Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

rpcss.dll registry error


  • This topic is locked This topic is locked
20 replies to this topic

#1 whistler38

whistler38

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:05 PM

Posted 06 April 2014 - 08:49 PM

AVG and other anti virus programs keep bringing up this rpcss.dll registry error and nothing has been able to remove it thus far. Also computer will at 100% usage quite frequently. I have tried running sfc scan from command prompt but that will shutdown windows upon restarting, and I have to load from last restore point. Also I have to run DDS  scan in safe mode otherwise computer will get blue screen and shut down. Houston we have a problem... please advise. DDS log below:

 

Attached File  dds.txt   13.04KB   0 downloads

 

DDS (Ver_2012-11-20.01) - NTFS_x86 MINIMAL
Internet Explorer: 8.0.6001.19088  BrowserJavaVersion: 10.11.2
Run by dan at 21:22:40 on 2014-04-06
Microsoft® Windows Vista™ Business   6.0.6001.1.1252.1.1033.18.3573.3166 [GMT -4:00]
.
AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3080811
uWindow Title = Internet Explorer provided by Dell
uSearch Bar = Preserve
uDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3080811
mURLSearchHooks: {167d9323-f7cc-48f5-948a-6f012831a69f} - <orphaned>
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: {95B7759C-8C7F-4BF1-B163-73684A933233} - <orphaned>
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Google Dictionary Compression sdch: {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
BHO: CBrowserHelperObject Object: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\program files\dell\bae\BAE.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar.dll
uRun: [Google Update] "c:\users\dan\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [OfficeSyncProcess] "c:\program files\microsoft office\office14\MSOSYNC.EXE"
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [ECenter] c:\dell\e-center\EULALauncher.exe
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: [SigmatelSysTrayApp] c:\program files\sigmatel\c-major audio\wdm\sttray.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [WavXMgr] c:\program files\wave systems corp\services manager\docmgr\bin\WavXDocMgr.exe
mRun: [SecureUpgrade] c:\program files\wave systems corp\SecureUpgrade.exe
mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Plugin Install] c:\program files\quicktime\plugins\DeleteMe1.exe
mRun: [AVG_UI] "c:\program files\avg\avg2014\avgui.exe" /TRAYONLY
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [vProt] "c:\program files\avg safeguard toolbar\vprot.exe"
StartupFolder: c:\users\dan\appdata\local\micros~4\onenot~1.lnk - c:\program files\microsoft office\office14\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickset.lnk - c:\program files\dell\quickset\quickset.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:28
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre7\bin\jp2iexp.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} - hxxp://zone.msn.com/bingame/zpagames/zpa_txhe.cab79352.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab56649.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{1CB41161-D8AE-487A-BCDA-0A4A7671B051} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\18.0.5\ViProtocol.dll
Notify: gemsafe - c:\program files\gemplus\gemsafe libraries\bin\WLEventNotify.dll
Notify: igfxcui - igfxdev.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
LSA: Authentication Packages =  msv1_0 wvauth
LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\dan\appdata\roaming\mozilla\firefox\profiles\ip0lpj1o.default\
FF - prefs.js: browser.search.selectedEngine - Wikipedia (en)
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL -
FF - plugin: c:\progra~1\micros~1\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~1\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\18.0.5\npsitesafety.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: c:\users\dan\appdata\roaming\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\users\dan\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\users\dan\appdata\roaming\mozilla\plugins\npo1d.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_12_0_0_77.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-11-25 149272]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-10-31 222520]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-10-1 102712]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-9-10 27448]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2014-2-11 42272]
S1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [2013-11-25 120600]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-11-25 210712]
S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2014-1-19 22808]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-11-1 176952]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2013-8-1 193848]
S2 ASFIPmon;Broadcom ASF IP and SMBIOS Mailbox Monitor;c:\program files\broadcom\asfipmon\AsfIpMon.exe [2006-12-19 79432]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2014\avgidsagent.exe [2014-2-23 3782672]
S2 avgwd;AVG WatchDog;c:\program files\avg\avg2014\avgwdsvc.exe [2013-9-24 348008]
S2 BthFilterHelper;Bluetooth Feature Support;c:\program files\csr\vista profile pack\BthFilterHelper.exe [2006-11-7 127488]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 vToolbarUpdater18.0.5;vToolbarUpdater18.0.5;c:\program files\common files\avg secure search\vtoolbarupdater\18.0.5\ToolbarUpdater.exe [2014-3-20 1771032]
S2 Wave UCSPlus;Wave UCSPlus;c:\windows\system32\dllhost.exe [2006-11-2 7168]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2008-8-11 179712]
S3 BTHFILT;Bluetooth Command Filter;c:\windows\system32\drivers\BthFilt.sys [2008-8-11 13824]
S3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [2014-2-11 75480]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2012-3-5 27192]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2014-03-29 20:54:29    --------    d-----w-    c:\users\dan\appdata\roaming\Wise Registry Cleaner
2014-03-29 20:54:26    --------    d-----w-    c:\program files\Wise
2014-03-29 17:09:50    --------    d-----w-    c:\program files\COMODO
2014-03-29 04:20:50    --------    d-----w-    c:\program files\DLLSuite
2014-03-29 03:38:25    --------    d-----w-    c:\program files\Advanced Fix 2014
2014-03-29 00:09:51    --------    d-----w-    c:\windows\2C7D909F99544F67AC816F6D9D054A08.TMP
2014-03-28 23:41:52    --------    d-----w-    c:\programdata\HitmanPro
2014-03-27 04:03:36    --------    d-----w-    c:\program files\Enigma Software Group
2014-03-27 04:02:10    --------    d-----w-    c:\program files\common files\Wise Installation Wizard
2014-03-26 01:36:18    --------    d--h--w-    C:\$AVG
2014-03-25 22:32:31    --------    d-----w-    c:\users\dan\appdata\local\Avg2014
2014-03-24 04:32:53    --------    d-----w-    c:\users\dan\appdata\local\ElevatedDiagnostics
2014-03-24 04:01:31    --------    d-----w-    c:\users\dan\appdata\local\Microsoft Corporation
2014-03-24 03:23:45    --------    d-----w-    c:\program files\Microsoft Windows 7 Upgrade Advisor
2014-03-24 01:33:04    --------    d-----w-    c:\windows\system32\MRT
2014-03-22 20:33:35    --------    d-----w-    c:\users\dan\Impostazioni locali
2014-03-22 19:35:38    --------    d-----w-    c:\programdata\AMMYY
2014-03-22 18:42:43    --------    d-----w-    c:\users\dan\appdata\roaming\TeamViewer
2014-03-21 02:13:18    --------    d-----w-    c:\programdata\AVG Secure Search
2014-03-14 23:29:29    7947048    ----a-w-    c:\programdata\microsoft\windows defender\definition updates\{aef0adec-4f0f-439b-af5c-a61a152f645d}\mpengine.dll
.
==================== Find3M  ====================
.
2014-03-21 02:13:10    42272    ----a-w-    c:\windows\system32\drivers\avgtpx86.sys
2014-03-12 04:10:26    71048    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-12 04:10:26    692616    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2014-02-15 02:03:06    75480    ----a-w-    c:\windows\system32\drivers\mbamchameleon.sys
2014-01-20 01:46:54    22808    ----a-w-    c:\windows\system32\drivers\avgidsshimx.sys
.
============= FINISH: 21:24:29.26 ===============
 



BC AdBot (Login to Remove)

 


#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:05 PM

Posted 07 April 2014 - 06:28 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 

 

 

 

Scan with FRST (Recovery Environment)


To run FRST on Vista and Windows7:



Plug the flashdrive into the infected PC.

Enter System Recovery Options.


To enter System Recovery Options from the Advanced Boot Options:

  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.



To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.


On the System Recovery Options menu you will get the following options:

  • Startup Repair
  • System Restore
  • Windows Complete PC Restore
  • Windows Memory Diagnostic Tool
  • Command Prompt
  • Select Command Prompt


  • In the command window:
  • type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
  • Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.

It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 whistler38

whistler38
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:05 PM

Posted 07 April 2014 - 07:58 PM

Marius, thank you very much for the reply FRST log from scan in recovery options is below:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014  01
Ran by SYSTEM on MINWINPC on 07-04-2014 20:46:24
Running from E:\
Windows Vista ™ Business Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.


The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ECenter] - C:\Dell\E-Center\EULALauncher.exe [17920 2008-02-26] ( )
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint\Apoint.exe [159744 2007-04-16] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SigmatelSysTrayApp] - C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [405504 2008-01-03] (IDT, Inc.)
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [174872 2007-02-12] (Intel Corporation)
HKLM\...\Run: [WavXMgr] - C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe [85504 2007-09-10] (Wave Systems Corp.)
HKLM\...\Run: [SecureUpgrade] - C:\Program Files\Wave Systems Corp\SecureUpgrade.exe [218424 2007-09-14] (Wave Systems Corp.)
HKLM\...\Run: [PDVDDXSrv] - C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [128296 2008-02-26] (CyberLink Corp.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152 2007-10-14] (Hewlett-Packard)
HKLM\...\Run: [hpqSRMon] - C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [80896 2007-08-22] (Hewlett-Packard)
HKLM\...\Run: [Malwarebytes Anti-Malware (reboot)] - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [887432 2013-04-04] (Malwarebytes Corporation)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [QuickTime Plugin Install] - C:\Program Files\QuickTime\Plugins\DeleteMe1.exe [86016 2012-05-27] ()
HKLM\...\Run: [AVG_UI] - C:\Program Files\AVG\AVG2014\avgui.exe [4971024 2014-03-19] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-04-30] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
HKLM\...\Run: [vProt] - C:\Program Files\AVG SafeGuard toolbar\vprot.exe [2544664 2014-03-20] ()
Winlogon\Notify\gemsafe: C:\Program Files\Gemplus\GemSafe Libraries\BIN\WLEventNotify.dll (Gemplus)
HKU\dan\...\Run: [Google Update] - C:\Users\dan\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-03-04] (Google Inc.)
HKU\dan\...\Run: [OfficeSyncProcess] - C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKU\dan\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-20] (Microsoft Corporation)
Lsa: [Authentication Packages] msv1_0 wvauth
Startup: C:\Users\dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

========================== Services (Whitelisted) =================

S2 ASFIPmon; C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe [79432 2006-12-19] (Broadcom Corporation)
S2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3782672 2014-02-23] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-23] (AVG Technologies CZ, s.r.o.)
S2 BthFilterHelper; C:\Program Files\CSR\Vista Profile Pack\BthFilterHelper.exe [127488 2006-11-07] (CSR, plc)
S2 nicconfigsvc; C:\Program Files\Dell\QuickSet\NicConfigSvc.exe [390424 2008-02-22] (Dell Inc.)
S3 SecureStorageService; C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe [486400 2007-08-31] (Wave Systems Corp.)
S2 tcsd_win32.exe; C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [1552384 2007-11-08] ()
S2 vToolbarUpdater18.0.5; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe [1771032 2014-03-20] (AVG Secure Search)
S2 Wave UCSPlus; C:\Windows\system32\dllhost.exe [7168 2006-11-02] (Microsoft Corporation)
S3 WaveEnrollmentService; C:\Program Files\Wave Systems Corp\Authentication Manager\WaveEnrollmentService.exe [192512 2007-09-13] (Wave Systems Corp.)

==================== Drivers (Whitelisted) ====================

S1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [120600 2013-11-25] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [210712 2013-11-25] (AVG Technologies CZ, s.r.o.)
S0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [149272 2013-11-25] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22808 2014-01-19] (AVG Technologies CZ, s.r.o.)
S1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [176952 2013-10-31] (AVG Technologies CZ, s.r.o.)
S0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [222520 2013-10-31] (AVG Technologies CZ, s.r.o.)
S0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [102712 2013-09-30] (AVG Technologies CZ, s.r.o.)
S0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27448 2013-09-09] (AVG Technologies CZ, s.r.o.)
S1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [193848 2013-08-01] (AVG Technologies CZ, s.r.o.)
S1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42272 2014-03-20] (AVG Technologies)
S2 BASFND; C:\Program Files\Broadcom\ASFIPMon\BASFND.sys [10480 2006-12-19] (Broadcom Corporation)
S3 BTHFILT; C:\Windows\System32\DRIVERS\BthFilt.sys [13824 2007-05-05] (CSR, plc)
S3 CSRBC; C:\Windows\System32\Drivers\csrbcxp.sys [31744 2007-01-16] (CSR, plc)
S3 DCamUSBEMPIA; C:\Windows\System32\DRIVERS\emDevice.sys [104270 2011-05-12] (eMPIA Technology, Inc.)
S3 FiltUSBEMPIA; C:\Windows\System32\DRIVERS\emFilter.sys [5246 2011-05-12] (eMPIA Technology, Inc.)
S3 guardian2; C:\Windows\System32\Drivers\oz776.sys [62208 2007-11-28] (O2Micro)
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [75480 2014-02-14] (Malwarebytes Corporation)
S0 PBADRV; C:\Windows\System32\DRIVERS\PBADRV.sys [26608 2007-09-07] (Dell Inc)
S3 ScanUSBEMPIA; C:\Windows\System32\DRIVERS\emScan.sys [4522 2011-05-12] (eMPIA Technology, Inc.)
S3 usbbus; C:\Windows\System32\DRIVERS\lgusbbus.sys [21344 2005-05-26] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgusbdiag.sys [38144 2005-05-26] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgusbmodem.sys [39036 2005-06-24] (LG Electronics Inc.)
S2 WavxDMgr; C:\Windows\System32\DRIVERS\WavxDMgr.sys [156160 2007-09-10] (Wave Systems Corp.)
S0 fpcnmhp; System32\drivers\gvcxhoud.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S0 pwobggb; System32\drivers\ecixe.sys [X]
S3 TrueSight; \??\C:\Windows\system32\TrueSight.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-07 16:07 - 2014-04-07 16:07 - 00140192 _____ () C:\Windows\Minidump\Mini040714-01.dmp
2014-04-06 18:05 - 2014-04-06 18:05 - 00140192 _____ () C:\Windows\Minidump\Mini040614-01.dmp
2014-04-06 17:24 - 2014-04-06 17:24 - 00014369 _____ () C:\Users\dan\Desktop\attach.txt
2014-04-06 17:24 - 2014-04-06 17:24 - 00013349 _____ () C:\Users\dan\Desktop\dds.txt
2014-04-04 19:06 - 2014-04-04 20:26 - 00008071 _____ () C:\Windows\System32\avgrep.txt
2014-04-04 19:05 - 2014-04-04 19:05 - 00002628 _____ () C:\Users\dan\Desktop\RKreport[0]_D_04042014_230530.txt
2014-04-04 19:05 - 2014-04-04 19:05 - 00001604 _____ () C:\Users\dan\Desktop\RKreport[0]_H_04042014_230544.txt
2014-04-04 19:01 - 2014-04-04 19:01 - 00002565 _____ () C:\Users\dan\Desktop\RKreport[0]_S_04042014_230132.txt
2014-04-04 14:02 - 2014-04-04 14:02 - 00140192 _____ () C:\Windows\Minidump\Mini040414-01.dmp
2014-04-03 18:51 - 2014-04-03 18:51 - 00140192 _____ () C:\Windows\Minidump\Mini040314-03.dmp
2014-04-03 18:42 - 2014-04-03 18:42 - 00140192 _____ () C:\Windows\Minidump\Mini040314-02.dmp
2014-04-03 18:18 - 2014-04-03 18:18 - 00140192 _____ () C:\Windows\Minidump\Mini040314-01.dmp
2014-04-03 18:17 - 2014-04-07 16:07 - 348438648 _____ () C:\Windows\MEMORY.DMP
2014-04-03 18:13 - 2014-04-03 18:13 - 00688992 ____R (Swearware) C:\Users\dan\Desktop\dds.com
2014-03-29 20:03 - 2014-03-29 20:03 - 00043554 _____ () C:\Users\dan\Downloads\Shortcut.txt
2014-03-29 19:41 - 2014-03-29 19:42 - 00000061 _____ () C:\Users\dan\Desktop\AV.txt
2014-03-29 12:54 - 2014-03-29 13:21 - 00000000 ____D () C:\Users\dan\AppData\Roaming\Wise Registry Cleaner
2014-03-29 12:54 - 2014-03-29 12:54 - 00001022 _____ () C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
2014-03-29 12:54 - 2014-03-29 12:54 - 00000000 ____D () C:\Program Files\Wise
2014-03-29 12:53 - 2014-03-29 12:53 - 03224200 _____ (WiseCleaner.com ) C:\Users\dan\Downloads\WRCFree.exe
2014-03-29 11:50 - 2014-03-29 11:50 - 00002098 _____ () C:\Windows\hiveList.dat
2014-03-29 11:50 - 2014-03-29 11:50 - 00000004 _____ () C:\Windows\CSCCompactState
2014-03-29 09:09 - 2014-03-29 09:09 - 14863480 _____ (Comodo Security Solutions, Inc.) C:\Users\dan\Downloads\cptsetup.exe
2014-03-29 09:09 - 2014-03-29 09:09 - 00000000 ____D () C:\Program Files\COMODO
2014-03-28 20:20 - 2014-03-28 20:20 - 16578402 _____ ( ) C:\Users\dan\Downloads\DLLSuite_Setup.exe
2014-03-28 20:20 - 2014-03-28 20:20 - 00000000 ____D () C:\Program Files\DLLSuite
2014-03-28 19:38 - 2014-03-28 20:35 - 00000000 ____D () C:\Program Files\Advanced Fix 2014
2014-03-28 19:37 - 2014-03-28 19:37 - 06656496 _____ (Advanced Fix, Inc. ) C:\Users\dan\Downloads\AdvancedFix_Setup.exe
2014-03-28 18:41 - 2014-04-04 19:05 - 00000000 ____D () C:\Users\dan\Desktop\RK_Quarantine
2014-03-28 18:41 - 2014-03-28 18:41 - 03972608 _____ () C:\Users\dan\Downloads\RogueKiller.exe
2014-03-28 16:09 - 2014-03-28 16:10 - 00000000 ____D () C:\Windows\2C7D909F99544F67AC816F6D9D054A08.TMP
2014-03-28 16:03 - 2014-03-30 17:14 - 00000510 _____ () C:\Windows\System32\.crusader
2014-03-28 15:41 - 2014-03-28 16:04 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-03-28 15:38 - 2014-03-28 15:40 - 10094400 _____ (SurfRight B.V.) C:\Users\dan\Downloads\HitmanPro.exe
2014-03-26 20:11 - 2014-03-26 20:11 - 319323550 _____ () C:\Users\dan\Documents\Reg 3-27-14.reg
2014-03-26 20:03 - 2014-03-26 20:03 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-03-26 20:02 - 2014-03-26 20:02 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-03-26 18:36 - 2014-03-26 18:36 - 00347816 _____ (Microsoft Corporation) C:\Users\dan\Downloads\MicrosoftFixit.wu.MATSKB.Run.exe
2014-03-25 17:36 - 2014-03-25 17:36 - 00000000 ___HD () C:\$AVG
2014-03-25 15:33 - 2014-03-25 15:36 - 150518130 _____ () C:\Users\dan\Downloads\Windows6.0-KB947821-v33-x86.msu
2014-03-25 15:10 - 2009-04-10 22:28 - 00550400 _____ (Microsoft Corporation) C:\Windows\System32\uzhxrth.vbp
2014-03-25 14:32 - 2014-03-26 16:53 - 00000000 ____D () C:\Users\dan\AppData\Local\Avg2014
2014-03-23 20:43 - 2014-03-23 20:43 - 00095932 _____ () C:\Users\dan\Documents\ResultReport.html
2014-03-23 20:43 - 2014-03-23 20:43 - 00000000 ____D () C:\Users\dan\Documents\ResultReport_files
2014-03-23 20:24 - 2014-03-23 20:24 - 00280204 _____ () C:\Users\dan\Downloads\WindowsUpdateDiagnostic.diagcab
2014-03-23 20:01 - 2014-03-24 19:06 - 00055680 _____ () C:\Windows\setupact.log
2014-03-23 20:01 - 2014-03-23 20:01 - 00000000 ____D () C:\Users\dan\AppData\Local\Microsoft Corporation
2014-03-23 20:01 - 2014-03-23 20:01 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-23 19:23 - 2014-03-23 19:23 - 00000000 ____D () C:\Program Files\Microsoft Windows 7 Upgrade Advisor
2014-03-23 18:49 - 2014-03-25 19:40 - 00224024 _____ () C:\Windows\PFRO.log
2014-03-23 17:33 - 2014-03-25 17:49 - 00000000 ____D () C:\Windows\System32\MRT
2014-03-22 12:59 - 2014-03-22 13:19 - 00000314 _____ () C:\Users\dan\Desktop\Support Tech.log
2014-03-22 12:33 - 2014-03-22 12:33 - 00000000 ____D () C:\Users\dan\Impostazioni locali
2014-03-22 11:35 - 2014-03-22 11:35 - 00000000 ____D () C:\ProgramData\AMMYY
2014-03-22 10:42 - 2014-03-22 10:42 - 00000000 ____D () C:\Users\dan\AppData\Roaming\TeamViewer
2014-03-22 10:41 - 2014-03-22 10:41 - 05814000 _____ (TeamViewer GmbH) C:\Users\dan\Downloads\TeamViewer_Setup_en.exe
2014-03-21 20:47 - 2014-03-21 20:47 - 00000070 _____ () C:\Users\dan\Documents\Firefox Restore.txt
2014-03-20 18:13 - 2014-03-25 21:21 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-03-18 16:50 - 2014-03-28 20:10 - 00000000 ____D () C:\Program Files\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-04-07 16:30 - 2011-07-31 18:03 - 00196608 _____ () C:\Windows\System32\Ikeext.etl
2014-04-07 16:30 - 2008-08-11 02:53 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-04-07 16:30 - 2006-11-02 04:47 - 00003616 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-07 16:30 - 2006-11-02 04:47 - 00003616 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-07 16:29 - 2008-08-10 21:33 - 01799905 _____ () C:\Windows\WindowsUpdate.log
2014-04-07 16:16 - 2006-11-02 02:33 - 00703388 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-04-07 16:11 - 2008-08-15 15:32 - 00000000 _____ () C:\Users\dan\AppData\Local\WavXMapDrive.bat
2014-04-07 16:10 - 2006-11-02 03:18 - 00000000 ____D () C:\Windows\registration
2014-04-07 16:07 - 2014-04-07 16:07 - 00140192 _____ () C:\Windows\Minidump\Mini040714-01.dmp
2014-04-07 16:07 - 2014-04-03 18:17 - 348438648 _____ () C:\Windows\MEMORY.DMP
2014-04-07 16:07 - 2008-08-22 21:29 - 00000000 ____D () C:\Windows\Minidump
2014-04-07 15:24 - 2010-10-04 17:44 - 00000000 ____D () C:\ProgramData\MFAData
2014-04-07 14:40 - 2006-11-02 03:18 - 00000000 ____D () C:\Windows\tracing
2014-04-06 20:35 - 2014-02-14 19:16 - 00000078 _____ () C:\Windows\System32\lkic.tze
2014-04-06 18:05 - 2014-04-06 18:05 - 00140192 _____ () C:\Windows\Minidump\Mini040614-01.dmp
2014-04-06 17:24 - 2014-04-06 17:24 - 00014369 _____ () C:\Users\dan\Desktop\attach.txt
2014-04-06 17:24 - 2014-04-06 17:24 - 00013349 _____ () C:\Users\dan\Desktop\dds.txt
2014-04-06 16:21 - 2010-04-15 18:51 - 00070129 _____ () C:\Users\dan\Documents\Expenses.xlsx
2014-04-06 16:18 - 2013-02-22 18:44 - 00024627 _____ () C:\Users\dan\Documents\Temple.xlsx
2014-04-04 20:26 - 2014-04-04 19:06 - 00008071 _____ () C:\Windows\System32\avgrep.txt
2014-04-04 19:05 - 2014-04-04 19:05 - 00002628 _____ () C:\Users\dan\Desktop\RKreport[0]_D_04042014_230530.txt
2014-04-04 19:05 - 2014-04-04 19:05 - 00001604 _____ () C:\Users\dan\Desktop\RKreport[0]_H_04042014_230544.txt
2014-04-04 19:05 - 2014-03-28 18:41 - 00000000 ____D () C:\Users\dan\Desktop\RK_Quarantine
2014-04-04 19:01 - 2014-04-04 19:01 - 00002565 _____ () C:\Users\dan\Desktop\RKreport[0]_S_04042014_230132.txt
2014-04-04 18:38 - 2008-08-15 16:44 - 00102400 _____ () C:\Users\dan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-04 14:02 - 2014-04-04 14:02 - 00140192 _____ () C:\Windows\Minidump\Mini040414-01.dmp
2014-04-03 18:51 - 2014-04-03 18:51 - 00140192 _____ () C:\Windows\Minidump\Mini040314-03.dmp
2014-04-03 18:42 - 2014-04-03 18:42 - 00140192 _____ () C:\Windows\Minidump\Mini040314-02.dmp
2014-04-03 18:18 - 2014-04-03 18:18 - 00140192 _____ () C:\Windows\Minidump\Mini040314-01.dmp
2014-04-03 18:13 - 2014-04-03 18:13 - 00688992 ____R (Swearware) C:\Users\dan\Desktop\dds.com
2014-03-31 17:21 - 2012-01-11 13:18 - 00011186 _____ () C:\Users\dan\Documents\Movies 2012.xlsx
2014-03-30 17:14 - 2014-03-28 16:03 - 00000510 _____ () C:\Windows\System32\.crusader
2014-03-29 20:03 - 2014-03-29 20:03 - 00043554 _____ () C:\Users\dan\Downloads\Shortcut.txt
2014-03-29 20:03 - 2014-02-10 20:58 - 00032247 _____ () C:\Users\dan\Downloads\Addition.txt
2014-03-29 20:03 - 2014-02-10 20:57 - 00060906 _____ () C:\Users\dan\Downloads\FRST.txt
2014-03-29 20:03 - 2014-02-10 19:09 - 00000000 ____D () C:\FRST
2014-03-29 19:55 - 2014-02-12 18:03 - 00000000 ____D () C:\Users\dan\Downloads\FRST-OlderVersion
2014-03-29 19:55 - 2014-02-10 19:08 - 01145856 _____ (Farbar) C:\Users\dan\Downloads\FRST.exe
2014-03-29 19:42 - 2014-03-29 19:41 - 00000061 _____ () C:\Users\dan\Desktop\AV.txt
2014-03-29 17:57 - 2011-03-26 11:33 - 00000000 ____D () C:\Users\dan\Documents\Outlook Files
2014-03-29 13:22 - 2006-11-02 02:22 - 47972352 _____ () C:\Windows\System32\config\software.bak
2014-03-29 13:22 - 2006-11-02 02:22 - 00262144 _____ () C:\Windows\System32\config\security.bak
2014-03-29 13:22 - 2006-11-02 02:22 - 00262144 _____ () C:\Windows\System32\config\sam.bak
2014-03-29 13:22 - 2006-11-02 02:22 - 00262144 _____ () C:\Windows\System32\config\default.bak
2014-03-29 13:21 - 2014-03-29 12:54 - 00000000 ____D () C:\Users\dan\AppData\Roaming\Wise Registry Cleaner
2014-03-29 12:54 - 2014-03-29 12:54 - 00001022 _____ () C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
2014-03-29 12:54 - 2014-03-29 12:54 - 00000000 ____D () C:\Program Files\Wise
2014-03-29 12:53 - 2014-03-29 12:53 - 03224200 _____ (WiseCleaner.com ) C:\Users\dan\Downloads\WRCFree.exe
2014-03-29 11:50 - 2014-03-29 11:50 - 00002098 _____ () C:\Windows\hiveList.dat
2014-03-29 11:50 - 2014-03-29 11:50 - 00000004 _____ () C:\Windows\CSCCompactState
2014-03-29 09:09 - 2014-03-29 09:09 - 14863480 _____ (Comodo Security Solutions, Inc.) C:\Users\dan\Downloads\cptsetup.exe
2014-03-29 09:09 - 2014-03-29 09:09 - 00000000 ____D () C:\Program Files\COMODO
2014-03-28 20:35 - 2014-03-28 19:38 - 00000000 ____D () C:\Program Files\Advanced Fix 2014
2014-03-28 20:20 - 2014-03-28 20:20 - 16578402 _____ ( ) C:\Users\dan\Downloads\DLLSuite_Setup.exe
2014-03-28 20:20 - 2014-03-28 20:20 - 00000000 ____D () C:\Program Files\DLLSuite
2014-03-28 20:10 - 2014-03-18 16:50 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-28 20:10 - 2010-06-11 13:33 - 00000000 ____D () C:\found.002
2014-03-28 20:10 - 2008-08-19 07:43 - 00000000 ____D () C:\Netgear
2014-03-28 19:37 - 2014-03-28 19:37 - 06656496 _____ (Advanced Fix, Inc. ) C:\Users\dan\Downloads\AdvancedFix_Setup.exe
2014-03-28 18:41 - 2014-03-28 18:41 - 03972608 _____ () C:\Users\dan\Downloads\RogueKiller.exe
2014-03-28 16:10 - 2014-03-28 16:09 - 00000000 ____D () C:\Windows\2C7D909F99544F67AC816F6D9D054A08.TMP
2014-03-28 16:04 - 2014-03-28 15:41 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-03-28 15:40 - 2014-03-28 15:38 - 10094400 _____ (SurfRight B.V.) C:\Users\dan\Downloads\HitmanPro.exe
2014-03-26 20:11 - 2014-03-26 20:11 - 319323550 _____ () C:\Users\dan\Documents\Reg 3-27-14.reg
2014-03-26 20:03 - 2014-03-26 20:03 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-03-26 20:02 - 2014-03-26 20:02 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-03-26 18:36 - 2014-03-26 18:36 - 00347816 _____ (Microsoft Corporation) C:\Users\dan\Downloads\MicrosoftFixit.wu.MATSKB.Run.exe
2014-03-26 16:53 - 2014-03-25 14:32 - 00000000 ____D () C:\Users\dan\AppData\Local\Avg2014
2014-03-25 21:24 - 2014-02-11 14:38 - 00000000 ____D () C:\Program Files\Common Files\AVG Secure Search
2014-03-25 21:24 - 2014-02-11 14:38 - 00000000 ____D () C:\Program Files\AVG SafeGuard toolbar
2014-03-25 21:24 - 2009-03-16 09:54 - 00000000 ____D () C:\ProgramData\HP Product Assistant
2014-03-25 21:24 - 2008-08-15 15:32 - 00000000 ____D () C:\users\dan
2014-03-25 21:24 - 2006-11-02 03:18 - 00000000 ____D () C:\Windows\System32\spool
2014-03-25 21:24 - 2006-11-02 03:18 - 00000000 ____D () C:\Windows\System32\pt-BR
2014-03-25 21:24 - 2006-11-02 03:18 - 00000000 ____D () C:\Windows\System32\Msdtc
2014-03-25 21:24 - 2006-11-02 02:22 - 47972352 _____ () C:\Windows\System32\config\software_previous
2014-03-25 21:24 - 2006-11-02 02:22 - 18874368 _____ () C:\Windows\System32\config\system_previous
2014-03-25 21:22 - 2013-11-14 18:31 - 00000000 ____D () C:\Users\dan\AppData\Roaming\AVG2014
2014-03-25 21:21 - 2014-03-20 18:13 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-03-25 21:21 - 2014-02-11 14:38 - 00000000 ____D () C:\ProgramData\AVG SafeGuard toolbar
2014-03-25 21:12 - 2006-11-02 02:22 - 00262144 _____ () C:\Windows\System32\config\security_previous
2014-03-25 21:12 - 2006-11-02 02:22 - 00262144 _____ () C:\Windows\System32\config\sam_previous
2014-03-25 19:41 - 2006-11-02 04:47 - 00371952 _____ () C:\Windows\System32\FNTCACHE.DAT
2014-03-25 19:40 - 2014-03-23 18:49 - 00224024 _____ () C:\Windows\PFRO.log
2014-03-25 17:49 - 2014-03-23 17:33 - 00000000 ____D () C:\Windows\System32\MRT
2014-03-25 17:39 - 2008-08-15 15:32 - 00100824 _____ () C:\Users\dan\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-25 17:36 - 2014-03-25 17:36 - 00000000 ___HD () C:\$AVG
2014-03-25 17:36 - 2013-11-14 18:27 - 00000000 ____D () C:\ProgramData\AVG2014
2014-03-25 17:01 - 2006-11-02 02:22 - 33554432 _____ () C:\Windows\System32\config\components_previous
2014-03-25 17:01 - 2006-11-02 02:22 - 00262144 _____ () C:\Windows\System32\config\default_previous
2014-03-25 15:36 - 2014-03-25 15:33 - 150518130 _____ () C:\Users\dan\Downloads\Windows6.0-KB947821-v33-x86.msu
2014-03-25 14:10 - 2006-11-02 03:18 - 00000000 ____D () C:\Windows\System32\LogFiles
2014-03-24 19:06 - 2014-03-23 20:01 - 00055680 _____ () C:\Windows\setupact.log
2014-03-23 20:43 - 2014-03-23 20:43 - 00095932 _____ () C:\Users\dan\Documents\ResultReport.html
2014-03-23 20:43 - 2014-03-23 20:43 - 00000000 ____D () C:\Users\dan\Documents\ResultReport_files
2014-03-23 20:24 - 2014-03-23 20:24 - 00280204 _____ () C:\Users\dan\Downloads\WindowsUpdateDiagnostic.diagcab
2014-03-23 20:01 - 2014-03-23 20:01 - 00000000 ____D () C:\Users\dan\AppData\Local\Microsoft Corporation
2014-03-23 20:01 - 2014-03-23 20:01 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-23 19:23 - 2014-03-23 19:23 - 00000000 ____D () C:\Program Files\Microsoft Windows 7 Upgrade Advisor
2014-03-23 18:43 - 2014-02-11 14:39 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2014-03-22 18:03 - 2014-02-14 18:03 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-22 18:03 - 2014-02-11 18:49 - 00000000 ____D () C:\Users\dan\Desktop\mbar
2014-03-22 16:08 - 2008-08-15 15:32 - 00000000 ____D () C:\Users\dan\Documents\My Google Gadgets
2014-03-22 13:19 - 2014-03-22 12:59 - 00000314 _____ () C:\Users\dan\Desktop\Support Tech.log
2014-03-22 12:33 - 2014-03-22 12:33 - 00000000 ____D () C:\Users\dan\Impostazioni locali
2014-03-22 11:59 - 2011-05-20 07:55 - 00000000 ____D () C:\Users\dan\AppData\Roaming\uTorrent
2014-03-22 11:59 - 2008-02-03 14:40 - 00000000 ____D () C:\Windows\Panther
2014-03-22 11:35 - 2014-03-22 11:35 - 00000000 ____D () C:\ProgramData\AMMYY
2014-03-22 10:42 - 2014-03-22 10:42 - 00000000 ____D () C:\Users\dan\AppData\Roaming\TeamViewer
2014-03-22 10:41 - 2014-03-22 10:41 - 05814000 _____ (TeamViewer GmbH) C:\Users\dan\Downloads\TeamViewer_Setup_en.exe
2014-03-21 20:47 - 2014-03-21 20:47 - 00000070 _____ () C:\Users\dan\Documents\Firefox Restore.txt
2014-03-20 18:16 - 2012-06-10 09:15 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-03-20 18:13 - 2014-02-11 14:39 - 00042272 _____ (AVG Technologies) C:\Windows\System32\Drivers\avgtpx86.sys
2014-03-13 23:19 - 2010-02-28 12:15 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-13 23:03 - 2008-08-21 14:35 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-11 20:10 - 2012-09-10 16:13 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2014-03-11 20:10 - 2011-06-12 04:38 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2014-03-09 19:40 - 2009-12-28 08:54 - 00000000 ____D () C:\Users\dan\Movies

Some content of TEMP:
====================
C:\Users\dan\AppData\Local\Temp\ntdll_dump.dll
C:\Users\dan\AppData\Local\Temp\RHSetup.exe
C:\Users\dan\AppData\Local\Temp\UNINSTALL.exe
C:\Users\dan\AppData\Local\Temp\Wise_SETUP.exe


==================== Known DLLs (Whitelisted) ============


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll
[2009-04-15 07:44] - [2014-01-02 16:31] - 0550912 ____A (Microsoft Corporation) A5BC532853FA48BC4E0BC96996D7AE2B

 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

Restore point made on: 2014-03-22 12:07:49
Restore point made on: 2014-03-22 12:20:24
Restore point made on: 2014-03-22 12:42:52

==================== Memory info ===========================

Percentage of memory in use: 8%
Total physical RAM: 4085.05 MB
Available physical RAM: 3724.61 MB
Total Pagefile: 3952.37 MB
Available Pagefile: 3794.83 MB
Total Virtual: 2047.88 MB
Available Virtual: 1970.47 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:146.95 GB) (Free:37.44 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (MIDNIGHT_COWBOY) (CDROM) (Total:5.54 GB) (Free:0 GB) UDF
Drive e: (Elements) (Fixed) (Total:298.09 GB) (Free:120.49 GB) NTFS
Drive x: (RECOVERY) (Fixed) (Total:2 GB) (Free:1.12 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149 GB) (Disk ID: B8000000)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 298 GB) (Disk ID: B32195DA)

Partition: GPT Partition Type.


LastRegBack: 2014-04-07 16:15

==================== End Of Log ============================



#4 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:05 PM

Posted 08 April 2014 - 08:43 AM

Search for files with FRST (Recovery Environment)


In Vista or Windows 7: Boot to System Recovery Options and run FRST.

In Windows XP: Please boot to BartPe and run FRST.



Type the following in the edit box after "Search:"

rpcss.dll

Click Search button and post the log (Search.txt) it makes to your reply.
Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#5 whistler38

whistler38
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:05 PM

Posted 08 April 2014 - 07:12 PM

roger that, log below from rpcss.dll search:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014  01 (ATTENTION: ====> FRST version is 26 days old and could be outdated)
Ran by SYSTEM on MINWINPC on 08-04-2014 20:01:39
Running from E:\
Windows Vista ™ Business Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.


The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ECenter] - C:\Dell\E-Center\EULALauncher.exe [17920 2008-02-26] ( )
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint\Apoint.exe [159744 2007-04-16] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SigmatelSysTrayApp] - C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [405504 2008-01-03] (IDT, Inc.)
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [174872 2007-02-12] (Intel Corporation)
HKLM\...\Run: [WavXMgr] - C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe [85504 2007-09-10] (Wave Systems Corp.)
HKLM\...\Run: [SecureUpgrade] - C:\Program Files\Wave Systems Corp\SecureUpgrade.exe [218424 2007-09-14] (Wave Systems Corp.)
HKLM\...\Run: [PDVDDXSrv] - C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [128296 2008-02-26] (CyberLink Corp.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152 2007-10-14] (Hewlett-Packard)
HKLM\...\Run: [hpqSRMon] - C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [80896 2007-08-22] (Hewlett-Packard)
HKLM\...\Run: [Malwarebytes Anti-Malware (reboot)] - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [887432 2013-04-04] (Malwarebytes Corporation)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [QuickTime Plugin Install] - C:\Program Files\QuickTime\Plugins\DeleteMe1.exe [86016 2012-05-27] ()
HKLM\...\Run: [AVG_UI] - C:\Program Files\AVG\AVG2014\avgui.exe [4971024 2014-03-19] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-04-30] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
HKLM\...\Run: [vProt] - C:\Program Files\AVG SafeGuard toolbar\vprot.exe [2544664 2014-03-20] ()
Winlogon\Notify\gemsafe: C:\Program Files\Gemplus\GemSafe Libraries\BIN\WLEventNotify.dll (Gemplus)
HKU\dan\...\Run: [Google Update] - C:\Users\dan\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-03-04] (Google Inc.)
HKU\dan\...\Run: [OfficeSyncProcess] - C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKU\dan\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-20] (Microsoft Corporation)
Lsa: [Authentication Packages] msv1_0 wvauth
Startup: C:\Users\dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

========================== Services (Whitelisted) =================

S2 ASFIPmon; C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe [79432 2006-12-19] (Broadcom Corporation)
S2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3782672 2014-02-23] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-23] (AVG Technologies CZ, s.r.o.)
S2 BthFilterHelper; C:\Program Files\CSR\Vista Profile Pack\BthFilterHelper.exe [127488 2006-11-07] (CSR, plc)
S2 nicconfigsvc; C:\Program Files\Dell\QuickSet\NicConfigSvc.exe [390424 2008-02-22] (Dell Inc.)
S3 SecureStorageService; C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe [486400 2007-08-31] (Wave Systems Corp.)
S2 tcsd_win32.exe; C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [1552384 2007-11-08] ()
S2 vToolbarUpdater18.0.5; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe [1771032 2014-03-20] (AVG Secure Search)
S2 Wave UCSPlus; C:\Windows\system32\dllhost.exe [7168 2006-11-02] (Microsoft Corporation)
S3 WaveEnrollmentService; C:\Program Files\Wave Systems Corp\Authentication Manager\WaveEnrollmentService.exe [192512 2007-09-13] (Wave Systems Corp.)

==================== Drivers (Whitelisted) ====================

S1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [120600 2013-11-25] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [210712 2013-11-25] (AVG Technologies CZ, s.r.o.)
S0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [149272 2013-11-25] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22808 2014-01-19] (AVG Technologies CZ, s.r.o.)
S1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [176952 2013-10-31] (AVG Technologies CZ, s.r.o.)
S0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [222520 2013-10-31] (AVG Technologies CZ, s.r.o.)
S0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [102712 2013-09-30] (AVG Technologies CZ, s.r.o.)
S0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27448 2013-09-09] (AVG Technologies CZ, s.r.o.)
S1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [193848 2013-08-01] (AVG Technologies CZ, s.r.o.)
S1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42272 2014-03-20] (AVG Technologies)
S2 BASFND; C:\Program Files\Broadcom\ASFIPMon\BASFND.sys [10480 2006-12-19] (Broadcom Corporation)
S3 BTHFILT; C:\Windows\System32\DRIVERS\BthFilt.sys [13824 2007-05-05] (CSR, plc)
S3 CSRBC; C:\Windows\System32\Drivers\csrbcxp.sys [31744 2007-01-16] (CSR, plc)
S3 DCamUSBEMPIA; C:\Windows\System32\DRIVERS\emDevice.sys [104270 2011-05-12] (eMPIA Technology, Inc.)
S3 FiltUSBEMPIA; C:\Windows\System32\DRIVERS\emFilter.sys [5246 2011-05-12] (eMPIA Technology, Inc.)
S3 guardian2; C:\Windows\System32\Drivers\oz776.sys [62208 2007-11-28] (O2Micro)
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [75480 2014-02-14] (Malwarebytes Corporation)
S0 PBADRV; C:\Windows\System32\DRIVERS\PBADRV.sys [26608 2007-09-07] (Dell Inc)
S3 ScanUSBEMPIA; C:\Windows\System32\DRIVERS\emScan.sys [4522 2011-05-12] (eMPIA Technology, Inc.)
S3 usbbus; C:\Windows\System32\DRIVERS\lgusbbus.sys [21344 2005-05-26] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgusbdiag.sys [38144 2005-05-26] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgusbmodem.sys [39036 2005-06-24] (LG Electronics Inc.)
S2 WavxDMgr; C:\Windows\System32\DRIVERS\WavxDMgr.sys [156160 2007-09-10] (Wave Systems Corp.)
S0 fpcnmhp; System32\drivers\gvcxhoud.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S0 pwobggb; System32\drivers\ecixe.sys [X]
S3 TrueSight; \??\C:\Windows\system32\TrueSight.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-07 16:07 - 2014-04-07 16:07 - 00140192 _____ () C:\Windows\Minidump\Mini040714-01.dmp
2014-04-06 18:05 - 2014-04-06 18:05 - 00140192 _____ () C:\Windows\Minidump\Mini040614-01.dmp
2014-04-06 17:24 - 2014-04-06 17:24 - 00014369 _____ () C:\Users\dan\Desktop\attach.txt
2014-04-06 17:24 - 2014-04-06 17:24 - 00013349 _____ () C:\Users\dan\Desktop\dds.txt
2014-04-04 19:06 - 2014-04-04 20:26 - 00008071 _____ () C:\Windows\System32\avgrep.txt
2014-04-04 19:05 - 2014-04-04 19:05 - 00002628 _____ () C:\Users\dan\Desktop\RKreport[0]_D_04042014_230530.txt
2014-04-04 19:05 - 2014-04-04 19:05 - 00001604 _____ () C:\Users\dan\Desktop\RKreport[0]_H_04042014_230544.txt
2014-04-04 19:01 - 2014-04-04 19:01 - 00002565 _____ () C:\Users\dan\Desktop\RKreport[0]_S_04042014_230132.txt
2014-04-04 14:02 - 2014-04-04 14:02 - 00140192 _____ () C:\Windows\Minidump\Mini040414-01.dmp
2014-04-03 18:51 - 2014-04-03 18:51 - 00140192 _____ () C:\Windows\Minidump\Mini040314-03.dmp
2014-04-03 18:42 - 2014-04-03 18:42 - 00140192 _____ () C:\Windows\Minidump\Mini040314-02.dmp
2014-04-03 18:18 - 2014-04-03 18:18 - 00140192 _____ () C:\Windows\Minidump\Mini040314-01.dmp
2014-04-03 18:17 - 2014-04-07 16:07 - 348438648 _____ () C:\Windows\MEMORY.DMP
2014-04-03 18:13 - 2014-04-03 18:13 - 00688992 ____R (Swearware) C:\Users\dan\Desktop\dds.com
2014-03-29 20:03 - 2014-03-29 20:03 - 00043554 _____ () C:\Users\dan\Downloads\Shortcut.txt
2014-03-29 19:41 - 2014-03-29 19:42 - 00000061 _____ () C:\Users\dan\Desktop\AV.txt
2014-03-29 12:54 - 2014-03-29 13:21 - 00000000 ____D () C:\Users\dan\AppData\Roaming\Wise Registry Cleaner
2014-03-29 12:54 - 2014-03-29 12:54 - 00001022 _____ () C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
2014-03-29 12:54 - 2014-03-29 12:54 - 00000000 ____D () C:\Program Files\Wise
2014-03-29 12:53 - 2014-03-29 12:53 - 03224200 _____ (WiseCleaner.com ) C:\Users\dan\Downloads\WRCFree.exe
2014-03-29 11:50 - 2014-03-29 11:50 - 00002098 _____ () C:\Windows\hiveList.dat
2014-03-29 11:50 - 2014-03-29 11:50 - 00000004 _____ () C:\Windows\CSCCompactState
2014-03-29 09:09 - 2014-03-29 09:09 - 14863480 _____ (Comodo Security Solutions, Inc.) C:\Users\dan\Downloads\cptsetup.exe
2014-03-29 09:09 - 2014-03-29 09:09 - 00000000 ____D () C:\Program Files\COMODO
2014-03-28 20:20 - 2014-03-28 20:20 - 16578402 _____ ( ) C:\Users\dan\Downloads\DLLSuite_Setup.exe
2014-03-28 20:20 - 2014-03-28 20:20 - 00000000 ____D () C:\Program Files\DLLSuite
2014-03-28 19:38 - 2014-03-28 20:35 - 00000000 ____D () C:\Program Files\Advanced Fix 2014
2014-03-28 19:37 - 2014-03-28 19:37 - 06656496 _____ (Advanced Fix, Inc. ) C:\Users\dan\Downloads\AdvancedFix_Setup.exe
2014-03-28 18:41 - 2014-04-04 19:05 - 00000000 ____D () C:\Users\dan\Desktop\RK_Quarantine
2014-03-28 18:41 - 2014-03-28 18:41 - 03972608 _____ () C:\Users\dan\Downloads\RogueKiller.exe
2014-03-28 16:09 - 2014-03-28 16:10 - 00000000 ____D () C:\Windows\2C7D909F99544F67AC816F6D9D054A08.TMP
2014-03-28 16:03 - 2014-03-30 17:14 - 00000510 _____ () C:\Windows\System32\.crusader
2014-03-28 15:41 - 2014-03-28 16:04 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-03-28 15:38 - 2014-03-28 15:40 - 10094400 _____ (SurfRight B.V.) C:\Users\dan\Downloads\HitmanPro.exe
2014-03-26 20:11 - 2014-03-26 20:11 - 319323550 _____ () C:\Users\dan\Documents\Reg 3-27-14.reg
2014-03-26 20:03 - 2014-03-26 20:03 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-03-26 20:02 - 2014-03-26 20:02 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-03-26 18:36 - 2014-03-26 18:36 - 00347816 _____ (Microsoft Corporation) C:\Users\dan\Downloads\MicrosoftFixit.wu.MATSKB.Run.exe
2014-03-25 17:36 - 2014-03-25 17:36 - 00000000 ___HD () C:\$AVG
2014-03-25 15:33 - 2014-03-25 15:36 - 150518130 _____ () C:\Users\dan\Downloads\Windows6.0-KB947821-v33-x86.msu
2014-03-25 15:10 - 2009-04-10 22:28 - 00550400 _____ (Microsoft Corporation) C:\Windows\System32\uzhxrth.vbp
2014-03-25 14:32 - 2014-03-26 16:53 - 00000000 ____D () C:\Users\dan\AppData\Local\Avg2014
2014-03-23 20:43 - 2014-03-23 20:43 - 00095932 _____ () C:\Users\dan\Documents\ResultReport.html
2014-03-23 20:43 - 2014-03-23 20:43 - 00000000 ____D () C:\Users\dan\Documents\ResultReport_files
2014-03-23 20:24 - 2014-03-23 20:24 - 00280204 _____ () C:\Users\dan\Downloads\WindowsUpdateDiagnostic.diagcab
2014-03-23 20:01 - 2014-03-24 19:06 - 00055680 _____ () C:\Windows\setupact.log
2014-03-23 20:01 - 2014-03-23 20:01 - 00000000 ____D () C:\Users\dan\AppData\Local\Microsoft Corporation
2014-03-23 20:01 - 2014-03-23 20:01 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-23 19:23 - 2014-03-23 19:23 - 00000000 ____D () C:\Program Files\Microsoft Windows 7 Upgrade Advisor
2014-03-23 18:49 - 2014-03-25 19:40 - 00224024 _____ () C:\Windows\PFRO.log
2014-03-23 17:33 - 2014-03-25 17:49 - 00000000 ____D () C:\Windows\System32\MRT
2014-03-22 12:59 - 2014-03-22 13:19 - 00000314 _____ () C:\Users\dan\Desktop\Support Tech.log
2014-03-22 12:33 - 2014-03-22 12:33 - 00000000 ____D () C:\Users\dan\Impostazioni locali
2014-03-22 11:35 - 2014-03-22 11:35 - 00000000 ____D () C:\ProgramData\AMMYY
2014-03-22 10:42 - 2014-03-22 10:42 - 00000000 ____D () C:\Users\dan\AppData\Roaming\TeamViewer
2014-03-22 10:41 - 2014-03-22 10:41 - 05814000 _____ (TeamViewer GmbH) C:\Users\dan\Downloads\TeamViewer_Setup_en.exe
2014-03-21 20:47 - 2014-03-21 20:47 - 00000070 _____ () C:\Users\dan\Documents\Firefox Restore.txt
2014-03-20 18:13 - 2014-03-25 21:21 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-03-18 16:50 - 2014-03-28 20:10 - 00000000 ____D () C:\Program Files\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-04-08 16:00 - 2011-07-31 18:03 - 00196608 _____ () C:\Windows\System32\Ikeext.etl
2014-04-08 16:00 - 2008-08-11 02:53 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-04-08 16:00 - 2008-08-10 21:33 - 01806013 _____ () C:\Windows\WindowsUpdate.log
2014-04-08 16:00 - 2006-11-02 04:47 - 00003616 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-08 16:00 - 2006-11-02 04:47 - 00003616 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-08 15:07 - 2010-10-04 17:44 - 00000000 ____D () C:\ProgramData\MFAData
2014-04-07 20:47 - 2014-02-10 19:09 - 00000000 ____D () C:\FRST
2014-04-07 20:20 - 2014-02-14 19:16 - 00000079 _____ () C:\Windows\System32\lkic.tze
2014-04-07 20:18 - 2006-11-02 03:18 - 00000000 ____D () C:\Windows\tracing
2014-04-07 16:56 - 2006-11-02 03:18 - 00000000 ____D () C:\Windows\registration
2014-04-07 16:55 - 2008-08-15 15:32 - 00000000 _____ () C:\Users\dan\AppData\Local\WavXMapDrive.bat
2014-04-07 16:16 - 2006-11-02 02:33 - 00703388 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-04-07 16:07 - 2014-04-07 16:07 - 00140192 _____ () C:\Windows\Minidump\Mini040714-01.dmp
2014-04-07 16:07 - 2014-04-03 18:17 - 348438648 _____ () C:\Windows\MEMORY.DMP
2014-04-07 16:07 - 2008-08-22 21:29 - 00000000 ____D () C:\Windows\Minidump
2014-04-06 18:05 - 2014-04-06 18:05 - 00140192 _____ () C:\Windows\Minidump\Mini040614-01.dmp
2014-04-06 17:24 - 2014-04-06 17:24 - 00014369 _____ () C:\Users\dan\Desktop\attach.txt
2014-04-06 17:24 - 2014-04-06 17:24 - 00013349 _____ () C:\Users\dan\Desktop\dds.txt
2014-04-06 16:21 - 2010-04-15 18:51 - 00070129 _____ () C:\Users\dan\Documents\Expenses.xlsx
2014-04-06 16:18 - 2013-02-22 18:44 - 00024627 _____ () C:\Users\dan\Documents\Temple.xlsx
2014-04-04 20:26 - 2014-04-04 19:06 - 00008071 _____ () C:\Windows\System32\avgrep.txt
2014-04-04 19:05 - 2014-04-04 19:05 - 00002628 _____ () C:\Users\dan\Desktop\RKreport[0]_D_04042014_230530.txt
2014-04-04 19:05 - 2014-04-04 19:05 - 00001604 _____ () C:\Users\dan\Desktop\RKreport[0]_H_04042014_230544.txt
2014-04-04 19:05 - 2014-03-28 18:41 - 00000000 ____D () C:\Users\dan\Desktop\RK_Quarantine
2014-04-04 19:01 - 2014-04-04 19:01 - 00002565 _____ () C:\Users\dan\Desktop\RKreport[0]_S_04042014_230132.txt
2014-04-04 18:38 - 2008-08-15 16:44 - 00102400 _____ () C:\Users\dan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-04 14:02 - 2014-04-04 14:02 - 00140192 _____ () C:\Windows\Minidump\Mini040414-01.dmp
2014-04-03 18:51 - 2014-04-03 18:51 - 00140192 _____ () C:\Windows\Minidump\Mini040314-03.dmp
2014-04-03 18:42 - 2014-04-03 18:42 - 00140192 _____ () C:\Windows\Minidump\Mini040314-02.dmp
2014-04-03 18:18 - 2014-04-03 18:18 - 00140192 _____ () C:\Windows\Minidump\Mini040314-01.dmp
2014-04-03 18:13 - 2014-04-03 18:13 - 00688992 ____R (Swearware) C:\Users\dan\Desktop\dds.com
2014-03-31 17:21 - 2012-01-11 13:18 - 00011186 _____ () C:\Users\dan\Documents\Movies 2012.xlsx
2014-03-30 17:14 - 2014-03-28 16:03 - 00000510 _____ () C:\Windows\System32\.crusader
2014-03-29 20:03 - 2014-03-29 20:03 - 00043554 _____ () C:\Users\dan\Downloads\Shortcut.txt
2014-03-29 20:03 - 2014-02-10 20:58 - 00032247 _____ () C:\Users\dan\Downloads\Addition.txt
2014-03-29 20:03 - 2014-02-10 20:57 - 00060906 _____ () C:\Users\dan\Downloads\FRST.txt
2014-03-29 19:55 - 2014-02-12 18:03 - 00000000 ____D () C:\Users\dan\Downloads\FRST-OlderVersion
2014-03-29 19:55 - 2014-02-10 19:08 - 01145856 _____ (Farbar) C:\Users\dan\Downloads\FRST.exe
2014-03-29 19:42 - 2014-03-29 19:41 - 00000061 _____ () C:\Users\dan\Desktop\AV.txt
2014-03-29 17:57 - 2011-03-26 11:33 - 00000000 ____D () C:\Users\dan\Documents\Outlook Files
2014-03-29 13:22 - 2006-11-02 02:22 - 47972352 _____ () C:\Windows\System32\config\software.bak
2014-03-29 13:22 - 2006-11-02 02:22 - 00262144 _____ () C:\Windows\System32\config\security.bak
2014-03-29 13:22 - 2006-11-02 02:22 - 00262144 _____ () C:\Windows\System32\config\sam.bak
2014-03-29 13:22 - 2006-11-02 02:22 - 00262144 _____ () C:\Windows\System32\config\default.bak
2014-03-29 13:21 - 2014-03-29 12:54 - 00000000 ____D () C:\Users\dan\AppData\Roaming\Wise Registry Cleaner
2014-03-29 12:54 - 2014-03-29 12:54 - 00001022 _____ () C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
2014-03-29 12:54 - 2014-03-29 12:54 - 00000000 ____D () C:\Program Files\Wise
2014-03-29 12:53 - 2014-03-29 12:53 - 03224200 _____ (WiseCleaner.com ) C:\Users\dan\Downloads\WRCFree.exe
2014-03-29 11:50 - 2014-03-29 11:50 - 00002098 _____ () C:\Windows\hiveList.dat
2014-03-29 11:50 - 2014-03-29 11:50 - 00000004 _____ () C:\Windows\CSCCompactState
2014-03-29 09:09 - 2014-03-29 09:09 - 14863480 _____ (Comodo Security Solutions, Inc.) C:\Users\dan\Downloads\cptsetup.exe
2014-03-29 09:09 - 2014-03-29 09:09 - 00000000 ____D () C:\Program Files\COMODO
2014-03-28 20:35 - 2014-03-28 19:38 - 00000000 ____D () C:\Program Files\Advanced Fix 2014
2014-03-28 20:20 - 2014-03-28 20:20 - 16578402 _____ ( ) C:\Users\dan\Downloads\DLLSuite_Setup.exe
2014-03-28 20:20 - 2014-03-28 20:20 - 00000000 ____D () C:\Program Files\DLLSuite
2014-03-28 20:10 - 2014-03-18 16:50 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-28 20:10 - 2010-06-11 13:33 - 00000000 ____D () C:\found.002
2014-03-28 20:10 - 2008-08-19 07:43 - 00000000 ____D () C:\Netgear
2014-03-28 19:37 - 2014-03-28 19:37 - 06656496 _____ (Advanced Fix, Inc. ) C:\Users\dan\Downloads\AdvancedFix_Setup.exe
2014-03-28 18:41 - 2014-03-28 18:41 - 03972608 _____ () C:\Users\dan\Downloads\RogueKiller.exe
2014-03-28 16:10 - 2014-03-28 16:09 - 00000000 ____D () C:\Windows\2C7D909F99544F67AC816F6D9D054A08.TMP
2014-03-28 16:04 - 2014-03-28 15:41 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-03-28 15:40 - 2014-03-28 15:38 - 10094400 _____ (SurfRight B.V.) C:\Users\dan\Downloads\HitmanPro.exe
2014-03-26 20:11 - 2014-03-26 20:11 - 319323550 _____ () C:\Users\dan\Documents\Reg 3-27-14.reg
2014-03-26 20:03 - 2014-03-26 20:03 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-03-26 20:02 - 2014-03-26 20:02 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-03-26 18:36 - 2014-03-26 18:36 - 00347816 _____ (Microsoft Corporation) C:\Users\dan\Downloads\MicrosoftFixit.wu.MATSKB.Run.exe
2014-03-26 16:53 - 2014-03-25 14:32 - 00000000 ____D () C:\Users\dan\AppData\Local\Avg2014
2014-03-25 21:24 - 2014-02-11 14:38 - 00000000 ____D () C:\Program Files\Common Files\AVG Secure Search
2014-03-25 21:24 - 2014-02-11 14:38 - 00000000 ____D () C:\Program Files\AVG SafeGuard toolbar
2014-03-25 21:24 - 2009-03-16 09:54 - 00000000 ____D () C:\ProgramData\HP Product Assistant
2014-03-25 21:24 - 2008-08-15 15:32 - 00000000 ____D () C:\users\dan
2014-03-25 21:24 - 2006-11-02 03:18 - 00000000 ____D () C:\Windows\System32\spool
2014-03-25 21:24 - 2006-11-02 03:18 - 00000000 ____D () C:\Windows\System32\pt-BR
2014-03-25 21:24 - 2006-11-02 03:18 - 00000000 ____D () C:\Windows\System32\Msdtc
2014-03-25 21:24 - 2006-11-02 02:22 - 47972352 _____ () C:\Windows\System32\config\software_previous
2014-03-25 21:24 - 2006-11-02 02:22 - 18874368 _____ () C:\Windows\System32\config\system_previous
2014-03-25 21:22 - 2013-11-14 18:31 - 00000000 ____D () C:\Users\dan\AppData\Roaming\AVG2014
2014-03-25 21:21 - 2014-03-20 18:13 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-03-25 21:21 - 2014-02-11 14:38 - 00000000 ____D () C:\ProgramData\AVG SafeGuard toolbar
2014-03-25 21:12 - 2006-11-02 02:22 - 00262144 _____ () C:\Windows\System32\config\security_previous
2014-03-25 21:12 - 2006-11-02 02:22 - 00262144 _____ () C:\Windows\System32\config\sam_previous
2014-03-25 19:41 - 2006-11-02 04:47 - 00371952 _____ () C:\Windows\System32\FNTCACHE.DAT
2014-03-25 19:40 - 2014-03-23 18:49 - 00224024 _____ () C:\Windows\PFRO.log
2014-03-25 17:49 - 2014-03-23 17:33 - 00000000 ____D () C:\Windows\System32\MRT
2014-03-25 17:39 - 2008-08-15 15:32 - 00100824 _____ () C:\Users\dan\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-25 17:36 - 2014-03-25 17:36 - 00000000 ___HD () C:\$AVG
2014-03-25 17:36 - 2013-11-14 18:27 - 00000000 ____D () C:\ProgramData\AVG2014
2014-03-25 17:01 - 2006-11-02 02:22 - 33554432 _____ () C:\Windows\System32\config\components_previous
2014-03-25 17:01 - 2006-11-02 02:22 - 00262144 _____ () C:\Windows\System32\config\default_previous
2014-03-25 15:36 - 2014-03-25 15:33 - 150518130 _____ () C:\Users\dan\Downloads\Windows6.0-KB947821-v33-x86.msu
2014-03-25 14:10 - 2006-11-02 03:18 - 00000000 ____D () C:\Windows\System32\LogFiles
2014-03-24 19:06 - 2014-03-23 20:01 - 00055680 _____ () C:\Windows\setupact.log
2014-03-23 20:43 - 2014-03-23 20:43 - 00095932 _____ () C:\Users\dan\Documents\ResultReport.html
2014-03-23 20:43 - 2014-03-23 20:43 - 00000000 ____D () C:\Users\dan\Documents\ResultReport_files
2014-03-23 20:24 - 2014-03-23 20:24 - 00280204 _____ () C:\Users\dan\Downloads\WindowsUpdateDiagnostic.diagcab
2014-03-23 20:01 - 2014-03-23 20:01 - 00000000 ____D () C:\Users\dan\AppData\Local\Microsoft Corporation
2014-03-23 20:01 - 2014-03-23 20:01 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-23 19:23 - 2014-03-23 19:23 - 00000000 ____D () C:\Program Files\Microsoft Windows 7 Upgrade Advisor
2014-03-23 18:43 - 2014-02-11 14:39 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2014-03-22 18:03 - 2014-02-14 18:03 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-22 18:03 - 2014-02-11 18:49 - 00000000 ____D () C:\Users\dan\Desktop\mbar
2014-03-22 16:08 - 2008-08-15 15:32 - 00000000 ____D () C:\Users\dan\Documents\My Google Gadgets
2014-03-22 13:19 - 2014-03-22 12:59 - 00000314 _____ () C:\Users\dan\Desktop\Support Tech.log
2014-03-22 12:33 - 2014-03-22 12:33 - 00000000 ____D () C:\Users\dan\Impostazioni locali
2014-03-22 11:59 - 2011-05-20 07:55 - 00000000 ____D () C:\Users\dan\AppData\Roaming\uTorrent
2014-03-22 11:59 - 2008-02-03 14:40 - 00000000 ____D () C:\Windows\Panther
2014-03-22 11:35 - 2014-03-22 11:35 - 00000000 ____D () C:\ProgramData\AMMYY
2014-03-22 10:42 - 2014-03-22 10:42 - 00000000 ____D () C:\Users\dan\AppData\Roaming\TeamViewer
2014-03-22 10:41 - 2014-03-22 10:41 - 05814000 _____ (TeamViewer GmbH) C:\Users\dan\Downloads\TeamViewer_Setup_en.exe
2014-03-21 20:47 - 2014-03-21 20:47 - 00000070 _____ () C:\Users\dan\Documents\Firefox Restore.txt
2014-03-20 18:16 - 2012-06-10 09:15 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-03-20 18:13 - 2014-02-11 14:39 - 00042272 _____ (AVG Technologies) C:\Windows\System32\Drivers\avgtpx86.sys
2014-03-13 23:19 - 2010-02-28 12:15 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-13 23:03 - 2008-08-21 14:35 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-11 20:10 - 2012-09-10 16:13 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2014-03-11 20:10 - 2011-06-12 04:38 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2014-03-09 19:40 - 2009-12-28 08:54 - 00000000 ____D () C:\Users\dan\Movies

Some content of TEMP:
====================
C:\Users\dan\AppData\Local\Temp\ntdll_dump.dll
C:\Users\dan\AppData\Local\Temp\RHSetup.exe
C:\Users\dan\AppData\Local\Temp\UNINSTALL.exe
C:\Users\dan\AppData\Local\Temp\Wise_SETUP.exe


==================== Known DLLs (Whitelisted) ============


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll
[2009-04-15 07:44] - [2014-01-02 16:31] - 0550912 ____A (Microsoft Corporation) A5BC532853FA48BC4E0BC96996D7AE2B

 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

Restore point made on: 2014-03-22 12:07:49
Restore point made on: 2014-03-22 12:20:24
Restore point made on: 2014-03-22 12:42:52

==================== Memory info ===========================

Percentage of memory in use: 8%
Total physical RAM: 4085.05 MB
Available physical RAM: 3730.8 MB
Total Pagefile: 3952.37 MB
Available Pagefile: 3797.97 MB
Total Virtual: 2047.88 MB
Available Virtual: 1970.45 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:146.95 GB) (Free:37.53 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Elements) (Fixed) (Total:298.09 GB) (Free:120.49 GB) NTFS
Drive x: (RECOVERY) (Fixed) (Total:2 GB) (Free:1.12 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149 GB) (Disk ID: B8000000)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 298 GB) (Disk ID: B32195DA)

Partition: GPT Partition Type.


LastRegBack: 2014-04-07 17:03

==================== End Of Log ============================



#6 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:05 PM

Posted 09 April 2014 - 03:33 AM

That´s the wrong file - we need the search results of FRST.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#7 whistler38

whistler38
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:05 PM

Posted 09 April 2014 - 07:51 PM

Apologies. Search log below:

 

Farbar Recovery Scan Tool (x86) Version: 13-03-2014  01
Ran by SYSTEM at 2014-04-09 20:43:09
Running from E:\
Boot Mode: Recovery

================== Search: "rpcss.dll" ===================

C:\Windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.22389_none_6a06ffcd57365beb\rpcss.dll
[2009-04-15 07:44] - [2009-03-02 20:32] - 0551424 ____A (Microsoft Corporation) 4DFCBDEF3CCAA98F99038DED78945253

C:\Windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.18226_none_69bb41ac3deac876\rpcss.dll
[2009-04-15 07:44] - [2009-03-02 20:39] - 0551424 ____A (Microsoft Corporation) 301AE00E12408650BADDC04DBC832830

C:\Windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.18000_none_69cadbfc3ddffe3c\rpcss.dll
[2008-01-20 18:24] - [2008-01-20 18:24] - 0547328 ____A (Microsoft Corporation) 33FB1F0193EE2051067441492D56113C

C:\Windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.21023_none_685b771559e4be8c\rpcss.dll
[2009-04-15 07:44] - [2009-03-02 20:17] - 0550400 ____A (Microsoft Corporation) B1BB45E24717A7F790B4411C4446EF5E

C:\Windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.16830_none_67c4315e40d1bb6c\rpcss.dll
[2009-04-15 07:44] - [2009-03-02 20:19] - 0549888 ____A (Microsoft Corporation) 7B981222A257D076885BFFB66F19B7CE

C:\Windows\System32\rpcss.dll
[2009-04-15 07:44] - [2014-01-02 16:31] - 0550912 ____A (Microsoft Corporation) A5BC532853FA48BC4E0BC96996D7AE2B

C:\Windows\ERDNT\cache\rpcss.dll
[2012-03-05 12:28] - [2009-03-02 20:39] - 0551424 ____A (Microsoft Corporation) 301AE00E12408650BADDC04DBC832830

X:\Windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.18000_none_69cadbfc3ddffe3c\rpcss.dll
[2008-01-19 00:51] - [2008-01-19 00:51] - 0547328 ____A (Microsoft Corporation) 33FB1F0193EE2051067441492D56113C

X:\Windows\System32\rpcss.dll
[2008-01-18 21:49] - [2008-01-18 23:36] - 0547328 ____A (Microsoft Corporation) 33FB1F0193EE2051067441492D56113C

=== End Of Search ===



#8 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:05 PM

Posted 10 April 2014 - 06:53 AM

Fix with FRST (Recovery Environment)


  • Open notepad (Start =>All Programs => Accessories => Notepad).
  • Please copy the entire contents of the code box below.
    (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste). Save it on the flashdrive as fixlist.txt

    S0 fpcnmhp; System32\drivers\gvcxhoud.sys [X]
    S0 pwobggb; System32\drivers\ecixe.sys [X]
    
    2014-04-07 20:20 - 2014-02-14 19:16 - 00000079 _____ () C:\Windows\System32\lkic.tze
    
    REPLACE: C:\Windows\ERDNT\cache\rpcss.dll C:\Windows\System32\rpcss.dll
    C:\Windows\System32\drivers\gvcxhoud.sys
    C:\Windows\System32\drivers\ecixe.sys

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    Now please enter System Recovery Options again.

  • Run frst.exe (on 64bit, run frst64.exe) and press the Fix button just once and wait.
  • The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

 

 

 

Try to boot into windows (as we´re not finished yet!)


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#9 whistler38

whistler38
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:05 PM

Posted 10 April 2014 - 07:39 PM

Hi Marius, Fixlog below:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 13-03-2014  01
Ran by SYSTEM at 2014-04-10 20:28:10 Run:1
Running from E:\
Boot Mode: Recovery

==============================================

Content of fixlist:
*****************
S0 fpcnmhp; System32\drivers\gvcxhoud.sys [X]
S0 pwobggb; System32\drivers\ecixe.sys [X]

2014-04-07 20:20 - 2014-02-14 19:16 - 00000079 _____ () C:\Windows\System32\lkic.tze

REPLACE: C:\Windows\ERDNT\cache\rpcss.dll C:\Windows\System32\rpcss.dll
C:\Windows\System32\drivers\gvcxhoud.sys
C:\Windows\System32\drivers\ecixe.sys
*****************

fpcnmhp => Service deleted successfully.
pwobggb => Service deleted successfully.
C:\Windows\System32\lkic.tze => Moved successfully.
C:\Windows\System32\rpcss.dll => Moved successfully.
C:\Windows\ERDNT\cache\rpcss.dll copied successfully to C:\Windows\System32\rpcss.dll
"C:\Windows\System32\drivers\gvcxhoud.sys" => File/Directory not found.
"C:\Windows\System32\drivers\ecixe.sys" => File/Directory not found.

==== End of Fixlog ====



#10 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:05 PM

Posted 11 April 2014 - 08:23 AM


Try to boot into windows (as we´re not finished yet!)


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#11 whistler38

whistler38
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:05 PM

Posted 11 April 2014 - 06:36 PM

Hi Marius,

 

Please forgive my ignorance, do I need to perform a clean boot? I am currently in windows, after running the fixlist.
 

Thanks again.



#12 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:05 PM

Posted 14 April 2014 - 05:00 AM

Now, into normal mode! :)

 

 

Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)

  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.

 

 

 

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt


Please attach this file to your next reply.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#13 whistler38

whistler38
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:05 PM

Posted 14 April 2014 - 07:23 PM

Hi Marius, thanks for the reply. Below are the logs from the first FRST Scan, then the next FRST scan with Addition.txt checked, and then also the TDSSkiller log with no threats found, will be on the next post. Awaiting orders.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-04-2014
Ran by dan (administrator) on DAN-PC on 14-04-2014 20:07:06
Running from C:\Users\dan\Downloads
Microsoft® Windows Vista™ Business  Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Broadcom Corporation) C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CSR, plc) C:\Program Files\CSR\Vista Profile Pack\BthFilterHelper.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
(IDT, Inc.) C:\Windows\system32\STacSV.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe
(Conexant Systems, Inc.) C:\Windows\system32\DRIVERS\xaudio.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(IDT, Inc.) C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Wave Systems Corp.) C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe
(Wave Systems Corp.) C:\Program Files\Wave Systems Corp\SecureUpgrade.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Avanquest Software ) C:\Program Files\Digital Line Detect\DLG.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\HidFind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apntex.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Microsoft Corporation) C:\Windows\system32\Taskmgr.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
() C:\Users\dan\Downloads\FRST.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ECenter] => C:\Dell\E-Center\EULALauncher.exe [17920 2008-02-27] ( )
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [159744 2007-04-16] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SigmatelSysTrayApp] => C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [405504 2008-01-03] (IDT, Inc.)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [141848 2008-03-31] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe [166424 2008-03-31] (Intel Corporation)
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe [133656 2008-03-31] (Intel Corporation)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [174872 2007-02-12] (Intel Corporation)
HKLM\...\Run: [WavXMgr] => C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe [85504 2007-09-10] (Wave Systems Corp.)
HKLM\...\Run: [SecureUpgrade] => C:\Program Files\Wave Systems Corp\SecureUpgrade.exe [218424 2007-09-14] (Wave Systems Corp.)
HKLM\...\Run: [PDVDDXSrv] => C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [128296 2008-02-26] (CyberLink Corp.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152 2007-10-14] (Hewlett-Packard)
HKLM\...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [80896 2007-08-22] (Hewlett-Packard)
HKLM\...\Run: [Malwarebytes Anti-Malware (reboot)] => C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [887432 2013-04-04] (Malwarebytes Corporation)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [QuickTime Plugin Install] => C:\Program Files\QuickTime\Plugins\DeleteMe1.exe [86016 2012-05-27] ()
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [4971024 2014-03-19] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
HKLM\...\Run: [vProt] => C:\Program Files\AVG SafeGuard toolbar\vprot.exe [2544664 2014-03-20] ()
Winlogon\Notify\gemsafe: C:\Program Files\Gemplus\GemSafe Libraries\BIN\WLEventNotify.dll (Gemplus)
HKU\S-1-5-21-770198754-1453134297-1611020973-1000\...\Run: [Google Update] => C:\Users\dan\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-03-04] (Google Inc.)
HKU\S-1-5-21-770198754-1453134297-1611020973-1000\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKU\S-1-5-21-770198754-1453134297-1611020973-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-20] (Microsoft Corporation)
Lsa: [Authentication Packages] msv1_0 wvauth
Startup: C:\Users\dan\AppData\Local\MicrosoftNT\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3080811
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3080811
URLSearchHook: HKLM - (No Name) - {167d9323-f7cc-48f5-948a-6f012831a69f} -  No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} -  No File
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} http://zone.msn.com/bingame/zpagames/zpa_txhe.cab79352.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab56649.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll No File
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.0.5\ViProtocol.dll (AVG Secure Search)
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: 127.0.0.1    localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\dan\AppData\Roaming\Mozilla\Firefox\Profiles\ip0lpj1o.default
FF DefaultSearchEngine: Wikipedia (en)
FF SelectedSearchEngine: Wikipedia (en)
FF Homepage: about:home
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.0.5\\npsitesafety.dll (AVG Technologies)
FF Plugin: @bittorrent.com/BitTorrentDNA - C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.11.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.11.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\dan\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\dan\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\dan\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npbittorrent.dll (BitTorrent, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\dan\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\dan\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\dan\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.0.5.292
FF Extension: No Name - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.0.5.292 [2014-03-20]

Chrome:
=======
CHR HomePage:
CHR RestoreOnStartup: "sync_promo": {
      "startup_count": 1,
      "user_skipped": true,
      "view_count"
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\dan\AppData\Local\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\dan\AppData\Local\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\dan\AppData\Local\Google\Chrome\Application\32.0.1700.107\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (AVG Internet Security) - C:\Users\dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (BitTorrent) - C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll (BitTorrent, Inc.)
CHR Plugin: (Windows Genuine Advantage) - C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (DNA Plug-in) - C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
CHR Plugin: (Veetle TV Player) - C:\Program Files\Veetle\Player\npvlc.dll No File
CHR Plugin: (Veetle TV Core) - C:\Program Files\Veetle\plugins\npVeetle.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Google Update) - C:\Users\dan\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Google Wallet) - C:\Users\dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-30]

========================== Services (Whitelisted) =================

R2 ASFIPmon; C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe [79432 2006-12-19] (Broadcom Corporation)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3782672 2014-02-23] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 BthFilterHelper; C:\Program Files\CSR\Vista Profile Pack\BthFilterHelper.exe [127488 2006-11-07] (CSR, plc)
R2 nicconfigsvc; C:\Program Files\Dell\QuickSet\NicConfigSvc.exe [390424 2008-02-22] (Dell Inc.)
S3 SecureStorageService; C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe [486400 2007-08-31] (Wave Systems Corp.)
S2 tcsd_win32.exe; C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [1552384 2007-11-08] ()
R2 vToolbarUpdater18.0.5; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe [1771032 2014-03-20] (AVG Secure Search)
R2 Wave UCSPlus; C:\Windows\system32\dllhost.exe [7168 2006-11-02] (Microsoft Corporation)
S3 WaveEnrollmentService; C:\Program Files\Wave Systems Corp\Authentication Manager\WaveEnrollmentService.exe [192512 2007-09-13] (Wave Systems Corp.)

==================== Drivers (Whitelisted) ====================

R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [120600 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [210712 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [149272 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22808 2014-01-19] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [176952 2013-11-01] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [222520 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [102712 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27448 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [193848 2013-08-01] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42272 2014-03-20] (AVG Technologies)
R2 BASFND; C:\Program Files\Broadcom\ASFIPMon\BASFND.sys [10480 2006-12-19] (Broadcom Corporation)
S3 BTHFILT; C:\Windows\System32\DRIVERS\BthFilt.sys [13824 2007-05-05] (CSR, plc)
S3 CSRBC; C:\Windows\System32\Drivers\csrbcxp.sys [31744 2007-01-16] (CSR, plc)
S3 DCamUSBEMPIA; C:\Windows\System32\DRIVERS\emDevice.sys [104270 2011-05-12] (eMPIA Technology, Inc.)
S3 FiltUSBEMPIA; C:\Windows\System32\DRIVERS\emFilter.sys [5246 2011-05-12] (eMPIA Technology, Inc.)
R3 guardian2; C:\Windows\System32\Drivers\oz776.sys [62208 2007-11-29] (O2Micro)
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [75480 2014-02-14] (Malwarebytes Corporation)
R0 PBADRV; C:\Windows\System32\DRIVERS\PBADRV.sys [26608 2007-09-07] (Dell Inc)
S3 ScanUSBEMPIA; C:\Windows\System32\DRIVERS\emScan.sys [4522 2011-05-12] (eMPIA Technology, Inc.)
S3 usbbus; C:\Windows\System32\DRIVERS\lgusbbus.sys [21344 2005-05-26] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgusbdiag.sys [38144 2005-05-26] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgusbmodem.sys [39036 2005-06-24] (LG Electronics Inc.)
R2 WavxDMgr; C:\Windows\System32\DRIVERS\WavxDMgr.sys [156160 2007-09-10] (Wave Systems Corp.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
U3 TrueSight; \??\C:\Windows\system32\TrueSight.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-10 20:18 - 2014-04-10 20:18 - 00000333 _____ () C:\Users\dan\Desktop\fixlist.txt
2014-04-08 21:49 - 2014-04-08 21:49 - 00140192 _____ () C:\Windows\Minidump\Mini040814-03.dmp
2014-04-08 20:25 - 2014-04-08 20:25 - 00140192 _____ () C:\Windows\Minidump\Mini040814-02.dmp
2014-04-08 20:13 - 2014-04-08 20:13 - 00140192 _____ () C:\Windows\Minidump\Mini040814-01.dmp
2014-04-07 20:07 - 2014-04-07 20:07 - 00140192 _____ () C:\Windows\Minidump\Mini040714-01.dmp
2014-04-06 22:05 - 2014-04-06 22:05 - 00140192 _____ () C:\Windows\Minidump\Mini040614-01.dmp
2014-04-06 21:24 - 2014-04-06 21:24 - 00014369 _____ () C:\Users\dan\Desktop\attach.txt
2014-04-06 21:24 - 2014-04-06 21:24 - 00013349 _____ () C:\Users\dan\Desktop\dds.txt
2014-04-04 23:06 - 2014-04-05 00:26 - 00008071 _____ () C:\Windows\system32\avgrep.txt
2014-04-04 23:05 - 2014-04-04 23:05 - 00002628 _____ () C:\Users\dan\Desktop\RKreport[0]_D_04042014_230530.txt
2014-04-04 23:05 - 2014-04-04 23:05 - 00001604 _____ () C:\Users\dan\Desktop\RKreport[0]_H_04042014_230544.txt
2014-04-04 23:01 - 2014-04-04 23:01 - 00002565 _____ () C:\Users\dan\Desktop\RKreport[0]_S_04042014_230132.txt
2014-04-04 18:02 - 2014-04-04 18:02 - 00140192 _____ () C:\Windows\Minidump\Mini040414-01.dmp
2014-04-03 22:51 - 2014-04-03 22:51 - 00140192 _____ () C:\Windows\Minidump\Mini040314-03.dmp
2014-04-03 22:42 - 2014-04-03 22:42 - 00140192 _____ () C:\Windows\Minidump\Mini040314-02.dmp
2014-04-03 22:18 - 2014-04-03 22:18 - 00140192 _____ () C:\Windows\Minidump\Mini040314-01.dmp
2014-04-03 22:17 - 2014-04-08 21:49 - 361659864 _____ () C:\Windows\MEMORY.DMP
2014-04-03 22:13 - 2014-04-03 22:13 - 00688992 ____R (Swearware) C:\Users\dan\Desktop\dds.com
2014-03-30 00:03 - 2014-03-30 00:03 - 00043554 _____ () C:\Users\dan\Downloads\Shortcut.txt
2014-03-29 23:41 - 2014-03-29 23:42 - 00000061 _____ () C:\Users\dan\Desktop\AV.txt
2014-03-29 16:54 - 2014-03-29 17:21 - 00000000 ____D () C:\Users\dan\AppData\Roaming\Wise Registry Cleaner
2014-03-29 16:54 - 2014-03-29 16:54 - 00001022 _____ () C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
2014-03-29 16:54 - 2014-03-29 16:54 - 00000000 ____D () C:\Program Files\Wise
2014-03-29 16:53 - 2014-03-29 16:53 - 03224200 _____ (WiseCleaner.com ) C:\Users\dan\Downloads\WRCFree.exe
2014-03-29 15:50 - 2014-03-29 15:50 - 00002098 _____ () C:\Windows\hiveList.dat
2014-03-29 15:50 - 2014-03-29 15:50 - 00000004 _____ () C:\Windows\CSCCompactState
2014-03-29 13:09 - 2014-03-29 13:09 - 14863480 _____ (Comodo Security Solutions, Inc.) C:\Users\dan\Downloads\cptsetup.exe
2014-03-29 13:09 - 2014-03-29 13:09 - 00000000 ____D () C:\Program Files\COMODO
2014-03-29 00:20 - 2014-03-29 00:20 - 16578402 _____ ( ) C:\Users\dan\Downloads\DLLSuite_Setup.exe
2014-03-29 00:20 - 2014-03-29 00:20 - 00000000 ____D () C:\Program Files\DLLSuite
2014-03-28 23:38 - 2014-03-29 00:35 - 00000000 ____D () C:\Program Files\Advanced Fix 2014
2014-03-28 23:37 - 2014-03-28 23:37 - 06656496 _____ (Advanced Fix, Inc. ) C:\Users\dan\Downloads\AdvancedFix_Setup.exe
2014-03-28 22:41 - 2014-04-04 23:05 - 00000000 ____D () C:\Users\dan\Desktop\RK_Quarantine
2014-03-28 22:41 - 2014-03-28 22:41 - 03972608 _____ () C:\Users\dan\Downloads\RogueKiller.exe
2014-03-28 20:09 - 2014-03-28 20:10 - 00000000 ____D () C:\Windows\2C7D909F99544F67AC816F6D9D054A08.TMP
2014-03-28 20:03 - 2014-03-30 21:14 - 00000510 _____ () C:\Windows\system32\.crusader
2014-03-28 19:41 - 2014-03-28 20:04 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-03-28 19:38 - 2014-03-28 19:40 - 10094400 _____ (SurfRight B.V.) C:\Users\dan\Downloads\HitmanPro.exe
2014-03-27 00:11 - 2014-03-27 00:11 - 319323550 _____ () C:\Users\dan\Documents\Reg 3-27-14.reg
2014-03-27 00:03 - 2014-03-27 00:03 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-03-27 00:02 - 2014-03-27 00:02 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-03-26 22:36 - 2014-03-26 22:36 - 00347816 _____ (Microsoft Corporation) C:\Users\dan\Downloads\MicrosoftFixit.wu.MATSKB.Run.exe
2014-03-25 21:36 - 2014-03-25 21:36 - 00000000 ___HD () C:\$AVG
2014-03-25 19:33 - 2014-03-25 19:36 - 150518130 _____ () C:\Users\dan\Downloads\Windows6.0-KB947821-v33-x86.msu
2014-03-25 19:10 - 2009-04-11 02:28 - 00550400 _____ () C:\Windows\system32\uzhxrth.vbp
2014-03-25 18:32 - 2014-03-26 20:53 - 00000000 ____D () C:\Users\dan\AppData\Local\Avg2014
2014-03-24 00:43 - 2014-03-24 00:43 - 00095932 _____ () C:\Users\dan\Documents\ResultReport.html
2014-03-24 00:43 - 2014-03-24 00:43 - 00000000 ____D () C:\Users\dan\Documents\ResultReport_files
2014-03-24 00:24 - 2014-03-24 00:24 - 00280204 _____ () C:\Users\dan\Downloads\WindowsUpdateDiagnostic.diagcab
2014-03-24 00:01 - 2014-03-24 23:06 - 00055680 _____ () C:\Windows\setupact.log
2014-03-24 00:01 - 2014-03-24 00:01 - 00000000 ____D () C:\Users\dan\AppData\Local\Microsoft Corporation
2014-03-24 00:01 - 2014-03-24 00:01 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-23 23:23 - 2014-03-23 23:23 - 00000000 ____D () C:\Program Files\Microsoft Windows 7 Upgrade Advisor
2014-03-23 22:49 - 2014-03-25 23:40 - 00224024 _____ () C:\Windows\PFRO.log
2014-03-23 21:33 - 2014-03-25 21:49 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-22 16:59 - 2014-03-22 17:19 - 00000314 _____ () C:\Users\dan\Desktop\Support Tech.log
2014-03-22 16:33 - 2014-03-22 16:33 - 00000000 ____D () C:\Users\dan\Impostazioni locali
2014-03-22 15:35 - 2014-03-22 15:35 - 00000000 ____D () C:\ProgramData\AMMYY
2014-03-22 14:42 - 2014-03-22 14:42 - 00000000 ____D () C:\Users\dan\AppData\Roaming\TeamViewer
2014-03-22 14:41 - 2014-03-22 14:41 - 05814000 _____ (TeamViewer GmbH) C:\Users\dan\Downloads\TeamViewer_Setup_en.exe
2014-03-22 00:47 - 2014-03-22 00:47 - 00000070 _____ () C:\Users\dan\Documents\Firefox Restore.txt
2014-03-20 22:13 - 2014-03-26 01:21 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-03-18 20:50 - 2014-03-29 00:10 - 00000000 ____D () C:\Program Files\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-04-14 20:07 - 2014-02-11 00:57 - 00022784 _____ () C:\Users\dan\Downloads\FRST.txt
2014-04-14 20:07 - 2014-02-10 23:09 - 00000000 ____D () C:\FRST
2014-04-14 20:01 - 2014-02-12 22:03 - 00000000 ____D () C:\Users\dan\Downloads\FRST-OlderVersion
2014-04-14 20:01 - 2014-02-10 23:08 - 01042944 _____ (Farbar) C:\Users\dan\Desktop\FRST.exe
2014-04-14 19:55 - 2012-03-04 22:07 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-770198754-1453134297-1611020973-1000UA.job
2014-04-14 19:21 - 2008-08-11 01:33 - 01994984 _____ () C:\Windows\WindowsUpdate.log
2014-04-14 19:15 - 2010-10-04 21:44 - 00000000 ____D () C:\ProgramData\MFAData
2014-04-14 00:10 - 2012-09-10 20:13 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-14 00:08 - 2006-11-02 08:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-14 00:08 - 2006-11-02 08:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-13 19:12 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\tracing
2014-04-12 20:33 - 2010-04-15 22:51 - 00070230 _____ () C:\Users\dan\Documents\Expenses.xlsx
2014-04-12 20:32 - 2012-01-11 17:18 - 00011213 _____ () C:\Users\dan\Documents\Movies 2012.xlsx
2014-04-11 19:23 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\registration
2014-04-11 19:22 - 2011-07-31 22:03 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-04-11 19:22 - 2008-08-15 19:32 - 00000000 _____ () C:\Users\dan\AppData\Local\WavXMapDrive.bat
2014-04-11 19:22 - 2006-11-02 09:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-11 19:17 - 2008-08-11 06:53 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-04-11 19:17 - 2006-11-02 09:01 - 00032656 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-10 20:18 - 2014-04-10 20:18 - 00000333 _____ () C:\Users\dan\Desktop\fixlist.txt
2014-04-10 03:03 - 2008-08-21 18:35 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-09 23:20 - 2011-03-26 15:33 - 00000000 ____D () C:\Users\dan\Documents\Outlook Files
2014-04-09 20:49 - 2008-08-19 13:18 - 00006648 _____ () C:\Users\dan\AppData\Local\d3d9caps.dat
2014-04-08 21:49 - 2014-04-08 21:49 - 00140192 _____ () C:\Windows\Minidump\Mini040814-03.dmp
2014-04-08 21:49 - 2014-04-03 22:17 - 361659864 _____ () C:\Windows\MEMORY.DMP
2014-04-08 21:49 - 2008-08-23 01:29 - 00000000 ____D () C:\Windows\Minidump
2014-04-08 20:25 - 2014-04-08 20:25 - 00140192 _____ () C:\Windows\Minidump\Mini040814-02.dmp
2014-04-08 20:13 - 2014-04-08 20:13 - 00140192 _____ () C:\Windows\Minidump\Mini040814-01.dmp
2014-04-07 20:16 - 2006-11-02 06:33 - 00703388 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-07 20:07 - 2014-04-07 20:07 - 00140192 _____ () C:\Windows\Minidump\Mini040714-01.dmp
2014-04-06 22:05 - 2014-04-06 22:05 - 00140192 _____ () C:\Windows\Minidump\Mini040614-01.dmp
2014-04-06 21:24 - 2014-04-06 21:24 - 00014369 _____ () C:\Users\dan\Desktop\attach.txt
2014-04-06 21:24 - 2014-04-06 21:24 - 00013349 _____ () C:\Users\dan\Desktop\dds.txt
2014-04-06 20:18 - 2013-02-22 22:44 - 00024627 _____ () C:\Users\dan\Documents\Temple.xlsx
2014-04-05 00:26 - 2014-04-04 23:06 - 00008071 _____ () C:\Windows\system32\avgrep.txt
2014-04-04 23:05 - 2014-04-04 23:05 - 00002628 _____ () C:\Users\dan\Desktop\RKreport[0]_D_04042014_230530.txt
2014-04-04 23:05 - 2014-04-04 23:05 - 00001604 _____ () C:\Users\dan\Desktop\RKreport[0]_H_04042014_230544.txt
2014-04-04 23:05 - 2014-03-28 22:41 - 00000000 ____D () C:\Users\dan\Desktop\RK_Quarantine
2014-04-04 23:01 - 2014-04-04 23:01 - 00002565 _____ () C:\Users\dan\Desktop\RKreport[0]_S_04042014_230132.txt
2014-04-04 22:38 - 2008-08-15 20:44 - 00102400 _____ () C:\Users\dan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-04 18:02 - 2014-04-04 18:02 - 00140192 _____ () C:\Windows\Minidump\Mini040414-01.dmp
2014-04-04 17:53 - 2012-03-04 22:07 - 00000848 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-770198754-1453134297-1611020973-1000Core.job
2014-04-03 22:51 - 2014-04-03 22:51 - 00140192 _____ () C:\Windows\Minidump\Mini040314-03.dmp
2014-04-03 22:42 - 2014-04-03 22:42 - 00140192 _____ () C:\Windows\Minidump\Mini040314-02.dmp
2014-04-03 22:18 - 2014-04-03 22:18 - 00140192 _____ () C:\Windows\Minidump\Mini040314-01.dmp
2014-04-03 22:13 - 2014-04-03 22:13 - 00688992 ____R (Swearware) C:\Users\dan\Desktop\dds.com
2014-03-30 21:14 - 2014-03-28 20:03 - 00000510 _____ () C:\Windows\system32\.crusader
2014-03-30 00:03 - 2014-03-30 00:03 - 00043554 _____ () C:\Users\dan\Downloads\Shortcut.txt
2014-03-30 00:03 - 2014-02-11 00:58 - 00032247 _____ () C:\Users\dan\Downloads\Addition.txt
2014-03-29 23:42 - 2014-03-29 23:41 - 00000061 _____ () C:\Users\dan\Desktop\AV.txt
2014-03-29 17:22 - 2006-11-02 06:22 - 47972352 _____ () C:\Windows\system32\config\software.bak
2014-03-29 17:22 - 2006-11-02 06:22 - 00262144 _____ () C:\Windows\system32\config\security.bak
2014-03-29 17:22 - 2006-11-02 06:22 - 00262144 _____ () C:\Windows\system32\config\sam.bak
2014-03-29 17:22 - 2006-11-02 06:22 - 00262144 _____ () C:\Windows\system32\config\default.bak
2014-03-29 17:21 - 2014-03-29 16:54 - 00000000 ____D () C:\Users\dan\AppData\Roaming\Wise Registry Cleaner
2014-03-29 16:54 - 2014-03-29 16:54 - 00001022 _____ () C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
2014-03-29 16:54 - 2014-03-29 16:54 - 00000000 ____D () C:\Program Files\Wise
2014-03-29 16:53 - 2014-03-29 16:53 - 03224200 _____ (WiseCleaner.com ) C:\Users\dan\Downloads\WRCFree.exe
2014-03-29 15:50 - 2014-03-29 15:50 - 00002098 _____ () C:\Windows\hiveList.dat
2014-03-29 15:50 - 2014-03-29 15:50 - 00000004 _____ () C:\Windows\CSCCompactState
2014-03-29 13:09 - 2014-03-29 13:09 - 14863480 _____ (Comodo Security Solutions, Inc.) C:\Users\dan\Downloads\cptsetup.exe
2014-03-29 13:09 - 2014-03-29 13:09 - 00000000 ____D () C:\Program Files\COMODO
2014-03-29 00:35 - 2014-03-28 23:38 - 00000000 ____D () C:\Program Files\Advanced Fix 2014
2014-03-29 00:20 - 2014-03-29 00:20 - 16578402 _____ ( ) C:\Users\dan\Downloads\DLLSuite_Setup.exe
2014-03-29 00:20 - 2014-03-29 00:20 - 00000000 ____D () C:\Program Files\DLLSuite
2014-03-29 00:10 - 2014-03-18 20:50 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-29 00:10 - 2010-06-11 17:33 - 00000000 ____D () C:\found.002
2014-03-29 00:10 - 2008-08-19 11:43 - 00000000 ____D () C:\Netgear
2014-03-28 23:37 - 2014-03-28 23:37 - 06656496 _____ (Advanced Fix, Inc. ) C:\Users\dan\Downloads\AdvancedFix_Setup.exe
2014-03-28 22:41 - 2014-03-28 22:41 - 03972608 _____ () C:\Users\dan\Downloads\RogueKiller.exe
2014-03-28 20:10 - 2014-03-28 20:09 - 00000000 ____D () C:\Windows\2C7D909F99544F67AC816F6D9D054A08.TMP
2014-03-28 20:04 - 2014-03-28 19:41 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-03-28 19:40 - 2014-03-28 19:38 - 10094400 _____ (SurfRight B.V.) C:\Users\dan\Downloads\HitmanPro.exe
2014-03-27 00:11 - 2014-03-27 00:11 - 319323550 _____ () C:\Users\dan\Documents\Reg 3-27-14.reg
2014-03-27 00:03 - 2014-03-27 00:03 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-03-27 00:02 - 2014-03-27 00:02 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-03-26 22:36 - 2014-03-26 22:36 - 00347816 _____ (Microsoft Corporation) C:\Users\dan\Downloads\MicrosoftFixit.wu.MATSKB.Run.exe
2014-03-26 20:53 - 2014-03-25 18:32 - 00000000 ____D () C:\Users\dan\AppData\Local\Avg2014
2014-03-26 01:24 - 2014-02-11 18:38 - 00000000 ____D () C:\Program Files\Common Files\AVG Secure Search
2014-03-26 01:24 - 2014-02-11 18:38 - 00000000 ____D () C:\Program Files\AVG SafeGuard toolbar
2014-03-26 01:24 - 2012-03-05 16:42 - 00000000 ____D () C:\Users\dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2014-03-26 01:24 - 2012-03-04 22:09 - 00000000 ____D () C:\Users\dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-03-26 01:24 - 2012-01-28 22:34 - 00000000 ____D () C:\Users\dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StarCraft II
2014-03-26 01:24 - 2009-03-16 13:54 - 00000000 ____D () C:\ProgramData\HP Product Assistant
2014-03-26 01:24 - 2008-08-15 19:32 - 00000000 ___RD () C:\Users\dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-26 01:24 - 2008-08-15 19:32 - 00000000 ___RD () C:\Users\dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-26 01:24 - 2008-08-15 19:32 - 00000000 ____D () C:\Users\dan
2014-03-26 01:24 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\system32\spool
2014-03-26 01:24 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\system32\pt-BR
2014-03-26 01:24 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\system32\Msdtc
2014-03-26 01:24 - 2006-11-02 06:22 - 47972352 _____ () C:\Windows\system32\config\software_previous
2014-03-26 01:24 - 2006-11-02 06:22 - 18874368 _____ () C:\Windows\system32\config\system_previous
2014-03-26 01:22 - 2013-11-14 22:31 - 00000000 ____D () C:\Users\dan\AppData\Roaming\AVG2014
2014-03-26 01:21 - 2014-03-20 22:13 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-03-26 01:21 - 2014-02-11 18:38 - 00000000 ____D () C:\ProgramData\AVG SafeGuard toolbar
2014-03-26 01:12 - 2006-11-02 06:22 - 00262144 _____ () C:\Windows\system32\config\security_previous
2014-03-26 01:12 - 2006-11-02 06:22 - 00262144 _____ () C:\Windows\system32\config\sam_previous
2014-03-25 23:41 - 2006-11-02 08:47 - 00371952 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-25 23:40 - 2014-03-23 22:49 - 00224024 _____ () C:\Windows\PFRO.log
2014-03-25 21:49 - 2014-03-23 21:33 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-25 21:39 - 2008-08-15 19:32 - 00100824 _____ () C:\Users\dan\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-25 21:36 - 2014-03-25 21:36 - 00000000 ___HD () C:\$AVG
2014-03-25 21:36 - 2013-11-14 22:27 - 00000000 ____D () C:\ProgramData\AVG2014
2014-03-25 21:01 - 2006-11-02 06:22 - 33554432 _____ () C:\Windows\system32\config\components_previous
2014-03-25 21:01 - 2006-11-02 06:22 - 00262144 _____ () C:\Windows\system32\config\default_previous
2014-03-25 19:36 - 2014-03-25 19:33 - 150518130 _____ () C:\Users\dan\Downloads\Windows6.0-KB947821-v33-x86.msu
2014-03-25 18:10 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-03-24 23:06 - 2014-03-24 00:01 - 00055680 _____ () C:\Windows\setupact.log
2014-03-24 00:43 - 2014-03-24 00:43 - 00095932 _____ () C:\Users\dan\Documents\ResultReport.html
2014-03-24 00:43 - 2014-03-24 00:43 - 00000000 ____D () C:\Users\dan\Documents\ResultReport_files
2014-03-24 00:24 - 2014-03-24 00:24 - 00280204 _____ () C:\Users\dan\Downloads\WindowsUpdateDiagnostic.diagcab
2014-03-24 00:01 - 2014-03-24 00:01 - 00000000 ____D () C:\Users\dan\AppData\Local\Microsoft Corporation
2014-03-24 00:01 - 2014-03-24 00:01 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-23 23:23 - 2014-03-23 23:23 - 00000000 ____D () C:\Program Files\Microsoft Windows 7 Upgrade Advisor
2014-03-23 22:43 - 2014-02-11 18:39 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2014-03-22 22:03 - 2014-02-14 22:03 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-22 22:03 - 2014-02-11 22:49 - 00000000 ____D () C:\Users\dan\Desktop\mbar
2014-03-22 20:08 - 2008-08-15 19:32 - 00000000 ____D () C:\Users\dan\Documents\My Google Gadgets
2014-03-22 17:19 - 2014-03-22 16:59 - 00000314 _____ () C:\Users\dan\Desktop\Support Tech.log
2014-03-22 16:33 - 2014-03-22 16:33 - 00000000 ____D () C:\Users\dan\Impostazioni locali
2014-03-22 15:59 - 2011-05-20 11:55 - 00000000 ____D () C:\Users\dan\AppData\Roaming\uTorrent
2014-03-22 15:59 - 2008-02-03 18:40 - 00000000 ____D () C:\Windows\Panther
2014-03-22 15:35 - 2014-03-22 15:35 - 00000000 ____D () C:\ProgramData\AMMYY
2014-03-22 14:42 - 2014-03-22 14:42 - 00000000 ____D () C:\Users\dan\AppData\Roaming\TeamViewer
2014-03-22 14:41 - 2014-03-22 14:41 - 05814000 _____ (TeamViewer GmbH) C:\Users\dan\Downloads\TeamViewer_Setup_en.exe
2014-03-22 00:47 - 2014-03-22 00:47 - 00000070 _____ () C:\Users\dan\Documents\Firefox Restore.txt
2014-03-20 22:16 - 2012-06-10 13:15 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-03-20 22:13 - 2014-02-11 18:39 - 00042272 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx86.sys

Some content of TEMP:
====================
C:\Users\dan\AppData\Local\Temp\ntdll_dump.dll
C:\Users\dan\AppData\Local\Temp\RHSetup.exe
C:\Users\dan\AppData\Local\Temp\UNINSTALL.exe
C:\Users\dan\AppData\Local\Temp\Wise_SETUP.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-11 19:29

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 14-04-2014
Ran by dan at 2014-04-14 20:07:39
Running from C:\Users\dan\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

32 Bit HP CIO Components Installer (Version: 2.1.0 - Hewlett-Packard) Hidden
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.0.4990 - Adobe Systems Inc.)
Adobe AIR (Version: 1.0.8.4990 - Adobe Systems Inc.) Hidden
Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader X (10.1.8) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.8 - Adobe Systems Incorporated)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AuthenTec Fingerprint Sensor Minimum Install (Version: 7.8.1.0 - AuthenTec, Inc.) Hidden
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4355 - AVG Technologies)
AVG 2014 (Version: 14.0.3882 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4355 - AVG Technologies) Hidden
AVG SafeGuard toolbar (HKLM\...\AVG SafeGuard toolbar) (Version: 18.0.5.292 - AVG Technologies)
biolsp patch (Version: 01.00.02.0005 - Wave Systems Corp) Hidden
BitPim 1.0.6 (HKLM\...\{FA61D601-A0FC-48BD-AE7A-54946BCD7FB6}_is1) (Version: 1.0.6 - Joe Pham <djpham@bitpim.org>)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom ASF Management Applications (HKLM\...\{27E25625-DB51-42E6-BEB7-0C8DC878770C}) (Version: 10.13.02 - Broadcom Corporation)
Broadcom Management Programs (HKLM\...\{C99C0593-3B48-41D9-B42F-6E035B320449}) (Version: 10.15.01 - Broadcom Corporation)
Browser Address Error Redirector (HKLM\...\{62230596-37E5-4618-A329-0D21F529A86F}) (Version: 1.00.0000 - Dell)
BufferChm (Version: 100.0.170.000 - Hewlett-Packard) Hidden
Conexant HDA D330 MDC V.92 Modem (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F) (Version: 7.74.00 - Conexant)
CustomerResearchQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
D2500 (Version: 100.0.206.000 - Hewlett-Packard) Hidden
D2500_Help (Version: 100.0.206.000 - Hewlett-Packard) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5971CA1F-6BDE-498F-952C-9F2BF94070A4}) (Version:  - Microsoft)
Dell Drivers MSI (Version: 01.00.00.0010 - Wave Systems Corp) Hidden
Dell Embassy Trust Suite by Wave Systems (Version: 02.01.00.026 - Wave Systems Corp) Hidden
Dell Getting Started Guide (HKLM\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: Version 7.1.101.6 - )
DeviceDiscovery (Version: 100.0.190.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Digital Line Detect (HKLM\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.21 - BVRP Software, Inc)
DJ_SF_03_D2500_ProductContext (Version: 100.0.215.000 - Hewlett-Packard) Hidden
DJ_SF_03_D2500_Software (Version: 100.0.206.000 - Hewlett-Packard) Hidden
DJ_SF_03_D2500_Software_Min (Version: 100.0.206.000 - Hewlett-Packard) Hidden
Document Manager Lite (Version: 06.06.00.066 - Your Company Name) Hidden
EDocs (HKLM\...\{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}) (Version:  - )
EMBASSY Security Center (Version: 03.06.00.031 - Wave Systems Corp) Hidden
EMBASSY Security Setup (Version: 03.06.00.027 - Wave Systems Corp) Hidden
EMBASSY Trust Suite by Wave Systems (HKLM\...\{F1802FA6-54E9-4B24-BD2A-B50866819795}) (Version: 02.01.01.25 - Wave Systems Corp)
ESC Home Page Plugin (Version: 03.01.00.018 - Wave Systems Corp) Hidden
eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
ffdshow (HKLM\...\ffdshow_is1) (Version: 1.0 - )
Gemalto (Version: 01.00.00.0010 - Wave Systems Corp) Hidden
GemSafe Standard Edition 5.1 (Version: 5.10.000.007 - GEMPLUS) Hidden
GMetrix SMS (HKLM\...\{958AAA08-5B3D-4E91-8B7C-E07175110416}) (Version: 3.2.1.3 - GMetrix LLC)
Google Chrome (HKCU\...\Google Chrome) (Version: 32.0.1700.107 - Google Inc.)
Google Talk Plugin (HKLM\...\{41101F0C-DBD9-321C-A6B1-E0689B495A4E}) (Version: 5.1.4.17398 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version:  - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
GoToMeeting 5.4.0.1082 (HKCU\...\GoToMeeting) (Version: 5.4.0.1082 - CitrixOnline)
GPBaseService (Version: 100.0.187.000 - Hewlett-Packard) Hidden
HiJackThis (HKLM\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
HP Customer Participation Program 10.0 (HKLM\...\HPExtendedCapabilities) (Version: 10.0 - HP)
HP Deskjet D2500 Printer Driver Software 10.0 Rel .3 (HKLM\...\{89998BCF-F415-468a-8282-CB042765A26F}) (Version: 10.0 - HP)
HP Imaging Device Functions 10.0 (HKLM\...\HP Imaging Device Functions) (Version: 10.0 - HP)
HP Photosmart All-In-One Driver Software 10.0 Rel .2 (HKLM\...\{86D3D561-D1FD-4d57-8395-20030467E0F9}) (Version: 10.0 - HP)
HP Photosmart Essential 2.5 (HKLM\...\HP Photosmart Essential) (Version: 2.5 - HP)
HP Photosmart Essential 2.5 (Version: 1.02.0000 - Hewlett-Packard) Hidden
HP Smart Web Printing (HKLM\...\HP Smart Web Printing) (Version: 3.5 - HP)
HP Solution Center 10.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 10.0 - HP)
HP Update (HKLM\...\{11B83AD3-7A46-4C2E-A568-9505981D4C6F}) (Version: 4.000.007.003 - Hewlett-Packard)
HPProductAssistant (Version: 100.0.170.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 100.0.170.000 - Hewlett-Packard) Hidden
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - )
Intel® PROSet/Wireless Software (HKLM\...\ProInst) (Version: 11.01.0000 - Intel Corporation)
iTunes (HKLM\...\{DF9C119C-7F26-45B9-93D4-7C372CBBBA11}) (Version: 11.1.0.126 - Apple Inc.)
Java 7 Update 11 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217011FF}) (Version: 7.0.110 - Oracle)
Java Auto Updater (Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
Java DB 10.3.1.4 (HKLM\...\{CD49361E-3FE6-457E-90A1-9C59E29B5D02}) (Version: 10.3.1.4 - Sun Microsystems, Inc)
Java™ 6 Update 5 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160050}) (Version: 1.6.0.50 - Sun Microsystems, Inc.)
Java™ 6 Update 7 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160070}) (Version: 1.6.0.70 - Sun Microsystems, Inc.)
Java™ SE Development Kit 6 Update 7 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0160070}) (Version: 1.6.0.70 - Sun Microsystems, Inc.)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
MarketResearch (Version: 100.0.170.000 - Hewlett-Packard) Hidden
mCore (Version: 9.24.0000 - Intel Corporation) Hidden
mHelp (Version: 9.24.0000 - Intel) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
mMHouse (Version: 9.24.0000 - Intel Corporation) Hidden
Modem Diagnostic Tool (HKLM\...\{294EAADF-E50F-4DD8-AD8D-19587EA10512}) (Version: 1.0.24.0 - Dell)
Mozilla Firefox 28.0 (x86 en-US) (HKLM\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
mPfMgr (Version: 9.24.0000 - Intel Corporation) Hidden
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
mWMI (Version: 9.24.0000 - Intel Corporation) Hidden
NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.53 - BVRP Software, Inc)
NTRU TCG Software Stack (Version: 2.1.25 - NTRU Cryptosystems) Hidden
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.0 - Dell)
Preboot Manager (Version: 2.0.1.2 - Wave Systems Corp.) Hidden
Private Information Manager (Version: 06.01.00.023 - Your Company Name) Hidden
PS_AIO_02_Software_Min (Version: 100.0.206.000 - Hewlett-Packard) Hidden
PSSWCORE (Version: 2.02.0000 - Hewlett-Packard) Hidden
QuickSet (HKLM\...\{4B6AD248-D3BF-426A-8D64-847288154F13}) (Version: 8.2.20 - Dell Inc.)
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Revo Uninstaller Pro 2.5.7 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 2.5.7 - VS Revo Group, Ltd.)
Scan (Version: 10.1.0.0 - Hewlett-Packard) Hidden
Secure Update (Version: 05.04.00.010 - Your Company Name) Hidden
Security Wizards (Version: 01.04.00.014 - Your Company Name) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version:  - Microsoft) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 10.0 - HP)
SmartWebPrintingOC (Version: 100.0.189.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 100.0.175.000 - Hewlett-Packard) Hidden
StarCraft II (HKLM\...\StarCraft II) (Version: 1.4.2.20141 - Blizzard Entertainment)
Status (Version: 100.0.175.000 - Hewlett-Packard) Hidden
Toolbox (Version: 100.0.170.000 - Hewlett-Packard) Hidden
TrayApp (Version: 100.0.170.000 - Hewlett-Packard) Hidden
UnloadSupport (Version: 10.0.0 - Hewlett-Packard) Hidden
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2553444) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{799005D3-9B70-4219-AFE0-BC479614CC4D}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
upekmsi (Version: 02.00.03.0000 - Wave Systems Corp) Hidden
VideoToolkit01 (Version: 100.0.128.000 - Hewlett-Packard) Hidden
Vista Profile Pack (HKLM\...\{D31FB582-86AE-4A05-BFC1-5C5CA944E234}) (Version: 2.0.13.0 - CSR plc)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.1 (HKLM\...\VLC media player) (Version: 2.0.1 - VideoLAN)
VTnet 2008 (Version: 1.00.000 - Virginia Tech) Hidden
Wave Infrastructure Installer (Version: 05.00.01.0050 - Wave Systems Corp) Hidden
Wave Support Software (Version: 05.07.00.026 - Wave Systems Corp) Hidden
WebReg (Version: 100.0.170.000 - Hewlett-Packard) Hidden
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Wise Registry Cleaner 8.03 (HKLM\...\Wise Registry Cleaner_is1) (Version: 8.03 - WiseCleaner.com, Inc.)

==================== Restore Points  =========================

22-03-2014 20:07:36 e-tech
11-04-2014 23:13:59 DanRestore

==================== Hosts content: ==========================

2006-11-02 06:23 - 2014-04-04 23:05 - 00000741 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1    localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0CAB7B68-718C-40E0-B83B-89DDF7007DC8} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => Rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries
Task: {155723BA-60E2-4354-93AF-84EAC8D3C2D8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-20] ()
Task: {22E1772E-7DFE-4C5F-841F-1C93FD5D82A4} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {2DD759FD-2B71-4AAA-AE1C-F257E10DC282} - System32\Tasks\BrowserSafeguard Update Task => C:\Program Files\Browsersafeguard\uninstall.BrowserSafeguard.exe <==== ATTENTION
Task: {2DE18FE4-6467-484F-8431-206702EC5546} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-20] (Microsoft Corporation)
Task: {2E5B7D97-F14C-4CFF-864E-620AABA892D1} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {31E38614-0AD8-4BED-B2BC-09A267D98F1E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-770198754-1453134297-1611020973-1000UA => C:\Users\dan\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-04] (Google Inc.)
Task: {4D72741E-769C-45DB-8604-CB8EBDADAA29} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {61CF8A3F-9896-4B91-A81A-FE18DB3B32C1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-770198754-1453134297-1611020973-1000Core => C:\Users\dan\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-04] (Google Inc.)
Task: {70657513-9E70-4EF6-AC2F-0F396A78DF02} - System32\Tasks\PDVDDXSrv.exe_0604410350 => C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [2008-02-26] (CyberLink Corp.)
Task: {A44A24C0-25D5-4D5E-A083-8628B1F697C6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {B78A30A4-0C19-4C1B-AC84-798C5A299417} - System32\Tasks\checknews => Wscript.exe C:\VT-SecureTools\CheckNews.vbs
Task: {E9FE4B69-5329-471F-B4D6-1DB501918D8A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-770198754-1453134297-1611020973-1000Core.job => C:\Users\dan\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-770198754-1453134297-1611020973-1000UA.job => C:\Users\dan\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2007-04-25 11:55 - 2007-04-25 11:55 - 01167360 _____ () C:\Program Files\Intel\Wireless\Bin\acAuth.dll
2007-07-25 17:25 - 2007-07-25 17:25 - 00118784 _____ () C:\Program Files\Intel\Wireless\Bin\IWMSPROV.DLL
2011-11-02 00:26 - 2011-11-02 00:26 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-11-02 00:26 - 2011-11-02 00:26 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 16:45 - 2010-10-20 16:45 - 08801120 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2007-09-10 10:53 - 2007-09-10 10:53 - 00262144 _____ () C:\Windows\system32\wxvault.dll
2014-02-11 18:38 - 2014-03-20 22:13 - 01603608 _____ () C:\Program Files\AVG SafeGuard toolbar\TBAPI.dll
2014-03-18 20:50 - 2014-03-18 20:50 - 03642480 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-03-12 00:10 - 2014-03-12 00:10 - 16276872 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\dan\Downloads\supercastlevania4-timeattack-philandgenisto.avi:TOC.WMV

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Dell Wireless 360 Bluetooth Module
Description: Dell Wireless 360 Bluetooth Module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Dell
Service: BTHUSB
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/14/2014 07:55:11 PM) (Source: MsiInstaller) (User: dan-PC)
Description: Product: Google Talk Plugin -- Error 1402. Could not open key: HKEY_CURRENT_USER\Software\Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\VersionIndependentProgID.  System error 5.  Verify that you have sufficient access to that key, or contact your support personnel.

Error: (04/14/2014 06:29:35 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5818

Error: (04/14/2014 06:29:35 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5818

Error: (04/14/2014 06:29:35 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/14/2014 06:29:34 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4804

Error: (04/14/2014 06:29:34 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4804

Error: (04/14/2014 06:29:34 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/14/2014 06:29:33 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3728

Error: (04/14/2014 06:29:33 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3728

Error: (04/14/2014 06:29:33 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (04/13/2014 05:10:11 PM) (Source: BTHUSB) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.

Error: (04/11/2014 07:23:49 PM) (Source: Service Control Manager) (User: )
Description: HP CUE DeviceDiscovery Service

Error: (04/11/2014 07:22:24 PM) (Source: Service Control Manager) (User: )
Description: NTRU TSS v1.2.1.25 TCSTPM Base Services%%0

Error: (04/11/2014 07:22:02 PM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueueKerberos

Error: (04/11/2014 07:17:48 PM) (Source: Service Control Manager) (User: )
Description: Dell Internal Network Card Power Management1

Error: (04/11/2014 06:54:30 PM) (Source: Service Control Manager) (User: )
Description: Windows Driver Foundation - User-mode Driver Framework11200001Restart the service

Error: (04/11/2014 06:54:30 PM) (Source: Service Control Manager) (User: )
Description: Portable Device Enumerator Service11200001Restart the service

Error: (04/11/2014 06:54:30 PM) (Source: Service Control Manager) (User: )
Description: WLAN AutoConfig11200001Restart the service

Error: (04/11/2014 06:54:30 PM) (Source: Service Control Manager) (User: )
Description: Diagnostic System Host1

Error: (04/11/2014 06:54:30 PM) (Source: Service Control Manager) (User: )
Description: Desktop Window Manager Session Manager11200001Restart the service


Microsoft Office Sessions:
=========================
Error: (04/14/2014 07:55:11 PM) (Source: MsiInstaller)(User: dan-PC)
Description: Product: Google Talk Plugin -- Error 1402. Could not open key: HKEY_CURRENT_USER\Software\Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\VersionIndependentProgID.  System error 5.  Verify that you have sufficient access to that key, or contact your support personnel. (NULL)(NULL)(NULL)(NULL)

Error: (04/14/2014 06:29:35 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5818

Error: (04/14/2014 06:29:35 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5818

Error: (04/14/2014 06:29:35 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/14/2014 06:29:34 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4804

Error: (04/14/2014 06:29:34 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4804

Error: (04/14/2014 06:29:34 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/14/2014 06:29:33 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3728

Error: (04/14/2014 06:29:33 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3728

Error: (04/14/2014 06:29:33 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


CodeIntegrity Errors:
===================================
  Date: 2014-04-14 20:07:17.352
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-14 20:07:17.203
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-14 20:07:17.053
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-14 20:07:16.905
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-14 20:07:16.742
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-14 20:07:16.584
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-14 20:07:16.365
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-14 20:07:16.195
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-14 20:07:14.873
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-14 20:07:14.653
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 59%
Total physical RAM: 3573.05 MB
Available physical RAM: 1438.96 MB
Total Pagefile: 7438.75 MB
Available Pagefile: 4973.69 MB
Total Virtual: 2047.88 MB
Available Virtual: 1933.93 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:146.95 GB) (Free:36.17 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:2 GB) (Free:1.11 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149 GB) (Disk ID: B8000000)

Partition: GPT Partition Type.

==================== End Of Log ============================



#14 whistler38

whistler38
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:05 PM

Posted 14 April 2014 - 07:29 PM

First half of TDDS Kiler Log, no threats found:

 

20:10:44.0573 0x23fc  TDSS rootkit removing tool 3.0.0.31 Apr 11 2014 08:55:10
20:10:55.0233 0x23fc  ============================================================
20:10:55.0233 0x23fc  Current date / time: 2014/04/14 20:10:55.0233
20:10:55.0233 0x23fc  SystemInfo:
20:10:55.0233 0x23fc  
20:10:55.0233 0x23fc  OS Version: 6.0.6001 ServicePack: 1.0
20:10:55.0233 0x23fc  Product type: Workstation
20:10:55.0234 0x23fc  ComputerName: DAN-PC
20:10:55.0234 0x23fc  UserName: dan
20:10:55.0234 0x23fc  Windows directory: C:\Windows
20:10:55.0234 0x23fc  System windows directory: C:\Windows
20:10:55.0234 0x23fc  Processor architecture: Intel x86
20:10:55.0234 0x23fc  Number of processors: 2
20:10:55.0234 0x23fc  Page size: 0x1000
20:10:55.0234 0x23fc  Boot type: Normal boot
20:10:55.0234 0x23fc  ============================================================
20:10:55.0614 0x23fc  KLMD registered as C:\Windows\system32\drivers\34131747.sys
20:10:55.0756 0x23fc  System UUID: {23EF0FB1-2D0F-1F29-68FB-D7A2EBDD984A}
20:10:56.0285 0x23fc  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:10:56.0286 0x23fc  ============================================================
20:10:56.0286 0x23fc  \Device\Harddisk0\DR0:
20:10:56.0287 0x23fc  MBR partitions:
20:10:56.0287 0x23fc  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x33000, BlocksNum 0x400000
20:10:56.0287 0x23fc  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x433000, BlocksNum 0x125E6000
20:10:56.0287 0x23fc  ============================================================
20:10:56.0323 0x23fc  C: <-> \Device\Harddisk0\DR0\Partition2
20:10:56.0347 0x23fc  D: <-> \Device\Harddisk0\DR0\Partition1
20:10:56.0347 0x23fc  ============================================================
20:10:56.0347 0x23fc  Initialize success
20:10:56.0347 0x23fc  ============================================================
20:11:37.0945 0x2b80  ============================================================
20:11:37.0945 0x2b80  Scan started
20:11:37.0945 0x2b80  Mode: Manual;
20:11:37.0945 0x2b80  ============================================================
20:11:37.0946 0x2b80  KSN ping started
20:11:51.0443 0x2b80  KSN ping finished: true
20:11:51.0919 0x2b80  ================ Scan system memory ========================
20:11:51.0919 0x2b80  System memory - ok
20:11:51.0920 0x2b80  ================ Scan services =============================
20:11:52.0107 0x2b80  [ FCB8C7210F0135E24C6580F7F649C73C, 7E5E3D0B4F4BD418E6CC551850C672E1AF347CBB2E665B6F72638786CE5079C5 ] ACPI            C:\Windows\system32\drivers\acpi.sys
20:11:52.0116 0x2b80  ACPI - ok
20:11:52.0253 0x2b80  [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:11:52.0257 0x2b80  AdobeARMservice - ok
20:11:52.0331 0x2b80  [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:11:52.0341 0x2b80  AdobeFlashPlayerUpdateSvc - ok
20:11:52.0400 0x2b80  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
20:11:52.0414 0x2b80  adp94xx - ok
20:11:52.0437 0x2b80  [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
20:11:52.0449 0x2b80  adpahci - ok
20:11:52.0472 0x2b80  [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
20:11:52.0477 0x2b80  adpu160m - ok
20:11:52.0506 0x2b80  [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
20:11:52.0513 0x2b80  adpu320 - ok
20:11:52.0559 0x2b80  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:11:52.0561 0x2b80  AeLookupSvc - ok
20:11:52.0609 0x2b80  [ 48EB99503533C27AC6135648E5474457, 344A83008F41AAC3CDFC52EFC4F2EFF441971C58182597D2FBED315B3FC62137 ] AFD             C:\Windows\system32\drivers\afd.sys
20:11:52.0618 0x2b80  AFD - ok
20:11:52.0655 0x2b80  [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440          C:\Windows\system32\drivers\agp440.sys
20:11:52.0659 0x2b80  agp440 - ok
20:11:52.0689 0x2b80  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
20:11:52.0693 0x2b80  aic78xx - ok
20:11:52.0723 0x2b80  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
20:11:52.0727 0x2b80  ALG - ok
20:11:52.0745 0x2b80  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91, 0EADB6AE21FEDAB55D41F41B638198B556CC2BE2EE57F6C8B40EB044A318319F ] aliide          C:\Windows\system32\drivers\aliide.sys
20:11:52.0747 0x2b80  aliide - ok
20:11:52.0775 0x2b80  [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
20:11:52.0779 0x2b80  amdagp - ok
20:11:52.0799 0x2b80  [ 9B78A39A4C173FDBC1321E0DD659B34C, 2CA66EB68AD7A317D91C13B8CFD4E8CA985926A610D19595B613F5553B145C7B ] amdide          C:\Windows\system32\drivers\amdide.sys
20:11:52.0801 0x2b80  amdide - ok
20:11:52.0823 0x2b80  [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
20:11:52.0827 0x2b80  AmdK7 - ok
20:11:52.0840 0x2b80  [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
20:11:52.0844 0x2b80  AmdK8 - ok
20:11:52.0894 0x2b80  [ 587CA72709DD93942422F40A9B046DD8, 40EBBBB442E508A3F2B2A4D9D8D6DDC4C9943F074D426CEDBDD73DA84C4CB9E9 ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
20:11:52.0902 0x2b80  ApfiltrService - ok
20:11:52.0951 0x2b80  [ C6D704C7F0434DC791AAC37CAC4B6E14, 35CF7D1895F97637E0C678A39F3049B871BCA9526D379C7793ED33B87D2EAC4C ] Appinfo         C:\Windows\System32\appinfo.dll
20:11:52.0954 0x2b80  Appinfo - ok
20:11:53.0018 0x2b80  [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:11:53.0023 0x2b80  Apple Mobile Device - ok
20:11:53.0086 0x2b80  [ C56DED3FE618C8BAE1AAAF4E801CCB3E, 342E9A6E07E7A14C72097A612E6968E8C0CFBBF8FA310DCA7C6CC1711061AE9D ] AppMgmt         C:\Windows\System32\appmgmts.dll
20:11:53.0095 0x2b80  AppMgmt - ok
20:11:53.0138 0x2b80  [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc             C:\Windows\system32\drivers\arc.sys
20:11:53.0144 0x2b80  arc - ok
20:11:53.0171 0x2b80  [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
20:11:53.0177 0x2b80  arcsas - ok
20:11:53.0219 0x2b80  [ 7591238EBF7DD1FD13B353C382227DC3, 905AE64D7BC1EDD78BE4C99D859B2ACB80A293D58C741D3F2CD1BD42E3C90316 ] ASFIPmon        C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
20:11:53.0227 0x2b80  ASFIPmon - ok
20:11:53.0259 0x2b80  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:11:53.0262 0x2b80  AsyncMac - ok
20:11:53.0277 0x2b80  [ 2D9C903DC76A66813D350A562DE40ED9, 82609F01A08C6842E4C17C077BB641C1429C0E6657964B7F2D114035E1BDCBF3 ] atapi           C:\Windows\system32\drivers\atapi.sys
20:11:53.0280 0x2b80  atapi - ok
20:11:53.0335 0x2b80  [ 42076E29AAFA0830A2C5D4E310F58DD1, 13BB794C09BB602AECF53DB8147677159DC154E994FFEAE89C0298BD65FA9C7B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:11:53.0345 0x2b80  AudioEndpointBuilder - ok
20:11:53.0356 0x2b80  [ 42076E29AAFA0830A2C5D4E310F58DD1, 13BB794C09BB602AECF53DB8147677159DC154E994FFEAE89C0298BD65FA9C7B ] Audiosrv        C:\Windows\System32\Audiosrv.dll
20:11:53.0362 0x2b80  Audiosrv - ok
20:11:53.0424 0x2b80  [ B4A79941AB02993E43A6C2248CE932FD, 250A4F35CC366FA65A918C9EDDA1E278CA20AC77412EDAD716A2BB1BF07DB7B8 ] Avgdiskx        C:\Windows\system32\DRIVERS\avgdiskx.sys
20:11:53.0429 0x2b80  Avgdiskx - ok
20:11:53.0802 0x2b80  [ 9D5EA7BD5E29F404CD158AED17B40A15, BC38F90AD8BBB51C27D9D325E400DF10B8A8BE34A497A7207F2E73E46E9AB3EE ] AVGIDSAgent     C:\Program Files\AVG\AVG2014\avgidsagent.exe
20:11:54.0142 0x2b80  AVGIDSAgent - ok
20:11:54.0203 0x2b80  [ 92CA68E3361576420C43FC33C47DECF7, 33C566F5327737CA1EFBFC5369372AED088A103CE18CDD352D10DDF2841A40A2 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdriverx.sys
20:11:54.0210 0x2b80  AVGIDSDriver - ok
20:11:54.0253 0x2b80  [ 4D792ED58F49235704E580C34391CFF5, 368B882052B75B6FE147A3EC0873A50FC6A9E96E8298EAA50186FD259FEE5E34 ] AVGIDSHX        C:\Windows\system32\DRIVERS\avgidshx.sys
20:11:54.0258 0x2b80  AVGIDSHX - ok
20:11:54.0269 0x2b80  [ 18B3FFED808F032E037ED7F54A838053, 488FBA275B7B0B97E4372EA1BDFBB53238B0BF201DF004CC8FCDA82A0A0105DD ] AVGIDSShim      C:\Windows\system32\DRIVERS\avgidsshimx.sys
20:11:54.0272 0x2b80  AVGIDSShim - ok
20:11:54.0296 0x2b80  [ 578ECC3D911897B2C5B760EDAF8ED6CA, 99CAACB349C8629D4BE6070BDBFB0BDB4A13ABFFF738F04D723D2AFE7EA58894 ] Avgldx86        C:\Windows\system32\DRIVERS\avgldx86.sys
20:11:54.0303 0x2b80  Avgldx86 - ok
20:11:54.0325 0x2b80  [ BD1A440B9F126AFE52978A44952B0018, 83577249AACC3F0C655C27A471739113B2086BFC1FF15D0ED7E64B0215B739DB ] Avglogx         C:\Windows\system32\DRIVERS\avglogx.sys
20:11:54.0342 0x2b80  Avglogx - ok
20:11:54.0367 0x2b80  [ 7DC192EC714342E7C020C7CF42E394D8, 09F4CFFD93067E62B09C550A7A0588E90CAD190E49E1B7082FC5A949AF389781 ] Avgmfx86        C:\Windows\system32\DRIVERS\avgmfx86.sys
20:11:54.0372 0x2b80  Avgmfx86 - ok
20:11:54.0407 0x2b80  [ E6322DF686CE1C59D7797FAEF0732454, 03534F19568B421F9BE9C99A7A5302D38FCABA26E95C49A492DA49E58A918B55 ] Avgrkx86        C:\Windows\system32\DRIVERS\avgrkx86.sys
20:11:54.0409 0x2b80  Avgrkx86 - ok
20:11:54.0436 0x2b80  [ E98603F9D1F412F38ADF2F76053F9E5A, 1CE4668E0202ADD8C4C3D7D883DC837F7888F5D6E3B6FEE8338E15A86FE6AC22 ] Avgtdix         C:\Windows\system32\DRIVERS\avgtdix.sys
20:11:54.0443 0x2b80  Avgtdix - ok
20:11:54.0470 0x2b80  [ 06AEB065AC25A2CFF80E1DF0303EC55B, EE913D669741B3F844AFEEFCF232D2D2C94081BCB39F79D81D7A7133DBC57252 ] avgtp           C:\Windows\system32\drivers\avgtpx86.sys
20:11:54.0473 0x2b80  avgtp - ok
20:11:54.0519 0x2b80  [ B747B6BB015E552F49C634BB19540F3D, 5000AD41BD101BC06D595484B6E58DEEBB962939ACF4B24DE515771D1C4AE3ED ] avgwd           C:\Program Files\AVG\AVG2014\avgwdsvc.exe
20:11:54.0531 0x2b80  avgwd - ok
20:11:54.0575 0x2b80  [ 0B92CCF7BFCBE2B33838434F2F50CB61, 021FE5FA53F9208A19B737D1F8F3ED835BB68CE23E4EEDB2CB4F3E433985F9B6 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
20:11:54.0582 0x2b80  b57nd60x - ok
20:11:54.0607 0x2b80  [ 5C68AC6F3E5B3E6D6A78E97D05E42C3A, D783A4094F338CA0BB4E04EC918B157DDDE21291D58508A17BB6359893841340 ] BASFND          C:\Program Files\Broadcom\ASFIPMon\BASFND.sys
20:11:54.0610 0x2b80  BASFND - ok
20:11:54.0647 0x2b80  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:11:54.0649 0x2b80  Beep - ok
20:11:54.0701 0x2b80  [ 8582E233C346AEFE759833E8A30DD697, 2B0A4FB7F0C3256A5003821634DFA04BA8C3FBB46E942E8BC5D114AF8D1E5354 ] BFE             C:\Windows\System32\bfe.dll
20:11:54.0714 0x2b80  BFE - ok
20:11:54.0795 0x2b80  [ 02ED7B4DBC2A3232A389106DA7515C3D, 0DFCD03CB967D1A980D56124603F353DC1D800E3A5E436EEE95C65FDE17398CF ] BITS            C:\Windows\System32\qmgr.dll
20:11:54.0838 0x2b80  BITS - ok
20:11:54.0867 0x2b80  [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
20:11:54.0871 0x2b80  blbdrive - ok
20:11:54.0933 0x2b80  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:11:54.0961 0x2b80  Bonjour Service - ok
20:11:54.0998 0x2b80  [ 8153396D5551276227FA146900F734E6, 0AE06774162D542D9E95246B7112A40D7C463EF331B4F56C9CF8AD99A0341E38 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:11:55.0003 0x2b80  bowser - ok
20:11:55.0027 0x2b80  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
20:11:55.0030 0x2b80  BrFiltLo - ok
20:11:55.0047 0x2b80  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
20:11:55.0049 0x2b80  BrFiltUp - ok
20:11:55.0078 0x2b80  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
20:11:55.0082 0x2b80  Browser - ok
20:11:55.0113 0x2b80  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
20:11:55.0116 0x2b80  Brserid - ok
20:11:55.0135 0x2b80  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
20:11:55.0139 0x2b80  BrSerWdm - ok
20:11:55.0168 0x2b80  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
20:11:55.0170 0x2b80  BrUsbMdm - ok
20:11:55.0183 0x2b80  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
20:11:55.0185 0x2b80  BrUsbSer - ok
20:11:55.0223 0x2b80  [ E5145A9DEC2A863DE262D40EFF7D793A, 020BC017E776D8957BFC303380047AF37F6EEEC0BCDE1214AE59EDB3102B0533 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
20:11:55.0225 0x2b80  BthEnum - ok
20:11:55.0241 0x2b80  [ 43C96C1AC278BC22E7799C23405635A0, E7894CEE3E2F87707963A01FB271C3E2508AE92854D0F411C266C239E652ED81 ] BTHFILT         C:\Windows\system32\DRIVERS\BthFilt.sys
20:11:55.0243 0x2b80  BTHFILT - ok
20:11:55.0299 0x2b80  [ D8ABBCB42C550FD3A29DEC6DAABD0A87, 297B7390963B78EBC166668E1D110983CA5A4F071027CA07EA48997F7EA5FD9C ] BthFilterHelper C:\Program Files\CSR\Vista Profile Pack\BthFilterHelper.exe
20:11:55.0305 0x2b80  BthFilterHelper - ok
20:11:55.0340 0x2b80  [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
20:11:55.0342 0x2b80  BTHMODEM - ok
20:11:55.0376 0x2b80  [ 5904EFA25F829BF84EA6FB045134A1D8, 66E4160CC404744576BA6E9DD606B533F42B3D4A3E2FDD457DAA016CC72A81CC ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
20:11:55.0380 0x2b80  BthPan - ok
20:11:55.0416 0x2b80  [ 9F299C5274672900591E7C616D725F56, 825A423AF1630D3D93E9FC8624D3DAE06B61E183DDD636C673F191806483DFFF ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
20:11:55.0437 0x2b80  BTHPORT - ok
20:11:55.0458 0x2b80  [ 58EE7F5E68310BC8D4E7CEBD8358C12E, 2EBA4A861E2C2AA56016DD8F5AE7C969BF515EF1B3E153F97F1E48E0983F17BB ] BthServ         C:\Windows\System32\bthserv.dll
20:11:55.0461 0x2b80  BthServ - ok
20:11:55.0476 0x2b80  [ 31C9453DF130B4B89EAFCDC97319CCC2, 204FC25D87C12C8DBD9E502D55E60B970B25A94EDF90DF43570A3BFEE74905D5 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
20:11:55.0478 0x2b80  BTHUSB - ok
20:11:55.0520 0x2b80  [ 248DFA5762DDE38DFDDBBD44149E9D7A, D696D5698B7B5B331A6ED39172015349685450D10F63B1E4D4112199198FA5C7 ] BVRPMPR5        C:\Windows\system32\drivers\BVRPMPR5.SYS
20:11:55.0523 0x2b80  BVRPMPR5 - ok
20:11:55.0550 0x2b80  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:11:55.0554 0x2b80  cdfs - ok
20:11:55.0569 0x2b80  [ 1EC25CEA0DE6AC4718BF89F9E1778B57, 019E12C30E7A395259F3906EC55AFF86949CFDBB443060208C8B91B9EB7F9FB7 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
20:11:55.0573 0x2b80  cdrom - ok
20:11:55.0609 0x2b80  [ 87C2D0377B23E2D8A41093C2F5FB1A5B, 94725CD764318461A1163FCD1B507B92490C5F52CB5089E6C7245FD91F2D1D05 ] CertPropSvc     C:\Windows\System32\certprop.dll
20:11:55.0612 0x2b80  CertPropSvc - ok
20:11:55.0644 0x2b80  [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass        C:\Windows\system32\drivers\circlass.sys
20:11:55.0646 0x2b80  circlass - ok
20:11:55.0673 0x2b80  [ 465745561C832B29F7C48B488AAB3842, B631C61FBF6E2641FED7C4CFC1B179D19143B04CF76DCF48A9C7582E756FFD8C ] CLFS            C:\Windows\system32\CLFS.sys
20:11:55.0681 0x2b80  CLFS - ok
20:11:55.0755 0x2b80  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:11:55.0773 0x2b80  clr_optimization_v2.0.50727_32 - ok
20:11:55.0868 0x2b80  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:11:55.0884 0x2b80  clr_optimization_v4.0.30319_32 - ok
20:11:55.0917 0x2b80  [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
20:11:55.0919 0x2b80  CmBatt - ok
20:11:55.0944 0x2b80  [ 0CA25E686A4928484E9FDABD168AB629, C2CB2333CAB40CDF93219870E66700F957188C86A1B1A004BC4652953091E5C5 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
20:11:55.0946 0x2b80  cmdide - ok
20:11:55.0975 0x2b80  [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
20:11:55.0977 0x2b80  Compbatt - ok
20:11:55.0980 0x2b80  COMSysApp - ok
20:11:55.0998 0x2b80  [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
20:11:56.0000 0x2b80  crcdisk - ok
20:11:56.0014 0x2b80  [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
20:11:56.0017 0x2b80  Crusoe - ok
20:11:56.0044 0x2b80  [ 6DE363F9F99334514C46AEC02D3E3678, FF403B8A4D7D6B3D2F23E2711D1353CFB0C748AD7D7927CF5DFBD99CD169D826 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:11:56.0050 0x2b80  CryptSvc - ok
20:11:56.0084 0x2b80  [ 9A5434125C3DFE42393DE4BBB791BD19, 29BEE511299FD95B41489721E73677A71AB264E537A16A287253A8FEFC9CB4C8 ] CSC             C:\Windows\system32\drivers\csc.sys
20:11:56.0101 0x2b80  CSC - ok
20:11:56.0130 0x2b80  [ CB1D480676229A09EEF1DD4D23C5EDF3, BD11777709F67294D79AE644C5572BC34DA364C306FECA9352FCB8539E121D8E ] CscService      C:\Windows\System32\cscsvc.dll
20:11:56.0144 0x2b80  CscService - ok
20:11:56.0179 0x2b80  [ 8E1945984E147562F9F08E1D344A69CC, 2848787EA71B54E5D9EBE2D8B3F7F37986157AC3483FA4970144117C4DA7EBC3 ] CSRBC           C:\Windows\system32\Drivers\csrbcxp.sys
20:11:56.0181 0x2b80  CSRBC - ok
20:11:56.0233 0x2b80  [ F7D785BA9D167BDB0B9B19F79B220ACA, 9F94811FD2130FAA8A3BB78E6B81C64690DD01ECC70CE600FBA306A9CADC8DEE ] DCamUSBEMPIA    C:\Windows\system32\DRIVERS\emDevice.sys
20:11:56.0252 0x2b80  DCamUSBEMPIA - ok
20:11:56.0328 0x2b80  [ 301AE00E12408650BADDC04DBC832830, 405A392B83942A17F1EB78943C3A3046B5451EA8CB0082A53571CCC0609275A2 ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:11:56.0343 0x2b80  DcomLaunch - ok
20:11:56.0357 0x2b80  [ A3E9FA213F443AC77C7746119D13FEEC, 479B349BFC811D20572C09C4A2228C3880F8F3B4B4BA5F4E56600C7EF583DE7B ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:11:56.0368 0x2b80  DfsC - ok
20:11:56.0619 0x2b80  [ FA3463F25F9CC9C3BCF1E7912FEFF099, 8CFA0F1DFD975ED877B303EB55BE52B0B1EC2B20FEC36820121A0F5E046E0032 ] DFSR            C:\Windows\system32\DFSR.exe
20:11:56.0721 0x2b80  DFSR - ok
20:11:56.0773 0x2b80  [ 43A988A9C10333476CB5FB667CBD629D, 7E0DD57E75A50E3671673876631A1E66A4AC16810418BEC1AC2143DFD331F389 ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
20:11:56.0782 0x2b80  Dhcp - ok
20:11:56.0806 0x2b80  [ 64109E623ABD6955C8FB110B592E68B7, 964F456EF44F9AE836B8CAB438FEB18303B2548A2B7D85FEBD72F4F80127B0EE ] disk            C:\Windows\system32\drivers\disk.sys
20:11:56.0809 0x2b80  disk - ok
20:11:56.0841 0x2b80  [ 4805D9A6D281C7A7DEFD9094DEC6AF7D, 473A5F1C4E795BD6B6DDB32ECB04BA8BF238AA5FBC67FC5D8D8F749464ED0AE9 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:11:56.0846 0x2b80  Dnscache - ok
20:11:56.0878 0x2b80  [ 5AF620A08C614E24206B79E8153CF1A8, 5BB32FF3C9A5C51C2773F0ECF9647749667F4678EF3C75FEB4420EC6C805913E ] dot3svc         C:\Windows\System32\dot3svc.dll
20:11:56.0886 0x2b80  dot3svc - ok
20:11:56.0925 0x2b80  [ 4F59C172C094E1A1D46463A8DC061CBD, CE09A4ED1F8BA6242E152C384AFF5C3C95FBB8556DAE23765272F13BF158D8F9 ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
20:11:56.0931 0x2b80  Dot4 - ok
20:11:56.0948 0x2b80  [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5, 69BB5B07D03FA9F28591012F2AA4A583D3F086644C136D63A56D1A827121CC19 ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
20:11:56.0950 0x2b80  Dot4Print - ok
20:11:56.0963 0x2b80  [ C55004CA6B419B6695970DFE849B122F, 6E0C4A9E24DD09E9389E097AF63E7F5040A0658DDCEBBE963968B7118CFE9AB8 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
20:11:56.0965 0x2b80  dot4usb - ok
20:11:56.0989 0x2b80  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
20:11:56.0996 0x2b80  DPS - ok
20:11:57.0032 0x2b80  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:11:57.0045 0x2b80  drmkaud - ok
20:11:57.0088 0x2b80  [ 85F33880B8CFB554BD3D9CCDB486845A, 2D120F94800AEB886D4BA2A45FE2454EBB1FAC3E57BDE552737EBDE7EF8899CF ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:11:57.0114 0x2b80  DXGKrnl - ok
20:11:57.0149 0x2b80  [ 908ED85B7806E8AF3AF5E9B74F7809D4, 9A763D247035578A946094D2C1CE8204E6EDFFD7237C7BF2058B5F4ECC0306E0 ] e1express       C:\Windows\system32\DRIVERS\e1e6032.sys
20:11:57.0156 0x2b80  e1express - ok
20:11:57.0188 0x2b80  [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
20:11:57.0193 0x2b80  E1G60 - ok
20:11:57.0221 0x2b80  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
20:11:57.0235 0x2b80  EapHost - ok
20:11:57.0267 0x2b80  [ DD2CD259D83D8B72C02C5F2331FF9D68, 07E758A414442FEAFE55FB28842D960971553DB16C31D5791FDD0843CBF5E2B4 ] Ecache          C:\Windows\system32\drivers\ecache.sys
20:11:57.0273 0x2b80  Ecache - ok
20:11:57.0309 0x2b80  [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
20:11:57.0326 0x2b80  elxstor - ok
20:11:57.0394 0x2b80  [ 70B1A86DF0C8EAD17D2BC332EDAE2C7C, 80385AC32CE8388F06341AA4A880F68E0EB5815CCCA5CF8E799846F472DCE360 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
20:11:57.0428 0x2b80  EMDMgmt - ok
20:11:57.0442 0x2b80  [ 3DB974F3935483555D7148663F726C61, C288CFC04213B0340ABEC752C0A7B308B29122B5F51E68387BA1D9E9D7166FDD ] ErrDev          C:\Windows\system32\drivers\errdev.sys
20:11:57.0444 0x2b80  ErrDev - ok
20:11:57.0493 0x2b80  [ 3CB3343D720168B575133A0A20DC2465, B356938AC3D9CE833A2C0EBFAA548CDB6B68BEDDB2CCA80222E508BD978FB26B ] EventSystem     C:\Windows\system32\es.dll
20:11:57.0505 0x2b80  EventSystem - ok
20:11:57.0601 0x2b80  [ E71B03FF6B819AE1A286AA27E956D523, DE0FA75125A2BD33F422C49E258B4BE0BC44EA4D8A28303A902FDCDBC6D808F2 ] EvtEng          C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
20:11:57.0644 0x2b80  EvtEng - ok
20:11:57.0675 0x2b80  [ 0D858EB20589A34EFB25695ACAA6AA2D, E5C891D8971173D78194176CB38C0D62C1245C71E04DD94EC742A69C2925F843 ] exfat           C:\Windows\system32\drivers\exfat.sys
20:11:57.0681 0x2b80  exfat - ok
20:11:57.0705 0x2b80  [ 3C489390C2E2064563727752AF8EAB9E, BF528F6D4718AC160C103FD89496C6B7BABED7A17A6BD4222D684AF22FE21A49 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:11:57.0712 0x2b80  fastfat - ok
20:11:57.0770 0x2b80  [ DFBA0F60FA301E5B1BFB1403A93EE23E, 727A01AA77BFD6B6FEB394A4C4CCBDB785987A1904F8EED3739A5F6D03C15965 ] Fax             C:\Windows\system32\fxssvc.exe
20:11:57.0805 0x2b80  Fax - ok
20:11:57.0838 0x2b80  [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
20:11:57.0841 0x2b80  fdc - ok
20:11:57.0867 0x2b80  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
20:11:57.0871 0x2b80  fdPHost - ok
20:11:57.0901 0x2b80  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
20:11:57.0917 0x2b80  FDResPub - ok
20:11:57.0931 0x2b80  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:11:57.0936 0x2b80  FileInfo - ok
20:11:57.0957 0x2b80  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:11:57.0960 0x2b80  Filetrace - ok
20:11:57.0989 0x2b80  [ A752BD7638457A53C9DCD5BE1598B3B2, 34058869996E81D98F074427C20D1BBC58FC4969902194B0260F3BDCE4A84AD4 ] FiltUSBEMPIA    C:\Windows\system32\DRIVERS\emFilter.sys
20:11:57.0991 0x2b80  FiltUSBEMPIA - ok
20:11:58.0003 0x2b80  [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
20:11:58.0006 0x2b80  flpydisk - ok
20:11:58.0030 0x2b80  [ 05EA53AFE985443011E36DAB07343B46, E033C1C218E9B0D22B63E1B927D7BBE331B59814F26952B68BEDC914EF881E55 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:11:58.0055 0x2b80  FltMgr - ok
20:11:58.0103 0x2b80  [ C9BE08664611DDAF98E2331E9288B00B, C645DDAB5FD588486553DF2DD5750AF5A967FEE988F4EB29E05362E3362DF4A2 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:11:58.0108 0x2b80  FontCache3.0.0.0 - ok
20:11:58.0132 0x2b80  [ 65EA8B77B5851854F0C55C43FA51A198, 150BE6C195094DBEAC4FD73CC1C31FF59B77A73944574E244D280EE2DE69DC2F ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:11:58.0134 0x2b80  Fs_Rec - ok
20:11:58.0161 0x2b80  [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
20:11:58.0166 0x2b80  gagp30kx - ok
20:11:58.0194 0x2b80  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:11:58.0197 0x2b80  GEARAspiWDM - ok
20:11:58.0254 0x2b80  [ D9F1113D9401185245573350712F92FC, 7D8E96B61D7FC1FCC7D70A19DB725BCEA78FE94F3D7AFBB1202771D530A628B7 ] gpsvc           C:\Windows\System32\gpsvc.dll
20:11:58.0295 0x2b80  gpsvc - ok
20:11:58.0334 0x2b80  [ 7031A936832967A93B0E5D5F1C76745A, D8CDCFC1A82E2DFBECD6F7561BB6BD5F5CBFC7A636B7684DEB86FBC9F2D929E0 ] guardian2       C:\Windows\system32\Drivers\oz776.sys
20:11:58.0343 0x2b80  guardian2 - ok
20:11:58.0420 0x2b80  [ CC839E8D766CC31A7710C9F38CF3E375, 327D57F18B4A2D1CB06C5682D3364097ECD3CF40C2719AA1F41D0B49A26003E4 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
20:11:58.0433 0x2b80  gusvc - ok
20:11:58.0460 0x2b80  [ C87B1EE051C0464491C1A7B03FA0BC99, 0EF498A7D37A454E8B6DB1BE3C0EADA648B51B34A2BB553171E766463E54EE90 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
20:11:58.0463 0x2b80  HDAudBus - ok
20:11:58.0494 0x2b80  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
20:11:58.0496 0x2b80  HidBth - ok
20:11:58.0512 0x2b80  [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys
20:11:58.0514 0x2b80  HidIr - ok
20:11:58.0544 0x2b80  [ 8FA640195279ACE21BEA91396A0054FC, 20541E5FA29B3FBD8824F3DF93C7D63AFEE56948F82FFDE20E9E87F5C0A3A789 ] hidserv         C:\Windows\System32\hidserv.dll
20:11:58.0547 0x2b80  hidserv - ok
20:11:58.0558 0x2b80  [ 854CA287AB7FAF949617A788306D967E, 8C0BC3727C07634FAD35C7184C72B6D48D428F35E612257A833F00CACF4AAB5D ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
20:11:58.0560 0x2b80  HidUsb - ok
20:11:58.0585 0x2b80  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:11:58.0591 0x2b80  hkmsvc - ok
20:11:58.0608 0x2b80  [ 16EE7B23A009E00D835CDB79574A91A6, 964AFE7D2F7E48C7DE7FDAB48F57ADC4AD44A0B2A9A03071E0E8D334007E5572 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
20:11:58.0611 0x2b80  HpCISSs - ok
20:11:58.0875 0x2b80  [ F50F7984FDD151EDD8A70A8DBD9E2A44, 45E7ECA40298B233D124993D6C9D4FBBF05E9A843F4DE089317342B3D8A83696 ] hpqcxs08        C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
20:11:58.0891 0x2b80  hpqcxs08 - ok
20:11:58.0922 0x2b80  [ DF446BA625CC441617843E87798CE048, B45C11EEA7EA792DE82E9BB283B9DCF30F891AAB8366075856BD84D10BCBCCD3 ] hpqddsvc        C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
20:11:58.0928 0x2b80  hpqddsvc - ok
20:11:58.0999 0x2b80  [ 99F85640054BA65190B860D878A7C9AE, CE87323FFA4A74EA721A5E7CA6F233C54F21C2C1C6BF7DE84049CE7CEB0741AE ] HSF_DPV         C:\Windows\system32\DRIVERS\HSX_DPV.sys
20:11:59.0050 0x2b80  HSF_DPV - ok
20:11:59.0088 0x2b80  [ CFBC2B81972E298F0E19EE68FA9E73DA, F149EE69F7300494329A5609ACC2D2F4A6D2F681CD368E7DA43C4D768D5B6C64 ] HSXHWAZL        C:\Windows\system32\DRIVERS\HSXHWAZL.sys
20:11:59.0105 0x2b80  HSXHWAZL - ok
20:11:59.0147 0x2b80  [ 96E241624C71211A79C84F50A8E71CAB, EB6E679218B781F67FBFF4EB12DDE44769ACA7EA3F83A4404A073EA89C902C25 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:11:59.0161 0x2b80  HTTP - ok
20:11:59.0187 0x2b80  [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
20:11:59.0190 0x2b80  i2omp - ok
20:11:59.0236 0x2b80  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
20:11:59.0240 0x2b80  i8042prt - ok
20:11:59.0284 0x2b80  [ 582F2D900A3AC34C98FBDC2C0ABEF6B9, 2B3879F89A8626FA560E6879F0E5B2AC4804C934EEA68B425A395D1114E64C4D ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
20:11:59.0299 0x2b80  IAANTMON - ok
20:11:59.0334 0x2b80  [ FD7F9D74C2B35DBDA400804A3F5ED5D8, 93BAEE15428E9B3FF2D5F7EE156697EA8C24E176C3A8E56D1B1AFF4E541867E4 ] iaStor          C:\Windows\system32\drivers\iastor.sys
20:11:59.0341 0x2b80  iaStor - ok
20:11:59.0383 0x2b80  [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
20:11:59.0394 0x2b80  iaStorV - ok
20:11:59.0463 0x2b80  [ 7B630ACAED64FEF0C3E1CF255CB56686, 9DCC6953BC6EF77C3916F8AA226CEC0662513A23AB60E9F714D53746E82FB372 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:11:59.0514 0x2b80  idsvc - ok
20:11:59.0616 0x2b80  [ C134E69CE901422D1F2D7EA8D69098FE, 38D7AB6C85C0BCE34B8F52DDBD6F0371DF551003DF6BAE20A2AB1D1349128890 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
20:11:59.0717 0x2b80  igfx - ok
20:11:59.0746 0x2b80  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
20:11:59.0749 0x2b80  iirsp - ok
20:11:59.0803 0x2b80  [ A3BC480A2BF8AA8E4DABD2D5DCE0AFAC, ED795B07B38EDBB2850384EDFA04C85539D4D22A7AAB8981C83C84E2EAB5976F ] IKEEXT          C:\Windows\System32\ikeext.dll
20:11:59.0837 0x2b80  IKEEXT - ok
20:11:59.0864 0x2b80  [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
20:11:59.0866 0x2b80  intelide - ok
20:11:59.0892 0x2b80  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
20:11:59.0895 0x2b80  intelppm - ok
20:11:59.0907 0x2b80  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
20:11:59.0912 0x2b80  IPBusEnum - ok
20:11:59.0924 0x2b80  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:11:59.0927 0x2b80  IpFilterDriver - ok
20:11:59.0959 0x2b80  [ 6A35D233693EDC29A12742049BC5E37F, 77275407105492A11CDC232E72C8183F0DFD28F8B9AD2A24AAABDB246F14D38F ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:11:59.0975 0x2b80  iphlpsvc - ok
20:11:59.0979 0x2b80  IpInIp - ok
20:12:00.0006 0x2b80  [ B25AAF203552B7B3491139D582B39AD1, EA9C38F512F40FF12975A6719E6FE4D7EA93A4B2497103E0FDA5A4CD6033C0A6 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
20:12:00.0009 0x2b80  IPMIDRV - ok
20:12:00.0016 0x2b80  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
20:12:00.0031 0x2b80  IPNAT - ok
20:12:00.0113 0x2b80  [ C00149A7027081539A66DC5A46695EAD, 51F01CD6B37BA52B3D4DC9CAE3A9FBDDB2FA6FB6A9E779C9157BB056CEC3BEC9 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
20:12:00.0130 0x2b80  iPod Service - ok
20:12:00.0162 0x2b80  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:12:00.0164 0x2b80  IRENUM - ok
20:12:00.0187 0x2b80  [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:12:00.0190 0x2b80  isapnp - ok
20:12:00.0257 0x2b80  [ F247EEC28317F6C739C16DE420097301, 0F4BE16BB0630DFE2256F70C94D4363B7B71F02F7F6597E7CAE28A3EFEA7BCAD ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
20:12:00.0282 0x2b80  iScsiPrt - ok
20:12:00.0308 0x2b80  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
20:12:00.0310 0x2b80  iteatapi - ok
20:12:00.0350 0x2b80  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
20:12:00.0361 0x2b80  iteraid - ok
20:12:00.0378 0x2b80  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
20:12:00.0381 0x2b80  kbdclass - ok
20:12:00.0402 0x2b80  [ 18247836959BA67E3511B62846B9C2E0, 9623FF990A1C11A707C358CC9FDD4306C2992A8C766A50DAFC9534A283AA011D ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
20:12:00.0405 0x2b80  kbdhid - ok
20:12:00.0426 0x2b80  [ A911ECAC81F94ADEAFBE8E3F7873EDB0, 5FC9667F306E16722A46FABCA8FB9C8E7AC24768B9D8415B03F45567F90B8438 ] KeyIso          C:\Windows\system32\lsass.exe
20:12:00.0430 0x2b80  KeyIso - ok
20:12:00.0477 0x2b80  [ 7A0CF7908B6824D6A2A1D313E5AE3DCA, 903CF1169D984BBDAE114827D82D5CCC88C2BC7CAEE6BB3A299E2572B0751BB6 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:12:00.0503 0x2b80  KSecDD - ok
20:12:00.0560 0x2b80  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:12:00.0586 0x2b80  KtmRm - ok
20:12:00.0614 0x2b80  [ 1925E63C91CF1610AE41BFD539062079, C25438D19D51B76A8E4C5F3A5D41C76197321166CB37E224217993A4466EBEF9 ] LanmanServer    C:\Windows\System32\srvsvc.dll
20:12:00.0631 0x2b80  LanmanServer - ok
20:12:00.0679 0x2b80  [ 2AE2E1628C5D3F1C0A46A67C9FA1DF15, 7B1FAC42B9EA73A8C4E812F8F729EB882BDFD04D2E68FE354CFD6B8379A46D14 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:12:00.0696 0x2b80  LanmanWorkstation - ok
20:12:00.0727 0x2b80  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:12:00.0742 0x2b80  lltdio - ok
20:12:00.0767 0x2b80  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:12:00.0785 0x2b80  lltdsvc - ok
20:12:00.0800 0x2b80  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:12:00.0805 0x2b80  lmhosts - ok
20:12:00.0820 0x2b80  [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
20:12:00.0824 0x2b80  LSI_FC - ok
20:12:00.0848 0x2b80  [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
20:12:00.0852 0x2b80  LSI_SAS - ok
20:12:00.0872 0x2b80  [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
20:12:00.0876 0x2b80  LSI_SCSI - ok
20:12:00.0899 0x2b80  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
20:12:00.0903 0x2b80  luafv - ok
20:12:00.0933 0x2b80  [ 3B4C137E2CA87CF773204653A80B5BE9, D774945037F7A39EB23392DCCF4B52BDE03134C8D457EB9DDFE761B3B8C3D0D9 ] mbamchameleon   C:\Windows\system32\drivers\mbamchameleon.sys
20:12:00.0936 0x2b80  mbamchameleon - ok
20:12:00.0964 0x2b80  [ 0CEA2D0D3FA284B85ED5B68365114F76, E6FF0EC98FDC3F628438B613C356C237E68686E3B5B17A58A60C16F4B9A2B968 ] mdmxsdk         C:\Windows\system32\DRIVERS\mdmxsdk.sys
20:12:00.0973 0x2b80  mdmxsdk - ok
20:12:01.0004 0x2b80  [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas         C:\Windows\system32\drivers\megasas.sys
20:12:01.0007 0x2b80  megasas - ok
20:12:01.0040 0x2b80  [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
20:12:01.0057 0x2b80  MegaSR - ok
20:12:01.0126 0x2b80  Microsoft SharePoint Workspace Audit Service - ok
20:12:01.0160 0x2b80  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
20:12:01.0165 0x2b80  MMCSS - ok
20:12:01.0187 0x2b80  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
20:12:01.0190 0x2b80  Modem - ok
20:12:01.0213 0x2b80  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
20:12:01.0216 0x2b80  monitor - ok
20:12:01.0245 0x2b80  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
20:12:01.0247 0x2b80  mouclass - ok
20:12:01.0281 0x2b80  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
20:12:01.0289 0x2b80  mouhid - ok
20:12:01.0319 0x2b80  [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
20:12:01.0323 0x2b80  MountMgr - ok
20:12:01.0364 0x2b80  [ AEE4E9CC59CDEB55B1ECB0E596E796BE, 674F6F38D86D238AFD6223E03A862F8B43DD8499FBC2D4B7A04E510EC5EACF3B ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:12:01.0378 0x2b80  MozillaMaintenance - ok
20:12:01.0405 0x2b80  [ 511D011289755DD9F9A7579FB0B064E6, 1FD0D0D5B6E08FE06F7A5D0821BCD859B0F98A6DEA58AAB7FB6C95B64212FFC8 ] mpio            C:\Windows\system32\drivers\mpio.sys
20:12:01.0410 0x2b80  mpio - ok
20:12:01.0438 0x2b80  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:12:01.0442 0x2b80  mpsdrv - ok
20:12:01.0481 0x2b80  [ D1639BA315B0D79DEC49A4B0E1FB929B, 96420572029217FDD78CD286A022EB5F8BAB76EE30F75E48CD69AEE1A4846B53 ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:12:01.0499 0x2b80  MpsSvc - ok
20:12:01.0529 0x2b80  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
20:12:01.0533 0x2b80  Mraid35x - ok
20:12:01.0552 0x2b80  [ AE3DE84536B6799D2267443CEC8EDBB9, 787AF9D5BC6D1A1E4A55A66D62F0DF93F45C2FB7EA5BE0BF63F1270604600B40 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:12:01.0557 0x2b80  MRxDAV - ok
20:12:01.0581 0x2b80  [ 5734A0F2BE7E495F7D3ED6EFD4B9F5A1, 2C5F0554D5A763D6B3F1402C9BF36C6091CBBDFFD5139AEE85D69D5B210D2047 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:12:01.0586 0x2b80  mrxsmb - ok
20:12:01.0624 0x2b80  [ 6B5FA5ADFACAC9DBBE0991F4566D7D55, 9BAD029A6AAF4C2292C682B9F07C57051C84F7FA4F3EBEA52C25CAEF1A41121F ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:12:01.0646 0x2b80  mrxsmb10 - ok
20:12:01.0663 0x2b80  [ 5C80D8159181C7ABF1B14BA703B01E0B, 414085AD3C36B8E95D1D49E2958671332DECE38739544CCB70FAB30C408E89A2 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:12:01.0668 0x2b80  mrxsmb20 - ok
20:12:01.0692 0x2b80  [ 28023E86F17001F7CD9B15A5BC9AE07D, FC7EAA592C5F796E3BCD7F7EF261709CD899B33FC8486E594A480F143D0D6320 ] msahci          C:\Windows\system32\drivers\msahci.sys
20:12:01.0695 0x2b80  msahci - ok
20:12:01.0716 0x2b80  [ 4468B0F385A86ECDDAF8D3CA662EC0E7, EAEDC9CDD2EEC5000AF8190A4BE7729282576C3F88E64FDF57F455F5CECC81C9 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
20:12:01.0720 0x2b80  msdsm - ok
20:12:01.0746 0x2b80  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
20:12:01.0755 0x2b80  MSDTC - ok
20:12:01.0778 0x2b80  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:12:01.0781 0x2b80  Msfs - ok
20:12:01.0820 0x2b80  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:12:01.0823 0x2b80  msisadrv - ok
20:12:01.0855 0x2b80  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:12:01.0862 0x2b80  MSiSCSI - ok
20:12:01.0879 0x2b80  msiserver - ok
20:12:01.0909 0x2b80  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:12:01.0911 0x2b80  MSKSSRV - ok
20:12:01.0934 0x2b80  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:12:01.0936 0x2b80  MSPCLOCK - ok
20:12:01.0946 0x2b80  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:12:01.0948 0x2b80  MSPQM - ok
20:12:01.0974 0x2b80  [ B5614AECB05A9340AA0FB55BF561CC63, 8D1B5E958A0F721F5A81AD649CC5759B4DECB771FC4654F4EDEB29AC7DF1BD40 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:12:01.0982 0x2b80  MsRPC - ok
20:12:02.0013 0x2b80  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
20:12:02.0021 0x2b80  mssmbios - ok
20:12:02.0035 0x2b80  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:12:02.0037 0x2b80  MSTEE - ok
20:12:02.0056 0x2b80  [ 6DFD1D322DE55B0B7DB7D21B90BEC49C, 95149C41CC9F269C299541A97A9E2E2CCAEE34FE2362EEECD1F813EBC6D4CDC5 ] Mup             C:\Windows\system32\Drivers\mup.sys
20:12:02.0059 0x2b80  Mup - ok
20:12:02.0093 0x2b80  [ C43B25863FBD65B6D2A142AF3AE320CA, 88E147751CBECFF31CD65954BC978B86CEA74485EB60DBB25AABAB4601797A4E ] napagent        C:\Windows\system32\qagentRT.dll
20:12:02.0127 0x2b80  napagent - ok
20:12:02.0161 0x2b80  [ 3C21CE48FF529BB73DADB98770B54025, B8541E3D2B120B97947AE51B28A99E2623ACAD3790BC282B1251ACBEC7684F8D ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:12:02.0167 0x2b80  NativeWifiP - ok
20:12:02.0226 0x2b80  [ C8560010A542B5DCA94C62468DC20784, AE7584D95B0E9F5E340ADD00AA88563C64462A4FC6440F580B7936FD19D173CA ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:12:02.0256 0x2b80  NDIS - ok
20:12:02.0286 0x2b80  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:12:02.0288 0x2b80  NdisTapi - ok
20:12:02.0314 0x2b80  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:12:02.0316 0x2b80  Ndisuio - ok
20:12:02.0335 0x2b80  [ 3D14C3B3496F88890D431E8AA022A411, 9B31451756A35314586F93996172E1039B2CD21132CCBE772B3E61A8D9454A30 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:12:02.0343 0x2b80  NdisWan - ok
20:12:02.0358 0x2b80  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:12:02.0361 0x2b80  NDProxy - ok
20:12:02.0395 0x2b80  [ 19715A9A573DAD2521348ABC74266A48, 16AF735601FAFB3A2B5E6F30E584ECE25FDF9B7F96ECE4582C0D04BEC205411B ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
20:12:02.0404 0x2b80  Net Driver HPZ12 - ok
20:12:02.0421 0x2b80  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:12:02.0424 0x2b80  NetBIOS - ok
20:12:02.0444 0x2b80  [ 7C5FEE5B1C5728507CD96FB4A13E7A02, EDBA08442AD6AF20463A0610FF24D5929574E5EC012495A2C219F6BA84C97F57 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
20:12:02.0461 0x2b80  netbt - ok
20:12:02.0475 0x2b80  [ A911ECAC81F94ADEAFBE8E3F7873EDB0, 5FC9667F306E16722A46FABCA8FB9C8E7AC24768B9D8415B03F45567F90B8438 ] Netlogon        C:\Windows\system32\lsass.exe
20:12:02.0479 0x2b80  Netlogon - ok
20:12:02.0546 0x2b80  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
20:12:02.0572 0x2b80  Netman - ok
20:12:02.0594 0x2b80  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
20:12:02.0605 0x2b80  netprofm - ok
20:12:02.0629 0x2b80  [ 0AD5876EF4E9EB77C8F93EB5B2FFF386, 2F23B0979CF2E8DB013D8E58501ACC9265A860FD759E8B741F8FA64F7C2F7756 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:12:02.0646 0x2b80  NetTcpPortSharing - ok
20:12:02.0921 0x2b80  [ DD194A025D1C0472F45F57DE8D8388EB, 669FE535DDE3C500F54F6AA2AC754CCEC0EFF7ADEEB992A01B1FF98986917762 ] NETw4v32        C:\Windows\system32\DRIVERS\NETw4v32.sys
20:12:03.0042 0x2b80  NETw4v32 - ok
20:12:03.0078 0x2b80  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
20:12:03.0088 0x2b80  nfrd960 - ok
20:12:03.0168 0x2b80  [ 4BADAF74D1633B84E195038A52297DC2, 99690B846CFBC2A6C7D400B34BD97F95F95A7393045E23135A69383614A15E59 ] nicconfigsvc    C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
20:12:03.0184 0x2b80  nicconfigsvc - ok
20:12:03.0222 0x2b80  [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:12:03.0235 0x2b80  NlaSvc - ok
20:12:03.0262 0x2b80  [ ECB5003F484F9ED6C608D6D6C7886CBB, 45496B84B2FD156499E9F07FC82BC6F032B8F4D9DC194098CF9F5474D5642F9E ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:12:03.0266 0x2b80  Npfs - ok
20:12:03.0292 0x2b80  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
20:12:03.0300 0x2b80  nsi - ok
20:12:03.0317 0x2b80  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:12:03.0320 0x2b80  nsiproxy - ok
20:12:03.0363 0x2b80  [ B4EFFE29EB4F15538FD8A9681108492D, 12AF3C19DD2DE7D92EE4C03AD07BAFD77EB8BFF2333E6FBD9CAAA0F654A35F46 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:12:03.0415 0x2b80  Ntfs - ok
20:12:03.0433 0x2b80  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
20:12:03.0435 0x2b80  ntrigdigi - ok
20:12:03.0450 0x2b80  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
20:12:03.0452 0x2b80  Null - ok
20:12:03.0466 0x2b80  [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:12:03.0470 0x2b80  nvraid - ok
20:12:03.0481 0x2b80  [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:12:03.0484 0x2b80  nvstor - ok
20:12:03.0507 0x2b80  [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:12:03.0511 0x2b80  nv_agp - ok
20:12:03.0516 0x2b80  NwlnkFlt - ok
20:12:03.0522 0x2b80  NwlnkFwd - ok
20:12:03.0552 0x2b80  [ 790E27C3DB53410B40FF9EF2FD10A1D9, FD06F2702B8F7E04ECF1B6E88602F14301E7AE7FC44AD114282E580FAD530A9C ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
20:12:03.0556 0x2b80  ohci1394 - ok
20:12:03.0613 0x2b80  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:12:03.0620 0x2b80  ose - ok
20:12:03.0903 0x2b80  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:12:04.0079 0x2b80  osppsvc - ok
20:12:04.0357 0x2b80  [ 5DE1A3972FD3112C75EB17BDCF454169, A3187A9ED867B3B1225A8C3CFB048360C1B92DA823C1B6FF5EF2C17F6BFB6602 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
20:12:04.0399 0x2b80  p2pimsvc - ok
20:12:04.0440 0x2b80  [ 5DE1A3972FD3112C75EB17BDCF454169, A3187A9ED867B3B1225A8C3CFB048360C1B92DA823C1B6FF5EF2C17F6BFB6602 ] p2psvc          C:\Windows\system32\p2psvc.dll
20:12:04.0457 0x2b80  p2psvc - ok
20:12:04.0480 0x2b80  [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport         C:\Windows\system32\drivers\parport.sys
20:12:04.0484 0x2b80  Parport - ok
20:12:04.0507 0x2b80  [ 3B38467E7C3DAED009DFE359E17F139F, 419BD726E511B3FEFBD8204C9E2BF6131EC05C71D15406070F834688EAFB694F ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:12:04.0510 0x2b80  partmgr - ok
20:12:04.0524 0x2b80  [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
20:12:04.0525 0x2b80  Parvdm - ok
20:12:04.0553 0x2b80  [ 9EC004140E1B675ACDEB07F66EE797A4, 61A082F2C09B966AE7C46DAB557A92D87D28EA7B3F699F51018E625336A7CB82 ] PBADRV          C:\Windows\system32\DRIVERS\PBADRV.sys
20:12:04.0555 0x2b80  PBADRV - ok
20:12:04.0584 0x2b80  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:12:04.0589 0x2b80  PcaSvc - ok
20:12:04.0621 0x2b80  [ 01B94418DEB235DFF777CC80076354B4, 091C4D5954C5CA1F783748C4D7287DD160C5F3357F2CC448DC5C2935B79AC1E9 ] pci             C:\Windows\system32\drivers\pci.sys
20:12:04.0639 0x2b80  pci - ok
20:12:04.0644 0x2b80  [ FC175F5DDAB666D7F4D17449A547626F, 7D6108213D1AD3F97A3B83E491BCCC7D6F5BC72C32A182BDDE8736851A26C8D2 ] pciide          C:\Windows\system32\drivers\pciide.sys
20:12:04.0646 0x2b80  pciide - ok
20:12:04.0684 0x2b80  [ B7C5A8769541900F6DFA6FE0C5E4D513, 1885FE8AE9D6929E8B43D674B43B7B3FEAA25AF6E45973A0B49CBA7B9CBA34C4 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
20:12:04.0691 0x2b80  pcmcia - ok
20:12:04.0744 0x2b80  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:12:04.0787 0x2b80  PEAUTH - ok
20:12:04.0880 0x2b80  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
20:12:04.0939 0x2b80  pla - ok
20:12:04.0970 0x2b80  [ 78F975CB6D18265BE6F492EDB2D7BC7B, 112C6FB0A84E605B1EA87F98C8A4C210C9DB84C811029109444AB174011A158C ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:12:04.0985 0x2b80  PlugPlay - ok
20:12:05.0008 0x2b80  [ B36CD3F2ECA751C0CA8B8868BD1C5449, B6CE2FB74CD77A18CA12B28AA38770A3A36B4E29165AC8EE3043E024CB15F4C9 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
20:12:05.0012 0x2b80  Pml Driver HPZ12 - ok
20:12:05.0056 0x2b80  [ 5DE1A3972FD3112C75EB17BDCF454169, A3187A9ED867B3B1225A8C3CFB048360C1B92DA823C1B6FF5EF2C17F6BFB6602 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
20:12:05.0073 0x2b80  PNRPAutoReg - ok
20:12:05.0157 0x2b80  [ 5DE1A3972FD3112C75EB17BDCF454169, A3187A9ED867B3B1225A8C3CFB048360C1B92DA823C1B6FF5EF2C17F6BFB6602 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
20:12:05.0174 0x2b80  PNRPsvc - ok
20:12:05.0269 0x2b80  [ 47B8F37AA18B74D8C2E1BC1A7A2C8F8A, FAE64867CE80439735F88A9988243667BDE84486B5A768B650E55E1519C85C03 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:12:05.0287 0x2b80  PolicyAgent - ok
20:12:05.0323 0x2b80  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:12:05.0326 0x2b80  PptpMiniport - ok
20:12:05.0348 0x2b80  [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor       C:\Windows\system32\drivers\processr.sys
20:12:05.0351 0x2b80  Processor - ok
20:12:05.0389 0x2b80  [ B627E4FC8585E8843C5905D4D3587A90, 07D7BC1BF8CDD5E34155B260B914D4A9892D3CEAEACDE334D1AF2A608E1FA2D8 ] ProfSvc         C:\Windows\system32\profsvc.dll
20:12:05.0398 0x2b80  ProfSvc - ok
20:12:05.0406 0x2b80  [ A911ECAC81F94ADEAFBE8E3F7873EDB0, 5FC9667F306E16722A46FABCA8FB9C8E7AC24768B9D8415B03F45567F90B8438 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:12:05.0410 0x2b80  ProtectedStorage - ok
20:12:05.0424 0x2b80  [ BFEF604508A0ED1EAE2A73E872555FFB, AC817FB5A6126475B4A3CA191AD49651B919FB55429B939D036BC564632E426D ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
20:12:05.0428 0x2b80  PSched - ok
20:12:05.0496 0x2b80  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300          C:\Windows\system32\drivers\ql2300.sys
20:12:05.0560 0x2b80  ql2300 - ok
20:12:05.0596 0x2b80  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
20:12:05.0600 0x2b80  ql40xx - ok
20:12:05.0637 0x2b80  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
20:12:05.0649 0x2b80  QWAVE - ok
20:12:05.0664 0x2b80  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:12:05.0666 0x2b80  QWAVEdrv - ok
20:12:05.0839 0x2b80  [ E642B131FB74CAF4BB8A014F31113142, 18A81B27FB2DA556AC51DBA8956203A6E821D75B2B09F11049250E732318F573 ] R300            C:\Windows\system32\DRIVERS\atikmdag.sys
20:12:05.0933 0x2b80  R300 - ok
20:12:05.0968 0x2b80  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:12:05.0969 0x2b80  RasAcd - ok
20:12:05.0995 0x2b80  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
20:12:06.0012 0x2b80  RasAuto - ok
20:12:06.0039 0x2b80  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:12:06.0043 0x2b80  Rasl2tp - ok
20:12:06.0062 0x2b80  [ 6E7C284FC5C4EC07AD164D93810385A6, FDBF80C8DE53E56A3515353129C6912E8CAEC2B2DA9AB3A4B027CB73BDF1EC60 ] RasMan          C:\Windows\System32\rasmans.dll
20:12:06.0076 0x2b80  RasMan - ok
20:12:06.0089 0x2b80  [ 3E9D9B048107B40D87B97DF2E48E0744, F7B8DAE57B9372CEB21A912379FC7670B099A9642CF2E7EA8D335ADBD4CF86A2 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:12:06.0092 0x2b80  RasPppoe - ok
20:12:06.0107 0x2b80  [ A7D141684E9500AC928A772ED8E6B671, C9329ECA4190EE1F4A6F186D45EA42ACF60C04CDBAFEB19973F3C2DF04A1BCEE ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:12:06.0111 0x2b80  RasSstp - ok
20:12:06.0130 0x2b80  [ 6E1C5D0457622F9EE35F683110E93D14, 9C6BE049FDA5E6CBA486EE33F01AADDD6085CC5F1F08409EC439ADE9137D3F5F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:12:06.0138 0x2b80  rdbss - ok
20:12:06.0150 0x2b80  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
20:12:06.0152 0x2b80  RDPCDD - ok
20:12:06.0192 0x2b80  [ FBC0BACD9C3D7F6956853F64A66E252D, 7672B10C7039295B152C02C96903E869FF2C0A88A2C3FA89BAE9F1D593B43569 ] rdpdr           C:\Windows\system32\DRIVERS\rdpdr.sys
20:12:06.0202 0x2b80  rdpdr - ok
20:12:06.0209 0x2b80  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
20:12:06.0211 0x2b80  RDPENCDD - ok
20:12:06.0240 0x2b80  [ E1C18F4097A5ABCEC941DC4B2F99DB7E, B38AC355042F18A41F83BF088FE7EB867184C7FE37820365314419BD3810BB68 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
20:12:06.0247 0x2b80  RDPWD - ok
20:12:06.0308 0x2b80  [ 2CF574D0965F58E514A2DC94114D7ECA, F47D438DC25D30A88CEFA8CC9DEA527F111A0F6403E84995C04D75A28EB38A08 ] RegSrvc         C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
20:12:06.0320 0x2b80  RegSrvc - ok
20:12:06.0360 0x2b80  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:12:06.0366 0x2b80  RemoteAccess - ok
20:12:06.0393 0x2b80  [ CC4E32400F3C7253400CF8F3F3A0B676, D2A874BE3D365260AD7C10C30F2DE22F818CBFC12D65AADE2203B9ED02C9BEB5 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:12:06.0402 0x2b80  RemoteRegistry - ok
20:12:06.0447 0x2b80  [ B9BB8E2093C1615AD6EA55AD96214354, 57A2EEA52E2A670B712C4446F1A6379D1B79454A09A7B79455CA08894FD4B21F ] Revoflt         C:\Windows\system32\DRIVERS\revoflt.sys
20:12:06.0450 0x2b80  Revoflt - ok
20:12:06.0473 0x2b80  [ 34CC78C06587718C2AD6D3AA83B1F072, 35973BBFF7C6119287B4C3C47A54C626A8623C9F18062597AD7D3ADDF0094ED8 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
20:12:06.0476 0x2b80  RFCOMM - ok
20:12:06.0504 0x2b80  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
20:12:06.0512 0x2b80  RpcLocator - ok
20:12:06.0547 0x2b80  [ 301AE00E12408650BADDC04DBC832830, 405A392B83942A17F1EB78943C3A3046B5451EA8CB0082A53571CCC0609275A2 ] RpcSs           C:\Windows\system32\rpcss.dll
20:12:06.0562 0x2b80  RpcSs - ok
20:12:06.0591 0x2b80  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:12:06.0595 0x2b80  rspndr - ok
20:12:06.0600 0x2b80  [ A911ECAC81F94ADEAFBE8E3F7873EDB0, 5FC9667F306E16722A46FABCA8FB9C8E7AC24768B9D8415B03F45567F90B8438 ] SamSs           C:\Windows\system32\lsass.exe
20:12:06.0603 0x2b80  SamSs - ok
20:12:06.0624 0x2b80  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:12:06.0628 0x2b80  sbp2port - ok
20:12:06.0647 0x2b80  [ 7BFA395A95E5D714D222E35F041C46E8, 70C4C63553154AA3FD15F178964F7B89CAB28D791BB28247F1C2EC11FCB62901 ] ScanUSBEMPIA    C:\Windows\system32\DRIVERS\emScan.sys
20:12:06.0649 0x2b80  ScanUSBEMPIA - ok
20:12:06.0675 0x2b80  [ 11387E32642269C7E62E8B52C060B3C6, 6225FA14CBDC1D30F2E4CDC2059773DA49C67BE2C00A1DE582E8E07717F20425 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:12:06.0683 0x2b80  SCardSvr - ok
20:12:06.0740 0x2b80  [ 7B587B8A6D4A99F79D2902D0385F29BD, C29F2EE25F7B11E1821832CB7F4F8506C2AB20804D6702CC5EAF5BA1F3FCA972 ] Schedule        C:\Windows\system32\schedsvc.dll
20:12:06.0784 0x2b80  Schedule - ok
20:12:06.0803 0x2b80  [ 87C2D0377B23E2D8A41093C2F5FB1A5B, 94725CD764318461A1163FCD1B507B92490C5F52CB5089E6C7245FD91F2D1D05 ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:12:06.0806 0x2b80  SCPolicySvc - ok
20:12:06.0838 0x2b80  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:12:06.0846 0x2b80  SDRSVC - ok
20:12:06.0856 0x2b80  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:12:06.0859 0x2b80  secdrv - ok
20:12:06.0883 0x2b80  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll
20:12:06.0888 0x2b80  seclogon - ok
20:12:06.0972 0x2b80  [ 472946EDEBF85C1F0B44B6EBA01AC9B6, 35329B5D7507BA17D48A7C6EFAC908B21D51C61CEB9400DBBDAE2DB94DCB51C8 ] SecureStorageService C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe
20:12:06.0996 0x2b80  SecureStorageService - ok
20:12:07.0013 0x2b80  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\system32\sens.dll
20:12:07.0018 0x2b80  SENS - ok
20:12:07.0045 0x2b80  [ CE9EC966638EF0B10B864DDEDF62A099, 2DEC5A8C947D87C12B342F15B8A552A0D49B979A2AC32D2C97FC7A3A76C34524 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
20:12:07.0047 0x2b80  Serenum - ok
20:12:07.0070 0x2b80  [ 6D663022DB3E7058907784AE14B69898, 54263888C64A7F010D3B5E399369B0F3FF3AF0A0DE8ADB502B98277533E4D45F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
20:12:07.0074 0x2b80  Serial - ok
20:12:07.0102 0x2b80  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
20:12:07.0104 0x2b80  sermouse - ok
20:12:07.0134 0x2b80  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
20:12:07.0141 0x2b80  SessionEnv - ok
20:12:07.0189 0x2b80  [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
20:12:07.0192 0x2b80  sffdisk - ok
20:12:07.0205 0x2b80  [ E95D451F7EA3E583AEC75F3B3EE42DC5, B014BE4F9B0C79ECCE2537D1CF4AAD48ACB4C5AD3DACAC4444F0F465B9689921 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
20:12:07.0207 0x2b80  sffp_mmc - ok
20:12:07.0235 0x2b80  [ 3D0EA348784B7AC9EA9BD9F317980979, 2500CE188C9B71C50E966FA575303AEFE50934E376C530AECEC7C7533C15EF08 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
20:12:07.0238 0x2b80  sffp_sd - ok
20:12:07.0254 0x2b80  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
20:12:07.0256 0x2b80  sfloppy - ok
20:12:07.0307 0x2b80  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:12:07.0319 0x2b80  SharedAccess - ok
20:12:07.0350 0x2b80  [ 1E3FDB80E40A3CE645F229DFBDFB7694, C58D04CB86E314FC768F2729AC77A7097AFA9C80A35D8AB72690B7005E83D1D6 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:12:07.0367 0x2b80  ShellHWDetection - ok
20:12:07.0388 0x2b80  [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
20:12:07.0391 0x2b80  sisagp - ok
20:12:07.0411 0x2b80  [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
20:12:07.0414 0x2b80  SiSRaid2 - ok
20:12:07.0433 0x2b80  [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
20:12:07.0436 0x2b80  SiSRaid4 - ok
20:12:07.0816 0x2b80  [ 0BA91E1358AD25236863039BB2609A2E, ECB3C8E3D9C6FA77C0CF5A898FB90BB9474C6EFBE3698B56C93ECE44535EDACE ] slsvc           C:\Windows\system32\SLsvc.exe
20:12:08.0036 0x2b80  slsvc - ok
20:12:08.0068 0x2b80  [ 7C6DC44CA0BFA6291629AB764200D1D4, 747CDA89C6F94F8314E5E5C425387ABDF9FF8528D82422F8FF66D96307B47B13 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
20:12:08.0082 0x2b80  SLUINotify - ok
20:12:08.0113 0x2b80  [ 031E6BCD53C9B2B9ACE111EAFEC347B6, B934129BD77CA6A1434C59EA82B5E93FD4089608E0E41242B6E68070A0F33FB8 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
20:12:08.0117 0x2b80  Smb - ok
20:12:08.0155 0x2b80  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:12:08.0160 0x2b80  SNMPTRAP - ok
20:12:08.0184 0x2b80  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
20:12:08.0186 0x2b80  spldr - ok
20:12:08.0218 0x2b80  [ 3665F79026A3F91FBCA63F2C65A09B19, A9AAE9B4006B5BC6EF4A7AB4CAB131687E4055E7C56900BBD24F78BA155C458A ] Spooler         C:\Windows\System32\spoolsv.exe
20:12:08.0226 0x2b80  Spooler - ok
20:12:08.0291 0x2b80  [ 2252AEF839B1093D16761189F45AF885, D7B79E1B9CD73EDEA855DBE120ED470CC0F67D1AA44038E6051A4C5BCE361DE3 ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:12:08.0300 0x2b80  srv - ok
20:12:08.0337 0x2b80  [ B7FF59408034119476B00A81BB53D5D1, 365D8E719D729D56082F5A6EEB65B31EB5DB5D15A5346D05E7130F41F2F97D46 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:12:08.0343 0x2b80  srv2 - ok
20:12:08.0373 0x2b80  [ 2ACCC9B12AF02030F531E6CCA6F8B76E, D1BA17C7BFE02347824DEEB1B7362FD251769ECB92B14EB3C600C85AB7E04D1B ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:12:08.0385 0x2b80  srvnet - ok
20:12:08.0416 0x2b80  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:12:08.0425 0x2b80  SSDPSRV - ok
20:12:08.0466 0x2b80  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:12:08.0483 0x2b80  SstpSvc - ok
20:12:08.0514 0x2b80  [ 7E6DD4B34ACD36AF6C711D2BDE91B040, 737C76749FE53A968E558289613A6ED5A0263F9585A47028343284F64808AC67 ] STacSV          C:\Windows\system32\STacSV.exe
20:12:08.0538 0x2b80  STacSV - ok
20:12:08.0574 0x2b80  [ 6A2A5E809C2C0178326D92B19EE4AAD3, B2D78857BDB72A2CB63950558CA3D5105F1857056F52BB8E9D888394CC2D06E9 ] STHDA           C:\Windows\system32\drivers\stwrt.sys
20:12:08.0591 0x2b80  STHDA - ok
20:12:08.0630 0x2b80  [ 7DD08A597BC56051F320DA0BAF69E389, ACC59CF80765248705FFCE65DC9B5D072DC054F08C02FB4D16BA0E84D8BED0A4 ] stisvc          C:\Windows\System32\wiaservc.dll
20:12:08.0656 0x2b80  stisvc - ok
20:12:08.0667 0x2b80  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
20:12:08.0669 0x2b80  swenum - ok
20:12:08.0701 0x2b80  [ B36C7CDB86F7F7A8E884479219766950, F3EA381A84CD6950BF71A56E9ABAD5010F226C5254CB936699A38BA4C85F7367 ] swprv           C:\Windows\System32\swprv.dll
20:12:08.0726 0x2b80  swprv - ok
20:12:08.0758 0x2b80  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
20:12:08.0761 0x2b80  Symc8xx - ok
20:12:08.0778 0x2b80  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
20:12:08.0781 0x2b80  Sym_hi - ok
20:12:08.0801 0x2b80  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
20:12:08.0804 0x2b80  Sym_u3 - ok
20:12:08.0841 0x2b80  [ 8710A92D0024B03B5FB9540DF1F71F1D, B72A968A7966DC16A1D69A8D53012A4307EEBDC4CB8E1D9C93BFB88D996E490F ] SysMain         C:\Windows\system32\sysmain.dll
20:12:08.0865 0x2b80  SysMain - ok
20:12:08.0897 0x2b80  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:12:08.0909 0x2b80  TabletInputService - ok
20:12:08.0946 0x2b80  [ 680916BB09EE0F3A6ACA7C274B0D633F, 008B6EE41FA4D371258F0A656AE96B3E3F487BE5B9E0654B920013B4F1C0DFD8 ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:12:08.0963 0x2b80  TapiSrv - ok
20:12:08.0977 0x2b80  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
20:12:08.0984 0x2b80  TBS - ok
20:12:09.0045 0x2b80  [ 782568AB6A43160A159B6215B70BCCE9, 11FDD484743985D2F41098C191926BFE8010D4E432CA20CCEB6219B514F9838A ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:12:09.0097 0x2b80  Tcpip - ok
20:12:09.0172 0x2b80  [ 782568AB6A43160A159B6215B70BCCE9, 11FDD484743985D2F41098C191926BFE8010D4E432CA20CCEB6219B514F9838A ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
20:12:09.0194 0x2b80  Tcpip6 - ok
20:12:09.0251 0x2b80  [ D4A2E4A4B011F3A883AF77315A5AE76B, 29E18087236A592638570F76691BC5C64CCA383F43EE22DF122413860E2D882C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:12:09.0262 0x2b80  tcpipreg - ok
20:12:09.0469 0x2b80  [ 23B506262493F1A521683EE88C5FBF60, 0668C88429249CD01F86B4ECE236F804DFED33DC0A3874BDCD84B539B899C32E ] tcsd_win32.exe  C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
20:12:09.0563 0x2b80  tcsd_win32.exe - ok
20:12:09.0609 0x2b80  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
20:12:09.0612 0x2b80  TDPIPE - ok
20:12:09.0634 0x2b80  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
20:12:09.0637 0x2b80  TDTCP - ok
20:12:09.0651 0x2b80  [ D09276B1FAB033CE1D40DCBDF303D10F, 2CB47CB522B4E1C091DE30AF0EB4E21D321C42D2A5BA9647CBD078652680D8FF ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:12:09.0655 0x2b80  tdx - ok
20:12:09.0682 0x2b80  [ A048056F5E1A96A9BF3071B91741A5AA, CFDE51D106A6CC4A5638BCD458505F5831636D2203F7C949273BDA446AC7C5F3 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
20:12:09.0685 0x2b80  TermDD - ok
20:12:09.0728 0x2b80  [ D605031E225AACCBCEB5B76A4F1603A6, 27D78644CADBC11C3AB5E0C10F854FD43BCD43B6E91C1ED1F6D35BC501147701 ] TermService     C:\Windows\System32\termsrv.dll
20:12:09.0754 0x2b80  TermService - ok
20:12:09.0774 0x2b80  [ 1E3FDB80E40A3CE645F229DFBDFB7694, C58D04CB86E314FC768F2729AC77A7097AFA9C80A35D8AB72690B7005E83D1D6 ] Themes          C:\Windows\system32\shsvcs.dll
20:12:09.0786 0x2b80  Themes - ok
20:12:09.0796 0x2b80  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
20:12:09.0801 0x2b80  THREADORDER - ok
20:12:09.0831 0x2b80  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
20:12:09.0838 0x2b80  TrkWks - ok
20:12:09.0843 0x2b80  TrueSight - ok
20:12:09.0898 0x2b80  [ 16613A1BAD034D4ECF957AF18B7C2FF5, 75499618187ED4385984F608D134BB298A4CCB339F70B31E4A8B2CF3E3558396 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:12:09.0901 0x2b80  TrustedInstaller - ok
20:12:09.0935 0x2b80  [ DCF0F056A2E4F52287264F5AB29CF206, D9F770BD65AE4320A8C130DEA1D093AA4E37FCA573BBE6A59D6D045452EA711D ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
20:12:09.0948 0x2b80  tssecsrv - ok
20:12:09.0977 0x2b80  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
20:12:09.0979 0x2b80  tunmp - ok
20:12:10.0005 0x2b80  [ 6042505FF6FA9AC1EF7684D0E03B6940, D09CF14A6C0C760238792DDA4ECB6FBB6CA645BB91BD62585EBD050226BDB5A7 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:12:10.0007 0x2b80  tunnel - ok
20:12:10.0025 0x2b80  [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
20:12:10.0028 0x2b80  uagp35 - ok
20:12:10.0056 0x2b80  [ 8B5088058FA1D1CD897A2113CCFF6C58, 1616EDB66C3E2DA7B09EA4FE46A3FC7087D6201F2195D76118A93B0B065D1623 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:12:10.0064 0x2b80  udfs - ok
20:12:10.0098 0x2b80  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:12:10.0108 0x2b80  UI0Detect - ok
20:12:10.0127 0x2b80  [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
20:12:10.0131 0x2b80  uliagpkx - ok
20:12:10.0188 0x2b80  [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
20:12:10.0205 0x2b80  uliahci - ok
20:12:10.0240 0x2b80  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
20:12:10.0244 0x2b80  UlSata - ok
20:12:10.0267 0x2b80  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
20:12:10.0272 0x2b80  ulsata2 - ok
20:12:10.0296 0x2b80  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
20:12:10.0299 0x2b80  umbus - ok
20:12:10.0337 0x2b80  [ 909795B5B15047D9331F3D6B276B3993, BFB985FC69B0A3C2EDAA0D2FC260790D8AEFAC741A0FC42D425C22F6DF1EDCA9 ] UmRdpService    C:\Windows\System32\umrdp.dll
20:12:10.0351 0x2b80  UmRdpService - ok
20:12:10.0376 0x2b80  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
20:12:10.0391 0x2b80  upnphost - ok
20:12:10.0428 0x2b80  [ 5C2BDC152BBAB34F36473DEAF7713F22, DC7D6FD3BE2F4D8832BB62AB76E5332BB65255AB45F6E28E6B1991A976C1A058 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
20:12:10.0432 0x2b80  USBAAPL - ok
20:12:10.0478 0x2b80  [ 292A25BB75A568AE2C67169BA2C6365A, EE8B50DD446ECDEBC8B27D015FA9DE18F918ABBA8CF277B799D71CC9D79842FC ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
20:12:10.0482 0x2b80  usbaudio - ok
20:12:10.0513 0x2b80  [ 5353218B3265E3B8190335059F697A11, 78722D3FBC6EE58D83BE944F60190454F285FFCFCC419874837C4FC1A04BD6C1 ] usbbus          C:\Windows\system32\DRIVERS\lgusbbus.sys
20:12:10.0515 0x2b80  usbbus - ok
20:12:10.0536 0x2b80  [ CAF811AE4C147FFCD5B51750C7F09142, BD670CF88D8F932AD1C6BA91FB68A7204BC473657C6A057C92AFB84D164D393C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
20:12:10.0541 0x2b80  usbccgp - ok
20:12:10.0565 0x2b80  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
20:12:10.0568 0x2b80  usbcir - ok
20:12:10.0612 0x2b80  [ 7DD3EEFC62A1EF44E5F940FA651ED9ED, C337BB497A5438B16FB13EA3CD32A25309A30CA535567E370589A864EFD44F07 ] UsbDiag         C:\Windows\system32\DRIVERS\lgusbdiag.sys
20:12:10.0615 0x2b80  UsbDiag - ok
20:12:10.0646 0x2b80  [ CEBE90821810E76320155BEBA722FCF9, AD27B032520BE2A45690DD1AFDDA632B934AB7F815CD313B19CD692790C761D8 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
20:12:10.0649 0x2b80  usbehci - ok
20:12:10.0673 0x2b80  [ CC6B28E4CE39951357963119CE47B143, 0BC653B51A33709AADD8B5A2B8102DBCB3C1EE14BDDF4C58813FDCA43FF7C1B2 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
20:12:10.0686 0x2b80  usbhub - ok
20:12:10.0704 0x2b80  [ 083031A78822ECCBD7510BCCD3E20D4C, 782ED3B00B4B37CD80889DE6C6C822005C02F0A711EE25E42B1052663AD26C10 ] USBModem        C:\Windows\system32\DRIVERS\lgusbmodem.sys
20:12:10.0706 0x2b80  USBModem - ok
20:12:10.0732 0x2b80  [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci         C:\Windows\system32\drivers\usbohci.sys
20:12:10.0735 0x2b80  usbohci - ok
20:12:10.0758 0x2b80  [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
20:12:10.0760 0x2b80  usbprint - ok
20:12:10.0794 0x2b80  [ A508C9BD8724980512136B039BBA65E9, B39B72471C468AC997AEC528599EDC98A031F5A7EB91C4F9471402D48D2D4E3E ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
20:12:10.0797 0x2b80  usbscan - ok
20:12:10.0813 0x2b80  [ 87BA6B83C5D19B69160968D07D6E2982, 9E039DF4BBE53CA22A0ACE486B9867F99FFFE086CCAF6A83BD78770E4631F3F8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:12:10.0816 0x2b80  USBSTOR - ok
20:12:10.0835 0x2b80  [ 814D653EFC4D48BE3B04A307ECEFF56F, D73D62F51AEFE2F8F2B938B20107C246F2AC2F62ED49112DBD092A5D2E4024B3 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
20:12:10.0837 0x2b80  usbuhci - ok
20:12:10.0862 0x2b80  [ 032A0ACC3909AE7215D524E29D536797, 51E36ED5953C0880BE508837181925A0F677842E8A5BA98099700E6ED691A783 ] UxSms           C:\Windows\System32\uxsms.dll
20:12:10.0868 0x2b80  UxSms - ok
20:12:10.0897 0x2b80  [ B13BC395B9D6116628F5AF47E0802AC4, 36E023A07E56588A8C26EF95E4F99303659E4783E0D9E8AEF193CA77A7AF91BA ] vds             C:\Windows\System32\vds.exe
20:12:10.0922 0x2b80  vds - ok
20:12:10.0949 0x2b80  [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
20:12:10.0952 0x2b80  vga - ok
20:12:10.0974 0x2b80  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
20:12:10.0977 0x2b80  VgaSave - ok
20:12:11.0006 0x2b80  [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
20:12:11.0021 0x2b80  viaagp - ok
20:12:11.0035 0x2b80  [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
20:12:11.0038 0x2b80  ViaC7 - ok
20:12:11.0054 0x2b80  [ AADF5587A4063F52C2C3FED7887426FC, 0A74791A236FDAFCD045CFB79A159245B94F7C2033E0CD830C1B76F0F994E06D ] viaide          C:\Windows\system32\drivers\viaide.sys
20:12:11.0057 0x2b80  viaide - ok
20:12:11.0072 0x2b80  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:12:11.0075 0x2b80  volmgr - ok
20:12:11.0104 0x2b80  [ 98F5FFE6316BD74E9E2C97206C190196, CA9FA0EE5515D26F9406FF95F728E7F2CC29A8B7C97BC69FC2E95BBC60A2D261 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:12:11.0114 0x2b80  volmgrx - ok
20:12:11.0170 0x2b80  [ D8B4A53DD2769F226B3EB374374987C9, 49314B3E53FBF40A60E272C5B3B79FD1EFABFE1215DA5B030571B4DDF5592896 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:12:11.0176 0x2b80  volsnap - ok
20:12:11.0213 0x2b80  [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
20:12:11.0219 0x2b80  vsmraid - ok
20:12:11.0387 0x2b80  [ D5FB73D19C46ADE183F968E13F186B23, D35432BE4FF462FCEA958CF646D5572B6D78058BC2F1F324C9F50A0B14B02259 ] VSS             C:\Windows\system32\vssvc.exe
20:12:11.0447 0x2b80  VSS - ok
20:12:12.0027 0x2b80  [ A9129F1C74B137B4310F8377DBBB224C, B4CB740BD307A3F4B6A922E5F281E18E547DFBBECEA9881AA7A1AC6B19233687 ] vToolbarUpdater18.0.5 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe
20:12:12.0116 0x2b80  vToolbarUpdater18.0.5 - ok
20:12:12.0156 0x2b80  [ 1CF9206966A8458CDA9A8B20DF8AB7D3, 405D5FE96DA7ED03D4124EF6C692F80E88E5982B90DF46E353E94FFF576A5570 ] W32Time         C:\Windows\system32\w32time.dll
20:12:12.0169 0x2b80  W32Time - ok
20:12:12.0203 0x2b80  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
20:12:12.0206 0x2b80  WacomPen - ok
20:12:12.0234 0x2b80  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
20:12:12.0249 0x2b80  Wanarp - ok
20:12:12.0255 0x2b80  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:12:12.0258 0x2b80  Wanarpv6 - ok
20:12:12.0274 0x2b80  Wave UCSPlus - ok
20:12:12.0360 0x2b80  [ 796FDA916625BE7E5F6CFECE15A81C3A, 6EA247851B411CDF478BF2EEBFB0CA8F4AFD8CCA52B30E0F9AB2FBD2CD4D8162 ] WaveEnrollmentService C:\Program Files\Wave Systems Corp\Authentication Manager\WaveEnrollmentService.exe
20:12:12.0394 0x2b80  WaveEnrollmentService - ok
20:12:12.0442 0x2b80  [ E386D60BDFD1649815607234C17D43DD, ECFB295EC259CAFC35D1B4F488779BE8024CDD1E3EFCC954BDB7E6FB8739C7B3 ] WavxDMgr        C:\Windows\system32\DRIVERS\WavxDMgr.sys
20:12:12.0449 0x2b80  WavxDMgr - ok
20:12:12.0498 0x2b80  [ F0E594DD07B2163DF9F5D5B6B471DDFA, 1F23B34B1B8A081EC3D99E16B036C32B18B9F4D615725BBF474A3B5131F92BCD ] wbengine        C:\Windows\system32\wbengine.exe
20:12:12.0540 0x2b80  wbengine - ok
20:12:12.0570 0x2b80  [ F3A5C2E1A6533192B070D06ECF6BE796, CBA11D9E60A04A0B82C6934A53EA859513CD476FF047DD3D59727B10CE7DB2DA ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:12:12.0595 0x2b80  wcncsvc - ok
20:12:12.0622 0x2b80  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:12:12.0630 0x2b80  WcsPlugInService - ok
20:12:12.0654 0x2b80  [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd              C:\Windows\system32\drivers\wd.sys
20:12:12.0656 0x2b80  Wd - ok
20:12:12.0690 0x2b80  [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96, 6A6EFFDB538DE1E201058A00F3E056F1256E92EED943FBFBCE28E54BE751E33D ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:12:12.0716 0x2b80  Wdf01000 - ok
20:12:12.0731 0x2b80  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:12:12.0738 0x2b80  WdiServiceHost - ok
20:12:12.0756 0x2b80  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:12:12.0762 0x2b80  WdiSystemHost - ok
20:12:12.0784 0x2b80  [ CF9A5F41789B642DB967021DE06A2713, A541F9D87CBDE2A4E48C5D5363736EF603B2701741D3044232474F179884AD7B ] WebClient       C:\Windows\System32\webclnt.dll
20:12:12.0795 0x2b80  WebClient - ok
20:12:12.0826 0x2b80  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:12:12.0835 0x2b80  Wecsvc - ok
20:12:12.0861 0x2b80  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:12:12.0868 0x2b80  wercplsupport - ok
20:12:12.0896 0x2b80  [ FD1965AAA112C6818A30AB02742D0461, 6779D836934412907390DC85FA2A8C3BB1CC31FD4151830275B773FD13CFFBC2 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:12:12.0913 0x2b80  WerSvc - ok
20:12:12.0946 0x2b80  [ 72CC6A8CA7891031D6380DB5025C773C, 33D5021C3A2FE8E9F6E2C22F4777E1D82A6B3998EB857B618A3C8838D3C8B03E ] winachsf        C:\Windows\system32\DRIVERS\HSX_CNXT.sys
20:12:12.0973 0x2b80  winachsf - ok
20:12:13.0032 0x2b80  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
20:12:13.0041 0x2b80  WinDefend - ok
20:12:13.0049 0x2b80  WinHttpAutoProxySvc - ok
20:12:13.0105 0x2b80  [ 00B79A7C984678F24CF052E5BEB3A2F5, 4D8E4394C926D2B1C71613D309F2D62A663B0ADB73A036F5E9E7D1AFF605CA2A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:12:13.0112 0x2b80  Winmgmt - ok
20:12:13.0200 0x2b80  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll
20:12:13.0259 0x2b80  WinRM - ok
20:12:13.0329 0x2b80  [ 275F4346E569DF56CFB95243BD6F6FF0, 9C85246BF99119DBD6E0B5D38F96B8BC00F3C87618D17BC0E0A063A0D9A03440 ] Wlansvc         C:\Windows\System32\wlansvc.dll
20:12:13.0388 0x2b80  Wlansvc - ok
20:12:13.0407 0x2b80  [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
20:12:13.0410 0x2b80  WmiAcpi - ok
20:12:13.0432 0x2b80  [ ABA4CF9F856D9A3A25F4DDD7690A6E9D, 07C1DAF3DA3CDA84FBE4C7576372115FCAAAAFC332F252C03625E53C7F3C6EE5 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:12:13.0437 0x2b80  wmiApSrv - ok
20:12:13.0519 0x2b80  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
20:12:13.0564 0x2b80  WMPNetworkSvc - ok
20:12:13.0604 0x2b80  [ 396D406292B0CD26E3504FFE82784702, 5F9015BB515AC13D4DFE8F4B532352CF2C5B61DEFD3D0D61BCD82C781D36E7AF ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:12:13.0621 0x2b80  WPDBusEnum - ok
20:12:13.0643 0x2b80  [ 0CEC23084B51B8288099EB710224E955, E1AAB1E08E1745313D0A149A645AA878148D2DBE5CCC23C4ECCFC5003945C22B ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
20:12:13.0646 0x2b80  WpdUsb - ok
20:12:13.0759 0x2b80  [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:12:13.0795 0x2b80  WPFFontCache_v0400 - ok
20:12:13.0823 0x2b80  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:12:13.0825 0x2b80  ws2ifsl - ok
20:12:13.0860 0x2b80  [ 683DD16B590372F2C9661D277F35E49C, 29D86389D95256EEF37BA01D403494385015D926E851A39EC7948FF6EF4E8481 ] wscsvc          C:\Windows\system32\wscsvc.dll
20:12:13.0877 0x2b80  wscsvc - ok
20:12:13.0886 0x2b80  WSearch - ok
20:12:14.0022 0x2b80  [ 6298277B73C77FA99106B271A7525163, 9E076697F025167B57D8D66ED0862B184D70324E058BFA36E42D0C6728720B31 ] wuauserv        C:\Windows\system32\wuaueng.dll
20:12:14.0102 0x2b80  wuauserv - ok
20:12:14.0136 0x2b80  [ AC13CB789D93412106B0FB6C7EB2BCB6, 8F5B0BD0CBBAB182A400F8994D4727BC0C978D749B6429A2D41B412AE97428B6 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
20:12:14.0141 0x2b80  WUDFRd - ok
20:12:14.0170 0x2b80  [ 575A4190D989F64732119E4114045A4F, 373C344B106AFDB1E6125A21DFE28CA6CFC77FA87FE904656A4F209DB2ED69C7 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:12:14.0178 0x2b80  wudfsvc - ok
20:12:14.0193 0x2b80  [ DAB33CFA9DD24251AAA389FF36B64D4B, 1C5D7C3D6C3552BDD52EB7E76031746D7DAAF64CA2432CC23329DA72BE7252D0 ] XAudio          C:\Windows\system32\DRIVERS\xaudio.sys
20:12:14.0195 0x2b80  XAudio - ok
20:12:14.0237 0x2b80  [ CD5F291A1161F15896D1A4D63DAFF5DF, 4F30DC454F255249431FCD14DE17858A79A088A4084F2CEDD0CF25382D427285 ] XAudioService   C:\Windows\system32\DRIVERS\xaudio.exe
20:12:14.0249 0x2b80  XAudioService - ok
20:12:14.0266 0x2b80  ================ Scan global ===============================
20:12:14.0288 0x2b80  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
20:12:14.0324 0x2b80  [ F42F8855CB5C22E203C6672B124F17FD, 3A1BBCC916A02CFB5621FD32B336DDACCFBFB4E418B7FA48653DF2FA1CF563A5 ] C:\Windows\system32\winsrv.dll
20:12:14.0362 0x2b80  [ F42F8855CB5C22E203C6672B124F17FD, 3A1BBCC916A02CFB5621FD32B336DDACCFBFB4E418B7FA48653DF2FA1CF563A5 ] C:\Windows\system32\winsrv.dll
20:12:14.0409 0x2b80  [ 2B336AB6286D6C81FA02CBAB914E3C6C, C5ADF6D5BFC00375BA6D0E5D96F36D36ADFBF66325A48358C6317E387FB220EC ] C:\Windows\system32\services.exe
20:12:14.0418 0x2b80  [ Global ] - ok



#15 whistler38

whistler38
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:05 PM

Posted 14 April 2014 - 07:30 PM

Second half of TDDS Killer log:

 

20:12:14.0419 0x2b80  ================ Scan MBR ==================================
20:12:14.0433 0x2b80  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
20:12:15.0092 0x2b80  \Device\Harddisk0\DR0 - ok
20:12:15.0095 0x2b80  ================ Scan VBR ==================================
20:12:15.0117 0x2b80  [ 8BFE622D5E1F64AA70F13C1D89C9F3E6 ] \Device\Harddisk0\DR0\Partition1
20:12:15.0164 0x2b80  \Device\Harddisk0\DR0\Partition1 - ok
20:12:15.0187 0x2b80  [ 077D47B84B65F91EDF3F6128A6B8181A ] \Device\Harddisk0\DR0\Partition2
20:12:15.0271 0x2b80  \Device\Harddisk0\DR0\Partition2 - ok
20:12:15.0272 0x2b80  Waiting for KSN requests completion. In queue: 48
20:12:16.0272 0x2b80  Waiting for KSN requests completion. In queue: 48
20:12:17.0272 0x2b80  Waiting for KSN requests completion. In queue: 48
20:12:18.0332 0x2b80  AV detected via SS2: AVG AntiVirus Free Edition 2014, C:\Program Files\AVG\AVG2014\avgwsc.exe ( 14.0.0.4110 ), 0x41000 ( enabled : updated )
20:12:18.0358 0x2b80  Win FW state via NFP2: enabled
20:12:20.0900 0x2b80  ============================================================
20:12:20.0900 0x2b80  Scan finished
20:12:20.0900 0x2b80  ============================================================
20:12:20.0908 0x2808  Detected object count: 0
20:12:20.0908 0x2808  Actual detected object count: 0
20:14:19.0702 0x258c  ============================================================
20:14:19.0703 0x258c  Scan started
20:14:19.0703 0x258c  Mode: Manual;
20:14:19.0703 0x258c  ============================================================
20:14:19.0703 0x258c  KSN ping started
20:14:33.0289 0x258c  KSN ping finished: true
20:14:33.0877 0x258c  ================ Scan system memory ========================
20:14:33.0877 0x258c  System memory - ok
20:14:33.0878 0x258c  ================ Scan services =============================
20:14:34.0063 0x258c  [ FCB8C7210F0135E24C6580F7F649C73C, 7E5E3D0B4F4BD418E6CC551850C672E1AF347CBB2E665B6F72638786CE5079C5 ] ACPI            C:\Windows\system32\drivers\acpi.sys
20:14:34.0075 0x258c  ACPI - ok
20:14:34.0164 0x258c  [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:14:34.0170 0x258c  AdobeARMservice - ok
20:14:34.0237 0x258c  [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:14:34.0249 0x258c  AdobeFlashPlayerUpdateSvc - ok
20:14:34.0307 0x258c  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
20:14:34.0323 0x258c  adp94xx - ok
20:14:34.0354 0x258c  [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
20:14:34.0360 0x258c  adpahci - ok
20:14:34.0390 0x258c  [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
20:14:34.0393 0x258c  adpu160m - ok
20:14:34.0424 0x258c  [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
20:14:34.0427 0x258c  adpu320 - ok
20:14:34.0460 0x258c  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:14:34.0462 0x258c  AeLookupSvc - ok
20:14:34.0492 0x258c  [ 48EB99503533C27AC6135648E5474457, 344A83008F41AAC3CDFC52EFC4F2EFF441971C58182597D2FBED315B3FC62137 ] AFD             C:\Windows\system32\drivers\afd.sys
20:14:34.0498 0x258c  AFD - ok
20:14:34.0515 0x258c  [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440          C:\Windows\system32\drivers\agp440.sys
20:14:34.0517 0x258c  agp440 - ok
20:14:34.0548 0x258c  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
20:14:34.0551 0x258c  aic78xx - ok
20:14:34.0574 0x258c  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
20:14:34.0576 0x258c  ALG - ok
20:14:34.0596 0x258c  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91, 0EADB6AE21FEDAB55D41F41B638198B556CC2BE2EE57F6C8B40EB044A318319F ] aliide          C:\Windows\system32\drivers\aliide.sys
20:14:34.0597 0x258c  aliide - ok
20:14:34.0625 0x258c  [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
20:14:34.0628 0x258c  amdagp - ok
20:14:34.0650 0x258c  [ 9B78A39A4C173FDBC1321E0DD659B34C, 2CA66EB68AD7A317D91C13B8CFD4E8CA985926A610D19595B613F5553B145C7B ] amdide          C:\Windows\system32\drivers\amdide.sys
20:14:34.0651 0x258c  amdide - ok
20:14:34.0666 0x258c  [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
20:14:34.0668 0x258c  AmdK7 - ok
20:14:34.0682 0x258c  [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
20:14:34.0685 0x258c  AmdK8 - ok
20:14:34.0711 0x258c  [ 587CA72709DD93942422F40A9B046DD8, 40EBBBB442E508A3F2B2A4D9D8D6DDC4C9943F074D426CEDBDD73DA84C4CB9E9 ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
20:14:34.0715 0x258c  ApfiltrService - ok
20:14:34.0727 0x258c  [ C6D704C7F0434DC791AAC37CAC4B6E14, 35CF7D1895F97637E0C678A39F3049B871BCA9526D379C7793ED33B87D2EAC4C ] Appinfo         C:\Windows\System32\appinfo.dll
20:14:34.0729 0x258c  Appinfo - ok
20:14:34.0785 0x258c  [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:14:34.0789 0x258c  Apple Mobile Device - ok
20:14:34.0818 0x258c  [ C56DED3FE618C8BAE1AAAF4E801CCB3E, 342E9A6E07E7A14C72097A612E6968E8C0CFBBF8FA310DCA7C6CC1711061AE9D ] AppMgmt         C:\Windows\System32\appmgmts.dll
20:14:34.0822 0x258c  AppMgmt - ok
20:14:34.0854 0x258c  [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc             C:\Windows\system32\drivers\arc.sys
20:14:34.0857 0x258c  arc - ok
20:14:34.0871 0x258c  [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
20:14:34.0874 0x258c  arcsas - ok
20:14:34.0902 0x258c  [ 7591238EBF7DD1FD13B353C382227DC3, 905AE64D7BC1EDD78BE4C99D859B2ACB80A293D58C741D3F2CD1BD42E3C90316 ] ASFIPmon        C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
20:14:34.0906 0x258c  ASFIPmon - ok
20:14:34.0918 0x258c  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:14:34.0920 0x258c  AsyncMac - ok
20:14:34.0928 0x258c  [ 2D9C903DC76A66813D350A562DE40ED9, 82609F01A08C6842E4C17C077BB641C1429C0E6657964B7F2D114035E1BDCBF3 ] atapi           C:\Windows\system32\drivers\atapi.sys
20:14:34.0929 0x258c  atapi - ok
20:14:34.0964 0x258c  [ 42076E29AAFA0830A2C5D4E310F58DD1, 13BB794C09BB602AECF53DB8147677159DC154E994FFEAE89C0298BD65FA9C7B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:14:34.0971 0x258c  AudioEndpointBuilder - ok
20:14:34.0982 0x258c  [ 42076E29AAFA0830A2C5D4E310F58DD1, 13BB794C09BB602AECF53DB8147677159DC154E994FFEAE89C0298BD65FA9C7B ] Audiosrv        C:\Windows\System32\Audiosrv.dll
20:14:34.0989 0x258c  Audiosrv - ok
20:14:35.0017 0x258c  [ B4A79941AB02993E43A6C2248CE932FD, 250A4F35CC366FA65A918C9EDDA1E278CA20AC77412EDAD716A2BB1BF07DB7B8 ] Avgdiskx        C:\Windows\system32\DRIVERS\avgdiskx.sys
20:14:35.0020 0x258c  Avgdiskx - ok
20:14:35.0413 0x258c  [ 9D5EA7BD5E29F404CD158AED17B40A15, BC38F90AD8BBB51C27D9D325E400DF10B8A8BE34A497A7207F2E73E46E9AB3EE ] AVGIDSAgent     C:\Program Files\AVG\AVG2014\avgidsagent.exe
20:14:35.0491 0x258c  AVGIDSAgent - ok
20:14:35.0538 0x258c  [ 92CA68E3361576420C43FC33C47DECF7, 33C566F5327737CA1EFBFC5369372AED088A103CE18CDD352D10DDF2841A40A2 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdriverx.sys
20:14:35.0543 0x258c  AVGIDSDriver - ok
20:14:35.0571 0x258c  [ 4D792ED58F49235704E580C34391CFF5, 368B882052B75B6FE147A3EC0873A50FC6A9E96E8298EAA50186FD259FEE5E34 ] AVGIDSHX        C:\Windows\system32\DRIVERS\avgidshx.sys
20:14:35.0575 0x258c  AVGIDSHX - ok
20:14:35.0588 0x258c  [ 18B3FFED808F032E037ED7F54A838053, 488FBA275B7B0B97E4372EA1BDFBB53238B0BF201DF004CC8FCDA82A0A0105DD ] AVGIDSShim      C:\Windows\system32\DRIVERS\avgidsshimx.sys
20:14:35.0589 0x258c  AVGIDSShim - ok
20:14:35.0606 0x258c  [ 578ECC3D911897B2C5B760EDAF8ED6CA, 99CAACB349C8629D4BE6070BDBFB0BDB4A13ABFFF738F04D723D2AFE7EA58894 ] Avgldx86        C:\Windows\system32\DRIVERS\avgldx86.sys
20:14:35.0610 0x258c  Avgldx86 - ok
20:14:35.0635 0x258c  [ BD1A440B9F126AFE52978A44952B0018, 83577249AACC3F0C655C27A471739113B2086BFC1FF15D0ED7E64B0215B739DB ] Avglogx         C:\Windows\system32\DRIVERS\avglogx.sys
20:14:35.0641 0x258c  Avglogx - ok
20:14:35.0661 0x258c  [ 7DC192EC714342E7C020C7CF42E394D8, 09F4CFFD93067E62B09C550A7A0588E90CAD190E49E1B7082FC5A949AF389781 ] Avgmfx86        C:\Windows\system32\DRIVERS\avgmfx86.sys
20:14:35.0664 0x258c  Avgmfx86 - ok
20:14:35.0700 0x258c  [ E6322DF686CE1C59D7797FAEF0732454, 03534F19568B421F9BE9C99A7A5302D38FCABA26E95C49A492DA49E58A918B55 ] Avgrkx86        C:\Windows\system32\DRIVERS\avgrkx86.sys
20:14:35.0702 0x258c  Avgrkx86 - ok
20:14:35.0721 0x258c  [ E98603F9D1F412F38ADF2F76053F9E5A, 1CE4668E0202ADD8C4C3D7D883DC837F7888F5D6E3B6FEE8338E15A86FE6AC22 ] Avgtdix         C:\Windows\system32\DRIVERS\avgtdix.sys
20:14:35.0725 0x258c  Avgtdix - ok
20:14:35.0747 0x258c  [ 06AEB065AC25A2CFF80E1DF0303EC55B, EE913D669741B3F844AFEEFCF232D2D2C94081BCB39F79D81D7A7133DBC57252 ] avgtp           C:\Windows\system32\drivers\avgtpx86.sys
20:14:35.0749 0x258c  avgtp - ok
20:14:35.0787 0x258c  [ B747B6BB015E552F49C634BB19540F3D, 5000AD41BD101BC06D595484B6E58DEEBB962939ACF4B24DE515771D1C4AE3ED ] avgwd           C:\Program Files\AVG\AVG2014\avgwdsvc.exe
20:14:35.0795 0x258c  avgwd - ok
20:14:35.0826 0x258c  [ 0B92CCF7BFCBE2B33838434F2F50CB61, 021FE5FA53F9208A19B737D1F8F3ED835BB68CE23E4EEDB2CB4F3E433985F9B6 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
20:14:35.0830 0x258c  b57nd60x - ok
20:14:35.0842 0x258c  [ 5C68AC6F3E5B3E6D6A78E97D05E42C3A, D783A4094F338CA0BB4E04EC918B157DDDE21291D58508A17BB6359893841340 ] BASFND          C:\Program Files\Broadcom\ASFIPMon\BASFND.sys
20:14:35.0844 0x258c  BASFND - ok
20:14:35.0865 0x258c  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:14:35.0867 0x258c  Beep - ok
20:14:35.0901 0x258c  [ 8582E233C346AEFE759833E8A30DD697, 2B0A4FB7F0C3256A5003821634DFA04BA8C3FBB46E942E8BC5D114AF8D1E5354 ] BFE             C:\Windows\System32\bfe.dll
20:14:35.0908 0x258c  BFE - ok
20:14:35.0961 0x258c  [ 02ED7B4DBC2A3232A389106DA7515C3D, 0DFCD03CB967D1A980D56124603F353DC1D800E3A5E436EEE95C65FDE17398CF ] BITS            C:\Windows\System32\qmgr.dll
20:14:35.0981 0x258c  BITS - ok
20:14:36.0002 0x258c  [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
20:14:36.0004 0x258c  blbdrive - ok
20:14:36.0064 0x258c  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:14:36.0072 0x258c  Bonjour Service - ok
20:14:36.0099 0x258c  [ 8153396D5551276227FA146900F734E6, 0AE06774162D542D9E95246B7112A40D7C463EF331B4F56C9CF8AD99A0341E38 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:14:36.0101 0x258c  bowser - ok
20:14:36.0120 0x258c  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
20:14:36.0122 0x258c  BrFiltLo - ok
20:14:36.0143 0x258c  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
20:14:36.0145 0x258c  BrFiltUp - ok
20:14:36.0180 0x258c  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
20:14:36.0184 0x258c  Browser - ok
20:14:36.0198 0x258c  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
20:14:36.0201 0x258c  Brserid - ok
20:14:36.0211 0x258c  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
20:14:36.0214 0x258c  BrSerWdm - ok
20:14:36.0237 0x258c  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
20:14:36.0239 0x258c  BrUsbMdm - ok
20:14:36.0252 0x258c  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
20:14:36.0254 0x258c  BrUsbSer - ok
20:14:36.0283 0x258c  [ E5145A9DEC2A863DE262D40EFF7D793A, 020BC017E776D8957BFC303380047AF37F6EEEC0BCDE1214AE59EDB3102B0533 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
20:14:36.0285 0x258c  BthEnum - ok
20:14:36.0293 0x258c  [ 43C96C1AC278BC22E7799C23405635A0, E7894CEE3E2F87707963A01FB271C3E2508AE92854D0F411C266C239E652ED81 ] BTHFILT         C:\Windows\system32\DRIVERS\BthFilt.sys
20:14:36.0295 0x258c  BTHFILT - ok
20:14:36.0343 0x258c  [ D8ABBCB42C550FD3A29DEC6DAABD0A87, 297B7390963B78EBC166668E1D110983CA5A4F071027CA07EA48997F7EA5FD9C ] BthFilterHelper C:\Program Files\CSR\Vista Profile Pack\BthFilterHelper.exe
20:14:36.0348 0x258c  BthFilterHelper - ok
20:14:36.0375 0x258c  [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
20:14:36.0377 0x258c  BTHMODEM - ok
20:14:36.0411 0x258c  [ 5904EFA25F829BF84EA6FB045134A1D8, 66E4160CC404744576BA6E9DD606B533F42B3D4A3E2FDD457DAA016CC72A81CC ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
20:14:36.0415 0x258c  BthPan - ok
20:14:36.0436 0x258c  [ 9F299C5274672900591E7C616D725F56, 825A423AF1630D3D93E9FC8624D3DAE06B61E183DDD636C673F191806483DFFF ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
20:14:36.0443 0x258c  BTHPORT - ok
20:14:36.0485 0x258c  [ 58EE7F5E68310BC8D4E7CEBD8358C12E, 2EBA4A861E2C2AA56016DD8F5AE7C969BF515EF1B3E153F97F1E48E0983F17BB ] BthServ         C:\Windows\System32\bthserv.dll
20:14:36.0488 0x258c  BthServ - ok
20:14:36.0503 0x258c  [ 31C9453DF130B4B89EAFCDC97319CCC2, 204FC25D87C12C8DBD9E502D55E60B970B25A94EDF90DF43570A3BFEE74905D5 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
20:14:36.0506 0x258c  BTHUSB - ok
20:14:36.0539 0x258c  [ 248DFA5762DDE38DFDDBBD44149E9D7A, D696D5698B7B5B331A6ED39172015349685450D10F63B1E4D4112199198FA5C7 ] BVRPMPR5        C:\Windows\system32\drivers\BVRPMPR5.SYS
20:14:36.0542 0x258c  BVRPMPR5 - ok
20:14:36.0553 0x258c  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:14:36.0556 0x258c  cdfs - ok
20:14:36.0572 0x258c  [ 1EC25CEA0DE6AC4718BF89F9E1778B57, 019E12C30E7A395259F3906EC55AFF86949CFDBB443060208C8B91B9EB7F9FB7 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
20:14:36.0575 0x258c  cdrom - ok
20:14:36.0582 0x258c  [ 87C2D0377B23E2D8A41093C2F5FB1A5B, 94725CD764318461A1163FCD1B507B92490C5F52CB5089E6C7245FD91F2D1D05 ] CertPropSvc     C:\Windows\System32\certprop.dll
20:14:36.0585 0x258c  CertPropSvc - ok
20:14:36.0629 0x258c  [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass        C:\Windows\system32\drivers\circlass.sys
20:14:36.0632 0x258c  circlass - ok
20:14:36.0668 0x258c  [ 465745561C832B29F7C48B488AAB3842, B631C61FBF6E2641FED7C4CFC1B179D19143B04CF76DCF48A9C7582E756FFD8C ] CLFS            C:\Windows\system32\CLFS.sys
20:14:36.0678 0x258c  CLFS - ok
20:14:36.0724 0x258c  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:14:36.0728 0x258c  clr_optimization_v2.0.50727_32 - ok
20:14:36.0788 0x258c  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:14:36.0794 0x258c  clr_optimization_v4.0.30319_32 - ok
20:14:36.0819 0x258c  [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
20:14:36.0821 0x258c  CmBatt - ok
20:14:36.0855 0x258c  [ 0CA25E686A4928484E9FDABD168AB629, C2CB2333CAB40CDF93219870E66700F957188C86A1B1A004BC4652953091E5C5 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
20:14:36.0857 0x258c  cmdide - ok
20:14:36.0885 0x258c  [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
20:14:36.0887 0x258c  Compbatt - ok
20:14:36.0893 0x258c  COMSysApp - ok
20:14:36.0908 0x258c  [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
20:14:36.0911 0x258c  crcdisk - ok
20:14:36.0933 0x258c  [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
20:14:36.0936 0x258c  Crusoe - ok
20:14:36.0973 0x258c  [ 6DE363F9F99334514C46AEC02D3E3678, FF403B8A4D7D6B3D2F23E2711D1353CFB0C748AD7D7927CF5DFBD99CD169D826 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:14:36.0981 0x258c  CryptSvc - ok
20:14:37.0017 0x258c  [ 9A5434125C3DFE42393DE4BBB791BD19, 29BEE511299FD95B41489721E73677A71AB264E537A16A287253A8FEFC9CB4C8 ] CSC             C:\Windows\system32\drivers\csc.sys
20:14:37.0032 0x258c  CSC - ok
20:14:37.0082 0x258c  [ CB1D480676229A09EEF1DD4D23C5EDF3, BD11777709F67294D79AE644C5572BC34DA364C306FECA9352FCB8539E121D8E ] CscService      C:\Windows\System32\cscsvc.dll
20:14:37.0103 0x258c  CscService - ok
20:14:37.0132 0x258c  [ 8E1945984E147562F9F08E1D344A69CC, 2848787EA71B54E5D9EBE2D8B3F7F37986157AC3483FA4970144117C4DA7EBC3 ] CSRBC           C:\Windows\system32\Drivers\csrbcxp.sys
20:14:37.0135 0x258c  CSRBC - ok
20:14:37.0178 0x258c  [ F7D785BA9D167BDB0B9B19F79B220ACA, 9F94811FD2130FAA8A3BB78E6B81C64690DD01ECC70CE600FBA306A9CADC8DEE ] DCamUSBEMPIA    C:\Windows\system32\DRIVERS\emDevice.sys
20:14:37.0186 0x258c  DCamUSBEMPIA - ok
20:14:37.0264 0x258c  [ 301AE00E12408650BADDC04DBC832830, 405A392B83942A17F1EB78943C3A3046B5451EA8CB0082A53571CCC0609275A2 ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:14:37.0294 0x258c  DcomLaunch - ok
20:14:37.0318 0x258c  [ A3E9FA213F443AC77C7746119D13FEEC, 479B349BFC811D20572C09C4A2228C3880F8F3B4B4BA5F4E56600C7EF583DE7B ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:14:37.0323 0x258c  DfsC - ok
20:14:37.0429 0x258c  [ FA3463F25F9CC9C3BCF1E7912FEFF099, 8CFA0F1DFD975ED877B303EB55BE52B0B1EC2B20FEC36820121A0F5E046E0032 ] DFSR            C:\Windows\system32\DFSR.exe
20:14:37.0470 0x258c  DFSR - ok
20:14:37.0509 0x258c  [ 43A988A9C10333476CB5FB667CBD629D, 7E0DD57E75A50E3671673876631A1E66A4AC16810418BEC1AC2143DFD331F389 ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
20:14:37.0515 0x258c  Dhcp - ok
20:14:37.0533 0x258c  [ 64109E623ABD6955C8FB110B592E68B7, 964F456EF44F9AE836B8CAB438FEB18303B2548A2B7D85FEBD72F4F80127B0EE ] disk            C:\Windows\system32\drivers\disk.sys
20:14:37.0535 0x258c  disk - ok
20:14:37.0568 0x258c  [ 4805D9A6D281C7A7DEFD9094DEC6AF7D, 473A5F1C4E795BD6B6DDB32ECB04BA8BF238AA5FBC67FC5D8D8F749464ED0AE9 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:14:37.0571 0x258c  Dnscache - ok
20:14:37.0589 0x258c  [ 5AF620A08C614E24206B79E8153CF1A8, 5BB32FF3C9A5C51C2773F0ECF9647749667F4678EF3C75FEB4420EC6C805913E ] dot3svc         C:\Windows\System32\dot3svc.dll
20:14:37.0594 0x258c  dot3svc - ok
20:14:37.0619 0x258c  [ 4F59C172C094E1A1D46463A8DC061CBD, CE09A4ED1F8BA6242E152C384AFF5C3C95FBB8556DAE23765272F13BF158D8F9 ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
20:14:37.0623 0x258c  Dot4 - ok
20:14:37.0634 0x258c  [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5, 69BB5B07D03FA9F28591012F2AA4A583D3F086644C136D63A56D1A827121CC19 ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
20:14:37.0635 0x258c  Dot4Print - ok
20:14:37.0648 0x258c  [ C55004CA6B419B6695970DFE849B122F, 6E0C4A9E24DD09E9389E097AF63E7F5040A0658DDCEBBE963968B7118CFE9AB8 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
20:14:37.0650 0x258c  dot4usb - ok
20:14:37.0666 0x258c  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
20:14:37.0671 0x258c  DPS - ok
20:14:37.0700 0x258c  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:14:37.0702 0x258c  drmkaud - ok
20:14:37.0749 0x258c  [ 85F33880B8CFB554BD3D9CCDB486845A, 2D120F94800AEB886D4BA2A45FE2454EBB1FAC3E57BDE552737EBDE7EF8899CF ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:14:37.0762 0x258c  DXGKrnl - ok
20:14:37.0792 0x258c  [ 908ED85B7806E8AF3AF5E9B74F7809D4, 9A763D247035578A946094D2C1CE8204E6EDFFD7237C7BF2058B5F4ECC0306E0 ] e1express       C:\Windows\system32\DRIVERS\e1e6032.sys
20:14:37.0798 0x258c  e1express - ok
20:14:37.0815 0x258c  [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
20:14:37.0818 0x258c  E1G60 - ok
20:14:37.0848 0x258c  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
20:14:37.0852 0x258c  EapHost - ok
20:14:37.0869 0x258c  [ DD2CD259D83D8B72C02C5F2331FF9D68, 07E758A414442FEAFE55FB28842D960971553DB16C31D5791FDD0843CBF5E2B4 ] Ecache          C:\Windows\system32\drivers\ecache.sys
20:14:37.0873 0x258c  Ecache - ok
20:14:37.0902 0x258c  [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
20:14:37.0919 0x258c  elxstor - ok
20:14:37.0963 0x258c  [ 70B1A86DF0C8EAD17D2BC332EDAE2C7C, 80385AC32CE8388F06341AA4A880F68E0EB5815CCCA5CF8E799846F472DCE360 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
20:14:37.0989 0x258c  EMDMgmt - ok
20:14:38.0002 0x258c  [ 3DB974F3935483555D7148663F726C61, C288CFC04213B0340ABEC752C0A7B308B29122B5F51E68387BA1D9E9D7166FDD ] ErrDev          C:\Windows\system32\drivers\errdev.sys
20:14:38.0004 0x258c  ErrDev - ok
20:14:38.0044 0x258c  [ 3CB3343D720168B575133A0A20DC2465, B356938AC3D9CE833A2C0EBFAA548CDB6B68BEDDB2CCA80222E508BD978FB26B ] EventSystem     C:\Windows\system32\es.dll
20:14:38.0053 0x258c  EventSystem - ok
20:14:38.0128 0x258c  [ E71B03FF6B819AE1A286AA27E956D523, DE0FA75125A2BD33F422C49E258B4BE0BC44EA4D8A28303A902FDCDBC6D808F2 ] EvtEng          C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
20:14:38.0162 0x258c  EvtEng - ok
20:14:38.0185 0x258c  [ 0D858EB20589A34EFB25695ACAA6AA2D, E5C891D8971173D78194176CB38C0D62C1245C71E04DD94EC742A69C2925F843 ] exfat           C:\Windows\system32\drivers\exfat.sys
20:14:38.0191 0x258c  exfat - ok
20:14:38.0207 0x258c  [ 3C489390C2E2064563727752AF8EAB9E, BF528F6D4718AC160C103FD89496C6B7BABED7A17A6BD4222D684AF22FE21A49 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:14:38.0213 0x258c  fastfat - ok
20:14:38.0253 0x258c  [ DFBA0F60FA301E5B1BFB1403A93EE23E, 727A01AA77BFD6B6FEB394A4C4CCBDB785987A1904F8EED3739A5F6D03C15965 ] Fax             C:\Windows\system32\fxssvc.exe
20:14:38.0286 0x258c  Fax - ok
20:14:38.0314 0x258c  [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
20:14:38.0317 0x258c  fdc - ok
20:14:38.0344 0x258c  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
20:14:38.0348 0x258c  fdPHost - ok
20:14:38.0377 0x258c  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
20:14:38.0386 0x258c  FDResPub - ok
20:14:38.0395 0x258c  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:14:38.0399 0x258c  FileInfo - ok
20:14:38.0417 0x258c  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:14:38.0420 0x258c  Filetrace - ok
20:14:38.0449 0x258c  [ A752BD7638457A53C9DCD5BE1598B3B2, 34058869996E81D98F074427C20D1BBC58FC4969902194B0260F3BDCE4A84AD4 ] FiltUSBEMPIA    C:\Windows\system32\DRIVERS\emFilter.sys
20:14:38.0451 0x258c  FiltUSBEMPIA - ok
20:14:38.0464 0x258c  [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
20:14:38.0466 0x258c  flpydisk - ok
20:14:38.0477 0x258c  [ 05EA53AFE985443011E36DAB07343B46, E033C1C218E9B0D22B63E1B927D7BBE331B59814F26952B68BEDC914EF881E55 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:14:38.0484 0x258c  FltMgr - ok
20:14:38.0547 0x258c  [ C9BE08664611DDAF98E2331E9288B00B, C645DDAB5FD588486553DF2DD5750AF5A967FEE988F4EB29E05362E3362DF4A2 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:14:38.0552 0x258c  FontCache3.0.0.0 - ok
20:14:38.0576 0x258c  [ 65EA8B77B5851854F0C55C43FA51A198, 150BE6C195094DBEAC4FD73CC1C31FF59B77A73944574E244D280EE2DE69DC2F ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:14:38.0578 0x258c  Fs_Rec - ok
20:14:38.0605 0x258c  [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
20:14:38.0609 0x258c  gagp30kx - ok
20:14:38.0638 0x258c  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:14:38.0641 0x258c  GEARAspiWDM - ok
20:14:38.0696 0x258c  [ D9F1113D9401185245573350712F92FC, 7D8E96B61D7FC1FCC7D70A19DB725BCEA78FE94F3D7AFBB1202771D530A628B7 ] gpsvc           C:\Windows\System32\gpsvc.dll
20:14:38.0731 0x258c  gpsvc - ok
20:14:38.0761 0x258c  [ 7031A936832967A93B0E5D5F1C76745A, D8CDCFC1A82E2DFBECD6F7561BB6BD5F5CBFC7A636B7684DEB86FBC9F2D929E0 ] guardian2       C:\Windows\system32\Drivers\oz776.sys
20:14:38.0766 0x258c  guardian2 - ok
20:14:38.0811 0x258c  [ CC839E8D766CC31A7710C9F38CF3E375, 327D57F18B4A2D1CB06C5682D3364097ECD3CF40C2719AA1F41D0B49A26003E4 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
20:14:38.0828 0x258c  gusvc - ok
20:14:38.0855 0x258c  [ C87B1EE051C0464491C1A7B03FA0BC99, 0EF498A7D37A454E8B6DB1BE3C0EADA648B51B34A2BB553171E766463E54EE90 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
20:14:38.0860 0x258c  HDAudBus - ok
20:14:38.0888 0x258c  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
20:14:38.0893 0x258c  HidBth - ok
20:14:38.0914 0x258c  [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys
20:14:38.0918 0x258c  HidIr - ok
20:14:38.0946 0x258c  [ 8FA640195279ACE21BEA91396A0054FC, 20541E5FA29B3FBD8824F3DF93C7D63AFEE56948F82FFDE20E9E87F5C0A3A789 ] hidserv         C:\Windows\System32\hidserv.dll
20:14:38.0952 0x258c  hidserv - ok
20:14:38.0969 0x258c  [ 854CA287AB7FAF949617A788306D967E, 8C0BC3727C07634FAD35C7184C72B6D48D428F35E612257A833F00CACF4AAB5D ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
20:14:38.0972 0x258c  HidUsb - ok
20:14:39.0005 0x258c  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:14:39.0014 0x258c  hkmsvc - ok
20:14:39.0044 0x258c  [ 16EE7B23A009E00D835CDB79574A91A6, 964AFE7D2F7E48C7DE7FDAB48F57ADC4AD44A0B2A9A03071E0E8D334007E5572 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
20:14:39.0048 0x258c  HpCISSs - ok
20:14:39.0140 0x258c  [ F50F7984FDD151EDD8A70A8DBD9E2A44, 45E7ECA40298B233D124993D6C9D4FBBF05E9A843F4DE089317342B3D8A83696 ] hpqcxs08        C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
20:14:39.0154 0x258c  hpqcxs08 - ok
20:14:39.0177 0x258c  [ DF446BA625CC441617843E87798CE048, B45C11EEA7EA792DE82E9BB283B9DCF30F891AAB8366075856BD84D10BCBCCD3 ] hpqddsvc        C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
20:14:39.0193 0x258c  hpqddsvc - ok
20:14:39.0278 0x258c  [ 99F85640054BA65190B860D878A7C9AE, CE87323FFA4A74EA721A5E7CA6F233C54F21C2C1C6BF7DE84049CE7CEB0741AE ] HSF_DPV         C:\Windows\system32\DRIVERS\HSX_DPV.sys
20:14:39.0338 0x258c  HSF_DPV - ok
20:14:39.0357 0x258c  [ CFBC2B81972E298F0E19EE68FA9E73DA, F149EE69F7300494329A5609ACC2D2F4A6D2F681CD368E7DA43C4D768D5B6C64 ] HSXHWAZL        C:\Windows\system32\DRIVERS\HSXHWAZL.sys
20:14:39.0364 0x258c  HSXHWAZL - ok
20:14:39.0398 0x258c  [ 96E241624C71211A79C84F50A8E71CAB, EB6E679218B781F67FBFF4EB12DDE44769ACA7EA3F83A4404A073EA89C902C25 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:14:39.0411 0x258c  HTTP - ok
20:14:39.0430 0x258c  [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
20:14:39.0433 0x258c  i2omp - ok
20:14:39.0454 0x258c  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
20:14:39.0457 0x258c  i8042prt - ok
20:14:39.0501 0x258c  [ 582F2D900A3AC34C98FBDC2C0ABEF6B9, 2B3879F89A8626FA560E6879F0E5B2AC4804C934EEA68B425A395D1114E64C4D ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
20:14:39.0512 0x258c  IAANTMON - ok
20:14:39.0551 0x258c  [ FD7F9D74C2B35DBDA400804A3F5ED5D8, 93BAEE15428E9B3FF2D5F7EE156697EA8C24E176C3A8E56D1B1AFF4E541867E4 ] iaStor          C:\Windows\system32\drivers\iastor.sys
20:14:39.0557 0x258c  iaStor - ok
20:14:39.0579 0x258c  [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
20:14:39.0596 0x258c  iaStorV - ok
20:14:39.0665 0x258c  [ 7B630ACAED64FEF0C3E1CF255CB56686, 9DCC6953BC6EF77C3916F8AA226CEC0662513A23AB60E9F714D53746E82FB372 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:14:39.0715 0x258c  idsvc - ok
20:14:39.0819 0x258c  [ C134E69CE901422D1F2D7EA8D69098FE, 38D7AB6C85C0BCE34B8F52DDBD6F0371DF551003DF6BAE20A2AB1D1349128890 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
20:14:39.0895 0x258c  igfx - ok
20:14:39.0924 0x258c  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
20:14:39.0926 0x258c  iirsp - ok
20:14:39.0963 0x258c  [ A3BC480A2BF8AA8E4DABD2D5DCE0AFAC, ED795B07B38EDBB2850384EDFA04C85539D4D22A7AAB8981C83C84E2EAB5976F ] IKEEXT          C:\Windows\System32\ikeext.dll
20:14:39.0978 0x258c  IKEEXT - ok
20:14:39.0991 0x258c  [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
20:14:39.0993 0x258c  intelide - ok
20:14:40.0002 0x258c  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
20:14:40.0005 0x258c  intelppm - ok
20:14:40.0017 0x258c  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
20:14:40.0023 0x258c  IPBusEnum - ok
20:14:40.0029 0x258c  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:14:40.0031 0x258c  IpFilterDriver - ok
20:14:40.0061 0x258c  [ 6A35D233693EDC29A12742049BC5E37F, 77275407105492A11CDC232E72C8183F0DFD28F8B9AD2A24AAABDB246F14D38F ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:14:40.0071 0x258c  iphlpsvc - ok
20:14:40.0077 0x258c  IpInIp - ok
20:14:40.0100 0x258c  [ B25AAF203552B7B3491139D582B39AD1, EA9C38F512F40FF12975A6719E6FE4D7EA93A4B2497103E0FDA5A4CD6033C0A6 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
20:14:40.0103 0x258c  IPMIDRV - ok
20:14:40.0125 0x258c  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
20:14:40.0130 0x258c  IPNAT - ok
20:14:40.0184 0x258c  [ C00149A7027081539A66DC5A46695EAD, 51F01CD6B37BA52B3D4DC9CAE3A9FBDDB2FA6FB6A9E779C9157BB056CEC3BEC9 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
20:14:40.0209 0x258c  iPod Service - ok
20:14:40.0231 0x258c  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:14:40.0233 0x258c  IRENUM - ok
20:14:40.0256 0x258c  [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:14:40.0259 0x258c  isapnp - ok
20:14:40.0310 0x258c  [ F247EEC28317F6C739C16DE420097301, 0F4BE16BB0630DFE2256F70C94D4363B7B71F02F7F6597E7CAE28A3EFEA7BCAD ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
20:14:40.0326 0x258c  iScsiPrt - ok
20:14:40.0343 0x258c  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
20:14:40.0346 0x258c  iteatapi - ok
20:14:40.0369 0x258c  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
20:14:40.0372 0x258c  iteraid - ok
20:14:40.0389 0x258c  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
20:14:40.0392 0x258c  kbdclass - ok
20:14:40.0413 0x258c  [ 18247836959BA67E3511B62846B9C2E0, 9623FF990A1C11A707C358CC9FDD4306C2992A8C766A50DAFC9534A283AA011D ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
20:14:40.0415 0x258c  kbdhid - ok
20:14:40.0445 0x258c  [ A911ECAC81F94ADEAFBE8E3F7873EDB0, 5FC9667F306E16722A46FABCA8FB9C8E7AC24768B9D8415B03F45567F90B8438 ] KeyIso          C:\Windows\system32\lsass.exe
20:14:40.0450 0x258c  KeyIso - ok
20:14:40.0490 0x258c  [ 7A0CF7908B6824D6A2A1D313E5AE3DCA, 903CF1169D984BBDAE114827D82D5CCC88C2BC7CAEE6BB3A299E2572B0751BB6 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:14:40.0506 0x258c  KSecDD - ok
20:14:40.0553 0x258c  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:14:40.0580 0x258c  KtmRm - ok
20:14:40.0617 0x258c  [ 1925E63C91CF1610AE41BFD539062079, C25438D19D51B76A8E4C5F3A5D41C76197321166CB37E224217993A4466EBEF9 ] LanmanServer    C:\Windows\System32\srvsvc.dll
20:14:40.0634 0x258c  LanmanServer - ok
20:14:40.0676 0x258c  [ 2AE2E1628C5D3F1C0A46A67C9FA1DF15, 7B1FAC42B9EA73A8C4E812F8F729EB882BDFD04D2E68FE354CFD6B8379A46D14 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:14:40.0702 0x258c  LanmanWorkstation - ok
20:14:40.0738 0x258c  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:14:40.0741 0x258c  lltdio - ok
20:14:40.0770 0x258c  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:14:40.0778 0x258c  lltdsvc - ok
20:14:40.0794 0x258c  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:14:40.0799 0x258c  lmhosts - ok
20:14:40.0814 0x258c  [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
20:14:40.0818 0x258c  LSI_FC - ok
20:14:40.0842 0x258c  [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
20:14:40.0846 0x258c  LSI_SAS - ok
20:14:40.0866 0x258c  [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
20:14:40.0870 0x258c  LSI_SCSI - ok
20:14:40.0893 0x258c  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
20:14:40.0897 0x258c  luafv - ok
20:14:40.0927 0x258c  [ 3B4C137E2CA87CF773204653A80B5BE9, D774945037F7A39EB23392DCCF4B52BDE03134C8D457EB9DDFE761B3B8C3D0D9 ] mbamchameleon   C:\Windows\system32\drivers\mbamchameleon.sys
20:14:40.0930 0x258c  mbamchameleon - ok
20:14:40.0958 0x258c  [ 0CEA2D0D3FA284B85ED5B68365114F76, E6FF0EC98FDC3F628438B613C356C237E68686E3B5B17A58A60C16F4B9A2B968 ] mdmxsdk         C:\Windows\system32\DRIVERS\mdmxsdk.sys
20:14:40.0960 0x258c  mdmxsdk - ok
20:14:40.0981 0x258c  [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas         C:\Windows\system32\drivers\megasas.sys
20:14:40.0984 0x258c  megasas - ok
20:14:41.0017 0x258c  [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
20:14:41.0033 0x258c  MegaSR - ok
20:14:41.0095 0x258c  Microsoft SharePoint Workspace Audit Service - ok
20:14:41.0120 0x258c  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
20:14:41.0125 0x258c  MMCSS - ok
20:14:41.0139 0x258c  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
20:14:41.0142 0x258c  Modem - ok
20:14:41.0165 0x258c  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
20:14:41.0168 0x258c  monitor - ok
20:14:41.0197 0x258c  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
20:14:41.0199 0x258c  mouclass - ok
20:14:41.0217 0x258c  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
20:14:41.0221 0x258c  mouhid - ok
20:14:41.0272 0x258c  [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
20:14:41.0275 0x258c  MountMgr - ok
20:14:41.0315 0x258c  [ AEE4E9CC59CDEB55B1ECB0E596E796BE, 674F6F38D86D238AFD6223E03A862F8B43DD8499FBC2D4B7A04E510EC5EACF3B ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:14:41.0320 0x258c  MozillaMaintenance - ok
20:14:41.0348 0x258c  [ 511D011289755DD9F9A7579FB0B064E6, 1FD0D0D5B6E08FE06F7A5D0821BCD859B0F98A6DEA58AAB7FB6C95B64212FFC8 ] mpio            C:\Windows\system32\drivers\mpio.sys
20:14:41.0353 0x258c  mpio - ok
20:14:41.0373 0x258c  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:14:41.0376 0x258c  mpsdrv - ok
20:14:41.0415 0x258c  [ D1639BA315B0D79DEC49A4B0E1FB929B, 96420572029217FDD78CD286A022EB5F8BAB76EE30F75E48CD69AEE1A4846B53 ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:14:41.0433 0x258c  MpsSvc - ok
20:14:41.0457 0x258c  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
20:14:41.0460 0x258c  Mraid35x - ok
20:14:41.0504 0x258c  [ AE3DE84536B6799D2267443CEC8EDBB9, 787AF9D5BC6D1A1E4A55A66D62F0DF93F45C2FB7EA5BE0BF63F1270604600B40 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:14:41.0509 0x258c  MRxDAV - ok
20:14:41.0534 0x258c  [ 5734A0F2BE7E495F7D3ED6EFD4B9F5A1, 2C5F0554D5A763D6B3F1402C9BF36C6091CBBDFFD5139AEE85D69D5B210D2047 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:14:41.0539 0x258c  mrxsmb - ok
20:14:41.0576 0x258c  [ 6B5FA5ADFACAC9DBBE0991F4566D7D55, 9BAD029A6AAF4C2292C682B9F07C57051C84F7FA4F3EBEA52C25CAEF1A41121F ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:14:41.0593 0x258c  mrxsmb10 - ok
20:14:41.0608 0x258c  [ 5C80D8159181C7ABF1B14BA703B01E0B, 414085AD3C36B8E95D1D49E2958671332DECE38739544CCB70FAB30C408E89A2 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:14:41.0612 0x258c  mrxsmb20 - ok
20:14:41.0636 0x258c  [ 28023E86F17001F7CD9B15A5BC9AE07D, FC7EAA592C5F796E3BCD7F7EF261709CD899B33FC8486E594A480F143D0D6320 ] msahci          C:\Windows\system32\drivers\msahci.sys
20:14:41.0639 0x258c  msahci - ok
20:14:41.0668 0x258c  [ 4468B0F385A86ECDDAF8D3CA662EC0E7, EAEDC9CDD2EEC5000AF8190A4BE7729282576C3F88E64FDF57F455F5CECC81C9 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
20:14:41.0673 0x258c  msdsm - ok
20:14:41.0697 0x258c  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
20:14:41.0705 0x258c  MSDTC - ok
20:14:41.0723 0x258c  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:14:41.0725 0x258c  Msfs - ok
20:14:41.0756 0x258c  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:14:41.0759 0x258c  msisadrv - ok
20:14:41.0792 0x258c  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:14:41.0801 0x258c  MSiSCSI - ok
20:14:41.0808 0x258c  msiserver - ok
20:14:41.0836 0x258c  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:14:41.0839 0x258c  MSKSSRV - ok
20:14:41.0853 0x258c  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:14:41.0855 0x258c  MSPCLOCK - ok
20:14:41.0865 0x258c  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:14:41.0868 0x258c  MSPQM - ok
20:14:41.0894 0x258c  [ B5614AECB05A9340AA0FB55BF561CC63, 8D1B5E958A0F721F5A81AD649CC5759B4DECB771FC4654F4EDEB29AC7DF1BD40 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:14:41.0902 0x258c  MsRPC - ok
20:14:41.0932 0x258c  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
20:14:41.0936 0x258c  mssmbios - ok
20:14:41.0954 0x258c  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:14:41.0956 0x258c  MSTEE - ok
20:14:41.0975 0x258c  [ 6DFD1D322DE55B0B7DB7D21B90BEC49C, 95149C41CC9F269C299541A97A9E2E2CCAEE34FE2362EEECD1F813EBC6D4CDC5 ] Mup             C:\Windows\system32\Drivers\mup.sys
20:14:41.0978 0x258c  Mup - ok
20:14:42.0012 0x258c  [ C43B25863FBD65B6D2A142AF3AE320CA, 88E147751CBECFF31CD65954BC978B86CEA74485EB60DBB25AABAB4601797A4E ] napagent        C:\Windows\system32\qagentRT.dll
20:14:42.0029 0x258c  napagent - ok
20:14:42.0055 0x258c  [ 3C21CE48FF529BB73DADB98770B54025, B8541E3D2B120B97947AE51B28A99E2623ACAD3790BC282B1251ACBEC7684F8D ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:14:42.0059 0x258c  NativeWifiP - ok
20:14:42.0099 0x258c  [ C8560010A542B5DCA94C62468DC20784, AE7584D95B0E9F5E340ADD00AA88563C64462A4FC6440F580B7936FD19D173CA ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:14:42.0124 0x258c  NDIS - ok
20:14:42.0147 0x258c  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:14:42.0149 0x258c  NdisTapi - ok
20:14:42.0158 0x258c  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:14:42.0160 0x258c  Ndisuio - ok
20:14:42.0179 0x258c  [ 3D14C3B3496F88890D431E8AA022A411, 9B31451756A35314586F93996172E1039B2CD21132CCBE772B3E61A8D9454A30 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:14:42.0187 0x258c  NdisWan - ok
20:14:42.0202 0x258c  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:14:42.0205 0x258c  NDProxy - ok
20:14:42.0239 0x258c  [ 19715A9A573DAD2521348ABC74266A48, 16AF735601FAFB3A2B5E6F30E584ECE25FDF9B7F96ECE4582C0D04BEC205411B ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
20:14:42.0243 0x258c  Net Driver HPZ12 - ok
20:14:42.0282 0x258c  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:14:42.0285 0x258c  NetBIOS - ok
20:14:42.0304 0x258c  [ 7C5FEE5B1C5728507CD96FB4A13E7A02, EDBA08442AD6AF20463A0610FF24D5929574E5EC012495A2C219F6BA84C97F57 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
20:14:42.0311 0x258c  netbt - ok
20:14:42.0316 0x258c  [ A911ECAC81F94ADEAFBE8E3F7873EDB0, 5FC9667F306E16722A46FABCA8FB9C8E7AC24768B9D8415B03F45567F90B8438 ] Netlogon        C:\Windows\system32\lsass.exe
20:14:42.0319 0x258c  Netlogon - ok
20:14:42.0365 0x258c  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
20:14:42.0382 0x258c  Netman - ok
20:14:42.0397 0x258c  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
20:14:42.0414 0x258c  netprofm - ok
20:14:42.0449 0x258c  [ 0AD5876EF4E9EB77C8F93EB5B2FFF386, 2F23B0979CF2E8DB013D8E58501ACC9265A860FD759E8B741F8FA64F7C2F7756 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:14:42.0459 0x258c  NetTcpPortSharing - ok
20:14:42.0576 0x258c  [ DD194A025D1C0472F45F57DE8D8388EB, 669FE535DDE3C500F54F6AA2AC754CCEC0EFF7ADEEB992A01B1FF98986917762 ] NETw4v32        C:\Windows\system32\DRIVERS\NETw4v32.sys
20:14:42.0648 0x258c  NETw4v32 - ok
20:14:42.0697 0x258c  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
20:14:42.0699 0x258c  nfrd960 - ok
20:14:42.0743 0x258c  [ 4BADAF74D1633B84E195038A52297DC2, 99690B846CFBC2A6C7D400B34BD97F95F95A7393045E23135A69383614A15E59 ] nicconfigsvc    C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
20:14:42.0758 0x258c  nicconfigsvc - ok
20:14:42.0790 0x258c  [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:14:42.0799 0x258c  NlaSvc - ok
20:14:42.0814 0x258c  [ ECB5003F484F9ED6C608D6D6C7886CBB, 45496B84B2FD156499E9F07FC82BC6F032B8F4D9DC194098CF9F5474D5642F9E ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:14:42.0817 0x258c  Npfs - ok
20:14:42.0845 0x258c  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
20:14:42.0849 0x258c  nsi - ok
20:14:42.0861 0x258c  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:14:42.0863 0x258c  nsiproxy - ok
20:14:42.0926 0x258c  [ B4EFFE29EB4F15538FD8A9681108492D, 12AF3C19DD2DE7D92EE4C03AD07BAFD77EB8BFF2333E6FBD9CAAA0F654A35F46 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:14:42.0978 0x258c  Ntfs - ok
20:14:43.0011 0x258c  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
20:14:43.0013 0x258c  ntrigdigi - ok
20:14:43.0036 0x258c  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
20:14:43.0038 0x258c  Null - ok
20:14:43.0062 0x258c  [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:14:43.0065 0x258c  nvraid - ok
20:14:43.0084 0x258c  [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:14:43.0086 0x258c  nvstor - ok
20:14:43.0109 0x258c  [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:14:43.0114 0x258c  nv_agp - ok
20:14:43.0123 0x258c  NwlnkFlt - ok
20:14:43.0131 0x258c  NwlnkFwd - ok
20:14:43.0155 0x258c  [ 790E27C3DB53410B40FF9EF2FD10A1D9, FD06F2702B8F7E04ECF1B6E88602F14301E7AE7FC44AD114282E580FAD530A9C ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
20:14:43.0157 0x258c  ohci1394 - ok
20:14:43.0199 0x258c  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:14:43.0208 0x258c  ose - ok
20:14:43.0435 0x258c  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:14:43.0643 0x258c  osppsvc - ok
20:14:43.0710 0x258c  [ 5DE1A3972FD3112C75EB17BDCF454169, A3187A9ED867B3B1225A8C3CFB048360C1B92DA823C1B6FF5EF2C17F6BFB6602 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
20:14:43.0751 0x258c  p2pimsvc - ok
20:14:43.0793 0x258c  [ 5DE1A3972FD3112C75EB17BDCF454169, A3187A9ED867B3B1225A8C3CFB048360C1B92DA823C1B6FF5EF2C17F6BFB6602 ] p2psvc          C:\Windows\system32\p2psvc.dll
20:14:43.0810 0x258c  p2psvc - ok
20:14:43.0833 0x258c  [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport         C:\Windows\system32\drivers\parport.sys
20:14:43.0836 0x258c  Parport - ok
20:14:43.0851 0x258c  [ 3B38467E7C3DAED009DFE359E17F139F, 419BD726E511B3FEFBD8204C9E2BF6131EC05C71D15406070F834688EAFB694F ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:14:43.0854 0x258c  partmgr - ok
20:14:43.0876 0x258c  [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
20:14:43.0878 0x258c  Parvdm - ok
20:14:43.0905 0x258c  [ 9EC004140E1B675ACDEB07F66EE797A4, 61A082F2C09B966AE7C46DAB557A92D87D28EA7B3F699F51018E625336A7CB82 ] PBADRV          C:\Windows\system32\DRIVERS\PBADRV.sys
20:14:43.0908 0x258c  PBADRV - ok
20:14:43.0928 0x258c  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:14:43.0934 0x258c  PcaSvc - ok
20:14:43.0966 0x258c  [ 01B94418DEB235DFF777CC80076354B4, 091C4D5954C5CA1F783748C4D7287DD160C5F3357F2CC448DC5C2935B79AC1E9 ] pci             C:\Windows\system32\drivers\pci.sys
20:14:43.0970 0x258c  pci - ok
20:14:43.0975 0x258c  [ FC175F5DDAB666D7F4D17449A547626F, 7D6108213D1AD3F97A3B83E491BCCC7D6F5BC72C32A182BDDE8736851A26C8D2 ] pciide          C:\Windows\system32\drivers\pciide.sys
20:14:43.0977 0x258c  pciide - ok
20:14:44.0003 0x258c  [ B7C5A8769541900F6DFA6FE0C5E4D513, 1885FE8AE9D6929E8B43D674B43B7B3FEAA25AF6E45973A0B49CBA7B9CBA34C4 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
20:14:44.0008 0x258c  pcmcia - ok
20:14:44.0055 0x258c  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:14:44.0088 0x258c  PEAUTH - ok
20:14:44.0182 0x258c  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
20:14:44.0242 0x258c  pla - ok
20:14:44.0281 0x258c  [ 78F975CB6D18265BE6F492EDB2D7BC7B, 112C6FB0A84E605B1EA87F98C8A4C210C9DB84C811029109444AB174011A158C ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:14:44.0298 0x258c  PlugPlay - ok
20:14:44.0311 0x258c  [ B36CD3F2ECA751C0CA8B8868BD1C5449, B6CE2FB74CD77A18CA12B28AA38770A3A36B4E29165AC8EE3043E024CB15F4C9 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
20:14:44.0315 0x258c  Pml Driver HPZ12 - ok
20:14:44.0359 0x258c  [ 5DE1A3972FD3112C75EB17BDCF454169, A3187A9ED867B3B1225A8C3CFB048360C1B92DA823C1B6FF5EF2C17F6BFB6602 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
20:14:44.0376 0x258c  PNRPAutoReg - ok
20:14:44.0418 0x258c  [ 5DE1A3972FD3112C75EB17BDCF454169, A3187A9ED867B3B1225A8C3CFB048360C1B92DA823C1B6FF5EF2C17F6BFB6602 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
20:14:44.0435 0x258c  PNRPsvc - ok
20:14:44.0472 0x258c  [ 47B8F37AA18B74D8C2E1BC1A7A2C8F8A, FAE64867CE80439735F88A9988243667BDE84486B5A768B650E55E1519C85C03 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:14:44.0484 0x258c  PolicyAgent - ok
20:14:44.0526 0x258c  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:14:44.0529 0x258c  PptpMiniport - ok
20:14:44.0551 0x258c  [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor       C:\Windows\system32\drivers\processr.sys
20:14:44.0554 0x258c  Processor - ok
20:14:44.0591 0x258c  [ B627E4FC8585E8843C5905D4D3587A90, 07D7BC1BF8CDD5E34155B260B914D4A9892D3CEAEACDE334D1AF2A608E1FA2D8 ] ProfSvc         C:\Windows\system32\profsvc.dll
20:14:44.0600 0x258c  ProfSvc - ok
20:14:44.0626 0x258c  [ A911ECAC81F94ADEAFBE8E3F7873EDB0, 5FC9667F306E16722A46FABCA8FB9C8E7AC24768B9D8415B03F45567F90B8438 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:14:44.0630 0x258c  ProtectedStorage - ok
20:14:44.0644 0x258c  [ BFEF604508A0ED1EAE2A73E872555FFB, AC817FB5A6126475B4A3CA191AD49651B919FB55429B939D036BC564632E426D ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
20:14:44.0647 0x258c  PSched - ok
20:14:44.0710 0x258c  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300          C:\Windows\system32\drivers\ql2300.sys
20:14:44.0757 0x258c  ql2300 - ok
20:14:44.0799 0x258c  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
20:14:44.0804 0x258c  ql40xx - ok
20:14:44.0841 0x258c  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
20:14:44.0854 0x258c  QWAVE - ok
20:14:44.0867 0x258c  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:14:44.0870 0x258c  QWAVEdrv - ok
20:14:44.0986 0x258c  [ E642B131FB74CAF4BB8A014F31113142, 18A81B27FB2DA556AC51DBA8956203A6E821D75B2B09F11049250E732318F573 ] R300            C:\Windows\system32\DRIVERS\atikmdag.sys
20:14:45.0085 0x258c  R300 - ok
20:14:45.0112 0x258c  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:14:45.0115 0x258c  RasAcd - ok
20:14:45.0148 0x258c  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
20:14:45.0154 0x258c  RasAuto - ok
20:14:45.0183 0x258c  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:14:45.0187 0x258c  Rasl2tp - ok
20:14:45.0207 0x258c  [ 6E7C284FC5C4EC07AD164D93810385A6, FDBF80C8DE53E56A3515353129C6912E8CAEC2B2DA9AB3A4B027CB73BDF1EC60 ] RasMan          C:\Windows\System32\rasmans.dll
20:14:45.0218 0x258c  RasMan - ok
20:14:45.0234 0x258c  [ 3E9D9B048107B40D87B97DF2E48E0744, F7B8DAE57B9372CEB21A912379FC7670B099A9642CF2E7EA8D335ADBD4CF86A2 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:14:45.0237 0x258c  RasPppoe - ok
20:14:45.0251 0x258c  [ A7D141684E9500AC928A772ED8E6B671, C9329ECA4190EE1F4A6F186D45EA42ACF60C04CDBAFEB19973F3C2DF04A1BCEE ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:14:45.0256 0x258c  RasSstp - ok
20:14:45.0300 0x258c  [ 6E1C5D0457622F9EE35F683110E93D14, 9C6BE049FDA5E6CBA486EE33F01AADDD6085CC5F1F08409EC439ADE9137D3F5F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:14:45.0308 0x258c  rdbss - ok
20:14:45.0319 0x258c  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
20:14:45.0321 0x258c  RDPCDD - ok
20:14:45.0352 0x258c  [ FBC0BACD9C3D7F6956853F64A66E252D, 7672B10C7039295B152C02C96903E869FF2C0A88A2C3FA89BAE9F1D593B43569 ] rdpdr           C:\Windows\system32\DRIVERS\rdpdr.sys
20:14:45.0369 0x258c  rdpdr - ok
20:14:45.0375 0x258c  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
20:14:45.0377 0x258c  RDPENCDD - ok
20:14:45.0410 0x258c  [ E1C18F4097A5ABCEC941DC4B2F99DB7E, B38AC355042F18A41F83BF088FE7EB867184C7FE37820365314419BD3810BB68 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
20:14:45.0417 0x258c  RDPWD - ok
20:14:45.0460 0x258c  [ 2CF574D0965F58E514A2DC94114D7ECA, F47D438DC25D30A88CEFA8CC9DEA527F111A0F6403E84995C04D75A28EB38A08 ] RegSrvc         C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
20:14:45.0477 0x258c  RegSrvc - ok
20:14:45.0530 0x258c  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:14:45.0535 0x258c  RemoteAccess - ok
20:14:45.0588 0x258c  [ CC4E32400F3C7253400CF8F3F3A0B676, D2A874BE3D365260AD7C10C30F2DE22F818CBFC12D65AADE2203B9ED02C9BEB5 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:14:45.0595 0x258c  RemoteRegistry - ok
20:14:45.0625 0x258c  [ B9BB8E2093C1615AD6EA55AD96214354, 57A2EEA52E2A670B712C4446F1A6379D1B79454A09A7B79455CA08894FD4B21F ] Revoflt         C:\Windows\system32\DRIVERS\revoflt.sys
20:14:45.0628 0x258c  Revoflt - ok
20:14:45.0650 0x258c  [ 34CC78C06587718C2AD6D3AA83B1F072, 35973BBFF7C6119287B4C3C47A54C626A8623C9F18062597AD7D3ADDF0094ED8 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
20:14:45.0654 0x258c  RFCOMM - ok
20:14:45.0681 0x258c  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
20:14:45.0685 0x258c  RpcLocator - ok
20:14:45.0717 0x258c  [ 301AE00E12408650BADDC04DBC832830, 405A392B83942A17F1EB78943C3A3046B5451EA8CB0082A53571CCC0609275A2 ] RpcSs           C:\Windows\system32\rpcss.dll
20:14:45.0732 0x258c  RpcSs - ok
20:14:45.0761 0x258c  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:14:45.0765 0x258c  rspndr - ok
20:14:45.0772 0x258c  [ A911ECAC81F94ADEAFBE8E3F7873EDB0, 5FC9667F306E16722A46FABCA8FB9C8E7AC24768B9D8415B03F45567F90B8438 ] SamSs           C:\Windows\system32\lsass.exe
20:14:45.0776 0x258c  SamSs - ok
20:14:45.0802 0x258c  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:14:45.0807 0x258c  sbp2port - ok
20:14:45.0825 0x258c  [ 7BFA395A95E5D714D222E35F041C46E8, 70C4C63553154AA3FD15F178964F7B89CAB28D791BB28247F1C2EC11FCB62901 ] ScanUSBEMPIA    C:\Windows\system32\DRIVERS\emScan.sys
20:14:45.0827 0x258c  ScanUSBEMPIA - ok
20:14:45.0853 0x258c  [ 11387E32642269C7E62E8B52C060B3C6, 6225FA14CBDC1D30F2E4CDC2059773DA49C67BE2C00A1DE582E8E07717F20425 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:14:45.0862 0x258c  SCardSvr - ok
20:14:45.0920 0x258c  [ 7B587B8A6D4A99F79D2902D0385F29BD, C29F2EE25F7B11E1821832CB7F4F8506C2AB20804D6702CC5EAF5BA1F3FCA972 ] Schedule        C:\Windows\system32\schedsvc.dll
20:14:45.0962 0x258c  Schedule - ok
20:14:45.0981 0x258c  [ 87C2D0377B23E2D8A41093C2F5FB1A5B, 94725CD764318461A1163FCD1B507B92490C5F52CB5089E6C7245FD91F2D1D05 ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:14:45.0984 0x258c  SCPolicySvc - ok
20:14:46.0016 0x258c  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:14:46.0025 0x258c  SDRSVC - ok
20:14:46.0034 0x258c  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:14:46.0037 0x258c  secdrv - ok
20:14:46.0061 0x258c  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll
20:14:46.0068 0x258c  seclogon - ok
20:14:46.0133 0x258c  [ 472946EDEBF85C1F0B44B6EBA01AC9B6, 35329B5D7507BA17D48A7C6EFAC908B21D51C61CEB9400DBBDAE2DB94DCB51C8 ] SecureStorageService C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe
20:14:46.0161 0x258c  SecureStorageService - ok
20:14:46.0183 0x258c  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\system32\sens.dll
20:14:46.0200 0x258c  SENS - ok
20:14:46.0223 0x258c  [ CE9EC966638EF0B10B864DDEDF62A099, 2DEC5A8C947D87C12B342F15B8A552A0D49B979A2AC32D2C97FC7A3A76C34524 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
20:14:46.0226 0x258c  Serenum - ok
20:14:46.0266 0x258c  [ 6D663022DB3E7058907784AE14B69898, 54263888C64A7F010D3B5E399369B0F3FF3AF0A0DE8ADB502B98277533E4D45F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
20:14:46.0271 0x258c  Serial - ok
20:14:46.0305 0x258c  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
20:14:46.0308 0x258c  sermouse - ok
20:14:46.0346 0x258c  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
20:14:46.0356 0x258c  SessionEnv - ok
20:14:46.0384 0x258c  [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
20:14:46.0387 0x258c  sffdisk - ok
20:14:46.0408 0x258c  [ E95D451F7EA3E583AEC75F3B3EE42DC5, B014BE4F9B0C79ECCE2537D1CF4AAD48ACB4C5AD3DACAC4444F0F465B9689921 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
20:14:46.0411 0x258c  sffp_mmc - ok
20:14:46.0438 0x258c  [ 3D0EA348784B7AC9EA9BD9F317980979, 2500CE188C9B71C50E966FA575303AEFE50934E376C530AECEC7C7533C15EF08 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
20:14:46.0442 0x258c  sffp_sd - ok
20:14:46.0465 0x258c  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
20:14:46.0469 0x258c  sfloppy - ok
20:14:46.0539 0x258c  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:14:46.0565 0x258c  SharedAccess - ok
20:14:46.0615 0x258c  [ 1E3FDB80E40A3CE645F229DFBDFB7694, C58D04CB86E314FC768F2729AC77A7097AFA9C80A35D8AB72690B7005E83D1D6 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:14:46.0640 0x258c  ShellHWDetection - ok
20:14:46.0665 0x258c  [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
20:14:46.0669 0x258c  sisagp - ok
20:14:46.0689 0x258c  [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
20:14:46.0691 0x258c  SiSRaid2 - ok
20:14:46.0711 0x258c  [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
20:14:46.0715 0x258c  SiSRaid4 - ok
20:14:46.0841 0x258c  [ 0BA91E1358AD25236863039BB2609A2E, ECB3C8E3D9C6FA77C0CF5A898FB90BB9474C6EFBE3698B56C93ECE44535EDACE ] slsvc           C:\Windows\system32\SLsvc.exe
20:14:46.0941 0x258c  slsvc - ok
20:14:46.0961 0x258c  [ 7C6DC44CA0BFA6291629AB764200D1D4, 747CDA89C6F94F8314E5E5C425387ABDF9FF8528D82422F8FF66D96307B47B13 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
20:14:46.0967 0x258c  SLUINotify - ok
20:14:46.0991 0x258c  [ 031E6BCD53C9B2B9ACE111EAFEC347B6, B934129BD77CA6A1434C59EA82B5E93FD4089608E0E41242B6E68070A0F33FB8 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
20:14:46.0995 0x258c  Smb - ok
20:14:47.0024 0x258c  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:14:47.0030 0x258c  SNMPTRAP - ok
20:14:47.0046 0x258c  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
20:14:47.0048 0x258c  spldr - ok
20:14:47.0079 0x258c  [ 3665F79026A3F91FBCA63F2C65A09B19, A9AAE9B4006B5BC6EF4A7AB4CAB131687E4055E7C56900BBD24F78BA155C458A ] Spooler         C:\Windows\System32\spoolsv.exe
20:14:47.0088 0x258c  Spooler - ok
20:14:47.0127 0x258c  [ 2252AEF839B1093D16761189F45AF885, D7B79E1B9CD73EDEA855DBE120ED470CC0F67D1AA44038E6051A4C5BCE361DE3 ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:14:47.0144 0x258c  srv - ok
20:14:47.0174 0x258c  [ B7FF59408034119476B00A81BB53D5D1, 365D8E719D729D56082F5A6EEB65B31EB5DB5D15A5346D05E7130F41F2F97D46 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:14:47.0180 0x258c  srv2 - ok
20:14:47.0193 0x258c  [ 2ACCC9B12AF02030F531E6CCA6F8B76E, D1BA17C7BFE02347824DEEB1B7362FD251769ECB92B14EB3C600C85AB7E04D1B ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:14:47.0197 0x258c  srvnet - ok
20:14:47.0228 0x258c  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:14:47.0238 0x258c  SSDPSRV - ok
20:14:47.0286 0x258c  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:14:47.0302 0x258c  SstpSvc - ok
20:14:47.0333 0x258c  [ 7E6DD4B34ACD36AF6C711D2BDE91B040, 737C76749FE53A968E558289613A6ED5A0263F9585A47028343284F64808AC67 ] STacSV          C:\Windows\system32\STacSV.exe
20:14:47.0342 0x258c  STacSV - ok
20:14:47.0387 0x258c  [ 6A2A5E809C2C0178326D92B19EE4AAD3, B2D78857BDB72A2CB63950558CA3D5105F1857056F52BB8E9D888394CC2D06E9 ] STHDA           C:\Windows\system32\drivers\stwrt.sys
20:14:47.0403 0x258c  STHDA - ok
20:14:47.0444 0x258c  [ 7DD08A597BC56051F320DA0BAF69E389, ACC59CF80765248705FFCE65DC9B5D072DC054F08C02FB4D16BA0E84D8BED0A4 ] stisvc          C:\Windows\System32\wiaservc.dll
20:14:47.0469 0x258c  stisvc - ok
20:14:47.0479 0x258c  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
20:14:47.0482 0x258c  swenum - ok
20:14:47.0516 0x258c  [ B36C7CDB86F7F7A8E884479219766950, F3EA381A84CD6950BF71A56E9ABAD5010F226C5254CB936699A38BA4C85F7367 ] swprv           C:\Windows\System32\swprv.dll
20:14:47.0531 0x258c  swprv - ok
20:14:47.0570 0x258c  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
20:14:47.0573 0x258c  Symc8xx - ok
20:14:47.0590 0x258c  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
20:14:47.0593 0x258c  Sym_hi - ok
20:14:47.0612 0x258c  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
20:14:47.0616 0x258c  Sym_u3 - ok
20:14:47.0658 0x258c  [ 8710A92D0024B03B5FB9540DF1F71F1D, B72A968A7966DC16A1D69A8D53012A4307EEBDC4CB8E1D9C93BFB88D996E490F ] SysMain         C:\Windows\system32\sysmain.dll
20:14:47.0693 0x258c  SysMain - ok
20:14:47.0726 0x258c  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:14:47.0743 0x258c  TabletInputService - ok
20:14:47.0768 0x258c  [ 680916BB09EE0F3A6ACA7C274B0D633F, 008B6EE41FA4D371258F0A656AE96B3E3F487BE5B9E0654B920013B4F1C0DFD8 ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:14:47.0783 0x258c  TapiSrv - ok
20:14:47.0814 0x258c  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
20:14:47.0831 0x258c  TBS - ok
20:14:47.0906 0x258c  [ 782568AB6A43160A159B6215B70BCCE9, 11FDD484743985D2F41098C191926BFE8010D4E432CA20CCEB6219B514F9838A ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:14:47.0933 0x258c  Tcpip - ok
20:14:47.0979 0x258c  [ 782568AB6A43160A159B6215B70BCCE9, 11FDD484743985D2F41098C191926BFE8010D4E432CA20CCEB6219B514F9838A ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
20:14:47.0998 0x258c  Tcpip6 - ok
20:14:48.0029 0x258c  [ D4A2E4A4B011F3A883AF77315A5AE76B, 29E18087236A592638570F76691BC5C64CCA383F43EE22DF122413860E2D882C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:14:48.0031 0x258c  tcpipreg - ok
20:14:48.0122 0x258c  [ 23B506262493F1A521683EE88C5FBF60, 0668C88429249CD01F86B4ECE236F804DFED33DC0A3874BDCD84B539B899C32E ] tcsd_win32.exe  C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
20:14:48.0182 0x258c  tcsd_win32.exe - ok
20:14:48.0212 0x258c  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
20:14:48.0215 0x258c  TDPIPE - ok
20:14:48.0237 0x258c  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
20:14:48.0240 0x258c  TDTCP - ok
20:14:48.0263 0x258c  [ D09276B1FAB033CE1D40DCBDF303D10F, 2CB47CB522B4E1C091DE30AF0EB4E21D321C42D2A5BA9647CBD078652680D8FF ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:14:48.0267 0x258c  tdx - ok
20:14:48.0302 0x258c  [ A048056F5E1A96A9BF3071B91741A5AA, CFDE51D106A6CC4A5638BCD458505F5831636D2203F7C949273BDA446AC7C5F3 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
20:14:48.0305 0x258c  TermDD - ok
20:14:48.0348 0x258c  [ D605031E225AACCBCEB5B76A4F1603A6, 27D78644CADBC11C3AB5E0C10F854FD43BCD43B6E91C1ED1F6D35BC501147701 ] TermService     C:\Windows\System32\termsrv.dll
20:14:48.0373 0x258c  TermService - ok
20:14:48.0394 0x258c  [ 1E3FDB80E40A3CE645F229DFBDFB7694, C58D04CB86E314FC768F2729AC77A7097AFA9C80A35D8AB72690B7005E83D1D6 ] Themes          C:\Windows\system32\shsvcs.dll
20:14:48.0403 0x258c  Themes - ok
20:14:48.0416 0x258c  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
20:14:48.0421 0x258c  THREADORDER - ok
20:14:48.0451 0x258c  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
20:14:48.0459 0x258c  TrkWks - ok
20:14:48.0464 0x258c  TrueSight - ok
20:14:48.0510 0x258c  [ 16613A1BAD034D4ECF957AF18B7C2FF5, 75499618187ED4385984F608D134BB298A4CCB339F70B31E4A8B2CF3E3558396 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:14:48.0512 0x258c  TrustedInstaller - ok
20:14:48.0563 0x258c  [ DCF0F056A2E4F52287264F5AB29CF206, D9F770BD65AE4320A8C130DEA1D093AA4E37FCA573BBE6A59D6D045452EA711D ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
20:14:48.0566 0x258c  tssecsrv - ok
20:14:48.0596 0x258c  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
20:14:48.0599 0x258c  tunmp - ok
20:14:48.0625 0x258c  [ 6042505FF6FA9AC1EF7684D0E03B6940, D09CF14A6C0C760238792DDA4ECB6FBB6CA645BB91BD62585EBD050226BDB5A7 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:14:48.0628 0x258c  tunnel - ok
20:14:48.0645 0x258c  [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
20:14:48.0649 0x258c  uagp35 - ok
20:14:48.0676 0x258c  [ 8B5088058FA1D1CD897A2113CCFF6C58, 1616EDB66C3E2DA7B09EA4FE46A3FC7087D6201F2195D76118A93B0B065D1623 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:14:48.0685 0x258c  udfs - ok
20:14:48.0726 0x258c  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:14:48.0732 0x258c  UI0Detect - ok
20:14:48.0756 0x258c  [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
20:14:48.0759 0x258c  uliagpkx - ok
20:14:48.0792 0x258c  [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
20:14:48.0799 0x258c  uliahci - ok
20:14:48.0826 0x258c  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
20:14:48.0830 0x258c  UlSata - ok
20:14:48.0854 0x258c  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
20:14:48.0858 0x258c  ulsata2 - ok
20:14:48.0883 0x258c  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
20:14:48.0886 0x258c  umbus - ok
20:14:48.0924 0x258c  [ 909795B5B15047D9331F3D6B276B3993, BFB985FC69B0A3C2EDAA0D2FC260790D8AEFAC741A0FC42D425C22F6DF1EDCA9 ] UmRdpService    C:\Windows\System32\umrdp.dll
20:14:48.0936 0x258c  UmRdpService - ok
20:14:48.0966 0x258c  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
20:14:48.0989 0x258c  upnphost - ok
20:14:49.0023 0x258c  [ 5C2BDC152BBAB34F36473DEAF7713F22, DC7D6FD3BE2F4D8832BB62AB76E5332BB65255AB45F6E28E6B1991A976C1A058 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
20:14:49.0026 0x258c  USBAAPL - ok
20:14:49.0057 0x258c  [ 292A25BB75A568AE2C67169BA2C6365A, EE8B50DD446ECDEBC8B27D015FA9DE18F918ABBA8CF277B799D71CC9D79842FC ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
20:14:49.0062 0x258c  usbaudio - ok
20:14:49.0083 0x258c  [ 5353218B3265E3B8190335059F697A11, 78722D3FBC6EE58D83BE944F60190454F285FFCFCC419874837C4FC1A04BD6C1 ] usbbus          C:\Windows\system32\DRIVERS\lgusbbus.sys
20:14:49.0086 0x258c  usbbus - ok
20:14:49.0107 0x258c  [ CAF811AE4C147FFCD5B51750C7F09142, BD670CF88D8F932AD1C6BA91FB68A7204BC473657C6A057C92AFB84D164D393C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
20:14:49.0112 0x258c  usbccgp - ok
20:14:49.0143 0x258c  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
20:14:49.0148 0x258c  usbcir - ok
20:14:49.0174 0x258c  [ 7DD3EEFC62A1EF44E5F940FA651ED9ED, C337BB497A5438B16FB13EA3CD32A25309A30CA535567E370589A864EFD44F07 ] UsbDiag         C:\Windows\system32\DRIVERS\lgusbdiag.sys
20:14:49.0177 0x258c  UsbDiag - ok
20:14:49.0200 0x258c  [ CEBE90821810E76320155BEBA722FCF9, AD27B032520BE2A45690DD1AFDDA632B934AB7F815CD313B19CD692790C761D8 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
20:14:49.0203 0x258c  usbehci - ok
20:14:49.0229 0x258c  [ CC6B28E4CE39951357963119CE47B143, 0BC653B51A33709AADD8B5A2B8102DBCB3C1EE14BDDF4C58813FDCA43FF7C1B2 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
20:14:49.0238 0x258c  usbhub - ok
20:14:49.0266 0x258c  [ 083031A78822ECCBD7510BCCD3E20D4C, 782ED3B00B4B37CD80889DE6C6C822005C02F0A711EE25E42B1052663AD26C10 ] USBModem        C:\Windows\system32\DRIVERS\lgusbmodem.sys
20:14:49.0270 0x258c  USBModem - ok
20:14:49.0302 0x258c  [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci         C:\Windows\system32\drivers\usbohci.sys
20:14:49.0307 0x258c  usbohci - ok
20:14:49.0336 0x258c  [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
20:14:49.0340 0x258c  usbprint - ok
20:14:49.0381 0x258c  [ A508C9BD8724980512136B039BBA65E9, B39B72471C468AC997AEC528599EDC98A031F5A7EB91C4F9471402D48D2D4E3E ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
20:14:49.0385 0x258c  usbscan - ok
20:14:49.0409 0x258c  [ 87BA6B83C5D19B69160968D07D6E2982, 9E039DF4BBE53CA22A0ACE486B9867F99FFFE086CCAF6A83BD78770E4631F3F8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:14:49.0414 0x258c  USBSTOR - ok
20:14:49.0438 0x258c  [ 814D653EFC4D48BE3B04A307ECEFF56F, D73D62F51AEFE2F8F2B938B20107C246F2AC2F62ED49112DBD092A5D2E4024B3 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
20:14:49.0441 0x258c  usbuhci - ok
20:14:49.0465 0x258c  [ 032A0ACC3909AE7215D524E29D536797, 51E36ED5953C0880BE508837181925A0F677842E8A5BA98099700E6ED691A783 ] UxSms           C:\Windows\System32\uxsms.dll
20:14:49.0471 0x258c  UxSms - ok
20:14:49.0525 0x258c  [ B13BC395B9D6116628F5AF47E0802AC4, 36E023A07E56588A8C26EF95E4F99303659E4783E0D9E8AEF193CA77A7AF91BA ] vds             C:\Windows\System32\vds.exe
20:14:49.0542 0x258c  vds - ok
20:14:49.0577 0x258c  [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
20:14:49.0580 0x258c  vga - ok
20:14:49.0602 0x258c  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
20:14:49.0605 0x258c  VgaSave - ok
20:14:49.0634 0x258c  [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
20:14:49.0638 0x258c  viaagp - ok
20:14:49.0655 0x258c  [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
20:14:49.0658 0x258c  ViaC7 - ok
20:14:49.0674 0x258c  [ AADF5587A4063F52C2C3FED7887426FC, 0A74791A236FDAFCD045CFB79A159245B94F7C2033E0CD830C1B76F0F994E06D ] viaide          C:\Windows\system32\drivers\viaide.sys
20:14:49.0677 0x258c  viaide - ok
20:14:49.0692 0x258c  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:14:49.0694 0x258c  volmgr - ok
20:14:49.0724 0x258c  [ 98F5FFE6316BD74E9E2C97206C190196, CA9FA0EE5515D26F9406FF95F728E7F2CC29A8B7C97BC69FC2E95BBC60A2D261 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:14:49.0741 0x258c  volmgrx - ok
20:14:49.0780 0x258c  [ D8B4A53DD2769F226B3EB374374987C9, 49314B3E53FBF40A60E272C5B3B79FD1EFABFE1215DA5B030571B4DDF5592896 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:14:49.0785 0x258c  volsnap - ok
20:14:49.0807 0x258c  [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
20:14:49.0812 0x258c  vsmraid - ok
20:14:49.0876 0x258c  [ D5FB73D19C46ADE183F968E13F186B23, D35432BE4FF462FCEA958CF646D5572B6D78058BC2F1F324C9F50A0B14B02259 ] VSS             C:\Windows\system32\vssvc.exe
20:14:49.0926 0x258c  VSS - ok
20:14:50.0085 0x258c  [ A9129F1C74B137B4310F8377DBBB224C, B4CB740BD307A3F4B6A922E5F281E18E547DFBBECEA9881AA7A1AC6B19233687 ] vToolbarUpdater18.0.5 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe
20:14:50.0169 0x258c  vToolbarUpdater18.0.5 - ok
20:14:50.0211 0x258c  [ 1CF9206966A8458CDA9A8B20DF8AB7D3, 405D5FE96DA7ED03D4124EF6C692F80E88E5982B90DF46E353E94FFF576A5570 ] W32Time         C:\Windows\system32\w32time.dll
20:14:50.0223 0x258c  W32Time - ok
20:14:50.0248 0x258c  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
20:14:50.0251 0x258c  WacomPen - ok
20:14:50.0279 0x258c  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
20:14:50.0283 0x258c  Wanarp - ok
20:14:50.0290 0x258c  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:14:50.0293 0x258c  Wanarpv6 - ok
20:14:50.0306 0x258c  Wave UCSPlus - ok
20:14:50.0364 0x258c  [ 796FDA916625BE7E5F6CFECE15A81C3A, 6EA247851B411CDF478BF2EEBFB0CA8F4AFD8CCA52B30E0F9AB2FBD2CD4D8162 ] WaveEnrollmentService C:\Program Files\Wave Systems Corp\Authentication Manager\WaveEnrollmentService.exe
20:14:50.0372 0x258c  WaveEnrollmentService - ok
20:14:50.0405 0x258c  [ E386D60BDFD1649815607234C17D43DD, ECFB295EC259CAFC35D1B4F488779BE8024CDD1E3EFCC954BDB7E6FB8739C7B3 ] WavxDMgr        C:\Windows\system32\DRIVERS\WavxDMgr.sys
20:14:50.0412 0x258c  WavxDMgr - ok
20:14:50.0476 0x258c  [ F0E594DD07B2163DF9F5D5B6B471DDFA, 1F23B34B1B8A081EC3D99E16B036C32B18B9F4D615725BBF474A3B5131F92BCD ] wbengine        C:\Windows\system32\wbengine.exe
20:14:50.0810 0x258c  wbengine - ok
20:14:50.0855 0x258c  [ F3A5C2E1A6533192B070D06ECF6BE796, CBA11D9E60A04A0B82C6934A53EA859513CD476FF047DD3D59727B10CE7DB2DA ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:14:50.0883 0x258c  wcncsvc - ok
20:14:50.0917 0x258c  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:14:50.0928 0x258c  WcsPlugInService - ok
20:14:50.0957 0x258c  [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd              C:\Windows\system32\drivers\wd.sys
20:14:50.0959 0x258c  Wd - ok
20:14:50.0980 0x258c  [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96, 6A6EFFDB538DE1E201058A00F3E056F1256E92EED943FBFBCE28E54BE751E33D ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:14:51.0003 0x258c  Wdf01000 - ok
20:14:51.0034 0x258c  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:14:51.0042 0x258c  WdiServiceHost - ok
20:14:51.0048 0x258c  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:14:51.0054 0x258c  WdiSystemHost - ok
20:14:51.0071 0x258c  [ CF9A5F41789B642DB967021DE06A2713, A541F9D87CBDE2A4E48C5D5363736EF603B2701741D3044232474F179884AD7B ] WebClient       C:\Windows\System32\webclnt.dll
20:14:51.0088 0x258c  WebClient - ok
20:14:51.0112 0x258c  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:14:51.0122 0x258c  Wecsvc - ok
20:14:51.0148 0x258c  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:14:51.0155 0x258c  wercplsupport - ok
20:14:51.0182 0x258c  [ FD1965AAA112C6818A30AB02742D0461, 6779D836934412907390DC85FA2A8C3BB1CC31FD4151830275B773FD13CFFBC2 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:14:51.0192 0x258c  WerSvc - ok
20:14:51.0225 0x258c  [ 72CC6A8CA7891031D6380DB5025C773C, 33D5021C3A2FE8E9F6E2C22F4777E1D82A6B3998EB857B618A3C8838D3C8B03E ] winachsf        C:\Windows\system32\DRIVERS\HSX_CNXT.sys
20:14:51.0275 0x258c  winachsf - ok
20:14:51.0343 0x258c  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
20:14:51.0353 0x258c  WinDefend - ok
20:14:51.0361 0x258c  WinHttpAutoProxySvc - ok
20:14:51.0416 0x258c  [ 00B79A7C984678F24CF052E5BEB3A2F5, 4D8E4394C926D2B1C71613D309F2D62A663B0ADB73A036F5E9E7D1AFF605CA2A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:14:51.0424 0x258c  Winmgmt - ok
20:14:51.0495 0x258c  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll
20:14:51.0554 0x258c  WinRM - ok
20:14:51.0607 0x258c  [ 275F4346E569DF56CFB95243BD6F6FF0, 9C85246BF99119DBD6E0B5D38F96B8BC00F3C87618D17BC0E0A063A0D9A03440 ] Wlansvc         C:\Windows\System32\wlansvc.dll
20:14:51.0633 0x258c  Wlansvc - ok
20:14:51.0644 0x258c  [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
20:14:51.0646 0x258c  WmiAcpi - ok
20:14:51.0677 0x258c  [ ABA4CF9F856D9A3A25F4DDD7690A6E9D, 07C1DAF3DA3CDA84FBE4C7576372115FCAAAAFC332F252C03625E53C7F3C6EE5 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:14:51.0682 0x258c  wmiApSrv - ok
20:14:51.0754 0x258c  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
20:14:51.0788 0x258c  WMPNetworkSvc - ok
20:14:51.0823 0x258c  [ 396D406292B0CD26E3504FFE82784702, 5F9015BB515AC13D4DFE8F4B532352CF2C5B61DEFD3D0D61BCD82C781D36E7AF ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:14:51.0840 0x258c  WPDBusEnum - ok
20:14:51.0863 0x258c  [ 0CEC23084B51B8288099EB710224E955, E1AAB1E08E1745313D0A149A645AA878148D2DBE5CCC23C4ECCFC5003945C22B ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
20:14:51.0865 0x258c  WpdUsb - ok
20:14:51.0967 0x258c  [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:14:52.0001 0x258c  WPFFontCache_v0400 - ok
20:14:52.0035 0x258c  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:14:52.0037 0x258c  ws2ifsl - ok
20:14:52.0063 0x258c  [ 683DD16B590372F2C9661D277F35E49C, 29D86389D95256EEF37BA01D403494385015D926E851A39EC7948FF6EF4E8481 ] wscsvc          C:\Windows\system32\wscsvc.dll
20:14:52.0071 0x258c  wscsvc - ok
20:14:52.0076 0x258c  WSearch - ok
20:14:52.0172 0x258c  [ 6298277B73C77FA99106B271A7525163, 9E076697F025167B57D8D66ED0862B184D70324E058BFA36E42D0C6728720B31 ] wuauserv        C:\Windows\system32\wuaueng.dll
20:14:52.0248 0x258c  wuauserv - ok
20:14:52.0273 0x258c  [ AC13CB789D93412106B0FB6C7EB2BCB6, 8F5B0BD0CBBAB182A400F8994D4727BC0C978D749B6429A2D41B412AE97428B6 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
20:14:52.0276 0x258c  WUDFRd - ok
20:14:52.0307 0x258c  [ 575A4190D989F64732119E4114045A4F, 373C344B106AFDB1E6125A21DFE28CA6CFC77FA87FE904656A4F209DB2ED69C7 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:14:52.0324 0x258c  wudfsvc - ok
20:14:52.0338 0x258c  [ DAB33CFA9DD24251AAA389FF36B64D4B, 1C5D7C3D6C3552BDD52EB7E76031746D7DAAF64CA2432CC23329DA72BE7252D0 ] XAudio          C:\Windows\system32\DRIVERS\xaudio.sys
20:14:52.0341 0x258c  XAudio - ok
20:14:52.0365 0x258c  [ CD5F291A1161F15896D1A4D63DAFF5DF, 4F30DC454F255249431FCD14DE17858A79A088A4084F2CEDD0CF25382D427285 ] XAudioService   C:\Windows\system32\DRIVERS\xaudio.exe
20:14:52.0378 0x258c  XAudioService - ok
20:14:52.0395 0x258c  ================ Scan global ===============================
20:14:52.0417 0x258c  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
20:14:52.0453 0x258c  [ F42F8855CB5C22E203C6672B124F17FD, 3A1BBCC916A02CFB5621FD32B336DDACCFBFB4E418B7FA48653DF2FA1CF563A5 ] C:\Windows\system32\winsrv.dll
20:14:52.0511 0x258c  [ F42F8855CB5C22E203C6672B124F17FD, 3A1BBCC916A02CFB5621FD32B336DDACCFBFB4E418B7FA48653DF2FA1CF563A5 ] C:\Windows\system32\winsrv.dll
20:14:52.0552 0x258c  [ 2B336AB6286D6C81FA02CBAB914E3C6C, C5ADF6D5BFC00375BA6D0E5D96F36D36ADFBF66325A48358C6317E387FB220EC ] C:\Windows\system32\services.exe
20:14:52.0565 0x258c  [ Global ] - ok
20:14:52.0565 0x258c  ================ Scan MBR ==================================
20:14:52.0578 0x258c  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
20:14:53.0010 0x258c  \Device\Harddisk0\DR0 - ok
20:14:53.0011 0x258c  ================ Scan VBR ==================================
20:14:53.0015 0x258c  [ 8BFE622D5E1F64AA70F13C1D89C9F3E6 ] \Device\Harddisk0\DR0\Partition1
20:14:53.0084 0x258c  \Device\Harddisk0\DR0\Partition1 - ok
20:14:53.0107 0x258c  [ 077D47B84B65F91EDF3F6128A6B8181A ] \Device\Harddisk0\DR0\Partition2
20:14:53.0141 0x258c  \Device\Harddisk0\DR0\Partition2 - ok
20:14:53.0177 0x258c  AV detected via SS2: AVG AntiVirus Free Edition 2014, C:\Program Files\AVG\AVG2014\avgwsc.exe ( 14.0.0.4110 ), 0x41000 ( enabled : updated )
20:14:53.0185 0x258c  Win FW state via NFP2: enabled
20:14:55.0750 0x258c  ============================================================
20:14:55.0750 0x258c  Scan finished
20:14:55.0750 0x258c  ============================================================
20:14:55.0758 0x250c  Detected object count: 0
20:14:55.0758 0x250c  Actual detected object count: 0
20:19:21.0619 0x28f8  Deinitialize success






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users