Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible Taskmrg.exe infection?


  • Please log in to reply
19 replies to this topic

#1 Niko54

Niko54

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:09 AM

Posted 21 May 2014 - 01:10 PM

Hi,

So I got a message yesterday saying this:

Do you want to allow the following program from an unknown publisher to make changes to this computer?

Program - taskmgr.exe

Publisher : unknown File origin: Hard drive on this computer

Program Location: C\Windows\System32\taskmgr.exe

 

This message has not repeated since yesterday. I clicked "No" and ran Malwarebytes and Microsoft Safety Scanner and both showed nothing. I ran sfc /scannow and got this message "Windows Resource Protection did not find any integrity violations".  Before I received the message I had open taskmanager and noticed trustedinstaller.exe was running. Also as of today I have an extra process running and another process and begins and the terminates itself after a while. This second processs sometimes seems to use a bit of bandwidth.

 

Could this be a possible infection?



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:09 PM

Posted 21 May 2014 - 01:50 PM

What were you doing when that popped up?


trustedinstaller.exe
This program is required to run on startup in order to benefit from its functionality or so that the program will work. The following information is a brief description of what is known about this file. If you require further assistance for this file, feel free to ask about in the forums.


Name: Windows Modules Installer
Filename: TrustedInstaller.exe
Command: C:\Windows\servicing\TrustedInstaller.exe

Description:

Windows service that enables installation, modification, and removal of Windows updates and optional components. If this service is disabled, install or uninstall of Windows updates might fail for this computer.

File Location: C:\Windows\servicing\TrustedInstaller.exe
Startup Type: This startup entry is installed as a Windows service.
Service Name: TrustedInstaller

If it is NOT in that location it is malware..


Or try doing a System Restore to a date prior to this occurrence and see if the TaskManager issue stops.

Edited by boopme, 21 May 2014 - 01:53 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Niko54

Niko54
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:09 AM

Posted 21 May 2014 - 06:57 PM

Sorry about responding so late I started this topic while on my lunch break today and that was probably a bad idea. To answer your first question I was watching a Youtube video when the message popped up. I found another instance of TrustedInstaller.exe but it was located in the Winsxs folder. Instead of deleting it I performed a System restore to a date four days ago. If I do get the same message again do I post to this same thread or do I start a new topic. Thank you for your help.

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:09 PM

Posted 21 May 2014 - 07:41 PM

That's OK... do these next.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Niko54

Niko54
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:09 AM

Posted 22 May 2014 - 12:41 AM

Here are the results for MiniToolBox MiniToolBox by Farbar Version: 23-01-2014 Ran by Soren (administrator) on 21-05-2014 at 18:15:10 Running from "C:\Users\Soren\Downloads" Microsoft Windows 7 Home Premium Service Pack 1 (X64) Boot Mode: Normal *************************************************************************** ========================= Flush DNS: =================================== Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========================= IE Proxy Settings: ============================== Proxy is not enabled. No Proxy Server is set. "Reset IE Proxy Settings": IE Proxy Settings were reset. ========================= FF Proxy Settings: ============================== "Reset FF Proxy Settings": Firefox Proxy settings were reset. ========================= Hosts content: ================================= ========================= IP Configuration: ================================ Broadcom 4313 802.11b/g/n = Wireless Network Connection (Connected) Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected) # ---------------------------------- # IPv4 Configuration # ---------------------------------- pushd interface ipv4 reset set global icmpredirects=enabled popd # End of IPv4 configuration Windows IP Configuration Host Name . . . . . . . . . . . . : Soren-PC Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Broadcast IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : gateway.2wire.net Wireless LAN adapter Wireless Network Connection: Connection-specific DNS Suffix . : gateway.2wire.net Description . . . . . . . . . . . : Broadcom 4313 802.11b/g/n Physical Address. . . . . . . . . : CC-52-AF-5D-4D-92 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::6d0e:26f6:9654:c587%15(Preferred) IPv4 Address. . . . . . . . . . . : 192.168.1.69(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Lease Obtained. . . . . . . . . . : Wednesday, May 21, 2014 4:44:52 PM Lease Expires . . . . . . . . . . : Thursday, May 22, 2014 4:44:52 PM Default Gateway . . . . . . . . . : 192.168.1.254 DHCP Server . . . . . . . . . . . : 192.168.1.254 DHCPv6 IAID . . . . . . . . . . . : 382489263 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-9C-81-23-98-4B-E1-C2-09-FC DNS Servers . . . . . . . . . . . : 192.168.1.254 NetBIOS over Tcpip. . . . . . . . : Enabled Ethernet adapter Local Area Connection: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Realtek PCIe FE Family Controller Physical Address. . . . . . . . . : 98-4B-E1-C2-09-FC DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Tunnel adapter isatap.gateway.2wire.net: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft ISATAP Adapter Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter isatap.{6877E250-83B4-4F7A-B7A0-640380F1455D}: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2 Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter Teredo Tunneling Pseudo-Interface: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Server: home Address: 192.168.1.254 Name: google.com Addresses: 2607:f8b0:4005:800::1002 74.125.239.36 74.125.239.41 74.125.239.32 74.125.239.38 74.125.239.46 74.125.239.35 74.125.239.39 74.125.239.37 74.125.239.34 74.125.239.40 74.125.239.33 Pinging google.com [74.125.239.102] with 32 bytes of data: Reply from 74.125.239.102: bytes=32 time=50ms TTL=54 Reply from 74.125.239.102: bytes=32 time=50ms TTL=54 Ping statistics for 74.125.239.102: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 50ms, Maximum = 50ms, Average = 50ms Server: home Address: 192.168.1.254 Name: yahoo.com Addresses: 98.139.183.24 206.190.36.45 98.138.253.109 Pinging yahoo.com [98.138.253.109] with 32 bytes of data: Reply from 98.138.253.109: bytes=32 time=105ms TTL=50 Reply from 98.138.253.109: bytes=32 time=103ms TTL=50 Ping statistics for 98.138.253.109: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 103ms, Maximum = 105ms, Average = 104ms Pinging 127.0.0.1 with 32 bytes of data: Reply from 127.0.0.1: bytes=32 time<1ms TTL=128 Reply from 127.0.0.1: bytes=32 time<1ms TTL=128 Ping statistics for 127.0.0.1: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms =========================================================================== Interface List 15...cc 52 af 5d 4d 92 ......Broadcom 4313 802.11b/g/n 13...98 4b e1 c2 09 fc ......Realtek PCIe FE Family Controller 1...........................Software Loopback Interface 1 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter 16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2 14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface =========================================================================== IPv4 Route Table =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.69 25 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 192.168.1.0 255.255.255.0 On-link 192.168.1.69 281 192.168.1.69 255.255.255.255 On-link 192.168.1.69 281 192.168.1.255 255.255.255.255 On-link 192.168.1.69 281 224.0.0.0 240.0.0.0 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 192.168.1.69 281 255.255.255.255 255.255.255.255 On-link 127.0.0.1 306 255.255.255.255 255.255.255.255 On-link 192.168.1.69 281 =========================================================================== Persistent Routes: None IPv6 Route Table =========================================================================== Active Routes: If Metric Network Destination Gateway 1 306 ::1/128 On-link 15 281 fe80::/64 On-link 15 281 fe80::6d0e:26f6:9654:c587/128 On-link 1 306 ff00::/8 On-link 15 281 ff00::/8 On-link =========================================================================== Persistent Routes: None ========================= Winsock entries ===================================== Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation) Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation) Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation) Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation) Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation) Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation) Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation) x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation) x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation) x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation) x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation) x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation) x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation) x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation) x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation) x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation) x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation) x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation) x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation) x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation) x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation) x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation) x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation) x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation) ========================= Event log errors: =============================== Application errors: ================== Error: (04/22/2014 05:03:07 AM) (Source: Application Hang) (User: ) Description: The program rads_user_kernel.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1da8 Start Time: 01cf5e22b71294ea Termination Time: 2 Application Path: C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe Report Id: fe3cad17-ca15-11e3-87c6-984be1c209fc Error: (04/02/2014 03:20:04 AM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (03/28/2014 10:54:36 PM) (Source: Application Error) (User: ) Description: Faulting application name: League of Legends.exe, version: 4.4.0.1858, time stamp: 0x53214f63 Faulting module name: League of Legends.exe, version: 4.4.0.1858, time stamp: 0x53214f63 Exception code: 0xc0000005 Fault offset: 0x003e871f Faulting process id: 0x1f3c Faulting application start time: 0xLeague of Legends.exe0 Faulting application path: League of Legends.exe1 Faulting module path: League of Legends.exe2 Report Id: League of Legends.exe3 Error: (03/24/2014 02:27:34 PM) (Source: Application Hang) (User: ) Description: The program LolClient.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 17fc Start Time: 01cf47a76a30f9b3 Termination Time: 16 Application Path: C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.77\deploy\LolClient.exe Report Id: 0fb46444-b39b-11e3-870d-984be1c209fc Error: (03/21/2014 00:00:45 AM) (Source: Application Error) (User: ) Description: Faulting application name: League of Legends.exe, version: 4.4.0.1858, time stamp: 0x53214f63 Faulting module name: League of Legends.exe, version: 4.4.0.1858, time stamp: 0x53214f63 Exception code: 0xc0000005 Fault offset: 0x003e871f Faulting process id: 0xf6c Faulting application start time: 0xLeague of Legends.exe0 Faulting application path: League of Legends.exe1 Faulting module path: League of Legends.exe2 Report Id: League of Legends.exe3 Error: (03/20/2014 05:45:13 PM) (Source: Application Error) (User: ) Description: Faulting application name: League of Legends.exe, version: 4.4.0.1858, time stamp: 0x53214f63 Faulting module name: League of Legends.exe, version: 4.4.0.1858, time stamp: 0x53214f63 Exception code: 0xc0000005 Fault offset: 0x003e871f Faulting process id: 0x1ab8 Faulting application start time: 0xLeague of Legends.exe0 Faulting application path: League of Legends.exe1 Faulting module path: League of Legends.exe2 Report Id: League of Legends.exe3 Error: (03/16/2014 03:57:34 PM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (03/15/2014 11:13:05 PM) (Source: Application Hang) (User: ) Description: The program firefox.exe version 27.0.1.5156 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 13f0 Start Time: 01cf40db3d6eb506 Termination Time: 80 Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Report Id: 06761d89-acd2-11e3-870d-984be1c209fc Error: (03/15/2014 02:57:36 PM) (Source: Application Error) (User: ) Description: Faulting application name: League of Legends.exe, version: 4.3.0.495, time stamp: 0x531164e2 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x00000000 Faulting process id: 0xb18 Faulting application start time: 0xLeague of Legends.exe0 Faulting application path: League of Legends.exe1 Faulting module path: League of Legends.exe2 Report Id: League of Legends.exe3 Error: (03/13/2014 10:10:49 PM) (Source: Application Error) (User: ) Description: Faulting application name: League of Legends.exe, version: 4.3.0.495, time stamp: 0x531164e2 Faulting module name: League of Legends.exe, version: 4.3.0.495, time stamp: 0x531164e2 Exception code: 0xc0000409 Fault offset: 0x0026a388 Faulting process id: 0xf2c Faulting application start time: 0xLeague of Legends.exe0 Faulting application path: League of Legends.exe1 Faulting module path: League of Legends.exe2 Report Id: League of Legends.exe3 System errors: ============= Error: (05/21/2014 04:45:03 PM) (Source: Service Control Manager) (User: ) Description: The Computer Browser service depends on the Server service which failed to start because of the following error: %%1058 Error: (05/21/2014 04:45:03 PM) (Source: Service Control Manager) (User: ) Description: The Computer Browser service depends on the Server service which failed to start because of the following error: %%1058 Error: (05/21/2014 04:45:03 PM) (Source: Service Control Manager) (User: ) Description: The Computer Browser service depends on the Server service which failed to start because of the following error: %%1058 Error: (05/21/2014 04:45:02 PM) (Source: Service Control Manager) (User: ) Description: The Computer Browser service depends on the Server service which failed to start because of the following error: %%1058 Error: (05/21/2014 04:44:46 PM) (Source: Microsoft Antimalware) (User: ) Description: %60 has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: %24 Error Code: 0x80070002 Error description: The system cannot find the file specified. Signature version: 0.0.0.0;0.0.0.0 Engine version: %600 Error: (05/21/2014 04:30:21 PM) (Source: Service Control Manager) (User: ) Description: The Computer Browser service depends on the Server service which failed to start because of the following error: %%1058 Error: (05/21/2014 04:30:21 PM) (Source: Service Control Manager) (User: ) Description: The Computer Browser service depends on the Server service which failed to start because of the following error: %%1058 Error: (05/21/2014 04:30:19 PM) (Source: Service Control Manager) (User: ) Description: The Computer Browser service depends on the Server service which failed to start because of the following error: %%1058 Error: (05/21/2014 04:30:19 PM) (Source: Service Control Manager) (User: ) Description: The Computer Browser service depends on the Server service which failed to start because of the following error: %%1058 Error: (05/21/2014 04:30:17 PM) (Source: Service Control Manager) (User: ) Description: The Computer Browser service depends on the Server service which failed to start because of the following error: %%1058 Microsoft Office Sessions: ========================= Error: (04/22/2014 05:03:07 AM) (Source: Application Hang)(User: ) Description: rads_user_kernel.exe0.0.0.01da801cf5e22b71294ea2C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exefe3cad17-ca15-11e3-87c6-984be1c209fc Error: (04/02/2014 03:20:04 AM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Soren\Downloads\esetsmartinstaller_enu.exe Error: (03/28/2014 10:54:36 PM) (Source: Application Error)(User: ) Description: League of Legends.exe4.4.0.185853214f63League of Legends.exe4.4.0.185853214f63c0000005003e871f1f3c01cf4b1099cdca8fC:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.14\deploy\League of Legends.exeC:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.14\deploy\League of Legends.exe9b6530ef-b706-11e3-870d-984be1c209fc Error: (03/24/2014 02:27:34 PM) (Source: Application Hang)(User: ) Description: LolClient.exe0.0.0.017fc01cf47a76a30f9b316C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.77\deploy\LolClient.exe0fb46444-b39b-11e3-870d-984be1c209fc Error: (03/21/2014 00:00:45 AM) (Source: Application Error)(User: ) Description: League of Legends.exe4.4.0.185853214f63League of Legends.exe4.4.0.185853214f63c0000005003e871ff6c01cf44d0059b4422C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.14\deploy\League of Legends.exeC:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.14\deploy\League of Legends.exe857fb496-b0c6-11e3-870d-984be1c209fc Error: (03/20/2014 05:45:13 PM) (Source: Application Error)(User: ) Description: League of Legends.exe4.4.0.185853214f63League of Legends.exe4.4.0.185853214f63c0000005003e871f1ab801cf449bd4c97b60C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.14\deploy\League of Legends.exeC:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.14\deploy\League of Legends.exe0fea1a1e-b092-11e3-870d-984be1c209fc Error: (03/16/2014 03:57:34 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\Soren\downloads\esetsmartinstaller_enu.exe Error: (03/15/2014 11:13:05 PM) (Source: Application Hang)(User: ) Description: firefox.exe27.0.1.515613f001cf40db3d6eb50680C:\Program Files (x86)\Mozilla Firefox\firefox.exe06761d89-acd2-11e3-870d-984be1c209fc Error: (03/15/2014 02:57:36 PM) (Source: Application Error)(User: ) Description: League of Legends.exe4.3.0.495531164e2unknown0.0.0.000000000c000000500000000b1801cf409595b9f821C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.13\deploy\League of Legends.exeunknownd108f835-ac8c-11e3-870d-984be1c209fc Error: (03/13/2014 10:10:49 PM) (Source: Application Error)(User: ) Description: League of Legends.exe4.3.0.495531164e2League of Legends.exe4.3.0.495531164e2c00004090026a388f2c01cf3f3e29fc980bC:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.13\deploy\League of Legends.exeC:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.13\deploy\League of Legends.exe0172b0db-ab37-11e3-870d-984be1c209fc =========================== Installed Programs ============================ Adobe Flash Player 13 Plugin (Version: 13.0.0.214) Broadcom 802.11 Wireless LAN Adapter (Version: 5.60.48.61) Cisco EAP-FAST Module (Version: 2.2.14) Cisco LEAP Module (Version: 1.0.19) Cisco PEAP Module (Version: 1.1.6) Combined Community Codec Pack 2014-01-17 (Version: 2014.01.17.0) Deluge 1.3.6 KeePass Password Safe 1.26 (Version: 1.26) League of Legends (Version: 3.0.0) Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938) Microsoft Security Client (Version: 4.5.0216.0) Microsoft Security Essentials (Version: 4.5.216.0) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000) Mozilla Firefox 29.0.1 (x86 en-US) (Version: 29.0.1) Mozilla Maintenance Service (Version: 29.0.1) MPC-HC 1.7.3 (Version: 1.7.3) Realtek Ethernet Controller Driver (Version: 7.48.823.2011) Synaptics TouchPad Driver (Version: 15.3.29.0) ========================= Memory info: =================================== Percentage of memory in use: 22% Total physical RAM: 3893.86 MB Available physical RAM: 3026.43 MB Total Pagefile: 7785.9 MB Available Pagefile: 6913.41 MB Total Virtual: 4095.88 MB Available Virtual: 3961.71 MB ========================= Partitions: ===================================== 1 Drive c: () (Fixed) (Total:450.97 GB) (Free:400.63 GB) NTFS 2 Drive d: () (Fixed) (Total:14.49 GB) (Free:14.4 GB) NTFS 3 Drive e: () (Fixed) (Total:0.1 GB) (Free:0.09 GB) NTFS ========================= Users: ======================================== User accounts for \\SOREN-PC Administrator Guest Soren **** End of log ****

#6 Niko54

Niko54
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:09 AM

Posted 22 May 2014 - 12:43 AM

Here are the results for TDSSKiller 18:18:48.0102 0x0bdc TDSS rootkit removing tool 3.0.0.34 Apr 29 2014 18:20:10 18:18:53.0250 0x0bdc ============================================================ 18:18:53.0250 0x0bdc Current date / time: 2014/05/21 18:18:53.0250 18:18:53.0250 0x0bdc SystemInfo: 18:18:53.0250 0x0bdc 18:18:53.0250 0x0bdc OS Version: 6.1.7601 ServicePack: 1.0 18:18:53.0250 0x0bdc Product type: Workstation 18:18:53.0250 0x0bdc ComputerName: SOREN-PC 18:18:53.0250 0x0bdc UserName: Soren 18:18:53.0250 0x0bdc Windows directory: C:\Windows 18:18:53.0250 0x0bdc System windows directory: C:\Windows 18:18:53.0250 0x0bdc Running under WOW64 18:18:53.0250 0x0bdc Processor architecture: Intel x64 18:18:53.0250 0x0bdc Number of processors: 2 18:18:53.0250 0x0bdc Page size: 0x1000 18:18:53.0250 0x0bdc Boot type: Normal boot 18:18:53.0250 0x0bdc ============================================================ 18:18:55.0294 0x0bdc KLMD registered as C:\Windows\system32\drivers\66537342.sys 18:18:55.0481 0x0bdc System UUID: {38555B65-C788-24DB-4575-9E2AA3A24DEC} 18:18:56.0214 0x0bdc Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 18:18:56.0292 0x0bdc ============================================================ 18:18:56.0292 0x0bdc \Device\Harddisk0\DR0: 18:18:56.0292 0x0bdc MBR partitions: 18:18:56.0292 0x0bdc \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800 18:18:56.0292 0x0bdc \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x385F2800 18:18:56.0292 0x0bdc \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x38656800, BlocksNum 0x1CFB800 18:18:56.0292 0x0bdc \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x3A352000, BlocksNum 0x33830 18:18:56.0292 0x0bdc ============================================================ 18:18:56.0323 0x0bdc C: <-> \Device\Harddisk0\DR0\Partition2 18:18:56.0370 0x0bdc D: <-> \Device\Harddisk0\DR0\Partition3 18:18:56.0386 0x0bdc E: <-> \Device\Harddisk0\DR0\Partition4 18:18:56.0386 0x0bdc ============================================================ 18:18:56.0386 0x0bdc Initialize success 18:18:56.0386 0x0bdc ============================================================ 18:19:10.0925 0x0b68 ============================================================ 18:19:10.0925 0x0b68 Scan started 18:19:10.0925 0x0b68 Mode: Manual; 18:19:10.0925 0x0b68 ============================================================ 18:19:10.0925 0x0b68 KSN ping started 18:19:13.0905 0x0b68 KSN ping finished: true 18:19:14.0965 0x0b68 ================ Scan system memory ======================== 18:19:14.0965 0x0b68 System memory - ok 18:19:14.0965 0x0b68 ================ Scan services ============================= 18:19:15.0231 0x0b68 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 18:19:15.0231 0x0b68 1394ohci - ok 18:19:15.0277 0x0b68 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys 18:19:15.0293 0x0b68 ACPI - ok 18:19:15.0324 0x0b68 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 18:19:15.0324 0x0b68 AcpiPmi - ok 18:19:15.0449 0x0b68 [ 09E7C37DF4A911C8A9AA8BF88ACD10AA, E881E0BBDCED58F28E0BA8DC27372EDFFFF2C57EE31CD13A032FDC9F7C831B5A ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 18:19:15.0449 0x0b68 AdobeFlashPlayerUpdateSvc - ok 18:19:15.0527 0x0b68 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 18:19:15.0543 0x0b68 adp94xx - ok 18:19:15.0589 0x0b68 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys 18:19:15.0605 0x0b68 adpahci - ok 18:19:15.0621 0x0b68 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 18:19:15.0621 0x0b68 adpu320 - ok 18:19:15.0652 0x0b68 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 18:19:15.0652 0x0b68 AeLookupSvc - ok 18:19:15.0714 0x0b68 [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys 18:19:15.0730 0x0b68 AFD - ok 18:19:15.0761 0x0b68 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys 18:19:15.0761 0x0b68 agp440 - ok 18:19:15.0792 0x0b68 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe 18:19:15.0792 0x0b68 ALG - ok 18:19:15.0839 0x0b68 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys 18:19:15.0839 0x0b68 aliide - ok 18:19:15.0839 0x0b68 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys 18:19:15.0855 0x0b68 amdide - ok 18:19:15.0855 0x0b68 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 18:19:15.0870 0x0b68 AmdK8 - ok 18:19:15.0870 0x0b68 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 18:19:15.0870 0x0b68 AmdPPM - ok 18:19:15.0901 0x0b68 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys 18:19:15.0917 0x0b68 amdsata - ok 18:19:15.0933 0x0b68 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 18:19:15.0933 0x0b68 amdsbs - ok 18:19:15.0948 0x0b68 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys 18:19:15.0948 0x0b68 amdxata - ok 18:19:15.0995 0x0b68 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys 18:19:16.0011 0x0b68 AppID - ok 18:19:16.0026 0x0b68 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll 18:19:16.0026 0x0b68 AppIDSvc - ok 18:19:16.0057 0x0b68 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll 18:19:16.0057 0x0b68 Appinfo - ok 18:19:16.0089 0x0b68 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys 18:19:16.0104 0x0b68 arc - ok 18:19:16.0104 0x0b68 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys 18:19:16.0104 0x0b68 arcsas - ok 18:19:16.0198 0x0b68 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 18:19:16.0198 0x0b68 aspnet_state - ok 18:19:16.0229 0x0b68 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 18:19:16.0229 0x0b68 AsyncMac - ok 18:19:16.0260 0x0b68 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys 18:19:16.0260 0x0b68 atapi - ok 18:19:16.0323 0x0b68 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 18:19:16.0338 0x0b68 AudioEndpointBuilder - ok 18:19:16.0369 0x0b68 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll 18:19:16.0385 0x0b68 AudioSrv - ok 18:19:16.0416 0x0b68 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll 18:19:16.0416 0x0b68 AxInstSV - ok 18:19:16.0479 0x0b68 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 18:19:16.0494 0x0b68 b06bdrv - ok 18:19:16.0541 0x0b68 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 18:19:16.0557 0x0b68 b57nd60a - ok 18:19:16.0713 0x0b68 [ 0E7A9264576B40638A3FBC804DE1FF76, D307179E6FA5D39E03175F37D297E4D0DA86CF0FC6EFA6CFCFAA0E8713489BC5 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys 18:19:16.0806 0x0b68 BCM43XX - ok 18:19:16.0837 0x0b68 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll 18:19:16.0837 0x0b68 BDESVC - ok 18:19:16.0884 0x0b68 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys 18:19:16.0884 0x0b68 Beep - ok 18:19:16.0947 0x0b68 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll 18:19:16.0962 0x0b68 BFE - ok 18:19:17.0025 0x0b68 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll 18:19:17.0056 0x0b68 BITS - ok 18:19:17.0087 0x0b68 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 18:19:17.0087 0x0b68 blbdrive - ok 18:19:17.0134 0x0b68 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 18:19:17.0134 0x0b68 bowser - ok 18:19:17.0181 0x0b68 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 18:19:17.0181 0x0b68 BrFiltLo - ok 18:19:17.0196 0x0b68 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 18:19:17.0196 0x0b68 BrFiltUp - ok 18:19:17.0243 0x0b68 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll 18:19:17.0243 0x0b68 Browser - ok 18:19:17.0274 0x0b68 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys 18:19:17.0274 0x0b68 Brserid - ok 18:19:17.0274 0x0b68 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 18:19:17.0290 0x0b68 BrSerWdm - ok 18:19:17.0290 0x0b68 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 18:19:17.0290 0x0b68 BrUsbMdm - ok 18:19:17.0290 0x0b68 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 18:19:17.0290 0x0b68 BrUsbSer - ok 18:19:17.0352 0x0b68 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys 18:19:17.0368 0x0b68 BthEnum - ok 18:19:17.0368 0x0b68 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 18:19:17.0368 0x0b68 BTHMODEM - ok 18:19:17.0383 0x0b68 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys 18:19:17.0399 0x0b68 BthPan - ok 18:19:17.0446 0x0b68 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys 18:19:17.0461 0x0b68 BTHPORT - ok 18:19:17.0493 0x0b68 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll 18:19:17.0493 0x0b68 bthserv - ok 18:19:17.0524 0x0b68 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys 18:19:17.0524 0x0b68 BTHUSB - ok 18:19:17.0571 0x0b68 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 18:19:17.0571 0x0b68 cdfs - ok 18:19:17.0633 0x0b68 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 18:19:17.0633 0x0b68 cdrom - ok 18:19:17.0695 0x0b68 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll 18:19:17.0695 0x0b68 CertPropSvc - ok 18:19:17.0695 0x0b68 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys 18:19:17.0695 0x0b68 circlass - ok 18:19:17.0727 0x0b68 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys 18:19:17.0742 0x0b68 CLFS - ok 18:19:17.0805 0x0b68 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 18:19:17.0805 0x0b68 clr_optimization_v2.0.50727_32 - ok 18:19:17.0836 0x0b68 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 18:19:17.0836 0x0b68 clr_optimization_v2.0.50727_64 - ok 18:19:17.0914 0x0b68 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 18:19:17.0914 0x0b68 clr_optimization_v4.0.30319_32 - ok 18:19:17.0929 0x0b68 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 18:19:17.0929 0x0b68 clr_optimization_v4.0.30319_64 - ok 18:19:17.0976 0x0b68 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 18:19:17.0976 0x0b68 CmBatt - ok 18:19:17.0992 0x0b68 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys 18:19:17.0992 0x0b68 cmdide - ok 18:19:18.0054 0x0b68 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys 18:19:18.0070 0x0b68 CNG - ok 18:19:18.0132 0x0b68 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 18:19:18.0132 0x0b68 Compbatt - ok 18:19:18.0163 0x0b68 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys 18:19:18.0163 0x0b68 CompositeBus - ok 18:19:18.0179 0x0b68 COMSysApp - ok 18:19:18.0195 0x0b68 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 18:19:18.0195 0x0b68 crcdisk - ok 18:19:18.0241 0x0b68 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll 18:19:18.0257 0x0b68 CryptSvc - ok 18:19:18.0304 0x0b68 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll 18:19:18.0319 0x0b68 DcomLaunch - ok 18:19:18.0366 0x0b68 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll 18:19:18.0382 0x0b68 defragsvc - ok 18:19:18.0413 0x0b68 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys 18:19:18.0413 0x0b68 DfsC - ok 18:19:18.0460 0x0b68 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll 18:19:18.0475 0x0b68 Dhcp - ok 18:19:18.0491 0x0b68 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys 18:19:18.0491 0x0b68 discache - ok 18:19:18.0538 0x0b68 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys 18:19:18.0538 0x0b68 Disk - ok 18:19:18.0585 0x0b68 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll 18:19:18.0585 0x0b68 Dnscache - ok 18:19:18.0647 0x0b68 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll 18:19:18.0647 0x0b68 dot3svc - ok 18:19:18.0678 0x0b68 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll 18:19:18.0678 0x0b68 DPS - ok 18:19:18.0725 0x0b68 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 18:19:18.0725 0x0b68 drmkaud - ok 18:19:18.0787 0x0b68 [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 18:19:18.0819 0x0b68 DXGKrnl - ok 18:19:18.0865 0x0b68 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll 18:19:18.0865 0x0b68 EapHost - ok 18:19:19.0006 0x0b68 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys 18:19:19.0099 0x0b68 ebdrv - ok 18:19:19.0131 0x0b68 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe 18:19:19.0131 0x0b68 EFS - ok 18:19:19.0224 0x0b68 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 18:19:19.0240 0x0b68 ehRecvr - ok 18:19:19.0271 0x0b68 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe 18:19:19.0271 0x0b68 ehSched - ok 18:19:19.0333 0x0b68 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys 18:19:19.0349 0x0b68 elxstor - ok 18:19:19.0365 0x0b68 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys 18:19:19.0365 0x0b68 ErrDev - ok 18:19:19.0427 0x0b68 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll 18:19:19.0443 0x0b68 EventSystem - ok 18:19:19.0489 0x0b68 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys 18:19:19.0489 0x0b68 exfat - ok 18:19:19.0505 0x0b68 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys 18:19:19.0505 0x0b68 fastfat - ok 18:19:19.0567 0x0b68 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe 18:19:19.0583 0x0b68 Fax - ok 18:19:19.0583 0x0b68 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys 18:19:19.0599 0x0b68 fdc - ok 18:19:19.0614 0x0b68 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll 18:19:19.0614 0x0b68 fdPHost - ok 18:19:19.0630 0x0b68 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll 18:19:19.0630 0x0b68 FDResPub - ok 18:19:19.0645 0x0b68 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 18:19:19.0661 0x0b68 FileInfo - ok 18:19:19.0677 0x0b68 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 18:19:19.0677 0x0b68 Filetrace - ok 18:19:19.0692 0x0b68 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 18:19:19.0692 0x0b68 flpydisk - ok 18:19:19.0723 0x0b68 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 18:19:19.0739 0x0b68 FltMgr - ok 18:19:19.0801 0x0b68 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll 18:19:19.0848 0x0b68 FontCache - ok 18:19:19.0895 0x0b68 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 18:19:19.0895 0x0b68 FontCache3.0.0.0 - ok 18:19:19.0926 0x0b68 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 18:19:19.0926 0x0b68 FsDepends - ok 18:19:19.0942 0x0b68 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 18:19:19.0957 0x0b68 Fs_Rec - ok 18:19:20.0004 0x0b68 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 18:19:20.0004 0x0b68 fvevol - ok 18:19:20.0035 0x0b68 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 18:19:20.0035 0x0b68 gagp30kx - ok 18:19:20.0098 0x0b68 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll 18:19:20.0113 0x0b68 gpsvc - ok 18:19:20.0160 0x0b68 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 18:19:20.0160 0x0b68 hcw85cir - ok 18:19:20.0223 0x0b68 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 18:19:20.0223 0x0b68 HdAudAddService - ok 18:19:20.0269 0x0b68 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 18:19:20.0269 0x0b68 HDAudBus - ok 18:19:20.0316 0x0b68 [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys 18:19:20.0316 0x0b68 HECIx64 - ok 18:19:20.0332 0x0b68 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 18:19:20.0332 0x0b68 HidBatt - ok 18:19:20.0347 0x0b68 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys 18:19:20.0347 0x0b68 HidBth - ok 18:19:20.0363 0x0b68 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys 18:19:20.0363 0x0b68 HidIr - ok 18:19:20.0379 0x0b68 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll 18:19:20.0394 0x0b68 hidserv - ok 18:19:20.0425 0x0b68 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 18:19:20.0425 0x0b68 HidUsb - ok 18:19:20.0457 0x0b68 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll 18:19:20.0457 0x0b68 hkmsvc - ok 18:19:20.0488 0x0b68 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll 18:19:20.0488 0x0b68 HomeGroupListener - ok 18:19:20.0519 0x0b68 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 18:19:20.0535 0x0b68 HomeGroupProvider - ok 18:19:20.0535 0x0b68 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 18:19:20.0550 0x0b68 HpSAMD - ok 18:19:20.0581 0x0b68 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys 18:19:20.0613 0x0b68 HTTP - ok 18:19:20.0628 0x0b68 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 18:19:20.0628 0x0b68 hwpolicy - ok 18:19:20.0675 0x0b68 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 18:19:20.0675 0x0b68 i8042prt - ok 18:19:20.0753 0x0b68 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 18:19:20.0753 0x0b68 iaStorV - ok 18:19:20.0831 0x0b68 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 18:19:20.0862 0x0b68 idsvc - ok 18:19:20.0893 0x0b68 IEEtwCollectorService - ok 18:19:21.0377 0x0b68 [ 0D1B8C64BDF0E5CDC523A1409FFB5EF0, 92F264325C3B1F70E0ACDBC886F7DC4C32371759EA94CE359B0FABD89573DCA4 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 18:19:21.0861 0x0b68 igfx - ok 18:19:21.0954 0x0b68 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys 18:19:21.0954 0x0b68 iirsp - ok 18:19:22.0001 0x0b68 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll 18:19:22.0032 0x0b68 IKEEXT - ok 18:19:22.0048 0x0b68 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys 18:19:22.0048 0x0b68 intelide - ok 18:19:22.0079 0x0b68 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 18:19:22.0095 0x0b68 intelppm - ok 18:19:22.0110 0x0b68 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll 18:19:22.0110 0x0b68 IPBusEnum - ok 18:19:22.0141 0x0b68 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 18:19:22.0141 0x0b68 IpFilterDriver - ok 18:19:22.0188 0x0b68 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 18:19:22.0204 0x0b68 iphlpsvc - ok 18:19:22.0204 0x0b68 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 18:19:22.0219 0x0b68 IPMIDRV - ok 18:19:22.0235 0x0b68 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys 18:19:22.0235 0x0b68 IPNAT - ok 18:19:22.0282 0x0b68 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys 18:19:22.0282 0x0b68 IRENUM - ok 18:19:22.0297 0x0b68 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys 18:19:22.0297 0x0b68 isapnp - ok 18:19:22.0329 0x0b68 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 18:19:22.0329 0x0b68 iScsiPrt - ok 18:19:22.0360 0x0b68 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 18:19:22.0360 0x0b68 kbdclass - ok 18:19:22.0391 0x0b68 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 18:19:22.0391 0x0b68 kbdhid - ok 18:19:22.0407 0x0b68 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe 18:19:22.0407 0x0b68 KeyIso - ok 18:19:22.0438 0x0b68 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 18:19:22.0438 0x0b68 KSecDD - ok 18:19:22.0453 0x0b68 [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 18:19:22.0469 0x0b68 KSecPkg - ok 18:19:22.0516 0x0b68 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 18:19:22.0516 0x0b68 ksthunk - ok 18:19:22.0547 0x0b68 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll 18:19:22.0563 0x0b68 KtmRm - ok 18:19:22.0609 0x0b68 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll 18:19:22.0625 0x0b68 LanmanServer - ok 18:19:22.0625 0x0b68 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 18:19:22.0641 0x0b68 LanmanWorkstation - ok 18:19:22.0687 0x0b68 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 18:19:22.0687 0x0b68 lltdio - ok 18:19:22.0734 0x0b68 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll 18:19:22.0734 0x0b68 lltdsvc - ok 18:19:22.0781 0x0b68 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll 18:19:22.0781 0x0b68 lmhosts - ok 18:19:22.0828 0x0b68 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 18:19:22.0828 0x0b68 LSI_FC - ok 18:19:22.0875 0x0b68 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 18:19:22.0875 0x0b68 LSI_SAS - ok 18:19:22.0906 0x0b68 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 18:19:22.0906 0x0b68 LSI_SAS2 - ok 18:19:22.0921 0x0b68 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 18:19:22.0937 0x0b68 LSI_SCSI - ok 18:19:22.0968 0x0b68 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys 18:19:22.0968 0x0b68 luafv - ok 18:19:23.0015 0x0b68 [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 18:19:23.0015 0x0b68 MBAMProtector - ok 18:19:23.0077 0x0b68 [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe 18:19:23.0093 0x0b68 MBAMScheduler - ok 18:19:23.0140 0x0b68 [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 18:19:23.0171 0x0b68 MBAMService - ok 18:19:23.0202 0x0b68 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 18:19:23.0202 0x0b68 Mcx2Svc - ok 18:19:23.0233 0x0b68 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys 18:19:23.0233 0x0b68 megasas - ok 18:19:23.0249 0x0b68 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 18:19:23.0249 0x0b68 MegaSR - ok 18:19:23.0280 0x0b68 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll 18:19:23.0280 0x0b68 MMCSS - ok 18:19:23.0296 0x0b68 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys 18:19:23.0296 0x0b68 Modem - ok 18:19:23.0327 0x0b68 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 18:19:23.0327 0x0b68 monitor - ok 18:19:23.0343 0x0b68 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 18:19:23.0343 0x0b68 mouclass - ok 18:19:23.0389 0x0b68 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 18:19:23.0389 0x0b68 mouhid - ok 18:19:23.0405 0x0b68 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 18:19:23.0405 0x0b68 mountmgr - ok 18:19:23.0467 0x0b68 [ E1B6FCAE82474FC071155263E2841D54, 341E2CEB1A86586730130311C4FAF86851151D5F08EF915A5F89B6C4094AE1F4 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 18:19:23.0467 0x0b68 MozillaMaintenance - ok 18:19:23.0514 0x0b68 [ 9EB89625A82AC961F25E7C865947BF9A, 91DB9530CDE883DC60BE621AC4210ACD069631D9466E37411D9D6AEE587098D9 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys 18:19:23.0514 0x0b68 MpFilter - ok 18:19:23.0530 0x0b68 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys 18:19:23.0545 0x0b68 mpio - ok 18:19:23.0577 0x0b68 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 18:19:23.0592 0x0b68 mpsdrv - ok 18:19:23.0639 0x0b68 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll 18:19:23.0670 0x0b68 MpsSvc - ok 18:19:23.0717 0x0b68 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 18:19:23.0717 0x0b68 MRxDAV - ok 18:19:23.0748 0x0b68 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 18:19:23.0748 0x0b68 mrxsmb - ok 18:19:23.0764 0x0b68 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 18:19:23.0764 0x0b68 mrxsmb10 - ok 18:19:23.0795 0x0b68 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 18:19:23.0795 0x0b68 mrxsmb20 - ok 18:19:23.0811 0x0b68 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys 18:19:23.0826 0x0b68 msahci - ok 18:19:23.0842 0x0b68 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys 18:19:23.0857 0x0b68 msdsm - ok 18:19:23.0873 0x0b68 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe 18:19:23.0873 0x0b68 MSDTC - ok 18:19:23.0904 0x0b68 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys 18:19:23.0920 0x0b68 Msfs - ok 18:19:23.0935 0x0b68 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 18:19:23.0951 0x0b68 mshidkmdf - ok 18:19:23.0951 0x0b68 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 18:19:23.0951 0x0b68 msisadrv - ok 18:19:23.0982 0x0b68 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 18:19:23.0998 0x0b68 MSiSCSI - ok 18:19:23.0998 0x0b68 msiserver - ok 18:19:24.0045 0x0b68 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 18:19:24.0045 0x0b68 MSKSSRV - ok 18:19:24.0107 0x0b68 [ 89F2AEDC2788696702141AB82C3E7866, E166CBD8D3C708737C37172221945D8E56C25C2CC750889C3CE14AA2DE750F33 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe 18:19:24.0107 0x0b68 MsMpSvc - ok 18:19:24.0107 0x0b68 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 18:19:24.0107 0x0b68 MSPCLOCK - ok 18:19:24.0123 0x0b68 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 18:19:24.0123 0x0b68 MSPQM - ok 18:19:24.0154 0x0b68 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 18:19:24.0154 0x0b68 MsRPC - ok 18:19:24.0169 0x0b68 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 18:19:24.0169 0x0b68 mssmbios - ok 18:19:24.0201 0x0b68 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 18:19:24.0201 0x0b68 MSTEE - ok 18:19:24.0216 0x0b68 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 18:19:24.0216 0x0b68 MTConfig - ok 18:19:24.0232 0x0b68 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys 18:19:24.0247 0x0b68 Mup - ok 18:19:24.0279 0x0b68 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll 18:19:24.0294 0x0b68 napagent - ok 18:19:24.0341 0x0b68 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 18:19:24.0357 0x0b68 NativeWifiP - ok 18:19:24.0435 0x0b68 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys 18:19:24.0466 0x0b68 NDIS - ok 18:19:24.0513 0x0b68 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 18:19:24.0513 0x0b68 NdisCap - ok 18:19:24.0544 0x0b68 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 18:19:24.0544 0x0b68 NdisTapi - ok 18:19:24.0575 0x0b68 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 18:19:24.0575 0x0b68 Ndisuio - ok 18:19:24.0591 0x0b68 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 18:19:24.0606 0x0b68 NdisWan - ok 18:19:24.0622 0x0b68 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 18:19:24.0622 0x0b68 NDProxy - ok 18:19:24.0622 0x0b68 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 18:19:24.0637 0x0b68 NetBIOS - ok 18:19:24.0653 0x0b68 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 18:19:24.0653 0x0b68 NetBT - ok 18:19:24.0669 0x0b68 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe 18:19:24.0669 0x0b68 Netlogon - ok 18:19:24.0715 0x0b68 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll 18:19:24.0715 0x0b68 Netman - ok 18:19:24.0778 0x0b68 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 18:19:24.0778 0x0b68 NetMsmqActivator - ok 18:19:24.0793 0x0b68 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 18:19:24.0793 0x0b68 NetPipeActivator - ok 18:19:24.0825 0x0b68 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll 18:19:24.0840 0x0b68 netprofm - ok 18:19:24.0856 0x0b68 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 18:19:24.0856 0x0b68 NetTcpActivator - ok 18:19:24.0871 0x0b68 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 18:19:24.0871 0x0b68 NetTcpPortSharing - ok 18:19:24.0918 0x0b68 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 18:19:24.0918 0x0b68 nfrd960 - ok 18:19:24.0949 0x0b68 [ C3E0696C3B42F694C5822776AA6FFFDF, 80C3DEC2C48500F96C9E677450EFC1ADA9FE9FBB70F4CC2D7D9244B1A515418B ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys 18:19:24.0949 0x0b68 NisDrv - ok 18:19:24.0965 0x0b68 [ DCEE3592299B2229A0DB98CB415059A2, 709AAA095DF44DDCB6159CE1635AB05EC666D845445790E569F56B297DC64AC3 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe 18:19:24.0981 0x0b68 NisSrv - ok 18:19:25.0012 0x0b68 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll 18:19:25.0012 0x0b68 NlaSvc - ok 18:19:25.0027 0x0b68 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys 18:19:25.0027 0x0b68 Npfs - ok 18:19:25.0059 0x0b68 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll 18:19:25.0059 0x0b68 nsi - ok 18:19:25.0074 0x0b68 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 18:19:25.0074 0x0b68 nsiproxy - ok 18:19:25.0168 0x0b68 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 18:19:25.0215 0x0b68 Ntfs - ok 18:19:25.0246 0x0b68 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys 18:19:25.0246 0x0b68 Null - ok 18:19:25.0277 0x0b68 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys 18:19:25.0293 0x0b68 nvraid - ok 18:19:25.0308 0x0b68 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys 18:19:25.0308 0x0b68 nvstor - ok 18:19:25.0324 0x0b68 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 18:19:25.0339 0x0b68 nv_agp - ok 18:19:25.0339 0x0b68 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 18:19:25.0355 0x0b68 ohci1394 - ok 18:19:25.0386 0x0b68 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 18:19:25.0402 0x0b68 p2pimsvc - ok 18:19:25.0433 0x0b68 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll 18:19:25.0449 0x0b68 p2psvc - ok 18:19:25.0449 0x0b68 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys 18:19:25.0464 0x0b68 Parport - ok 18:19:25.0480 0x0b68 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys 18:19:25.0480 0x0b68 partmgr - ok 18:19:25.0495 0x0b68 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll 18:19:25.0511 0x0b68 PcaSvc - ok 18:19:25.0527 0x0b68 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys 18:19:25.0542 0x0b68 pci - ok 18:19:25.0558 0x0b68 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys 18:19:25.0558 0x0b68 pciide - ok 18:19:25.0589 0x0b68 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 18:19:25.0589 0x0b68 pcmcia - ok 18:19:25.0620 0x0b68 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys 18:19:25.0620 0x0b68 pcw - ok 18:19:25.0651 0x0b68 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys 18:19:25.0667 0x0b68 PEAUTH - ok 18:19:25.0745 0x0b68 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe 18:19:25.0761 0x0b68 PerfHost - ok 18:19:25.0839 0x0b68 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll 18:19:25.0885 0x0b68 pla - ok 18:19:25.0948 0x0b68 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 18:19:25.0963 0x0b68 PlugPlay - ok 18:19:25.0979 0x0b68 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 18:19:25.0995 0x0b68 PNRPAutoReg - ok 18:19:26.0010 0x0b68 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 18:19:26.0010 0x0b68 PNRPsvc - ok 18:19:26.0057 0x0b68 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 18:19:26.0073 0x0b68 PolicyAgent - ok 18:19:26.0104 0x0b68 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll 18:19:26.0104 0x0b68 Power - ok 18:19:26.0151 0x0b68 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 18:19:26.0151 0x0b68 PptpMiniport - ok 18:19:26.0166 0x0b68 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys 18:19:26.0182 0x0b68 Processor - ok 18:19:26.0229 0x0b68 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll 18:19:26.0229 0x0b68 ProfSvc - ok 18:19:26.0244 0x0b68 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe 18:19:26.0244 0x0b68 ProtectedStorage - ok 18:19:26.0275 0x0b68 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys 18:19:26.0275 0x0b68 Psched - ok 18:19:26.0369 0x0b68 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 18:19:26.0400 0x0b68 ql2300 - ok 18:19:26.0447 0x0b68 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 18:19:26.0447 0x0b68 ql40xx - ok 18:19:26.0463 0x0b68 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll 18:19:26.0478 0x0b68 QWAVE - ok 18:19:26.0494 0x0b68 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 18:19:26.0494 0x0b68 QWAVEdrv - ok 18:19:26.0509 0x0b68 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 18:19:26.0509 0x0b68 RasAcd - ok 18:19:26.0541 0x0b68 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 18:19:26.0556 0x0b68 RasAgileVpn - ok 18:19:26.0572 0x0b68 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll 18:19:26.0572 0x0b68 RasAuto - ok 18:19:26.0587 0x0b68 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 18:19:26.0603 0x0b68 Rasl2tp - ok 18:19:26.0619 0x0b68 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll 18:19:26.0634 0x0b68 RasMan - ok 18:19:26.0650 0x0b68 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 18:19:26.0650 0x0b68 RasPppoe - ok 18:19:26.0665 0x0b68 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 18:19:26.0681 0x0b68 RasSstp - ok 18:19:26.0712 0x0b68 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 18:19:26.0712 0x0b68 rdbss - ok 18:19:26.0743 0x0b68 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys 18:19:26.0743 0x0b68 rdpbus - ok 18:19:26.0759 0x0b68 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 18:19:26.0759 0x0b68 RDPCDD - ok 18:19:26.0790 0x0b68 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 18:19:26.0790 0x0b68 RDPENCDD - ok 18:19:26.0821 0x0b68 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 18:19:26.0837 0x0b68 RDPREFMP - ok 18:19:26.0884 0x0b68 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 18:19:26.0899 0x0b68 RdpVideoMiniport - ok 18:19:26.0931 0x0b68 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 18:19:26.0946 0x0b68 RDPWD - ok 18:19:26.0977 0x0b68 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 18:19:26.0993 0x0b68 rdyboost - ok 18:19:27.0024 0x0b68 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll 18:19:27.0024 0x0b68 RemoteAccess - ok 18:19:27.0055 0x0b68 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll 18:19:27.0055 0x0b68 RemoteRegistry - ok 18:19:27.0087 0x0b68 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 18:19:27.0087 0x0b68 RFCOMM - ok 18:19:27.0118 0x0b68 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 18:19:27.0118 0x0b68 RpcEptMapper - ok 18:19:27.0133 0x0b68 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe 18:19:27.0133 0x0b68 RpcLocator - ok 18:19:27.0180 0x0b68 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll 18:19:27.0196 0x0b68 RpcSs - ok 18:19:27.0227 0x0b68 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 18:19:27.0243 0x0b68 rspndr - ok 18:19:27.0321 0x0b68 [ 9140DB0911DE035FED0A9A77A2D156EA, 07C9D7E2978062ABD84B58B390360D4C0F72C6A5A2310444579DC095943BD008 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 18:19:27.0336 0x0b68 RTL8167 - ok 18:19:27.0352 0x0b68 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe 18:19:27.0352 0x0b68 SamSs - ok 18:19:27.0367 0x0b68 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 18:19:27.0367 0x0b68 sbp2port - ok 18:19:27.0383 0x0b68 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll 18:19:27.0399 0x0b68 SCardSvr - ok 18:19:27.0414 0x0b68 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 18:19:27.0430 0x0b68 scfilter - ok 18:19:27.0477 0x0b68 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll 18:19:27.0508 0x0b68 Schedule - ok 18:19:27.0539 0x0b68 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll 18:19:27.0539 0x0b68 SCPolicySvc - ok 18:19:27.0570 0x0b68 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll 18:19:27.0586 0x0b68 SDRSVC - ok 18:19:27.0633 0x0b68 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys 18:19:27.0633 0x0b68 secdrv - ok 18:19:27.0648 0x0b68 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll 18:19:27.0648 0x0b68 seclogon - ok 18:19:27.0664 0x0b68 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll 18:19:27.0664 0x0b68 SENS - ok 18:19:27.0695 0x0b68 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll 18:19:27.0695 0x0b68 SensrSvc - ok 18:19:27.0711 0x0b68 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys 18:19:27.0711 0x0b68 Serenum - ok 18:19:27.0742 0x0b68 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys 18:19:27.0742 0x0b68 Serial - ok 18:19:27.0757 0x0b68 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys 18:19:27.0773 0x0b68 sermouse - ok 18:19:27.0804 0x0b68 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll 18:19:27.0820 0x0b68 SessionEnv - ok 18:19:27.0835 0x0b68 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 18:19:27.0835 0x0b68 sffdisk - ok 18:19:27.0835 0x0b68 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 18:19:27.0835 0x0b68 sffp_mmc - ok 18:19:27.0835 0x0b68 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 18:19:27.0851 0x0b68 sffp_sd - ok 18:19:27.0867 0x0b68 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 18:19:27.0867 0x0b68 sfloppy - ok 18:19:27.0898 0x0b68 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll 18:19:27.0913 0x0b68 SharedAccess - ok 18:19:27.0945 0x0b68 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 18:19:27.0960 0x0b68 ShellHWDetection - ok 18:19:27.0960 0x0b68 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 18:19:27.0960 0x0b68 SiSRaid2 - ok 18:19:27.0976 0x0b68 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 18:19:27.0976 0x0b68 SiSRaid4 - ok 18:19:28.0007 0x0b68 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys 18:19:28.0007 0x0b68 Smb - ok 18:19:28.0038 0x0b68 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 18:19:28.0038 0x0b68 SNMPTRAP - ok 18:19:28.0054 0x0b68 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys 18:19:28.0054 0x0b68 spldr - ok 18:19:28.0101 0x0b68 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe 18:19:28.0116 0x0b68 Spooler - ok 18:19:28.0257 0x0b68 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe 18:19:28.0366 0x0b68 sppsvc - ok 18:19:28.0397 0x0b68 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll 18:19:28.0397 0x0b68 sppuinotify - ok 18:19:28.0444 0x0b68 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys 18:19:28.0459 0x0b68 srv - ok 18:19:28.0491 0x0b68 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 18:19:28.0506 0x0b68 srv2 - ok 18:19:28.0537 0x0b68 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 18:19:28.0553 0x0b68 srvnet - ok 18:19:28.0584 0x0b68 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 18:19:28.0584 0x0b68 SSDPSRV - ok 18:19:28.0600 0x0b68 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll 18:19:28.0600 0x0b68 SstpSvc - ok 18:19:28.0631 0x0b68 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys 18:19:28.0631 0x0b68 stexstor - ok 18:19:28.0678 0x0b68 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll 18:19:28.0693 0x0b68 stisvc - ok 18:19:28.0709 0x0b68 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 18:19:28.0709 0x0b68 swenum - ok 18:19:28.0787 0x0b68 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll 18:19:28.0803 0x0b68 swprv - ok 18:19:28.0865 0x0b68 [ AC3CC98B1BDB6540021D3FFB105AC2B9, 671146CC16139AECE0BCCC44983807E045A930E262F64461D0D882A0A0B77E4F ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys 18:19:28.0865 0x0b68 SynTP - ok 18:19:28.0974 0x0b68 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll 18:19:29.0037 0x0b68 SysMain - ok 18:19:29.0052 0x0b68 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll 18:19:29.0052 0x0b68 TabletInputService - ok 18:19:29.0068 0x0b68 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll 18:19:29.0083 0x0b68 TapiSrv - ok 18:19:29.0115 0x0b68 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll 18:19:29.0115 0x0b68 TBS - ok 18:19:29.0208 0x0b68 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip C:\Windows\system32\drivers\tcpip.sys 18:19:29.0271 0x0b68 Tcpip - ok 18:19:29.0364 0x0b68 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 18:19:29.0411 0x0b68 TCPIP6 - ok 18:19:29.0442 0x0b68 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 18:19:29.0442 0x0b68 tcpipreg - ok 18:19:29.0473 0x0b68 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 18:19:29.0473 0x0b68 TDPIPE - ok 18:19:29.0505 0x0b68 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 18:19:29.0505 0x0b68 TDTCP - ok 18:19:29.0536 0x0b68 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 18:19:29.0536 0x0b68 tdx - ok 18:19:29.0551 0x0b68 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 18:19:29.0551 0x0b68 TermDD - ok 18:19:29.0598 0x0b68 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll 18:19:29.0614 0x0b68 TermService - ok 18:19:29.0629 0x0b68 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll 18:19:29.0629 0x0b68 Themes - ok 18:19:29.0645 0x0b68 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll 18:19:29.0645 0x0b68 THREADORDER - ok 18:19:29.0661 0x0b68 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll 18:19:29.0676 0x0b68 TrkWks - ok 18:19:29.0707 0x0b68 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 18:19:29.0723 0x0b68 TrustedInstaller - ok 18:19:29.0739 0x0b68 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 18:19:29.0739 0x0b68 tssecsrv - ok 18:19:29.0785 0x0b68 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 18:19:29.0785 0x0b68 TsUsbFlt - ok 18:19:29.0817 0x0b68 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 18:19:29.0817 0x0b68 TsUsbGD - ok 18:19:29.0863 0x0b68 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 18:19:29.0863 0x0b68 tunnel - ok 18:19:29.0895 0x0b68 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 18:19:29.0895 0x0b68 uagp35 - ok 18:19:29.0910 0x0b68 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 18:19:29.0926 0x0b68 udfs - ok 18:19:29.0957 0x0b68 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe 18:19:29.0957 0x0b68 UI0Detect - ok 18:19:29.0973 0x0b68 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 18:19:29.0973 0x0b68 uliagpkx - ok 18:19:30.0004 0x0b68 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys 18:19:30.0004 0x0b68 umbus - ok 18:19:30.0004 0x0b68 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys 18:19:30.0004 0x0b68 UmPass - ok 18:19:30.0051 0x0b68 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll 18:19:30.0051 0x0b68 upnphost - ok 18:19:30.0097 0x0b68 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 18:19:30.0113 0x0b68 usbccgp - ok 18:19:30.0129 0x0b68 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys 18:19:30.0129 0x0b68 usbcir - ok 18:19:30.0160 0x0b68 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 18:19:30.0160 0x0b68 usbehci - ok 18:19:30.0207 0x0b68 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 18:19:30.0207 0x0b68 usbhub - ok 18:19:30.0238 0x0b68 [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci C:\Windows\system32\drivers\usbohci.sys 18:19:30.0238 0x0b68 usbohci - ok 18:19:30.0253 0x0b68 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys 18:19:30.0253 0x0b68 usbprint - ok 18:19:30.0285 0x0b68 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 18:19:30.0285 0x0b68 USBSTOR - ok 18:19:30.0300 0x0b68 [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 18:19:30.0300 0x0b68 usbuhci - ok 18:19:30.0331 0x0b68 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys 18:19:30.0347 0x0b68 usbvideo - ok 18:19:30.0378 0x0b68 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll 18:19:30.0378 0x0b68 UxSms - ok 18:19:30.0394 0x0b68 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe 18:19:30.0394 0x0b68 VaultSvc - ok 18:19:30.0425 0x0b68 [ A19BC248306CD27A3013042AD17ADEB8, DA0B7E3AEB6E58816F31B639C5E5BE34698299260A2A08C232DFBB172C115259 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys 18:19:30.0472 0x0b68 VBoxNetAdp - ok 18:19:30.0472 0x0b68 VBoxNetFlt - ok 18:19:30.0503 0x0b68 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 18:19:30.0503 0x0b68 vdrvroot - ok 18:19:30.0565 0x0b68 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe 18:19:30.0581 0x0b68 vds - ok 18:19:30.0628 0x0b68 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 18:19:30.0628 0x0b68 vga - ok 18:19:30.0643 0x0b68 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys 18:19:30.0643 0x0b68 VgaSave - ok 18:19:30.0643 0x0b68 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 18:19:30.0659 0x0b68 vhdmp - ok 18:19:30.0675 0x0b68 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys 18:19:30.0675 0x0b68 viaide - ok 18:19:30.0690 0x0b68 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys 18:19:30.0690 0x0b68 volmgr - ok 18:19:30.0721 0x0b68 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 18:19:30.0721 0x0b68 volmgrx - ok 18:19:30.0753 0x0b68 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys 18:19:30.0753 0x0b68 volsnap - ok 18:19:30.0768 0x0b68 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 18:19:30.0784 0x0b68 vsmraid - ok 18:19:30.0862 0x0b68 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe 18:19:30.0909 0x0b68 VSS - ok 18:19:30.0924 0x0b68 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 18:19:30.0924 0x0b68 vwifibus - ok 18:19:30.0955 0x0b68 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 18:19:30.0955 0x0b68 vwififlt - ok 18:19:31.0002 0x0b68 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll 18:19:31.0018 0x0b68 W32Time - ok 18:19:31.0033 0x0b68 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 18:19:31.0049 0x0b68 WacomPen - ok 18:19:31.0080 0x0b68 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 18:19:31.0080 0x0b68 WANARP - ok 18:19:31.0096 0x0b68 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 18:19:31.0096 0x0b68 Wanarpv6 - ok 18:19:31.0189 0x0b68 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 18:19:31.0236 0x0b68 WatAdminSvc - ok 18:19:31.0330 0x0b68 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe 18:19:31.0377 0x0b68 wbengine - ok 18:19:31.0392 0x0b68 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 18:19:31.0408 0x0b68 WbioSrvc - ok 18:19:31.0423 0x0b68 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll 18:19:31.0439 0x0b68 wcncsvc - ok 18:19:31.0470 0x0b68 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 18:19:31.0470 0x0b68 WcsPlugInService - ok 18:19:31.0501 0x0b68 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys 18:19:31.0501 0x0b68 Wd - ok 18:19:31.0548 0x0b68 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 18:19:31.0564 0x0b68 Wdf01000 - ok 18:19:31.0626 0x0b68 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll 18:19:31.0626 0x0b68 WdiServiceHost - ok 18:19:31.0626 0x0b68 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll 18:19:31.0642 0x0b68 WdiSystemHost - ok 18:19:31.0673 0x0b68 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll 18:19:31.0689 0x0b68 WebClient - ok 18:19:31.0704 0x0b68 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll 18:19:31.0704 0x0b68 Wecsvc - ok 18:19:31.0720 0x0b68 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll 18:19:31.0735 0x0b68 wercplsupport - ok 18:19:31.0782 0x0b68 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll 18:19:31.0782 0x0b68 WerSvc - ok 18:19:31.0829 0x0b68 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 18:19:31.0829 0x0b68 WfpLwf - ok 18:19:31.0845 0x0b68 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys 18:19:31.0860 0x0b68 WIMMount - ok 18:19:31.0891 0x0b68 WinDefend - ok 18:19:31.0907 0x0b68 WinHttpAutoProxySvc - ok 18:19:31.0985 0x0b68 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 18:19:31.0985 0x0b68 Winmgmt - ok 18:19:32.0079 0x0b68 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll 18:19:32.0141 0x0b68 WinRM - ok 18:19:32.0219 0x0b68 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll 18:19:32.0235 0x0b68 Wlansvc - ok 18:19:32.0266 0x0b68 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys 18:19:32.0266 0x0b68 WmiAcpi - ok 18:19:32.0313 0x0b68 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 18:19:32.0313 0x0b68 wmiApSrv - ok 18:19:32.0328 0x0b68 WMPNetworkSvc - ok 18:19:32.0359 0x0b68 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll 18:19:32.0359 0x0b68 WPCSvc - ok 18:19:32.0391 0x0b68 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 18:19:32.0391 0x0b68 WPDBusEnum - ok 18:19:32.0406 0x0b68 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 18:19:32.0406 0x0b68 ws2ifsl - ok 18:19:32.0422 0x0b68 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll 18:19:32.0422 0x0b68 wscsvc - ok 18:19:32.0437 0x0b68 WSearch - ok 18:19:32.0562 0x0b68 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll 18:19:32.0625 0x0b68 wuauserv - ok 18:19:32.0656 0x0b68 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 18:19:32.0671 0x0b68 WudfPf - ok 18:19:32.0718 0x0b68 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 18:19:32.0718 0x0b68 WUDFRd - ok 18:19:32.0734 0x0b68 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 18:19:32.0749 0x0b68 wudfsvc - ok 18:19:32.0781 0x0b68 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll 18:19:32.0781 0x0b68 WwanSvc - ok 18:19:32.0796 0x0b68 ================ Scan global =============================== 18:19:32.0827 0x0b68 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll 18:19:32.0859 0x0b68 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll 18:19:32.0874 0x0b68 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll 18:19:32.0905 0x0b68 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll 18:19:32.0921 0x0b68 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe 18:19:32.0937 0x0b68 [ Global ] - ok 18:19:32.0937 0x0b68 ================ Scan MBR ================================== 18:19:32.0952 0x0b68 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 18:19:33.0264 0x0b68 \Device\Harddisk0\DR0 - ok 18:19:33.0264 0x0b68 ================ Scan VBR ================================== 18:19:33.0264 0x0b68 [ 79A8A6A9369C9A8161E313C009E35FFA ] \Device\Harddisk0\DR0\Partition1 18:19:33.0280 0x0b68 \Device\Harddisk0\DR0\Partition1 - ok 18:19:33.0280 0x0b68 [ 64F3EA2D1924330CEE9F6AE17DF865CB ] \Device\Harddisk0\DR0\Partition2 18:19:33.0280 0x0b68 \Device\Harddisk0\DR0\Partition2 - ok 18:19:33.0280 0x0b68 [ 09DF22A4BC03BCAAE8D66B394D477D34 ] \Device\Harddisk0\DR0\Partition3 18:19:33.0280 0x0b68 \Device\Harddisk0\DR0\Partition3 - ok 18:19:33.0280 0x0b68 [ 9E9AE502237D461A260CDFE538046837 ] \Device\Harddisk0\DR0\Partition4 18:19:33.0280 0x0b68 \Device\Harddisk0\DR0\Partition4 - ok 18:19:33.0295 0x0b68 Waiting for KSN requests completion. In queue: 302 18:19:34.0309 0x0b68 Waiting for KSN requests completion. In queue: 302 18:19:35.0323 0x0b68 Waiting for KSN requests completion. In queue: 302 18:19:36.0337 0x0b68 Waiting for KSN requests completion. In queue: 302 18:19:37.0367 0x0b68 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.5.216.0 ), 0x61000 ( enabled : updated ) 18:19:37.0398 0x0b68 Win FW state via NFP2: enabled 18:19:40.0471 0x0b68 ============================================================ 18:19:40.0471 0x0b68 Scan finished 18:19:40.0471 0x0b68 ============================================================ 18:19:40.0471 0x02a8 Detected object count: 0 18:19:40.0471 0x02a8 Actual detected object count: 0 18:19:55.0042 0x0b18 Deinitialize success

#7 Niko54

Niko54
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:09 AM

Posted 22 May 2014 - 12:46 AM

Here are the results for AdwCleaner # AdwCleaner v3.210 - Report created 21/05/2014 at 18:20:49 # Updated 19/05/2014 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Soren - SOREN-PC # Running from : C:\Users\Soren\Downloads\AdwCleaner.exe # Option : Scan ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17041 -\\ Mozilla Firefox v29.0.1 (en-US) [ File : C:\Users\Soren\AppData\Roaming\Mozilla\Firefox\Profiles\adfp9jio.default\prefs.js ] ************************* AdwCleaner[R0].txt - [637 octets] - [21/05/2014 18:20:49] ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [696 octets] ##########

#8 Niko54

Niko54
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:09 AM

Posted 22 May 2014 - 12:48 AM

Here are the results for Junkware Removal Tool ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.1.4 (04.06.2014:1) OS: Windows 7 Home Premium x64 Ran by Soren on Wed 05/21/2014 at 20:00:40.50 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin" ~~~ FireFox Emptied folder: C:\Users\Soren\AppData\Roaming\mozilla\firefox\profiles\adfp9jio.default\minidumps [6 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Wed 05/21/2014 at 20:06:01.65 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#9 Niko54

Niko54
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:09 AM

Posted 22 May 2014 - 12:50 AM

And finally the results for ESET C:\Users\Soren\AppData\Local\Temp\ICReinstall_Adobe_Flash_Setup.exe Win32/InstallCore.MM potentially unwanted application deleted - quarantined C:\Users\Soren\Downloads\winzip18.exe a variant of Win32/InstallCore.NP potentially unwanted application deleted - quarantined

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:09 PM

Posted 22 May 2014 - 10:48 AM

Looks like we got the Flash infection. How is it now?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 Niko54

Niko54
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:09 AM

Posted 22 May 2014 - 12:09 PM

I haven't had any issue this morning. Are there any other tools that I can use to look for other possible problems? Thanks again for taking the time to help me with this issue.

#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:09 PM

Posted 22 May 2014 - 12:51 PM

Lets also run..

Download RogueKiller from one of the following links and save it to your desktop:
  • Link 1
  • Link 2
    • Close all programs and disconnect any USB or external drives before running the tool.
    • Double-click RogueKiller.exe to run the tool (Vista or 7 users: Right-click and select Run As Administrator).
    • Once the Prescan has finished, click Scan.
    • Once the Status box shows "Scan Finished", just close the program. <--Don't fix anything!
    • Copy and paste the report that opens into your next reply.
      • The log can also be found on your desktop labeled (RKreport[X]_S_xxdatexx_xtimex)
      • The highest number of [X], is the most recent Scan
and.. Download 51a5f31352b88-icon_MBAR.pngMalwarebytes Anti-Rootkit to your desktop.
  • Extract the ZIP archive and double-click "mbar.exe" to start the tool.
  • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
  • Click in the introduction screen "next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
  • When the scan is finished and no malware has been found select "Exit".
  • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
  • Open the MBAR folder and paste the content of the following files in your next reply:
    • "mbar-log-{date} (xx-xx-xx).txt"
    • "system-log.txt"

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 Niko54

Niko54
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:09 AM

Posted 22 May 2014 - 07:34 PM

Here are the results for RogueKiller RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software mail : http://www.adlice.com/contact/ Feedback : http://forum.adlice.com Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://www.adlice.com Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Soren [Admin rights] Mode : Scan -- Date : 05/22/2014 16:34:58 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 4 ¤¤¤ [HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND [HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Browser Addons : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS545050B9A300 ATA Device +++++ --- User --- [MBR] 3aec3c1d6a92b8468ca5253037656b33 [BSP] b27509906ed6353760ff27ab2267a1ef : Windows 7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 MB 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 461797 MB 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 946169856 | Size: 14839 MB 3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 976560128 | Size: 103 MB User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[0]_S_05222014_163458.txt >>

#14 Niko54

Niko54
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:09 AM

Posted 22 May 2014 - 07:37 PM

and the results for Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit BETA 1.07.0.1009 www.malwarebytes.org Database version: v2014.05.22.13 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.17107 Soren :: SOREN-PC [administrator] 5/22/2014 4:46:59 PM mbar-log-2014-05-22 (16-46-59).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 245761 Time elapsed: 11 minute(s), 4 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.07.0.1009 © Malwarebytes Corporation 2011-2012 OS version: 6.1.7601 Windows 7 Service Pack 1 x64 Account is Administrative Internet Explorer version: 11.0.9600.17107 File system is: NTFS Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED CPU speed: 2.261000 GHz Memory total: 4083007488, free: 2613309440 Downloaded database version: v2014.05.22.13 Downloaded database version: v2014.05.21.01 ======================================= ------------ Kernel report ------------ 05/22/2014 16:46:51 ------------ Loaded modules ----------- \SystemRoot\system32\ntoskrnl.exe \SystemRoot\system32\hal.dll \SystemRoot\system32\kdcom.dll \SystemRoot\system32\mcupdate_GenuineIntel.dll \SystemRoot\system32\PSHED.dll \SystemRoot\system32\CLFS.SYS \SystemRoot\system32\CI.dll \SystemRoot\system32\drivers\Wdf01000.sys \SystemRoot\system32\drivers\WDFLDR.SYS \SystemRoot\system32\drivers\ACPI.sys \SystemRoot\system32\drivers\WMILIB.SYS \SystemRoot\system32\drivers\msisadrv.sys \SystemRoot\system32\drivers\pci.sys \SystemRoot\system32\drivers\vdrvroot.sys \SystemRoot\System32\drivers\partmgr.sys \SystemRoot\system32\DRIVERS\compbatt.sys \SystemRoot\system32\DRIVERS\BATTC.SYS \SystemRoot\system32\drivers\volmgr.sys \SystemRoot\System32\drivers\volmgrx.sys \SystemRoot\System32\drivers\mountmgr.sys \SystemRoot\system32\drivers\atapi.sys \SystemRoot\system32\drivers\ataport.SYS \SystemRoot\system32\drivers\msahci.sys \SystemRoot\system32\drivers\PCIIDEX.SYS \SystemRoot\system32\drivers\amdxata.sys \SystemRoot\system32\drivers\fltmgr.sys \SystemRoot\system32\drivers\fileinfo.sys \SystemRoot\system32\DRIVERS\MpFilter.sys \SystemRoot\System32\Drivers\Ntfs.sys \SystemRoot\System32\Drivers\msrpc.sys \SystemRoot\System32\Drivers\ksecdd.sys \SystemRoot\System32\Drivers\cng.sys \SystemRoot\System32\drivers\pcw.sys \SystemRoot\System32\Drivers\Fs_Rec.sys \SystemRoot\system32\drivers\ndis.sys \SystemRoot\system32\drivers\NETIO.SYS \SystemRoot\System32\Drivers\ksecpkg.sys \SystemRoot\System32\drivers\tcpip.sys \SystemRoot\System32\drivers\fwpkclnt.sys \SystemRoot\system32\drivers\volsnap.sys \SystemRoot\System32\Drivers\spldr.sys \SystemRoot\System32\drivers\rdyboost.sys \SystemRoot\System32\Drivers\mup.sys \SystemRoot\System32\drivers\hwpolicy.sys \SystemRoot\System32\DRIVERS\fvevol.sys \SystemRoot\system32\drivers\disk.sys \SystemRoot\system32\drivers\CLASSPNP.SYS \SystemRoot\system32\DRIVERS\cdrom.sys \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \SystemRoot\System32\drivers\vga.sys \SystemRoot\System32\drivers\VIDEOPRT.SYS \SystemRoot\System32\drivers\watchdog.sys \SystemRoot\System32\DRIVERS\RDPCDD.sys \SystemRoot\system32\drivers\rdpencdd.sys \SystemRoot\system32\drivers\rdprefmp.sys \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\system32\DRIVERS\tdx.sys \SystemRoot\system32\DRIVERS\TDI.SYS \SystemRoot\system32\drivers\afd.sys \SystemRoot\System32\DRIVERS\netbt.sys \SystemRoot\system32\DRIVERS\wfplwf.sys \SystemRoot\system32\DRIVERS\pacer.sys \SystemRoot\system32\DRIVERS\vwififlt.sys \SystemRoot\system32\DRIVERS\netbios.sys \SystemRoot\system32\DRIVERS\wanarp.sys \SystemRoot\system32\DRIVERS\termdd.sys \SystemRoot\system32\DRIVERS\rdbss.sys \SystemRoot\system32\drivers\nsiproxy.sys \SystemRoot\system32\DRIVERS\mssmbios.sys \SystemRoot\System32\drivers\discache.sys \SystemRoot\System32\Drivers\dfsc.sys \SystemRoot\system32\DRIVERS\blbdrive.sys \SystemRoot\system32\DRIVERS\tunnel.sys \SystemRoot\system32\DRIVERS\igdkmd64.sys \SystemRoot\System32\drivers\dxgkrnl.sys \SystemRoot\System32\drivers\dxgmms1.sys \SystemRoot\system32\DRIVERS\HECIx64.sys \SystemRoot\system32\DRIVERS\usbehci.sys \SystemRoot\system32\DRIVERS\USBPORT.SYS \SystemRoot\system32\DRIVERS\HDAudBus.sys \SystemRoot\system32\DRIVERS\bcmwl664.sys \SystemRoot\system32\DRIVERS\vwifibus.sys \SystemRoot\system32\DRIVERS\Rt64win7.sys \SystemRoot\system32\DRIVERS\i8042prt.sys \SystemRoot\system32\DRIVERS\kbdclass.sys \SystemRoot\system32\DRIVERS\SynTP.sys \SystemRoot\system32\DRIVERS\USBD.SYS \SystemRoot\system32\DRIVERS\mouclass.sys \SystemRoot\system32\DRIVERS\CmBatt.sys \SystemRoot\system32\DRIVERS\wmiacpi.sys \SystemRoot\system32\DRIVERS\intelppm.sys \SystemRoot\system32\DRIVERS\CompositeBus.sys \SystemRoot\system32\DRIVERS\AgileVpn.sys \SystemRoot\system32\DRIVERS\rasl2tp.sys \SystemRoot\system32\DRIVERS\ndistapi.sys \SystemRoot\system32\DRIVERS\ndiswan.sys \SystemRoot\system32\DRIVERS\raspppoe.sys \SystemRoot\system32\DRIVERS\raspptp.sys \SystemRoot\system32\DRIVERS\rassstp.sys \SystemRoot\system32\DRIVERS\swenum.sys \SystemRoot\system32\DRIVERS\ks.sys \SystemRoot\system32\DRIVERS\umbus.sys \SystemRoot\system32\DRIVERS\usbhub.sys \SystemRoot\System32\Drivers\NDProxy.SYS \SystemRoot\system32\drivers\HdAudio.sys \SystemRoot\system32\drivers\portcls.sys \SystemRoot\system32\drivers\drmk.sys \SystemRoot\system32\drivers\ksthunk.sys \SystemRoot\System32\win32k.sys \SystemRoot\System32\drivers\Dxapi.sys \SystemRoot\System32\Drivers\crashdmp.sys \SystemRoot\System32\Drivers\dump_dumpata.sys \SystemRoot\System32\Drivers\dump_msahci.sys \SystemRoot\System32\Drivers\dump_dumpfve.sys \SystemRoot\system32\DRIVERS\usbccgp.sys \SystemRoot\system32\DRIVERS\hidusb.sys \SystemRoot\system32\DRIVERS\HIDCLASS.SYS \SystemRoot\system32\DRIVERS\HIDPARSE.SYS \SystemRoot\system32\DRIVERS\kbdhid.sys \SystemRoot\system32\DRIVERS\mouhid.sys \SystemRoot\system32\DRIVERS\monitor.sys \SystemRoot\System32\TSDDD.dll \SystemRoot\System32\cdd.dll \SystemRoot\system32\drivers\luafv.sys \SystemRoot\system32\DRIVERS\lltdio.sys \SystemRoot\system32\DRIVERS\nwifi.sys \SystemRoot\system32\DRIVERS\ndisuio.sys \SystemRoot\system32\DRIVERS\rspndr.sys \SystemRoot\system32\DRIVERS\bowser.sys \SystemRoot\System32\drivers\mpsdrv.sys \SystemRoot\system32\DRIVERS\mrxsmb.sys \SystemRoot\system32\DRIVERS\mrxsmb10.sys \SystemRoot\system32\DRIVERS\mrxsmb20.sys \SystemRoot\system32\drivers\peauth.sys \SystemRoot\System32\Drivers\secdrv.SYS \SystemRoot\System32\drivers\tcpipreg.sys \SystemRoot\System32\DRIVERS\srvnet.sys \SystemRoot\System32\DRIVERS\srv2.sys \SystemRoot\System32\DRIVERS\srv.sys \SystemRoot\system32\drivers\HTTP.sys \SystemRoot\system32\DRIVERS\asyncmac.sys \??\C:\Windows\system32\drivers\mbamchameleon.sys \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys \Windows\System32\ntdll.dll \Windows\System32\smss.exe \Windows\System32\apisetschema.dll \Windows\System32\autochk.exe \Windows\System32\setupapi.dll \Windows\System32\urlmon.dll \Windows\System32\normaliz.dll \Windows\System32\ws2_32.dll \Windows\System32\imagehlp.dll \Windows\System32\usp10.dll \Windows\System32\difxapi.dll \Windows\System32\comdlg32.dll \Windows\System32\wininet.dll \Windows\System32\lpk.dll \Windows\System32\msvcrt.dll \Windows\System32\nsi.dll \Windows\System32\psapi.dll \Windows\System32\iertutil.dll \Windows\System32\ole32.dll \Windows\System32\oleaut32.dll \Windows\System32\user32.dll \Windows\System32\imm32.dll \Windows\System32\kernel32.dll \Windows\System32\msctf.dll \Windows\System32\clbcatq.dll \Windows\System32\shlwapi.dll \Windows\System32\sechost.dll \Windows\System32\gdi32.dll \Windows\System32\rpcrt4.dll \Windows\System32\shell32.dll \Windows\System32\Wldap32.dll \Windows\System32\advapi32.dll \Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll \Windows\System32\KernelBase.dll \Windows\System32\crypt32.dll \Windows\System32\cfgmgr32.dll \Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll \Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll \Windows\System32\comctl32.dll \Windows\System32\devobj.dll \Windows\System32\wintrust.dll \Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll \Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll \Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll \Windows\System32\msasn1.dll \Windows\SysWOW64\normaliz.dll ----------- End ----------- Done! <<<1>>> Upper Device Name: \Device\Harddisk0\DR0 Upper Device Object: 0xfffffa8005084060 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-0\ Lower Device Object: 0xfffffa8004ef3060 Lower Device Driver Name: \Driver\atapi\ <<<2>>> Physical Sector Size: 512 Drive: 0, DevicePointer: 0xfffffa8005084060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa8005084b90, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa8005084060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa8004ef3060, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes <<<2>>> <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers... <<<2>>> <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Done! Drive 0 Scanning MBR on drive 0... Inspecting partition table: MBR Signature: 55AA Disk Signature: F4AEA3A7 Partition information: Partition 0 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 2048 Numsec = 407552 Partition file system is NTFS Partition is bootable Partition 1 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 409600 Numsec = 945760256 Partition 2 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 946169856 Numsec = 30390272 Partition 3 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 976560128 Numsec = 210992 Disk Size: 500107862016 bytes Sector size: 512 bytes Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)... Done! Scan finished ======================================= Removal queue found; removal started Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam... Removal finished

#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:09 PM

Posted 23 May 2014 - 03:17 PM

  • Close all programs and disconnect any USB or external drives before running the tool.
  • Double-click RogueKiller.exe to run the tool again (Vista or 7 users: Right-click and select Run As Administrator).
  • Once the Prescan has finished, click Scan.
  • Once the Status box shows "Scan Finished", this time click the Delete button.
  • Copy and paste the report that opens into your next reply.
    • The log can also be found on your desktop labeled (RKreport[X]_D_xxdatexx_xtimex)
    • The highest number of [X], is the most recent Delete

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users