Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Rule out possible malware


  • This topic is locked This topic is locked
17 replies to this topic

#1 Mochimochi

Mochimochi

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:56 AM

Posted 24 March 2014 - 08:16 AM

Hello everyone~

 

The other day, my wee self visited a blog and my malwarebytes went crazy; pop ups about a range of IP's being blocked showed up on my screen. >.< It looked really bad. So I immediately closed that tab and went on my way~

 

But of course, I scanned immediately afterwards with SAS, MalwareBytes, and Avast. I thought I didn't need HitmanPro anymore since all three said nothing was wrong here.

 

The next day though, video streams became reaaally slow; sometimes it won't even load. Youtube, Vimeo, Netflix, Putlocker, you name it. And this really bad slowdown never happened before; I have a solid net connection DX

 

I'm here cause Im not sure again D: Could this be malware, or is my net/their server just slowing down? -__-

 

=====================================================================================

UPDATE:

I've just restarted, and my font turned into very small italics for a while. After a couple of minutes it suddenly went back to normal. This is after scanning with Adwcleaner just now. 

I think this is sign enough of malware; please help! :(


Edited by Mochimochi, 24 March 2014 - 08:46 AM.


BC AdBot (Login to Remove)

 


#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:56 AM

Posted 24 March 2014 - 11:12 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 

 

 

Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)

  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.

 

 

 

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt


Please post the contents of that log in your next reply.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 Mochimochi

Mochimochi
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:56 AM

Posted 24 March 2014 - 11:49 PM

Thank you so much Marius~! 

Here are the Scan results of FRST in Normal Mode:

 

------------------------------------------------------------------------------------------------------------

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Asd (administrator) on ZEROMUSULTI-PC on 25-03-2014 12:44:35
Running from C:\Users\ArashiKen\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchService.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\Garena Plus\ggdllhost.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
() C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Program Files\Rainlendar2\Rainlendar2.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(6 Wunderkinder GmbH) C:\Program Files (x86)\Wunderlist2\Wunderlist.exe
(Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(VIA Technologies, Inc.) C:\Windows\system32\viakaraokesrv.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [COMODO Internet Security] - C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1612504 2013-11-11] (COMODO)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1179576 2014-02-05] (NVIDIA Corporation)
HKLM-x32\...\Run: [PWRISOVM.EXE] - C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [337432 2013-04-15] (Power Software Ltd)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-17] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-02-26] (LogMeIn Inc.)
HKU\S-1-5-21-3128014155-1925092750-1651038635-1000\...\Run: [MCShield Monitor] - C:\Program Files (x86)\MCShield\MCShieldRTM.exe [650816 2014-02-02] (MyCity)
HKU\S-1-5-21-3128014155-1925092750-1651038635-1000\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6604568 2013-12-01] (SUPERAntiSpyware)
HKU\S-1-5-21-3128014155-1925092750-1651038635-1000\...\Run: [WinPatrol] - C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe [423144 2013-04-27] (BillP Studios)
HKU\S-1-5-21-3128014155-1925092750-1651038635-1000\...\Run: [SandboxieControl] - C:\Program Files\Sandboxie\SbieCtrl.exe [759384 2013-07-08] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-3128014155-1925092750-1651038635-1000\...\Run: [RocketDock] - C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-3128014155-1925092750-1651038635-1000\...\Run: [Rainlendar2] - C:\Program Files\Rainlendar2\Rainlendar2.exe [4373600 2013-03-12] ()
HKU\S-1-5-21-3128014155-1925092750-1651038635-1000\...\Run: [Wunderlist] - C:\Program Files (x86)\Wunderlist2\Wunderlist.exe [13021792 2013-12-02] (6 Wunderkinder GmbH)
Startup: C:\Users\ArashiKen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Tcpip\Parameters: [DhcpNameServer] 124.106.6.2 124.106.4.2
 
Chrome: 
=======
CHR DefaultSearchKeyword: google.com.ph
CHR Extension: (Google Docs) - C:\Users\ArashiKen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-24]
CHR Extension: (Google Drive) - C:\Users\ArashiKen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-24]
CHR Extension: (YouTube) - C:\Users\ArashiKen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-24]
CHR Extension: (Google Search) - C:\Users\ArashiKen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-24]
CHR Extension: (avast! Online Security) - C:\Users\ArashiKen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-03-24]
CHR Extension: (RealDownloader) - C:\Users\ArashiKen\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-03-24]
CHR Extension: (Google Wallet) - C:\Users\ArashiKen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-24]
CHR Extension: (Gmail) - C:\Users\ArashiKen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-24]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-12-14]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-04-16]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [143088 2013-05-08] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-17] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [113704 2014-02-17] (AVAST Software)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [6254152 2013-10-20] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [164056 2013-09-24] (COMODO)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2135232 2014-01-28] ()
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-02-26] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [183896 2013-07-08] (Sandboxie Holdings, LLC)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-11-11] (VIA Technologies, Inc.)
S2 RealNetworks Downloader Resolver Service; "C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
S3 1394hub; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2013-12-14] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-02-17] (AVAST Software)
R1 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [440672 2014-02-22] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-14] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-14] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-02-17] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-02-17] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-02-17] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-18] ()
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [23168 2013-09-24] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [709144 2013-11-14] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [48872 2013-09-24] (COMODO)
R1 ESProtectionDriver; C:\Program Files\Malwarebytes Anti-Exploit\MBAE.sys [62168 2013-12-17] ()
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [96800 2013-09-24] (COMODO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-28] (NVIDIA Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-23] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [199384 2013-07-08] (Sandboxie Holdings, LLC)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-03-25 12:44 - 2014-03-25 12:44 - 00015806 _____ () C:\Users\ArashiKen\Downloads\FRST.txt
2014-03-25 12:44 - 2014-03-25 12:44 - 00000000 ____D () C:\FRST
2014-03-25 11:28 - 2014-03-25 12:42 - 02157056 _____ (Farbar) C:\Users\ArashiKen\Downloads\FRST64.exe
2014-03-25 11:11 - 2014-03-25 11:12 - 04113320 _____ () C:\Users\ArashiKen\Downloads\tdsskiller.zip
2014-03-24 21:37 - 2014-03-24 21:40 - 04937648 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-24 21:37 - 2014-03-24 21:38 - 00000168 _____ () C:\Windows\setupact.log
2014-03-24 21:37 - 2014-03-24 21:37 - 00001254 _____ () C:\Windows\PFRO.log
2014-03-24 21:37 - 2014-03-24 21:37 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-24 21:32 - 2014-03-24 21:34 - 01950720 _____ () C:\Users\ArashiKen\Downloads\adwcleaner.exe
2014-03-24 21:27 - 2014-03-24 21:27 - 00002263 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-24 21:25 - 2014-03-25 12:30 - 00001066 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-24 21:25 - 2014-03-24 21:38 - 00001062 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-24 21:25 - 2014-03-24 21:25 - 00282880 _____ (Mozilla) C:\Users\ArashiKen\Downloads\Firefox Setup Stub 28.0.exe
2014-03-24 21:25 - 2014-03-24 21:25 - 00004062 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-24 21:25 - 2014-03-24 21:25 - 00003810 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-24 20:50 - 2014-03-24 20:50 - 00011182 _____ () C:\Users\ArashiKen\Desktop\bookmarks-2014-03-24.json
2014-03-24 20:41 - 2014-03-24 20:41 - 00071992 _____ () C:\Users\ArashiKen\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-21 14:28 - 2014-03-21 14:28 - 05033112 _____ () C:\Users\ArashiKen\Downloads\Elinor v2.1.zip
2014-03-21 04:34 - 2014-03-21 04:34 - 00000000 ____D () C:\Users\ArashiKen\AppData\Local\WinZip
2014-03-14 22:54 - 2014-03-14 22:54 - 00000108 _____ () C:\Users\ArashiKen\Documents\ideas2.txt
2014-03-13 21:11 - 2014-03-13 21:11 - 00000000 ____D () C:\Users\ArashiKen\AppData\Local\NVIDIA Corporation
2014-03-13 21:10 - 2014-03-13 21:10 - 00000000 ____D () C:\Users\ArashiKen\AppData\Local\NVIDIA
2014-03-13 21:10 - 2014-02-05 17:31 - 01048152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-03-13 21:10 - 2014-02-05 17:30 - 01179576 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-03-13 21:09 - 2014-03-13 21:09 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-03-13 21:09 - 2014-03-04 19:32 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-03-13 21:06 - 2014-03-04 22:35 - 31474976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-03-13 21:06 - 2014-03-04 22:35 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-03-13 21:06 - 2014-03-04 22:35 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-03-13 21:06 - 2014-03-04 22:35 - 17755424 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-03-13 21:06 - 2014-03-04 22:35 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-03-13 21:06 - 2014-03-04 22:35 - 15783992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-03-13 21:06 - 2014-03-04 22:35 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-03-13 21:06 - 2014-03-04 22:35 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-03-13 21:06 - 2014-03-04 22:35 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-03-13 21:06 - 2014-03-04 22:35 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-03-13 21:06 - 2014-03-04 22:35 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-03-13 21:06 - 2014-03-04 22:35 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-03-13 21:06 - 2014-03-04 22:35 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-03-13 21:06 - 2014-03-04 22:35 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-03-13 21:06 - 2014-03-04 22:35 - 02715264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-03-13 21:06 - 2014-03-04 22:35 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-03-13 21:06 - 2014-03-04 22:35 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-03-13 21:06 - 2014-03-04 22:35 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-03-13 21:06 - 2014-03-04 22:35 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-03-13 21:06 - 2014-03-04 22:35 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-03-13 21:06 - 2014-03-04 22:35 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-03-13 21:06 - 2014-03-04 22:35 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-03-13 21:06 - 2014-03-04 22:35 - 00832936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-03-13 21:06 - 2014-03-04 22:35 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-03-13 21:06 - 2014-03-04 22:35 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-03-13 21:06 - 2014-03-04 22:35 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-03-13 21:06 - 2014-03-04 22:35 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-03-13 21:06 - 2013-12-28 02:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-03-13 21:06 - 2013-12-28 02:42 - 00035104 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-03-13 21:06 - 2013-12-28 02:42 - 00033056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-03-13 21:06 - 2013-11-28 21:38 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-03-13 21:06 - 2013-11-28 21:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-03-13 21:06 - 2013-11-22 16:36 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-03-13 20:46 - 2014-03-13 20:58 - 232485456 _____ (NVIDIA Corporation) C:\Users\ArashiKen\Downloads\335.23-desktop-win8-win7-winvista-64bit-english-whql.exe
2014-03-13 20:45 - 2014-03-13 20:45 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-03-13 20:44 - 2014-03-13 20:45 - 00000000 ____D () C:\Users\ArashiKen\AppData\Roaming\rmi
2014-03-13 20:38 - 2014-01-07 18:55 - 00000000 ____D () C:\Users\ArashiKen\Downloads\Don't Starve
2014-03-13 20:37 - 2014-03-13 20:37 - 00002247 _____ () C:\Users\Public\Desktop\WinZip.lnk
2014-03-13 20:37 - 2014-03-13 20:37 - 00000000 ____D () C:\Program Files (x86)\WinZip
2014-03-13 20:34 - 2014-03-13 20:36 - 42289512 _____ () C:\Users\ArashiKen\Downloads\winzip180-32.exe
2014-03-13 20:13 - 2014-03-13 20:13 - 00000000 ____D () C:\Users\ArashiKen\AppData\Local\EMU
2014-03-13 19:43 - 2014-03-13 19:51 - 129358808 ____R () C:\Users\ArashiKen\Downloads\Don't Starve .rar
2014-03-13 19:37 - 2014-03-15 15:52 - 00000000 ____D () C:\Users\ArashiKen\Downloads\Don't Starve backup
2014-03-06 20:43 - 2014-03-06 20:43 - 00215740 _____ () C:\Users\ArashiKen\Downloads\BhvDCv9CUAAQSFN.jpg-large
2014-03-05 18:15 - 2014-03-05 18:15 - 00000000 ____D () C:\ProgramData\Steam
2014-03-04 18:59 - 2014-03-04 18:59 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-03-03 13:23 - 2014-03-03 13:23 - 00000000 ____D () C:\Users\ArashiKen\Documents\Klei
2014-03-03 13:23 - 2014-03-03 13:23 - 00000000 ____D () C:\Users\ArashiKen\AppData\Local\FLT
2014-03-02 05:09 - 2014-03-02 15:29 - 00038596 _____ () C:\Users\ArashiKen\Documents\Dark Room Save.txt
2014-03-02 04:03 - 2014-03-02 04:17 - 287481861 _____ () C:\Users\ArashiKen\Downloads\ProjectZomboid.rar
2014-03-02 03:29 - 2014-03-02 03:37 - 146900809 _____ () C:\Users\ArashiKen\Downloads\Dont_Starve_Oct22_88173.7z
2014-03-01 04:31 - 2014-03-01 04:31 - 07962754 _____ () C:\Users\ArashiKen\Downloads\TKoK_Eastern-330f.w3x
2014-03-01 04:31 - 2014-03-01 04:31 - 04839870 _____ () C:\Users\ArashiKen\Downloads\Fortres Siege 1.78b.w3x
2014-03-01 04:30 - 2014-03-01 04:31 - 04001757 _____ () C:\Users\ArashiKen\Downloads\Founders Of The North 1.24.w3x
2014-03-01 04:01 - 2014-03-01 04:02 - 07544057 _____ () C:\Users\ArashiKen\Downloads\Sunken City v.1.7.3..w3x
2014-03-01 04:00 - 2014-03-01 04:07 - 98912186 _____ () C:\Users\ArashiKen\Downloads\Rise of the Blood Elves v2.0.w3n
2014-03-01 00:02 - 2014-03-01 00:02 - 06722377 _____ () C:\Users\ArashiKen\Downloads\Wilderness Survival Co-oP 4.7c - PT.w3x
 
==================== One Month Modified Files and Folders =======
 
2014-03-25 12:44 - 2014-03-25 12:44 - 00015806 _____ () C:\Users\ArashiKen\Downloads\FRST.txt
2014-03-25 12:44 - 2014-03-25 12:44 - 00000000 ____D () C:\FRST
2014-03-25 12:42 - 2014-03-25 11:28 - 02157056 _____ (Farbar) C:\Users\ArashiKen\Downloads\FRST64.exe
2014-03-25 12:30 - 2014-03-24 21:25 - 00001066 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-25 11:48 - 2013-05-20 18:57 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-25 11:14 - 2013-05-20 12:31 - 00000000 ____D () C:\Users\ArashiKen\AppData\Roaming\uTorrent
2014-03-25 11:12 - 2014-03-25 11:11 - 04113320 _____ () C:\Users\ArashiKen\Downloads\tdsskiller.zip
2014-03-25 11:07 - 2013-05-20 12:07 - 00000000 ____D () C:\Users\ArashiKen\AppData\Local\LogMeIn Hamachi
2014-03-25 04:45 - 2013-05-20 06:34 - 01856655 _____ () C:\Windows\WindowsUpdate.log
2014-03-25 02:00 - 2013-05-21 06:24 - 00000000 ____D () C:\Users\ArashiKen\AppData\Local\Adobe
2014-03-24 21:46 - 2009-07-14 12:45 - 00013248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-24 21:46 - 2009-07-14 12:45 - 00013248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-24 21:43 - 2009-07-14 13:13 - 00006222 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-24 21:41 - 2013-12-31 14:49 - 00003104 _____ () C:\Windows\System32\Tasks\Malwarebytes Anti-Exploit
2014-03-24 21:41 - 2013-12-31 14:49 - 00000508 _____ () C:\Windows\Tasks\Malwarebytes Anti-Exploit.job
2014-03-24 21:40 - 2014-03-24 21:37 - 04937648 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-24 21:39 - 2013-12-14 19:35 - 00003496 _____ () C:\Windows\System32\Tasks\gg_uac_daemon_Asd
2014-03-24 21:39 - 2013-09-15 02:19 - 00000000 ____D () C:\Users\ArashiKen\.rainlendar2
2014-03-24 21:39 - 2013-05-20 11:30 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-03-24 21:38 - 2014-03-24 21:37 - 00000168 _____ () C:\Windows\setupact.log
2014-03-24 21:38 - 2014-03-24 21:25 - 00001062 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-24 21:38 - 2013-05-20 11:23 - 00000000 ____D () C:\ProgramData\MCShield
2014-03-24 21:37 - 2014-03-24 21:37 - 00001254 _____ () C:\Windows\PFRO.log
2014-03-24 21:37 - 2014-03-24 21:37 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-24 21:37 - 2013-05-20 06:54 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-24 21:37 - 2009-07-14 13:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-24 21:36 - 2013-09-15 00:05 - 00000000 ____D () C:\AdwCleaner
2014-03-24 21:34 - 2014-03-24 21:32 - 01950720 _____ () C:\Users\ArashiKen\Downloads\adwcleaner.exe
2014-03-24 21:32 - 2013-12-01 13:01 - 00000000 ____D () C:\Users\ArashiKen\Desktop\AV and Protection
2014-03-24 21:27 - 2014-03-24 21:27 - 00002263 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-24 21:27 - 2013-05-20 12:20 - 00000000 ____D () C:\Users\ArashiKen\AppData\Local\Google
2014-03-24 21:27 - 2013-05-20 12:20 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-24 21:25 - 2014-03-24 21:25 - 00282880 _____ (Mozilla) C:\Users\ArashiKen\Downloads\Firefox Setup Stub 28.0.exe
2014-03-24 21:25 - 2014-03-24 21:25 - 00004062 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-24 21:25 - 2014-03-24 21:25 - 00003810 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-24 20:51 - 2013-08-02 22:07 - 00000000 ____D () C:\Users\ArashiKen\AppData\Roaming\.minecraft
2014-03-24 20:50 - 2014-03-24 20:50 - 00011182 _____ () C:\Users\ArashiKen\Desktop\bookmarks-2014-03-24.json
2014-03-24 20:50 - 2014-02-15 07:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-24 20:44 - 2013-05-20 12:16 - 00000000 ____D () C:\Users\ArashiKen\AppData\Roaming\vlc
2014-03-24 20:41 - 2014-03-24 20:41 - 00071992 _____ () C:\Users\ArashiKen\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-24 20:41 - 2014-02-12 00:19 - 00000000 ____D () C:\Users\ArashiKen\AppData\Roaming\IDM
2014-03-24 20:41 - 2013-09-23 11:17 - 00000000 ____D () C:\Users\ArashiKen\AppData\Local\CrashDumps
2014-03-24 18:00 - 2013-07-17 20:26 - 00000462 _____ () C:\Windows\Tasks\ParetoLogic Registration.job
2014-03-24 15:56 - 2014-02-11 23:40 - 00000000 ____D () C:\Program Files (x86)\Internet Download Manager
2014-03-21 14:28 - 2014-03-21 14:28 - 05033112 _____ () C:\Users\ArashiKen\Downloads\Elinor v2.1.zip
2014-03-21 04:34 - 2014-03-21 04:34 - 00000000 ____D () C:\Users\ArashiKen\AppData\Local\WinZip
2014-03-16 16:35 - 2013-05-21 07:07 - 00001932 _____ () C:\Windows\Sandboxie.ini
2014-03-15 15:52 - 2014-03-13 19:37 - 00000000 ____D () C:\Users\ArashiKen\Downloads\Don't Starve backup
2014-03-14 22:54 - 2014-03-14 22:54 - 00000108 _____ () C:\Users\ArashiKen\Documents\ideas2.txt
2014-03-14 22:54 - 2014-02-14 03:19 - 00000140 _____ () C:\Users\ArashiKen\Documents\Download.txt
2014-03-14 07:48 - 2013-12-11 11:49 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-14 07:48 - 2013-05-20 18:57 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-14 07:48 - 2013-05-20 18:57 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-13 21:11 - 2014-03-13 21:11 - 00000000 ____D () C:\Users\ArashiKen\AppData\Local\NVIDIA Corporation
2014-03-13 21:11 - 2013-05-20 06:52 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-03-13 21:10 - 2014-03-13 21:10 - 00000000 ____D () C:\Users\ArashiKen\AppData\Local\NVIDIA
2014-03-13 21:10 - 2013-05-20 06:54 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-13 21:10 - 2013-05-20 06:50 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-03-13 21:09 - 2014-03-13 21:09 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-03-13 20:58 - 2014-03-13 20:46 - 232485456 _____ (NVIDIA Corporation) C:\Users\ArashiKen\Downloads\335.23-desktop-win8-win7-winvista-64bit-english-whql.exe
2014-03-13 20:45 - 2014-03-13 20:45 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-03-13 20:45 - 2014-03-13 20:44 - 00000000 ____D () C:\Users\ArashiKen\AppData\Roaming\rmi
2014-03-13 20:38 - 2013-05-22 12:02 - 00000000 ____D () C:\ProgramData\WinZip
2014-03-13 20:37 - 2014-03-13 20:37 - 00002247 _____ () C:\Users\Public\Desktop\WinZip.lnk
2014-03-13 20:37 - 2014-03-13 20:37 - 00000000 ____D () C:\Program Files (x86)\WinZip
2014-03-13 20:36 - 2014-03-13 20:34 - 42289512 _____ () C:\Users\ArashiKen\Downloads\winzip180-32.exe
2014-03-13 20:13 - 2014-03-13 20:13 - 00000000 ____D () C:\Users\ArashiKen\AppData\Local\EMU
2014-03-13 19:51 - 2014-03-13 19:43 - 129358808 ____R () C:\Users\ArashiKen\Downloads\Don't Starve .rar
2014-03-13 01:17 - 2013-07-05 06:36 - 00007168 _____ () C:\Users\ArashiKen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-06 20:43 - 2014-03-06 20:43 - 00215740 _____ () C:\Users\ArashiKen\Downloads\BhvDCv9CUAAQSFN.jpg-large
2014-03-06 16:03 - 2013-07-05 06:11 - 00000000 ____D () C:\Users\ArashiKen\AppData\Roaming\DMCache
2014-03-05 18:15 - 2014-03-05 18:15 - 00000000 ____D () C:\ProgramData\Steam
2014-03-04 22:35 - 2014-03-13 21:06 - 31474976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-03-04 22:35 - 2014-03-13 21:06 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-03-04 22:35 - 2014-03-13 21:06 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-03-04 22:35 - 2014-03-13 21:06 - 17755424 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-03-04 22:35 - 2014-03-13 21:06 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-03-04 22:35 - 2014-03-13 21:06 - 15783992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-03-04 22:35 - 2014-03-13 21:06 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-03-04 22:35 - 2014-03-13 21:06 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-03-04 22:35 - 2014-03-13 21:06 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-03-04 22:35 - 2014-03-13 21:06 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-03-04 22:35 - 2014-03-13 21:06 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-03-04 22:35 - 2014-03-13 21:06 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-03-04 22:35 - 2014-03-13 21:06 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-03-04 22:35 - 2014-03-13 21:06 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-03-04 22:35 - 2014-03-13 21:06 - 02715264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-03-04 22:35 - 2014-03-13 21:06 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-03-04 22:35 - 2014-03-13 21:06 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-03-04 22:35 - 2014-03-13 21:06 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-03-04 22:35 - 2014-03-13 21:06 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-03-04 22:35 - 2014-03-13 21:06 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-03-04 22:35 - 2014-03-13 21:06 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-03-04 22:35 - 2014-03-13 21:06 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-03-04 22:35 - 2014-03-13 21:06 - 00832936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-03-04 22:35 - 2014-03-13 21:06 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-03-04 22:35 - 2014-03-13 21:06 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-03-04 22:35 - 2014-03-13 21:06 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-03-04 22:35 - 2014-03-13 21:06 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-03-04 22:35 - 2013-05-20 06:52 - 00024544 _____ () C:\Windows\system32\nvinfo.pb
2014-03-04 22:35 - 2013-05-20 06:51 - 03093280 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-03-04 22:35 - 2013-02-26 00:32 - 18302384 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-03-04 22:35 - 2013-02-26 00:32 - 14709720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-03-04 22:35 - 2013-02-26 00:32 - 00947808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-03-04 21:06 - 2013-05-20 06:52 - 06714312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-03-04 21:06 - 2013-05-20 06:52 - 03497816 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-03-04 21:05 - 2013-05-20 09:34 - 03649185 _____ () C:\Windows\system32\nvcoproc.bin
2014-03-04 21:05 - 2013-05-20 06:52 - 00922968 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-03-04 21:05 - 2013-05-20 06:52 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-03-04 21:05 - 2013-05-20 06:52 - 00064968 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-03-04 19:32 - 2014-03-13 21:09 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-03-04 18:59 - 2014-03-04 18:59 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-03-03 13:23 - 2014-03-03 13:23 - 00000000 ____D () C:\Users\ArashiKen\Documents\Klei
2014-03-03 13:23 - 2014-03-03 13:23 - 00000000 ____D () C:\Users\ArashiKen\AppData\Local\FLT
2014-03-03 01:33 - 2013-09-16 03:54 - 00000000 ____D () C:\Users\ArashiKen\Downloads\Compressed
2014-03-03 01:21 - 2014-02-20 23:24 - 00000000 ____D () C:\Users\ArashiKen\Downloads\3dmodels
2014-03-02 18:37 - 2013-07-18 00:35 - 00000000 ____D () C:\Users\ArashiKen\AppData\Roaming\GarenaPlus
2014-03-02 18:37 - 2013-07-18 00:35 - 00000000 ____D () C:\ProgramData\GarenaMessenger
2014-03-02 15:29 - 2014-03-02 05:09 - 00038596 _____ () C:\Users\ArashiKen\Documents\Dark Room Save.txt
2014-03-02 04:17 - 2014-03-02 04:03 - 287481861 _____ () C:\Users\ArashiKen\Downloads\ProjectZomboid.rar
2014-03-02 03:37 - 2014-03-02 03:29 - 146900809 _____ () C:\Users\ArashiKen\Downloads\Dont_Starve_Oct22_88173.7z
2014-03-01 04:31 - 2014-03-01 04:31 - 07962754 _____ () C:\Users\ArashiKen\Downloads\TKoK_Eastern-330f.w3x
2014-03-01 04:31 - 2014-03-01 04:31 - 04839870 _____ () C:\Users\ArashiKen\Downloads\Fortres Siege 1.78b.w3x
2014-03-01 04:31 - 2014-03-01 04:30 - 04001757 _____ () C:\Users\ArashiKen\Downloads\Founders Of The North 1.24.w3x
2014-03-01 04:07 - 2014-03-01 04:00 - 98912186 _____ () C:\Users\ArashiKen\Downloads\Rise of the Blood Elves v2.0.w3n
2014-03-01 04:02 - 2014-03-01 04:01 - 07544057 _____ () C:\Users\ArashiKen\Downloads\Sunken City v.1.7.3..w3x
2014-03-01 00:02 - 2014-03-01 00:02 - 06722377 _____ () C:\Users\ArashiKen\Downloads\Wilderness Survival Co-oP 4.7c - PT.w3x
2014-02-27 21:06 - 2013-07-18 00:35 - 00000000 ____D () C:\Program Files (x86)\Garena Plus
 
Some content of TEMP:
====================
C:\Users\ArashiKen\AppData\Local\Temp\HitmanPro_x64.exe
C:\Users\ArashiKen\AppData\Local\Temp\Quarantine.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-03-20 00:52
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Asd at 2014-03-25 12:44:53
Running from C:\Users\ArashiKen\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: avast! Internet Security (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Internet Security (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
AS: COMODO Antivirus (Disabled - Out of date) {0C2D2636-923D-EE52-2A83-E643204A8275}
FW: COMODO Firewall (Enabled) {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
FW: avast! Internet Security (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
 
==================== Installed Programs ======================
 
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.2090 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.7.0.2090 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe Widget Browser (x32 Version: 2.0.348 - Adobe Systems Incorporated.) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.3.0 - Asmedia Technology)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.1.0.0 - Auslogics Labs Pty Ltd)
Autodesk Backburner 2014 (HKLM-x32\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 14.0.0.0 - Autodesk, Inc.)
Autodesk Composite 2014 (HKLM\...\Autodesk Composite 2014) (Version: 9.0.0.0 - Autodesk)
Autodesk Composite 2014 (Version: 9.0.0.0 - Autodesk) Hidden
Autodesk DirectConnect 2014 64-bit (HKLM\...\Autodesk DirectConnect 2014 64-bit) (Version: 8.0.56.1 - Autodesk)
Autodesk DirectConnect 2014 64-bit (Version: 8.0.56.1 - Autodesk) Hidden
Autodesk MatchMover 2014 (HKLM\...\{B151ECD3-2DBE-45E9-816E-F8AA6238F6A8}) (Version: 14.00.0000 - Autodesk)
Autodesk Maya 2014 (HKLM\...\Autodesk Maya 2014) (Version: 16.0.0.0 - Autodesk)
Autodesk Maya 2014 (Version: 16.0.0.0 - Autodesk) Hidden
avast! Internet Security (HKLM-x32\...\avast) (Version: 9.0.2013 - Avast Software)
Bamboo (HKLM\...\Pen Tablet Driver) (Version: 5.2.4-6 - Wacom Technology Corp.)
Bamboo (HKLM-x32\...\Pen Tablet Driver) (Version:  - )
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands (HKLM-x32\...\{1F61E0B1-1AB8-F15E-07C4-46D100A1D3F7}) (Version: 1.0 - )
CCleaner (HKLM\...\CCleaner) (Version: 4.08 - Piriform)
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 31.1.0.0 - COMODO)
COMODO Firewall (HKLM\...\{F1EC4151-805B-4097-B9BB-7D71A417AAF1}) (Version: 6.1.14723.2813 - COMODO Security Solutions Inc.)
Cube World - July 23, 2013 (HKLM-x32\...\Cube World - July 23, 2013July 23, 2013) (Version: July 23, 2013 - Friends in War)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-0016-0000-1000-0000000FF1CE}_Office14.EXCEL_{FEE83E48-5D21-4EEC-A345-5C5887869DBE}) (Version:  - Microsoft)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-0018-0000-1000-0000000FF1CE}_Office14.POWERPOINT_{FEE83E48-5D21-4EEC-A345-5C5887869DBE}) (Version:  - Microsoft)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-001B-0000-1000-0000000FF1CE}_Office14.WORD_{FEE83E48-5D21-4EEC-A345-5C5887869DBE}) (Version:  - Microsoft)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-0057-0000-1000-0000000FF1CE}_Office14.VISIO_{FEE83E48-5D21-4EEC-A345-5C5887869DBE}) (Version:  - Microsoft)
Defraggler (HKLM\...\Defraggler) (Version: 2.14 - Piriform)
Dragon Nest SEA (HKLM-x32\...\{3566D7DB-EA10-49DE-A95B-F4AB41FC0A93}) (Version: 1.91.0000 - Shanda Games International)
Fighter Factory Ultimate (HKLM-x32\...\VirtuallTek Fighter Factory Ultimate_is1) (Version: 2.6.0.2010 - VirtuallTek Systems)
FileASSASSIN (HKLM-x32\...\FileASSASSIN) (Version: 1.06 - Malwarebytes)
FormatFactory 3.2.1.0 (HKLM-x32\...\FormatFactory) (Version: 3.2.1.0 - Format Factory)
Free MP3 WMA OGG Converter 9.5.4 (HKLM-x32\...\Free MP3 WMA OGG Converter_is1) (Version:  - CyberPower Tech, Inc.)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Hammerwatch (HKLM-x32\...\GOGPACKHAMMERWATCH_is1) (Version: 2.1.0.4 - GOG.com)
HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.8.208 - SurfRight B.V.)
HP Deskjet Ink Adv 2060 K110 Basic Device Software (HKLM\...\{857F4F6C-3CEF-4E80-8EB5-2DF65DFD8ED9}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Killing Floor (HKLM-x32\...\Killing Floor_is1) (Version: Killing Floor v.1043 - compiled by testncrash)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.173 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.173 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Exploit version 0.09.5.0250 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 0.09.5.0250 - Malwarebytes)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
MCShield ::Anti-Malware Tool:: (HKLM-x32\...\MCShield) (Version: 3.0.4.27 - MyCity)
mental ray renderer for Autodesk Maya 2014 (HKLM\...\{4F5AD3FF-38C6-43FB-BB6F-8EF830DEDF16}) (Version: 13.0.0.0 - mental ray)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Excel 2010 (HKLM\...\Office14.EXCEL) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office 2010 Language Pack Service Pack 1 (SP1) (Version:  - Microsoft) Hidden
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM\...\{90140000-0016-0000-1000-0000000FF1CE}_Office14.EXCEL_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}) (Version:  - Microsoft)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM\...\{90140000-0018-0000-1000-0000000FF1CE}_Office14.POWERPOINT_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}) (Version:  - Microsoft)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM\...\{90140000-001B-0000-1000-0000000FF1CE}_Office14.WORD_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}) (Version:  - Microsoft)
Microsoft Office 2010 Service Pack 1 (SP1) (Version:  - Microsoft) Hidden
Microsoft Office Excel 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Word 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft PowerPoint 2010 (HKLM\...\Office14.POWERPOINT) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft Visio 2010 Service Pack 1 (SP1) (HKLM\...\{90140000-0057-0000-1000-0000000FF1CE}_Office14.VISIO_{9081486B-B26D-42DB-8D31-81C525A9526A}) (Version:  - Microsoft)
Microsoft Visio Premium 2010 (HKLM\...\Office14.VISIO) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Word 2010 (HKLM\...\Office14.WORD) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
NVIDIA 3D Vision Controller Driver (x32 Version: 275.22 - NVIDIA Corporation) Hidden
NVIDIA 3D Vision Controller Driver 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Control Panel 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Papers, Please (HKLM-x32\...\GOGPACKPAPERSPLEASE_is1) (Version: 2.0.0.4 - GOG.com)
ParetoLogic Data Recovery (HKLM-x32\...\{B1C2398C-6FAB-46D1-806C-5942F0829994}) (Version: 1.1.0 - ParetoLogic)
Payday The Heist © OVERKILL Software version 1 (HKLM-x32\...\Payday The Heist © OVERKILL Software_is1) (Version: 1 - )
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.6 - Power Software Ltd)
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.2.4-1.0.7299.14 - raidcall.com)
Rainlendar2 (remove only) (HKLM-x32\...\Rainlendar2) (Version:  - )
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.0.2 r2161 - )
RealDownloader (x32 Version: 1.3.2 - RealNetworks, Inc.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.52.203.2012 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 1.006 - Realtek)
Recuva (HKLM\...\Recuva) (Version: 1.47 - Piriform)
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version:  - Punk Software)
Saints Row 2 version 1.02 (HKLM-x32\...\{75D84EF7-0D8C-4e70-STROW2-7B42A5D4E0EB}_is1) (Version: 1.02 - Black_Box)
Saints Row The Third (HKLM-x32\...\Saints Row The Third_is1) (Version:  - )
Sandboxie 4.04 (64-bit) (HKLM\...\Sandboxie) (Version: 4.04 - Sandboxie Holdings, LLC)
ScummVM 1.6.0 (HKLM-x32\...\ScummVM_is1) (Version:  - The ScummVM Team)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Snagit 11 (HKLM-x32\...\{A56C6348-59D0-433B-A48A-75914858664E}) (Version: 11.2.1 - TechSmith Corporation)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1020 - SUPERAntiSpyware.com)
SWF to AVI (HKLM-x32\...\{3315B802-84C6-47BC-907A-9B77A4646197}_is1) (Version:  - www.swftoavi.com)
Swiff Player 1.7.2 (HKLM-x32\...\Swiff Player_is1) (Version: 1.7.2 - GlobFX Technologies)
The Stanley Parable (HKLM-x32\...\The Stanley Parable_is1) (Version:  - )
Theme Manager (HKLM-x32\...\{C218ABCD-2C64-49D4-A891-83BD007D55D5}) (Version: 4.0.4 - Korbin Bickel)
Toon Boom Animate Pro 2 PLE (HKLM-x32\...\{8E4C64C4-A387-42DA-B0B5-D7D5ED8B1F18}) (Version: 7.9.1 - Toon Boom Animation)
Toon Boom Studio 7.1 (HKLM-x32\...\{4FD41AC6-6559-40C2-BAC2-C88BB1A004E1}) (Version:  - Toon Boom Animation Inc.)
TreeSize Free V2.7 (HKLM-x32\...\TreeSize Free_is1) (Version: 2.7 - JAM Software)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
TumblRipper (HKLM-x32\...\{39CCA8F3-19C1-4246-B4BA-8174D665407C}_is1) (Version: 0.87 - TumblRipper)
TVPaint Animation 10.0 Professional Edition (32bits) (DEMO) (remove only) (HKLM-x32\...\TVP Animation 10 Pro DEMO) (Version:  - )
Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.1.0 - Tweaking.com)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{90140000-0016-0000-1000-0000000FF1CE}_Office14.EXCEL_{428CB7A0-1068-4CE1-8835-39C7ECD297ED}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{90140000-0018-0000-1000-0000000FF1CE}_Office14.POWERPOINT_{428CB7A0-1068-4CE1-8835-39C7ECD297ED}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{90140000-001B-0000-1000-0000000FF1CE}_Office14.WORD_{428CB7A0-1068-4CE1-8835-39C7ECD297ED}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{90140000-0057-0000-1000-0000000FF1CE}_Office14.VISIO_{428CB7A0-1068-4CE1-8835-39C7ECD297ED}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553065) (HKLM\...\{90140000-001B-0000-1000-0000000FF1CE}_Office14.WORD_{57CEB66B-DD29-4883-92A2-671331657B52}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition (HKLM\...\{90140000-0016-0000-1000-0000000FF1CE}_Office14.EXCEL_{E24F10E6-7D9B-4E3A-B6CF-4C3257A382CD}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition (HKLM\...\{90140000-0018-0000-1000-0000000FF1CE}_Office14.POWERPOINT_{E24F10E6-7D9B-4E3A-B6CF-4C3257A382CD}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition (HKLM\...\{90140000-001B-0000-1000-0000000FF1CE}_Office14.WORD_{E24F10E6-7D9B-4E3A-B6CF-4C3257A382CD}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.EXCEL_{E24F10E6-7D9B-4E3A-B6CF-4C3257A382CD}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.POWERPOINT_{E24F10E6-7D9B-4E3A-B6CF-4C3257A382CD}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.VISIO_{E24F10E6-7D9B-4E3A-B6CF-4C3257A382CD}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.WORD_{E24F10E6-7D9B-4E3A-B6CF-4C3257A382CD}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition (HKLM\...\{90140000-0057-0000-1000-0000000FF1CE}_Office14.VISIO_{E24F10E6-7D9B-4E3A-B6CF-4C3257A382CD}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition (HKLM\...\{90140000-006E-0409-1000-0000000FF1CE}_Office14.EXCEL_{D9CF6D64-9342-4C83-A9C1-F45DE139F2A7}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition (HKLM\...\{90140000-006E-0409-1000-0000000FF1CE}_Office14.POWERPOINT_{D9CF6D64-9342-4C83-A9C1-F45DE139F2A7}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition (HKLM\...\{90140000-006E-0409-1000-0000000FF1CE}_Office14.VISIO_{D9CF6D64-9342-4C83-A9C1-F45DE139F2A7}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition (HKLM\...\{90140000-006E-0409-1000-0000000FF1CE}_Office14.WORD_{D9CF6D64-9342-4C83-A9C1-F45DE139F2A7}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553378) 64-Bit Edition (HKLM\...\{90140000-0016-0000-1000-0000000FF1CE}_Office14.EXCEL_{CABC3FE9-02BD-47C8-8576-EA3E8BB1BE1A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553378) 64-Bit Edition (HKLM\...\{90140000-0018-0000-1000-0000000FF1CE}_Office14.POWERPOINT_{CABC3FE9-02BD-47C8-8576-EA3E8BB1BE1A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553378) 64-Bit Edition (HKLM\...\{90140000-001B-0000-1000-0000000FF1CE}_Office14.WORD_{CABC3FE9-02BD-47C8-8576-EA3E8BB1BE1A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553378) 64-Bit Edition (HKLM\...\{90140000-0057-0000-1000-0000000FF1CE}_Office14.VISIO_{CABC3FE9-02BD-47C8-8576-EA3E8BB1BE1A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2566458) (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.EXCEL_{A6C194EA-C6CB-4314-9E43-AD1F4A1E9D74}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2566458) (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.POWERPOINT_{A6C194EA-C6CB-4314-9E43-AD1F4A1E9D74}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2566458) (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.VISIO_{A6C194EA-C6CB-4314-9E43-AD1F4A1E9D74}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2566458) (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.WORD_{A6C194EA-C6CB-4314-9E43-AD1F4A1E9D74}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.EXCEL_{A8EC00BF-EDF5-46F0-B466-C4312722D8F3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.POWERPOINT_{A8EC00BF-EDF5-46F0-B466-C4312722D8F3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.VISIO_{A8EC00BF-EDF5-46F0-B466-C4312722D8F3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.WORD_{A8EC00BF-EDF5-46F0-B466-C4312722D8F3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.EXCEL_{02A7E7E4-15FB-4240-963D-61E9029E0135}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.POWERPOINT_{02A7E7E4-15FB-4240-963D-61E9029E0135}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.VISIO_{02A7E7E4-15FB-4240-963D-61E9029E0135}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.WORD_{02A7E7E4-15FB-4240-963D-61E9029E0135}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition (HKLM\...\{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.EXCEL_{BE0D098C-1F21-481C-BA71-ECAD0F770E23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition (HKLM\...\{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.POWERPOINT_{BE0D098C-1F21-481C-BA71-ECAD0F770E23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition (HKLM\...\{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.VISIO_{BE0D098C-1F21-481C-BA71-ECAD0F770E23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition (HKLM\...\{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.WORD_{BE0D098C-1F21-481C-BA71-ECAD0F770E23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition (HKLM\...\{90140000-0016-0000-1000-0000000FF1CE}_Office14.EXCEL_{7750DF63-F5DC-4198-8B8B-AE03B212F462}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition (HKLM\...\{90140000-0018-0000-1000-0000000FF1CE}_Office14.POWERPOINT_{7750DF63-F5DC-4198-8B8B-AE03B212F462}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition (HKLM\...\{90140000-001B-0000-1000-0000000FF1CE}_Office14.WORD_{7750DF63-F5DC-4198-8B8B-AE03B212F462}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.EXCEL_{7750DF63-F5DC-4198-8B8B-AE03B212F462}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.POWERPOINT_{7750DF63-F5DC-4198-8B8B-AE03B212F462}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.VISIO_{7750DF63-F5DC-4198-8B8B-AE03B212F462}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.WORD_{7750DF63-F5DC-4198-8B8B-AE03B212F462}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition (HKLM\...\{90140000-0057-0000-1000-0000000FF1CE}_Office14.VISIO_{7750DF63-F5DC-4198-8B8B-AE03B212F462}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{90140000-0016-0000-1000-0000000FF1CE}_Office14.EXCEL_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{90140000-0018-0000-1000-0000000FF1CE}_Office14.POWERPOINT_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{90140000-001B-0000-1000-0000000FF1CE}_Office14.WORD_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{90140000-0057-0000-1000-0000000FF1CE}_Office14.VISIO_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2767886) 64-Bit Edition (HKLM\...\{90140000-0016-0000-1000-0000000FF1CE}_Office14.EXCEL_{204B60A2-CCEA-4075-9F58-B7BC1BA5E742}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2767886) 64-Bit Edition (HKLM\...\{90140000-0018-0000-1000-0000000FF1CE}_Office14.POWERPOINT_{204B60A2-CCEA-4075-9F58-B7BC1BA5E742}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2598240) 64-Bit Edition (HKLM\...\{90140000-0018-0000-1000-0000000FF1CE}_Office14.POWERPOINT_{AF61D314-0E39-485E-A603-2B2F03AB7376}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.EXCEL_{E1757044-ECB2-4551-B1D5-5E39F7E109CE}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.POWERPOINT_{E1757044-ECB2-4551-B1D5-5E39F7E109CE}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.VISIO_{E1757044-ECB2-4551-B1D5-5E39F7E109CE}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.WORD_{E1757044-ECB2-4551-B1D5-5E39F7E109CE}) (Version:  - Microsoft)
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VisiPics V1.31 (HKLM-x32\...\VisiPics_is1) (Version:  - Ozone)
VLC media player 2.0.6 (HKLM-x32\...\VLC media player) (Version: 2.0.6 - VideoLAN)
WebTablet IE Plugin (HKLM-x32\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.7 - Wacom Technology Corp.)
WebTablet Netscape Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.5 - Wacom Technology Corp.)
WinDirStat 1.1.2 (HKCU\...\WinDirStat) (Version:  - )
Windows 7 Codec Pack 4.0.6 (HKLM-x32\...\Windows 7 - Codec Pack) (Version: 4.0.6 - Windows 7 Codec Pack)
WinPatrol (HKLM\...\{4BB7A109-FDB5-45E3-9DB9-ECB2EA7B80EE}) (Version: 28.1.2013.0 - BillP Studios)
WinZip 18.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DE}) (Version: 18.0.10661 - WinZip Computing, S.L. )
Wunderlist (HKLM-x32\...\{1ca68332-4ba1-4943-9010-eaa1aa45b492}) (Version: 2.3.0.31 - 6 Wunderkinder GmbH)
Wunderlist (x32 Version: 2.3.0.31 - 6 Wunderkinder GmbH) Hidden
 
==================== Restore Points  =========================
 
13-03-2014 22:48:40 Windows Update
21-03-2014 12:18:18 Scheduled Checkpoint
22-03-2014 21:17:45 Windows Update
 
==================== Hosts content: ==========================
 
2013-10-21 14:11 - 2013-12-01 05:38 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {0C06250B-056F-41B8-9ABF-305851E868D6} - System32\Tasks\COMODO\COMODO Welcome {CEB54B45-2B5E-4FF5-9223-6735CD80FE69} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [2013-11-20] (COMODO)
Task: {0DA0BE80-2D5E-4695-9622-B43A5875B061} - System32\Tasks\gg_uac_daemon_Asd => C:\Program Files (x86)\Garena Plus\ggdllhost.exe [2013-07-15] ()
Task: {0F679F12-375B-4D9D-9F72-C7AA44C9B9ED} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2013-11-11] (COMODO)
Task: {18B9566D-CE2C-410A-A0EF-71183D8E4575} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)
Task: {214EFD34-E8D9-4E66-89D0-488783E1767F} - System32\Tasks\Malwarebytes Anti-Exploit => C:\Program Files\Malwarebytes Anti-Exploit\mbae-loader.exe [2013-12-17] (Malwarebytes Corporation)
Task: {29FE825E-BE72-4E08-8D1F-2D5A1AD1C9BB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-24] (Google Inc.)
Task: {33085230-D04D-44A4-952D-E5C46C50523A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-24] (Google Inc.)
Task: {39D64D5F-521C-40DF-9C4C-A19E6F3FD0A4} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3128014155-1925092750-1651038635-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {444F9798-B975-4929-8455-D2C87B72D2DB} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3128014155-1925092750-1651038635-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {6A742AA0-6ABA-47C0-9FAF-55EEDCB55093} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {89369B9D-ABE8-4B4F-AB13-CD4D007FD02E} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3128014155-1925092750-1651038635-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {918A62F9-2065-4851-A165-CE00A0E406D2} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-02-17] (AVAST Software)
Task: {BE577ECE-30E2-4F4F-8585-EE49526D133E} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3128014155-1925092750-1651038635-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {C04FCF89-8B59-4057-A75E-EF5A77648E0A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C2F71744-0E6A-4952-A470-53F44E419EEC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-14] (Adobe Systems Incorporated)
Task: {C65E17EC-C17E-4FAC-9574-5D4AC4CBFF3C} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3128014155-1925092750-1651038635-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
Task: {CAC33CAD-6EE2-45F3-85A0-C02C1035BC7C} - System32\Tasks\ParetoLogic Registration => Rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS2\UUS.dll" RunUns
Task: {FCDD7B26-8720-4E80-A4D0-01462F1DEE60} - System32\Tasks\AdobeAAMUpdater-1.0-Asd-PC-Asd => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Malwarebytes Anti-Exploit.job => C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe
Task: C:\Windows\Tasks\ParetoLogic Registration.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS2\UUS.dll
 
==================== Loaded Modules (whitelisted) =============
 
2013-05-20 09:34 - 2014-03-04 21:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-05-24 11:58 - 2010-10-21 09:38 - 01182576 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2013-07-15 22:28 - 2013-07-15 22:28 - 00049456 _____ () C:\Program Files (x86)\Garena Plus\ggdllhost.exe
2014-01-28 22:35 - 2014-01-28 22:35 - 02135232 _____ () C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
2013-09-15 00:37 - 2007-09-02 13:58 - 00495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe
2013-03-12 05:10 - 2013-03-12 05:10 - 04373600 _____ () C:\Program Files\Rainlendar2\Rainlendar2.exe
2012-05-17 03:12 - 2012-05-17 03:12 - 00179200 _____ () C:\Program Files\Rainlendar2\lua52.dll
2013-03-12 05:11 - 2013-03-12 05:11 - 00334432 _____ () C:\Program Files\Rainlendar2\plugins\iCalendarPlugin.dll
2012-06-17 21:21 - 2012-06-17 21:21 - 00015360 _____ () C:\Program Files\Rainlendar2\lfs.dll
2014-01-02 07:31 - 2014-01-02 07:31 - 01685504 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\ReactiveUI\2272aeef25dbf7bd5b9509858d6e50ee\ReactiveUI.ni.dll
2014-01-02 07:32 - 2014-01-02 07:32 - 00035328 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Wunderkinde6f42a4a9#\b0d92b7628878dc17d6d537412dc6af0\Wunderkinder.Wunderlist.Data.Realtime.ni.dll
2014-01-02 07:31 - 2014-01-02 07:31 - 00534528 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Akavache.Portable\0bcaf704fa3784e7dda65e32d5991b31\Akavache.Portable.ni.dll
2014-01-02 07:31 - 2014-01-02 07:31 - 00049664 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Wunderkinded9c6edae#\0f494a777acee9353db9ad583cf68052\Wunderkinder.Wunderlist.Presentation.ni.dll
2014-01-02 07:31 - 2014-01-02 07:31 - 00911872 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\AutoMapper\4bed5529aa30c30c75e9551532b8a1d0\AutoMapper.ni.dll
2013-10-01 13:33 - 2013-10-01 13:33 - 00028160 _____ () C:\Program Files (x86)\Wunderlist2\AutoMapper.Net4.dll
2014-03-18 20:20 - 2014-03-18 19:03 - 02188800 _____ () C:\Program Files\AVAST Software\Avast\defs\14031801\algo.dll
2012-10-11 21:56 - 2012-10-11 21:56 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-10-11 21:56 - 2012-10-11 21:56 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-07-15 22:28 - 2013-08-23 17:10 - 00553776 _____ () C:\Program Files (x86)\Garena Plus\ggspawn.dll
2013-09-15 00:37 - 2007-09-02 13:57 - 00069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll
2013-05-20 14:50 - 2012-12-10 09:46 - 00600868 _____ () C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll
2013-12-14 19:57 - 2013-12-14 19:57 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-03-24 21:27 - 2014-03-15 08:50 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
2014-03-24 21:27 - 2014-03-15 08:50 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libglesv2.dll
2014-03-24 21:27 - 2014-03-15 08:50 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libegl.dll
2014-03-24 21:27 - 2014-03-15 08:50 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll
2014-03-24 21:27 - 2014-03-15 08:50 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
2014-03-24 21:27 - 2014-03-15 08:50 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
AlternateDataStreams: C:\Users\ArashiKen\AppData\Local:SDPSFoR4rilgg34YlsdQYyfdvV3W7
 
==================== Safe Mode (whitelisted) ===================
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
 
==================== Disabled items from MSCONFIG ==============
 
MSCONFIG\startupfolder: C:^Users^ArashiKen^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Stardock ObjectDock.lnk => C:\Windows\pss\Stardock ObjectDock.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe"  -osboot
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/25/2014 02:36:07 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005
 
Error: (03/25/2014 01:36:15 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (03/24/2014 11:04:07 PM) (Source: Application Hang) (User: )
Description: The program dontstarve_steam.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 4e0
 
Start Time: 01cf476c6d3ed7ae
 
Termination Time: 351
 
Application Path: C:\Users\ArashiKen\Downloads\Don't Starve\bin\dontstarve_steam.exe
 
Report Id: 876218a0-b365-11e3-b7d5-3085a9ed160f
 
Error: (03/24/2014 09:43:09 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (03/24/2014 09:43:09 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (03/24/2014 04:02:15 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (03/24/2014 04:02:15 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (03/24/2014 03:57:49 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
 
Error: (03/24/2014 03:57:49 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
 
Error: (03/24/2014 03:57:49 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
 
 
System errors:
=============
Error: (03/24/2014 09:41:22 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error: 
%%1069
 
Error: (03/24/2014 09:41:22 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: 
%%1330
 
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
 
Error: (03/24/2014 04:00:28 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error: 
%%1069
 
Error: (03/24/2014 04:00:28 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: 
%%1330
 
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
 
Error: (03/24/2014 03:58:25 PM) (Source: WMPNetworkSvc) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070420'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
 
Error: (03/13/2014 08:44:37 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error: 
%%1069
 
Error: (03/13/2014 08:44:37 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: 
%%1330
 
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
 
Error: (03/06/2014 04:07:46 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error: 
%%1069
 
Error: (03/06/2014 04:07:46 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: 
%%1330
 
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
 
Error: (03/04/2014 06:59:38 PM) (Source: Service Control Manager) (User: )
Description: The LogMeIn Hamachi Tunneling Engine service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
 
Microsoft Office Sessions:
=========================
Error: (03/25/2014 02:36:07 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005
 
Error: (03/25/2014 01:36:15 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Autodesk\Composite2014\python\lib\distutils\command\wininst-8_d.exe
 
Error: (03/24/2014 11:04:07 PM) (Source: Application Hang)(User: )
Description: dontstarve_steam.exe0.0.0.04e001cf476c6d3ed7ae351C:\Users\ArashiKen\Downloads\Don't Starve\bin\dontstarve_steam.exe876218a0-b365-11e3-b7d5-3085a9ed160f
 
Error: (03/24/2014 09:43:09 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000
 
Error: (03/24/2014 09:43:09 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000
 
Error: (03/24/2014 04:02:15 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000
 
Error: (03/24/2014 04:02:15 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000
 
Error: (03/24/2014 03:57:49 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcNvVAD initialization failed [6]
 
Error: (03/24/2014 03:57:49 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
 
Error: (03/24/2014 03:57:49 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-12-01 05:36:13.389
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-12-01 05:36:13.330
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 20%
Total physical RAM: 16335.93 MB
Available physical RAM: 12995.27 MB
Total Pagefile: 32173.11 MB
Available Pagefile: 28569.46 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:219.73 GB) (Free:103.21 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (data) (Fixed) (Total:300.12 GB) (Free:85.14 GB) NTFS
Drive e: (Work Files) (Fixed) (Total:214.84 GB) (Free:150.5 GB) NTFS
Drive h: (Backups) (Fixed) (Total:116 GB) (Free:52.87 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 4403F3DE)
Partition 1: (Active) - (Size=220 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=300 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=412 GB) - (Type=OF Extended)
 
==================== End Of Log ============================


#4 Mochimochi

Mochimochi
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:56 AM

Posted 24 March 2014 - 11:55 PM

Results of TDSSKiller (nothing found):
 
BTW, When I started scanning, my Comodo suddenly alerted me to a virus. Win32 something. I chose to ignore it in the mindset that I -think- it was a conflict with TDSSKiller?
 
Or was this a malware that wanted to stop my scan and Comodo caught it? :(
 
 
12:50:50.0151 0x0cc8  TDSS rootkit removing tool 3.0.0.26 Mar 24 2014 07:28:43
12:50:54.0195 0x0cc8  ============================================================
12:50:54.0195 0x0cc8  Current date / time: 2014/03/25 12:50:54.0195
12:50:54.0195 0x0cc8  SystemInfo:
12:50:54.0195 0x0cc8  
12:50:54.0196 0x0cc8  OS Version: 6.1.7601 ServicePack: 1.0
12:50:54.0196 0x0cc8  Product type: Workstation
12:50:54.0196 0x0cc8  ComputerName: ZEROMUSULTI-PC
12:50:54.0196 0x0cc8  UserName: Asd
12:50:54.0196 0x0cc8  Windows directory: C:\Windows
12:50:54.0196 0x0cc8  System windows directory: C:\Windows
12:50:54.0196 0x0cc8  Running under WOW64
12:50:54.0196 0x0cc8  Processor architecture: Intel x64
12:50:54.0196 0x0cc8  Number of processors: 2
12:50:54.0196 0x0cc8  Page size: 0x1000
12:50:54.0196 0x0cc8  Boot type: Normal boot
12:50:54.0196 0x0cc8  ============================================================
12:50:56.0293 0x0cc8  KLMD registered as C:\Windows\system32\drivers\16860348.sys
12:50:56.0456 0x0cc8  System UUID: {3596DB7F-CF46-0454-F17A-2C3292D84F69}
12:50:56.0913 0x0cc8  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x700FC, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000040
12:50:56.0916 0x0cc8  ============================================================
12:50:56.0916 0x0cc8  \Device\Harddisk0\DR0:
12:50:56.0916 0x0cc8  MBR partitions:
12:50:56.0916 0x0cc8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x13, BlocksNum 0x1B773FED
12:50:56.0916 0x0cc8  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1B774000, BlocksNum 0x2583D000
12:50:56.0933 0x0cc8  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x40FB1800, BlocksNum 0x1ADB0000
12:50:56.0945 0x0cc8  \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x5BD62000, BlocksNum 0xE800000
12:50:56.0945 0x0cc8  ============================================================
12:50:56.0974 0x0cc8  C: <-> \Device\Harddisk0\DR0\Partition1
12:50:57.0006 0x0cc8  D: <-> \Device\Harddisk0\DR0\Partition2
12:50:57.0040 0x0cc8  E: <-> \Device\Harddisk0\DR0\Partition3
12:50:57.0082 0x0cc8  H: <-> \Device\Harddisk0\DR0\Partition4
12:50:57.0083 0x0cc8  ============================================================
12:50:57.0083 0x0cc8  Initialize success
12:50:57.0083 0x0cc8  ============================================================
12:51:40.0408 0x116c  ============================================================
12:51:40.0408 0x116c  Scan started
12:51:40.0408 0x116c  Mode: Manual; 
12:51:40.0408 0x116c  ============================================================
12:51:40.0408 0x116c  KSN ping started
12:51:43.0685 0x116c  KSN ping finished: true
12:51:44.0384 0x116c  ================ Scan system memory ========================
12:51:44.0385 0x116c  System memory - ok
12:51:44.0385 0x116c  ================ Scan services =============================
12:51:44.0436 0x116c  [ B7603B1B3A188C79DE7E087F11E324FB, D9432F6DDCB53FE7E429611D9788041C38570E48E568D4C5A370E920F59B35E1 ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
12:51:44.0438 0x116c  !SASCORE - ok
12:51:44.0490 0x116c  1394hub - ok
12:51:44.0531 0x116c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
12:51:44.0535 0x116c  1394ohci - ok
12:51:44.0566 0x116c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
12:51:44.0573 0x116c  ACPI - ok
12:51:44.0587 0x116c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
12:51:44.0588 0x116c  AcpiPmi - ok
12:51:44.0703 0x116c  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:51:44.0704 0x116c  AdobeARMservice - ok
12:51:44.0856 0x116c  [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:51:44.0860 0x116c  AdobeFlashPlayerUpdateSvc - ok
12:51:44.0887 0x116c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
12:51:44.0895 0x116c  adp94xx - ok
12:51:44.0911 0x116c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
12:51:44.0917 0x116c  adpahci - ok
12:51:44.0933 0x116c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
12:51:44.0937 0x116c  adpu320 - ok
12:51:44.0957 0x116c  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:51:44.0959 0x116c  AeLookupSvc - ok
12:51:45.0000 0x116c  [ 1C7857B62DE5994A75B054A9FD4C3825, 83F963D7E636532B1AD30B1E727EC429317CA540F6EB3BB268FCC0B163B67767 ] AFD             C:\Windows\system32\drivers\afd.sys
12:51:45.0009 0x116c  AFD - ok
12:51:45.0023 0x116c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
12:51:45.0025 0x116c  agp440 - ok
12:51:45.0039 0x116c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
12:51:45.0041 0x116c  ALG - ok
12:51:45.0054 0x116c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:51:45.0055 0x116c  aliide - ok
12:51:45.0067 0x116c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
12:51:45.0068 0x116c  amdide - ok
12:51:45.0081 0x116c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
12:51:45.0083 0x116c  AmdK8 - ok
12:51:45.0092 0x116c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
12:51:45.0094 0x116c  AmdPPM - ok
12:51:45.0122 0x116c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
12:51:45.0124 0x116c  amdsata - ok
12:51:45.0141 0x116c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
12:51:45.0145 0x116c  amdsbs - ok
12:51:45.0160 0x116c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
12:51:45.0161 0x116c  amdxata - ok
12:51:45.0183 0x116c  [ 4DE0D5D747A73797C95A97DCCE5018B5, 17EC669675C2E43515EFE2D8BCC9DDFFBE64F99EBFB9A6DAB429F65A2B504560 ] androidusb      C:\Windows\system32\Drivers\ssadadb.sys
12:51:45.0184 0x116c  androidusb - ok
12:51:45.0210 0x116c  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
12:51:45.0212 0x116c  AppID - ok
12:51:45.0223 0x116c  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
12:51:45.0224 0x116c  AppIDSvc - ok
12:51:45.0238 0x116c  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
12:51:45.0241 0x116c  Appinfo - ok
12:51:45.0281 0x116c  [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:51:45.0282 0x116c  Apple Mobile Device - ok
12:51:45.0303 0x116c  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
12:51:45.0307 0x116c  AppMgmt - ok
12:51:45.0317 0x116c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
12:51:45.0320 0x116c  arc - ok
12:51:45.0332 0x116c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
12:51:45.0334 0x116c  arcsas - ok
12:51:45.0357 0x116c  [ 22842362DF890F5492F85AA60916A697, EC01380B1C9BF4CFBA018FC314563F0785280172A2A9B51D50F088E7101951EF ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
12:51:45.0359 0x116c  asmthub3 - ok
12:51:45.0387 0x116c  [ 08E2D77766CC05E75A0707207D9FC684, 6CF3B12B2B3375B715A3EBC66EF148CEA2248D448A3A37875B7B1BC7CDA40FDD ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
12:51:45.0392 0x116c  asmtxhci - ok
12:51:45.0464 0x116c  [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:51:45.0465 0x116c  aspnet_state - ok
12:51:45.0486 0x116c  [ 57483E691D635510533E081EC4CB81EC, 5A963D1A51EAE53271820824522DD0372789035FEC8EEDA7B03A5049E0F85AF8 ] aswKbd          C:\Windows\system32\drivers\aswKbd.sys
12:51:45.0487 0x116c  aswKbd - ok
12:51:45.0511 0x116c  [ 0ACC3F49015E628590CA4372322EB46B, EB4E22EB4E840261168AF750E878E7A28CC080A89CEF77B5037C2897C40D1DE3 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
12:51:45.0513 0x116c  aswMonFlt - ok
12:51:45.0566 0x116c  [ 7F6904FC2E5EDD0F3B944EAB4AFE073C, F6305E6018230191B7AD17408E368AC1D3D1039D32D8BE298CC3078A7C845A2F ] aswNdisFlt      C:\Windows\system32\DRIVERS\aswNdisFlt.sys
12:51:45.0572 0x116c  aswNdisFlt - ok
12:51:45.0577 0x116c  [ 679712B7A353EE665B9301592164A172, CA3C918106A355BAFD0833BB493DF2CCBC2D0F90CA7EBF5E27CC088C7170B0E0 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
12:51:45.0579 0x116c  aswRdr - ok
12:51:45.0592 0x116c  [ C04F7B373881009D7994D9BF55D24AB4, 5DEEA804F4F9862024F40A204E88DBCFFBDD2DC87CA86145E3FB649CFCCDC624 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
12:51:45.0594 0x116c  aswRvrt - ok
12:51:45.0624 0x116c  [ 43599E630DFC30AD4E6A2B4B269EB1C0, DA6C7FDC1F6A57117B17F697A94190CC0BB9E32B8CBB4F8C042AA461361CC74C ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
12:51:45.0637 0x116c  aswSnx - ok
12:51:45.0681 0x116c  [ F22DE5F5BA8ADA0A861441B624B51EB5, 58EF9FB3328B6B470F3652DBCE8ACEDAEE6839AC393889A02052298CA204689B ] aswSP           C:\Windows\system32\drivers\aswSP.sys
12:51:45.0687 0x116c  aswSP - ok
12:51:45.0730 0x116c  [ FD3EA14ADF6216BDF4030DB2EFD43D96, 2D3009008AAE93285301B5844DC214D6B05ECB05D37AE08895D8E7187A0BB619 ] aswStm          C:\Windows\system32\drivers\aswStm.sys
12:51:45.0731 0x116c  aswStm - ok
12:51:45.0749 0x116c  [ 90399625F341AB76BA4B85A5E860EB1F, 92DD461B14240222F451F971642844A4DAD9DF4FFEAA8F12D16EA117822BEEF3 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
12:51:45.0753 0x116c  aswVmm - ok
12:51:45.0763 0x116c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:51:45.0764 0x116c  AsyncMac - ok
12:51:45.0776 0x116c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
12:51:45.0777 0x116c  atapi - ok
12:51:45.0813 0x116c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:51:45.0826 0x116c  AudioEndpointBuilder - ok
12:51:45.0850 0x116c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
12:51:45.0859 0x116c  AudioSrv - ok
12:51:45.0918 0x116c  [ CC42F104172B4A62793083D380867317, 0B09823419B328E29EB9FFBD033B3295590E414F31E7B37F11F62BD4B7EBAF06 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
12:51:45.0920 0x116c  avast! Antivirus - ok
12:51:45.0944 0x116c  [ 3B5DA02DEA6910A709F19180746FF0CE, A97CD150692171663FE15B2BFAC8176C657C4D99232E17BD3ABA6ED1D65259E3 ] avast! Firewall C:\Program Files\AVAST Software\Avast\afwServ.exe
12:51:45.0947 0x116c  avast! Firewall - ok
12:51:45.0974 0x116c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
12:51:45.0976 0x116c  AxInstSV - ok
12:51:46.0004 0x116c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
12:51:46.0015 0x116c  b06bdrv - ok
12:51:46.0028 0x116c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
12:51:46.0033 0x116c  b57nd60a - ok
12:51:46.0046 0x116c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
12:51:46.0048 0x116c  BDESVC - ok
12:51:46.0051 0x116c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:51:46.0051 0x116c  Beep - ok
12:51:46.0076 0x116c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
12:51:46.0089 0x116c  BFE - ok
12:51:46.0129 0x116c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
12:51:46.0146 0x116c  BITS - ok
12:51:46.0150 0x116c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
12:51:46.0151 0x116c  blbdrive - ok
12:51:46.0180 0x116c  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:51:46.0186 0x116c  Bonjour Service - ok
12:51:46.0208 0x116c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:51:46.0210 0x116c  bowser - ok
12:51:46.0227 0x116c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:51:46.0228 0x116c  BrFiltLo - ok
12:51:46.0241 0x116c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:51:46.0241 0x116c  BrFiltUp - ok
12:51:46.0257 0x116c  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
12:51:46.0258 0x116c  BridgeMP - ok
12:51:46.0279 0x116c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
12:51:46.0282 0x116c  Browser - ok
12:51:46.0290 0x116c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
12:51:46.0295 0x116c  Brserid - ok
12:51:46.0305 0x116c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
12:51:46.0306 0x116c  BrSerWdm - ok
12:51:46.0319 0x116c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
12:51:46.0319 0x116c  BrUsbMdm - ok
12:51:46.0327 0x116c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
12:51:46.0328 0x116c  BrUsbSer - ok
12:51:46.0339 0x116c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
12:51:46.0341 0x116c  BTHMODEM - ok
12:51:46.0354 0x116c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
12:51:46.0356 0x116c  bthserv - ok
12:51:46.0358 0x116c  catchme - ok
12:51:46.0375 0x116c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:51:46.0377 0x116c  cdfs - ok
12:51:46.0396 0x116c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
12:51:46.0398 0x116c  cdrom - ok
12:51:46.0418 0x116c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
12:51:46.0420 0x116c  CertPropSvc - ok
12:51:46.0435 0x116c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
12:51:46.0436 0x116c  circlass - ok
12:51:46.0461 0x116c  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
12:51:46.0467 0x116c  CLFS - ok
12:51:46.0508 0x116c  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:51:46.0509 0x116c  clr_optimization_v2.0.50727_32 - ok
12:51:46.0536 0x116c  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:51:46.0538 0x116c  clr_optimization_v2.0.50727_64 - ok
12:51:46.0580 0x116c  [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:51:46.0582 0x116c  clr_optimization_v4.0.30319_32 - ok
12:51:46.0592 0x116c  [ 86329C35FF23CFEF0FB6C0023BA06BCE, D915CE7AD564F97A1C3B047D5248B7EF67ADDC59687FBC90F1776C21DAA0D3FD ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:51:46.0594 0x116c  clr_optimization_v4.0.30319_64 - ok
12:51:46.0610 0x116c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
12:51:46.0612 0x116c  CmBatt - ok
12:51:46.0774 0x116c  [ 2D1E7E163AB1C927ACBA22CBE4A9F818, 81CAC4AC46573AE997FA98E4FFD5CE88A9BB8D3BE80CA075490EA3168414E649 ] cmdAgent        C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
12:51:46.0853 0x116c  cmdAgent - ok
12:51:46.0886 0x116c  [ E34DF9613C8D24C5CB6F8DF8D74E5586, BFE4BC747262439F98A3B39FFF484D350A247143B7F7074BC78C2124798BE448 ] cmderd          C:\Windows\system32\DRIVERS\cmderd.sys
12:51:46.0887 0x116c  cmderd - ok
12:51:46.0908 0x116c  [ D8E4A9A691BBA24EE242A1FDDF6EBAA1, EC5D49D746DD1B7D8D403F577EB95EE59923BD8DCDBBFE65B4983EC2A33808D4 ] cmdGuard        C:\Windows\system32\DRIVERS\cmdguard.sys
12:51:46.0918 0x116c  cmdGuard - ok
12:51:46.0945 0x116c  [ F6B424B925B67C306BAA85AC79F7A5CC, 910E86EDFD1750324C70167989DDFE17C9E061822039AE35D6F66113E32320D6 ] cmdHlp          C:\Windows\system32\DRIVERS\cmdhlp.sys
12:51:46.0946 0x116c  cmdHlp - ok
12:51:46.0971 0x116c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:51:46.0972 0x116c  cmdide - ok
12:51:46.0977 0x116c  [ A3574DCC6588D6E09E069D2BE61537EC, E9AA0DA9A6C6F22398C2555FA6AA24B2142791B7281E91973842A5E88A2815D4 ] cmdvirth        C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
12:51:46.0980 0x116c  cmdvirth - ok
12:51:47.0007 0x116c  [ 9AC4F97C2D3E93367E2148EA940CD2CD, 530E089E5CF868AECDB2B5548EBE76E0CA98FC74A72897292AB2485734402E3B ] CNG             C:\Windows\system32\Drivers\cng.sys
12:51:47.0015 0x116c  CNG - ok
12:51:47.0032 0x116c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
12:51:47.0032 0x116c  Compbatt - ok
12:51:47.0056 0x116c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
12:51:47.0057 0x116c  CompositeBus - ok
12:51:47.0060 0x116c  COMSysApp - ok
12:51:47.0077 0x116c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
12:51:47.0078 0x116c  crcdisk - ok
12:51:47.0103 0x116c  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:51:47.0106 0x116c  CryptSvc - ok
12:51:47.0138 0x116c  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
12:51:47.0146 0x116c  CSC - ok
12:51:47.0170 0x116c  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
12:51:47.0187 0x116c  CscService - ok
12:51:47.0213 0x116c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:51:47.0227 0x116c  DcomLaunch - ok
12:51:47.0257 0x116c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
12:51:47.0265 0x116c  defragsvc - ok
12:51:47.0288 0x116c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:51:47.0290 0x116c  DfsC - ok
12:51:47.0313 0x116c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
12:51:47.0321 0x116c  Dhcp - ok
12:51:47.0332 0x116c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
12:51:47.0333 0x116c  discache - ok
12:51:47.0347 0x116c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
12:51:47.0349 0x116c  Disk - ok
12:51:47.0378 0x116c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:51:47.0382 0x116c  Dnscache - ok
12:51:47.0414 0x116c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:51:47.0421 0x116c  dot3svc - ok
12:51:47.0441 0x116c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
12:51:47.0446 0x116c  DPS - ok
12:51:47.0556 0x116c  [ 49B2C034D77F9F73C80AC55E795CCB6E, EC3B3AF80FA86222E63ABA646C3452C7AD1B9462A1A18D059F5F7EC18C37D97C ] DragonUpdater   C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
12:51:47.0594 0x116c  DragonUpdater - ok
12:51:47.0619 0x116c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:51:47.0619 0x116c  drmkaud - ok
12:51:47.0661 0x116c  [ AF2E16242AA723F68F461B6EAE2EAD3D, 3973633C6D231DB8D92DE310D3A0836C64639B9A20C6C56385FB218A707C1BC3 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:51:47.0681 0x116c  DXGKrnl - ok
12:51:47.0697 0x116c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
12:51:47.0701 0x116c  EapHost - ok
12:51:47.0803 0x116c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
12:51:47.0888 0x116c  ebdrv - ok
12:51:47.0915 0x116c  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] EFS             C:\Windows\System32\lsass.exe
12:51:47.0918 0x116c  EFS - ok
12:51:47.0959 0x116c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
12:51:47.0975 0x116c  ehRecvr - ok
12:51:47.0999 0x116c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
12:51:48.0004 0x116c  ehSched - ok
12:51:48.0031 0x116c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
12:51:48.0043 0x116c  elxstor - ok
12:51:48.0072 0x116c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
12:51:48.0073 0x116c  ErrDev - ok
12:51:48.0132 0x116c  [ 23DE163660895D178A2A6FCF785FF040, 69C4DF34D5A20D24F61E4BBE5AEC57D345EF700F944A21523C45069564A3B9C1 ] ESProtectionDriver C:\Program Files\Malwarebytes Anti-Exploit\MBAE.sys
12:51:48.0133 0x116c  ESProtectionDriver - ok
12:51:48.0162 0x116c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
12:51:48.0171 0x116c  EventSystem - ok
12:51:48.0190 0x116c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
12:51:48.0194 0x116c  exfat - ok
12:51:48.0214 0x116c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:51:48.0218 0x116c  fastfat - ok
12:51:48.0250 0x116c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
12:51:48.0266 0x116c  Fax - ok
12:51:48.0279 0x116c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
12:51:48.0281 0x116c  fdc - ok
12:51:48.0299 0x116c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
12:51:48.0301 0x116c  fdPHost - ok
12:51:48.0316 0x116c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:51:48.0318 0x116c  FDResPub - ok
12:51:48.0327 0x116c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:51:48.0329 0x116c  FileInfo - ok
12:51:48.0340 0x116c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:51:48.0341 0x116c  Filetrace - ok
12:51:48.0390 0x116c  [ 21485C51A6C0DC3D096A96428455AE0C, A14E242504B198F3A27F5C6D5CDA467CF0CE52AA723D70CB3A038B7A8716995B ] FlexNet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:51:48.0412 0x116c  FlexNet Licensing Service - ok
12:51:48.0489 0x116c  [ ECC329F6104EE208C24C4A8C1B4A9D14, E120DAAB58C4083577A8445230DBB841984818188BFD0609576BC704C836DF3F ] FlexNet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
12:51:48.0531 0x116c  FlexNet Licensing Service 64 - ok
12:51:48.0550 0x116c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
12:51:48.0552 0x116c  flpydisk - ok
12:51:48.0574 0x116c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:51:48.0581 0x116c  FltMgr - ok
12:51:48.0632 0x116c  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
12:51:48.0666 0x116c  FontCache - ok
12:51:48.0695 0x116c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:51:48.0697 0x116c  FontCache3.0.0.0 - ok
12:51:48.0708 0x116c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
12:51:48.0710 0x116c  FsDepends - ok
12:51:48.0731 0x116c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:51:48.0732 0x116c  Fs_Rec - ok
12:51:48.0759 0x116c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
12:51:48.0764 0x116c  fvevol - ok
12:51:48.0776 0x116c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
12:51:48.0778 0x116c  gagp30kx - ok
12:51:48.0835 0x116c  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:51:48.0836 0x116c  GEARAspiWDM - ok
12:51:48.0879 0x116c  GGSAFERDriver - ok
12:51:48.0910 0x116c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
12:51:48.0929 0x116c  gpsvc - ok
12:51:48.0973 0x116c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:51:48.0975 0x116c  gupdate - ok
12:51:48.0980 0x116c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:51:48.0982 0x116c  gupdatem - ok
12:51:49.0000 0x116c  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
12:51:49.0001 0x116c  hamachi - ok
12:51:49.0095 0x116c  [ 2A94B104F6B64AE207D687F2AFFE8056, A42F8198A070C417554C34C2166137868506B5F7780DB7C13C0658013940F5D6 ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
12:51:49.0124 0x116c  Hamachi2Svc - ok
12:51:49.0139 0x116c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
12:51:49.0140 0x116c  hcw85cir - ok
12:51:49.0160 0x116c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:51:49.0166 0x116c  HdAudAddService - ok
12:51:49.0185 0x116c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
12:51:49.0188 0x116c  HDAudBus - ok
12:51:49.0204 0x116c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
12:51:49.0205 0x116c  HidBatt - ok
12:51:49.0222 0x116c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
12:51:49.0225 0x116c  HidBth - ok
12:51:49.0238 0x116c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
12:51:49.0239 0x116c  HidIr - ok
12:51:49.0252 0x116c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
12:51:49.0254 0x116c  hidserv - ok
12:51:49.0261 0x116c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
12:51:49.0263 0x116c  HidUsb - ok
12:51:49.0291 0x116c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:51:49.0294 0x116c  hkmsvc - ok
12:51:49.0320 0x116c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:51:49.0325 0x116c  HomeGroupListener - ok
12:51:49.0340 0x116c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:51:49.0346 0x116c  HomeGroupProvider - ok
12:51:49.0358 0x116c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
12:51:49.0360 0x116c  HpSAMD - ok
12:51:49.0401 0x116c  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:51:49.0414 0x116c  HTTP - ok
12:51:49.0438 0x116c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
12:51:49.0439 0x116c  hwpolicy - ok
12:51:49.0449 0x116c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
12:51:49.0451 0x116c  i8042prt - ok
12:51:49.0472 0x116c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
12:51:49.0481 0x116c  iaStorV - ok
12:51:49.0570 0x116c  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:51:49.0587 0x116c  idsvc - ok
12:51:49.0599 0x116c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
12:51:49.0601 0x116c  iirsp - ok
12:51:49.0638 0x116c  [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT          C:\Windows\System32\ikeext.dll
12:51:49.0656 0x116c  IKEEXT - ok
12:51:49.0691 0x116c  [ 7D3B8880385ACFA47174847983C4A7FA, CDD3AD80885C6D321C5DFDC8E83F3E673D5FB5A6A49CC45E343F630386D28662 ] inspect         C:\Windows\system32\DRIVERS\inspect.sys
12:51:49.0692 0x116c  inspect - ok
12:51:49.0715 0x116c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
12:51:49.0715 0x116c  intelide - ok
12:51:49.0730 0x116c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
12:51:49.0731 0x116c  intelppm - ok
12:51:49.0747 0x116c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:51:49.0749 0x116c  IPBusEnum - ok
12:51:49.0773 0x116c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:51:49.0774 0x116c  IpFilterDriver - ok
12:51:49.0829 0x116c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:51:49.0840 0x116c  iphlpsvc - ok
12:51:49.0852 0x116c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
12:51:49.0854 0x116c  IPMIDRV - ok
12:51:49.0866 0x116c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
12:51:49.0869 0x116c  IPNAT - ok
12:51:49.0924 0x116c  [ 33B286326BD2B1A7748C43391058FB19, C6240C9ED5B7C227595E953E3D1AB5F2D45CCD86FDBDF985836A970B4B6467FE ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
12:51:49.0934 0x116c  iPod Service - ok
12:51:49.0945 0x116c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:51:49.0945 0x116c  IRENUM - ok
12:51:49.0960 0x116c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:51:49.0961 0x116c  isapnp - ok
12:51:49.0981 0x116c  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
12:51:49.0986 0x116c  iScsiPrt - ok
12:51:49.0991 0x116c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
12:51:49.0992 0x116c  kbdclass - ok
12:51:50.0004 0x116c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
12:51:50.0005 0x116c  kbdhid - ok
12:51:50.0021 0x116c  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] KeyIso          C:\Windows\system32\lsass.exe
12:51:50.0023 0x116c  KeyIso - ok
12:51:50.0041 0x116c  [ 97A7070AEA4C058B6418519E869A63B4, 15345C2D6CA159BD498002974A0BD21CAB611124D85E3320248B47652AEF23C8 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:51:50.0044 0x116c  KSecDD - ok
12:51:50.0054 0x116c  [ 26C43A7C2862447EC59DEDA188D1DA07, 5363BF87E650FE2010ACA9417D6920FF4ED752256FF47732882E9B2BA1ED154B ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
12:51:50.0057 0x116c  KSecPkg - ok
12:51:50.0068 0x116c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
12:51:50.0069 0x116c  ksthunk - ok
12:51:50.0090 0x116c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:51:50.0097 0x116c  KtmRm - ok
12:51:50.0128 0x116c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
12:51:50.0134 0x116c  LanmanServer - ok
12:51:50.0161 0x116c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:51:50.0166 0x116c  LanmanWorkstation - ok
12:51:50.0187 0x116c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:51:50.0188 0x116c  lltdio - ok
12:51:50.0211 0x116c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:51:50.0217 0x116c  lltdsvc - ok
12:51:50.0228 0x116c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:51:50.0230 0x116c  lmhosts - ok
12:51:50.0277 0x116c  [ E299C7D4AE6AF391F38EAE78D788E678, 830D9466FED497B793BD7AFC31053A903E41E4EE02765365E4D72BADA5C45338 ] LMIGuardianSvc  C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
12:51:50.0282 0x116c  LMIGuardianSvc - ok
12:51:50.0302 0x116c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
12:51:50.0304 0x116c  LSI_FC - ok
12:51:50.0318 0x116c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
12:51:50.0321 0x116c  LSI_SAS - ok
12:51:50.0336 0x116c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:51:50.0338 0x116c  LSI_SAS2 - ok
12:51:50.0354 0x116c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:51:50.0356 0x116c  LSI_SCSI - ok
12:51:50.0375 0x116c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
12:51:50.0377 0x116c  luafv - ok
12:51:50.0399 0x116c  [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
12:51:50.0399 0x116c  MBAMProtector - ok
12:51:50.0432 0x116c  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
12:51:50.0437 0x116c  MBAMScheduler - ok
12:51:50.0466 0x116c  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
12:51:50.0475 0x116c  MBAMService - ok
12:51:50.0494 0x116c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
12:51:50.0497 0x116c  Mcx2Svc - ok
12:51:50.0520 0x116c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
12:51:50.0522 0x116c  megasas - ok
12:51:50.0537 0x116c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
12:51:50.0542 0x116c  MegaSR - ok
12:51:50.0567 0x116c  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
12:51:50.0568 0x116c  MEIx64 - ok
12:51:50.0580 0x116c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
12:51:50.0583 0x116c  MMCSS - ok
12:51:50.0594 0x116c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
12:51:50.0595 0x116c  Modem - ok
12:51:50.0599 0x116c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:51:50.0600 0x116c  monitor - ok
12:51:50.0620 0x116c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
12:51:50.0622 0x116c  mouclass - ok
12:51:50.0632 0x116c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:51:50.0632 0x116c  mouhid - ok
12:51:50.0656 0x116c  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
12:51:50.0659 0x116c  mountmgr - ok
12:51:50.0684 0x116c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
12:51:50.0686 0x116c  mpio - ok
12:51:50.0704 0x116c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:51:50.0705 0x116c  mpsdrv - ok
12:51:50.0759 0x116c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:51:50.0776 0x116c  MpsSvc - ok
12:51:50.0795 0x116c  [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:51:50.0797 0x116c  MRxDAV - ok
12:51:50.0827 0x116c  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:51:50.0830 0x116c  mrxsmb - ok
12:51:50.0845 0x116c  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:51:50.0850 0x116c  mrxsmb10 - ok
12:51:50.0865 0x116c  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:51:50.0867 0x116c  mrxsmb20 - ok
12:51:50.0891 0x116c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
12:51:50.0892 0x116c  msahci - ok
12:51:50.0903 0x116c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
12:51:50.0906 0x116c  msdsm - ok
12:51:50.0921 0x116c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
12:51:50.0925 0x116c  MSDTC - ok
12:51:50.0938 0x116c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:51:50.0939 0x116c  Msfs - ok
12:51:50.0948 0x116c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
12:51:50.0949 0x116c  mshidkmdf - ok
12:51:50.0958 0x116c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:51:50.0958 0x116c  msisadrv - ok
12:51:50.0982 0x116c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:51:50.0986 0x116c  MSiSCSI - ok
12:51:50.0991 0x116c  msiserver - ok
12:51:50.0996 0x116c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:51:50.0997 0x116c  MSKSSRV - ok
12:51:51.0008 0x116c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:51:51.0009 0x116c  MSPCLOCK - ok
12:51:51.0013 0x116c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:51:51.0014 0x116c  MSPQM - ok
12:51:51.0046 0x116c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:51:51.0052 0x116c  MsRPC - ok
12:51:51.0069 0x116c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
12:51:51.0070 0x116c  mssmbios - ok
12:51:51.0087 0x116c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:51:51.0088 0x116c  MSTEE - ok
12:51:51.0102 0x116c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
12:51:51.0103 0x116c  MTConfig - ok
12:51:51.0122 0x116c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
12:51:51.0123 0x116c  Mup - ok
12:51:51.0144 0x116c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
12:51:51.0154 0x116c  napagent - ok
12:51:51.0176 0x116c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:51:51.0183 0x116c  NativeWifiP - ok
12:51:51.0221 0x116c  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:51:51.0237 0x116c  NDIS - ok
12:51:51.0266 0x116c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
12:51:51.0267 0x116c  NdisCap - ok
12:51:51.0280 0x116c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:51:51.0281 0x116c  NdisTapi - ok
12:51:51.0299 0x116c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:51:51.0300 0x116c  Ndisuio - ok
12:51:51.0319 0x116c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:51:51.0322 0x116c  NdisWan - ok
12:51:51.0344 0x116c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:51:51.0345 0x116c  NDProxy - ok
12:51:51.0357 0x116c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:51:51.0358 0x116c  NetBIOS - ok
12:51:51.0372 0x116c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
12:51:51.0377 0x116c  NetBT - ok
12:51:51.0386 0x116c  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] Netlogon        C:\Windows\system32\lsass.exe
12:51:51.0388 0x116c  Netlogon - ok
12:51:51.0417 0x116c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
12:51:51.0426 0x116c  Netman - ok
12:51:51.0456 0x116c  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:51:51.0460 0x116c  NetMsmqActivator - ok
12:51:51.0468 0x116c  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:51:51.0471 0x116c  NetPipeActivator - ok
12:51:51.0495 0x116c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
12:51:51.0509 0x116c  netprofm - ok
12:51:51.0521 0x116c  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:51:51.0524 0x116c  NetTcpActivator - ok
12:51:51.0536 0x116c  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:51:51.0540 0x116c  NetTcpPortSharing - ok
12:51:51.0562 0x116c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
12:51:51.0564 0x116c  nfrd960 - ok
12:51:51.0597 0x116c  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:51:51.0603 0x116c  NlaSvc - ok
12:51:51.0608 0x116c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:51:51.0610 0x116c  Npfs - ok
12:51:51.0626 0x116c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
12:51:51.0629 0x116c  nsi - ok
12:51:51.0635 0x116c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:51:51.0636 0x116c  nsiproxy - ok
12:51:51.0694 0x116c  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:51:51.0735 0x116c  Ntfs - ok
12:51:51.0752 0x116c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
12:51:51.0752 0x116c  Null - ok
12:51:51.0780 0x116c  [ E366A5681C50785D4ED04FCFD65C3415, 7FF7B4B8F09E773401AE879897E60BF494B57B9ACEE990204A4C98A3FB183A33 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
12:51:51.0782 0x116c  NVHDA - ok
12:51:52.0066 0x116c  [ 757ACE4D4C9FF0571F86AA5D586B45E8, E7F23CC1DE26E2DAA690B78B05FC001EE0051F0ED9B9BCE9E7FA4E9684D4F3D4 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:51:52.0228 0x116c  nvlddmkm - ok
12:51:52.0311 0x116c  [ D2FE0376285A783693469422678E878B, 9F0B1A6694CA7BDAAA3B26BE1D344A3FC7B98162518A259C273360EFF075CD75 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
12:51:52.0332 0x116c  NvNetworkService - ok
12:51:52.0361 0x116c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:51:52.0364 0x116c  nvraid - ok
12:51:52.0399 0x116c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:51:52.0402 0x116c  nvstor - ok
12:51:52.0837 0x116c  [ 4F0E2990DB12849D428DE7B0AC5D92B9, 77A058EFFE07E46F0DFF419DC1C204C245598E6A6F6EDFF545802D9C1573EAA0 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
12:51:53.0050 0x116c  NvStreamSvc - ok
12:51:53.0100 0x116c  [ 1C7CC708AC4A02A3BE8915539780534A, 0EBDE100880963BF1EC05002BA244CA7700693E958D1974CDD2AC3927D93224F ] nvsvc           C:\Windows\system32\nvvsvc.exe
12:51:53.0113 0x116c  nvsvc - ok
12:51:53.0160 0x116c  [ 4789E020D2617046862D1790FC235FF6, FCFD56DF2CADA830E7B2D4B91D5A9D2FE783B1396CBA124000765168FA5B6574 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
12:51:53.0195 0x116c  nvUpdatusService - ok
12:51:53.0230 0x116c  [ 939C0FAE9CC0CDD69E6508BDE4C11FE5, 1E82FF4A8797A0EC5DF0E54DE7F358542C73FFFBECADDF86ED66839182E3B55D ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
12:51:53.0231 0x116c  nvvad_WaveExtensible - ok
12:51:53.0256 0x116c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:51:53.0259 0x116c  nv_agp - ok
12:51:53.0272 0x116c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
12:51:53.0273 0x116c  ohci1394 - ok
12:51:53.0300 0x116c  [ 4965B005492CBA7719E82B71E3245495, 52AD72C05FACC1E0E416A1FA25F34FDD3CB274FAB973BEAAE911A2FACA42B650 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:51:53.0302 0x116c  ose64 - ok
12:51:53.0432 0x116c  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:51:53.0494 0x116c  osppsvc - ok
12:51:53.0519 0x116c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
12:51:53.0527 0x116c  p2pimsvc - ok
12:51:53.0562 0x116c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
12:51:53.0572 0x116c  p2psvc - ok
12:51:53.0591 0x116c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
12:51:53.0593 0x116c  Parport - ok
12:51:53.0616 0x116c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:51:53.0618 0x116c  partmgr - ok
12:51:53.0635 0x116c  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:51:53.0641 0x116c  PcaSvc - ok
12:51:53.0652 0x116c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
12:51:53.0655 0x116c  pci - ok
12:51:53.0677 0x116c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
12:51:53.0678 0x116c  pciide - ok
12:51:53.0697 0x116c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
12:51:53.0702 0x116c  pcmcia - ok
12:51:53.0717 0x116c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
12:51:53.0718 0x116c  pcw - ok
12:51:53.0745 0x116c  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:51:53.0756 0x116c  PEAUTH - ok
12:51:53.0804 0x116c  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
12:51:53.0838 0x116c  PeerDistSvc - ok
12:51:53.0878 0x116c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
12:51:53.0880 0x116c  PerfHost - ok
12:51:53.0940 0x116c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
12:51:53.0974 0x116c  pla - ok
12:51:54.0008 0x116c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:51:54.0018 0x116c  PlugPlay - ok
12:51:54.0024 0x116c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
12:51:54.0026 0x116c  PNRPAutoReg - ok
12:51:54.0037 0x116c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
12:51:54.0043 0x116c  PNRPsvc - ok
12:51:54.0073 0x116c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:51:54.0083 0x116c  PolicyAgent - ok
12:51:54.0112 0x116c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
12:51:54.0118 0x116c  Power - ok
12:51:54.0136 0x116c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:51:54.0138 0x116c  PptpMiniport - ok
12:51:54.0154 0x116c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
12:51:54.0156 0x116c  Processor - ok
12:51:54.0187 0x116c  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
12:51:54.0193 0x116c  ProfSvc - ok
12:51:54.0209 0x116c  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] ProtectedStorage C:\Windows\system32\lsass.exe
12:51:54.0211 0x116c  ProtectedStorage - ok
12:51:54.0232 0x116c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
12:51:54.0234 0x116c  Psched - ok
12:51:54.0262 0x116c  [ BC08F7F3C53CBEE68670ED1314E290FD, EC683DDE60AFED297D28BC7570BB6DA27A94F52417AD6DE1FBE265255F4051DD ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
12:51:54.0263 0x116c  PxHlpa64 - ok
12:51:54.0314 0x116c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
12:51:54.0348 0x116c  ql2300 - ok
12:51:54.0372 0x116c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
12:51:54.0375 0x116c  ql40xx - ok
12:51:54.0395 0x116c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
12:51:54.0400 0x116c  QWAVE - ok
12:51:54.0407 0x116c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:51:54.0408 0x116c  QWAVEdrv - ok
12:51:54.0424 0x116c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:51:54.0424 0x116c  RasAcd - ok
12:51:54.0445 0x116c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
12:51:54.0447 0x116c  RasAgileVpn - ok
12:51:54.0464 0x116c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
12:51:54.0467 0x116c  RasAuto - ok
12:51:54.0494 0x116c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:51:54.0496 0x116c  Rasl2tp - ok
12:51:54.0526 0x116c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
12:51:54.0534 0x116c  RasMan - ok
12:51:54.0543 0x116c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:51:54.0545 0x116c  RasPppoe - ok
12:51:54.0567 0x116c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:51:54.0569 0x116c  RasSstp - ok
12:51:54.0584 0x116c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:51:54.0590 0x116c  rdbss - ok
12:51:54.0603 0x116c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
12:51:54.0604 0x116c  rdpbus - ok
12:51:54.0612 0x116c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:51:54.0612 0x116c  RDPCDD - ok
12:51:54.0645 0x116c  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
12:51:54.0648 0x116c  RDPDR - ok
12:51:54.0665 0x116c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:51:54.0665 0x116c  RDPENCDD - ok
12:51:54.0684 0x116c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
12:51:54.0684 0x116c  RDPREFMP - ok
12:51:54.0706 0x116c  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:51:54.0710 0x116c  RDPWD - ok
12:51:54.0733 0x116c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
12:51:54.0737 0x116c  rdyboost - ok
12:51:54.0742 0x116c  RealNetworks Downloader Resolver Service - ok
12:51:54.0769 0x116c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:51:54.0772 0x116c  RemoteAccess - ok
12:51:54.0790 0x116c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:51:54.0794 0x116c  RemoteRegistry - ok
12:51:54.0806 0x116c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
12:51:54.0810 0x116c  RpcEptMapper - ok
12:51:54.0815 0x116c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
12:51:54.0817 0x116c  RpcLocator - ok
12:51:54.0845 0x116c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\System32\rpcss.dll
12:51:54.0853 0x116c  RpcSs - ok
12:51:54.0872 0x116c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:51:54.0873 0x116c  rspndr - ok
12:51:54.0906 0x116c  [ 8181B5E7BFC040E0B26349C73E719335, EBB244A7E8E2CDC51041B2C2A78DCB77324F9E3746942C84902FCD928ADED897 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
12:51:54.0915 0x116c  RTL8167 - ok
12:51:54.0940 0x116c  [ E16B7C030A05EF649B18FAB0A93D871F, 0F532D534A93D71650E2F7AF677419A6B38CE3142C98983565F1D759E544A4ED ] RtNdPt60        C:\Windows\system32\DRIVERS\RtNdPt60.sys
12:51:54.0941 0x116c  RtNdPt60 - ok
12:51:54.0962 0x116c  [ 1DE78F5008120CD79B34C12394DCD493, 58C59BEEE2F1C1C6CE810BA433C0D5789B4E6F218A074868137960663CB54802 ] RTTEAMPT        C:\Windows\system32\DRIVERS\RtTeam60.sys
12:51:54.0964 0x116c  RTTEAMPT - ok
12:51:54.0975 0x116c  [ ED0624ED83121E1BC141F49B1316CAA0, 322CA21FE679910827F39CFCD3511400CABDA1133F5E0B5031186C94741FAF1E ] RTVLANPT        C:\Windows\system32\DRIVERS\RtVlan620.sys
12:51:54.0976 0x116c  RTVLANPT - ok
12:51:54.0998 0x116c  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
12:51:54.0999 0x116c  s3cap - ok
12:51:55.0017 0x116c  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] SamSs           C:\Windows\system32\lsass.exe
12:51:55.0018 0x116c  SamSs - ok
12:51:55.0055 0x116c  [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
12:51:55.0056 0x116c  SASDIFSV - ok
12:51:55.0064 0x116c  [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
12:51:55.0065 0x116c  SASKUTIL - ok
12:51:55.0100 0x116c  [ 53E618640032FF0511901551D7F77424, 10679F1B0FBF2B0C4B8D53BACB238119EC5E48A4C1A9EE73F121BCBC9A1EEFA6 ] SbieDrv         C:\Program Files\Sandboxie\SbieDrv.sys
12:51:55.0103 0x116c  SbieDrv - ok
12:51:55.0116 0x116c  [ DD78D286FF9032D9E0938F815928C2FD, C85B65CC5B56DFE6D700BA98B607B934C7447C6AF8B59E98E4E4855FA83BDD51 ] SbieSvc         C:\Program Files\Sandboxie\SbieSvc.exe
12:51:55.0119 0x116c  SbieSvc - ok
12:51:55.0142 0x116c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:51:55.0144 0x116c  sbp2port - ok
12:51:55.0169 0x116c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:51:55.0174 0x116c  SCardSvr - ok
12:51:55.0217 0x116c  [ DD8C29C96307FDBD2DFA6F1730FBCE9A, C0B5DA32EF9913634C0ABFDADA371AC4A909CD83ED174B311EF00AFFA13B3A38 ] SCDEmu          C:\Windows\system32\drivers\SCDEmu.sys
12:51:55.0220 0x116c  SCDEmu - ok
12:51:55.0237 0x116c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
12:51:55.0239 0x116c  scfilter - ok
12:51:55.0297 0x116c  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
12:51:55.0324 0x116c  Schedule - ok
12:51:55.0343 0x116c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:51:55.0344 0x116c  SCPolicySvc - ok
12:51:55.0367 0x116c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:51:55.0373 0x116c  SDRSVC - ok
12:51:55.0398 0x116c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:51:55.0399 0x116c  secdrv - ok
12:51:55.0423 0x116c  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
12:51:55.0425 0x116c  seclogon - ok
12:51:55.0432 0x116c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
12:51:55.0435 0x116c  SENS - ok
12:51:55.0447 0x116c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
12:51:55.0451 0x116c  SensrSvc - ok
12:51:55.0477 0x116c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
12:51:55.0478 0x116c  Serenum - ok
12:51:55.0498 0x116c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
12:51:55.0501 0x116c  Serial - ok
12:51:55.0520 0x116c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
12:51:55.0521 0x116c  sermouse - ok
12:51:55.0574 0x116c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
12:51:55.0577 0x116c  SessionEnv - ok
12:51:55.0594 0x116c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
12:51:55.0595 0x116c  sffdisk - ok
12:51:55.0609 0x116c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:51:55.0610 0x116c  sffp_mmc - ok
12:51:55.0620 0x116c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
12:51:55.0620 0x116c  sffp_sd - ok
12:51:55.0634 0x116c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
12:51:55.0636 0x116c  sfloppy - ok
12:51:55.0679 0x116c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:51:55.0686 0x116c  SharedAccess - ok
12:51:55.0713 0x116c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:51:55.0722 0x116c  ShellHWDetection - ok
12:51:55.0736 0x116c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:51:55.0738 0x116c  SiSRaid2 - ok
12:51:55.0753 0x116c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
12:51:55.0756 0x116c  SiSRaid4 - ok
12:51:55.0770 0x116c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:51:55.0772 0x116c  Smb - ok
12:51:55.0795 0x116c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:51:55.0797 0x116c  SNMPTRAP - ok
12:51:55.0809 0x116c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
12:51:55.0810 0x116c  spldr - ok
12:51:55.0840 0x116c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
12:51:55.0851 0x116c  Spooler - ok
12:51:55.0943 0x116c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
12:51:56.0027 0x116c  sppsvc - ok
12:51:56.0063 0x116c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
12:51:56.0066 0x116c  sppuinotify - ok
12:51:56.0095 0x116c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:51:56.0103 0x116c  srv - ok
12:51:56.0119 0x116c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:51:56.0126 0x116c  srv2 - ok
12:51:56.0151 0x116c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:51:56.0154 0x116c  srvnet - ok
12:51:56.0180 0x116c  [ 8F8324ED1DE63FFC7B1A02CD2D963C72, E58603F81DEAFF1D45CB83FB6E625E6A13868741B833B1C9E60D672179D18EE0 ] ssadbus         C:\Windows\system32\DRIVERS\ssadbus.sys
12:51:56.0184 0x116c  ssadbus - ok
12:51:56.0204 0x116c  [ 58221EFCB74167B73667F0024C661CE0, D9B67A8897B4DC3E4729187F17ABEB4710CF57440D718E17ED828439198D34DB ] ssadmdfl        C:\Windows\system32\DRIVERS\ssadmdfl.sys
12:51:56.0205 0x116c  ssadmdfl - ok
12:51:56.0223 0x116c  [ 4DA7C71BFAC5AD71255B7E4CAB980163, 4CC0F9C8E96ECEF36EEB021E448A9734B63512D030516DC38B1A2EEAA1043AEC ] ssadmdm         C:\Windows\system32\DRIVERS\ssadmdm.sys
12:51:56.0228 0x116c  ssadmdm - ok
12:51:56.0247 0x116c  [ D33D1BD3EC0E766211A234F56A12726D, 53EEAA94865554F8422D111D717B548DF553B5B8647D2A45F3718BF4AEEBEC27 ] ssadserd        C:\Windows\system32\DRIVERS\ssadserd.sys
12:51:56.0251 0x116c  ssadserd - ok
12:51:56.0274 0x116c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:51:56.0282 0x116c  SSDPSRV - ok
12:51:56.0297 0x116c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:51:56.0302 0x116c  SstpSvc - ok
12:51:56.0357 0x116c  [ CDA9313E34887A111B8309B55BCDCD82, AC070AA093B7013E4D1B29F4FAF9B469C3C261E4D3D1512B4F77CC609CBD1484 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
12:51:56.0363 0x116c  Stereo Service - ok
12:51:56.0380 0x116c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
12:51:56.0381 0x116c  stexstor - ok
12:51:56.0415 0x116c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
12:51:56.0428 0x116c  stisvc - ok
12:51:56.0449 0x116c  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
12:51:56.0450 0x116c  storflt - ok
12:51:56.0477 0x116c  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
12:51:56.0480 0x116c  StorSvc - ok
12:51:56.0494 0x116c  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
12:51:56.0495 0x116c  storvsc - ok
12:51:56.0507 0x116c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
12:51:56.0508 0x116c  swenum - ok
12:51:56.0625 0x116c  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
12:51:56.0633 0x116c  SwitchBoard - ok
12:51:56.0652 0x116c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
12:51:56.0663 0x116c  swprv - ok
12:51:56.0718 0x116c  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
12:51:56.0760 0x116c  SysMain - ok
12:51:56.0784 0x116c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:51:56.0789 0x116c  TabletInputService - ok
12:51:56.0945 0x116c  [ 5F5AC85DE73FD25AD36BF591185EC009, 03D2DC5CC642989ABDFC8839DAB44273B06E9F0A07FD04E36ED0017DBEE770EE ] TabletServicePen C:\Program Files\Tablet\Pen\Pen_Tablet.exe
12:51:57.0018 0x116c  TabletServicePen - ok
12:51:57.0045 0x116c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:51:57.0051 0x116c  TapiSrv - ok
12:51:57.0067 0x116c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
12:51:57.0072 0x116c  TBS - ok
12:51:57.0134 0x116c  [ DB74544B75566C974815E79A62433F29, 035EBF70FDA28CF2B6C1FD7EE0ED703DB4B647064B5DBA6E258878A19B1BCCA4 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:51:57.0177 0x116c  Tcpip - ok
12:51:57.0234 0x116c  [ DB74544B75566C974815E79A62433F29, 035EBF70FDA28CF2B6C1FD7EE0ED703DB4B647064B5DBA6E258878A19B1BCCA4 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
12:51:57.0258 0x116c  TCPIP6 - ok
12:51:57.0283 0x116c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:51:57.0285 0x116c  tcpipreg - ok
12:51:57.0304 0x116c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:51:57.0305 0x116c  TDPIPE - ok
12:51:57.0333 0x116c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:51:57.0335 0x116c  TDTCP - ok
12:51:57.0365 0x116c  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:51:57.0367 0x116c  tdx - ok
12:51:57.0385 0x116c  [ 1DE78F5008120CD79B34C12394DCD493, 58C59BEEE2F1C1C6CE810BA433C0D5789B4E6F218A074868137960663CB54802 ] TEAM            C:\Windows\system32\DRIVERS\RtTeam60.sys
12:51:57.0386 0x116c  TEAM - ok
12:51:57.0413 0x116c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
12:51:57.0414 0x116c  TermDD - ok
12:51:57.0447 0x116c  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
12:51:57.0459 0x116c  TermService - ok
12:51:57.0476 0x116c  [ 9201BE2BAB8A9FF8E20D8439AE3BB04D, D973C4FE5B8D02B15476D72B49105840A04DBFF8BCB77117C0354D046E6C02FB ] Themes          C:\Windows\system32\themeservice.dll
12:51:57.0479 0x116c  Themes - ok
12:51:57.0507 0x116c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
12:51:57.0509 0x116c  THREADORDER - ok
12:51:57.0540 0x116c  [ 7446E9D669A3B747BC4D11A82F69A5ED, 9562E3BABE24E4A50D7F0D9D566B5159814F7EB92DCCF1769DA1E8CCD750857B ] TouchServicePen C:\Program Files\Tablet\Pen\Pen_TouchService.exe
12:51:57.0547 0x116c  TouchServicePen - ok
12:51:57.0561 0x116c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
12:51:57.0569 0x116c  TrkWks - ok
12:51:57.0603 0x116c  [ 370A6907DDF79532A39319492B1FA38A, 46AECC5160F04FC3FFE4D37B404CCBBD1C5DC1501C2CEEE8284FF544DBDF10F8 ] truecrypt       C:\Windows\system32\drivers\truecrypt.sys
12:51:57.0607 0x116c  truecrypt - ok
12:51:57.0648 0x116c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:51:57.0651 0x116c  TrustedInstaller - ok
12:51:57.0673 0x116c  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:51:57.0674 0x116c  tssecsrv - ok
12:51:57.0699 0x116c  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
12:51:57.0700 0x116c  TsUsbFlt - ok
12:51:57.0729 0x116c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:51:57.0731 0x116c  tunnel - ok
12:51:57.0756 0x116c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
12:51:57.0758 0x116c  uagp35 - ok
12:51:57.0787 0x116c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:51:57.0793 0x116c  udfs - ok
12:51:57.0828 0x116c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:51:57.0831 0x116c  UI0Detect - ok
12:51:57.0853 0x116c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:51:57.0855 0x116c  uliagpkx - ok
12:51:57.0880 0x116c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
12:51:57.0882 0x116c  umbus - ok
12:51:57.0897 0x116c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
12:51:57.0898 0x116c  UmPass - ok
12:51:57.0925 0x116c  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
12:51:57.0931 0x116c  UmRdpService - ok
12:51:57.0957 0x116c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
12:51:57.0965 0x116c  upnphost - ok
12:51:57.0993 0x116c  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
12:51:57.0995 0x116c  USBAAPL64 - ok
12:51:58.0013 0x116c  [ 6F1A3157A1C89435352CEB543CDB359C, 325B46220779C5FE3B6F19FF794474837FAB9675D9C98ACB68CCE47B1CFE5F12 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
12:51:58.0015 0x116c  usbccgp - ok
12:51:58.0034 0x116c  [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
12:51:58.0037 0x116c  usbcir - ok
12:51:58.0057 0x116c  [ C025055FE7B87701EB042095DF1A2D7B, D7B34B6C2C5BD3C8141895AC21BB637EA5E3C4F7A85EEF4C4C36E6BB2045A3D9 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
12:51:58.0058 0x116c  usbehci - ok
12:51:58.0075 0x116c  [ 287C6C9410B111B68B52CA298F7B8C24, 98900C08FE662A00DF8B37837B2BEBF9ACB7989C387AF36B2109B05A4F462D4E ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
12:51:58.0081 0x116c  usbhub - ok
12:51:58.0097 0x116c  [ 9840FC418B4CBD632D3D0A667A725C31, 776D86A032DCA2842EF7AADB35473193CA80547223EFAA7F110F296C377077B0 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
12:51:58.0098 0x116c  usbohci - ok
12:51:58.0112 0x116c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
12:51:58.0113 0x116c  usbprint - ok
12:51:58.0142 0x116c  [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
12:51:58.0144 0x116c  usbscan - ok
12:51:58.0160 0x116c  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:51:58.0163 0x116c  USBSTOR - ok
12:51:58.0173 0x116c  [ 62069A34518BCF9C1FD9E74B3F6DB7CD, C58E21424718729324B285BEE1C96551540FCC3FD650B2D10895EBA48D981E25 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
12:51:58.0174 0x116c  usbuhci - ok
12:51:58.0187 0x116c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
12:51:58.0191 0x116c  UxSms - ok
12:51:58.0198 0x116c  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] VaultSvc        C:\Windows\system32\lsass.exe
12:51:58.0201 0x116c  VaultSvc - ok
12:51:58.0209 0x116c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
12:51:58.0210 0x116c  vdrvroot - ok
12:51:58.0238 0x116c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
12:51:58.0251 0x116c  vds - ok
12:51:58.0258 0x116c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:51:58.0259 0x116c  vga - ok
12:51:58.0274 0x116c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:51:58.0276 0x116c  VgaSave - ok
12:51:58.0301 0x116c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
12:51:58.0305 0x116c  vhdmp - ok
12:51:58.0381 0x116c  [ EECF5B7210D773F3501CEDA848D53D31, C98034418DA5351A82B3FFAFBD277BAE4AE8AF25DD491BF628CEA0C708A5A9B2 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
12:51:58.0409 0x116c  VIAHdAudAddService - ok
12:51:58.0431 0x116c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
12:51:58.0432 0x116c  viaide - ok
12:51:58.0456 0x116c  [ 43412F74D9516EF87988F2397A9B8E78, 82253E49D2762D67D202A8D3A215EF5F937ADFCF711AD238B6FDACAE0CC80A49 ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
12:51:58.0459 0x116c  VIAKaraokeService - ok
12:51:58.0477 0x116c  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
12:51:58.0481 0x116c  vmbus - ok
12:51:58.0501 0x116c  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
12:51:58.0502 0x116c  VMBusHID - ok
12:51:58.0520 0x116c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:51:58.0522 0x116c  volmgr - ok
12:51:58.0557 0x116c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:51:58.0564 0x116c  volmgrx - ok
12:51:58.0582 0x116c  [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:51:58.0586 0x116c  volsnap - ok
12:51:58.0609 0x116c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
12:51:58.0612 0x116c  vsmraid - ok
12:51:58.0678 0x116c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
12:51:58.0701 0x116c  VSS - ok
12:51:58.0713 0x116c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
12:51:58.0714 0x116c  vwifibus - ok
12:51:58.0746 0x116c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
12:51:58.0756 0x116c  W32Time - ok
12:51:58.0784 0x116c  [ 43CE14E1E17DA81EA71DFE686805ED07, 5AAB31DC1AA628BC709CF66DF3FB5DFCC447F763804C50509D99544F4665E6E6 ] wacmoumonitor   C:\Windows\system32\DRIVERS\wacmoumonitor.sys
12:51:58.0785 0x116c  wacmoumonitor - ok
12:51:58.0810 0x116c  [ E04D43C7D1641E95D35CAE6086C7E350, BF08ED680EC835D70C522B91560B8987F206793E8E2987117C1D7B77DEFF8556 ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys
12:51:58.0812 0x116c  wacommousefilter - ok
12:51:58.0832 0x116c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
12:51:58.0833 0x116c  WacomPen - ok
12:51:58.0862 0x116c  [ EC1CEB237E365330C1FCFC4876AA0AC0, 9BFF9062AC5E4B9D0C6502D8DE7E59B887903ED29F26157A5F82966932F1EBD0 ] wacomvhid       C:\Windows\system32\DRIVERS\wacomvhid.sys
12:51:58.0863 0x116c  wacomvhid - ok
12:51:58.0876 0x116c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
12:51:58.0878 0x116c  WANARP - ok
12:51:58.0887 0x116c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:51:58.0890 0x116c  Wanarpv6 - ok
12:51:58.0936 0x116c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
12:51:58.0978 0x116c  wbengine - ok
12:51:58.0997 0x116c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
12:51:59.0002 0x116c  WbioSrvc - ok
12:51:59.0031 0x116c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:51:59.0040 0x116c  wcncsvc - ok
12:51:59.0051 0x116c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:51:59.0054 0x116c  WcsPlugInService - ok
12:51:59.0067 0x116c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
12:51:59.0068 0x116c  Wd - ok
12:51:59.0108 0x116c  [ 442783E2CB0DA19873B7A63833FF4CB4, 09254970265476214F3187CC22A4F9C7C2769D419600E83FBE302C3A103E527F ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:51:59.0122 0x116c  Wdf01000 - ok
12:51:59.0135 0x116c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:51:59.0140 0x116c  WdiServiceHost - ok
12:51:59.0148 0x116c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:51:59.0152 0x116c  WdiSystemHost - ok
12:51:59.0183 0x116c  [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient       C:\Windows\System32\webclnt.dll
12:51:59.0193 0x116c  WebClient - ok
12:51:59.0226 0x116c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:51:59.0235 0x116c  Wecsvc - ok
12:51:59.0248 0x116c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:51:59.0254 0x116c  wercplsupport - ok
12:51:59.0268 0x116c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:51:59.0275 0x116c  WerSvc - ok
12:51:59.0292 0x116c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
12:51:59.0293 0x116c  WfpLwf - ok
12:51:59.0321 0x116c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
12:51:59.0322 0x116c  WIMMount - ok
12:51:59.0349 0x116c  WinDefend - ok
12:51:59.0365 0x116c  WinHttpAutoProxySvc - ok
12:51:59.0407 0x116c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:51:59.0411 0x116c  Winmgmt - ok
12:51:59.0467 0x116c  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
12:51:59.0517 0x116c  WinRM - ok
12:51:59.0548 0x116c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
12:51:59.0549 0x116c  WinUsb - ok
12:51:59.0587 0x116c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:51:59.0605 0x116c  Wlansvc - ok
12:51:59.0629 0x116c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
12:51:59.0630 0x116c  WmiAcpi - ok
12:51:59.0650 0x116c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:51:59.0654 0x116c  wmiApSrv - ok
12:51:59.0670 0x116c  WMPNetworkSvc - ok
12:51:59.0678 0x116c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:51:59.0682 0x116c  WPCSvc - ok
12:51:59.0714 0x116c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:51:59.0719 0x116c  WPDBusEnum - ok
12:51:59.0733 0x116c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:51:59.0734 0x116c  ws2ifsl - ok
12:51:59.0747 0x116c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
12:51:59.0752 0x116c  wscsvc - ok
12:51:59.0758 0x116c  WSearch - ok
12:51:59.0834 0x116c  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
12:51:59.0893 0x116c  wuauserv - ok
12:51:59.0919 0x116c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
12:51:59.0921 0x116c  WudfPf - ok
12:51:59.0938 0x116c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
12:51:59.0942 0x116c  WUDFRd - ok
12:51:59.0968 0x116c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:51:59.0973 0x116c  wudfsvc - ok
12:51:59.0997 0x116c  [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc         C:\Windows\System32\wwansvc.dll
12:52:00.0003 0x116c  WwanSvc - ok
12:52:00.0020 0x116c  ================ Scan global ===============================
12:52:00.0045 0x116c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:52:00.0064 0x116c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:52:00.0075 0x116c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:52:00.0102 0x116c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:52:00.0118 0x116c  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
12:52:00.0124 0x116c  [ Global ] - ok
12:52:00.0125 0x116c  ================ Scan MBR ==================================
12:52:00.0131 0x116c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:52:00.0316 0x116c  \Device\Harddisk0\DR0 - ok
12:52:00.0317 0x116c  ================ Scan VBR ==================================
12:52:00.0318 0x116c  [ C2889A5AF7A04D7FA6DB06E2CFAE1029 ] \Device\Harddisk0\DR0\Partition1
12:52:00.0481 0x116c  \Device\Harddisk0\DR0\Partition1 - ok
12:52:00.0483 0x116c  [ 9C0DF47BFD872475F3C6D0FCC25A40DA ] \Device\Harddisk0\DR0\Partition2
12:52:00.0485 0x116c  \Device\Harddisk0\DR0\Partition2 - ok
12:52:00.0610 0x116c  [ 0DC9403B2BBF9445026DD011C53C33CD ] \Device\Harddisk0\DR0\Partition3
12:52:00.0612 0x116c  \Device\Harddisk0\DR0\Partition3 - ok
12:52:00.0665 0x116c  [ 278AAF8701A386D10E8FAD7AECC1C73B ] \Device\Harddisk0\DR0\Partition4
12:52:00.0701 0x116c  \Device\Harddisk0\DR0\Partition4 - ok
12:52:00.0702 0x116c  Waiting for KSN requests completion. In queue: 340
12:52:01.0702 0x116c  Waiting for KSN requests completion. In queue: 340
12:52:02.0702 0x116c  Waiting for KSN requests completion. In queue: 340
12:52:03.0702 0x116c  Waiting for KSN requests completion. In queue: 340
12:52:04.0702 0x116c  Waiting for KSN requests completion. In queue: 340
12:52:05.0702 0x116c  Waiting for KSN requests completion. In queue: 340
12:52:06.0702 0x116c  Waiting for KSN requests completion. In queue: 340
12:52:07.0702 0x116c  Waiting for KSN requests completion. In queue: 340
12:52:08.0702 0x116c  Waiting for KSN requests completion. In queue: 340
12:52:09.0702 0x116c  Waiting for KSN requests completion. In queue: 340
12:52:10.0702 0x116c  Waiting for KSN requests completion. In queue: 340
12:52:11.0703 0x116c  Waiting for KSN requests completion. In queue: 340
12:52:12.0703 0x116c  Waiting for KSN requests completion. In queue: 340
12:52:13.0727 0x116c  AV detected via SS2: avast! Internet Security, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2013.292 ), 0x41000 ( enabled : updated )
12:52:13.0728 0x116c  FW detected via SS2: COMODO Firewall, C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe ( 6.3.38526.2970 ), 0x61010 ( enabled )
12:52:13.0729 0x116c  FW detected via SS2: avast! Internet Security, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2013.292 ), 0x41010 ( enabled )
12:52:16.0749 0x116c  ============================================================
12:52:16.0749 0x116c  Scan finished
12:52:16.0749 0x116c  ============================================================
12:52:16.0758 0x1184  Detected object count: 0
12:52:16.0758 0x1184  Actual detected object count: 0
 
====================================
 
UPDATE:

Just took a lil look at my email, and I got a warning.. And I've just reinstalled my Chrome. :( Net's even slower. I'm getting really concerned
:(

Edited by Mochimochi, 25 March 2014 - 07:02 AM.


#5 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:56 AM

Posted 25 March 2014 - 09:26 AM

Fix with FRST (normal mode)

WARNING: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
 

  • Download the attached fixlist.txt and save it to the location where FRST is saved to.
  • Run FRST.exe (on 64bit, run FRST64.exe) and press the Fix button just once and wait.
  • The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply.

 

 

 

 

Full System Scan with Malwarebytes Antimalware
 

  • If not existing, please download Malwarebytes' Anti-Malware to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.

If the program is already installed:

  • Run Malwarebytes Antimalware
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform fullscan, place a checkmark on all hard drives, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a convenient location.
  • The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Post that log back here.

 

Attached Files


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#6 Mochimochi

Mochimochi
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:56 AM

Posted 25 March 2014 - 11:15 AM

Thank you once again for your support, Marius :D
 
here are those log results (and they're all good from what I see, but yknow can't always be sure @.@)
 
===============================================================================
 
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by Asd at 2014-03-25 23:01:18 Run:1
Running from C:\Users\ArashiKen\Desktop\FRST Folder
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
SearchScopes: HKLM - DefaultScope value is missing.
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
*****************
 
UPDATE:

Net seems to be a bit faster now :D Yay~ But, im still concerned over those weird occurences I mentioned. :s
 
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Policies\Google => Key deleted successfully.
 
==== End of Fixlog ====
 
 
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
 
Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2014.03.24.02
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16686
Asd :: ZEROMUSULTI-PC [administrator]
 
Protection: Enabled
 
3/25/2014 11:01:57 PM
mbam-log-2014-03-25 (23-01-57).txt
 
Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 587638
Time elapsed: 1 hour(s), 9 minute(s), 40 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)
 
==============================
UPDATE:

So my net's a bit faster now, yay~ :D But I'm pretty worried about those things I mentioned a while ago. Should I still be concerned or was that just some weird lapse on my computer's part? @@

Edited by Mochimochi, 25 March 2014 - 11:17 AM.


#7 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:56 AM

Posted 25 March 2014 - 11:21 AM

There was a restriction set on Google chrome that wasn´t there before.

This is normally part of an actual adware infection. I cannot see anything more and there is also no rootkit on the computer.

 

Let´s cross check:

 

 

Scan with ESET Online Scan

Please go to here to run the online scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click Scan
  • Wait for the scan to finish
  • If any threats were found, click the 'List of found threats' , then click Export to text file....
  • Save it to your desktop, then please copy and paste that log as a reply to this topic.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#8 Mochimochi

Mochimochi
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:56 AM

Posted 25 March 2014 - 02:02 PM

Hey there Marius~! 

I'm back with the log file, and it appears to be that some of the files needed for my games are apparently malware? But I've had these files for very long already; the only thing not familiar to me is the Google related thingy.

 

C:\Program Files (x86)\Payday The Heist\steam_api.dll a variant of Win32/HackTool.Crack.CC potentially unsafe application
D:\Games\Dark Souls\Dark Souls Game\xlive.dll a variant of Win32/Packed.VMProtect.AAN trojan
E:\Installers\Defraggler.exe Win32/Bundled.Toolbar.Google.E potentially unsafe application
 
So. . yeah, haven't deleted anything. Next step please, and thank you~! :)

Edited by Mochimochi, 26 March 2014 - 02:00 AM.


#9 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:56 AM

Posted 26 March 2014 - 04:35 AM

Fix with FRST (normal mode)

WARNING: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
 

  • Download the attached fixlist.txt and save it to the location where FRST is saved to.
  • Run FRST.exe (on 64bit, run FRST64.exe) and press the Fix button just once and wait.
  • The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply.

 

 

 

 

Then we can do the cleanup - if you are facing any issues, report that immediately.

Delete junk with adwCleaner


Please download AdwCleaner to your desktop.

 

  • Run adwcleaner.exe
  • Hit Scan and wait for the scan to finish.
  • Confirm the message but don´t uncheck anything.
  • Hit Clean
  • When the run is finished, it will open up a text file
  • Please post its contents within your next reply
  • You´ll find the log file at C:\AdwCleaner[S1].txt also



Delete junk with JRT

thisisujrt.gif Please download Junkware Removal Tool to your desktop.


  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.



SecurityCheck

Reboot your system before starting!

Please download SecurityCheck: LINK1 LINK2



  • Save it to your desktop, start it and follow the instructions in the window.
  • After the scan finished the (checkup.txt) will open. Copy its content to your thread.

 

Attached Files


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#10 Mochimochi

Mochimochi
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:56 AM

Posted 26 March 2014 - 09:39 AM

I don't know what happened but while I can't seem to download JRT and Security Check from Bleeping Computer; net's really really slow for some reason when downloading things. So I used an old version of these programs, if that's okay :o (about a month or two old each?)
 
Also I've been getting this error recently, and since I can't find any fix on the net for it I leave it alone; it lets Chrome open anyway.
 
"the exception unknown software exception (0x0000409)
occured in the application at location 0x0040c0e2"
 
 
Here are the Logs:
 
 
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by Asd at 2014-03-26 20:31:48 Run:2
Running from C:\Users\ArashiKen\Desktop\FRST Folder
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
D:\Games\Dark Souls\Dark Souls Game\xlive.dll
E:\Installers\Defraggler.exe
C:\Program Files (x86)\Payday The Heist\steam_api.dll
*****************
 
D:\Games\Dark Souls\Dark Souls Game\xlive.dll => Moved successfully.
E:\Installers\Defraggler.exe => Moved successfully.
C:\Program Files (x86)\Payday The Heist\steam_api.dll => Moved successfully.
 
==== End of Fixlog ====
==================================================================================
# AdwCleaner v3.022 - Report created 26/03/2014 at 21:57:08
# Updated 13/03/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Asd - ZEROMUSULTI-PC
# Running from : C:\Users\ArashiKen\Downloads\adwcleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16686
 
 
-\\ Mozilla Firefox v28.0 (en-US)
 
[ File : C:\Users\ArashiKen\AppData\Roaming\Mozilla\Firefox\Profiles\psdsnioa.default\prefs.js ]
 
 
[ File : C:\Users\ArashiKen\AppData\Roaming\Mozilla\Firefox\Profiles\psdsnioa.default\prefs.js ]
 
 
[ File : C:\Users\ArashiKen\AppData\Roaming\Mozilla\Firefox\Profiles\psdsnioa.default\prefs.js ]
 
 
-\\ Google Chrome v33.0.1750.154
 
[ File : C:\Users\ArashiKen\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\ArashiKen\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R2].txt - [1241 octets] - [01/12/2013 04:51:36]
AdwCleaner[R3].txt - [1374 octets] - [02/01/2014 00:27:19]
AdwCleaner[R4].txt - [1288 octets] - [24/03/2014 21:35:22]
AdwCleaner[R5].txt - [1513 octets] - [26/03/2014 21:55:50]
AdwCleaner[S2].txt - [1437 octets] - [02/01/2014 00:28:22]
AdwCleaner[S3].txt - [1236 octets] - [24/03/2014 21:36:10]
AdwCleaner[S4].txt - [1434 octets] - [26/03/2014 21:57:08]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [1494 octets] ##########
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Professional x64
Ran by Asd on Wed 03/26/2014 at 22:08:48.89
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 03/26/2014 at 22:23:54.51
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
UPDATE:

Upon using my old version of SecurityCheck, it says "UNSUPPORTED OPERATING SYSTEM! ABORTING NOW!"
 
. . should I be worried? :( Cause I really am right now, I don't think it's supposed to act like that. 

Edited by Mochimochi, 26 March 2014 - 10:09 AM.


#11 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:56 AM

Posted 26 March 2014 - 10:06 AM

System File Check

For Windows XP:

  • Press the Windows- and the R-key simultanously.
  • Within the text box that jus opened, write cmd and hit Enter.


For Windows Vista/7:

  • Press the Windows key to open the start menu.
  • Don´t highlight anything, just write cmd.
  • The start menu will offer you an entry named cmd.
  • Right click it and select "run as administrator"



Within the opening window, write the following:

sfc /scannow
(See the blank within).


  • Hit enter. Your system will be checked for damaged system files.
  • Tell me the result of that scan in here (as the tool produces no log).

 

 

 

 

Use the Windows Error Checking utility (Check Disk), with the options to fix file system errors and scan the disk surface for errors, attempt recovery of data and repair the disk:

  • Click the "Windows Orb" Start button, then click Computer.
  • Right-click on the drive that you wish to check > Properties > Tools tab
  • In the "Error checking" section, click on Check now.
  • Place a checkmark in both boxes > Start.
  • If the disk you have chosen is the Windows system disk:
  • A message will notify you that a restart is necessary ask "Do you want to check for hard disk errors the next time you start your computer?".
  • Click Schedule disk check > OK and close all windows.
  • Re-start the computer. The disk will be checked when the system boots.
  • This will take some time to run and at times may appear stalled but just let it run.
  • When the disk check is complete, the system will re-start automatically and load Windows.


A log of the disk check is recorded only if the scheduled re-start is used, and only for drives on the same HDD as the Operating System.
To open Event Viewer and view the log:

  • Click the "Windows Orb" Start button -> type "eventvwr" without the quotes -> press the key.
  • The Event Viewer window will open.
  • In the left pane, expand "Windows Logs" and then click on Application.
  • In the right pane, at the top, click on the column heading Source to sort the list alphabetically.
  • Look in the Source column for "Wininit", with an entry corresponding to the date and time of the disk check.
  • Click on that Wininit entry to select it.
  • On the top main menu, click Action > Copy > Copy Details as Text.
  • Paste the contents into your next reply.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#12 Mochimochi

Mochimochi
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:56 AM

Posted 26 March 2014 - 11:50 AM

Here are the results of the scans~
 

Windows Resource Protection found corrupt files and successfully repaired them. Details are includeded in the CBS.Log windir\logs\CBS\CBS.log For example C:Windows\Logs\CBS\CBS.log
 
The system file repair changes will take effect aft er the next reboot.
 
 
Log Name:      Application
Source:        Microsoft-Windows-Wininit
Date:          3/27/2014 12:29:57 AM
Event ID:      1001
Task Category: None
Level:         Information
Keywords:      Classic
User:          N/A
Computer:      ZeromusUlti-PC
Description:
 
 
Checking file system on C:
The type of the file system is NTFS.
 
A disk check has been scheduled.
Windows will now check the disk.                         
 
CHKDSK is verifying files (stage 1 of 5)...
Cleaning up instance tags for file 0x702b.
Cleaning up instance tags for file 0xf7d5.
Cleaning up instance tags for file 0x291f9.
  365312 file records processed.                                         
 
File verification completed.
  628 large file records processed.                                   
 
  0 bad file records processed.                                     
 
  2 EA records processed.                                           
 
  61 reparse records processed.                                      
 
CHKDSK is verifying indexes (stage 2 of 5)...
  453210 index entries processed.                                        
 
Index verification completed.
  0 unindexed files scanned.                                        
 
  0 unindexed files recovered.                                      
 
CHKDSK is verifying security descriptors (stage 3 of 5)...
  365312 file SDs/SIDs processed.                                        
 
Cleaning up 257 unused index entries from index $SII of file 0x9.
Cleaning up 257 unused index entries from index $SDH of file 0x9.
Cleaning up 257 unused security descriptors.
Security descriptor verification completed.
  43950 data files processed.                                           
 
CHKDSK is verifying Usn Journal...
  34667256 USN bytes processed.                                            
 
Usn Journal verification completed.
CHKDSK is verifying file data (stage 4 of 5)...
  365296 files processed.                                                
 
File data verification completed.
CHKDSK is verifying free space (stage 5 of 5)...
  26125323 free clusters processed.                                        
 
Free space verification is complete.
Windows has made corrections to the file system.
 
 230399990 KB total disk space.
 125289712 KB in 244693 files.
    134320 KB in 43951 indexes.
         0 KB in bad sectors.
    474666 KB in use by the system.
     65536 KB occupied by the log file.
 104501292 KB available on disk.
 
      4096 bytes in each allocation unit.
  57599997 total allocation units on disk.
  26125323 allocation units available on disk.
 
Internal Info:
00 93 05 00 8d 67 04 00 28 22 08 00 00 00 00 00  .....g..("......
3c 05 00 00 3d 00 00 00 00 00 00 00 00 00 00 00  <...=...........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
 
Windows has finished checking your disk.
Please wait while your computer restarts.
 
Event Xml:
  <System>
    <Provider Name="Microsoft-Windows-Wininit" Guid="{206f6dea-d3c5-4d10-bc72-989f03c8b84b}" EventSourceName="Wininit" />
    <EventID Qualifiers="16384">1001</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2014-03-26T16:29:57.000000000Z" />
    <EventRecordID>4407096</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>Application</Channel>
    <Computer>ZeromusUlti-PC</Computer>
    <Security />
  </System>
  <EventData>
    <Data>
 
Checking file system on C:
The type of the file system is NTFS.
 
A disk check has been scheduled.
Windows will now check the disk.                         
 
CHKDSK is verifying files (stage 1 of 5)...
Cleaning up instance tags for file 0x702b.
Cleaning up instance tags for file 0xf7d5.
Cleaning up instance tags for file 0x291f9.
  365312 file records processed.                                         
 
File verification completed.
  628 large file records processed.                                   
 
  0 bad file records processed.                                     
 
  2 EA records processed.                                           
 
  61 reparse records processed.                                      
 
CHKDSK is verifying indexes (stage 2 of 5)...
  453210 index entries processed.                                        
 
Index verification completed.
  0 unindexed files scanned.                                        
 
  0 unindexed files recovered.                                      
 
CHKDSK is verifying security descriptors (stage 3 of 5)...
  365312 file SDs/SIDs processed.                                        
 
Cleaning up 257 unused index entries from index $SII of file 0x9.
Cleaning up 257 unused index entries from index $SDH of file 0x9.
Cleaning up 257 unused security descriptors.
Security descriptor verification completed.
  43950 data files processed.                                           
 
CHKDSK is verifying Usn Journal...
  34667256 USN bytes processed.                                            
 
Usn Journal verification completed.
CHKDSK is verifying file data (stage 4 of 5)...
  365296 files processed.                                                
 
File data verification completed.
CHKDSK is verifying free space (stage 5 of 5)...
  26125323 free clusters processed.                                        
 
Free space verification is complete.
Windows has made corrections to the file system.
 
 230399990 KB total disk space.
 125289712 KB in 244693 files.
    134320 KB in 43951 indexes.
         0 KB in bad sectors.
    474666 KB in use by the system.
     65536 KB occupied by the log file.
 104501292 KB available on disk.
 
      4096 bytes in each allocation unit.
  57599997 total allocation units on disk.
  26125323 allocation units available on disk.
 
Internal Info:
00 93 05 00 8d 67 04 00 28 22 08 00 00 00 00 00  .....g..("......
3c 05 00 00 3d 00 00 00 00 00 00 00 00 00 00 00  &lt;...=...........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
 
Windows has finished checking your disk.
Please wait while your computer restarts.
</Data>
  </EventData>
</Event>
 
Security Check seems to work now; i'll include the logs for it (although I hope my version is up to date):
 

Results of screen317's Security Check version 0.99.64  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
avast! Internet Security   
 Antivirus out of date!
`````````Anti-malware/Other Utilities Check:`````````
 SpywareBlaster 5.0    
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Java 7 Update 51  
 Java version out of Date!
  Adobe Flash Player 12.0.0.77 Flash Player out of Date!
 Adobe Reader XI  
 Mozilla Firefox (28.0) 
 Google Chrome 33.0.1750.154  
````````Process Check: objlist.exe by Laurent````````
 WinPatrol winpatrol.exe 
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamgui.exe  
 Comodo Firewall cmdagent.exe 
 Malwarebytes' Anti-Malware mbamscheduler.exe   
 Malwarebytes Anti-Exploit mbae.exe   
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast afwServ.exe  
 AVAST Software Avast AvastUI.exe  
 BillP Studios WinPatrol WinPatrol.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 0% 
````````````````````End of Log``````````````````````
 
I find it weird that Scheck is saying that AVAST is outdate, but it's saying "everything is good" and up to date... :s

Edited by Mochimochi, 26 March 2014 - 11:52 AM.


#13 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:56 AM

Posted 27 March 2014 - 03:47 AM

Sometimes SecurityCheck provides False Positives.

 

Are any issues left now? What about the software errors?


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#14 Mochimochi

Mochimochi
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:56 AM

Posted 27 March 2014 - 04:03 AM

Well, net's up to speed again :D I'm still worried about those fluctuations in speed, but it could just be my ISP (who I called and said had a few server problems a few days ago)

 

The chrome error doesn't appear that much anymore, but I can't be sure. Avast got a false positive on youtube, but that's about it. 

 

So, it's all good then? :) 



#15 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:56 AM

Posted 27 March 2014 - 04:08 AM

Your system is clean now! :)

 

 

 

Adobe Flash Player out of date

Your Adobe flash player is outdated. We will fix this.

  • Get the actual player from here. Important: Uncheck any optional software (for example Google Chrome, etc.) offered.
  • Click upon Start-->control panel-->add/remove programs.
  • Search for and remove any older reader versions.

 

 

 

 

Java runtime Environment out of date

Your Java runtime environment is outdated. We will fix this.

  • Get the actual JRE from here
  • Save jxpiinstall.exe to your desktop
  • Close all running programs, especially your browser(s)
  • Run jxpiinstall.exe. This will download the newest JRE installer and install the software
  • when finished, go to
    Start-->control panel-->add/remove programs and remove all older Java versions. (if existing)
  • When finished, reboot your computer.

After the reboot
  • Open control panel again and click the java symbol.
  • Click Settings under Temporary Internet Files.
    The Temporary Files Settings dialog box appears.
  • Click Delete Files.
    The Delete Temporary Files dialog box appears
  • Click OK on Delete Temporary Files window.
  • Click OK again.

 

 

 

 

Uninstall our tools using delfix

Please follow these steps in order:

  • In the case we used Defogger to turn off your CD emulation software. You can start it again and use the Enable button.
  • In the case we used Combofix. Deactivate your antivirus software once more, then rename the combofix.exe to uninstall.exe and run it one last time. You shall be noted that Combofix has been removed.
  • In any case please download delfix to your desktop.
    • Close all other programms and start delfix.
    • Please check all the boxes and run the tool.
    • delfix will now delete all found traces of our removal process
  • If there is still something left please delete it manualy.

 

 

 

 

Recommendations: How to protect yourself

  • System Updates
    Please ensure to have automatic updates activated in your control panel.
    For further information and a tutorial, see this Microsoft Support article.
  • Protection
    What you need is one (not more) virus scanner with background protection. Additionally I recommend a special malware scanner to run on demand weekly.
    Personally I am using avast! Antivirus Free Edition and Malwarebytes Anti-Malware. They offer good protection for free.
    • To keep your browser free of advertising, you may install the Adblock Plus browser extension.
      It will filter unwanted advertising out of the website´s content.
    • To protect yourself from accidentally visiting malicious web sites, install the Web of Trust (WOT) browser extension.
      It will display a green (safe), yellow (unknown) or red (potentially dangerous) icon for a visited website within your browser.
      In addition, before accessing a dangerous classified web site, a warning screen is displayed.

  • Up to date Software
    Keep your Windows and your third party software up to date. The easiest way to get infected is an outdated windows, followed by: browser(s) (including add-ons and plug-ins), Adobe Flash Player and Adobe Reader, Java Runtime Environment, your antivirus program and so on. These links may help you to check:

  • Backup
    Hardware issues, malware, fire, lightning strike: There is a long list of different ways to loose all your data. Back up your files regularly. Use the windows internal backup function or a third party tool and save your data onto an external hard drive, cloud storage, optical media like CDs or DVDs or (if available) a professional network backup system.
  • Behaviour
    The commonest error when using a computer is "error 80" - what means that the error is located about 80cm in front of the monitor. This is a common joke between IT support technicians but it shows that all the safety mechanisms won´t help if you aren´t careful enough.
    • While surfing the internet, don´t click on anything you don´t know. In the worst case, it infects your system with malware.
    • Watch your step in social networks! Many cyber criminals use them to spread malware, mine personal pata (to be sold to advertising companies, for example) or simply do damage to other users. Even if a received hyperlink within a message seems to be coming from one of your friends, have a closer look. In addition, don´t click everything.
    • When installing software, have a look to each of the setup windows and uncheck any additional toolbars or free programs that may be offered additionally. Most of today´s setup procedures contain potentially unwanted programs so keep them off your system.
    • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
      They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users