ C:\Windows\system32\netcfg-450968.txt
2013-12-30 12:05 - 2013-12-30 12:05 - 00000117 _____ C:\Windows\system32\netcfg-450437.txt
2013-12-30 12:05 - 2013-12-30 12:05 - 00000117 _____ C:\Windows\system32\netcfg-448031.txt
2013-12-30 11:58 - 2013-12-30 11:58 - 00000000 __SHD C:\Recovery
2013-12-30 11:58 - 2012-07-26 03:12 - 00000000 ____D C:\Windows\system32\Recovery
2013-12-30 11:58 - 2012-07-26 02:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-30 11:57 - 2012-07-26 03:13 - 00001720 _____ C:\Windows\DtcInstall.log
2013-12-30 11:57 - 2012-07-26 00:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-12-30 11:56 - 2013-12-30 11:56 - 00001136 _____ C:\Windows\system32\netcfg-49343.txt
2013-12-30 11:56 - 2013-12-30 11:56 - 00001135 _____ C:\Windows\system32\netcfg-38390.txt
2013-12-30 11:56 - 2013-12-30 11:56 - 00000197 _____ C:\Windows\system32\netcfg-52250.txt
2013-12-30 11:56 - 2013-12-30 11:56 - 00000185 _____ C:\Windows\system32\netcfg-38109.txt
2013-12-30 11:56 - 2013-12-30 11:56 - 00000164 _____ C:\Windows\system32\netcfg-32875.txt
2013-12-30 11:56 - 2013-12-30 11:56 - 00000161 _____ C:\Windows\system32\netcfg-35234.txt
2013-12-30 11:56 - 2013-12-30 11:56 - 00000160 _____ C:\Windows\system32\netcfg-34937.txt
2013-12-30 11:56 - 2013-12-30 11:56 - 00000160 _____ C:\Windows\system32\netcfg-33906.txt
2013-12-30 11:56 - 2013-12-30 11:56 - 00000160 _____ C:\Windows\system32\netcfg-31015.txt
2013-12-30 11:56 - 2013-12-30 11:56 - 00000159 _____ C:\Windows\system32\netcfg-33640.txt
2013-12-30 11:56 - 2013-12-30 11:56 - 00000157 _____ C:\Windows\system32\netcfg-34406.txt
2013-12-30 11:56 - 2013-12-30 11:56 - 00000157 _____ C:\Windows\system32\netcfg-33156.txt
2013-12-30 11:56 - 2013-12-30 11:56 - 00000150 _____ C:\Windows\system32\netcfg-33406.txt
2013-12-30 11:56 - 2012-07-26 02:21 - 00012936 _____ C:\Windows\setupact.log
2013-12-30 11:55 - 2013-12-30 11:55 - 00008192 __RSH C:\BOOTSECT.BAK
2013-12-30 11:55 - 2013-12-30 11:55 - 00000432 _____ C:\Windows\PFRO.log
2013-12-30 11:55 - 2012-07-26 03:13 - 00262144 _____ C:\Windows\system32\config\BCD-Template
2013-12-21 00:03 - 2013-12-21 00:03 - 00729088 _____ (Intel Corporation) C:\Windows\system32\MetroIntelGenericUIFramework.dll
2013-12-21 00:02 - 2013-12-30 12:15 - 00064000 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL
2013-12-21 00:02 - 2013-12-30 12:15 - 00060416 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.DLL
2013-12-21 00:02 - 2013-12-21 00:02 - 26002432 _____ (Intel Corporation) C:\Windows\system32\igdfcl64.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 20974592 _____ (Intel Corporation) C:\Windows\SysWOW64\igdfcl32.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 12297728 _____ (Intel Corporation) C:\Windows\system32\igd10iumd64.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 11673600 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10iumd32.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 10591744 _____ (Intel Corporation) C:\Windows\system32\igdumdim64.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 09870848 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdim32.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 09081856 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 07877120 _____ (Intel Corporation) C:\Windows\system32\ig7icd64.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 07596504 _____ (Intel Corporation) C:\Windows\system32\GfxUIEx.exe
2013-12-21 00:02 - 2013-12-21 00:02 - 06202368 _____ (Intel Corporation) C:\Windows\SysWOW64\ig7icd32.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 04471808 _____ (Intel Corporation) C:\Windows\system32\igdusc64.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 04216320 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2013-12-21 00:02 - 2013-12-21 00:02 - 03557376 _____ (Intel Corporation) C:\Windows\SysWOW64\igdusc32.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 03207680 _____ (Intel Corporation) C:\Windows\system32\igdrcl64.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 02882048 _____ (Intel Corporation) C:\Windows\SysWOW64\igdrcl32.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 02813952 _____ C:\Windows\system32\iglhxa64.cpa
2013-12-21 00:02 - 2013-12-21 00:02 - 02384896 _____ C:\Windows\system32\GfxRes.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 02065920 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 01815040 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 01127424 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 01123328 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00906200 _____ (Intel Corporation) C:\Windows\system32\igfxstarter.exe
2013-12-21 00:02 - 2013-12-21 00:02 - 00845272 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2013-12-21 00:02 - 2013-12-21 00:02 - 00771544 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2013-12-21 00:02 - 2013-12-21 00:02 - 00770520 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2013-12-21 00:02 - 2013-12-21 00:02 - 00755160 _____ (Intel Corporation) C:\Windows\system32\GfxUIHotKeyMenu.exe
2013-12-21 00:02 - 2013-12-21 00:02 - 00624640 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00548864 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00530904 _____ (Intel Corporation) C:\Windows\system32\DPTopologyApp.exe
2013-12-21 00:02 - 2013-12-21 00:02 - 00527872 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00527360 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00527360 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00527360 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00526848 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00526848 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00526336 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00526336 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00526336 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00525824 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00525824 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00525824 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00525824 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00525824 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00525312 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00525312 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00525312 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00524800 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00524800 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00524288 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00524288 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00523776 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00522240 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00521728 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00517632 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00516096 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00514048 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00513536 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00493056 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00397784 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2013-12-21 00:02 - 2013-12-21 00:02 - 00396760 _____ (Intel Corporation) C:\Windows\system32\CustomModeApp.exe
2013-12-21 00:02 - 2013-12-21 00:02 - 00391128 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2013-12-21 00:02 - 2013-12-21 00:02 - 00371200 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2013-12-21 00:02 - 2013-12-21 00:02 - 00347648 _____ C:\Windows\system32\igdmd64.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00346624 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00329216 _____ (Intel Corporation) C:\Windows\system32\igdbcl64.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00320512 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00290816 _____ (Intel Corporation) C:\Windows\SysWOW64\igdbcl32.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00280064 _____ C:\Windows\SysWOW64\igdmd32.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00279040 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2013-12-21 00:02 - 2013-12-21 00:02 - 00279000 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2013-12-21 00:02 - 2013-12-21 00:02 - 00267407 _____ C:\Windows\system32\Gfxres.th-TH.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00265216 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00253466 _____ C:\Windows\system32\Gfxres.el-GR.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00243712 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00235401 _____ C:\Windows\system32\Gfxres.ru-RU.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00224256 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00222208 _____ C:\Windows\system32\igdde64.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00214528 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00201128 _____ C:\Windows\system32\Gfxres.ar-SA.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00198725 _____ C:\Windows\system32\Gfxres.ja-JP.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00194560 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00192758 _____ C:\Windows\system32\Gfxres.he-IL.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00182784 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v3379.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00182272 _____ C:\Windows\SysWOW64\igdde32.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00180936 _____ C:\Windows\system32\Gfxres.ko-KR.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00180850 _____ C:\Windows\system32\Gfxres.it-IT.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00179712 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00178473 _____ C:\Windows\system32\Gfxres.es-ES.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00178290 _____ C:\Windows\system32\Gfxres.fr-FR.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00178123 _____ C:\Windows\system32\Gfxres.de-DE.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00176838 _____ C:\Windows\system32\Gfxres.ro-RO.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00175862 _____ C:\Windows\system32\Gfxres.hu-HU.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00175571 _____ C:\Windows\system32\Gfxres.tr-TR.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00175067 _____ C:\Windows\system32\Gfxres.nl-NL.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00174802 _____ C:\Windows\system32\Gfxres.pl-PL.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00174269 _____ C:\Windows\system32\Gfxres.pt-BR.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00173792 _____ C:\Windows\system32\Gfxres.fi-FI.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00173276 _____ C:\Windows\system32\Gfxres.sk-SK.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00173059 _____ C:\Windows\system32\Gfxres.sv-SE.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00172833 _____ C:\Windows\system32\Gfxres.pt-PT.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00172554 _____ C:\Windows\system32\Gfxres.cs-CZ.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00171691 _____ C:\Windows\system32\Gfxres.hr-HR.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00168215 _____ C:\Windows\system32\Gfxres.sl-SI.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00166833 _____ C:\Windows\system32\Gfxres.nb-NO.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00166220 _____ C:\Windows\system32\Gfxres.da-DK.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00163840 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00161534 _____ C:\Windows\system32\Gfxres.en-US.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00160256 _____ C:\Windows\system32\igdail64.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00155136 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00154805 _____ C:\Windows\system32\Gfxres.zh-TW.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00153048 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2013-12-21 00:02 - 2013-12-21 00:02 - 00152993 _____ C:\Windows\system32\Gfxres.zh-CN.resources
2013-12-21 00:02 - 2013-12-21 00:02 - 00142848 _____ C:\Windows\SysWOW64\igdail32.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00137728 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00133632 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00094208 _____ C:\Windows\system32\IccLibDll_x64.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00066560 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00064000 _____ (Khronos Group) C:\Windows\system32\Intel_OpenCL_ICD64.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00060416 _____ (Khronos Group) C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00044025 _____ C:\Windows\system32\iglhxo64.vp
2013-12-21 00:02 - 2013-12-21 00:02 - 00043816 _____ C:\Windows\system32\iglhxc64_dev.vp
2013-12-21 00:02 - 2013-12-21 00:02 - 00043494 _____ C:\Windows\system32\iglhxc64.vp
2013-12-21 00:02 - 2013-12-21 00:02 - 00043298 _____ C:\Windows\system32\iglhxg64_dev.vp
2013-12-21 00:02 - 2013-12-21 00:02 - 00043256 _____ C:\Windows\system32\iglhxg64.vp
2013-12-21 00:02 - 2013-12-21 00:02 - 00042079 _____ C:\Windows\system32\iglhxo64_dev.vp
2013-12-21 00:02 - 2013-12-21 00:02 - 00029696 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00025600 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00012288 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00002940 _____ C:\Windows\system32\iglhxs64.vp
2013-12-21 00:02 - 2013-12-21 00:02 - 00001125 _____ C:\Windows\system32\iglhxa64.vp

Some content of TEMP:
====================
C:\Users\Brown\AppData\Local\Temp\ntdll_dump.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-12-30 11:55

==================== End Of Log ============================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-12-2013 01
Ran by Brown at 2013-12-30 12:16:17
Running from C:\Users\Brown\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Intel® Processor Graphics (x32 Version: 10.18.10.3379 - Intel Corporation)

==================== Restore Points  =========================

==================== Hosts content: ==========================

2012-07-26 00:26 - 2012-07-26 00:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {AB96B97B-39C2-46A2-876A-EEB6AE199033} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup => C:\Windows\System32\Dism.exe [2012-07-25] (Microsoft Corporation)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F8E9F306-F34A-402E-A5B7-FB560F72E779} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup

==================== Loaded Modules (whitelisted) =============

==================== Safe Mode (whitelisted) ===================

==================== Faulty Device Manager Devices =============

Name: PCI Device
Description: PCI Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (12/30/2013 11:56:20 AM) (Source: Service Control Manager) (User: )
Description: The Network List Service service terminated with the following error:
%%21

Error: (12/30/2013 11:56:19 AM) (Source: Service Control Manager) (User: )
Description: The IP Helper service terminated with the following error:
%%1058

Error: (12/30/2013 11:55:54 AM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 35%
Total physical RAM: 3998.35 MB
Available physical RAM: 2596.23 MB
Total Pagefile: 7582.35 MB
Available Pagefile: 6063.12 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB

==================== Drives ================================

Drive c: (0) (Fixed) (Total:931.51 GB) (Free:915.7 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (HRM_CCSA_X64FRE_EN-US_DV5) (CDROM) (Total:3.34 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 70C2CEDC)
Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================



#9 nasdaq

nasdaq

  • Malware Response Team
  • 40,227 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:24 PM

Posted 30 December 2013 - 02:05 PM

Most of your Services are missing.

Try to run this tool. I'm not sure if it's ready for Windows 8

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


#10 zorch240

zorch240
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:06:24 PM

Posted 30 December 2013 - 02:14 PM

Farbar Service Scanner Version: 05-12-2013
Ran by Brown (administrator) on 30-12-2013 at 14:13:59
Running from "C:\Users\Brown\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z8Y4TH8U"
Microsoft Windows 8  (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Disabled Policy:
========================

Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============

Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll
[2012-07-25 19:07] - [2012-07-25 22:05] - 0331776 ____A (Microsoft Corporation) 6DBE7FE196F8E9D212DCC34EDDF7C3C1

C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-07-26 00:26] - [2012-07-26 00:26] - 2224880 ____A (Microsoft Corporation) AF6A8D27FCABFF85DDC1D4599582B4FE

C:\Windows\System32\dnsrslvr.dll
[2012-07-25 19:08] - [2012-07-25 22:05] - 0210432 ____A (Microsoft Corporation) 9ACE7E657107EB51E5E89FD883F2FD2D

C:\Windows\System32\mpssvc.dll
[2012-07-25 18:40] - [2012-07-25 22:06] - 0904704 ____A (Microsoft Corporation) 411EA973A1961C287927DF13891EB41E

C:\Windows\System32\bfe.dll
[2012-07-25 19:00] - [2012-07-25 22:05] - 0718848 ____A (Microsoft Corporation) 407F85D5387EDBB665A7969DF4D4712B

C:\Windows\System32\drivers\mpsdrv.sys
[2012-07-25 21:23] - [2012-07-25 21:23] - 0074752 ____A (Microsoft Corporation) 36BF4D86F166ACBC14F0B8B8F90CBCEA

C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll
[2012-07-25 18:34] - [2012-07-25 22:08] - 3318784 ____A (Microsoft Corporation) C80DB258C195ACBF86ED42B53554EB28

C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MsMpEng.exe => MD5 is legit
C:\Windows\System32\svchost.exe
[2012-07-25 19:00] - [2012-07-25 22:08] - 0030208 ____A (Microsoft Corporation) 57350BEDE3834915B6145B67C71C7BDA

C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****



#11 zorch240

zorch240
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:06:24 PM

Posted 30 December 2013 - 02:16 PM

I "just" did a clean install last night.This is "always" what happens....services are missing/hijacked right from the "get-go".I can't get rid of whatever  is causing it!



#12 nasdaq

nasdaq

  • Malware Response Team
  • 40,227 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:24 PM

Posted 31 December 2013 - 08:02 AM


Please Download and run this .bat file as an administrator.

http://www.bleepingcomputer.com/forums/index.php?app=core&module=attach&section=attach&attach_id=145094

This will extract your Services Registry key. You will find the file in the System Temporary folder under the name of bcserv.txt

Please attach the file, I will send it to Grinler to update Rkill if needed

Thank you for your support.
===

Please run these tools and post the logs for my review.

Read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • Double-click on TDSSKiller.exe to run the application.
    tdss1.png
  • Click Change parameters
    settings20121003115955.png
  • Check the boxes next to Verify Driver Digital Signature and Detect TDLFS file system, then click OK
    tdss3.png
  • Click on the Start Scan button to begin the scan and wait for it to finish.
    NOTE: Do not use the computer during the scan!
  • During the scan it will look similar to the image below:
    tdss4.jpg
  • When it finishes, you will either see a report that no threats were found like below:
    tdss5.jpg
    If no threats are found at this point, just click the Report selection on the top right of the form to generate a log. A log file report will pop which you can just close since the report file is already saved.
  • If any infection or suspected items are found, you will see a window similar to below:
    tdss7.jpg
    • If you have files that are shown to fail signature check do not take any action on these. Make sure you select Skip. I will tell you what to do with these later. They may not be issues at all.
    • If Suspicious objects are detected, the default action will be Skip. Leave the default set to Skip.
    • If Malicious objects are detected, they will show in the Scan results. TDSSKiller automatically selects an action (Cure or Delete) for malicious objects
    • Make sure that Cure is selected. Important! - If Cure is not available, please choose Skip instead. Do not choose Delete unless instructed to do so.
  • Click Continue to apply selected actions.
  • A reboot may be required to complete disinfection. A window like the below will appear:
    tdss6.jpg
    Reboot immediately if TDSSKiller states that one is needed.
  • Whether an infection is found or not, a log file should have already been created on your C: drive (or whatever drive you boot from) in the root folder named something like TDSSKiller.2.1.1_27.12.2009_14.17.04_log.txt which is based on the program version # and date and time run.
  • Paste the log to your next reply, DO NOT ATTACH IT.
===

Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) to your desktop. Double click the aswMBR.exe to run it.
  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please paste the contents of that log in your next reply.
There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.
===

Edited by nasdaq, 31 December 2013 - 08:29 AM.


#13 zorch240

zorch240
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:06:24 PM

Posted 31 December 2013 - 11:10 AM

11:07:26.0950 0x0ff4  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
11:07:30.0934 0x0ff4  ============================================================
11:07:30.0934 0x0ff4  Current date / time: 2013/12/31 11:07:30.0934
11:07:30.0934 0x0ff4  SystemInfo:
11:07:30.0934 0x0ff4 
11:07:30.0934 0x0ff4  OS Version: 6.2.9200 ServicePack: 0.0
11:07:30.0934 0x0ff4  Product type: Workstation
11:07:30.0934 0x0ff4  ComputerName: FAMILY
11:07:30.0934 0x0ff4  UserName: Family-PC
11:07:30.0934 0x0ff4  Windows directory: C:\Windows
11:07:30.0934 0x0ff4  System windows directory: C:\Windows
11:07:30.0934 0x0ff4  Running under WOW64
11:07:30.0934 0x0ff4  Processor architecture: Intel x64
11:07:30.0934 0x0ff4  Number of processors: 2
11:07:30.0934 0x0ff4  Page size: 0x1000
11:07:30.0934 0x0ff4  Boot type: Normal boot
11:07:30.0934 0x0ff4  ============================================================
11:07:31.0903 0x0ff4  KLMD registered as C:\Windows\system32\drivers\58618702.sys
11:07:32.0044 0x0ff4  System UUID: {6331BE61-3C99-9777-AEBA-C055908FEFD5}
11:07:32.0903 0x0ff4  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:07:32.0919 0x0ff4  ============================================================
11:07:32.0919 0x0ff4  \Device\Harddisk0\DR0:
11:07:32.0919 0x0ff4  MBR partitions:
11:07:32.0919 0x0ff4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAF000
11:07:32.0919 0x0ff4  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xAF800, BlocksNum 0x74656800
11:07:32.0919 0x0ff4  ============================================================
11:07:32.0919 0x0ff4  C: <-> \Device\Harddisk0\DR0\Partition2
11:07:32.0919 0x0ff4  ============================================================
11:07:32.0919 0x0ff4  Initialize success
11:07:32.0919 0x0ff4  ============================================================
11:07:39.0779 0x0bd8  ============================================================
11:07:39.0779 0x0bd8  Scan started
11:07:39.0779 0x0bd8  Mode: Manual; SigCheck; TDLFS;
11:07:39.0779 0x0bd8  ============================================================
11:07:39.0779 0x0bd8  KSN ping started
11:07:42.0169 0x0bd8  KSN ping finished: true
11:07:42.0404 0x0bd8  ================ Scan system memory ========================
11:07:42.0404 0x0bd8  System memory - ok
11:07:42.0404 0x0bd8  ================ Scan services =============================
11:07:42.0544 0x0bd8  [ E890C46E4754F0DF51BAFCC8D2E07498, E620D03030F3B65442E0A5CB8B59016A6E8DB3BCA52741977B8897B34438E902 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
11:07:42.0591 0x0bd8  1394ohci - ok
11:07:42.0607 0x0bd8  [ 4F18D4C7EA14F11A7211F60D553C03DB, 09AB6D2D8E9B7B6D6A97708551C0E4B34538947A15EA2A69C11764D7BC0BB7F6 ] 3ware           C:\Windows\system32\drivers\3ware.sys
11:07:42.0622 0x0bd8  3ware - ok
11:07:42.0638 0x0bd8  [ A3BDA4D1186C8F47FA1BC8E91F197537, 9E0D9E5DD562E0D28874F272929736A8669903D755A7D214DCE7385CB34DD3A6 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:07:42.0654 0x0bd8  ACPI - ok
11:07:42.0669 0x0bd8  [ DC968C37822117E576B933F34A2D130C, 4C94E00ADC242296D7CBBFC7346D5F9AE5FE1B0C616ECA3BDE10A7B34FD2040B ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
11:07:42.0669 0x0bd8  acpiex - ok
11:07:42.0685 0x0bd8  [ 0CA9F7C3A78227C21A0A7854E245CFB2, D54147C9C1EE2F0098B863B0852E027DB89D6FA67F6B7FD54F609D9715A11442 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
11:07:42.0685 0x0bd8  acpipagr - ok
11:07:42.0685 0x0bd8  [ 8EB8DA03B142D3DD1EB9ED8107A76C43, 24B9B24F9A5BDF3AAD13C4EE0638497D9CA4A100096C6EAE403E0215EA89C439 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
11:07:42.0701 0x0bd8  AcpiPmi - ok
11:07:42.0701 0x0bd8  [ CBCE725C5D86ABA7D2604E22951AA9B8, DE0440F0E943F057EBCD01DB4B1E12DBC241FBF03C42021306D322AB88FF8F21 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
11:07:42.0716 0x0bd8  acpitime - ok
11:07:42.0732 0x0bd8  [ 93C6388592B99925C1D1576E465BC80F, 4C48BE5471DA4788357D71E90DFEA20FE320C7AAE1F4C55AFBE2E46FEA5CF8FB ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
11:07:42.0747 0x0bd8  adp94xx - ok
11:07:42.0763 0x0bd8  [ D27763E0247292654E7F7D16444C7C72, 0314C713D31E2B34F215B52F804F014D876E6ED92DC656CC3E27920CCD36CF0E ] adpahci         C:\Windows\system32\drivers\adpahci.sys
11:07:42.0779 0x0bd8  adpahci - ok
11:07:42.0779 0x0bd8  [ 67B90070FF48F794AF19F9FCF0080D75, 5D0D352606D58D2CA0814F38EF7B1774C030BE44353DF5910CBFAAF4FDE64ED6 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
11:07:42.0794 0x0bd8  adpu320 - ok
11:07:42.0810 0x0bd8  [ AB34A3211A1D2AB977DE00CD7BC5A464, B893D957718BB56E10CAFE5F393AAC62FC541B391539B06D6C684AEB37B685F1 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:07:42.0826 0x0bd8  AeLookupSvc - ok
11:07:42.0857 0x0bd8  [ 9E975BDC89C83900B2C534C4E1B018F8, 5413577284FDD7840915CC29C3DD78E514F0E6227384636695CF8B46FAA541DC ] AFD             C:\Windows\system32\drivers\afd.sys
11:07:42.0872 0x0bd8  AFD - ok
11:07:42.0872 0x0bd8  [ 01590377A5AB19E792528C628A2A68F9, F3A4B6CA4E8D4436E44E36D7F7EEF3DC861D1EE50D41F4273226C4ED95674B84 ] agp440          C:\Windows\system32\drivers\agp440.sys
11:07:42.0888 0x0bd8  agp440 - ok
11:07:42.0888 0x0bd8  [ D1BE8E6E5B3AF23A4393AF1BF867977A, B3AE97D35A9304198715D76F6C3F0545AA176FDEBA6C2055782558B11DFA14EB ] ALG             C:\Windows\System32\alg.exe
11:07:42.0904 0x0bd8  ALG - ok
11:07:42.0935 0x0bd8  [ 025E8C755BE293E50854D26D1BBE5133, 4373639689306A3D8FE0F862072711BAD5DBAA45E105CD3129586439A90EE070 ] AllUserInstallAgent C:\Windows\system32\AUInstallAgent.dll
11:07:42.0951 0x0bd8  AllUserInstallAgent - ok
11:07:42.0966 0x0bd8  [ FB88D16B55F788EEB7590584FE2D8F1A, 96DDFF3D0139FC268E43C5CB2F1455BC1EAD99883453933B4B639166AAB0ED38 ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
11:07:42.0966 0x0bd8  AmdK8 - ok
11:07:42.0982 0x0bd8  [ 81402FF3373CE4DF77D5C874E369A985, 83F2091A6D97314CD3216176365ABD1D0FB74686BA457022712DE8F355AD1D90 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
11:07:42.0982 0x0bd8  AmdPPM - ok
11:07:42.0997 0x0bd8  [ 35A0EB5AECB0FA3C41A2FB514A562304, 737783ABF348288471AC7051D4DC6CB336D686C94EC7B8938DCA74AFE9BECB1C ] amdsata         C:\Windows\system32\drivers\amdsata.sys
11:07:42.0997 0x0bd8  amdsata - ok
11:07:43.0013 0x0bd8  [ 00452671904F5EE94B50BF0219C97164, 99F9B86D3DB3E10B014120A63CD43CBAAB22C8E38851090ABE37D89ABD61F7B6 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
11:07:43.0029 0x0bd8  amdsbs - ok
11:07:43.0029 0x0bd8  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7, DC0B8B798720F5F75F8AFD3383CF69194282AEEE84DCACB97382F4C86E1D3E49 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
11:07:43.0029 0x0bd8  amdxata - ok
11:07:43.0044 0x0bd8  [ 83B3682CE922FB0F415734B26D9D6233, 9102E8B410BB1AE426770896B6AB584D1F02830337FBB2DEC182F3F19832F35F ] AppID           C:\Windows\system32\drivers\appid.sys
11:07:43.0060 0x0bd8  AppID - ok
11:07:43.0076 0x0bd8  [ CE2BEAD7F31816FF0AC490D048C969F9, 7D24C5A9E8F7C21CC6D8BF2CA29A8B79DDE7EEDE2F37D36B9071ECE1CF61371F ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:07:43.0091 0x0bd8  AppIDSvc - ok
11:07:43.0091 0x0bd8  [ D64C4AFEE8277F35EF729A2B924666B0, 543AA2B2CD09820437646CFE01AFDBA6B764AA588E663759DEB93CB4F25E09D7 ] Appinfo         C:\Windows\System32\appinfo.dll
11:07:43.0122 0x0bd8  Appinfo - ok
11:07:43.0122 0x0bd8  [ E933401B392387F4BE34DE8BAF1722A7, 57CC6DE31E2C82D2B12509F0A5EC9EC70DD2EF6A1F31A66ADF62DC6AE0A67323 ] arc             C:\Windows\system32\drivers\arc.sys
11:07:43.0122 0x0bd8  arc - ok
11:07:43.0138 0x0bd8  [ 07CA323EF2E8247A568AB0F3662AD644, 1224B41193F0E9B164732BA5BF707A13427C82C1D8C3EDC2AAE5C5C75454B9F6 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
11:07:43.0138 0x0bd8  arcsas - ok
11:07:43.0154 0x0bd8  [ 74DBAEC35366C4EE7670428808715A6A, 3B3A7A81CD8038C4750560B94A9247C4409410780B312BA71EDF2E393DCA7474 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:07:43.0154 0x0bd8  AsyncMac - ok
11:07:43.0154 0x0bd8  [ A721FF570C2387E383BDDEA9632863C9, 45DD7787F44A2C742560FEB03AB66910C2F0002D95BB02C55EEDE973AA92AD24 ] atapi           C:\Windows\system32\drivers\atapi.sys
11:07:43.0169 0x0bd8  atapi - ok
11:07:43.0169 0x0bd8  [ 81C712A88D62B7B30AE961BBE2B88547, 9702D6449E5D8FDECCDBB0DCA8656DC35FE0946FC50D4ACAB0BB9521BF1A0F39 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
11:07:43.0185 0x0bd8  AudioEndpointBuilder - ok
11:07:43.0216 0x0bd8  [ 19F399667D97F9C144AC1FA74D2D881B, BD08A0CAB7F38F2CB8A6DD803E3C510DB70F230E51C738AF9ADBB6D0244DDEEA ] Audiosrv        C:\Windows\System32\Audiosrv.dll
11:07:43.0247 0x0bd8  Audiosrv - ok
11:07:43.0263 0x0bd8  [ 89491EF71D5EA011127832C588002853, 05620E4235956D8446FB9604F930738C8AA97E3A74C907E37F7CC08B8EDA0461 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:07:43.0263 0x0bd8  AxInstSV - ok
11:07:43.0294 0x0bd8  [ 45C6EC94DE3D466B4B452EA0E3870321, 2C32648B91B9824579309D64C899ADEF626E10E75EE66EE95C22CBE71ED1864D ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
11:07:43.0310 0x0bd8  b06bdrv - ok
11:07:43.0310 0x0bd8  [ 81703BC5D68DEDBB086C2368FBE7B334, CFD4A55C8045C482F8D410514F3211AEFA00097AB395F5A04BFE983ED6254F6B ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
11:07:43.0310 0x0bd8  BasicDisplay - ok
11:07:43.0326 0x0bd8  [ 5EC68164E14D25675C98BBB5F09E8606, 1D7EDB21C87039FC5F39F46460AD852BC4EC6B179B1C205D189DD3C397343435 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
11:07:43.0326 0x0bd8  BasicRender - ok
11:07:43.0341 0x0bd8  [ 5BEC02F0A82187227E7457F4600DDFDA, 1B3C25D91F324FB21493C904BFA6D60DB8CB7D49A083E54CA9FFC4F3EDAE3CF4 ] BDESVC          C:\Windows\System32\bdesvc.dll
11:07:43.0357 0x0bd8  BDESVC - ok
11:07:43.0357 0x0bd8  [ 9E7AEA59776D904607985AFFE7E5E183, C3DB745A9F4DA7CB9628A7913DD52B2444B14FEB9D588FF6558CF52CEB8955EB ] Beep            C:\Windows\system32\drivers\Beep.sys
11:07:43.0372 0x0bd8  Beep - ok
11:07:43.0388 0x0bd8  [ 407F85D5387EDBB665A7969DF4D4712B, 56E103CDCDFB07E54ABF7F7AD898E7E989B0D9CD73352E6AB89D7AE52AA46C9D ] BFE             C:\Windows\System32\bfe.dll
11:07:43.0419 0x0bd8  BFE - ok
11:07:43.0451 0x0bd8  [ D598C44A7072D3108D8D8102EC5E07F7, D7472E9BAAB7B6E1D30F4E153412E2A16EE5C08DE2BF8BFF4D65089825226FE0 ] BITS            C:\Windows\System32\qmgr.dll
11:07:43.0482 0x0bd8  BITS - ok
11:07:43.0497 0x0bd8  [ B17AC10B47C7FCB44D22A1F06415840E, 990D6F629D93F4F913D218ACE5187A26DCB762BAFB2BB279CCE8CAF2755D85A5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:07:43.0497 0x0bd8  bowser - ok
11:07:43.0529 0x0bd8  [ 88F6F0E54F37F99FE7D5513B7623E444, 082EA9C16DA118D76A12B439013EE2C7559E3EA220043D52314BC785BE04FB60 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
11:07:43.0544 0x0bd8  BrokerInfrastructure - ok
11:07:43.0544 0x0bd8  [ 310068BDA80B1D55C36580FD8A873FAF, A75412FF1F483461F526E9A359DCEECA5E683441514464D5ED82D1A9740D583E ] Browser         C:\Windows\System32\browser.dll
11:07:43.0576 0x0bd8  Browser - ok
11:07:43.0576 0x0bd8  [ 351075A2ADDF86F5C4BA10CA27E8973D, 1DFE7C40102B0C458E0EB09C37FA4F80A5CE40C02E27AA4DABD0E2770FF9BA09 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
11:07:43.0591 0x0bd8  BthAvrcpTg - ok
11:07:43.0591 0x0bd8  [ 616EB8748C988AEE98D93DA141C3D3B4, 15A055B0496BDB29CBCF6EEBF112D4BA1C7A2FF39124728830D0FD1FD7A404CB ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
11:07:43.0607 0x0bd8  BthHFEnum - ok
11:07:43.0622 0x0bd8  [ 531D83EA26C5FFAA79F0A1DC3B0698CF, 9E1CADFB80C13AF9B58E0077ABF4144ECBFE8DFC0EB7D35AD86200E0C45476ED ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
11:07:43.0638 0x0bd8  bthhfhid - ok
11:07:43.0638 0x0bd8  [ 033916CE8784A848B9A3D686B7F66D97, B4D0514D59646CF6B70D4FA488CF95C38EA38CC5C509329CC8753E897C640AFA ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
11:07:43.0654 0x0bd8  BTHMODEM - ok
11:07:43.0669 0x0bd8  [ A4387C3D271959313E2577DB7BE8BA7A, C71474802102102EBE04DF036EEB2F5FB3380BE288E3842F19F234EFAE977D70 ] bthserv         C:\Windows\system32\bthserv.dll
11:07:43.0669 0x0bd8  bthserv - ok
11:07:43.0685 0x0bd8  [ 990B1BABE6E81FB18E65A87EBEFB1772, 1820D4AC57E1D4B7FB5AA89C277B16910ED73712878D2B43FE542CE16DFE16C3 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:07:43.0685 0x0bd8  cdfs - ok
11:07:43.0701 0x0bd8  [ 339BFF85D788268752DA8C9644B188EE, C2279F1A39AED39865A5027D2FD087F8E82F3ED8C94BA4D922855B98E792AFC5 ] cdrom           C:\Windows\System32\drivers\cdrom.sys
11:07:43.0716 0x0bd8  cdrom - ok
11:07:43.0716 0x0bd8  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] CertPropSvc     C:\Windows\System32\certprop.dll
11:07:43.0732 0x0bd8  CertPropSvc - ok
11:07:43.0747 0x0bd8  [ F64B7D1A37CC1D5F421D5359EEC81E2E, 2B4879DD32B2C20B94847755E22B1BCBE2B567B3989C57A9BA2DD783307EFFDB ] circlass        C:\Windows\System32\drivers\circlass.sys
11:07:43.0747 0x0bd8  circlass - ok
11:07:43.0779 0x0bd8  [ 9905168708DB68849B879B5548F68AB3, B7A495E57B9398704988DC472126CBC5B8D76761A34F51732FBF6CC88E3AB79A ] CLFS            C:\Windows\system32\drivers\CLFS.sys
11:07:43.0779 0x0bd8  CLFS - ok
11:07:43.0794 0x0bd8  [ 2DC8538A2260647484A6C921CA837313, 094059DD66B0C50A1CAE288F920107B0B6AD1AA5758284E35B92C131EDEA30EA ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
11:07:43.0810 0x0bd8  CmBatt - ok
11:07:43.0841 0x0bd8  [ 1894FD2D5966A81D3B07A7C4D8724D59, 18DCE6DF0DE39DFD1358A1E061AD97099699CE430BCB906AFB7F51277681461D ] CNG             C:\Windows\system32\Drivers\cng.sys
11:07:43.0857 0x0bd8  CNG - ok
11:07:43.0857 0x0bd8  [ 0E5B1E9E7122EDAAF1F6CE047965CA92, 803E585B92D1E2E5B6BF67BE511E88DC2629A12407C3E30F7AEFB544D390A9B8 ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
11:07:43.0872 0x0bd8  CompositeBus - ok
11:07:43.0872 0x0bd8  COMSysApp - ok
11:07:43.0888 0x0bd8  [ D9CB0782AF819548072AA45B70F8B22D, 04796F39ABB88759A534DE3D0C51F684BF2A8DE1F4028B657CCFDBDD39A6618C ] condrv          C:\Windows\system32\drivers\condrv.sys
11:07:43.0888 0x0bd8  condrv - ok
11:07:43.0951 0x0bd8  [ F0E78B119D12BA81F163D48C0FF30B9A, 9622A2F36F03A33E7D145C439BD62D5AEFD53064D60BCC787555D1AF8CB936A9 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:07:43.0951 0x0bd8  CryptSvc - ok
11:07:43.0966 0x0bd8  [ E8A676D196E9A4DED7A6C74DEA90FA4E, AC48196E330B0C15D611EDAC444E6BD18E3A021A5467CB6178B43634181AFD95 ] dam             C:\Windows\system32\drivers\dam.sys
11:07:43.0966 0x0bd8  dam - ok
11:07:43.0997 0x0bd8  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:07:44.0029 0x0bd8  DcomLaunch - ok
11:07:44.0044 0x0bd8  [ C8650D1F61149AA546BDBC99172EBBC1, D9592ED1B6F23B6EC76A0B93635B6E38702311B0A6982F0F9DEC37FCDAF1288B ] defragsvc       C:\Windows\System32\defragsvc.dll
11:07:44.0076 0x0bd8  defragsvc - ok
11:07:44.0091 0x0bd8  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16, ADAC7FD6AC12B50F4998C5EB0BD770DD4B80A94C4CC1B9376AD77648E48D012D ] DeviceAssociationService C:\Windows\system32\das.dll
11:07:44.0122 0x0bd8  DeviceAssociationService - ok
11:07:44.0138 0x0bd8  [ D7A3877D9E126E21925DA873677C1D65, 466FAB854A6F4C8B5D2B398C46131AF6683B20AB9157C5243B03E62FB35DDD74 ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
11:07:44.0169 0x0bd8  DeviceInstall - ok
11:07:44.0169 0x0bd8  [ 09D9EB9E7898F8E6561473A20CC808B9, 0F511593D36084843E5138AF6D55FE08D77803968AE12A236A02368DB364347E ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
11:07:44.0169 0x0bd8  Dfsc - ok
11:07:44.0201 0x0bd8  [ 6DBE7FE196F8E9D212DCC34EDDF7C3C1, 3E1D63E2237476C2CB500B8B68565A43A639DBE187B79EC69D25C0B32F3494FA ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:07:44.0201 0x0bd8  Dhcp - ok
11:07:44.0216 0x0bd8  [ 3C736FAE17BA6F91BA37594AAB139CD0, 34304A194105B19E7ADD80108DC85C3B7AA9E942C84A7EF93C475CE1D9AE4615 ] discache        C:\Windows\system32\drivers\discache.sys
11:07:44.0216 0x0bd8  discache - ok
11:07:44.0232 0x0bd8  [ 560495FF4CA22E1D9B1972FA18F43B6F, 41FFDD4C1097AA857A8177E34F101A1A9C1429A4E8DEC3D395C6135A9E112CD6 ] disk            C:\Windows\system32\drivers\disk.sys
11:07:44.0232 0x0bd8  disk - ok
11:07:44.0247 0x0bd8  [ 82A7C72593793FE1EADA7A305BD1567A, 75F432E4C75AE9EFF553BD860B3B250853BDDA85C17DBD9B7242D74593506A86 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
11:07:44.0247 0x0bd8  dmvsc - ok
11:07:44.0263 0x0bd8  [ 9ACE7E657107EB51E5E89FD883F2FD2D, B52505BE805E992D74A7EE0D22185ACFE56DAB6D6707B5905A20AB21CB1431B8 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:07:44.0279 0x0bd8  Dnscache - ok
11:07:44.0279 0x0bd8  [ 9949AD2ABA168A618D46C799D6CC898C, DFAC86A0AEE83C9EFE1BEE9EC15C8CAF1D619D55AF3ACC3986057A5AC985D06A ] dot3svc         C:\Windows\System32\dot3svc.dll
11:07:44.0310 0x0bd8  dot3svc - ok
11:07:44.0326 0x0bd8  [ 109FC3F80BF4F4DC5A071058074F13C1, F30736F45BA1811D59E9CB1C172D8D1EA9F5A7D36DCFFBFC9E7E02448C1CF851 ] DPS             C:\Windows\system32\dps.dll
11:07:44.0341 0x0bd8  DPS - ok
11:07:44.0372 0x0bd8  [ 013C53A30F896F00C563FD53E695AEF4, 4FAF209124DE323110D516A6DD629B61139B259DBE297F36DE4814C4C4BAA105 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:07:44.0372 0x0bd8  drmkaud - ok
11:07:44.0404 0x0bd8  [ BF48F32EE248C3D371DA5DC93BBEADA7, C8E9B685A8F2F99140382557F11E362D899E7EC6693ADEFE762F0A3850585C63 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
11:07:44.0419 0x0bd8  DsmSvc - ok
11:07:44.0451 0x0bd8  [ C58425E4F1E115BB271FBF3FC348AB11, 76F77BD8F7895AD728FB785DBC20C6A9D653CAD0C19C896F9AE795F81AAFACEC ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:07:44.0482 0x0bd8  DXGKrnl - ok
11:07:44.0497 0x0bd8  [ 58BA473DD88F5FC1932282BA683AA03E, B8A4407D3006D91BE88F9C5389AC1CACC73BEBF6F66433A1E5EB8E58E8836C12 ] Eaphost         C:\Windows\System32\eapsvc.dll
11:07:44.0513 0x0bd8  Eaphost - ok
11:07:44.0591 0x0bd8  [ C815C4FAE6A816DFB58975F3D0396692, BCFB286137163C4760367F0056688D18168407CA5ED9DED95179F967FCC035DE ] ebdrv           C:\Windows\system32\drivers\evbda.sys
11:07:44.0654 0x0bd8  ebdrv - ok
11:07:44.0669 0x0bd8  [ 6E0E63801FBEF27995107B8269BCFAAD, FE3FA6B369527613D64860984BE02C8CEAD1174A7E8428E3DA9B95761BA46513 ] EFS             C:\Windows\System32\lsass.exe
11:07:44.0685 0x0bd8  EFS - ok
11:07:44.0685 0x0bd8  [ 66D60BD9A4C05616ABECA2A901475098, 8111550DB03FFD72F1822F47B16F075DA92874B64F19342D7CF60B0EE648AFEF ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
11:07:44.0701 0x0bd8  EhStorClass - ok
11:07:44.0701 0x0bd8  [ A61D0F543024E458C0FE32352E1978E2, BDE6BC140300EAF790F16466C28897CE0BD7D94DCED13FDE20AA4AACA0F6A4FD ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
11:07:44.0716 0x0bd8  EhStorTcgDrv - ok
11:07:44.0716 0x0bd8  [ D790D058D67582DB9C84C2D33695FE6B, A5763D7F6D191EA4B290B3E92D842AC36FD46DF598472E70B46E45D8CCD2F912 ] ErrDev          C:\Windows\System32\drivers\errdev.sys
11:07:44.0716 0x0bd8  ErrDev - ok
11:07:44.0748 0x0bd8  [ F9E01C2D9F8BC049E04CF5DC24A5F638, CB6CCB59C77D4A59DDA846608AABEF1DFEC24C8422712AB8D59E27C13D731D2E ] EventSystem     C:\Windows\system32\es.dll
11:07:44.0763 0x0bd8  EventSystem - ok
11:07:44.0779 0x0bd8  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03, 6B0146A4C9AD32DCDC2DEE8E8C5A29F687665458486449E0D37B151ED63B8ADC ] exfat           C:\Windows\system32\drivers\exfat.sys
11:07:44.0794 0x0bd8  exfat - ok
11:07:44.0810 0x0bd8  [ 60996602A7111FD2D086E803F33E4282, E62A91C90F8542990BEA4E6A5D9DD3D070F4EB23B4C13414C5DA2B0219509749 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:07:44.0810 0x0bd8  fastfat - ok
11:07:44.0841 0x0bd8  [ F0E7F8382ED5E138B0DFA4CB5058BCFE, 6247C7B75F975F5AB080FFB9881EF58A6F360219F7AF2DE871F38E80CAF3B62C ] Fax             C:\Windows\system32\fxssvc.exe
11:07:44.0857 0x0bd8  Fax - ok
11:07:44.0857 0x0bd8  [ 73B2D11DF0B6E03A0CB0323218ACB3E4, BA9256919BAA2E0760F6A658B557FDC389ACE8F9820D1A41FD995FC5613F5AA6 ] fdc             C:\Windows\System32\drivers\fdc.sys
11:07:44.0873 0x0bd8  fdc - ok
11:07:44.0888 0x0bd8  [ 0828E3E7BD77C89149EAD3232BFD38DB, A6A296647A4EDBFF59124E3A9C0AB48759AA1738615ACFA5A454FF6BD3C31BA2 ] fdPHost         C:\Windows\system32\fdPHost.dll
11:07:44.0904 0x0bd8  fdPHost - ok
11:07:44.0904 0x0bd8  [ 872506AAB591E8908DF4461475AF92DF, 772F2D08CB95775E438822B9EA005CBA92ED4071ADAB2C0101156A7D037D4704 ] FDResPub        C:\Windows\system32\fdrespub.dll
11:07:44.0919 0x0bd8  FDResPub - ok
11:07:44.0935 0x0bd8  [ DFC2156EEC9E0CBC4F8311983567E3AA, E816BB69DC2D64A8D9F831300957F235E00A7BACB2419AC004053DAE3032A801 ] fhsvc           C:\Windows\system32\fhsvc.dll
11:07:44.0951 0x0bd8  fhsvc - ok
11:07:44.0966 0x0bd8  [ 88A9EBACD1058ABB237A6B4E96E7F397, 263D25D33B679EB01D97763701347C31B2F72E28CE2C7EC8013EA77756D98BE1 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:07:44.0966 0x0bd8  FileInfo - ok
11:07:44.0966 0x0bd8  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02, 1D7BFB00D74A28AC13ECBA1E0036D50EE79266AC02CEDB2632466BF9DD46F211 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:07:44.0998 0x0bd8  Filetrace - ok
11:07:44.0998 0x0bd8  [ B1D4C168FF7B8579E3745888658FFB1D, 1A5C13E902A0C788A8B995ADD2FBC3303005911C0AA3F3F4497D3016AA0EF583 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
11:07:44.0998 0x0bd8  flpydisk - ok
11:07:45.0013 0x0bd8  [ B33EC133AE4E6C1881D2302D93D2467D, 77E3A16257EA3698B3FCD947D004144E8D1EEE48EF5C82DF49B1B9B2B3C61DB2 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:07:45.0029 0x0bd8  FltMgr - ok
11:07:45.0060 0x0bd8  [ 305CB1E16576F436BC8797E629A3D46D, E3644AE3FA8F755D306D9C4177262CEC451B33731074508B139F3F86AC1B5AE6 ] FontCache       C:\Windows\system32\FntCache.dll
11:07:45.0107 0x0bd8  FontCache - ok
11:07:45.0123 0x0bd8  [ A5F7873A39E4E9FAAAE59B7E9E36B705, 32036109F5A50E9F3BEF97C5B28AE8179B3A5E22517868A83CADE4671FF90DEC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
11:07:45.0123 0x0bd8  FsDepends - ok
11:07:45.0123 0x0bd8  [ A6DD7D491F587F4BC13FB972977DC8E8, B86F97F17F6F443EC16DEF67CCA4EF78AFE56078D2877838A982FECB19557C87 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:07:45.0138 0x0bd8  Fs_Rec - ok
11:07:45.0154 0x0bd8  [ 79E687A2829B9EBDF488F78260651094, 205F2FA215DC40A08E08F261F3474883FFF7B27F8ECB5DF6467A1C5903608373 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:07:45.0169 0x0bd8  fvevol - ok
11:07:45.0169 0x0bd8  [ 3EF3FCCC0E70EEC5C2AD996F32BBA642, AC452FD68519DD1EFC971D223CBB3702F38146CB4203E2F6A4302EE3F76144EB ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
11:07:45.0185 0x0bd8  FxPPM - ok
11:07:45.0185 0x0bd8  [ 52BC441E07A827EBAB70CDC7EAEDB28D, 8DECBD8E12EA52039742599CFBBF0D3B6610B57EF8D9DAEEEA33D202A478D286 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
11:07:45.0185 0x0bd8  gagp30kx - ok
11:07:45.0216 0x0bd8  [ 721F8EEF5E9747F32670DEFF7FB92541, E0A8EF70753E260C2C7D93D316B5EF9589DB086FDF829BDA2958C6A09CE471A6 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
11:07:45.0232 0x0bd8  gencounter - ok
11:07:45.0232 0x0bd8  [ A1F17108F3ED752D2614D767792327C5, A4FDFD827C2044A2585918789206F6EC2092DBF99531F8FE0B255CF8B21AF27A ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
11:07:45.0248 0x0bd8  GPIOClx0101 - ok
11:07:45.0294 0x0bd8  [ 5358678C6370F2ADC5291849F6503262, 841633D7A936C3889690C67E189BAD4C6B294C196FFFE5B564FCECDFE46A9E52 ] gpsvc           C:\Windows\System32\gpsvc.dll
11:07:45.0326 0x0bd8  gpsvc - ok
11:07:45.0373 0x0bd8  [ 9FC1F11D4D19F61DFE5CC878B4557D3A, 17A0EC253D04FBD25C2113FD96FBF9D822E8295623C1B1DDA712FB102D42E956 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:07:45.0388 0x0bd8  HdAudAddService - ok
11:07:45.0388 0x0bd8  [ 8D6810577E9C4F56DCB8E9BACAC7287B, A3E1FDBD368BFA315B1D1E947B6B58C240CA9E2652581E1ED1C6F5F33292BD54 ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
11:07:45.0419 0x0bd8  HDAudBus - ok
11:07:45.0419 0x0bd8  [ 3F76BBA53D65E85A7F53E7A71082082C, D1E18815BB19CD11007C4A66162C76F55D4FE6B09B34ED45969C7ECC29D394AD ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
11:07:45.0419 0x0bd8  HidBatt - ok
11:07:45.0435 0x0bd8  [ A25BAE8C1F2830C8E5625EC7E4E968BE, 81D441B6616094C604453D8EC289C29D9B84A323B5C7C312C96C8380D51538DA ] HidBth          C:\Windows\System32\drivers\hidbth.sys
11:07:45.0451 0x0bd8  HidBth - ok
11:07:45.0466 0x0bd8  [ AC0526C4E3A7954F750B8F8D95EFB340, BE5180F60761F513B3CD5FC395BB8BCF6EAB6D7A910E0C824FFBEC128285F7A7 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
11:07:45.0482 0x0bd8  hidi2c - ok
11:07:45.0482 0x0bd8  [ DC96F7DACB777CDEAEF9958A50BFDA06, 7CE79F32D5EE65C0178CFF56523825D3EE01095B2CE8C67634A6604A821A9086 ] HidIr           C:\Windows\System32\drivers\hidir.sys
11:07:45.0498 0x0bd8  HidIr - ok
11:07:45.0529 0x0bd8  [ FAC37D7B3D6354A5A5E19A45B50B4008, 2962B552A1DA545DFDEF0886582E82596FE8A3A19AAF989B025AFDA84D16D4EC ] hidserv         C:\Windows\system32\hidserv.dll
11:07:45.0529 0x0bd8  hidserv - ok
11:07:45.0529 0x0bd8  [ 590B6F71BCDA4368B4BF7D8DF22B60F7, 5CED8ACCBBF373607A8CEC81E9F9856C450A73A969E07DF3218B85F444CA7D3F ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
11:07:45.0544 0x0bd8  HidUsb - ok
11:07:45.0560 0x0bd8  [ 43F884B61A24377567CD0FEB35236334, B3BA36B527C8D6D83DE2FBCD8D503B87FD2611BF15B07A7BC138DC8BAE6A50C1 ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:07:45.0576 0x0bd8  hkmsvc - ok
11:07:45.0591 0x0bd8  [ 6CC1AD7B0E071C317B7FB8FC6AEF0EDA, 2A907E87E491F76B75F13CD921962EA4D1FF4C705E393F8FA3F48EC701E668F5 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:07:45.0607 0x0bd8  HomeGroupListener - ok
11:07:45.0638 0x0bd8  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E, B965DCC72625188F3B896CB447B7696F22687266EAFC5AA270E2AD53DD9F324D ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:07:45.0654 0x0bd8  HomeGroupProvider - ok
11:07:45.0669 0x0bd8  [ 64DB7A8D97CA53DCCF93D0A1E08342CF, 02CAB7F28D3830C482683425C60044239C6F1562556688A274CA2C237C846E76 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:07:45.0669 0x0bd8  HpSAMD - ok
11:07:45.0701 0x0bd8  [ 47DBBF38E00C3F7404B71F6509241EF1, CBB3B3F46F702605DD47F12C318984937D7E8384C0A6B62556A6961F74305292 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:07:45.0716 0x0bd8  HTTP - ok
11:07:45.0716 0x0bd8  [ 2A98301068801700906C06649860FE94, 664394A52326289DCA0828B0041A105653F4FEF3E3DCCC3787AAE0F6FDC73A14 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:07:45.0732 0x0bd8  hwpolicy - ok
11:07:45.0732 0x0bd8  [ DC76901D82097C9E297F20C287CB9A27, 01A412D0D8A65050BE4250A7C4B9F98A4C43FD891827761E0C830369A5F9F09C ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
11:07:45.0748 0x0bd8  hyperkbd - ok
11:07:45.0748 0x0bd8  [ 716413AB3CA12DE0A7222D28C1C9352C, B82B586BD9DBD70DDA19A02504E8CB00DA53677703AB848B53387601C5BAD3D3 ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
11:07:45.0763 0x0bd8  HyperVideo - ok
11:07:45.0779 0x0bd8  [ C9E9CBF73AFFBFE3E801EFB516787BA3, 1A850D614BDA6AA4195CC657702BC6242BA51B90131717743182AA160F65E72C ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
11:07:45.0794 0x0bd8  i8042prt - ok
11:07:45.0794 0x0bd8  [ 5E394EBD26FD68AA9300332C46BEDD62, 56A5DA7CE08C07B519E55D0A46AA9D10B640349808EFE02B3278267B75B5F603 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
11:07:45.0810 0x0bd8  iaStorV - ok
11:07:46.0123 0x0bd8  [ E5272DDF2C9043411809171715B4633D, B98E6565E7EA912E32746E1D35AD29C2EB9F3A21ACA8CB145C9F503B66AF0AFB ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
11:07:46.0388 0x0bd8  igfx - ok
11:07:46.0419 0x0bd8  [ 24847A06B84339FEEDE5CABF3D27D320, 7727B1DAD0D4A1D474FBBEFCEBDF36A1F07D1AA300869AE57A24ED91BF84B6B4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
11:07:46.0419 0x0bd8  iirsp - ok
11:07:46.0451 0x0bd8  [ 45EACE8D94B9CEC746A85154892C4FDC, F2507F1AA4C5D54EC8151B44CD033B231C708B57761432E5EDEE6219122301C2 ] IKEEXT          C:\Windows\System32\ikeext.dll
11:07:46.0498 0x0bd8  IKEEXT - ok
11:07:46.0498 0x0bd8  [ 4F37726CF764CA18A8A84F85EF3A7F24, 6212B23917526E127CE641A11A58DA93651FFE70829C4079FE465DBDC81CF470 ] intelide        C:\Windows\system32\drivers\intelide.sys
11:07:46.0498 0x0bd8  intelide - ok
11:07:46.0513 0x0bd8  [ F9E126AA767E2E6E3128434A43C9F713, 1BF023083158DB1D76E89C77D383C082F1CA19F00C8FC3B0C30A93263A32BCEA ] intelppm        C:\Windows\System32\drivers\intelppm.sys
11:07:46.0513 0x0bd8  intelppm - ok
11:07:46.0529 0x0bd8  [ 8FCA66234A0933D796BB780B7953BAB9, 7DD677F5EE09A8D7A75C9E475B5E6B3DCA49D1E846C7D160B839D7029B1C5B6D ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:07:46.0529 0x0bd8  IpFilterDriver - ok
11:07:46.0560 0x0bd8  [ CAC5202757EF68C4849B0DFFA75F6D3C, D68EDCED68DB7755AA8BE5EC2784C124888BA4ED33B3E366FD83C3E64E42B770 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:07:46.0591 0x0bd8  iphlpsvc - ok
11:07:46.0607 0x0bd8  [ 6E98A046A12AA113F8898AA5D612BD6E, 28816CC1F03F2BFBF099C087C0BB6949E959F44C888DD2D0528FF7ED5D665ECF ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
11:07:46.0623 0x0bd8  IPMIDRV - ok
11:07:46.0623 0x0bd8  [ 3969B9C218DD3FAA9F4ED2FFC3651C02, 93447F124CC55FB17055126432194153E1BB8F0FD95A47608494B6834A5F7089 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
11:07:46.0638 0x0bd8  IPNAT - ok
11:07:46.0638 0x0bd8  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C, 4099BAA2DB4ADB93B878D71E241B7D9EB7E0EE7ED0FE2450CCB9E4718B3726EB ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:07:46.0654 0x0bd8  IRENUM - ok
11:07:46.0654 0x0bd8  [ D940C5BB9DC92E588533C19ABCC3D2C2, D1442854CEDE86F2C187A35851E74C873D34B772C60BC118FA1577F79C03364D ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:07:46.0654 0x0bd8  isapnp - ok
11:07:46.0685 0x0bd8  [ F5F0DE1B7F256997501EECECE9648108, F9B602EA6B278980A299BB7A393ED09388761DE56162AC998398AB95B5A4EC3E ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
11:07:46.0701 0x0bd8  iScsiPrt - ok
11:07:46.0701 0x0bd8  [ 8FBD94B69D6423E20ABCD59D86368B21, 218EF992095E365EC917413749856A64D55D8129D77098E24D670843233377F4 ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
11:07:46.0701 0x0bd8  kbdclass - ok
11:07:46.0701 0x0bd8  [ E88C932ABDF8185A62C8F2FC7B051FB6, 67F9AF58237A11F0BF3D15AA5B32E5CE66B7AA039B999D938F7F6E63DCEA7A6E ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
11:07:46.0716 0x0bd8  kbdhid - ok
11:07:46.0716 0x0bd8  [ FB6C185092E18011EF49989425C2AA87, 043524409E0A764201DD221C48B7DEEA0D161945EB37D4B88313BAB2299949DF ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
11:07:46.0732 0x0bd8  kdnic - ok
11:07:46.0732 0x0bd8  [ 6E0E63801FBEF27995107B8269BCFAAD, FE3FA6B369527613D64860984BE02C8CEAD1174A7E8428E3DA9B95761BA46513 ] KeyIso          C:\Windows\system32\lsass.exe
11:07:46.0748 0x0bd8  KeyIso - ok
11:07:46.0748 0x0bd8  [ A4751040DB14E30E61A4E47481C77274, 860B6B5892B9C876EAC85395E4520D29AAD8E350B8B30F3914FFEF671FDEDE68 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:07:46.0763 0x0bd8  KSecDD - ok
11:07:46.0763 0x0bd8  [ E427D299CFE267A2465D3AAF81440ED9, 78F2649FDFF78C358E4FF8EB9772F726A23457658C1CCEABA4D4DEF6927A0423 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
11:07:46.0779 0x0bd8  KSecPkg - ok
11:07:46.0779 0x0bd8  [ 81492FEEBF2F26455B00EE8DBAE8A1B0, E33AA2DFB2D3BB30B02CDADA2EC290F86329DA3198327A653F39A843D86390B9 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
11:07:46.0794 0x0bd8  ksthunk - ok
11:07:46.0826 0x0bd8  [ 5825DBACEDC3812B5CF8D40B997BF210, 1C2997BCC707C1029B21876E093038CE3BBF6E6694B4CCF7EEDD47172ED9A541 ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:07:46.0841 0x0bd8  KtmRm - ok
11:07:46.0857 0x0bd8  [ 256EE31588257E8A555DBFAA13F1908E, B6817F632EDEA483E35BF26846DCDD4E95E860620959179B2A5D8AD7EEDDB126 ] LanmanServer    C:\Windows\system32\srvsvc.dll
11:07:46.0888 0x0bd8  LanmanServer - ok
11:07:46.0919 0x0bd8  [ 16650912BE5A94B40E0B3B4C39652B56, 908C2C9367AE0AC9AECB5D91514BB33ACD746D99F19C1A8DD6A9550E9CAD9E00 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:07:46.0919 0x0bd8  LanmanWorkstation - ok
11:07:46.0951 0x0bd8  [ CEEFD29FC551F289810B0B9381B321DC, 900F206B487B2190D9363F28AA4BA0CD7DCFE1D005BE05A48AF74B1B81194691 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:07:46.0966 0x0bd8  lltdio - ok
11:07:46.0982 0x0bd8  [ BCF53485E0A94722CDE3C4A93CD8EB8C, D24E1066EB102245A89A5D17D608DB9DF6B71C99F1C77E070B95EFD17D268141 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:07:47.0013 0x0bd8  lltdsvc - ok
11:07:47.0013 0x0bd8  [ 5A2F7F1CBC2E631A497DAD16164E06D2, 35274FC6C386380B01B5E8F467E71A2C4E2FB2AD701554F9B1A9B036B0340142 ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:07:47.0029 0x0bd8  lmhosts - ok
11:07:47.0044 0x0bd8  [ 022CDD12161B063D7852B1075BF3FFF2, E21267243AF2FC208D27E67827B1264A762C99AECEDB7AD2C48A04F421A6B2F0 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
11:07:47.0044 0x0bd8  LSI_SAS - ok
11:07:47.0044 0x0bd8  [ 07AD59D669B996F29F91817F0ECFA34F, 026F332F862D142BFFC9D169CCD17A35BFB6B301EEC72AA13E16369B3520919C ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
11:07:47.0060 0x0bd8  LSI_SAS2 - ok
11:07:47.0060 0x0bd8  [ 216FB796AA4E252ACCE93B1BCB80B5EC, 5B1E49B5F7B9C7A778198D27F8EE500FE35DC32D40B22A3D6ED67560BEB04212 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
11:07:47.0076 0x0bd8  LSI_SCSI - ok
11:07:47.0076 0x0bd8  [ 5E80530AF37102488EE980B4A92AF99F, 364E18EAD9AC22F8A306B24C6C43E58224F6BE2744EFEAA2484696B8D9880851 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
11:07:47.0091 0x0bd8  LSI_SSS - ok
11:07:47.0123 0x0bd8  [ 8FEFDCEE40B75FD23B4BC60DA6576113, 1C3B690B00D95F6A4DB9225A42B1E5BF5A586785A3E097A9D46D35D580490924 ] LSM             C:\Windows\System32\lsm.dll
11:07:47.0154 0x0bd8  LSM - ok
11:07:47.0170 0x0bd8  [ 2BDC5D711FA61307CE6190D47C956368, 6BCDC6CBB9783F1ABE8957BDA94AF977DFB2A310BB6D19085EFC8609C97FD180 ] luafv           C:\Windows\system32\drivers\luafv.sys
11:07:47.0185 0x0bd8  luafv - ok
11:07:47.0185 0x0bd8  [ 9B0D829C3BE4E7472DB9DD2B79908E3C, ACED5806FFF39E84007B5A3DCB16315329DC53007F46B1BEEDC391CC659F7DD3 ] megasas         C:\Windows\system32\drivers\megasas.sys
11:07:47.0201 0x0bd8  megasas - ok
11:07:47.0201 0x0bd8  [ ECC3F54C7AFC318271C4F0B4606D8DB0, FD1ACB18B8C912C7A57DABCD5460800DD0721A82E09C8D79C47B3392D61CBEA6 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
11:07:47.0216 0x0bd8  MegaSR - ok
11:07:47.0232 0x0bd8  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\System32\drivers\HECIx64.sys
11:07:47.0248 0x0bd8  MEIx64 - ok
11:07:47.0263 0x0bd8  [ DBD28A7997CF7303E610989C565C9B29, 4BCB9920357DDDC9433EA73B683FAAE15572EC0346ED45F61B19EC503F5A9FED ] MMCSS           C:\Windows\system32\mmcss.dll
11:07:47.0279 0x0bd8  MMCSS - ok
11:07:47.0279 0x0bd8  [ 780098AD5DA8A4822E2563984C85EF7B, 29312970774E944B5ED388316CF3D350DCABF721F9695737B0AC56BE878B0446 ] Modem           C:\Windows\system32\drivers\modem.sys
11:07:47.0295 0x0bd8  Modem - ok
11:07:47.0310 0x0bd8  [ 83EB0BF7E6EBD5B1AAC97F9DBD5EB935, CC3F4E09F8834C7293B607446FECFE3CBB9B9151E65AAD38E2A4A8B30244DE14 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
11:07:47.0326 0x0bd8  monitor - ok
11:07:47.0326 0x0bd8  [ 618446B98C79776654340CE27C73485E, EFE7169FDD545933B5949DA2D09266971C0C3E6894E7BD8AFE29E41567C72B16 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
11:07:47.0341 0x0bd8  mouclass - ok
11:07:47.0341 0x0bd8  [ CB2527B8B87D83E56FBF3944BBB6F606, F8DA5AF97B91099C58E14D1DACBCA02AF8F193E53A88DDC8CC4C0655A2E4F90B ] mouhid          C:\Windows\System32\drivers\mouhid.sys
11:07:47.0341 0x0bd8  mouhid - ok
11:07:47.0357 0x0bd8  [ 89D263DBF08119CE16273991C120D6DD, 9771EDAD266F0E234E71DFB6792F396710E051F2ADCA5CDADEBBD2790D0E6054 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:07:47.0357 0x0bd8  mountmgr - ok
11:07:47.0373 0x0bd8  [ 36BF4D86F166ACBC14F0B8B8F90CBCEA, 9127DB0ABCCF57DEEB6447EEE33C5F4724472763DB1941D6FA74C745512D0DA2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:07:47.0388 0x0bd8  mpsdrv - ok
11:07:47.0420 0x0bd8  [ 411EA973A1961C287927DF13891EB41E, 1DA42631346FF8B43443A4DCE838AEB3C7166FBB272FC47740B09A1A1CE5CCBC ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:07:47.0451 0x0bd8  MpsSvc - ok
11:07:47.0451 0x0bd8  [ 3D70147F55F1EC84EB9139ED7FFE48BC, 12429C2FDDDA13815F0E18F9009011AA5360955759A23A38175543F480CB92EF ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:07:47.0466 0x0bd8  MRxDAV - ok
11:07:47.0482 0x0bd8  [ 1EEAA5A62E8C49DDF58798F06F78BFFA, D5F37463EC4E4E5F538DCB4B98BFE1415A7CCFA9641BED0621B5BCEBEA91E184 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:07:47.0482 0x0bd8  mrxsmb - ok
11:07:47.0498 0x0bd8  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3, C665B7896501D42C73955F4EAF4FA3C6B2C9286957D6023C235AFBF9BFB761C6 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:07:47.0513 0x0bd8  mrxsmb10 - ok
11:07:47.0513 0x0bd8  [ BFBE1EA55ECC15733933D429E384BCA4, 01B2C5B5D92E8F33F5F86A372AE0AFF22779E70377B0C904BEFD0998906DD8B7 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:07:47.0529 0x0bd8  mrxsmb20 - ok
11:07:47.0545 0x0bd8  [ 98487487D6B3797CA927E9D7B030AE13, 05840AF0DD2E3CB596DA768DBD0728B52210EC05B55AB5921E697AD8956938DD ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
11:07:47.0560 0x0bd8  MsBridge - ok
11:07:47.0576 0x0bd8  [ 4A07458EB4F17573BD39F22029A991C1, 74D7A1882EA4D19B8F090C2813489E5D3F759BF4AF2D88AE852EC6510C405B5E ] MSDTC           C:\Windows\System32\msdtc.exe
11:07:47.0576 0x0bd8  MSDTC - ok
11:07:47.0591 0x0bd8  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2, ECCA22985838A914EDC866C491DEB64B9FF5110EFA9BEE541F634AC5EC3081F9 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:07:47.0591 0x0bd8  Msfs - ok
11:07:47.0591 0x0bd8  [ 62435ABF8D6199659D451DFBC94E773C, DF9A0F9EF950BDCCC685CAA97B639DFF99A8B55DC53E8EE14CE98B9987C912AD ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
11:07:47.0607 0x0bd8  msgpiowin32 - ok
11:07:47.0607 0x0bd8  [ D3857A767B91A061B408CCAB02DA4F40, A4D780772086AD8717EE6DC2B6189F796939FB5E5AA08FD9D1984101998FBECF ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
11:07:47.0623 0x0bd8  mshidkmdf - ok
11:07:47.0623 0x0bd8  [ 839B48910FB1E887635C48F3EC11A05E, F8CFD99911500CC1B6A90C8E2A1697BD5A6E5776A62A62FE5B342FE204C936B1 ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
11:07:47.0623 0x0bd8  mshidumdf - ok
11:07:47.0623 0x0bd8  [ 55C0DB741E3AB7463242B185B1C2997C, D2E2A5B48A64EA0EC2A6566C08E65A38D11CEA64BCA7B57793BA0D009E4D974A ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:07:47.0638 0x0bd8  msisadrv - ok
11:07:47.0654 0x0bd8  [ 216C6B035A4BA5560E1255BD8E5BB89F, A14E038604B9A5506DB145A4D9F51E2751AC825240D2744924F39C332B5DE00B ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:07:47.0670 0x0bd8  MSiSCSI - ok
11:07:47.0670 0x0bd8  msiserver - ok
11:07:47.0685 0x0bd8  [ 509809566E49F4411055864EA8D437CD, 70F37BF9C759E8BCA1C6AC8FB9805950925E1C648ED37E8561A0F7A407DFDC28 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:07:47.0685 0x0bd8  MSKSSRV - ok
11:07:47.0701 0x0bd8  [ 63145201D6458E4958E572E7D6FC2604, EDD4A8A3BBE94B983554B1117734E66A2647B867269C5F0567C47EDE6F3FACCB ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
11:07:47.0701 0x0bd8  MsLldp - ok
11:07:47.0716 0x0bd8  [ 99D526E803DB6D7FF290FD98B6204641, 4AFAA3B1186621AEAD19E12D3DBE104DD8FCD5C106F9EC3ADA4AD1BC7093E61F ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:07:47.0748 0x0bd8  MSPCLOCK - ok
11:07:47.0748 0x0bd8  [ 06FA77C3E2A491ADCD704C5E73006269, 465A7EE5387E6C11398A554F73437278F5BF110356E7F49F315905C1F2459278 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:07:47.0748 0x0bd8  MSPQM - ok
11:07:47.0763 0x0bd8  [ E134EC4DE11CF78CB01432D180710D84, BB111F97AEEFDCA5866B157E9957599CD7A4952B5BCCA0B0BCA9EDFCD17E61FE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:07:47.0779 0x0bd8  MsRPC - ok
11:07:47.0779 0x0bd8  [ B5AECF12F09DEE97C9FCAA5BA016CE1E, F5305C4CE6C93A3A3481BD13BE0C23FE26571E11029ACFFE75FB78913681FCFC ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
11:07:47.0795 0x0bd8  mssmbios - ok
11:07:47.0795 0x0bd8  [ 72D66A05E0F99F2528F6C6204FD22AA1, B14D433BC5795F1DC4C672302285E665DC012693E75574F60664AAD8874DE562 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:07:47.0810 0x0bd8  MSTEE - ok
11:07:47.0810 0x0bd8  [ 8AAAE399FC255FA105D4158CBA289001, 2F55C02605B4A3406B289FF9D46C76260B9138E3DE96AFAEA0E0522E5A2A746C ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
11:07:47.0826 0x0bd8  MTConfig - ok
11:07:47.0841 0x0bd8  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A, 00D33A4AB3E7C5F65F59C63F8E2FD27EF38D5484595F785D5632E9414E29352C ] Mup             C:\Windows\system32\Drivers\mup.sys
11:07:47.0841 0x0bd8  Mup - ok
11:07:47.0857 0x0bd8  [ 3A1E095277BBD406CEA8EA6B76950664, 47838F307A6354E77C19A7B1F3F3E22726EF60403B611F358AD6FFE81D7214E7 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
11:07:47.0857 0x0bd8  mvumis - ok
11:07:47.0888 0x0bd8  [ 4B18840511D720BA118D3017E8165875, 724458A69269A5AE57E8DAB74FF3C198A79B6F7A9602BF38A70B4A40543ED167 ] napagent        C:\Windows\system32\qagentRT.dll
11:07:47.0920 0x0bd8  napagent - ok
11:07:47.0935 0x0bd8  [ 43D7388A90A4C6EA346A4D6FF0377479, DFDCFA448B49C8A577056070AF516F08CD2E452706A3CF9173195ABA4256F35D ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:07:47.0951 0x0bd8  NativeWifiP - ok
11:07:47.0966 0x0bd8  [ 6A0C3996DA7DAE6D6939676D786EEEC4, 6E8A4C6234FD3040BC889E92016A4D5AC7BCAF5059521E50C733966163A546A0 ] NcaSvc          C:\Windows\System32\ncasvc.dll
11:07:47.0982 0x0bd8  NcaSvc - ok
11:07:47.0982 0x0bd8  [ C982FE4CC91DECE2259F494FCEB4030F, 4C285407E6F9FBBA92180F4063AEFB736ED142D802F0151002F0CC20AB7BB4E5 ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
11:07:47.0982 0x0bd8  NcdAutoSetup - ok
11:07:48.0013 0x0bd8  [ EAB473DFB958489D3145FE4DD5F5E77B, CD3594370E6540CA2C92A42B6CAB9A31F073EC907406F8E3334A15FCA097623D ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:07:48.0045 0x0bd8  NDIS - ok
11:07:48.0060 0x0bd8  [ 39C8A1D9D46F5E83A016BCAB72455284, 80DBED610E0818C2C7122FBC5BC8C15BCE981538AE48DC48F464A86389AF3F68 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
11:07:48.0060 0x0bd8  NdisCap - ok
11:07:48.0060 0x0bd8  [ 762941932B7E4C588E48A577BA9D6440, 71FA1870E398CB848D8294FEF6C60E0499CAB9A16EC3F487564C41072590E4F3 ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
11:07:48.0076 0x0bd8  NdisImPlatform - ok
11:07:48.0076 0x0bd8  [ 8757D4A9701F9F4B59978839F46C32A7, E3703D8C5A7A6EF18EEB3F89E7D6D72B7733BC018922043E37DD5B6D50F51323 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:07:48.0091 0x0bd8  NdisTapi - ok
11:07:48.0091 0x0bd8  [ 79AB68BB3FFF974AD4F41FA559F4EC67, 1745EC6520B48E325C56D98A1F4DB9CE135FE3E097B3D66E6598791132CAD7BD ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:07:48.0107 0x0bd8  Ndisuio - ok
11:07:48.0107 0x0bd8  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:07:48.0123 0x0bd8  NdisWan - ok
11:07:48.0123 0x0bd8  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NDISWANLEGACY   C:\Windows\system32\DRIVERS\ndiswan.sys
11:07:48.0138 0x0bd8  NDISWANLEGACY - ok
11:07:48.0138 0x0bd8  [ FC891984160AAD8D3F047888C6BF1467, 86634150D4806E5EDF9C234C72F596443FF2AE333B6F557760694CDB7092D87D ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:07:48.0154 0x0bd8  NDProxy - ok
11:07:48.0154 0x0bd8  [ D3F60A4345FCA9C1BE68AD7D0D6DE770, 214AF09F4B021C2F8655FBC8AC8C801E89CD9115CDE690FAEBDA69D63D660EDD ] Ndu             C:\Windows\system32\drivers\Ndu.sys
11:07:48.0170 0x0bd8  Ndu - ok
11:07:48.0185 0x0bd8  [ 7C203A76394F9AE68F69EEE5F9612C4A, 2222654915913BDC9367A2075714906A10CF22C047A7494CD59CB71834ED1B62 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:07:48.0201 0x0bd8  NetBIOS - ok
11:07:48.0201 0x0bd8  [ 7CEC25C682D319D484630B3952C31A11, 025C46B367E0570E9E3F9DF1564C3E47B1524E9E9A180BBDF0E9C684838F5E42 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
11:07:48.0216 0x0bd8  NetBT - ok
11:07:48.0232 0x0bd8  [ 6E0E63801FBEF27995107B8269BCFAAD, FE3FA6B369527613D64860984BE02C8CEAD1174A7E8428E3DA9B95761BA46513 ] Netlogon        C:\Windows\system32\lsass.exe
11:07:48.0232 0x0bd8  Netlogon - ok
11:07:48.0248 0x0bd8  [ 89519D29CBEC2121CA65CC29C4D345E0, F3BA7BCAFEC8DD8B29837458D1B2B1DEE748AEAAAE0575FD3AAE65CFC72A04CD ] Netman          C:\Windows\System32\netman.dll
11:07:48.0263 0x0bd8  Netman - ok
11:07:48.0279 0x0bd8  [ 20F6FD63E6D456114BC8056D62792786, 12EDB8DD4D647F8CF680ABD1A36704EE9BEBE5F65C821E6D76F798441AF2C199 ] netprofm        C:\Windows\System32\netprofmsvc.dll
11:07:48.0295 0x0bd8  netprofm - ok
11:07:48.0420 0x0bd8  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:07:48.0435 0x0bd8  NetTcpPortSharing - ok
11:07:48.0451 0x0bd8  [ 12DD2800E4EEA37DC9AE256AD62423B4, 34740469EEA8740CBACD881CB232C9ABB9AB180DE5F45336BC6DBE154259F29B ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
11:07:48.0466 0x0bd8  nfrd960 - ok
11:07:48.0482 0x0bd8  [ 05B42A91867DA3FF71C59747DC785996, 6B3AF85DF5B454BB1D13D46C9EB12B6751395873E50CFF97EDDE5E550012E750 ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:07:48.0498 0x0bd8  NlaSvc - ok
11:07:48.0498 0x0bd8  [ 17E19A742FB30C002F8B43575451DBE1, 59D226A4A5B5281C399BE96C694915E38EEAF335D31F346B0C65D8F469D7C9C3 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:07:48.0513 0x0bd8  Npfs - ok
11:07:48.0513 0x0bd8  [ 8ED299C30792544264E558BEA79F0947, 8A03FDA9AADB79ECBCBCDC988B7D8CF0672689C9DF673A2ECFE0D2D88A9C6A6B ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
11:07:48.0529 0x0bd8  npsvctrig - ok
11:07:48.0529 0x0bd8  [ 832B5FDF0B5577713FD7F2465FCD0ACE, 4A551CDBACED47DD781EC59F8B59A13D66EFD85DCF636BCFCBACFE5972A78E93 ] nsi             C:\Windows\system32\nsisvc.dll
11:07:48.0545 0x0bd8  nsi - ok
11:07:48.0545 0x0bd8  [ 689B3B1E95C70ABF7AFF29F9406EF1E0, 8B62D8AE53E1B3218158FADC0075682AB06D18998CF5DE82C920A9CD91C0652F ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:07:48.0545 0x0bd8  nsiproxy - ok
11:07:48.0607 0x0bd8  [ 4A7EEA9C4AD5CBFDA3C0E5B821C99CAD, 4F9872ACF27D9C7D52256CAB09AEEC760402B69088789018D0736F16236C1FE3 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:07:48.0654 0x0bd8  Ntfs - ok
11:07:48.0654 0x0bd8  [ 4163ADE07DB51843AE31F65B94F5398D, 4349E7EF1EE1E71E1F436BA42F5B58871D82B987D513BA2D6E1CEB8A21BD1B20 ] Null            C:\Windows\system32\drivers\Null.sys
11:07:48.0670 0x0bd8  Null - ok
11:07:48.0685 0x0bd8  [ D6D34118263412D3AAA8348A9572B7F2, 66106A25BC5A4CA7697A23ED67CEDB5C0BF678EA70FD967A405D2DF76F4CA3A4 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:07:48.0685 0x0bd8  nvraid - ok
11:07:48.0701 0x0bd8  [ 27AFC428D1D32ABD04A86763A4EDDEA9, 0920866013A8C8CFEE00E6AECDD41736F5501C49837E2D785998734F087F6B98 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:07:48.0701 0x0bd8  nvstor - ok
11:07:48.0716 0x0bd8  [ 051CFB5107BAAE510419BDC41F8C4036, 9990906F17A3886EF301D2AA6556263B52A1C0554C6BD18331AF44ECECAEE4B5 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:07:48.0716 0x0bd8  nv_agp - ok
11:07:48.0748 0x0bd8  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:07:48.0763 0x0bd8  p2pimsvc - ok
11:07:48.0763 0x0bd8  [ 4319FD931DCD796435ECB5DB4A04FBA5, 20185B2F359EEC202B37019A4E4F5B914ADCF78B97AF0CBD91EECED2259FC6DE ] p2psvc          C:\Windows\system32\p2psvc.dll
11:07:48.0795 0x0bd8  p2psvc - ok
11:07:48.0795 0x0bd8  [ 4563DAF8C6A740AD7F501E219BD10766, 7A1212DDAE2D66A9C2041262796904E36036CDC4C5B75C2F66B8DF9D89F7C25D ] Parport         C:\Windows\System32\drivers\parport.sys
11:07:48.0795 0x0bd8  Parport - ok
11:07:48.0810 0x0bd8  [ C1D7BA7F0DE487DFEEB51BF8D3EC5562, 72F38D6C6FD1ED6E1BC47B781A06FFBE29C99A70382D38759B53A184F61B6643 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:07:48.0810 0x0bd8  partmgr - ok
11:07:48.0826 0x0bd8  [ 19E41F140A6ADBD38943710DA7FF0E38, AF9FDBEB0E519B7EA034C76077E514FE27138204E9874F4DDEA0B1CB26A45BA0 ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:07:48.0857 0x0bd8  PcaSvc - ok
11:07:48.0857 0x0bd8  [ 4A003E8F718C1E6A2050CA98CD53E3E2, BCC3BE1EC3FA4967353371D85094D096940A7B5944A6FFCA31E8FBE83D92CC6C ] pci             C:\Windows\system32\drivers\pci.sys
11:07:48.0873 0x0bd8  pci - ok
11:07:48.0873 0x0bd8  [ F9908D274D458220F91E89B54D78D837, 1E89ABFA6B375383E0297CEE5AF66E37F90E16DD21ABA5C91777A86CDF013B4D ] pciide          C:\Windows\system32\drivers\pciide.sys
11:07:48.0873 0x0bd8  pciide - ok
11:07:48.0888 0x0bd8  [ 84D19CB6102627932DCB5DFDF89FE269, 2F9C47E076645B35877D9ACA77968EFFCDA8794D76265CD9A4AAA239C4B33C5F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
11:07:48.0904 0x0bd8  pcmcia - ok
11:07:48.0920 0x0bd8  [ CEBBAD5391C2644560C55628A40BFD27, 8AAA6EBD8D89FC91AECCCF1452F53C5650A1A17027FF4E64D224371404CE4C8B ] pcw             C:\Windows\system32\drivers\pcw.sys
11:07:48.0920 0x0bd8  pcw - ok
11:07:48.0920 0x0bd8  [ 674B0AAFB88A04D313B032C623F6AC9A, CD0908531FCAB1B54D83121652667058548E013B68AF784DC309F5F4E20C177C ] pdc             C:\Windows\system32\drivers\pdc.sys
11:07:48.0935 0x0bd8  pdc - ok
11:07:48.0982 0x0bd8  [ 70DBB6A8B52B3830922F1C5789E1BEEB, 30288885789753FE19B51A200137E916E10BCD4211EFF50931C19E88824EADC0 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:07:48.0998 0x0bd8  PEAUTH - ok
11:07:49.0154 0x0bd8  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A, 459CF99D5243C4ACAA38C7B426ADC52F1044C759D06A925D475DF6213AEB85CD ] PerfHost        C:\Windows\SysWow64\perfhost.exe
11:07:49.0170 0x0bd8  PerfHost - ok
11:07:49.0216 0x0bd8  [ 6E84BFF58F7643499277F29DFA2F8C8D, 401CCF137F35D9690C7B56B2BFEDB2DB72709EBE38626D787904B67640EF6F14 ] pla             C:\Windows\system32\pla.dll
11:07:49.0263 0x0bd8  pla - ok
11:07:49.0295 0x0bd8  [ D7A3877D9E126E21925DA873677C1D65, 466FAB854A6F4C8B5D2B398C46131AF6683B20AB9157C5243B03E62FB35DDD74 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:07:49.0295 0x0bd8  PlugPlay - ok
11:07:49.0310 0x0bd8  [ 8E2414E818C26C4A9C70CB2B8567F04F, A16B22AE143BA070C562FBE5DEF32F7E228F50B302B66E46B46C44C0F50A4461 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
11:07:49.0326 0x0bd8  PNRPAutoReg - ok
11:07:49.0341 0x0bd8  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
11:07:49.0341 0x0bd8  PNRPsvc - ok
11:07:49.0357 0x0bd8  [ 0108C8E5176D590F242701EF5A62CC26, 3A72F5D4402663B7445F6B3C55F01E83A619B6192F7D3CC2DE3C57F9F50D5A2D ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:07:49.0388 0x0bd8  PolicyAgent - ok
11:07:49.0388 0x0bd8  [ AAD0C7235F804728373026EEFFDBCA6C, 930592ED085A14A7AC48F0D889627CAB865C8DAD3274544CEAC40C1F0730FD13 ] Power           C:\Windows\system32\umpo.dll
11:07:49.0404 0x0bd8  Power - ok
11:07:49.0420 0x0bd8  [ 362D47E5B4D67270DE4B8606036F4ADD, 716E229C68D91AEA5B5629F60133D5CBDC0C95ABA54D9DC6264E923CAF4DC6C0 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:07:49.0435 0x0bd8  PptpMiniport - ok
11:07:49.0529 0x0bd8  [ 9D59831262CAD44E709D695FC9D5E7AB, F95C5475F91DA667C8D5C96253944CE8A0F2C9B1ED4DF8703E5D1D47A0C730B5 ] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
11:07:49.0592 0x0bd8  PrintNotify - ok
11:07:49.0607 0x0bd8  [ 8DA167F8967AB35A2487095CB1B879A0, 78FD1D87F0A52254DFD71B76BEEA4179CECF830D1CF623A12FBD991B7C1CDDC1 ] Processor       C:\Windows\System32\drivers\processr.sys
11:07:49.0638 0x0bd8  Processor - ok
11:07:49.0654 0x0bd8  [ 429E8502AD2227CF88F8840FC5BD590D, A186DA46C083580ACEDE9C7E3156865034302CD803140EEEC8E1DE16DA4BC99B ] ProfSvc         C:\Windows\system32\profsvc.dll
11:07:49.0670 0x0bd8  ProfSvc - ok
11:07:49.0685 0x0bd8  [ EB8034147D4820CD31BFCB11A2A652DF, B10B5E16B7A05D2DB2D5D1945B6146DE15EEDE2C778772A59F104706B5145E46 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:07:49.0685 0x0bd8  Psched - ok
11:07:49.0732 0x0bd8  [ 0AFBF333B6F87A2F598EAB379AF100B8, D11F3A4D7E4463B62E2DBDE5FC61425B1FDFB07DD1A19BC001D479CA1F554510 ] QWAVE           C:\Windows\system32\qwave.dll
11:07:49.0748 0x0bd8  QWAVE - ok
11:07:49.0763 0x0bd8  [ 13D47BB0CCA2FC51BD15F8E85C6A078E, EA832A9511007C9E8599C3066E1FA66BE869E8A27886D9A9AC590BD4DFBD1A15 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:07:49.0763 0x0bd8  QWAVEdrv - ok
11:07:49.0779 0x0bd8  [ 873C60F8178100557740A832FCE10B5F, 400EF60CB2C98E2AFE122AF3D01CCE56A1548AF865345EE2194AB74DBCBF4C48 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:07:49.0779 0x0bd8  RasAcd - ok
11:07:49.0810 0x0bd8  [ 69B93F623B130976243ECA3D84CC99CA, F27617E651EADFAEE479619AAB01CDAA98111BA63E204D5C44A1256732CB0100 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
11:07:49.0826 0x0bd8  RasAgileVpn - ok
11:07:49.0826 0x0bd8  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0, 2F3C90A04964D4D906238BD557D90F7AC05DF86FE9729C4378B39431F54DDAE3 ] RasAuto         C:\Windows\System32\rasauto.dll
11:07:49.0857 0x0bd8  RasAuto - ok
11:07:49.0873 0x0bd8  [ A14D625C5AEE5FFE0F47D1A1D419FAAE, 1229B81C23340AD5B436B1FD227876EB41715CE6BD270BA367F18879D26B8F04 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
11:07:49.0873 0x0bd8  Rasl2tp - ok
11:07:49.0888 0x0bd8  [ C923C785A2DE0B396AD6D13ACAFF2DE9, 4F950DA776FBABEC7D546983D6F3018733F61268A4BF95C01D4836AD000BD073 ] RasMan          C:\Windows\System32\rasmans.dll
11:07:49.0920 0x0bd8  RasMan - ok
11:07:49.0935 0x0bd8  [ 00695B9C2DB6111064499C529E90C042, 3CD4DF4D8001C2BBF52EEEB1F0D587209878BEAC339D268892477AD840D490F1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:07:49.0935 0x0bd8  RasPppoe - ok
11:07:49.0951 0x0bd8  [ A7F24D8CD1956B0A1FDCB86CC5114DE4, 30489D235362DF62B105378597168B13F4BAC74A8EDDBDA25237E3C017B69FEE ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
11:07:49.0951 0x0bd8  RasSstp - ok
11:07:49.0982 0x0bd8  [ B72C33DBD5326B3864CF2091AF8B906B, 85A22311FA870CE43CF70F69D7D101D96B9095A992DCF5FA1587886F6D4282DC ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:07:49.0982 0x0bd8  rdbss - ok
11:07:49.0998 0x0bd8  [ CA7DF5EC95D8DE0DD24BE7FF97369F68, 153E6F716CA935DBCACB8FF1BB8DE5F5551CE3D18878225470E45893CA69BDB8 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
11:07:50.0013 0x0bd8  rdpbus - ok
11:07:50.0029 0x0bd8  [ B2A3AD74FF2E2FFA73AF2567108231B3, DF8CEA6215F75C634D56F6B8AE11ECCEEB5F8CBC091AC3D6D9F7DE214B00A439 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
11:07:50.0029 0x0bd8  RDPDR - ok
11:07:50.0045 0x0bd8  [ 3B4F32CA8B37584ECF98BCE136E38B96, 2B39224FEF5C0AE000FF667B3D6C3C279DBEE8EABAE2F5C40BBCF6DDFFD4DE3C ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:07:50.0045 0x0bd8  RdpVideoMiniport - ok
11:07:50.0045 0x0bd8  [ B3CB0721E81E30419CE7D837EF4EA151, EC9410818661BF77E4A19694E3A3030E1D983B36F49C72E27F92A1424E0729C2 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
11:07:50.0060 0x0bd8  RDPWD - ok
11:07:50.0076 0x0bd8  [ 62C1F8A0685FE07E998AA296C4F697C4, C636AB2D0F139003A6AD7A12E9DC13EE4485A62F30DA59AF842FF02FE07442EE ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:07:50.0076 0x0bd8  rdyboost - ok
11:07:50.0092 0x0bd8  [ 3663CCF243EE0C04E9F6F91ED1737273, 31D06445996F99A7F6B32004D1BA63A21C61DE125373F860BA9A9DE5278E8293 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:07:50.0107 0x0bd8  RemoteAccess - ok
11:07:50.0123 0x0bd8  [ E80DD61E52EDFFF9DA1ED7260A68855B, 97909F42AE35E28B8F98C01A1D8BAD80A949CDCA0C88FB4ACF0A655DC7C10E45 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:07:50.0138 0x0bd8  RemoteRegistry - ok
11:07:50.0138 0x0bd8  [ 381E606B90F32E501D1E2C852D211AB9, F307DA40A376C694868EB30186EA6420705C8BFCEA74B25F988E67FE728F0A8D ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:07:50.0154 0x0bd8  RpcEptMapper - ok
11:07:50.0170 0x0bd8  [ 10B21284B3D964AB3DC45490E57D422E, 12D5E3A7785F21C99C5EAD14A88EB7A86A058E26C091991339356D99D196CC13 ] RpcLocator      C:\Windows\system32\locator.exe
11:07:50.0170 0x0bd8  RpcLocator - ok
11:07:50.0201 0x0bd8  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] RpcSs           C:\Windows\system32\rpcss.dll
11:07:50.0232 0x0bd8  RpcSs - ok
11:07:50.0232 0x0bd8  [ E04E770DD198B9399640717145E79EBF, 2F9BECB7E4B0A522C6370FD39CFD7DFD3FB5D0A779AECCED2EE855629FA3C952 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:07:50.0248 0x0bd8  rspndr - ok
11:07:50.0279 0x0bd8  [ 15923AA360F7675D3D43C9669316A0BA, AD1852732082140C62CC44A01914162E44BF412B4A852DF27DC0E0765E64288F ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys
11:07:50.0310 0x0bd8  RTL8168 - ok
11:07:50.0342 0x0bd8  [ A02C8EA09D5601FA0148739A95F31AEF, 30765E5B7ACF1224DBFC46BEB3B5CD97A6FBE791325A3BD6CB9360EA6B2299F4 ] RTL8192Ce       C:\Windows\system32\DRIVERS\rtwlane.sys
11:07:50.0388 0x0bd8  RTL8192Ce - ok
11:07:50.0404 0x0bd8  [ 752EC7DCD2F96871A3857EEE6AFE965A, 1D0640966B9147A06ED0E733711773E6B4AB8AC6D962D5B369ECB04170D18AD8 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
11:07:50.0420 0x0bd8  s3cap - ok
11:07:50.0435 0x0bd8  [ 6E0E63801FBEF27995107B8269BCFAAD, FE3FA6B369527613D64860984BE02C8CEAD1174A7E8428E3DA9B95761BA46513 ] SamSs           C:\Windows\system32\lsass.exe
11:07:50.0435 0x0bd8  SamSs - ok
11:07:50.0435 0x0bd8  [ 9C7B28CE0D136DB226E24DB3BC817F92, E9DE55D6432ADD08EC75F99F2B5D2BD1F553F4EE55991B1767B1578351EE0BF2 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:07:50.0451 0x0bd8  sbp2port - ok
11:07:50.0467 0x0bd8  [ 14316954FCE79C9DE5A0AFF9D42C83AA, B60FB1FAC0299F9560761411711E86EDFA2F8D27B58230E2E4BB37736FAB2287 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:07:50.0482 0x0bd8  SCardSvr - ok
11:07:50.0482 0x0bd8  [ 5D7733A12756B267FCA021672B26BC9E, 01CE5B5F49914B9E099BD909A66296F3A40644AE47BA1D5EBFFB30CD33C70A4A ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:07:50.0498 0x0bd8  scfilter - ok
11:07:50.0545 0x0bd8  [ EDCDF4DB82EF825B94B190D544C8C58B, 65E316CB66893FBA852D44F6ACE0F1DA415DBADADCA838B31DF3AB6B681E33B6 ] Schedule        C:\Windows\system32\schedsvc.dll
11:07:50.0576 0x0bd8  Schedule - ok
11:07:50.0592 0x0bd8  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:07:50.0607 0x0bd8  SCPolicySvc - ok
11:07:50.0623 0x0bd8  [ 6D3A4C1E3E809C02476B32ACB68C1707, 2A297525597AC5761402DBD18448340BFC12557E954447B3C4B459C37FA6CB45 ] sdbus           C:\Windows\System32\drivers\sdbus.sys
11:07:50.0638 0x0bd8  sdbus - ok
11:07:50.0654 0x0bd8  [ 92968277ED491E4B3DDA361E3952361E, 71C50853BB2126A34C7CD014EE44D4B8B39F589E2E8E8E8F4C982E07498E3899 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:07:50.0670 0x0bd8  SDRSVC - ok
11:07:50.0670 0x0bd8  [ 6BF842A03DAA25CBBA9A585E25731E06, A13C4AA4061B698E43A5E752188E23E7F89D3F843B9EDCBED2992B01F5F7D3D3 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
11:07:50.0685 0x0bd8  sdstor - ok
11:07:50.0701 0x0bd8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:07:50.0717 0x0bd8  secdrv - ok
11:07:50.0717 0x0bd8  [ CD282626738B6BC92B6E7CD0AAE95B63, 1A56567C781786C85C63E24E79186EE5C82D3EB2679061B21BA0571A3A6CB7F5 ] seclogon        C:\Windows\system32\seclogon.dll
11:07:50.0732 0x0bd8  seclogon - ok
11:07:50.0732 0x0bd8  [ 9C51620998F0763039DFA6BF68E475ED, 9E496ADE7CE9A446BE8A2C2FC61B462D966778A94A4C147AABBD25C4821C2BCE ] SENS            C:\Windows\System32\sens.dll
11:07:50.0748 0x0bd8  SENS - ok
11:07:50.0763 0x0bd8  [ 0D50B4B860DAB65241628D04CD33ACAE, 2AA897C3F9ED076AB9244A32745D18489B076F3ED28A35B868C472131C5B5B46 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:07:50.0779 0x0bd8  SensrSvc - ok
11:07:50.0779 0x0bd8  [ 87C46B239A7EEF30FDFDD5E9BD46130C, F36FB5B20AC58FBD31F7E636059D2D865B751E178E51A03B94ABE0BBD1AB1EC9 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
11:07:50.0795 0x0bd8  SerCx - ok
11:07:50.0795 0x0bd8  [ 7A1F9347C85FD55E39B8A76B3A25C5AD, 03AF3B23285278A38F4CBEAB7FD326A48FA1EC7F8D044C059CE5403C6D225639 ] Serenum         C:\Windows\System32\drivers\serenum.sys
11:07:50.0810 0x0bd8  Serenum - ok
11:07:50.0810 0x0bd8  [ F640A0A218BBF857F1D04A15D7D939F6, 948C13886281FE7947E10FB7B34D5CCFE512FB632F1132B6062AC85149F79950 ] Serial          C:\Windows\System32\drivers\serial.sys
11:07:50.0826 0x0bd8  Serial - ok
11:07:50.0826 0x0bd8  [ F1A5F56B2620B862CC28FF96A0A6DAAB, E5367212B2CADF3820D657CFC27CD961547E28DAB950C68E1380CF97FB68F3F4 ] sermouse        C:\Windows\System32\drivers\sermouse.sys
11:07:50.0842 0x0bd8  sermouse - ok
11:07:50.0857 0x0bd8  [ CB60A60340788C8D6DE2A269D28086AB, 2D8948E59BB9B00E16D20E425F80E7B862957DBAC9A4D1484E5191FAF333B60D ] SessionEnv      C:\Windows\system32\sessenv.dll
11:07:50.0873 0x0bd8  SessionEnv - ok
11:07:50.0873 0x0bd8  [ 7EE65419B29302C795714FF8073969A1, E28D89A5423E3A5062030EB2418E9435DD5D8B9D16570046E782D3FCFDA2E79A ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
11:07:50.0873 0x0bd8  sfloppy - ok
11:07:50.0904 0x0bd8  [ 090AE16F79C8EAD04E6031F863DA85F3, 3F27BE46DF602B53940414A6E9FEB23B36CFFB8E9A7F41440C3315B8E27D0029 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:07:50.0920 0x0bd8  SharedAccess - ok
11:07:50.0951 0x0bd8  [ A77F3ABE13FCC698511E5DEC7ACEBD5F, 78A43FDA9F770FD8BA107605DB44BC71D8B89D7E75560DA783AA6356C1873C15 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:07:50.0982 0x0bd8  ShellHWDetection - ok
11:07:50.0982 0x0bd8  [ 2560721D6F16D5B611C36A3A9D28C1B2, 15C30404902654ABA5DB5367FC5BD31343B12A3FC22B4BC5A26B09016447B5ED ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
11:07:50.0998 0x0bd8  SiSRaid2 - ok
11:07:50.0998 0x0bd8  [ 3AA8FDE1DBF65BB8B88B053529554A0D, 8060D946344D043D336F4735363C23C37C91A6DB3F81E575C267B2EC2BECB0EC ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
11:07:50.0998 0x0bd8  SiSRaid4 - ok
11:07:51.0013 0x0bd8  [ E660156A4588A84305CB772FD2C0DB21, 9492EB6578D4A689945E1FC2440EFA77D461049CDB2D00A645969A71B7DA68E1 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:07:51.0045 0x0bd8  SNMPTRAP - ok
11:07:51.0060 0x0bd8  [ 465F3C355CE5ED2779B8F460F14C5A78, 4CDFBACBC2C228D6655DFE151249725D72D58DAE3299E15EAAEBC26FE0F712DC ] spaceport       C:\Windows\system32\drivers\spaceport.sys
11:07:51.0060 0x0bd8  spaceport - ok
11:07:51.0076 0x0bd8  [ 3D8679C8DF52EB26EB7583A4E0A29202, DCD9B69299275857712AB200C014AE820C8A9F7E53C4A335A84518FBE4BB56BB ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
11:07:51.0092 0x0bd8  SpbCx - ok
11:07:51.0138 0x0bd8  [ 3F215BF2D4D8D6756298B25B579772C2, 744192D1635E5D296BFD399E870B70592202CEAF95C31C2D2B226A868D33A3FD ] Spooler         C:\Windows\System32\spoolsv.exe
11:07:51.0154 0x0bd8  Spooler - ok
11:07:51.0404 0x0bd8  [ EC84D961501054F87A6878EC5D53388F, C69F3542B182BED4260EE1906361B72B9FFDE47FD92A161850E28BC6ED7505CC ] sppsvc          C:\Windows\system32\sppsvc.exe
11:07:51.0498 0x0bd8  sppsvc - ok
11:07:51.0545 0x0bd8  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6, 61EEB1349489CB85204F1B4E398BE24EDC01FB914120C9DD0487F8EE1EDA055E ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:07:51.0560 0x0bd8  srv - ok
11:07:51.0592 0x0bd8  [ 0DE224F7B8041B17AA53D00327A86396, 283AD5E9EE8F0C2F47B81FF246BC42ED0656026DA760CAB9EA25611785BBFED8 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:07:51.0607 0x0bd8  srv2 - ok
11:07:51.0607 0x0bd8  [ 9400C71F5A1A380B494B6922F007D485, 66C293974BA4A61A06DC26EF48D5FA5E75377F66AD1CD774AA6827FA20A5F46E ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:07:51.0623 0x0bd8  srvnet - ok
11:07:51.0670 0x0bd8  [ 7A20882D76D4A78240A5AC9F2C2EBA21, ACA05211EE542999A118BBD2CD051038A7DC8C40C4B8971DC6514BA90E90EC61 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:07:51.0701 0x0bd8  SSDPSRV - ok
11:07:51.0717 0x0bd8  [ D233B16999A8E626F6004BD7814C57EC, 5BBFE5DDF1269617ABD1BDBED85A79D99BB52EA29C2BB3A8F4A1827BFAA1A747 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:07:51.0717 0x0bd8  SstpSvc - ok
11:07:51.0732 0x0bd8  [ 4E85355B94CFCB67C135F6521A4895A7, AC4FC65C1E62A54B3834E7FE0A2B1ECC48A2AA563AE5BD508326EE68FFFBBEEE ] stexstor        C:\Windows\system32\drivers\stexstor.sys
11:07:51.0732 0x0bd8  stexstor - ok
11:07:51.0763 0x0bd8  [ BAC8A721736AECC55A4F71523AEAB65F, B52E1303B13A961A5FC190829E55B6F28ACA409A6EEF44B358D1D210558FE1D8 ] stisvc          C:\Windows\System32\wiaservc.dll
11:07:51.0779 0x0bd8  stisvc - ok
11:07:51.0795 0x0bd8  [ C588BBD37B432CE3204E5765B459E6B2, 6A30570C82390C4D6668137D05C7EFBE243CAC243CBE405D308E3F7B2BC5729D ] storahci        C:\Windows\system32\drivers\storahci.sys
11:07:51.0795 0x0bd8  storahci - ok
11:07:51.0810 0x0bd8  [ F74DBC95A57B1EE866D3732EB5F79BE2, E4FE9D5CD0A385ACB60D5D5E8D969F26C3A6BC0C08FF0838DBE9CA106229C8DE ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
11:07:51.0810 0x0bd8  storflt - ok
11:07:51.0842 0x0bd8  [ 5337E138B49ED1F44CCBA4073BC35C20, 2B296973215E3865A56C46DC3D27F1460D96BC321558CE7A911B05B0E7BF397F ] StorSvc         C:\Windows\system32\storsvc.dll
11:07:51.0842 0x0bd8  StorSvc - ok
11:07:51.0857 0x0bd8  [ 543CD3CC0E05B8D8815E0D4F040B6F59, 4B57C9534E94A0A67FC82DBD4FAECACA180BEC281FB477550A37C0A04777E09E ] storvsc         C:\Windows\system32\drivers\storvsc.sys
11:07:51.0857 0x0bd8  storvsc - ok
11:07:51.0857 0x0bd8  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A, 82CC77030D23013572B4A64A64B6156789F253BF56268B790093CE3D345410A0 ] svsvc           C:\Windows\system32\svsvc.dll
11:07:51.0873 0x0bd8  svsvc - ok
11:07:51.0888 0x0bd8  [ 4AFD66AAE74FFB5986BC240744DC5FC9, 0C9347614E3FD3B4D3B29FA4A5DA23FF6EE4CD9A1FFC378B855B8DE61B2876CF ] swenum          C:\Windows\System32\drivers\swenum.sys
11:07:51.0888 0x0bd8  swenum - ok
11:07:51.0904 0x0bd8  [ 502F9488540051F3E6C39889ECFA76BB, 22ABD681BE4CF8A1F484C6363C1334B1EF7A6C074D837B0121DE1896887B84C6 ] swprv           C:\Windows\System32\swprv.dll
11:07:51.0920 0x0bd8  swprv - ok
11:07:51.0951 0x0bd8  [ DC21E1F06343773D7E24362DCEF7944B, E5C13A2D4DEEBEDC6E0E4882FFC56322EA0474A3BD8B1C8A077293F433854F9B ] SysMain         C:\Windows\system32\sysmain.dll
11:07:51.0998 0x0bd8  SysMain - ok
11:07:52.0013 0x0bd8  [ F1DA8D3C4395E4B1D58D308A4B062B24, E0232B1BBBA8116C60BB551FD77AA7DF667193A98620FEF2244B904115DC5AF0 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
11:07:52.0045 0x0bd8  SystemEventsBroker - ok
11:07:52.0060 0x0bd8  [ A6C06C45C44AD06C70AF8899AEC15BDC, AC2CCCDBA6B94BA85A6D41B47343193D175786D4ECF71AE9C7766ADD63A1273F ] TabletInputService C:\Windows\System32\TabSvc.dll
11:07:52.0060 0x0bd8  TabletInputService - ok
11:07:52.0076 0x0bd8  [ 88B7721AB551C4325036B25A34A2BF7B, 2817CC6294542524EC373A674535F913440736BEBE81233CA91D5ECD93620B02 ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:07:52.0123 0x0bd8  TapiSrv - ok
11:07:52.0185 0x0bd8  [ AF6A8D27FCABFF85DDC1D4599582B4FE, 3100FBA65DBB1B3E53690BFF95D788184E3F62855C9EE565377529068BEFD5C3 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:07:52.0232 0x0bd8  Tcpip - ok
11:07:52.0357 0x0bd8  [ AF6A8D27FCABFF85DDC1D4599582B4FE, 3100FBA65DBB1B3E53690BFF95D788184E3F62855C9EE565377529068BEFD5C3 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:07:52.0404 0x0bd8  TCPIP6 - ok
11:07:52.0420 0x0bd8  [ 8F2A13A5DF99D72FDDE87F502A66F989, 2228C62ACDB4CBBFDD2BE705E604E0B9A8AEA7146F65F2D8B9B2A2FB49ACFAE1 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:07:52.0435 0x0bd8  tcpipreg - ok
11:07:52.0435 0x0bd8  [ 73DC722CE5DF26D7638CE2446F2655C7, 9B8E6F6DEA5E0C2AEAC24A31897D2E73F86EF44F1C25FEF82D2C860353793817 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:07:52.0451 0x0bd8  tdx - ok
11:07:52.0467 0x0bd8  [ F7C8AB5D8AFFAA318D6A21093D139BF4, 0A35052EF7DC8615783A23897358D8C579BE694363615C9563FF629E7B719991 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
11:07:52.0467 0x0bd8  terminpt - ok
11:07:52.0498 0x0bd8  [ 541EE228D0DEF392F7B2DFD885DD021B, 594D6538FA4DB5EF4D130007D7C29051EC2EDCA39EBB119695B58E9CBB0EB728 ] TermService     C:\Windows\System32\termsrv.dll
11:07:52.0529 0x0bd8  TermService - ok
11:07:52.0545 0x0bd8  [ 519A6F672FFF56B7D8EE8C730CEC8ECD, 2B36F10C0AE16A261DC0887B1050808BA1F0568F3879E4ABC3D370F08C3FADB7 ] Themes          C:\Windows\system32\themeservice.dll
11:07:52.0560 0x0bd8  Themes - ok
11:07:52.0576 0x0bd8  [ DBD28A7997CF7303E610989C565C9B29, 4BCB9920357DDDC9433EA73B683FAAE15572EC0346ED45F61B19EC503F5A9FED ] THREADORDER     C:\Windows\system32\mmcss.dll
11:07:52.0576 0x0bd8  THREADORDER - ok
11:07:52.0592 0x0bd8  [ 2A8B087AE47AC8486859CF479BB704C8, E65AA4EBCDDBA821490C04106709DFDBD44A515B73BF0E3F0C96EF56582E9AB9 ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
11:07:52.0607 0x0bd8  TimeBroker - ok
11:07:52.0623 0x0bd8  [ 151BD0387B1B320CC9AACE6DB071803B, B4A8F88BC530865DF6607EC1D96B073BEFE80C377B9742C5472206E99367665B ] TPM             C:\Windows\system32\drivers\tpm.sys
11:07:52.0623 0x0bd8  TPM - ok
11:07:52.0639 0x0bd8  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA, A6846478B9E7B0A509E5A28C6C7B66ED39F0247F9AFF01E3C3CADC0DBEF3CA00 ] TrkWks          C:\Windows\System32\trkwks.dll
11:07:52.0654 0x0bd8  TrkWks - ok
11:07:52.0685 0x0bd8  [ 8D516AEF3C1DF980664CF17BB1FF6093, D68A82D7DE647EAD68D5B8F3E8174B520C7FC6387EC68C8685B3E161C6020488 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:07:52.0685 0x0bd8  TrustedInstaller - ok
11:07:52.0685 0x0bd8  [ 4E7C5FB10A50435523DE0CAA37DE2BD3, D6206DF61950F2541FB754E57C4D9EF9FA0CC1EDD6F6FA4E45F02B47958493F7 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:07:52.0701 0x0bd8  TsUsbFlt - ok
11:07:52.0717 0x0bd8  [ 16D684A820872EE54F6370703AC0B513, 795E20484358424CE9FA766937DD99413025A8AF967D03490392E8E02A382D0B ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
11:07:52.0717 0x0bd8  TsUsbGD - ok
11:07:52.0732 0x0bd8  [ 78C9EE193AC2B4CBDBC48B620314D740, 41523E47D321BFF5778F5E453545B928C0A469C3BBA51578E74D6721D7DF9273 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:07:52.0748 0x0bd8  tunnel - ok
11:07:52.0748 0x0bd8  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A, AA7DA2207C0236F47859A4791F9D7301E7ADB50A59D831DC859ECC7CA70D3E1D ] uagp35          C:\Windows\system32\drivers\uagp35.sys
11:07:52.0764 0x0bd8  uagp35 - ok
11:07:52.0764 0x0bd8  [ 6FD6D03B7752C78712E5CFF29A305026, F09C5188AAFCF4C77B05BA1E604F9912782A9F1371F72F959288EBC2725407ED ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
11:07:52.0779 0x0bd8  UASPStor - ok
11:07:52.0779 0x0bd8  [ AA48AEC5CEB2AA8ED1B1A5758B017F72, 1EE1F1422CBB43CBB2C2AF13584065BE0243BD2642AB4FDBC51AC34C79972D0D ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
11:07:52.0795 0x0bd8  UCX01000 - ok
11:07:52.0826 0x0bd8  [ DC5A461591C71AF7F19DC048A81E3F88, C6689C70B6CDE5A5707C06ABDC9CABF87CCE549BD23B96969EF3AA177A889320 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:07:52.0842 0x0bd8  udfs - ok
11:07:52.0857 0x0bd8  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D, 16DE6E0894C356A58AF12BEC2FE9B188F147DD4B16CB2414DE600CE4127F929D ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:07:52.0873 0x0bd8  UI0Detect - ok
11:07:52.0873 0x0bd8  [ 07FEBCDF24FABA0D47B635D85A0FFB7A, 452C04B14681EBCE8B1B25B75A1B7CC978722B7DDE54D624E17841B14ACCF65D ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:07:52.0889 0x0bd8  uliagpkx - ok
11:07:52.0889 0x0bd8  [ 02CEB3FE6152668A7BA420B93B664860, 613F27540FD1EFE2442E326F507DACD5A25691C8481937022B7E1104F3E6E9E2 ] umbus           C:\Windows\System32\drivers\umbus.sys
11:07:52.0904 0x0bd8  umbus - ok
11:07:52.0904 0x0bd8  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09, 30AAD7D18FF5962CEC7180359D148EED5A1BF193DDB2B34508897FC3EBA692C3 ] UmPass          C:\Windows\System32\drivers\umpass.sys
11:07:52.0904 0x0bd8  UmPass - ok
11:07:52.0935 0x0bd8  [ 43FEFB040A0CC30F795FBF544169594D, F2A730C0F7C883321C378D4564120A40428D7F8E393F02C8D6A08934795A35C7 ] UmRdpService    C:\Windows\System32\umrdp.dll
11:07:52.0951 0x0bd8  UmRdpService - ok
11:07:52.0982 0x0bd8  [ 14D22C411854AA2560AFC94CD2D5E61F, BB376734733671C02319E6DB1800D41212694446FD65465498C92D4ECBFE7458 ] upnphost        C:\Windows\System32\upnphost.dll
11:07:53.0014 0x0bd8  upnphost - ok
11:07:53.0029 0x0bd8  [ 3FBE0784E42E7BA93FCC5201D2BAFE23, B0B45103EA209DE5B75396C5A25CBBBFAF05E199C7B5092342DC3AFEB70A0CE6 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
11:07:53.0045 0x0bd8  usbaudio - ok
11:07:53.0060 0x0bd8  [ 2AF9F0E16D75B8F783A1ACE74EF51C9B, AADB8991174CCDA3ADE14AF3EFB3A9826EC17A0F989F449FF43010A99D8CAA1F ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
11:07:53.0076 0x0bd8  usbccgp - ok
11:07:53.0076 0x0bd8  [ B395B62B62F28106218FA6FB17F4C797, 231CA3512B02BBE70E630A6304E899BCB741CE411FB10C2B3DE48E52034F24BB ] usbcir          C:\Windows\System32\drivers\usbcir.sys
11:07:53.0092 0x0bd8  usbcir - ok
11:07:53.0107 0x0bd8  [ 742BAFBB51C5B7811098ADE8C7EF5534, BF4B4F325D4C66F307F3FA89998E23C3FEB86C6EC192774DF104501C6C0DDE72 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
11:07:53.0107 0x0bd8  usbehci - ok
11:07:53.0123 0x0bd8  [ 566A32B2054C8E5360DB7839F64D0F58, E5889991A4C100135E52BDA66D808290BB74DDBE153F762C4F492292B756F7C2 ] usbhub          C:\Windows\System32\drivers\usbhub.sys
11:07:53.0139 0x0bd8  usbhub - ok
11:07:53.0170 0x0bd8  [ 12EAB6FB15B572D9C6D9FFC33F87EC3F, D83869186344C10289C31BFBCDC04CB8734349C14D9A8BB1B8D1402674701D48 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
11:07:53.0185 0x0bd8  USBHUB3 - ok
11:07:53.0185 0x0bd8  [ F656F5D696A921DA67E98CF9C2BEDA20, BF2C68F2BEBC117CB8B00B5ED03462F926F9658BB67CC3961038844F0678CDFA ] usbohci         C:\Windows\System32\drivers\usbohci.sys
11:07:53.0201 0x0bd8  usbohci - ok
11:07:53.0217 0x0bd8  [ BA3ABE0CD1C14B3295BAD0F076B84CAC, 19E0679D44A9BD9DDCC336C7DE784147D6CFC3DE4250D5CA31CE49867D51A414 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
11:07:53.0232 0x0bd8  usbprint - ok
11:07:53.0264 0x0bd8  [ F77177F6C95B2116EE7AD23B5EF57007, 646E345DE5AFF26B338E17BC9D03D0EDA5608DF77D7685DE7AFF6E4113B9EB87 ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
11:07:53.0264 0x0bd8  USBSTOR - ok
11:07:53.0279 0x0bd8  [ 1BBB5F562E80CF9E2F1587150FE3216E, D19191E7DE80453A1EE9D3891AA4E0388BD52FE3829BE3D50C54D1FCD641BDDD ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
11:07:53.0295 0x0bd8  usbuhci - ok
11:07:53.0326 0x0bd8  [ 75357960FD491E12416342CA12975FDA, 74F07379B61AE7C42F2D88E5AF10FE65A980612E51DC03126E331BDCD8327A40 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
11:07:53.0342 0x0bd8  usbvideo - ok
11:07:53.0342 0x0bd8  [ 8ABF3C3ED6BF5ED15DC947795FF6ACAC, D22B9955095924E162CF457421A60545EF0B76206CBD816836C9637ECEB1BB8F ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
11:07:53.0357 0x0bd8  USBXHCI - ok
11:07:53.0373 0x0bd8  [ 6E0E63801FBEF27995107B8269BCFAAD, FE3FA6B369527613D64860984BE02C8CEAD1174A7E8428E3DA9B95761BA46513 ] VaultSvc        C:\Windows\system32\lsass.exe
11:07:53.0373 0x0bd8  VaultSvc - ok
11:07:53.0389 0x0bd8  [ BACECBFF9C97F7627A60B0E0F1FE7EE8, DC82F767D066B93A48A090DC7146EBCCDC54B43C6CD9DF29A160E09E3A531DC8 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:07:53.0404 0x0bd8  vdrvroot - ok
11:07:53.0467 0x0bd8  [ 728C2DEEE875D6968632638922D6A1D7, 0E0D0770F435143D141A669CD361BC2C0D494BBC6BCA3A1CE16985F5B8DE7390 ] vds             C:\Windows\System32\vds.exe
11:07:53.0498 0x0bd8  vds - ok
11:07:53.0498 0x0bd8  [ 74FA2D4368DE6F6CE14393EDF1F342BE, C5CE4164B2C3D583A7FB8687ADEADCDB08D36A5AB1965E5FC6949AEED15881C8 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
11:07:53.0514 0x0bd8  VerifierExt - ok
11:07:53.0545 0x0bd8  [ 8628FA679F0EC4B709CCD1F6B6A3233B, E8A99795BB7956BFB9FDF6D24209280917FE6500E52F82F50C9FAD2EA6EDFA88 ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
11:07:53.0560 0x0bd8  vhdmp - ok
11:07:53.0560 0x0bd8  [ F5B4A14B00E89250C50982AC762DDD1D, 581CD97DD42E74A82F06BFB827DFC82618B4A8667ACA7E93C628BB0D056CE8F0 ] viaide          C:\Windows\system32\drivers\viaide.sys
11:07:53.0576 0x0bd8  viaide - ok
11:07:53.0592 0x0bd8  [ 78DB50F7329F6D1311658DABFFFC8BE0, 8CB0C831608033C4BC1D2DA7FAA7D429333A3654E76A989F7AF85BFC5F086BE9 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
11:07:53.0592 0x0bd8  vmbus - ok
11:07:53.0607 0x0bd8  [ ECFEE2F2BA3932C7880D1A8F67D68F91, 57DCD55A518A9FBDEF72B511C643B1062C3F7BD339F4B0FC19E9D84C615B968D ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
11:07:53.0607 0x0bd8  VMBusHID - ok
11:07:53.0639 0x0bd8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
11:07:53.0654 0x0bd8  vmicheartbeat - ok
11:07:53.0654 0x0bd8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmickvpexchange C:\Windows\System32\ICSvc.dll
11:07:53.0670 0x0bd8  vmickvpexchange - ok
11:07:53.0685 0x0bd8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicrdv         C:\Windows\System32\ICSvc.dll
11:07:53.0701 0x0bd8  vmicrdv - ok
11:07:53.0701 0x0bd8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicshutdown    C:\Windows\System32\ICSvc.dll
11:07:53.0717 0x0bd8  vmicshutdown - ok
11:07:53.0732 0x0bd8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmictimesync    C:\Windows\System32\ICSvc.dll
11:07:53.0732 0x0bd8  vmictimesync - ok
11:07:53.0748 0x0bd8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicvss         C:\Windows\System32\ICSvc.dll
11:07:53.0764 0x0bd8  vmicvss - ok
11:07:53.0764 0x0bd8  [ CB60FAAED8B49B812EBBF77EB87D9B18, ADA7C68D4C4981555ED48981E8B7ACBEEF5C39F902EB98782FC3DFF495FE0C33 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:07:53.0779 0x0bd8  volmgr - ok
11:07:53.0826 0x0bd8  [ A74101DA9809251BCD0E5A26BAE0F824, 15A3A7CC31A13C5882812C344D0937A8A4503D12DB07B9F7F2A8191B739CDBF7 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:07:53.0842 0x0bd8  volmgrx - ok
11:07:53.0857 0x0bd8  [ 2FB3CDFD5EAF4CD9D4AFAF96877D13AE, 26FD9DBCFAEDE0F945D80B11769741A3A837F84461263217A43C458B674566EE ] volsnap         C:\Windows\system32\drivers\volsnap.sys
11:07:53.0873 0x0bd8  volsnap - ok
11:07:53.0873 0x0bd8  [ A8DA1C1B52ECEA3726DEBED4FF1B700D, 75C024EC3858DF24FB82FE105BDD1E37900D53EFE9D72F42CDDFFD0742525586 ] vpci            C:\Windows\System32\drivers\vpci.sys
11:07:53.0889 0x0bd8  vpci - ok
11:07:53.0904 0x0bd8  [ 38A60CD9C009C55C6D3B5586F8E6A353, 7F7E2AE39F1A0A5245650911E310E0948BC22A18262A16FA76B44A042D66312D ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
11:07:53.0904 0x0bd8  vsmraid - ok
11:07:53.0982 0x0bd8  [ EA658570314042C914964FC72AB50E6B, 0B10E16D5136BF71EAF68F0D9A8B25F92F6D686BF9F80FEEB9F291221C6B8284 ] VSS             C:\Windows\system32\vssvc.exe
11:07:54.0014 0x0bd8  VSS - ok
11:07:54.0045 0x0bd8  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC, AC2F3C70EDCA0AFBB2606267DFE6D3E8E7B0772140153BAD6B0A9EDE6A1D2F29 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
11:07:54.0060 0x0bd8  VSTXRAID - ok
11:07:54.0076 0x0bd8  [ 62460A45435A26A334907E3F2EA45611, FEF86E05117CC0AAB8211CA1542776EB620BD4699BD590D91F16621ED35B9824 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
11:07:54.0076 0x0bd8  vwifibus - ok
11:07:54.0092 0x0bd8  [ 095E943D27025E4D588AF0A72CC2318F, 3CE406A202F93EF8C4BC7317621A672670D734C69166393CA7256D5E5E667041 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
11:07:54.0092 0x0bd8  vwififlt - ok
11:07:54.0107 0x0bd8  [ 73FA1A41A97A5C34ADC03B3577FF1A86, CBA4BC0DA837C163587BBB4BF2AC1549C72440307C984D3CDF8995023718136C ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
11:07:54.0123 0x0bd8  vwifimp - ok
11:07:54.0139 0x0bd8  [ F690B6EEAA94576727B24376D7ED3601, A61EE96024C8FC4058481DFB1E7F0AD746565368672FA3B6BA8F9E23D0F47E4C ] W32Time         C:\Windows\system32\w32time.dll
11:07:54.0154 0x0bd8  W32Time - ok
11:07:54.0170 0x0bd8  [ 6B806E893714019969E2B50D7EF6A4D9, 38FE2B01082DC4C2A0C11A292016A727F48C3DF1293DC3A0216B2254A452263F ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
11:07:54.0170 0x0bd8  WacomPen - ok
11:07:54.0201 0x0bd8  [ B69492CBD928534160594A7B33602575, 99C71F9C4724C1DA42FC3165D6FB23A53C7CD326A42016FC0F3DAB2BA8DC3B1F ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
11:07:54.0217 0x0bd8  Wanarp - ok
11:07:54.0217 0x0bd8  [ B69492CBD928534160594A7B33602575, 99C71F9C4724C1DA42FC3165D6FB23A53C7CD326A42016FC0F3DAB2BA8DC3B1F ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:07:54.0232 0x0bd8  Wanarpv6 - ok
11:07:54.0264 0x0bd8  [ 42DF22F8C448E7CD219F6D63743505E2, 063F4280C7BD20CE1360436B76A17DFE17FF611F75337A47373D098CC6C263BF ] wbengine        C:\Windows\system32\wbengine.exe
11:07:54.0295 0x0bd8  wbengine - ok
11:07:54.0326 0x0bd8  [ 31D37B2F6069C631EF0557D322924812, 6E18A1060F3C8F4BF220E286C44327866A8F9109E74928AA2D8C2DA9C452038B ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:07:54.0357 0x0bd8  WbioSrvc - ok
11:07:54.0373 0x0bd8  [ D9C1E82651BF19C6FF69CEC6FD400124, 93B96481A5B26F5617B16DD775AF0F8CE9001B30251FFF58D6EF9044D5EE91CD ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
11:07:54.0389 0x0bd8  Wcmsvc - ok
11:07:54.0404 0x0bd8  [ 68C2831A05A339DA8462C6F45BFCB84C, A7F79EF9D337B775851C8BB585CA6279C9ACD56B36B28594AA5B4C29B4DF9516 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:07:54.0420 0x0bd8  wcncsvc - ok
11:07:54.0420 0x0bd8  [ E19556D414332E2BEBA1F368229006B4, AB3454EC85D7B6E62D44C4510C1547AE7F736558588E54B0E265F7B3A5810E15 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:07:54.0435 0x0bd8  WcsPlugInService - ok
11:07:54.0435 0x0bd8  [ B3A4D918DAB90505B6BC7B70632913CB, ECC19DCD7902C29D0682C70B9546CF8B82477A32147EE30EB6750D8499605B46 ] Wd              C:\Windows\system32\drivers\wd.sys
11:07:54.0435 0x0bd8  Wd - ok
11:07:54.0451 0x0bd8  [ 260F8DFC4D5748F4CCB9B19CFB0E58EA, 36A6B264677A8A5A4E4785C9BE49E39C82B552460C46026964B700CCBA51FBB0 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
11:07:54.0451 0x0bd8  WdBoot - ok
11:07:54.0482 0x0bd8  [ 442783E2CB0DA19873B7A63833FF4CB4, 09254970265476214F3187CC22A4F9C7C2769D419600E83FBE302C3A103E527F ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:07:54.0498 0x0bd8  Wdf01000 - ok
11:07:54.0545 0x0bd8  [ 880FFFC4D5BBBB4187B6B04AB2E8C32A, 406363087976285481A8401FC5A8BBAF0DDCCC8D9228F39702D5B80ADC61EEA9 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
11:07:54.0560 0x0bd8  WdFilter - ok
11:07:54.0639 0x0bd8  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:07:54.0654 0x0bd8  WdiServiceHost - ok
11:07:54.0670 0x0bd8  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:07:54.0685 0x0bd8  WdiSystemHost - ok
11:07:54.0685 0x0bd8  [ F2002DA5E6B78C15B2CD48CFF8F0FBB6, 4281100271761521F75F4D5A3D2E9FF40A9C7D81CEDAFD2EDD95788534090CA6 ] WebClient       C:\Windows\System32\webclnt.dll
11:07:54.0701 0x0bd8  WebClient - ok
11:07:54.0701 0x0bd8  [ 35FD720943D4FCD75C3275BF062FF140, 9D8345E6DE1AE23F93AD0B52D27D1CCFD69EF7EE50654F92CA999BEC4570A773 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:07:54.0717 0x0bd8  Wecsvc - ok
11:07:54.0732 0x0bd8  [ 4D2612E3C462B68F499D840B1133263E, 4DDAEB4480AEC31A8184838588E0D3DFA31CE6D2FA6E906926860C75F52DC7B7 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:07:54.0748 0x0bd8  wercplsupport - ok
11:07:54.0748 0x0bd8  [ 8E2426162ED6749A127B35D235F21E11, 3B92CE177DE926CC801B71EACC2901DB11BDBF4A1269A004BFFECB3047E17E4C ] WerSvc          C:\Windows\System32\WerSvc.dll
11:07:54.0764 0x0bd8  WerSvc - ok
11:07:54.0779 0x0bd8  [ FE762D3498719C3A23471BBA62F747B4, 7F9390D5B0133BF1FA66BFC5FD933E17AADEB7845F141948EE4A52AB779A69F8 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
11:07:54.0779 0x0bd8  WFPLWFS - ok
11:07:54.0811 0x0bd8  [ 60E0C220593DA4F7C289CB909D2DBAE0, 057CA7727F748600CC155043081AB9E3244763CF4913F317D13226A515F6FDB6 ] WiaRpc          C:\Windows\System32\wiarpc.dll
11:07:54.0811 0x0bd8  WiaRpc - ok
11:07:54.0826 0x0bd8  [ A3C7624A42A3447EF5EDD1ED37FE4E60, BD8BDF0A571873FA8277878AF7AED11196CFF1B4DF1EA6BA13BD4887D7B63B94 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:07:54.0826 0x0bd8  WIMMount - ok
11:07:54.0842 0x0bd8  WinDefend - ok
11:07:54.0873 0x0bd8  [ 1369928779943B5C7AABA263E6E2BBC1, 5DB4E77912051839B842F43B01933A07D72BD9E772F129573B1504361A9AA6A4 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
11:07:54.0889 0x0bd8  WinHttpAutoProxySvc - ok
11:07:55.0045 0x0bd8  [ 3D6B518B71C75C8FA4115A33615C107A, ED7A266013D29D3B1A462464735C3632BEA121D1B32553907AEAA0B00595C3DF ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
11:07:55.0076 0x0bd8  Winmgmt - ok
11:07:55.0170 0x0bd8  [ 8E212A627F33F6FC3B5F3BB47212F66E, 9BBFE26ABFA14F346FE3711D13D959523EEA23608A33C16F3D750D66CA511911 ] WinRM           C:\Windows\system32\WsmSvc.dll
11:07:55.0248 0x0bd8  WinRM - ok
11:07:55.0404 0x0bd8  [ CAC452B32656A0A51356912F4A9943CA, 36C5F537C9D288245F359E7CF2BF1FA4C04D8387134143790720D0097D8363D0 ] WlanSvc         C:\Windows\System32\wlansvc.dll
11:07:55.0467 0x0bd8  WlanSvc - ok
11:07:55.0514 0x0bd8  [ 08EFA13A2234C8C3B8A99E4B88BE7E9B, 460ACD1687A2E5443A1B0E1786A517E67DB876403AC3498555848BD16DA08929 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
11:07:55.0576 0x0bd8  wlidsvc - ok
11:07:55.0576 0x0bd8  [ E2A596CACFC6504306CDB7B593B90084, DF89CF57249553CE922C841F18B99A213185FA1099C053B9BB8C0F6E5BC3FEC0 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
11:07:55.0592 0x0bd8  WmiAcpi - ok
11:07:55.0607 0x0bd8  [ D113499052C5E541906B727779F0F959, 05FB51086C0A0CE3812A7E6098C5A454ECCFE8553669CFA715153564F2226DB0 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:07:55.0639 0x0bd8  wmiApSrv - ok
11:07:55.0654 0x0bd8  WMPNetworkSvc - ok
11:07:55.0654 0x0bd8  [ C6FF953D5D6F2EAE3B8883474D5076B3, 001CBB7FBC30209C892869258E5ABD3F0932886E156ECB10DCA599F6D32648BE ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
11:07:55.0670 0x0bd8  wpcfltr - ok
11:07:55.0670 0x0bd8  [ A6ED163169876BFD2437E872FE2F1509, C13E8676800EEEF690F51C4DEA660B36C8734AE2CCAAC48054E10D74B98949B8 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:07:55.0686 0x0bd8  WPCSvc - ok
11:07:55.0701 0x0bd8  [ 94AA5150E35B3ABB7191FE641E3C2473, 48CC776E92579188FF75BADFABF7BDBED0092AF5EE2BDBDEF9C3834A01E39CAB ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:07:55.0717 0x0bd8  WPDBusEnum - ok
11:07:55.0717 0x0bd8  [ 0346CAFC181C91C6E2330332EB332ED6, D46F44C339399CAAE13CD71C53A169E95065208E07E5420DE00A4509D6CB056F ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
11:07:55.0732 0x0bd8  WpdUpFltr - ok
11:07:55.0732 0x0bd8  [ 58D492F986EC519ECDD54D93618758F8, 7B9FA33B6D579CEC385D3E28A97F8C8B6662D612DB6CE35C6055E72E94EBF16A ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
11:07:55.0748 0x0bd8  ws2ifsl - ok
11:07:55.0764 0x0bd8  [ FB0C1B7F94FA08E72F19F6F2CE7210E1, DC5475E9172BD732A654838CDB8057FCD83A02060C0C79B141F74A74D4C77555 ] wscsvc          C:\Windows\System32\wscsvc.dll
11:07:55.0779 0x0bd8  wscsvc - ok
11:07:55.0779 0x0bd8  WSearch - ok
11:07:55.0826 0x0bd8  [ FEC16FE5EAC2D8CD4628B69667B90DE6, 2716C0CDA86C67291A4ED5945D6C987EDEEA309782EF7721C58788557E96C618 ] WSService       C:\Windows\System32\WSService.dll
11:07:55.0920 0x0bd8  WSService - ok
11:07:56.0154 0x0bd8  [ C80DB258C195ACBF86ED42B53554EB28, 06B87211D4702F41D76EC85F39F414916A2909A01AD7CF3383383E15361C3D92 ] wuauserv        C:\Windows\system32\wuaueng.dll
11:07:56.0264 0x0bd8  wuauserv - ok
11:07:56.0279 0x0bd8  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:07:56.0311 0x0bd8  WudfPf - ok
11:07:56.0311 0x0bd8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
11:07:56.0326 0x0bd8  WUDFRd - ok
11:07:56.0342 0x0bd8  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
11:07:56.0357 0x0bd8  wudfsvc - ok
11:07:56.0373 0x0bd8  [ 9FE55B90B1778C4FE351ECD1AEFD8AAF, FEFDB31D2956C18536BD17A4B031495AEC62679247FD177D7B29BA26DFA6FBC1 ] WwanSvc         C:\Windows\System32\wwansvc.dll
11:07:56.0389 0x0bd8  WwanSvc - ok
11:07:56.0389 0x0bd8  ================ Scan global ===============================
11:07:56.0420 0x0bd8  [ DDC1AFBF9DDF880CE9BD3896114D8DED, E2406231EA4D2689A5EDFA9BD1A1BC064359D8D23B37F113A18B5EAE3E2D4050 ] C:\Windows\system32\basesrv.dll
11:07:56.0451 0x0bd8  [ B36597EF454D4FEA2F11429A9A1424BD, B312998C6B5BE4B03803D2FACC0FBE1D025B538D6E681E99FE587941B0C7EF3A ] C:\Windows\system32\winsrv.dll
11:07:56.0467 0x0bd8  [ BD7C6949984D19AAA609896B675E7357, 5B46538B27BC70F5A3805AA63F6AACDC780C7168468FB535F2D35CF26B9DEE06 ] C:\Windows\system32\sxssrv.dll
11:07:56.0482 0x0bd8  [ 754A2CC1F32107EA87CBD305ABE3E618, C5587F286397D8C398F78F738FFD402CCF5487B4415D794E8F3CB430D717C9B4 ] C:\Windows\system32\services.exe
11:07:56.0482 0x0bd8  [ Global ] - ok
11:07:56.0482 0x0bd8  ================ Scan MBR ==================================
11:07:56.0498 0x0bd8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:07:59.0498 0x0bd8  \Device\Harddisk0\DR0 - ok
11:07:59.0498 0x0bd8  ================ Scan VBR ==================================
11:07:59.0498 0x0bd8  [ 72F0BCA02BB2D88E4191FF25FE1F942E ] \Device\Harddisk0\DR0\Partition1
11:07:59.0498 0x0bd8  \Device\Harddisk0\DR0\Partition1 - ok
11:07:59.0529 0x0bd8  [ CDB34EF0DE8095D29475A914C8DD243E ] \Device\Harddisk0\DR0\Partition2
11:07:59.0529 0x0bd8  \Device\Harddisk0\DR0\Partition2 - ok
11:07:59.0529 0x0bd8  Waiting for KSN requests completion. In queue: 8
11:08:00.0545 0x0bd8  Waiting for KSN requests completion. In queue: 8
11:08:01.0686 0x0bd8  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.0.9200.16384 ), 0x61100 ( enabled : updated )
11:08:01.0717 0x0bd8  Win FW state via NFP2: enabled
11:08:04.0217 0x0bd8  ============================================================
11:08:04.0217 0x0bd8  Scan finished
11:08:04.0217 0x0bd8  ============================================================
11:08:04.0217 0x0be4  Detected object count: 0
11:08:04.0217 0x0be4  Actual detected object count: 0
11:09:08.0257 0x0bac  Deinitialize success

 



#14 zorch240

zorch240
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:06:24 PM

Posted 31 December 2013 - 11:16 AM

11:06:53.0975 3580  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
11:06:55.0991 3580  Perform update action was selected
11:06:55.0991 4048  Deinitialize success
 



#15 zorch240

zorch240
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:06:24 PM

Posted 31 December 2013 - 12:17 PM

I am unable to copy and paste the bcserv log despite numerous attempts,put in a zip file instead:

 

Attached Files






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users