Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

High CPU usage unless task manager is open


  • This topic is locked This topic is locked
19 replies to this topic

#1 AzZazell

AzZazell

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:04 AM

Posted 31 May 2014 - 05:43 AM

Hi! My english is not so good, so, sorry in advance for my grammar mistakes!
So, I've looked on many places and searched through all kind of sites trying to solve my problem, but I was not able to.

My issue is, my computer is relatively new, bought it in january. I am saying this because even with the high usage of the cpu, I'am still able to use it normaly!

The usage of CPU is around 40% as you can see on the print, even higher some times.

This happens only when the Task Manager is closed. In the moment I open it, it drops to 1 0r 2%

 

CPU%20high%20usage.png

 

I think the usage of my CPU is not of 100% as the other people with a similar problem.

I looked into my computer for the archive Igfxupdate.exe which I read about here, but didnt found it on my computer, so I think I have a different problem!

I got worried because in my search to solve the problem, I notice that this could be dangerous for me.
Found out that this could be a malware or trojans, and I buy a lot of stuffs on internet.

PS: I have run lots of ant virus and malware/trojan killers on the pc, and It didnt found anything dangerous.
Currently my anti-virus is AVG Internet Security 2014

My windows is 8.1

Hope you guys can help me :)

Thx in advance!



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,586 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:04 AM

Posted 04 June 2014 - 08:09 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Download Malwarebytes' Anti-Malware from Here

Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).
  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • The scan may take some time to finish,so please be patient.
  • If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

Download the correct version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.

Let me know what problem persists.

#3 AzZazell

AzZazell
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:04 AM

Posted 04 June 2014 - 06:41 PM

Thank you very much for your reply!

The problem remains.
As I've said before, I have AVG Internet Secutiry instaled, is there a problem if I keep it with the malwarebytes runing at same time? It will slow down the pc?

I didnt paste here the log of Malwarebytes, as you didnt asked for it in the previous message!

 

AdwCleaner[S0]

 

# AdwCleaner v3.211 - Report created 04/06/2014 at 20:16:33
# Updated 26/05/2014 by Xplode
# Operating System : Windows 8.1 Enterprise  (64 bits)
# Username : Iderlan - AZZAZEL
# Running from : C:\Users\Iderlan\Desktop\Nova pasta\adwcleaner_3.211.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Iderlan\AppData\Local\PackageAware
Folder Deleted : C:\Users\Iderlan\AppData\Roaming\Mozilla\Firefox\Profiles\7qa418qk.default\Extensions\anttoolbar@ant.com
File Deleted : C:\END
File Deleted : C:\Users\Iderlan\AppData\Local\AnyProtectScannerSetup.exe
File Deleted : C:\Windows\Tasks\APSnotifierCA.job
File Deleted : C:\Windows\System32\Tasks\APSnotifierCA

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2974C985-8151-4DE5-B23C-B875F0A8522F}
Key Deleted : HKCU\Software\AnyProtect
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IM

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17037


-\\ Mozilla Firefox v26.0 (pt-BR)

[ File : C:\Users\Iderlan\AppData\Roaming\Mozilla\Firefox\Profiles\7qa418qk.default\prefs.js ]


-\\ Google Chrome v35.0.1916.114

[ File : C:\Users\Iderlan\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1672 octets] - [04/06/2014 20:13:36]
AdwCleaner[S0].txt - [1530 octets] - [04/06/2014 20:16:33]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1590 octets] ##########

 

FRST

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-06-2014
Ran by Iderlan (administrator) on AZZAZEL on 04-06-2014 20:24:57
Running from C:\Users\Iderlan\Desktop\Nova pasta
Platform: Windows 8.1 Enterprise (Update 1) (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\Garena Plus\ggdllhost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe
(BitTorrent Inc.) C:\Users\Iderlan\AppData\Roaming\uTorrent\uTorrent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(iSkySoft) C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [286192 2013-01-31] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671792 2014-03-14] (Realtek Semiconductor)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5181456 2014-05-13] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2000896 2014-04-04] (iSkySoft)
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\iSkysoft\Video Converter Ultimate\DelayPluginI.exe
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-202358927-2866052510-320876986-1001\...\Run: [GoogleDriveSync] => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
HKU\S-1-5-21-202358927-2866052510-320876986-1001\...\Run: [Google Update] => C:\Users\Iderlan\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-01-27] (Google Inc.)
HKU\S-1-5-21-202358927-2866052510-320876986-1001\...\Run: [GarenaPlus] => C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe [9936176 2014-04-29] ()
HKU\S-1-5-21-202358927-2866052510-320876986-1001\...\Run: [uTorrent] => C:\Users\Iderlan\AppData\Roaming\uTorrent\uTorrent.exe [1520208 2014-04-29] (BitTorrent Inc.)
HKU\S-1-5-21-202358927-2866052510-320876986-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com.br/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.br.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x5E1CFBF2C51BCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-BR,pt;q=0.8,en-US;q=0.5,en;q=0.3
SearchScopes: HKCU - {1C4702B3-C40B-4256-AF45-AE2EF07C3869} URL = http://www.google.com/search?hl=en&q={searchTerms}
BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.25.1

FireFox:
========
FF ProfilePath: C:\Users\Iderlan\AppData\Roaming\Mozilla\Firefox\Profiles\7qa418qk.default
FF SelectedSearchEngine: Google
FF Homepage: https://www.google.com.br/
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20host%20%3D%3D%20's.hulu.com'%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('youtube.com%2Fvideoplayback')%20!%3D%20-1%20%26%26%20url.indexOf('%26gcr%3Dus')%20!%3D%20-1%20%26%26%20url.indexOf('%26ptchn')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fext.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fpiki.fm*')%20%7C%7C%20(shExpMatch(host%2C%20'(*.turntable.fm%7Cturntable.fm)')%20%26%26%20url.indexOf('.css')%20%3D%3D%20-1%20%26%26%20url.indexOf('.js')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fhtml5.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Flisten.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.grooveshark.com*')%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fdsc.discovery.com%2F*')%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*'))%20%7B%20return%20'PROXY%20ab-us22.personalitycores.com%3A8000%3B%20PROXY%20ab-us01.personalitycores.com%3A8000%3B%20PROXY%20ab-us18.personalitycores.com%3A8000%3B%20PROXY%20ab-us13.personalitycores.com%3A8000%3B%20PROXY%20ab-us15.personalitycores.com%3A8000%3B%20PROXY%20ab-us20.personalitycores.com%3A8000%3B%20PROXY%20ab-us17.personalitycores.com%3A8000%3B%20PROXY%20ab-us03.personalitycores.com%3A8000%3B%20PROXY%20ab-us16.personalitycores.com%3A8000%3B%20PROXY%20ab-us09.personalitycores.com%3A8000%3B%20PROXY%20ab-us12.personalitycores.com%3A8000%3B%20PROXY%20ab-us14.personalitycores.com%3A8000%3B%20PROXY%20ab-us10.personalitycores.com%3A8000%3B%20PROXY%20ab-us21.personalitycores.com%3A8000%3B%20PROXY%20ab-us11.personalitycores.com%3A8000%3B%20PROXY%20ab-us08.personalitycores.com%3A8000%3B%20PROXY%20ab-us02.personalitycores.com%3A8000%3B%20PROXY%20ab-us07.personalitycores.com%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D"
FF NetworkProxy: "no_proxies_on", ""
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @t.garena.com/garenatalk - C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Iderlan\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Iderlan\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: gastecnologia.com.br/sf/uni - C:\Users\Iderlan\AppData\Local\GAS Tecnologia\GBBD\npsf_uni.dll (GAS Tecnologia)
FF SearchPlugin: C:\Users\Iderlan\AppData\Roaming\Mozilla\Firefox\Profiles\7qa418qk.default\searchplugins\s-amazon-byskipity-int.xml
FF SearchPlugin: C:\Users\Iderlan\AppData\Roaming\Mozilla\Firefox\Profiles\7qa418qk.default\searchplugins\s-amazon.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\buscape.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolivre.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-br.xml
FF Extension: Flash Video Downloader - Full HD Download - C:\Users\Iderlan\AppData\Roaming\Mozilla\Firefox\Profiles\7qa418qk.default\Extensions\artur.dubovoy@gmail.com [2014-05-09]
FF Extension: Download Youtube Videos + - C:\Users\Iderlan\AppData\Roaming\Mozilla\Firefox\Profiles\7qa418qk.default\Extensions\video.downloader.plugin@ffpimp.com [2014-01-26]
FF Extension: Flashblock - C:\Users\Iderlan\AppData\Roaming\Mozilla\Firefox\Profiles\7qa418qk.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2014-01-26]
FF Extension: DownloadHelper - C:\Users\Iderlan\AppData\Roaming\Mozilla\Firefox\Profiles\7qa418qk.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-29]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Iderlan\AppData\Roaming\Mozilla\Firefox\Profiles\7qa418qk.default\Extensions\adblockpopups@jessehakanen.net.xpi [2014-03-20]
FF Extension: MEGA - C:\Users\Iderlan\AppData\Roaming\Mozilla\Firefox\Profiles\7qa418qk.default\Extensions\firefox@mega.co.nz.xpi [2014-05-02]
FF Extension: FlashGot - C:\Users\Iderlan\AppData\Roaming\Mozilla\Firefox\Profiles\7qa418qk.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2014-01-26]
FF Extension: DebridItalia Firefox Addon - C:\Users\Iderlan\AppData\Roaming\Mozilla\Firefox\Profiles\7qa418qk.default\Extensions\{1D880060-8F84-43b2-8B4B-9419D8413B97}.xpi [2014-04-06]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Iderlan\AppData\Roaming\Mozilla\Firefox\Profiles\7qa418qk.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2014-01-26]
FF Extension: Download YouTube Videos as MP4 - C:\Users\Iderlan\AppData\Roaming\Mozilla\Firefox\Profiles\7qa418qk.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2014-01-26]
FF Extension: Adblock Plus - C:\Users\Iderlan\AppData\Roaming\Mozilla\Firefox\Profiles\7qa418qk.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-26]
FF Extension: Download Statusbar - C:\Users\Iderlan\AppData\Roaming\Mozilla\Firefox\Profiles\7qa418qk.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2014-01-26]
FF Extension: flashget3 Extension - C:\Users\Iderlan\AppData\Roaming\Mozilla\Firefox\Profiles\7qa418qk.default\Extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}.xpi [2014-04-06]
FF Extension: Guardião - Itaú 30 horas - C:\Users\Iderlan\AppData\Local\GAS Tecnologia\GBBD\uni\xpi [2014-04-18]
FF HKCU\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E8873}] - C:\Users\Iderlan\AppData\Local\GAS Tecnologia\GBBD\uni\xpi
FF Extension: Guardião - Itaú 30 horas - C:\Users\Iderlan\AppData\Local\GAS Tecnologia\GBBD\uni\xpi [2014-04-18]

Chrome:
=======
CHR HomePage: hxxp://google.com/
CHR StartupUrls: "https://www.google.com.br/"
CHR DefaultSearchKeyword: google.com.br
CHR Extension: (Google Docs) - C:\Users\Iderlan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-27]
CHR Extension: (Google Drive) - C:\Users\Iderlan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-27]
CHR Extension: (Session Manager) - C:\Users\Iderlan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbcnbpafconjjigibnhbfmmgdbbkcjfi [2014-05-20]
CHR Extension: (MEGA) - C:\Users\Iderlan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2014-05-02]
CHR Extension: (YouTube) - C:\Users\Iderlan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-27]
CHR Extension: (Online Tvs 24/7 Live) - C:\Users\Iderlan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekljmehgggjhhbehkpacbmfmfcpkccm [2014-01-27]
CHR Extension: (Image Downloader) - C:\Users\Iderlan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj [2014-04-28]
CHR Extension: (Pesquisa do Google) - C:\Users\Iderlan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-27]
CHR Extension: (AdBlock) - C:\Users\Iderlan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-01-27]
CHR Extension: (Google Play) - C:\Users\Iderlan\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2014-01-27]
CHR Extension: (FVD Downloader) - C:\Users\Iderlan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [2014-03-05]
CHR Extension: (Google Wallet) - C:\Users\Iderlan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-27]
CHR Extension: (Gmail) - C:\Users\Iderlan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-27]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Iderlan\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-01-27]

==================== Services (Whitelisted) =================

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1473792 2014-05-13] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3644432 2014-05-13] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [292424 2014-05-13] (AVG Technologies CZ, s.r.o.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-01-31] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [296432 1999-12-31] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21007192 2014-04-30] (NVIDIA Corporation)
S3 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
S3 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
S3 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)
S2 NMSAccess; "C:\Program Files (x86)\Blaze Media Pro\NMSAccess32.exe"  [X]

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21584 2013-02-19] ()
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [236312 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [191768 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [323352 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130328 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [274712 2014-03-31] (AVG Technologies CZ, s.r.o.)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-04-16] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [468240 2013-08-29] (Intel Corporation)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-10] (Microsoft Corporation)
S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-08-22] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-04] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [118272 2014-03-20] (Intel Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18776 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924504 2014-02-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-25] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-02] (Synaptics Incorporated)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-19] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [21584 2013-05-06] ()
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
R0 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-03-13] (Microsoft Corporation)
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-04 20:24 - 2014-06-04 20:24 - 00000000 ____D () C:\FRST
2014-06-04 20:13 - 2014-06-04 20:17 - 00000000 ____D () C:\AdwCleaner
2014-06-04 20:13 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-04 20:00 - 2014-06-04 20:18 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-04 20:00 - 2014-06-04 20:00 - 00001114 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-04 20:00 - 2014-06-04 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-04 20:00 - 2014-06-04 20:00 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-04 20:00 - 2014-06-04 20:00 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-04 20:00 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-04 20:00 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-04 20:00 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-04 09:31 - 2014-06-04 09:31 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-06-04 09:31 - 2014-06-04 09:31 - 00000000 ____D () C:\Program Files\Realtek
2014-06-04 09:30 - 2014-03-14 08:08 - 03896920 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-06-04 09:30 - 2014-03-14 06:14 - 00628440 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-06-04 09:30 - 2014-03-14 03:42 - 00947928 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-06-04 09:30 - 2014-03-12 06:19 - 57362432 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-06-04 09:30 - 2014-03-11 10:50 - 00853784 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-06-04 09:30 - 2014-03-10 23:06 - 01738032 _____ () C:\Windows\system32\SStudio.dll
2014-06-04 09:30 - 2014-03-06 23:57 - 02794200 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-06-04 09:30 - 2014-03-06 05:35 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-06-04 09:30 - 2014-03-04 18:11 - 01048824 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2014-06-04 09:30 - 2014-03-04 18:11 - 00889592 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2014-06-04 09:30 - 2014-03-04 18:11 - 00724728 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2014-06-04 09:30 - 2014-03-04 18:11 - 00246008 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2014-06-04 09:30 - 2014-03-04 09:27 - 02831576 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-06-04 09:30 - 2014-03-03 09:21 - 01019608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-06-04 09:30 - 2014-02-27 09:02 - 02162992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2014-06-04 09:30 - 2014-02-25 21:48 - 00942384 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOSettingsIPC.dll
2014-06-04 09:30 - 2014-02-25 21:47 - 05751048 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2014-06-04 09:30 - 2014-02-18 07:12 - 01042520 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-06-04 09:30 - 2014-02-18 07:12 - 00882776 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\MaxxAudioAPOShell.dll
2014-06-04 09:30 - 2014-02-18 06:04 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-06-04 09:30 - 2014-02-18 03:48 - 02396760 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2014-06-04 09:30 - 2014-02-18 03:48 - 01424984 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2014-06-04 09:30 - 2014-02-18 03:48 - 01423960 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2014-06-04 09:30 - 2014-02-16 09:30 - 28314200 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2014-06-04 09:30 - 2014-02-16 09:30 - 14742104 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2014-06-04 09:30 - 2014-02-16 09:30 - 12816472 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2014-06-04 09:30 - 2014-02-16 09:30 - 03927640 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll
2014-06-04 09:30 - 2014-02-16 09:30 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-06-04 09:30 - 2014-02-16 09:30 - 02040920 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-06-04 09:30 - 2014-02-16 09:30 - 01933400 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2014-06-04 09:30 - 2014-02-06 00:28 - 05804772 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2014-06-04 09:30 - 2014-01-31 06:28 - 00938608 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2014-06-04 09:30 - 2014-01-31 06:27 - 01313904 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2014-06-04 09:30 - 2014-01-28 00:48 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-06-04 09:30 - 2013-10-15 16:43 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-06-04 09:30 - 2013-10-11 01:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-06-04 09:30 - 2013-10-11 00:31 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2014-06-04 09:30 - 2013-10-06 13:26 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2014-06-04 09:30 - 2013-10-06 13:26 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2014-06-04 09:30 - 2013-10-06 13:26 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2014-06-04 09:30 - 2013-09-09 17:02 - 06217904 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2014-06-04 09:30 - 2013-09-09 17:02 - 00313520 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2014-06-04 09:30 - 2013-09-09 17:01 - 01938608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2014-06-04 09:30 - 2013-09-09 17:01 - 00260272 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2014-06-04 09:30 - 2013-08-20 06:37 - 00605496 _____ () C:\Windows\system32\audioLibVc.dll
2014-06-04 09:30 - 2013-08-14 04:36 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2014-06-04 09:30 - 2013-08-14 04:35 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-06-04 09:30 - 2013-06-25 01:47 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2014-06-04 09:30 - 2013-06-25 01:47 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2014-06-04 09:30 - 2013-06-25 01:46 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2014-06-04 09:30 - 2013-06-21 00:01 - 00109848 _____ () C:\Windows\system32\AcpiServiceVnA64.dll
2014-06-04 09:30 - 2013-04-03 03:13 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2014-06-04 09:30 - 2012-08-31 08:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2014-06-04 09:30 - 2012-08-31 08:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2014-06-04 09:30 - 2012-08-31 08:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2014-06-04 09:30 - 2012-08-31 08:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2014-06-04 09:30 - 2012-08-31 08:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2014-06-04 09:30 - 2012-03-08 00:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-06-04 09:30 - 2012-01-30 00:43 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2014-06-04 09:30 - 2012-01-09 23:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2014-06-04 09:30 - 2011-12-20 04:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-06-04 09:30 - 2011-11-22 05:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2014-06-04 09:30 - 2011-09-02 03:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2014-06-04 09:30 - 2011-09-02 03:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2014-06-04 09:30 - 2011-09-02 03:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2014-06-04 09:30 - 2011-08-23 06:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2014-06-04 09:30 - 2011-05-30 22:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2014-06-04 09:30 - 2011-05-30 22:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2014-06-04 09:30 - 2011-05-30 22:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2014-06-04 09:30 - 2011-05-30 22:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2014-06-04 09:30 - 2011-05-30 22:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2014-06-04 09:30 - 2011-05-30 22:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2014-06-04 09:30 - 2011-05-30 22:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2014-06-04 09:30 - 2011-05-30 22:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2014-06-04 09:30 - 2011-05-30 22:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2014-06-04 09:30 - 2011-05-30 22:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2014-06-04 09:30 - 2011-05-30 22:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2014-06-04 09:30 - 2011-05-30 22:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2014-06-04 09:30 - 2011-03-17 01:17 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2014-06-04 09:30 - 2011-03-07 06:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2014-06-04 09:30 - 2010-11-07 20:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-06-04 09:30 - 2010-11-07 20:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-06-04 09:30 - 2010-11-07 20:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-06-04 09:30 - 2010-11-07 20:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-06-04 09:30 - 2010-11-07 20:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-06-04 09:30 - 2010-11-07 20:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-06-04 09:30 - 2010-11-03 07:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-06-04 09:30 - 2010-09-26 22:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2014-06-04 09:30 - 2010-07-22 05:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2014-06-04 09:30 - 2009-11-23 22:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2014-06-04 09:30 - 2009-11-23 22:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2014-06-04 09:30 - 2009-11-23 22:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2014-06-04 09:30 - 2009-11-23 22:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2014-06-04 09:25 - 2014-06-04 09:25 - 00000000 ____D () C:\Windows\LastGood
2014-06-04 09:21 - 2014-06-04 20:24 - 00000000 ____D () C:\Users\Iderlan\Desktop\Nova pasta
2014-06-04 04:42 - 2014-06-04 05:51 - 81848724 _____ (Igor Pavlov) C:\Users\Iderlan\Downloads\mb_driver_vga_intel_64_8series.exe
2014-06-04 04:41 - 2014-06-04 09:10 - 353551310 _____ () C:\Users\Iderlan\Downloads\mb_driver_net_framework.zip
2014-06-04 04:41 - 2014-06-04 05:23 - 60061952 _____ (Igor Pavlov) C:\Users\Iderlan\Downloads\mb_driver_intel_me_8series.exe
2014-06-04 04:41 - 2014-06-04 05:02 - 46200861 _____ (Igor Pavlov) C:\Users\Iderlan\Downloads\mb_driver_lan_intel_8series.exe
2014-06-04 04:40 - 2014-06-04 06:27 - 127976339 _____ (Igor Pavlov) C:\Users\Iderlan\Downloads\mb_driver_audio_realtek_8series.exe
2014-06-03 08:21 - 2014-06-03 08:24 - 733007872 _____ () C:\Users\Iderlan\Downloads\Pec_e_Tent.avi
2014-06-03 01:00 - 2014-06-03 01:00 - 00000000 ____D () C:\Users\Iderlan\Desktop\WifeBucket
2014-06-03 00:31 - 2014-06-03 00:31 - 00002346 _____ () C:\Users\Iderlan\Desktop\CBH Captcha Solver.lnk
2014-06-03 00:31 - 2014-06-03 00:31 - 00000000 ____D () C:\Program Files (x86)\Brotherhood Software
2014-06-01 21:48 - 2014-06-01 21:48 - 00000000 ____D () C:\Users\Iderlan\Documents\Bigasoft Total Video Converter
2014-06-01 21:47 - 2014-06-01 21:47 - 00000000 ____D () C:\Users\Iderlan\AppData\Roaming\Bigasoft Total Video Converter 4
2014-06-01 20:57 - 2014-06-01 20:57 - 00000000 ____D () C:\Users\Iderlan\Documents\iSkysoft Video Converter Ultimate
2014-06-01 20:57 - 2014-06-01 20:57 - 00000000 ____D () C:\Users\Iderlan\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
2014-06-01 20:56 - 2014-06-01 20:56 - 00000000 ____D () C:\Users\Iderlan\AppData\Local\iSkysoft
2014-06-01 20:56 - 2013-08-23 13:36 - 00721263 _____ () C:\Windows\SysWOW64\ISCM64.dll
2014-06-01 20:55 - 2014-06-01 21:41 - 00000000 ____D () C:\Program Files (x86)\iSkysoft
2014-06-01 20:55 - 2014-06-01 21:31 - 00000000 ____D () C:\ProgramData\iSkysoft Video Converter Ultimate
2014-06-01 20:55 - 2014-06-01 20:55 - 00000000 ____D () C:\Users\Public\Documents\iSkysoft
2014-06-01 20:48 - 2014-06-01 20:48 - 00003584 _____ () C:\Users\Iderlan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-06-01 08:54 - 2014-06-01 08:57 - 351395074 _____ () C:\Users\Iderlan\Downloads\i_xxxp140416bbttscsh_avi.rar
2014-05-31 19:36 - 2014-06-04 20:20 - 00006464 _____ () C:\Windows\SysWOW64\Gms.log
2014-05-31 06:21 - 2014-05-31 06:21 - 00007621 _____ () C:\Users\Iderlan\AppData\Local\Resmon.ResmonCfg
2014-05-31 05:51 - 2014-05-19 20:10 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-05-31 05:50 - 2014-05-31 05:54 - 00000000 ____D () C:\Windows\LastGood.Tmp
2014-05-31 05:50 - 2014-05-19 23:44 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-05-31 05:50 - 2014-05-19 23:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-05-31 05:50 - 2014-05-19 23:44 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-05-31 05:50 - 2014-05-19 23:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-05-31 05:50 - 2014-05-19 23:44 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-05-31 05:50 - 2014-05-19 23:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-05-31 05:50 - 2014-05-19 23:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-05-31 05:50 - 2014-05-19 23:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-05-31 05:50 - 2014-05-19 23:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-05-31 05:50 - 2014-05-19 23:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-05-31 05:50 - 2014-05-19 23:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-05-31 05:50 - 2014-05-19 23:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-05-31 05:50 - 2014-05-19 23:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-05-31 05:50 - 2014-05-19 23:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-05-31 05:50 - 2014-05-19 23:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-05-31 05:50 - 2014-05-19 23:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-05-31 05:50 - 2014-05-19 23:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-05-31 05:50 - 2014-05-19 23:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-05-31 05:50 - 2014-05-19 23:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-05-31 05:50 - 2014-05-19 23:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-05-31 05:50 - 2014-05-19 23:44 - 00492376 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-05-31 05:50 - 2014-05-19 23:44 - 00416712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-05-31 05:50 - 2014-05-19 23:44 - 00382240 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-05-31 05:50 - 2014-05-19 23:44 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-05-31 05:50 - 2014-05-19 23:44 - 00335704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-05-31 05:50 - 2014-05-19 23:44 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-05-31 05:49 - 2014-03-31 13:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-05-31 05:49 - 2014-03-31 13:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-05-30 18:18 - 2014-05-30 18:18 - 02381964 _____ () C:\Users\Iderlan\Downloads\ふつうにエッチ_tumblr_lxdx28cCcg1r3gmtn_r1.mov
2014-05-30 16:21 - 2014-05-30 16:22 - 48670581 _____ () C:\Users\Iderlan\Downloads\Mistress_bleep_slave_ass_with_a_shoe_while_milking_Handjob_Free_porn_videos_5250_y79v5df80r.flv
2014-05-29 21:29 - 2014-06-02 18:53 - 00000206 _____ () C:\Users\Iderlan\Desktop\N series.txt
2014-05-26 14:41 - 2014-05-31 21:41 - 00000251 _____ () C:\Users\Iderlan\Desktop\Gifs.txt
2014-05-26 14:23 - 2014-05-26 14:24 - 43809388 _____ () C:\Users\Iderlan\Downloads\oberuschi08_AgerittenundinsGesichtgesprtzt.rar
2014-05-26 14:23 - 2014-05-26 14:23 - 35537576 _____ () C:\Users\Iderlan\Downloads\oberuschi08_Tischleindeckmich.rar
2014-05-26 14:19 - 2014-05-26 14:21 - 265289728 _____ () C:\Users\Iderlan\Downloads\SweetA_Mein1MalAATmouth.part1.rar
2014-05-26 14:19 - 2014-05-26 14:20 - 116786743 _____ () C:\Users\Iderlan\Downloads\SweetA_Mein1MalAATmouth.part2.rar
2014-05-26 14:06 - 2014-05-26 14:08 - 140814371 _____ () C:\Users\Iderlan\Downloads\BLilly_ErwillmichAFundichmusshinhalten.rar
2014-05-23 16:41 - 2014-06-04 11:21 - 00010790 _____ () C:\Users\Iderlan\Desktop\Naught.txt
2014-05-22 20:42 - 2014-05-31 01:57 - 00000085 _____ () C:\Users\Iderlan\Desktop\Sites.txt
2014-05-22 15:08 - 2012-01-16 09:22 - 05242880 _____ () C:\Users\Iderlan\Downloads\Empty_Dummy_File_2012
2014-05-20 18:39 - 2014-05-20 18:48 - 628950407 _____ () C:\Users\Iderlan\Downloads\J_S.mp4
2014-05-20 14:11 - 2014-05-20 14:12 - 74867845 _____ () C:\Users\Iderlan\Downloads\1514915_cute_russian_teen_violas_mirrorbleep.mp4
2014-05-20 01:08 - 2014-05-20 01:12 - 60670113 _____ () C:\Users\Iderlan\Downloads\JoyceHot_AnlentjungfertCP.rar
2014-05-20 01:04 - 2014-05-20 01:05 - 105944348 _____ () C:\Users\Iderlan\Downloads\DNika26_AutschAdirektinmeinenengenA.rar
2014-05-19 21:41 - 2014-05-19 21:58 - 198787056 _____ () C:\Users\Iderlan\Downloads\Ali_33cm_sc5.mp4.002
2014-05-19 20:59 - 2014-05-19 21:23 - 262144000 _____ () C:\Users\Iderlan\Downloads\Ali_33cm_sc5.mp4.001
2014-05-19 20:08 - 2014-05-19 20:08 - 00267847 _____ () C:\Users\Iderlan\Desktop\Pro archer =D.w3g
2014-05-18 04:42 - 2014-05-18 04:46 - 38586328 _____ () C:\Users\Iderlan\Downloads\BF_B@llsdeepd0ggy.mp4
2014-05-17 23:06 - 2014-05-17 23:22 - 152163470 _____ () C:\Users\Iderlan\Downloads\new, ins - 475.rar
2014-05-17 14:06 - 2014-05-17 15:03 - 645665067 _____ () C:\Users\Iderlan\Downloads\czech-casting-lucie-1335-1280x720-2000kbps.wmv
2014-05-13 18:23 - 2014-04-11 07:03 - 00555736 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2014-05-13 18:23 - 2014-04-11 07:03 - 00054776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-05-13 18:23 - 2014-04-11 05:25 - 00419928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2014-05-13 18:23 - 2014-04-11 03:04 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-05-13 18:23 - 2014-04-11 02:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2014-05-13 18:23 - 2014-04-11 02:22 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-05-13 18:23 - 2014-04-11 00:54 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2014-05-13 18:23 - 2014-04-11 00:36 - 11792384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-05-13 18:23 - 2014-04-11 00:24 - 13288960 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-05-13 18:23 - 2014-04-11 00:06 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-05-13 18:23 - 2014-04-11 00:05 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-13 18:23 - 2014-04-11 00:05 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-05-13 18:23 - 2014-04-11 00:02 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-13 18:23 - 2014-04-11 00:02 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-05-13 18:23 - 2014-04-11 00:01 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-05-13 18:23 - 2014-04-11 00:00 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-05-13 18:23 - 2014-04-10 23:59 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-05-13 18:23 - 2014-04-10 23:57 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-05-13 18:23 - 2014-04-10 23:56 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-05-13 18:23 - 2014-04-10 23:55 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-05-13 18:23 - 2014-04-10 23:53 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-05-13 18:23 - 2014-04-10 23:52 - 03464192 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-05-13 18:23 - 2014-04-10 23:46 - 01705472 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-05-13 18:23 - 2014-04-10 23:36 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2014-05-13 18:23 - 2014-04-10 23:34 - 00754688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-05-13 18:23 - 2014-04-10 23:29 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2014-05-13 18:23 - 2014-04-10 23:25 - 00921088 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-05-13 18:23 - 2014-03-23 23:30 - 00257880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-05-13 18:23 - 2014-03-23 23:30 - 00123224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2014-05-13 18:23 - 2014-03-23 23:27 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-05-13 18:22 - 2014-05-06 01:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-13 18:22 - 2014-05-06 00:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-13 18:22 - 2014-05-06 00:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-13 18:22 - 2014-05-05 23:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-13 18:22 - 2014-03-27 06:12 - 21225584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-13 18:22 - 2014-03-27 04:48 - 18679728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-13 14:20 - 2014-05-13 14:20 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys
2014-05-13 14:06 - 2014-05-13 14:06 - 00323352 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00191768 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00152344 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiska.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00130328 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00236312 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys
2014-05-10 11:42 - 2014-05-10 11:48 - 74536628 _____ () C:\Users\Iderlan\Downloads\Ajudando_a_Amiga_a_Dar_o_Cu.avi
2014-05-10 11:38 - 2014-05-10 11:45 - 59202852 _____ () C:\Users\Iderlan\Downloads\PM_Feminina_de_Juiz_de_Fora-MG_Numa_Suruba.avi
2014-05-09 13:09 - 2014-05-09 14:21 - 258061406 _____ () C:\Users\Iderlan\Downloads\Nacho-and-Ellen-Saint(1).rar
2014-05-05 00:18 - 2014-05-05 00:18 - 00000180 _____ () C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat

==================== One Month Modified Files and Folders =======

2014-06-04 20:26 - 2014-01-26 01:05 - 00000000 ____D () C:\Users\Iderlan\AppData\Local\Temp
2014-06-04 20:25 - 2014-01-26 19:46 - 00000000 ____D () C:\Users\Iderlan\AppData\Roaming\uTorrent
2014-06-04 20:24 - 2014-06-04 20:24 - 00000000 ____D () C:\FRST
2014-06-04 20:24 - 2014-06-04 09:21 - 00000000 ____D () C:\Users\Iderlan\Desktop\Nova pasta
2014-06-04 20:24 - 2014-01-26 01:25 - 00777298 _____ () C:\Windows\system32\prfh0416.dat
2014-06-04 20:24 - 2014-01-26 01:25 - 00155180 _____ () C:\Windows\system32\prfc0416.dat
2014-06-04 20:24 - 2014-01-26 01:06 - 01790042 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-04 20:23 - 2014-01-26 01:10 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-202358927-2866052510-320876986-1001
2014-06-04 20:21 - 2014-02-01 17:20 - 00000000 ____D () C:\Users\Iderlan\AppData\Roaming\GarenaPlus
2014-06-04 20:21 - 2014-02-01 17:19 - 00000000 ____D () C:\ProgramData\GarenaMessenger
2014-06-04 20:20 - 2014-05-31 19:36 - 00006464 _____ () C:\Windows\SysWOW64\Gms.log
2014-06-04 20:18 - 2014-06-04 20:00 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-04 20:18 - 2014-03-17 13:59 - 00000000 __RDO () C:\Users\Iderlan\SkyDrive
2014-06-04 20:18 - 2014-03-01 10:59 - 00000000 ____D () C:\Temp
2014-06-04 20:18 - 2014-02-01 17:21 - 00003496 _____ () C:\Windows\System32\Tasks\gg_uac_daemon_Iderlan
2014-06-04 20:18 - 2014-01-27 22:13 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-04 20:18 - 2014-01-26 01:02 - 01722532 _____ () C:\Windows\WindowsUpdate.log
2014-06-04 20:18 - 2013-08-22 11:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-04 20:17 - 2014-06-04 20:13 - 00000000 ____D () C:\AdwCleaner
2014-06-04 20:17 - 2014-01-26 01:09 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-04 20:17 - 2014-01-26 01:00 - 00079228 _____ () C:\Windows\PFRO.log
2014-06-04 20:14 - 2014-01-27 00:48 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-202358927-2866052510-320876986-1001UA.job
2014-06-04 20:05 - 2014-01-27 02:27 - 00000000 ____D () C:\ProgramData\MFAData
2014-06-04 20:02 - 2013-08-22 12:36 - 00000000 ____D () C:\Windows\system32\sru
2014-06-04 20:00 - 2014-06-04 20:00 - 00001114 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-04 20:00 - 2014-06-04 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-04 20:00 - 2014-06-04 20:00 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-04 20:00 - 2014-06-04 20:00 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-04 19:53 - 2014-01-27 22:10 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{2FEE4D4C-C2BE-4474-805F-46329E895005}
2014-06-04 19:45 - 2014-01-26 19:00 - 00000902 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-04 19:42 - 2014-04-18 21:15 - 00000000 ____D () C:\ProgramData\GAS Tecnologia
2014-06-04 19:33 - 2014-01-27 22:13 - 00000916 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-04 11:22 - 2014-04-27 19:50 - 00005864 _____ () C:\Users\Iderlan\Desktop\MDH  post.txt
2014-06-04 11:21 - 2014-05-23 16:41 - 00010790 _____ () C:\Users\Iderlan\Desktop\Naught.txt
2014-06-04 09:31 - 2014-06-04 09:31 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-06-04 09:31 - 2014-06-04 09:31 - 00000000 ____D () C:\Program Files\Realtek
2014-06-04 09:31 - 2014-01-26 01:11 - 00000000 ___HD () C:\Program Files (x86)\Temp
2014-06-04 09:31 - 2013-08-22 11:46 - 00016483 _____ () C:\Windows\setupact.log
2014-06-04 09:31 - 2013-08-22 10:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2014-06-04 09:30 - 2014-05-04 07:34 - 00000451 _____ () C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-06-04 09:30 - 2014-04-07 04:34 - 00020540 _____ () C:\Windows\system32\results.xml
2014-06-04 09:30 - 2014-01-26 01:11 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-04 09:29 - 2014-03-20 19:06 - 00000000 ____D () C:\Program Files (x86)\DivX
2014-06-04 09:29 - 2014-03-20 19:05 - 00000000 ____D () C:\ProgramData\DivX
2014-06-04 09:25 - 2014-06-04 09:25 - 00000000 ____D () C:\Windows\LastGood
2014-06-04 09:25 - 2014-05-04 07:28 - 00000724 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® HD Graphics Control Panel.lnk
2014-06-04 09:23 - 2014-01-26 01:10 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-06-04 09:10 - 2014-06-04 04:41 - 353551310 _____ () C:\Users\Iderlan\Downloads\mb_driver_net_framework.zip
2014-06-04 06:27 - 2014-06-04 04:40 - 127976339 _____ (Igor Pavlov) C:\Users\Iderlan\Downloads\mb_driver_audio_realtek_8series.exe
2014-06-04 05:51 - 2014-06-04 04:42 - 81848724 _____ (Igor Pavlov) C:\Users\Iderlan\Downloads\mb_driver_vga_intel_64_8series.exe
2014-06-04 05:23 - 2014-06-04 04:41 - 60061952 _____ (Igor Pavlov) C:\Users\Iderlan\Downloads\mb_driver_intel_me_8series.exe
2014-06-04 05:14 - 2014-01-27 00:48 - 00001050 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-202358927-2866052510-320876986-1001Core.job
2014-06-04 05:02 - 2014-06-04 04:41 - 46200861 _____ (Igor Pavlov) C:\Users\Iderlan\Downloads\mb_driver_lan_intel_8series.exe
2014-06-04 00:54 - 2014-03-30 21:39 - 00000000 ____D () C:\Users\Iderlan\AppData\Roaming\vlc
2014-06-03 17:10 - 2014-04-10 22:05 - 00000000 ____D () C:\Users\Iderlan\AppData\Local\Captcha_Brotherhood
2014-06-03 08:24 - 2014-06-03 08:21 - 733007872 _____ () C:\Users\Iderlan\Downloads\Pec_e_Tent.avi
2014-06-03 05:10 - 2014-02-04 01:34 - 00000000 ____D () C:\Program Files (x86)\Warcraft III
2014-06-03 04:22 - 2014-01-28 18:14 - 00000000 ____D () C:\Users\Iderlan\AppData\Local\JDownloader v2.0
2014-06-03 01:00 - 2014-06-03 01:00 - 00000000 ____D () C:\Users\Iderlan\Desktop\WifeBucket
2014-06-03 00:31 - 2014-06-03 00:31 - 00002346 _____ () C:\Users\Iderlan\Desktop\CBH Captcha Solver.lnk
2014-06-03 00:31 - 2014-06-03 00:31 - 00000000 ____D () C:\Program Files (x86)\Brotherhood Software
2014-06-02 23:50 - 2014-01-26 12:04 - 01837056 ___SH () C:\Users\Iderlan\Desktop\Thumbs.db
2014-06-02 18:53 - 2014-05-29 21:29 - 00000206 _____ () C:\Users\Iderlan\Desktop\N series.txt
2014-06-01 21:48 - 2014-06-01 21:48 - 00000000 ____D () C:\Users\Iderlan\Documents\Bigasoft Total Video Converter
2014-06-01 21:47 - 2014-06-01 21:47 - 00000000 ____D () C:\Users\Iderlan\AppData\Roaming\Bigasoft Total Video Converter 4
2014-06-01 21:41 - 2014-06-01 20:55 - 00000000 ____D () C:\Program Files (x86)\iSkysoft
2014-06-01 21:31 - 2014-06-01 20:55 - 00000000 ____D () C:\ProgramData\iSkysoft Video Converter Ultimate
2014-06-01 20:57 - 2014-06-01 20:57 - 00000000 ____D () C:\Users\Iderlan\Documents\iSkysoft Video Converter Ultimate
2014-06-01 20:57 - 2014-06-01 20:57 - 00000000 ____D () C:\Users\Iderlan\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
2014-06-01 20:57 - 2014-01-27 02:28 - 00000000 ____D () C:\ProgramData\AVG2014
2014-06-01 20:56 - 2014-06-01 20:56 - 00000000 ____D () C:\Users\Iderlan\AppData\Local\iSkysoft
2014-06-01 20:55 - 2014-06-01 20:55 - 00000000 ____D () C:\Users\Public\Documents\iSkysoft
2014-06-01 20:48 - 2014-06-01 20:48 - 00003584 _____ () C:\Users\Iderlan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-06-01 08:57 - 2014-06-01 08:54 - 351395074 _____ () C:\Users\Iderlan\Downloads\i_xxxp140416bbttscsh_avi.rar
2014-05-31 21:41 - 2014-05-26 14:41 - 00000251 _____ () C:\Users\Iderlan\Desktop\Gifs.txt
2014-05-31 08:14 - 2013-08-22 12:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-05-31 06:21 - 2014-05-31 06:21 - 00007621 _____ () C:\Users\Iderlan\AppData\Local\Resmon.ResmonCfg
2014-05-31 05:54 - 2014-05-31 05:50 - 00000000 ____D () C:\Windows\LastGood.Tmp
2014-05-31 05:52 - 2014-04-07 04:54 - 00000000 ____D () C:\Users\Iderlan\AppData\Local\NVIDIA Corporation
2014-05-31 05:52 - 2014-01-26 01:08 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-05-31 05:51 - 2014-04-07 04:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-05-31 05:51 - 2014-01-26 01:08 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-05-31 05:05 - 2013-05-11 19:29 - 00000000 ____D () C:\A_Pasta TV
2014-05-31 04:39 - 2014-04-28 07:00 - 00000000 ____D () C:\Users\Iderlan\Desktop\BrokeAmateurs
2014-05-31 01:57 - 2014-05-22 20:42 - 00000085 _____ () C:\Users\Iderlan\Desktop\Sites.txt
2014-05-30 18:18 - 2014-05-30 18:18 - 02381964 _____ () C:\Users\Iderlan\Downloads\ふつうにエッチ_tumblr_lxdx28cCcg1r3gmtn_r1.mov
2014-05-30 16:22 - 2014-05-30 16:21 - 48670581 _____ () C:\Users\Iderlan\Downloads\Mistress_bleep_slave_ass_with_a_shoe_while_milking_Handjob_Free_porn_videos_5250_y79v5df80r.flv
2014-05-30 04:33 - 2014-01-26 23:29 - 00000000 ____D () C:\ProgramData\PMS
2014-05-29 08:23 - 2013-08-22 10:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-05-27 18:18 - 2014-04-08 17:13 - 00045270 _____ () C:\Users\Iderlan\AppData\Roaming\room_v3.dat
2014-05-26 15:04 - 2014-04-04 02:16 - 00000544 _____ () C:\Users\Iderlan\Desktop\Procurar +.txt
2014-05-26 14:24 - 2014-05-26 14:23 - 43809388 _____ () C:\Users\Iderlan\Downloads\oberuschi08_AgerittenundinsGesichtgesprtzt.rar
2014-05-26 14:23 - 2014-05-26 14:23 - 35537576 _____ () C:\Users\Iderlan\Downloads\oberuschi08_Tischleindeckmich.rar
2014-05-26 14:21 - 2014-05-26 14:19 - 265289728 _____ () C:\Users\Iderlan\Downloads\SweetA_Mein1MalAATmouth.part1.rar
2014-05-26 14:20 - 2014-05-26 14:19 - 116786743 _____ () C:\Users\Iderlan\Downloads\SweetA_Mein1MalAATmouth.part2.rar
2014-05-26 14:08 - 2014-05-26 14:06 - 140814371 _____ () C:\Users\Iderlan\Downloads\BLilly_ErwillmichAFundichmusshinhalten.rar
2014-05-26 01:10 - 2014-01-26 20:40 - 00000000 ____D () C:\Users\Iderlan\AppData\Roaming\Skype
2014-05-25 16:22 - 2014-04-28 09:20 - 00000639 _____ () C:\Users\Iderlan\Desktop\BA post.txt
2014-05-23 18:30 - 2014-01-26 18:59 - 00000000 ____D () C:\Users\Iderlan\dwhelper
2014-05-22 20:46 - 2013-12-13 20:42 - 00003893 _____ () C:\Users\Iderlan\Desktop\torr.txt
2014-05-22 16:17 - 2014-01-26 01:55 - 00001293 _____ () C:\Users\Iderlan\Desktop\forum.txt
2014-05-21 02:51 - 2014-03-31 18:17 - 00000000 ____D () C:\Users\Iderlan\AppData\Roaming\TS3Client
2014-05-20 18:48 - 2014-05-20 18:39 - 628950407 _____ () C:\Users\Iderlan\Downloads\J_S.mp4
2014-05-20 17:33 - 2014-01-26 23:27 - 00529920 ___SH () C:\Users\Iderlan\Downloads\Thumbs.db
2014-05-20 14:12 - 2014-05-20 14:11 - 74867845 _____ () C:\Users\Iderlan\Downloads\1514915_cute_russian_teen_violas_mirrorbleep.mp4
2014-05-20 08:43 - 2014-03-31 15:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-05-20 08:43 - 2014-01-27 02:29 - 00000999 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-05-20 04:22 - 2014-03-03 23:14 - 00000899 _____ () C:\Users\Iderlan\Desktop\L Mom sites.txt
2014-05-20 01:12 - 2014-05-20 01:08 - 60670113 _____ () C:\Users\Iderlan\Downloads\JoyceHot_AnlentjungfertCP.rar
2014-05-20 01:05 - 2014-05-20 01:04 - 105944348 _____ () C:\Users\Iderlan\Downloads\DNika26_AutschAdirektinmeinenengenA.rar
2014-05-20 00:13 - 2013-08-22 12:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-19 23:44 - 2014-05-31 05:50 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-05-19 23:44 - 2014-05-31 05:50 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-05-19 23:44 - 2014-05-31 05:50 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-05-19 23:44 - 2014-05-31 05:50 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-05-19 23:44 - 2014-05-31 05:50 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-05-19 23:44 - 2014-05-31 05:50 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-05-19 23:44 - 2014-05-31 05:50 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-05-19 23:44 - 2014-05-31 05:50 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-05-19 23:44 - 2014-05-31 05:50 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-05-19 23:44 - 2014-05-31 05:50 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-05-19 23:44 - 2014-05-31 05:50 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-05-19 23:44 - 2014-05-31 05:50 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-05-19 23:44 - 2014-05-31 05:50 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-05-19 23:44 - 2014-05-31 05:50 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-05-19 23:44 - 2014-05-31 05:50 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-05-19 23:44 - 2014-05-31 05:50 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-05-19 23:44 - 2014-05-31 05:50 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-05-19 23:44 - 2014-05-31 05:50 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-05-19 23:44 - 2014-05-31 05:50 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-05-19 23:44 - 2014-05-31 05:50 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-05-19 23:44 - 2014-05-31 05:50 - 00492376 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-05-19 23:44 - 2014-05-31 05:50 - 00416712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-05-19 23:44 - 2014-05-31 05:50 - 00382240 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-05-19 23:44 - 2014-05-31 05:50 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-05-19 23:44 - 2014-05-31 05:50 - 00335704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-05-19 23:44 - 2014-05-31 05:50 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-05-19 23:44 - 2013-10-27 14:12 - 18531568 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-05-19 23:44 - 2013-10-27 14:12 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-05-19 23:44 - 2013-10-27 14:12 - 14434704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-05-19 23:44 - 2013-10-27 14:12 - 03109248 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-05-19 23:44 - 2013-10-27 14:12 - 02730208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-05-19 23:44 - 2013-10-27 14:12 - 00952952 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-05-19 23:44 - 2013-10-27 14:12 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-05-19 23:44 - 2013-10-27 14:12 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-05-19 23:44 - 2013-10-27 14:12 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-05-19 23:44 - 2013-10-27 14:12 - 00026069 _____ () C:\Windows\system32\nvinfo.pb
2014-05-19 22:25 - 2014-01-26 01:09 - 06769096 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-05-19 22:25 - 2014-01-26 01:09 - 03514144 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-05-19 22:25 - 2014-01-26 01:09 - 00927520 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-05-19 22:25 - 2014-01-26 01:09 - 00387528 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-05-19 22:25 - 2014-01-26 01:09 - 00062808 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-05-19 21:58 - 2014-05-19 21:41 - 198787056 _____ () C:\Users\Iderlan\Downloads\Ali_33cm_sc5.mp4.002
2014-05-19 21:23 - 2014-05-19 20:59 - 262144000 _____ () C:\Users\Iderlan\Downloads\Ali_33cm_sc5.mp4.001
2014-05-19 20:10 - 2014-05-31 05:51 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-05-19 20:08 - 2014-05-19 20:08 - 00267847 _____ () C:\Users\Iderlan\Desktop\Pro archer =D.w3g
2014-05-18 18:08 - 2013-08-22 12:36 - 00000000 ____D () C:\Windows\rescache
2014-05-18 04:46 - 2014-05-18 04:42 - 38586328 _____ () C:\Users\Iderlan\Downloads\BF_B@llsdeepd0ggy.mp4
2014-05-17 23:22 - 2014-05-17 23:06 - 152163470 _____ () C:\Users\Iderlan\Downloads\new, ins - 475.rar
2014-05-17 15:03 - 2014-05-17 14:06 - 645665067 _____ () C:\Users\Iderlan\Downloads\czech-casting-lucie-1335-1280x720-2000kbps.wmv
2014-05-17 10:32 - 2014-02-01 17:19 - 00000000 ____D () C:\Program Files (x86)\Garena Plus
2014-05-14 20:49 - 2014-01-26 01:09 - 03774821 _____ () C:\Windows\system32\nvcoproc.bin
2014-05-14 19:37 - 2014-01-26 01:05 - 00000000 ___RD () C:\Users\Iderlan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-14 19:37 - 2014-01-26 01:05 - 00000000 ___RD () C:\Users\Iderlan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-14 19:34 - 2013-08-22 12:36 - 00000000 ___RD () C:\Windows\ToastData
2014-05-14 19:34 - 2013-08-22 12:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-14 19:34 - 2013-08-22 12:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-14 19:34 - 2013-08-22 12:36 - 00000000 ____D () C:\Windows\WinStore
2014-05-14 19:34 - 2013-08-22 12:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-14 19:34 - 2013-08-22 12:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-13 23:46 - 2014-01-27 03:13 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-13 23:46 - 2013-08-22 12:36 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates
2014-05-13 23:46 - 2013-08-22 12:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-05-13 23:45 - 2014-01-27 03:13 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-13 15:45 - 2014-01-26 19:00 - 00003790 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-13 14:20 - 2014-05-13 14:20 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys
2014-05-13 14:06 - 2014-05-13 14:06 - 00323352 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00191768 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00152344 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiska.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00130328 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00236312 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys
2014-05-12 07:26 - 2014-06-04 20:00 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-06-04 20:00 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-06-04 20:00 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-10 11:48 - 2014-05-10 11:42 - 74536628 _____ () C:\Users\Iderlan\Downloads\Ajudando_a_Amiga_a_Dar_o_Cu.avi
2014-05-10 11:45 - 2014-05-10 11:38 - 59202852 _____ () C:\Users\Iderlan\Downloads\PM_Feminina_de_Juiz_de_Fora-MG_Numa_Suruba.avi
2014-05-09 14:21 - 2014-05-09 13:09 - 258061406 _____ () C:\Users\Iderlan\Downloads\Nacho-and-Ellen-Saint(1).rar
2014-05-09 12:43 - 2014-04-30 04:17 - 00001862 _____ () C:\Users\Iderlan\Desktop\N tenho.txt
2014-05-09 06:27 - 2013-08-22 11:44 - 00335816 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-08 05:09 - 2014-01-27 00:48 - 00004052 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-202358927-2866052510-320876986-1001UA
2014-05-08 05:09 - 2014-01-27 00:48 - 00003672 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-202358927-2866052510-320876986-1001Core
2014-05-07 05:28 - 2014-01-27 22:13 - 00003888 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-07 05:28 - 2014-01-27 22:13 - 00003652 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-06 03:37 - 2013-08-22 12:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
2014-05-06 01:40 - 2014-05-13 18:22 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 00:25 - 2014-05-13 18:22 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 00:00 - 2014-05-13 18:22 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-05 23:10 - 2014-05-13 18:22 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-05 00:21 - 2014-05-04 10:46 - 00000000 ____D () C:\Program Files (x86)\Trend Micro
2014-05-05 00:18 - 2014-05-05 00:18 - 00000180 _____ () C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-05-05 00:16 - 2014-05-04 07:21 - 00000000 ____D () C:\Users\Iderlan\AppData\Roaming\SystemRequirementsLab
2014-05-05 00:16 - 2014-05-04 07:21 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-05-05 00:16 - 2014-05-04 02:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2014-05-05 00:16 - 2014-04-07 03:22 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2014-05-05 00:16 - 2014-01-30 23:34 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-05 00:16 - 2014-01-27 22:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-05 00:16 - 2014-01-27 00:48 - 00000000 ____D () C:\Users\Iderlan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome Canary
2014-05-05 00:16 - 2014-01-26 23:03 - 00000000 ____D () C:\Program Files (x86)\K-Lite Codec Pack
2014-05-05 00:16 - 2014-01-26 01:10 - 00000000 ____D () C:\Program Files\Intel
2014-05-05 00:16 - 2013-08-22 12:36 - 00000000 ____D () C:\Windows\registration
2014-05-05 00:16 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\system32\Sysprep

Some content of TEMP:
====================
C:\Users\Iderlan\AppData\Local\Temp\bitool.dll
C:\Users\Iderlan\AppData\Local\Temp\gtapi_signed.dll
C:\Users\Iderlan\AppData\Local\Temp\JDownloaderSetup_20140331153822386.exe
C:\Users\Iderlan\AppData\Local\Temp\JDownloaderSetup_20140331154442731.exe
C:\Users\Iderlan\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Iderlan\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Iderlan\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Iderlan\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Iderlan\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Iderlan\AppData\Local\Temp\nvStInst.exe
C:\Users\Iderlan\AppData\Local\Temp\proxy_vole2496783788656276769.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-31 12:49

==================== End Of Log ============================
 

Attached Files



#4 nasdaq

nasdaq

  • Malware Response Team
  • 39,586 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:04 AM

Posted 05 June 2014 - 08:34 AM

Question:
Did you set all these PROXYs?
===


Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
 
start
(BitTorrent Inc.) C:\Users\Iderlan\AppData\Roaming\uTorrent\uTorrent.exe
HKU\S-1-5-21-202358927-2866052510-320876986-1001\...\Run: [uTorrent] => C:\Users\Iderlan\AppData\Roaming\uTorrent\uTorrent.exe [1520208 2014-04-29] (BitTorrent Inc.)
FF Extension: Download Youtube Videos + - C:\Users\Iderlan\AppData\Roaming\Mozilla\Firefox\Profiles\7qa418qk.default\Extensions\video.downloader.plugin@ffpimp.com [2014-01-26]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Iderlan\AppData\Roaming\Mozilla\Firefox\Profiles\7qa418qk.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2014-01-26]
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [X]
C:\Users\Iderlan\AppData\Local\Temp\bitool.dll
C:\Users\Iderlan\AppData\Local\Temp\gtapi_signed.dll
C:\Users\Iderlan\AppData\Local\Temp\JDownloaderSetup_20140331153822386.exe
C:\Users\Iderlan\AppData\Local\Temp\JDownloaderSetup_20140331154442731.exe
C:\Users\Iderlan\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Iderlan\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Iderlan\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Iderlan\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Iderlan\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Iderlan\AppData\Local\Temp\nvStInst.exe
C:\Users\Iderlan\AppData\Local\Temp\proxy_vole2496783788656276769.dll
Task: {D814303F-3467-479F-9485-F5D8C4CA3087} - \APSnotifierCA No Task File <==== ATTENTION

End
Save the files as fixlist.txt into the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.
===

#5 AzZazell

AzZazell
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:04 AM

Posted 05 June 2014 - 09:29 AM

No, I didnt set up all the proxys!
I checked on firefox, and it was marked to autoconfigure proxys. Had a huge link with all those proxys!
I disabled it, since I dont want use proxy.
The download link you posted was not working, so I downloaded it here

 

Fixlog

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-06-2014
Ran by Iderlan at 2014-06-05 11:20:53 Run:1
Running from C:\Users\Iderlan\Desktop\Nova pasta
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
(BitTorrent Inc.) C:\Users\Iderlan\AppData\Roaming\uTorrent\uTorrent.exe
HKU\S-1-5-21-202358927-2866052510-320876986-1001\...\Run: [uTorrent] => C:\Users\Iderlan\AppData\Roaming\uTorrent\uTorrent.exe [1520208 2014-04-29] (BitTorrent Inc.)
FF Extension: Download Youtube Videos + - C:\Users\Iderlan\AppData\Roaming\Mozilla\Firefox\Profiles\7qa418qk.default\Extensions\video.downloader.plugin@ffpimp.com [2014-01-26]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Iderlan\AppData\Roaming\Mozilla\Firefox\Profiles\7qa418qk.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2014-01-26]
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [X]
C:\Users\Iderlan\AppData\Local\Temp\bitool.dll
C:\Users\Iderlan\AppData\Local\Temp\gtapi_signed.dll
C:\Users\Iderlan\AppData\Local\Temp\JDownloaderSetup_20140331153822386.exe
C:\Users\Iderlan\AppData\Local\Temp\JDownloaderSetup_20140331154442731.exe
C:\Users\Iderlan\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Iderlan\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Iderlan\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Iderlan\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Iderlan\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Iderlan\AppData\Local\Temp\nvStInst.exe
C:\Users\Iderlan\AppData\Local\Temp\proxy_vole2496783788656276769.dll
Task: {D814303F-3467-479F-9485-F5D8C4CA3087} - \APSnotifierCA No Task File <==== ATTENTION

End
*****************

[6788] C:\Users\Iderlan\AppData\Roaming\uTorrent\uTorrent.exe => Process closed successfully.
HKU\S-1-5-21-202358927-2866052510-320876986-1001\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent => Value deleted successfully.
C:\Users\Iderlan\AppData\Roaming\Mozilla\Firefox\Profiles\7qa418qk.default\Extensions\video.downloader.plugin@ffpimp.com => Moved successfully.
C:\Users\Iderlan\AppData\Roaming\Mozilla\Firefox\Profiles\7qa418qk.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi => Moved successfully.
BprotectEx => Service deleted successfully.
gdrv => Service deleted successfully.
GGSAFERDriver => Service deleted successfully.
PCFApiUtil => Service deleted successfully.
C:\Users\Iderlan\AppData\Local\Temp\bitool.dll => Moved successfully.
C:\Users\Iderlan\AppData\Local\Temp\gtapi_signed.dll => Moved successfully.
C:\Users\Iderlan\AppData\Local\Temp\JDownloaderSetup_20140331153822386.exe => Moved successfully.
C:\Users\Iderlan\AppData\Local\Temp\JDownloaderSetup_20140331154442731.exe => Moved successfully.
C:\Users\Iderlan\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe => Moved successfully.
C:\Users\Iderlan\AppData\Local\Temp\nv3DVStreaming.dll => Moved successfully.
C:\Users\Iderlan\AppData\Local\Temp\nvSCPAPI.dll => Moved successfully.
C:\Users\Iderlan\AppData\Local\Temp\nvSCPAPI64.dll => Moved successfully.
C:\Users\Iderlan\AppData\Local\Temp\nvStereoApiI.dll => Moved successfully.
C:\Users\Iderlan\AppData\Local\Temp\nvStInst.exe => Moved successfully.
C:\Users\Iderlan\AppData\Local\Temp\proxy_vole2496783788656276769.dll => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D814303F-3467-479F-9485-F5D8C4CA3087} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D814303F-3467-479F-9485-F5D8C4CA3087} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierCA => Key deleted successfully.

==== End of Fixlog ====

 

Checkup

 

 Results of screen317's Security Check version 0.99.83  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
AVG Internet Security 2014   
Windows Defender             
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:`````````
 Spybot - Search & Destroy
 Java 7 Update 55  
 Adobe Flash Player     13.0.0.214  
 Adobe Reader XI  
 Mozilla Firefox (26.0)
 Google Chrome 34.0.1847.137  
 Google Chrome 35.0.1916.114  
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 AVG avgwdsvc.exe
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````
 



#6 nasdaq

nasdaq

  • Malware Response Team
  • 39,586 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:04 AM

Posted 05 June 2014 - 12:19 PM

Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.
Latest version is Java JRE 7u60.

You can manually check your present version and update as recommended.
https://www.java.com/en/download/installed.jsp

Be careful not to install malware posing as Java update!
Important read this blog.
http://blog.trendmicro.com/trendlabs-security-intelligence/malware-poses-as-an-update-for-java-0-day-fix/

Quoted from the page.
"In light of the recent events surrounding Java, users must seriously consider their use of Java. Do they really need it? If yes, make sure that users follow the steps we recommended and get the security update directly from the official oracle website." at:
http://www.oracle.com/technetwork/java/javase/downloads/index.html

How to disable Java in your browsers
http://www.infoworld.com/t/web-browsers/how-disable-java-in-your-browsers-210882


If present remove the old version(s) of Java using the Add/Remove Programs applet.

Java 7 Update 55
===


If all is well:

Please consider using these ideas to help secure your computer. While there is no way to guarantee safety when you use a computer, these steps will make it much less likely that you will need to endure another infection. While we really like to help people, we would rather help you protect yourself so that you won't need that help in the future.

Please either enable Automatic Updates under Start -> Control Panel -> Automatic Updates or get into the habit of checking Windows Update regularly. They usually have security updates every month. You can set Windows to notify you of Updates so that you can choose, but only do this if you believe you are able to understand which ones are needed. This is a crucial security measure.

Having an effective antivirus is a must for everyone.
In addition to many excellent commercial products there are plenty of good free antivirus programs available. I can recommend:

If you are satisfied with your current protection programs you can ignore the instructions on Antivirus or Firewall listed below.In addition to an antivirus I recommend using a firewall. A software firewall is a software program that helps screen out hackers, viruses, and worms that try to reach your computer over the Internet. I can recommend one of the following free products:Please note: Many installer offer third-party downloads that are installed automatically when you do not uncheck certain checkboxes. While most of the time not being malicious you usually do not want these on your computer. Be careful during the installation process and you will avoid seeing tons of new unwanted toolbars in your favorite web browser.

Please consider installing and running some of the following programs; they are either free or have free versions of commercial programs:

Malwarebytes Anti-Malware (MBAM)
The free version of MBAM can be used to scan the system for traces of malware. Scanning your system regularly will make it harder for malware to reside on your system.
A tutorial on using MBAM can be found here.
Please Note: Only the paid for version has real time capabilities.

SpywareBlaster
A tutorial on using SpywareBlaster to prevent malware from ever installing on your computer may be found here.

Please keep these programs up-to-date and run them whenever you suspect a problem to prevent malware problems. A number of programs have resident protection and it is a good idea to run the resident protection of one of each type of program to maintain protection. However, it is important to run only one resident program of each type since they can conflict and become less effective. That means only one antivirus, firewall and scanning anti-spyware program at a time. Passive protectors, like SpywareBlaster can be run with any of them.

Note that there are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure. If you are unsure and looking for anti-spyware programs, you can find out if it is a rogue here:A similar category of programs is now called "scareware." Scareware programs are active infections that will pop-up on your computer and tell you that you are infected. If you look closely, it will usually have a name that looks like it might be legitimate, but it is NOT one of the programs you installed. It tells you to click and install it right away. If you click on any part of it, including the 'X' to close it, you may actually help it infect your computer further. Keeping protection updated and running resident protection can help prevent these infections. If it happens anyway, get offline as quickly as you can. Pull the internet connection cable or shut down the computer if you have to. Contact someone to help by using another computer if possible. These programs are also sometimes called 'rogues', but they are different than the older version of rogues mentioned above.

Please keep your programs up to date. This applies to Java, Adobe Flashplayer, Adobe Reader and your Internet Browsers in particular. Vulnerabilities in these programs are often exploited in order to install malware on your PC. Visiting a prepared web page suffices to infect your system.

In general Firefox, Opera and Google Chrome are considered to be more secure than Internet Explorer. In addition there are many useful add-ons that can protect you from possible risks:
  • WOT will warn you when you try to visit sites with poor reputation. The reputation is based on user ratings and is usually very accurate.
  • Script Blocker can help blocking many attempts to infect your system via malicious websites by only allowing scripts at sites you trust.
  • NoScript is a popular Firefox addon,
  • ScriptNo a popular Google Chrome addon.
For much more useful information, please also read Tony Klein's excellent article: How did I get infected in the first place

Hopefully these steps will help to keep you error free. If you run into more difficulty, we will certainly do what we can to help.
===

#7 AzZazell

AzZazell
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:04 AM

Posted 05 June 2014 - 01:05 PM

Well, thx for the help!
The problem still remains and I think the pc was clean, as any of the scans found any virus or malwares.
I dont know what to do then. I will have to let it as it is...



#8 nasdaq

nasdaq

  • Malware Response Team
  • 39,586 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:04 AM

Posted 06 June 2014 - 08:22 AM

Please scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer.
      Save it to your Desktop.
    • Double click on the esetsmartinstaller_enu.png to download the ESET Smart Installer. icon on your Desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
Keep me posted.

#9 AzZazell

AzZazell
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:04 AM

Posted 06 June 2014 - 04:51 PM

The problem remains, but this one found some threats!

I did 2 scans! In the first one, the program found the stuffs listed in the log below.
Also, the problem was fixed after the scan, but when I restarted the computer it was there again.
Then, I scaned again. In the second time the program only found 3 .exe installers, thats why I didnt posted the log here.

In the second scan, the problem was not fixed.

 

E:\Windows\Instalar\Setup-MsgPlus-510.exe    a variant of Win32/MessengerPlus.A potentially unwanted application    
E:\Windows\Programas\DTLite4471-0333.exe    Win32/DownWare.L potentially unwanted application    
E:\Windows\Programas\Garena.exe    MSIL/Solimba potentially unwanted application    
E:\Windows\Programas\media.player.codec.pack.v4.1.1.setup.exe    a variant of Win32/Toolbar.Widgi.B potentially unwanted application    
E:\Windows\Programas\Setup-MsgPlus-510.exe    a variant of Win32/MessengerPlus.A potentially unwanted application    
E:\Windows\Programas\Ashampoo Burning Studio 10.10.0.1 +Key (32-64bit) -TrT\Ashampoo Burning Studio 10.10.0.1 +Key (32-64bit) -TrT\ashampoo_burning_studio_10_10.0.1_sm.exe    a variant of Win32/Toolbar.Conduit.B potentially unwanted application    
C:\$Recycle.Bin\S-1-5-21-202358927-2866052510-320876986-1001\$RPHGLX4\~Get Your Software Here\Keygen\keygen.exe    a variant of Win32/Keygen.HY potentially unsafe application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Iderlan\AppData\Local\AnyProtectScannerSetup.exe.vir    Win32/VOPackage.A potentially unwanted application    deleted - quarantined
C:\Program Files (x86)\Total Video Converter\Total Video Converter 3.71 Crack.exe    a variant of Win32/HackTool.Patcher.A potentially unsafe application    deleted - quarantined
D:\Program Files (x86)\CSBrowserHelper\cs-browser-assistant-2-0.exe    Win32/Packed.ScrambleWrapper.G potentially unwanted application    deleted - quarantined
D:\Users\AzZazel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FR7AC1LU\JDownloader2Setup[1].exe    a variant of Win32/InstallCore.D potentially unwanted application    deleted - quarantined
D:\Users\AzZazel\AppData\Local\Temp\ICReinstall_PMB_updater.exe    Win32/InstallCore.GI potentially unwanted application    deleted - quarantined
D:\Users\AzZazel\AppData\Local\Temp\is1104650885\1067725_stp\wajam_validate.exe    Win32/Wajam.F potentially unwanted application    deleted - quarantined
D:\Users\AzZazel\AppData\Local\Temp\is1104650885\1075658_stp\wajam_validate.exe    Win32/Wajam.F potentially unwanted application    deleted - quarantined
D:\Users\AzZazel\AppData\Local\Temp\is1104650885\990983_stp\wajam_validate.exe    Win32/Wajam.F potentially unwanted application    deleted - quarantined
D:\Users\AzZazel\AppData\Local\Temp\is961225091\wajam_validate.exe    Win32/Wajam.F potentially unwanted application    deleted - quarantined
D:\Users\AzZazel\AppData\Roaming\Mozilla\Firefox\Profiles\t70aufj1.default\extensions\f642a7a0-3e89-45d2-875f-8394cf2f7196@2c30b4c2-9e83-4875-a4ca-6acd1e9923b2.com\extensionData\plugins\101_cortica_m.js    JS/Toolbar.Crossrider.B potentially unwanted application    deleted - quarantined
D:\Users\AzZazel\AppData\Roaming\Mozilla\Firefox\Profiles\t70aufj1.default\extensions\f642a7a0-3e89-45d2-875f-8394cf2f7196@2c30b4c2-9e83-4875-a4ca-6acd1e9923b2.com\extensionData\plugins\102_dealply_m.js    JS/Toolbar.Crossrider.B potentially unwanted application    deleted - quarantined
D:\Users\AzZazel\AppData\Roaming\Mozilla\Firefox\Profiles\t70aufj1.default\extensions\f642a7a0-3e89-45d2-875f-8394cf2f7196@2c30b4c2-9e83-4875-a4ca-6acd1e9923b2.com\extensionData\plugins\103_intext_5_m.js    JS/Toolbar.Crossrider.B potentially unwanted application    deleted - quarantined
D:\Users\AzZazel\AppData\Roaming\Mozilla\Firefox\Profiles\t70aufj1.default\extensions\f642a7a0-3e89-45d2-875f-8394cf2f7196@2c30b4c2-9e83-4875-a4ca-6acd1e9923b2.com\extensionData\plugins\104_jollywallet_m.js    JS/Toolbar.Crossrider.B potentially unwanted application    deleted - quarantined
D:\Users\AzZazel\AppData\Roaming\Mozilla\Firefox\Profiles\t70aufj1.default\extensions\f642a7a0-3e89-45d2-875f-8394cf2f7196@2c30b4c2-9e83-4875-a4ca-6acd1e9923b2.com\extensionData\plugins\105_corticas_m.js    JS/Toolbar.Crossrider.B potentially unwanted application    deleted - quarantined
D:\Users\AzZazel\AppData\Roaming\Mozilla\Firefox\Profiles\t70aufj1.default\extensions\f642a7a0-3e89-45d2-875f-8394cf2f7196@2c30b4c2-9e83-4875-a4ca-6acd1e9923b2.com\extensionData\plugins\108_icm_m.js    JS/Toolbar.Crossrider.B potentially unwanted application    deleted - quarantined
D:\Users\AzZazel\AppData\Roaming\Mozilla\Firefox\Profiles\t70aufj1.default\extensions\f642a7a0-3e89-45d2-875f-8394cf2f7196@2c30b4c2-9e83-4875-a4ca-6acd1e9923b2.com\extensionData\plugins\116_ads_only_5_m.js    JS/Toolbar.Crossrider.B potentially unwanted application    deleted - quarantined
D:\Users\AzZazel\AppData\Roaming\Mozilla\Firefox\Profiles\t70aufj1.default\extensions\f642a7a0-3e89-45d2-875f-8394cf2f7196@2c30b4c2-9e83-4875-a4ca-6acd1e9923b2.com\extensionData\plugins\117_coupons_intext_ads_5_m.js    JS/Toolbar.Crossrider.B potentially unwanted application    deleted - quarantined
D:\Users\AzZazel\AppData\Roaming\Mozilla\Firefox\Profiles\t70aufj1.default\extensions\f642a7a0-3e89-45d2-875f-8394cf2f7196@2c30b4c2-9e83-4875-a4ca-6acd1e9923b2.com\extensionData\plugins\119_similar_web_m.js    JS/Toolbar.Crossrider.B potentially unwanted application    deleted - quarantined
D:\Users\AzZazel\AppData\Roaming\Mozilla\Firefox\Profiles\t70aufj1.default\extensions\f642a7a0-3e89-45d2-875f-8394cf2f7196@2c30b4c2-9e83-4875-a4ca-6acd1e9923b2.com\extensionData\plugins\120_luck_m.js    JS/Toolbar.Crossrider.B potentially unwanted application    deleted - quarantined
D:\Users\AzZazel\AppData\Roaming\Mozilla\Firefox\Profiles\t70aufj1.default\extensions\f642a7a0-3e89-45d2-875f-8394cf2f7196@2c30b4c2-9e83-4875-a4ca-6acd1e9923b2.com\extensionData\plugins\123_intext_adv_m.js    JS/Toolbar.Crossrider.B potentially unwanted application    deleted - quarantined
D:\Users\AzZazel\AppData\Roaming\Mozilla\Firefox\Profiles\t70aufj1.default\extensions\f642a7a0-3e89-45d2-875f-8394cf2f7196@2c30b4c2-9e83-4875-a4ca-6acd1e9923b2.com\extensionData\plugins\124_superfish_no_search_no_coupons_m.js    JS/Toolbar.Crossrider.B potentially unwanted application    deleted - quarantined
D:\Users\AzZazel\AppData\Roaming\Mozilla\Firefox\Profiles\t70aufj1.default\extensions\f642a7a0-3e89-45d2-875f-8394cf2f7196@2c30b4c2-9e83-4875-a4ca-6acd1e9923b2.com\extensionData\plugins\125_arcadi2_m.js    JS/Toolbar.Crossrider.B potentially unwanted application    deleted - quarantined
D:\Users\AzZazel\AppData\Roaming\Mozilla\Firefox\Profiles\t70aufj1.default\extensions\f642a7a0-3e89-45d2-875f-8394cf2f7196@2c30b4c2-9e83-4875-a4ca-6acd1e9923b2.com\extensionData\plugins\126_revizer_ws_m.js    JS/Toolbar.Crossrider.B potentially unwanted application    deleted - quarantined
D:\Users\AzZazel\AppData\Roaming\Mozilla\Firefox\Profiles\t70aufj1.default\extensions\f642a7a0-3e89-45d2-875f-8394cf2f7196@2c30b4c2-9e83-4875-a4ca-6acd1e9923b2.com\extensionData\plugins\127_revizer_p_m.js    JS/Toolbar.Crossrider.B potentially unwanted application    deleted - quarantined
D:\Users\AzZazel\AppData\Roaming\Mozilla\Firefox\Profiles\t70aufj1.default\extensions\f642a7a0-3e89-45d2-875f-8394cf2f7196@2c30b4c2-9e83-4875-a4ca-6acd1e9923b2.com\extensionData\plugins\128_superfish_pricora_m.js    JS/Toolbar.Crossrider.B potentially unwanted application    deleted - quarantined
D:\Users\AzZazel\AppData\Roaming\Mozilla\Firefox\Profiles\t70aufj1.default\extensions\f642a7a0-3e89-45d2-875f-8394cf2f7196@2c30b4c2-9e83-4875-a4ca-6acd1e9923b2.com\extensionData\plugins\129_widdit_m.js    JS/Toolbar.Crossrider.B potentially unwanted application    deleted - quarantined
D:\Users\AzZazel\AppData\Roaming\Mozilla\Firefox\Profiles\t70aufj1.default\extensions\f642a7a0-3e89-45d2-875f-8394cf2f7196@2c30b4c2-9e83-4875-a4ca-6acd1e9923b2.com\extensionData\plugins\135_arcadi3_m.js    JS/Toolbar.Crossrider.B potentially unwanted application    deleted - quarantined
D:\Users\AzZazel\AppData\Roaming\Mozilla\Firefox\Profiles\t70aufj1.default\extensions\f642a7a0-3e89-45d2-875f-8394cf2f7196@2c30b4c2-9e83-4875-a4ca-6acd1e9923b2.com\extensionData\plugins\138_getdeal_m.js    JS/Toolbar.Crossrider.B potentially unwanted application    deleted - quarantined
D:\Users\AzZazel\AppData\Roaming\Mozilla\Firefox\Profiles\t70aufj1.default\extensions\f642a7a0-3e89-45d2-875f-8394cf2f7196@2c30b4c2-9e83-4875-a4ca-6acd1e9923b2.com\extensionData\plugins\141_corticas_ru_m.js.js    JS/Toolbar.Crossrider.B potentially unwanted application    deleted - quarantined
D:\Users\AzZazel\AppData\Roaming\Mozilla\Firefox\Profiles\t70aufj1.default\extensions\f642a7a0-3e89-45d2-875f-8394cf2f7196@2c30b4c2-9e83-4875-a4ca-6acd1e9923b2.com\extensionData\plugins\142_intext_fa_m.js    JS/Toolbar.Crossrider.B potentially unwanted application    deleted - quarantined
D:\Users\AzZazel\AppData\Roaming\Mozilla\Firefox\Profiles\t70aufj1.default\extensions\f642a7a0-3e89-45d2-875f-8394cf2f7196@2c30b4c2-9e83-4875-a4ca-6acd1e9923b2.com\extensionData\plugins\155_ibario_pops_m.js    JS/Toolbar.Crossrider.B potentially unwanted application    deleted - quarantined
D:\Users\AzZazel\AppData\Roaming\Mozilla\Firefox\Profiles\t70aufj1.default\extensions\f642a7a0-3e89-45d2-875f-8394cf2f7196@2c30b4c2-9e83-4875-a4ca-6acd1e9923b2.com\extensionData\plugins\158_50onred_ads_only_no_fb_m.js    JS/Toolbar.Crossrider.B potentially unwanted application    deleted - quarantined
D:\Users\AzZazel\AppData\Roaming\Mozilla\Firefox\Profiles\t70aufj1.default\extensions\f642a7a0-3e89-45d2-875f-8394cf2f7196@2c30b4c2-9e83-4875-a4ca-6acd1e9923b2.com\extensionData\plugins\159_cortica_rollover_m.js    JS/Toolbar.Crossrider.B potentially unwanted application    deleted - quarantined
D:\Users\AzZazel\AppData\Roaming\Mozilla\Firefox\Profiles\t70aufj1.default\extensions\f642a7a0-3e89-45d2-875f-8394cf2f7196@2c30b4c2-9e83-4875-a4ca-6acd1e9923b2.com\extensionData\plugins\171_arcadi2_sourceID_m.js    JS/Toolbar.Crossrider.B potentially unwanted application    deleted - quarantined
D:\Users\AzZazel\AppData\Roaming\Mozilla\Firefox\Profiles\t70aufj1.default\extensions\f642a7a0-3e89-45d2-875f-8394cf2f7196@2c30b4c2-9e83-4875-a4ca-6acd1e9923b2.com\extensionData\plugins\174_arcadi_serp_dynamic_id_m.js    JS/Toolbar.Crossrider.B potentially unwanted application    deleted - quarantined
D:\Users\AzZazel\AppData\Roaming\Mozilla\Firefox\Profiles\t70aufj1.default\extensions\f642a7a0-3e89-45d2-875f-8394cf2f7196@2c30b4c2-9e83-4875-a4ca-6acd1e9923b2.com\extensionData\plugins\175_coolmirage_m.js    JS/Toolbar.Crossrider.B potentially unwanted application    deleted - quarantined
D:\Users\AzZazel\AppData\Roaming\Mozilla\Firefox\Profiles\t70aufj1.default\extensions\f642a7a0-3e89-45d2-875f-8394cf2f7196@2c30b4c2-9e83-4875-a4ca-6acd1e9923b2.com\extensionData\plugins\178_revizer_ws_dynamic_m.js    JS/Toolbar.Crossrider.B potentially unwanted application    deleted - quarantined
D:\Users\AzZazel\AppData\Roaming\Mozilla\Firefox\Profiles\t70aufj1.default\extensions\f642a7a0-3e89-45d2-875f-8394cf2f7196@2c30b4c2-9e83-4875-a4ca-6acd1e9923b2.com\extensionData\plugins\179_revizer_p_dynamic_m.js    JS/Toolbar.Crossrider.B potentially unwanted application    deleted - quarantined
D:\Users\AzZazel\AppData\Roaming\Mozilla\Firefox\Profiles\t70aufj1.default\extensions\f642a7a0-3e89-45d2-875f-8394cf2f7196@2c30b4c2-9e83-4875-a4ca-6acd1e9923b2.com\extensionData\plugins\91_monetizationLoader.js.js    JS/Toolbar.Crossrider.B potentially unwanted application    deleted - quarantined
D:\Users\AzZazel\AppData\Roaming\Mozilla\Firefox\Profiles\t70aufj1.default\extensions\f642a7a0-3e89-45d2-875f-8394cf2f7196@2c30b4c2-9e83-4875-a4ca-6acd1e9923b2.com\extensionData\plugins\92_superfish_m.js    JS/Toolbar.Crossrider.B potentially unwanted application    deleted - quarantined
D:\Users\AzZazel\AppData\Roaming\Mozilla\Firefox\Profiles\t70aufj1.default\extensions\f642a7a0-3e89-45d2-875f-8394cf2f7196@2c30b4c2-9e83-4875-a4ca-6acd1e9923b2.com\extensionData\plugins\93_superfish_no_coupons_m.js    JS/Toolbar.Crossrider.B potentially unwanted application    deleted - quarantined
D:\Users\AzZazel\Desktop\1 Desktop\Gravar em DVD\sXeInjectedSetup.11.2.Fix.6.exe    a variant of Win32/Packed.Themida potentially unwanted application    deleted - quarantined
D:\Users\AzZazel\Desktop\1 Desktop\Gravar em DVD\sXeInjectedSetup.11.4.Fix.1.exe    a variant of Win32/Packed.Themida potentially unwanted application    deleted - quarantined
D:\Users\AzZazel\Desktop\1 Desktop\Gravar em DVD\sXeInjectedSetup.8.0.exe    probably a variant of Win32/Packed.Themida potentially unwanted application    deleted - quarantined
D:\Users\AzZazel\Desktop\1 Desktop\Gravar em DVD\sXeInjectedSetup.8.1.exe    a variant of Win32/Packed.Themida potentially unwanted application    deleted - quarantined
D:\Users\AzZazel\Desktop\1 Desktop\Gravar em DVD\sXeInjectedSetup.8.5.exe    a variant of Win32/Packed.Themida potentially unwanted application    deleted - quarantined
D:\Users\AzZazel\Desktop\1 Desktop\Gravar em DVD\sXeInjectedSetup.8.6.Fix.1.exe    a variant of Win32/Packed.Themida potentially unwanted application    deleted - quarantined
D:\Windows\Installer\MSID0C7.tmp    a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application    deleted - quarantined
D:\Windows\SysWOW64\Adobe\Shockwave 12\gt.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted - quarantined
E:\Windows\Instalar\aTube_Catcher_Setup.exe    a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application    deleted - quarantined
 


Edited by AzZazell, 06 June 2014 - 08:07 PM.


#10 nasdaq

nasdaq

  • Malware Response Team
  • 39,586 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:04 AM

Posted 07 June 2014 - 09:08 AM


--RogueKiller--
  • Download & SAVE to your Desktop For 32bit system or For 64bit system
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+
=======

Lets also check the boot process.

Read carefully and follow these steps.
TDSS
  • Download TDSSKiller and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application.
  • Then click on Start Scan.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.

    TDSSKillerSuspicious-1.png
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • Important: Do NOT change the default action on your own unless instructed by a malware Helper! Doing so may render your computer unbootable.
    TDSSKillerMal-1.png
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.

    TDSSKillerCompleted.png
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
===

Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) to your desktop. Double click the aswMBR.exe to run it.
  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please paste the contents of that log in your next reply.
There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.
===

Post the log for my review.

#11 AzZazell

AzZazell
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:04 AM

Posted 07 June 2014 - 10:42 AM

RogueKiller Log

 

RogueKiller V9.0.2.0 (x64) [Jun  3 2014] Por Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Site : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Sistema Operacional : Windows 8.1 (6.3.9200 ) 64 bits version
Iniciado em : Modo Normal
Usuario : Iderlan [Privilegios de Admnistrador]
Modo : Remover -- Data : 06/07/2014  12:24:06

¤¤¤ Entradas ruins : 0 ¤¤¤

¤¤¤ Entradas do Registro : 18 ¤¤¤
[PUM.Proxy] (X64) HKEY_USERS\RK_AzZazel_ON_D_0113\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=  -> NÃO SELECIONADO
[PUM.Proxy] (X86) HKEY_USERS\RK_AzZazel_ON_D_0113\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=  -> NÃO SELECIONADO
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\RK_Software_ON_D_D6F8\Microsoft\Windows\CurrentVersion\Policies\System | EnableLUA : 0  -> NÃO SELECIONADO
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\RK_Software_ON_D_D6F8\Microsoft\Windows\CurrentVersion\Policies\System | EnableLUA : 0  -> NÃO SELECIONADO
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\RK_Software_ON_D_D6F8\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0  -> NÃO SELECIONADO
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0  -> NÃO SELECIONADO
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\RK_Software_ON_D_D6F8\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0  -> NÃO SELECIONADO
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0  -> NÃO SELECIONADO
[PUM.Desktop] (X64) HKEY_USERS\RK_AzZazel_ON_D_0113\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop | NoChangingWallpaper : 0  -> NÃO SELECIONADO
[PUM.Desktop] (X86) HKEY_USERS\RK_AzZazel_ON_D_0113\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop | NoChangingWallpaper : 0  -> NÃO SELECIONADO
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\RK_Software_ON_D_D6F8\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> NÃO SELECIONADO
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\RK_Software_ON_D_D6F8\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> NÃO SELECIONADO
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> NÃO SELECIONADO
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> NÃO SELECIONADO
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\RK_Software_ON_D_D6F8\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> NÃO SELECIONADO
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\RK_Software_ON_D_D6F8\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> NÃO SELECIONADO
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> NÃO SELECIONADO
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> NÃO SELECIONADO

¤¤¤ As tarefas agendadas : 0 ¤¤¤

¤¤¤ Arquivos : 0 ¤¤¤

¤¤¤ Arquivo de Hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 0 ¤¤¤

¤¤¤ Os navegadores da Web : 1 ¤¤¤
[PUM.Proxy][FIREFX:Config] 7qa418qk.default : user_pref("network.proxy.type", 2); -> NÃO SELECIONADO

¤¤¤ Verificaçao do MBR : ¤¤¤
+++++ PhysicalDrive0: KINGSTON SV300S37A120G +++++
--- User ---
[MBR] 9dc0d2770094cd7cdba26fe3147c612e
[BSP] bc1c317214a38fa50d1986ee075520c6 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 114371 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: WDC WD20EARX-008FB0 +++++
--- User ---
[MBR] ac77c4c1db37c993b830c0599af1abd7
[BSP] b0993718534fbcabc2bd41bcd2d7d76a : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 1907727 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive2: WDC WD20EARX-00PASB0 +++++
--- User ---
[MBR] 0086f36f0b7bc8b257f89fc226376c3d
[BSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 2097152 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive3: SAMSUNG HD154UI +++++
--- User ---
[MBR] 540fc1ef42ef51e4d267574f3332c7ae
[BSP] 0d6aa2cea73eb6b6ea420a0cc4ee5001 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 1430797 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive4: ST4000DM000-1F2168 +++++
--- User ---
[MBR] 0086f36f0b7bc8b257f89fc226376c3d
[BSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 2097152 MB
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_SCN_06072014_122342.log

 

TDSSKiller Log

 

12:28:05.0203 0x379c  TDSS rootkit removing tool 3.0.0.39 Jun  5 2014 20:35:54
12:28:15.0744 0x379c  ============================================================
12:28:15.0744 0x379c  Current date / time: 2014/06/07 12:28:15.0744
12:28:15.0744 0x379c  SystemInfo:
12:28:15.0744 0x379c  
12:28:15.0744 0x379c  OS Version: 6.3.9600 ServicePack: 0.0
12:28:15.0744 0x379c  Product type: Workstation
12:28:15.0744 0x379c  ComputerName: AZZAZEL
12:28:15.0745 0x379c  UserName: Iderlan
12:28:15.0745 0x379c  Windows directory: C:\Windows
12:28:15.0745 0x379c  System windows directory: C:\Windows
12:28:15.0745 0x379c  Running under WOW64
12:28:15.0745 0x379c  Processor architecture: Intel x64
12:28:15.0745 0x379c  Number of processors: 8
12:28:15.0745 0x379c  Page size: 0x1000
12:28:15.0745 0x379c  Boot type: Normal boot
12:28:15.0745 0x379c  ============================================================
12:28:15.0792 0x379c  KLMD registered as C:\Windows\system32\drivers\76954290.sys
12:28:15.0899 0x379c  System UUID: {8E8EA82A-7478-968A-337A-7D35BEFBCB21}
12:28:16.0193 0x379c  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:28:16.0592 0x379c  Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:28:16.0593 0x379c  Drive \Device\Harddisk2\DR2 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:28:16.0594 0x379c  Drive \Device\Harddisk3\DR3 - Size: 0x15D50F66000 ( 1397.27 Gb ), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:28:16.0594 0x379c  Drive \Device\Harddisk4\DR4 - Size: 0x3A3817D6000 ( 3726.02 Gb ), SectorSize: 0x200, Cylinders: 0x76C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:28:16.0799 0x379c  ============================================================
12:28:16.0799 0x379c  \Device\Harddisk0\DR0:
12:28:16.0800 0x379c  MBR partitions:
12:28:16.0800 0x379c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:28:16.0800 0x379c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61800
12:28:16.0800 0x379c  \Device\Harddisk1\DR1:
12:28:16.0801 0x379c  MBR partitions:
12:28:16.0801 0x379c  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
12:28:16.0801 0x379c  \Device\Harddisk2\DR2:
12:28:16.0801 0x379c  GPT partitions:
12:28:16.0801 0x379c  \Device\Harddisk2\DR2\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {9833CB21-C6D8-468C-9C05-ACE677F6195C}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
12:28:16.0801 0x379c  \Device\Harddisk2\DR2\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {026F591C-1258-432A-96E2-AC79EDC29163}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0xE8DC8000
12:28:16.0801 0x379c  MBR partitions:
12:28:16.0801 0x379c  \Device\Harddisk3\DR3:
12:28:16.0802 0x379c  MBR partitions:
12:28:16.0802 0x379c  \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAEA86800
12:28:16.0802 0x379c  \Device\Harddisk4\DR4:
12:28:16.0802 0x379c  GPT partitions:
12:28:16.0802 0x379c  \Device\Harddisk4\DR4\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {A27DB089-AED6-4C2F-AE53-89DCB67A6D10}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
12:28:16.0802 0x379c  \Device\Harddisk4\DR4\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {8A45C859-6043-47ED-AC8A-F6DFDF15D721}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0xD1BCB000
12:28:16.0802 0x379c  MBR partitions:
12:28:16.0802 0x379c  ============================================================
12:28:16.0804 0x379c  C: <-> \Device\Harddisk0\DR0\Partition2
12:28:16.0822 0x379c  D: <-> \Device\Harddisk1\DR1\Partition1
12:28:17.0307 0x379c  E: <-> \Device\Harddisk2\DR2\Partition2
12:28:17.0355 0x379c  F: <-> \Device\Harddisk4\DR4\Partition2
12:28:17.0393 0x379c  H: <-> \Device\Harddisk3\DR3\Partition1
12:28:17.0393 0x379c  ============================================================
12:28:17.0393 0x379c  Initialize success
12:28:17.0393 0x379c  ============================================================
12:28:26.0236 0x1288  ============================================================
12:28:26.0236 0x1288  Scan started
12:28:26.0236 0x1288  Mode: Manual;
12:28:26.0236 0x1288  ============================================================
12:28:26.0236 0x1288  KSN ping started
12:28:28.0794 0x1288  KSN ping finished: true
12:28:30.0342 0x1288  ================ Scan system memory ========================
12:28:30.0342 0x1288  System memory - ok
12:28:30.0342 0x1288  ================ Scan services =============================
12:28:30.0382 0x1288  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
12:28:30.0385 0x1288  1394ohci - ok
12:28:30.0395 0x1288  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\Windows\system32\drivers\3ware.sys
12:28:30.0397 0x1288  3ware - ok
12:28:30.0410 0x1288  [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI            C:\Windows\system32\drivers\ACPI.sys
12:28:30.0416 0x1288  ACPI - ok
12:28:30.0419 0x1288  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
12:28:30.0420 0x1288  acpiex - ok
12:28:30.0423 0x1288  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
12:28:30.0423 0x1288  acpipagr - ok
12:28:30.0425 0x1288  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
12:28:30.0425 0x1288  AcpiPmi - ok
12:28:30.0427 0x1288  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
12:28:30.0428 0x1288  acpitime - ok
12:28:30.0432 0x1288  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:28:30.0433 0x1288  AdobeARMservice - ok
12:28:30.0454 0x1288  [ 09E7C37DF4A911C8A9AA8BF88ACD10AA, E881E0BBDCED58F28E0BA8DC27372EDFFFF2C57EE31CD13A032FDC9F7C831B5A ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:28:30.0457 0x1288  AdobeFlashPlayerUpdateSvc - ok
12:28:30.0469 0x1288  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
12:28:30.0477 0x1288  ADP80XX - ok
12:28:30.0484 0x1288  [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:28:30.0486 0x1288  AeLookupSvc - ok
12:28:30.0495 0x1288  [ 239268BAB58EAE9A3FF4E08334C00451, 13F927730DF9BAEDB3A7AB6F7238270A20E4CDEB3D5324A1C471DF2209F3D239 ] AFD             C:\Windows\system32\drivers\afd.sys
12:28:30.0501 0x1288  AFD - ok
12:28:30.0505 0x1288  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\Windows\system32\drivers\agp440.sys
12:28:30.0506 0x1288  agp440 - ok
12:28:30.0509 0x1288  [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
12:28:30.0510 0x1288  ahcache - ok
12:28:30.0513 0x1288  [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG             C:\Windows\System32\alg.exe
12:28:30.0515 0x1288  ALG - ok
12:28:30.0519 0x1288  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
12:28:30.0520 0x1288  AmdK8 - ok
12:28:30.0524 0x1288  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
12:28:30.0525 0x1288  AmdPPM - ok
12:28:30.0528 0x1288  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
12:28:30.0529 0x1288  amdsata - ok
12:28:30.0535 0x1288  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
12:28:30.0538 0x1288  amdsbs - ok
12:28:30.0540 0x1288  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
12:28:30.0540 0x1288  amdxata - ok
12:28:30.0544 0x1288  [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID           C:\Windows\system32\drivers\appid.sys
12:28:30.0545 0x1288  AppID - ok
12:28:30.0548 0x1288  [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
12:28:30.0549 0x1288  AppIDSvc - ok
12:28:30.0552 0x1288  [ 8D6F535461F6CFF75A8ADDF83024C904, F2A97EC4A6284F28B685A3CE2D450F61E75EE8692D718A6AA352D5734BBBAD7B ] Appinfo         C:\Windows\System32\appinfo.dll
12:28:30.0554 0x1288  Appinfo - ok
12:28:30.0556 0x1288  [ 1C726705935E89FD59E652E4F09148D0, 5D72DB5C493ED48ACBD1A520283C7B16E656FB1E8B00885696C79A09FC37487D ] AppleCharger    C:\Windows\system32\DRIVERS\AppleCharger.sys
12:28:30.0556 0x1288  AppleCharger - ok
12:28:30.0559 0x1288  [ 95EF7247C50C7241FDAE39A9B3AFF4AE, 6E08FB095C04B2E217B139D6431336C0F24C128A2A83082A3085DC8C44AA247D ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe
12:28:30.0559 0x1288  AppleChargerSrv - ok
12:28:30.0563 0x1288  [ 8176FBA685178FB0F52D46693474FA50, 69FE3692C7FE24289A479ADD74F2C782B59A099B7B07FE5ACFC4DA899E40BFDE ] AppMgmt         C:\Windows\System32\appmgmts.dll
12:28:30.0566 0x1288  AppMgmt - ok
12:28:30.0575 0x1288  [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness    C:\Windows\system32\AppReadiness.dll
12:28:30.0582 0x1288  AppReadiness - ok
12:28:30.0601 0x1288  [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll
12:28:30.0618 0x1288  AppXSvc - ok
12:28:30.0623 0x1288  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
12:28:30.0624 0x1288  arcsas - ok
12:28:30.0627 0x1288  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\Windows\system32\drivers\atapi.sys
12:28:30.0627 0x1288  atapi - ok
12:28:30.0632 0x1288  [ F83D49F4B10E813A1F9AC8B92F16592D, E7B2F508D33861A9826F2C7B2087F14F6937C9B8F660D6363F737BAC60BD4578 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
12:28:30.0635 0x1288  AudioEndpointBuilder - ok
12:28:30.0648 0x1288  [ 9A71BD2E4B8EB550D0022AFDF8616014, 34D595684624114F23265CE8031ADC9E03AD374A5AFEEBB794AC57796A3CDA2F ] Audiosrv        C:\Windows\System32\Audiosrv.dll
12:28:30.0658 0x1288  Audiosrv - ok
12:28:30.0662 0x1288  [ 4EB2E8EE8BA47B58E08B67139C31CB41, 196F759A2BC3E978C3FDB1E37E0D40D56D43CB0004D5333E787CD4727A46F06C ] Avgboota        C:\Windows\system32\DRIVERS\avgboota.sys
12:28:30.0662 0x1288  Avgboota - ok
12:28:30.0666 0x1288  [ D89F8E4E025DAA0C39FF61AC0199E101, 0A80A572D93DBDE14CD5494EF3F866B44E9BC259D43EE23185E4FC227D08DE69 ] Avgdiska        C:\Windows\system32\DRIVERS\avgdiska.sys
12:28:30.0668 0x1288  Avgdiska - ok
12:28:30.0670 0x1288  [ CA10D51653068DB6A0ADEEDDC4946C47, 6E731B28C38ED2BA48CF4855EBBF8B548D45C8DB8ABD9521E5516227CA68072B ] Avgfwfd         C:\Windows\system32\DRIVERS\avgfwd6a.sys
12:28:30.0671 0x1288  Avgfwfd - ok
12:28:30.0694 0x1288  [ E578BE6020D03900A2062778B6D52226, BCE022157B696FE21D95A4C4386264BF637803B0C32BB4DB5E9D8BA166D51F9A ] avgfws          C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
12:28:30.0709 0x1288  avgfws - ok
12:28:30.0760 0x1288  [ 561CE09C52F6E945ED4CE7E173D1F542, 25FB1B55E22D4DF3B03B6D395B6C4749C03B950139767FA095C24234BD962782 ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
12:28:30.0798 0x1288  AVGIDSAgent - ok
12:28:30.0808 0x1288  [ F9984B8432204D000E15DE0A40D6F9AD, EBF0AAAFC9793F1EDCF3502CAE265CC012A60FA2B5DAD35A66DAD19ACFE206FC ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
12:28:30.0810 0x1288  AVGIDSDriver - ok
12:28:30.0815 0x1288  [ 73B684F26AD82BABC2A1B3E539ED027A, B164C0C395FF285ED31615E7DB5F43B31A2F1CB6156A68BB5F3802AFCA7B8887 ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
12:28:30.0818 0x1288  AVGIDSHA - ok
12:28:30.0823 0x1288  [ 18A542A22A31DFFEA51666E75393E7A5, 7EFA508ECE7266446B2A5E12DB7461D328F2B47E2A70A8AA2C9D0E42898C71AC ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
12:28:30.0825 0x1288  Avgldx64 - ok
12:28:30.0831 0x1288  [ EC0E347F6C95541504CCF1B85D74F91F, F0819BF489C8776696D9DD89AC9673717BAF957DFAA071DA3911560172C6D952 ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
12:28:30.0835 0x1288  Avgloga - ok
12:28:30.0839 0x1288  [ ADC65C6074A994D91CA9C6339C3DC978, A736BF94E41B9B06E826E3F2BBA7B305990DF68CF17DA8F661AE952FB240DDE1 ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
12:28:30.0840 0x1288  Avgmfx64 - ok
12:28:30.0843 0x1288  [ 7D206FA06603E95984EFF9822C9FC958, 11863D7A5A14C852594F90FD3A54E55CBE8C27075E640C9B222102AD9DA91F35 ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
12:28:30.0843 0x1288  Avgrkx64 - ok
12:28:30.0849 0x1288  [ E5C581D358B62CF65776B8E4E17B9E5C, 955E4ECFD036330B139476CCCC7564B082C197D5E7577853E0C3D7B707EDB090 ] avgwd           C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
12:28:30.0852 0x1288  avgwd - ok
12:28:30.0857 0x1288  [ AE2B554B1A12A7737158B96E050C8A2E, CA406CFD98B8D898AFD66DF5D45E3E4594664C50CC9CE711BEB6C56D4B01EC2E ] Avgwfpa         C:\Windows\system32\DRIVERS\avgwfpa.sys
12:28:30.0860 0x1288  Avgwfpa - ok
12:28:30.0864 0x1288  [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
12:28:30.0865 0x1288  AxInstSV - ok
12:28:30.0875 0x1288  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
12:28:30.0880 0x1288  b06bdrv - ok
12:28:30.0884 0x1288  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
12:28:30.0885 0x1288  BasicDisplay - ok
12:28:30.0887 0x1288  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
12:28:30.0888 0x1288  BasicRender - ok
12:28:30.0891 0x1288  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
12:28:30.0891 0x1288  bcmfn2 - ok
12:28:30.0898 0x1288  [ 5BD3A2351BEFCAC8757626271F8EFA89, 6508673210129CF7EFCA93EC7874208FAD361E37814EB4FE9E0EC034E73D5F16 ] BDESVC          C:\Windows\System32\bdesvc.dll
12:28:30.0902 0x1288  BDESVC - ok
12:28:30.0904 0x1288  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\Windows\system32\drivers\Beep.sys
12:28:30.0905 0x1288  Beep - ok
12:28:30.0917 0x1288  [ BBE15881FE11BE37112F8320C41DAFB9, 5CE92563628812FF6E00556D8E2DAD6ADCAAF0F4C3B90123F1D98ED6E3BB6DAD ] BFE             C:\Windows\System32\bfe.dll
12:28:30.0929 0x1288  BFE - ok
12:28:30.0945 0x1288  [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS            C:\Windows\System32\qmgr.dll
12:28:30.0959 0x1288  BITS - ok
12:28:30.0963 0x1288  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:28:30.0964 0x1288  bowser - ok
12:28:30.0970 0x1288  [ F2559A492AF8D653D1F47ADABA4C3E97, 77347915FB433023769699DFC9511F54E69C7FC7AB75F57FDC1A58E64A7126DE ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
12:28:30.0974 0x1288  BrokerInfrastructure - ok
12:28:30.0978 0x1288  [ D528D6A92D187777691993DD757AF19A, 2C79978310193431E5FC462368424A172858D5351C92D4815C2A7E35B5DDE50C ] Browser         C:\Windows\System32\browser.dll
12:28:30.0980 0x1288  Browser - ok
12:28:30.0982 0x1288  [ 21A583678FD814794BC3E8E32E5A6BD3, 4EC67E35BAC69A66B480DA50FBB176104C7294744B3F7B7F4C05F2B351FE62DE ] BTCFilterService C:\Windows\system32\DRIVERS\motfilt.sys
12:28:30.0982 0x1288  BTCFilterService - ok
12:28:30.0985 0x1288  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
12:28:30.0986 0x1288  BthAvrcpTg - ok
12:28:30.0988 0x1288  [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
12:28:30.0989 0x1288  BthHFEnum - ok
12:28:30.0991 0x1288  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
12:28:30.0992 0x1288  bthhfhid - ok
12:28:30.0995 0x1288  [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
12:28:30.0996 0x1288  BTHMODEM - ok
12:28:30.0999 0x1288  [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv         C:\Windows\system32\bthserv.dll
12:28:31.0002 0x1288  bthserv - ok
12:28:31.0004 0x1288  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:28:31.0006 0x1288  cdfs - ok
12:28:31.0010 0x1288  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\Windows\System32\drivers\cdrom.sys
12:28:31.0012 0x1288  cdrom - ok
12:28:31.0016 0x1288  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc     C:\Windows\System32\certprop.dll
12:28:31.0018 0x1288  CertPropSvc - ok
12:28:31.0020 0x1288  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\Windows\System32\drivers\circlass.sys
12:28:31.0021 0x1288  circlass - ok
12:28:31.0028 0x1288  [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
12:28:31.0032 0x1288  CLFS - ok
12:28:31.0038 0x1288  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
12:28:31.0038 0x1288  CmBatt - ok
12:28:31.0047 0x1288  [ 4627C1FBF2802425A408A2D2AF28CF85, 8B91C1BE1104BE93C0D689A20315FD106D89A076267493319B104EE73A90CDCB ] CNG             C:\Windows\system32\Drivers\cng.sys
12:28:31.0053 0x1288  CNG - ok
12:28:31.0057 0x1288  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
12:28:31.0058 0x1288  CompositeBus - ok
12:28:31.0059 0x1288  COMSysApp - ok
12:28:31.0062 0x1288  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\Windows\system32\drivers\condrv.sys
12:28:31.0062 0x1288  condrv - ok
12:28:31.0082 0x1288  [ 8492FA3B8E6C23805A61032A2C66FD54, 13248B60A1D119694DBAC464CCF0D534CD8ADC24329394F0E31D856746791DF5 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
12:28:31.0086 0x1288  cphs - ok
12:28:31.0090 0x1288  [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:28:31.0093 0x1288  CryptSvc - ok
12:28:31.0102 0x1288  [ EE2F3C0D6ADBC975D6B621EC15ACF4E2, D158C0FACA6344BCD77616EC3D23212F9FD76D7D0C834ACA51998B80162106D5 ] CSC             C:\Windows\system32\drivers\csc.sys
12:28:31.0108 0x1288  CSC - ok
12:28:31.0120 0x1288  [ 936D9E2871CEEFF6A33695D98374367B, C30D42E870F196C4FA20AF95C7B9D9C9C5414D6DDE71268F88C3FC5BF372E61B ] CscService      C:\Windows\System32\cscsvc.dll
12:28:31.0131 0x1288  CscService - ok
12:28:31.0134 0x1288  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\Windows\system32\drivers\dam.sys
12:28:31.0135 0x1288  dam - ok
12:28:31.0147 0x1288  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:28:31.0156 0x1288  DcomLaunch - ok
12:28:31.0164 0x1288  [ 78089FCDE082FD4FA471C30A7C2DC736, C4816D7125C39290C3B0B1F580CEE8BB7FFC004F727EA9E9767671D3EDB946AE ] defragsvc       C:\Windows\System32\defragsvc.dll
12:28:31.0170 0x1288  defragsvc - ok
12:28:31.0177 0x1288  [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\Windows\system32\das.dll
12:28:31.0183 0x1288  DeviceAssociationService - ok
12:28:31.0186 0x1288  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
12:28:31.0190 0x1288  DeviceInstall - ok
12:28:31.0193 0x1288  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
12:28:31.0194 0x1288  Dfsc - ok
12:28:31.0201 0x1288  [ 8B107F55FD61654A6C9F1B819AEC5FC4, 773B1B9D3583F17B7C89BDE1EC4487ABB0AE039DF4583F8746460425443DA291 ] Dhcp            C:\Windows\system32\dhcpcore.dll
12:28:31.0206 0x1288  Dhcp - ok
12:28:31.0211 0x1288  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\Windows\system32\drivers\disk.sys
12:28:31.0212 0x1288  disk - ok
12:28:31.0214 0x1288  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
12:28:31.0214 0x1288  dmvsc - ok
12:28:31.0219 0x1288  [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:28:31.0223 0x1288  Dnscache - ok
12:28:31.0229 0x1288  [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc         C:\Windows\System32\dot3svc.dll
12:28:31.0232 0x1288  dot3svc - ok
12:28:31.0236 0x1288  [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS             C:\Windows\system32\dps.dll
12:28:31.0239 0x1288  DPS - ok
12:28:31.0241 0x1288  [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:28:31.0241 0x1288  drmkaud - ok
12:28:31.0245 0x1288  [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
12:28:31.0249 0x1288  DsmSvc - ok
12:28:31.0254 0x1288  [ 33F90B202E9DD9B7D489EB59310FDC34, 6ECF6669433E090E9CF6B1875AF18D2C06F8CDB3901D58BF89C3E2202574ABBD ] dtsoftbus01     C:\Windows\System32\drivers\dtsoftbus01.sys
12:28:31.0257 0x1288  dtsoftbus01 - ok
12:28:31.0280 0x1288  [ C7D252742946DD395670649742FBD73D, 333CC984CF318D36EA8C5867077A1732A214445EB6B7CF7AC2E8F1C8259CD9C7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:28:31.0296 0x1288  DXGKrnl - ok
12:28:31.0306 0x1288  [ E09FD2CDED38297D99DD7D5D591FE61C, C9506A817E476C6D43514BB3D37041F7A29DBA8D3C86017BF7EFD751572009AB ] e1dexpress      C:\Windows\system32\DRIVERS\e1d64x64.sys
12:28:31.0311 0x1288  e1dexpress - ok
12:28:31.0319 0x1288  [ FA988D76745C917CDFE20031C06DE860, B01AA3611869854D3BCA8B6CD7A6F48CC3537145DD3EBE50F5BEF72239924BF7 ] e1iexpress      C:\Windows\system32\DRIVERS\e1i63x64.sys
12:28:31.0324 0x1288  e1iexpress - ok
12:28:31.0327 0x1288  [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost         C:\Windows\System32\eapsvc.dll
12:28:31.0329 0x1288  Eaphost - ok
12:28:31.0376 0x1288  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
12:28:31.0411 0x1288  ebdrv - ok
12:28:31.0418 0x1288  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS             C:\Windows\System32\lsass.exe
12:28:31.0419 0x1288  EFS - ok
12:28:31.0421 0x1288  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
12:28:31.0422 0x1288  EhStorClass - ok
12:28:31.0426 0x1288  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
12:28:31.0427 0x1288  EhStorTcgDrv - ok
12:28:31.0429 0x1288  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\Windows\System32\drivers\errdev.sys
12:28:31.0430 0x1288  ErrDev - ok
12:28:31.0439 0x1288  [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem     C:\Windows\system32\es.dll
12:28:31.0445 0x1288  EventSystem - ok
12:28:31.0449 0x1288  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\Windows\system32\drivers\exfat.sys
12:28:31.0452 0x1288  exfat - ok
12:28:31.0457 0x1288  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:28:31.0459 0x1288  fastfat - ok
12:28:31.0469 0x1288  [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax             C:\Windows\system32\fxssvc.exe
12:28:31.0477 0x1288  Fax - ok
12:28:31.0480 0x1288  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\Windows\System32\drivers\fdc.sys
12:28:31.0480 0x1288  fdc - ok
12:28:31.0482 0x1288  [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost         C:\Windows\system32\fdPHost.dll
12:28:31.0483 0x1288  fdPHost - ok
12:28:31.0486 0x1288  [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub        C:\Windows\system32\fdrespub.dll
12:28:31.0487 0x1288  FDResPub - ok
12:28:31.0490 0x1288  [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc           C:\Windows\system32\fhsvc.dll
12:28:31.0492 0x1288  fhsvc - ok
12:28:31.0495 0x1288  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:28:31.0497 0x1288  FileInfo - ok
12:28:31.0499 0x1288  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:28:31.0500 0x1288  Filetrace - ok
12:28:31.0502 0x1288  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
12:28:31.0502 0x1288  flpydisk - ok
12:28:31.0510 0x1288  [ 46D1DF775FFF14585218BBE16E5B2C9A, F39EF615B18CEC7BA3F68C7639B636C06812AD9DBEDE90EB7B2C04C64396FC9E ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:28:31.0514 0x1288  FltMgr - ok
12:28:31.0535 0x1288  [ 183CA7699474FDE235853967D1DA4D9B, 8FBD5997F1E39AFFD8C4322520DF4D2227279B5149017D825C188D7411BA99AF ] FontCache       C:\Windows\system32\FntCache.dll
12:28:31.0551 0x1288  FontCache - ok
12:28:31.0556 0x1288  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:28:31.0557 0x1288  FontCache3.0.0.0 - ok
12:28:31.0559 0x1288  [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
12:28:31.0560 0x1288  FsDepends - ok
12:28:31.0562 0x1288  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:28:31.0563 0x1288  Fs_Rec - ok
12:28:31.0572 0x1288  [ B2BD017231836DA9F63F41E3A075D73E, 31B1DD677FE8B4F90B8AB5A131DA0105439AC2D91BC0CEDC972D2D87E595A686 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
12:28:31.0578 0x1288  fvevol - ok
12:28:31.0581 0x1288  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
12:28:31.0582 0x1288  FxPPM - ok
12:28:31.0584 0x1288  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
12:28:31.0585 0x1288  gagp30kx - ok
12:28:31.0587 0x1288  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
12:28:31.0588 0x1288  gencounter - ok
12:28:31.0592 0x1288  [ EF3AE7773394DF49CE74AF78A1C8D23D, CB12FF004C460A89F12AFF2467512B479A07CA10D4280CD4E624A5A9CDAB9C1B ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
12:28:31.0593 0x1288  GPIOClx0101 - ok
12:28:31.0612 0x1288  [ 58C11DCCC6241CC13861A559E31A69F0, 78B38BBC362C9209B06849CC79301EC595AFCE3E2BDE402A0B1F2725D3EDEFA3 ] gpsvc           C:\Windows\System32\gpsvc.dll
12:28:31.0630 0x1288  gpsvc - ok
12:28:31.0636 0x1288  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:28:31.0637 0x1288  gupdate - ok
12:28:31.0640 0x1288  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:28:31.0641 0x1288  gupdatem - ok
12:28:31.0649 0x1288  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:28:31.0654 0x1288  HdAudAddService - ok
12:28:31.0657 0x1288  [ 03909BDBFF0DCACCABF2B2D4ADEE44DC, 42E631B23BB004F5C2128BAD334C21AB20FAD08AFED9E8191AE9373531BC73DD ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
12:28:31.0658 0x1288  HDAudBus - ok
12:28:31.0661 0x1288  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
12:28:31.0661 0x1288  HidBatt - ok
12:28:31.0665 0x1288  [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
12:28:31.0666 0x1288  HidBth - ok
12:28:31.0668 0x1288  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
12:28:31.0669 0x1288  hidi2c - ok
12:28:31.0671 0x1288  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\Windows\System32\drivers\hidir.sys
12:28:31.0672 0x1288  HidIr - ok
12:28:31.0675 0x1288  [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv         C:\Windows\system32\hidserv.dll
12:28:31.0676 0x1288  hidserv - ok
12:28:31.0677 0x1288  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
12:28:31.0678 0x1288  HidUsb - ok
12:28:31.0681 0x1288  [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:28:31.0683 0x1288  hkmsvc - ok
12:28:31.0688 0x1288  [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:28:31.0692 0x1288  HomeGroupListener - ok
12:28:31.0699 0x1288  [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:28:31.0705 0x1288  HomeGroupProvider - ok
12:28:31.0708 0x1288  [ E325F85012E793CEE74B73C4F22AE311, B427ACF55E9FFCC6275B1EA2A6120E8D7B5B589CBBE0D114BB1376CB988B8FFC ] HPFXBULKLEDM    C:\Windows\system32\drivers\hppdbulkio.sys
12:28:31.0708 0x1288  HPFXBULKLEDM - ok
12:28:31.0711 0x1288  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
12:28:31.0712 0x1288  HpSAMD - ok
12:28:31.0726 0x1288  [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:28:31.0737 0x1288  HTTP - ok
12:28:31.0740 0x1288  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
12:28:31.0740 0x1288  hwpolicy - ok
12:28:31.0742 0x1288  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
12:28:31.0743 0x1288  hyperkbd - ok
12:28:31.0745 0x1288  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
12:28:31.0746 0x1288  HyperVideo - ok
12:28:31.0750 0x1288  [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
12:28:31.0751 0x1288  i8042prt - ok
12:28:31.0754 0x1288  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
12:28:31.0754 0x1288  iaLPSSi_GPIO - ok
12:28:31.0757 0x1288  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys
12:28:31.0759 0x1288  iaLPSSi_I2C - ok
12:28:31.0769 0x1288  [ FA4C48E36F0B24E7E33D3E7E1844B9C9, F61F448B8E305DEFDDA5D4A6FC4E57C798C11ED4DA0ACB885847DC8A9A7B4E98 ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
12:28:31.0776 0x1288  iaStorA - ok
12:28:31.0787 0x1288  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\Windows\system32\drivers\iaStorAV.sys
12:28:31.0794 0x1288  iaStorAV - ok
12:28:31.0799 0x1288  [ D5854F77CEEAFC5A8405F8ECCBEC09DF, 06D94EAF55787F807FB40E95011E90B0A719AC1A1529C2C110C1EABC5BE02C5B ] IAStorDataMgrSvc C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
12:28:31.0799 0x1288  IAStorDataMgrSvc - ok
12:28:31.0807 0x1288  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
12:28:31.0811 0x1288  iaStorV - ok
12:28:31.0813 0x1288  IEEtwCollectorService - ok
12:28:31.0865 0x1288  [ B12F7F8180BCD99B29AE2A6534857EA1, D095DF08A4F3510B96DE55A69ACCDEA0AACC7244447A858041D4C511835BA066 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
12:28:31.0905 0x1288  igfx - ok
12:28:31.0915 0x1288  [ 181722D8E78521191B9B83109AA011CA, 42255FD631D269283686DE964F512345C2C3A257E988A950A12EE9A7F815234E ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
12:28:31.0919 0x1288  igfxCUIService1.0.0.0 - ok
12:28:31.0934 0x1288  [ CFE7F0267B0C3077042FF291949B5546, 7B8C432632D0210119BFF57D4994F2B8F75307A9D6867353AF93BBA3F561595B ] IKEEXT          C:\Windows\System32\ikeext.dll
12:28:31.0947 0x1288  IKEEXT - ok
12:28:31.0952 0x1288  [ FC7C456AF9B9811499EDBD10616832EE, CA2D8B0E672D3AE449C2FF0B9E142D74E8C72FD877D11162A9F7CC51AF58220F ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
12:28:31.0953 0x1288  intaud_WaveExtensible - ok
12:28:32.0005 0x1288  [ 067D63BC5A114FF0C4EF3404F0134625, F6CE79F0015F19B1B346815F769758F5FF6DCA663626DCE352682D93763CFFC0 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:28:32.0047 0x1288  IntcAzAudAddService - ok
12:28:32.0058 0x1288  [ 890144FA6AB42F2B54EE633BF96A019A, 8741904C66170BA11C78D31681E3759537C0BF2338538678BC64234DB8FDE93F ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
12:28:32.0063 0x1288  IntcDAud - ok
12:28:32.0075 0x1288  [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
12:28:32.0083 0x1288  Intel® Capability Licensing Service Interface - ok
12:28:32.0096 0x1288  [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel® Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
12:28:32.0104 0x1288  Intel® Capability Licensing Service TCP IP Interface - ok
12:28:32.0110 0x1288  [ B45D80667300D34BF043B421D5D9CD8E, 7481B67DE98CC1B77DFE6B7BBC97B9206E60A60D28A45EC083B9A5D3824202F2 ] Intel® PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
12:28:32.0112 0x1288  Intel® PROSet Monitoring Service - ok
12:28:32.0114 0x1288  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\Windows\system32\drivers\intelide.sys
12:28:32.0114 0x1288  intelide - ok
12:28:32.0117 0x1288  [ 139CFCDCD36B1B1782FD8C0014AC9B0E, E0D7E0E9B46A8CECE138D689820023BFA650FB689E4FD62855BED37E04F2D9FF ] intelpep        C:\Windows\system32\drivers\intelpep.sys
12:28:32.0118 0x1288  intelpep - ok
12:28:32.0122 0x1288  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
12:28:32.0123 0x1288  intelppm - ok
12:28:32.0126 0x1288  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:28:32.0127 0x1288  IpFilterDriver - ok
12:28:32.0139 0x1288  [ DFC4050D58565ADBEE793A8D4AEBDAE6, 89B900408F030CD45753A11D6AE6CBAB87E8B0E3F8401402D2D8713C045BF488 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:28:32.0152 0x1288  iphlpsvc - ok
12:28:32.0156 0x1288  [ FD9C9E9E3F0ED51502C7E8C066BE26B9, 290E74380F1543DD22C9F3821513B3E2FB42E995724238D8779CBBCB4FC386C8 ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
12:28:32.0157 0x1288  IPMIDRV - ok
12:28:32.0160 0x1288  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
12:28:32.0162 0x1288  IPNAT - ok
12:28:32.0164 0x1288  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:28:32.0165 0x1288  IRENUM - ok
12:28:32.0167 0x1288  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:28:32.0168 0x1288  isapnp - ok
12:28:32.0175 0x1288  [ 034D4BD9DC67C64F3A4C8A049B5173BF, C68AF5A5AD4092AA1C871BD38473AEF84EC3ECF4D06FBEB5F6C09972EF1B8A81 ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
12:28:32.0178 0x1288  iScsiPrt - ok
12:28:32.0180 0x1288  [ A90C843F4FDD7A07129BA73C6BE13976, A76DEA9F09E3B2F18D3B646A0DD39E2773EC62E2F3C55421BA61C12190D78C1C ] iwdbus          C:\Windows\System32\drivers\iwdbus.sys
12:28:32.0180 0x1288  iwdbus - ok
12:28:32.0185 0x1288  [ 0B93A01F786F37A4B1EDE84E639FFF10, 8747109A2FA2B80C8C5F5B6D2372C1B0DA4F4BF9DC1D551195ADF0715C260223 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
12:28:32.0187 0x1288  jhi_service - ok
12:28:32.0190 0x1288  [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
12:28:32.0191 0x1288  kbdclass - ok
12:28:32.0194 0x1288  [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
12:28:32.0194 0x1288  kbdhid - ok
12:28:32.0196 0x1288  [ DB7A09BC90DF20F44F16F8B0F9ED3491, 2DF5E042284D61368A5801B2557351B2C4B1044AA6F966DF4DDCE7B453D1B9AE ] kbldfltr        C:\Windows\system32\drivers\kbldfltr.sys
12:28:32.0197 0x1288  kbldfltr - ok
12:28:32.0199 0x1288  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
12:28:32.0200 0x1288  kdnic - ok
12:28:32.0202 0x1288  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso          C:\Windows\system32\lsass.exe
12:28:32.0203 0x1288  KeyIso - ok
12:28:32.0206 0x1288  [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:28:32.0208 0x1288  KSecDD - ok
12:28:32.0212 0x1288  [ F88CC88F4A6D8476F1664E805CA18CC2, 2C61EE5EEA4FD45AA3FA927CC16E34EF90BD44324EAB14198AF65C3A27617991 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
12:28:32.0214 0x1288  KSecPkg - ok
12:28:32.0217 0x1288  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
12:28:32.0217 0x1288  ksthunk - ok
12:28:32.0223 0x1288  [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:28:32.0228 0x1288  KtmRm - ok
12:28:32.0235 0x1288  [ 27B58E16CF895AC1F1A97C04814C2239, D4336155331DDBF91952CDC6C446C68FF524F979099BA8D9B3A578758F97B2BE ] LanmanServer    C:\Windows\system32\srvsvc.dll
12:28:32.0240 0x1288  LanmanServer - ok
12:28:32.0245 0x1288  [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:28:32.0250 0x1288  LanmanWorkstation - ok
12:28:32.0260 0x1288  [ EE289BD147FDFF95EF1B9BD65D3B974A, EFD9D0F6C73E7D2D52DBE2E2A8D3009BFB6AB24776A100CA528A8365002C6105 ] lfsvc           C:\Windows\System32\GeofenceMonitorService.dll
12:28:32.0267 0x1288  lfsvc - ok
12:28:32.0270 0x1288  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:28:32.0271 0x1288  lltdio - ok
12:28:32.0277 0x1288  [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:28:32.0281 0x1288  lltdsvc - ok
12:28:32.0283 0x1288  [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:28:32.0284 0x1288  lmhosts - ok
12:28:32.0290 0x1288  [ C31139E0907170E2A3FA8D19DCC23D35, C504E93D2018E9E487A428483C646C67B4ECE122560CF0FA49A1626E1509EEAE ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
12:28:32.0294 0x1288  LMS - ok
12:28:32.0299 0x1288  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
12:28:32.0300 0x1288  LSI_SAS - ok
12:28:32.0303 0x1288  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
12:28:32.0305 0x1288  LSI_SAS2 - ok
12:28:32.0307 0x1288  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\Windows\system32\drivers\lsi_sas3.sys
12:28:32.0308 0x1288  LSI_SAS3 - ok
12:28:32.0311 0x1288  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
12:28:32.0312 0x1288  LSI_SSS - ok
12:28:32.0323 0x1288  [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM             C:\Windows\System32\lsm.dll
12:28:32.0333 0x1288  LSM - ok
12:28:32.0337 0x1288  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\Windows\system32\drivers\luafv.sys
12:28:32.0338 0x1288  luafv - ok
12:28:32.0340 0x1288  [ F92B0E478C0FAA6D6661E6E977247E60, 8B26B57C2C60C98CD6273ACA126B2CD0356ADB13A59FEC12882357A6B973123C ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
12:28:32.0340 0x1288  MBAMProtector - ok
12:28:32.0366 0x1288  [ D84AEA3F3329D622DFC1297DDDF6163B, 316FE56CC30ED1473A917253F46B79EAA12F4ABD5B4B1ADB03929DFEE940F577 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
12:28:32.0385 0x1288  MBAMScheduler - ok
12:28:32.0399 0x1288  [ 4F45ED469906494F9BF754E476390DBD, D8FF6AFD73D8C191F5732DF9737E6F83B2B52B06A3A6CD4CC6EAC9464CBB2772 ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
12:28:32.0408 0x1288  MBAMService - ok
12:28:32.0413 0x1288  [ 8A50D5304E6AE48664CF5838EC32F647, C76943FABEE1B5E1B641AA610668CCD4227E2C4B191DD30B79D3AB31A9E8B5BE ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
12:28:32.0415 0x1288  MBAMSwissArmy - ok
12:28:32.0417 0x1288  [ 0664F6335F108F38FE08C3CA747311EE, 04C5F31C57573DC4ABFC609D3F7C589835CE5C528AF5EE07FB25E35F72DF98A4 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
12:28:32.0418 0x1288  MBAMWebAccessControl - ok
12:28:32.0421 0x1288  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\Windows\system32\drivers\megasas.sys
12:28:32.0422 0x1288  megasas - ok
12:28:32.0431 0x1288  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\Windows\system32\drivers\megasr.sys
12:28:32.0437 0x1288  megasr - ok
12:28:32.0441 0x1288  [ 8751062F2F7EC78DE92D778A08099DDE, F10BE771FF9E02A51CF3A167BB967167DE4F66647D7F1508CB27D8FDD8623700 ] MEIx64          C:\Windows\system32\DRIVERS\TeeDriverx64.sys
12:28:32.0442 0x1288  MEIx64 - ok
12:28:32.0445 0x1288  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS           C:\Windows\system32\mmcss.dll
12:28:32.0447 0x1288  MMCSS - ok
12:28:32.0449 0x1288  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\Windows\system32\drivers\modem.sys
12:28:32.0450 0x1288  Modem - ok
12:28:32.0452 0x1288  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\Windows\System32\drivers\monitor.sys
12:28:32.0452 0x1288  monitor - ok
12:28:32.0455 0x1288  [ 12588483F1A69AB2970D36D96B07F71B, CDC044F2FDAD3B22B295528A117D93B7DF464DE63E421DAE9C19E7A1535E3743 ] motccgp         C:\Windows\System32\drivers\motccgp.sys
12:28:32.0455 0x1288  motccgp - ok
12:28:32.0458 0x1288  [ 7ED3A9C3763725BD700946971215EE77, 6150D52945E10B69CFA5E3E637DCEBA67158092C6350B4AFE456EA846CA90C18 ] Motorola Device Manager C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
12:28:32.0459 0x1288  Motorola Device Manager - ok
12:28:32.0462 0x1288  [ 19BC2161C3FCCED802F1BCD9B78C3466, 2EA39F23C49191A4651CD785A742554801A4AC59AACE1993B3A30EA137B4A321 ] MotoSwitchService C:\Windows\System32\drivers\motswch.sys
12:28:32.0462 0x1288  MotoSwitchService - ok
12:28:32.0464 0x1288  [ 6A3C0B01551B614B6C6BC9743DEF60D9, 9144C0149A764355045711B36C12F87B2F914B76809407F46FB7BA72F83DDB9D ] Motousbnet      C:\Windows\system32\DRIVERS\Motousbnet.sys
12:28:32.0465 0x1288  Motousbnet - ok
12:28:32.0467 0x1288  [ 1D19770F88FA22DACB7F488EA8F8EE6B, AD100C774058CF878B6006518F3DCDBDEE475F3C9808FC5D844947D9C305FAE5 ] motusbdevice    C:\Windows\System32\drivers\motusbdevice.sys
12:28:32.0467 0x1288  motusbdevice - ok
12:28:32.0470 0x1288  [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
12:28:32.0470 0x1288  mouclass - ok
12:28:32.0473 0x1288  [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid          C:\Windows\System32\drivers\mouhid.sys
12:28:32.0473 0x1288  mouhid - ok
12:28:32.0476 0x1288  [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
12:28:32.0477 0x1288  mountmgr - ok
12:28:32.0481 0x1288  [ 3B9398E0146855B1DC0E3D9769C80F01, DF69DB5CA30A5577648635C27DD468AF98515D07DF379B3FFDCC6B40744EDE66 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:28:32.0482 0x1288  MozillaMaintenance - ok
12:28:32.0485 0x1288  [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:28:32.0486 0x1288  mpsdrv - ok
12:28:32.0499 0x1288  [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:28:32.0511 0x1288  MpsSvc - ok
12:28:32.0516 0x1288  [ 1D55DADC22D21883A2F80297F5A5AE48, B79DF4AFC2A9CBC54E74233596544D6E41C8CAA0516BD57CA695D051EC780265 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:28:32.0518 0x1288  MRxDAV - ok
12:28:32.0524 0x1288  [ C997E6A37BA8915224B3FB5024A34F69, 43E1B83072DF9E878151D276DDB6EB7B3801D72494C43E9B9ABECA4B2DCFD606 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:28:32.0529 0x1288  mrxsmb - ok
12:28:32.0535 0x1288  [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:28:32.0538 0x1288  mrxsmb10 - ok
12:28:32.0543 0x1288  [ AAF56E4E84D35411B4E446C445732DFE, 7AC41CAA0842AE4DA4EEF976202C58D7923DAA367F0D7E800D432323D5E7DE1A ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:28:32.0545 0x1288  mrxsmb20 - ok
12:28:32.0548 0x1288  [ 4E888019078AC363076A5433E89AA4F8, 3DEBDA290230B3E83F956C902C960E39463B7EFE86439199521356762769FD91 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
12:28:32.0549 0x1288  MsBridge - ok
12:28:32.0553 0x1288  [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC           C:\Windows\System32\msdtc.exe
12:28:32.0556 0x1288  MSDTC - ok
12:28:32.0560 0x1288  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:28:32.0560 0x1288  Msfs - ok
12:28:32.0563 0x1288  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
12:28:32.0564 0x1288  msgpiowin32 - ok
12:28:32.0566 0x1288  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
12:28:32.0566 0x1288  mshidkmdf - ok
12:28:32.0568 0x1288  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
12:28:32.0568 0x1288  mshidumdf - ok
12:28:32.0570 0x1288  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:28:32.0571 0x1288  msisadrv - ok
12:28:32.0574 0x1288  [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:28:32.0577 0x1288  MSiSCSI - ok
12:28:32.0578 0x1288  msiserver - ok
12:28:32.0581 0x1288  [ D22AE5313F6B7EFDDD8C117B5501F4A3, 1937EEE33BF9C4485F172B10FB17AEF3F3B8978371307F49C3338D74D96A8389 ] MsKeyboardFilter C:\Windows\System32\KeyboardFilterSvc.dll
12:28:32.0583 0x1288  MsKeyboardFilter - ok
12:28:32.0585 0x1288  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:28:32.0585 0x1288  MSKSSRV - ok
12:28:32.0588 0x1288  [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
12:28:32.0589 0x1288  MsLldp - ok
12:28:32.0591 0x1288  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:28:32.0591 0x1288  MSPCLOCK - ok
12:28:32.0593 0x1288  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:28:32.0593 0x1288  MSPQM - ok
12:28:32.0600 0x1288  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:28:32.0604 0x1288  MsRPC - ok
12:28:32.0607 0x1288  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
12:28:32.0608 0x1288  mssmbios - ok
12:28:32.0610 0x1288  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:28:32.0610 0x1288  MSTEE - ok
12:28:32.0612 0x1288  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
12:28:32.0612 0x1288  MTConfig - ok
12:28:32.0615 0x1288  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\Windows\system32\Drivers\mup.sys
12:28:32.0616 0x1288  Mup - ok
12:28:32.0619 0x1288  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
12:28:32.0620 0x1288  mvumis - ok
12:28:32.0628 0x1288  [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent        C:\Windows\system32\qagentRT.dll
12:28:32.0634 0x1288  napagent - ok
12:28:32.0642 0x1288  [ 647C7652FA19F98CADF2BFDA2164BFEC, 711A4A06309393922A70D7FBE5684938CD634F5DED158D847BFADDD5ACF9E44C ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:28:32.0647 0x1288  NativeWifiP - ok
12:28:32.0651 0x1288  [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc          C:\Windows\System32\ncasvc.dll
12:28:32.0654 0x1288  NcaSvc - ok
12:28:32.0658 0x1288  [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService      C:\Windows\System32\ncbservice.dll
12:28:32.0661 0x1288  NcbService - ok
12:28:32.0663 0x1288  [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
12:28:32.0665 0x1288  NcdAutoSetup - ok
12:28:32.0681 0x1288  [ F21B77B4D74092A543807D3CEB711A88, 5C3C17A10E990070FAB317C0C5333DE768E408CAF43EC4FA9D18116C6EE3B3DC ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:28:32.0693 0x1288  NDIS - ok
12:28:32.0696 0x1288  [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
12:28:32.0697 0x1288  NdisCap - ok
12:28:32.0701 0x1288  [ 9F1DA20E943BE7AA4ED5F3E1EBA78B37, CCD99962917BBE256F64AE14CCC9FD12433C72B5DB98E0E57CA8F212A11B3C8F ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
12:28:32.0702 0x1288  NdisImPlatform - ok
12:28:32.0704 0x1288  [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:28:32.0704 0x1288  NdisTapi - ok
12:28:32.0707 0x1288  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:28:32.0708 0x1288  Ndisuio - ok
12:28:32.0710 0x1288  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
12:28:32.0710 0x1288  NdisVirtualBus - ok
12:28:32.0715 0x1288  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:28:32.0717 0x1288  NdisWan - ok
12:28:32.0722 0x1288  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\Windows\system32\DRIVERS\ndiswan.sys
12:28:32.0724 0x1288  NdisWanLegacy - ok
12:28:32.0727 0x1288  [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:28:32.0728 0x1288  NDProxy - ok
12:28:32.0731 0x1288  [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
12:28:32.0732 0x1288  Ndu - ok
12:28:32.0735 0x1288  [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:28:32.0736 0x1288  NetBIOS - ok
12:28:32.0741 0x1288  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
12:28:32.0744 0x1288  NetBT - ok
12:28:32.0747 0x1288  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon        C:\Windows\system32\lsass.exe
12:28:32.0748 0x1288  Netlogon - ok
12:28:32.0753 0x1288  [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman          C:\Windows\System32\netman.dll
12:28:32.0757 0x1288  Netman - ok
12:28:32.0767 0x1288  [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm        C:\Windows\System32\netprofmsvc.dll
12:28:32.0774 0x1288  netprofm - ok
12:28:32.0780 0x1288  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:28:32.0783 0x1288  NetTcpPortSharing - ok
12:28:32.0786 0x1288  [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc          C:\Windows\system32\DRIVERS\netvsc63.sys
12:28:32.0787 0x1288  netvsc - ok
12:28:32.0793 0x1288  [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:28:32.0800 0x1288  NlaSvc - ok
12:28:32.0801 0x1288  NMSAccess - ok
12:28:32.0803 0x1288  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:28:32.0804 0x1288  Npfs - ok
12:28:32.0807 0x1288  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
12:28:32.0807 0x1288  npsvctrig - ok
12:28:32.0810 0x1288  [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi             C:\Windows\system32\nsisvc.dll
12:28:32.0811 0x1288  nsi - ok
12:28:32.0814 0x1288  [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:28:32.0814 0x1288  nsiproxy - ok
12:28:32.0843 0x1288  [ 1C80517BE6836A812F6A9B99B8321351, 7DBED4633820E201C9C242D961EF6F25BA2B1D5593BA60F707CC71A4014C2D4B ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:28:32.0864 0x1288  Ntfs - ok
12:28:32.0867 0x1288  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\Windows\system32\drivers\Null.sys
12:28:32.0868 0x1288  Null - ok
12:28:32.0872 0x1288  [ E366A5681C50785D4ED04FCFD65C3415, 7FF7B4B8F09E773401AE879897E60BF494B57B9ACEE990204A4C98A3FB183A33 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
12:28:32.0875 0x1288  NVHDA - ok
12:28:33.0060 0x1288  [ 0AC797F70F2F3E5B69A34FF2F63496F3, 80A811F8234BA00779BA76AAF41E830FB6CED03667E6E8F430C14DEBF2E45DD9 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:28:33.0190 0x1288  nvlddmkm - ok
12:28:33.0222 0x1288  [ C22ADABFABBC2B7AC189C87D87B1ABD6, 20886F806C1C02FA8BAA8B76AFCC32C40FA51921ED8D97F592DF9F92BFA933EE ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
12:28:33.0239 0x1288  NvNetworkService - ok
12:28:33.0244 0x1288  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:28:33.0246 0x1288  nvraid - ok
12:28:33.0250 0x1288  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:28:33.0252 0x1288  nvstor - ok
12:28:33.0255 0x1288  [ A88135181D776F8C18550A589A9CAF2D, 47CA5246A55198BA5DEDD34C93A3C5E2DF0EED29ADA3F27AB963857116B6048E ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
12:28:33.0255 0x1288  NvStreamKms - ok
12:28:33.0256 0x1288  NvStreamSvc - ok
12:28:33.0270 0x1288  [ C135A25E8CF21EB631AB041ABB1F73EA, D0A3DC0411E888D0934B7579EEB980FA7824E3F22F70819A33411D8B8BC9EE42 ] nvsvc           C:\Windows\system32\nvvsvc.exe
12:28:33.0281 0x1288  nvsvc - ok
12:28:33.0284 0x1288  [ 75034A4D7C02327D150B617571D4196A, 8E7DAFEC4307E883D52BD0B5F0732E26E019C953770B52ACBBAD3074A66393CB ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
12:28:33.0285 0x1288  nvvad_WaveExtensible - ok
12:28:33.0289 0x1288  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:28:33.0290 0x1288  nv_agp - ok
12:28:33.0299 0x1288  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
12:28:33.0304 0x1288  p2pimsvc - ok
12:28:33.0312 0x1288  [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc          C:\Windows\system32\p2psvc.dll
12:28:33.0318 0x1288  p2psvc - ok
12:28:33.0323 0x1288  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\Windows\System32\drivers\parport.sys
12:28:33.0324 0x1288  Parport - ok
12:28:33.0326 0x1288  [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:28:33.0328 0x1288  partmgr - ok
12:28:33.0335 0x1288  [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:28:33.0342 0x1288  PcaSvc - ok
12:28:33.0349 0x1288  [ 275AFE3FA35E8D78BE97695DF49817C6, 447CEBB16285AE073B4251D2DA71399306EF2DCB7F56286ABE2F0BD6C83EB489 ] pci             C:\Windows\system32\drivers\pci.sys
12:28:33.0352 0x1288  pci - ok
12:28:33.0355 0x1288  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\Windows\system32\drivers\pciide.sys
12:28:33.0355 0x1288  pciide - ok
12:28:33.0359 0x1288  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
12:28:33.0360 0x1288  pcmcia - ok
12:28:33.0362 0x1288  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\Windows\system32\drivers\pcw.sys
12:28:33.0363 0x1288  pcw - ok
12:28:33.0366 0x1288  [ B9D968D8E2B0F9C6301CEB39CFC9B9E4, 83F32831B0727F18B56DC3CAF37E45A3523D2BBCD54D1421F0DE5A0179D8A404 ] pdc             C:\Windows\system32\drivers\pdc.sys
12:28:33.0367 0x1288  pdc - ok
12:28:33.0378 0x1288  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:28:33.0385 0x1288  PEAUTH - ok
12:28:33.0416 0x1288  [ 084DE525DFE82AE7453DD527390FA110, 8216AE63AE740D97204CDED6543B66FC1FB55DB86D42FBA0EC629361C40F9EC0 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
12:28:33.0443 0x1288  PeerDistSvc - ok
12:28:33.0462 0x1288  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\Windows\SysWow64\perfhost.exe
12:28:33.0463 0x1288  PerfHost - ok
12:28:33.0488 0x1288  [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla             C:\Windows\system32\pla.dll
12:28:33.0528 0x1288  pla - ok
12:28:33.0534 0x1288  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:28:33.0537 0x1288  PlugPlay - ok
12:28:33.0541 0x1288  [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
12:28:33.0542 0x1288  PNRPAutoReg - ok
12:28:33.0550 0x1288  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
12:28:33.0555 0x1288  PNRPsvc - ok
12:28:33.0562 0x1288  [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:28:33.0568 0x1288  PolicyAgent - ok
12:28:33.0572 0x1288  [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power           C:\Windows\system32\umpo.dll
12:28:33.0574 0x1288  Power - ok
12:28:33.0615 0x1288  [ B7DB57A000D46D4DE75BC0C563E58072, 8183EB09DC4D44DFF027CA0AAA8C09921A14F088C1BC427B6ACA42340AAF69E6 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
12:28:33.0650 0x1288  PrintNotify - ok
12:28:33.0656 0x1288  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\Windows\System32\drivers\processr.sys
12:28:33.0658 0x1288  Processor - ok
12:28:33.0662 0x1288  [ B2A890D96C05E33FDD2BF3F3D4D0DF92, 3A29E17424429A5654D906E420D938148F09F57457356EFA72DA003B73F2D81E ] ProfSvc         C:\Windows\system32\profsvc.dll
12:28:33.0666 0x1288  ProfSvc - ok
12:28:33.0670 0x1288  [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
12:28:33.0671 0x1288  Psched - ok
12:28:33.0673 0x1288  [ EA735BF6DF13A857A83C99BF27A422AD, 026A57155FB9E01CFAFD8613980CDF0F3D744ABBBC66EFDC6C20B89980FB45CF ] PST Service     C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
12:28:33.0674 0x1288  PST Service - ok
12:28:33.0680 0x1288  [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE           C:\Windows\system32\qwave.dll
12:28:33.0686 0x1288  QWAVE - ok
12:28:33.0688 0x1288  [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:28:33.0689 0x1288  QWAVEdrv - ok
12:28:33.0691 0x1288  [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:28:33.0691 0x1288  RasAcd - ok
12:28:33.0694 0x1288  [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto         C:\Windows\System32\rasauto.dll
12:28:33.0696 0x1288  RasAuto - ok
12:28:33.0706 0x1288  [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan          C:\Windows\System32\rasmans.dll
12:28:33.0713 0x1288  RasMan - ok
12:28:33.0716 0x1288  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:28:33.0717 0x1288  RasPppoe - ok
12:28:33.0725 0x1288  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:28:33.0729 0x1288  rdbss - ok
12:28:33.0732 0x1288  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
12:28:33.0733 0x1288  rdpbus - ok
12:28:33.0737 0x1288  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
12:28:33.0739 0x1288  RDPDR - ok
12:28:33.0743 0x1288  [ 858776908AF838E3790F3261B799CDA6, 5BE4658540382D1B2F46E503CE175D74E3870FE492B8B8F37C3CFB34FF8E2DA8 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:28:33.0743 0x1288  RdpVideoMiniport - ok
12:28:33.0748 0x1288  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
12:28:33.0751 0x1288  rdyboost - ok
12:28:33.0765 0x1288  [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS            C:\Windows\system32\drivers\ReFS.sys
12:28:33.0774 0x1288  ReFS - ok
12:28:33.0781 0x1288  [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:28:33.0784 0x1288  RemoteAccess - ok
12:28:33.0788 0x1288  [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:28:33.0792 0x1288  RemoteRegistry - ok
12:28:33.0795 0x1288  [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
12:28:33.0796 0x1288  RpcEptMapper - ok
12:28:33.0798 0x1288  [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator      C:\Windows\system32\locator.exe
12:28:33.0799 0x1288  RpcLocator - ok
12:28:33.0811 0x1288  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs           C:\Windows\system32\rpcss.dll
12:28:33.0819 0x1288  RpcSs - ok
12:28:33.0823 0x1288  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:28:33.0824 0x1288  rspndr - ok
12:28:33.0826 0x1288  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
12:28:33.0826 0x1288  s3cap - ok
12:28:33.0828 0x1288  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs           C:\Windows\system32\lsass.exe
12:28:33.0830 0x1288  SamSs - ok
12:28:33.0834 0x1288  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:28:33.0835 0x1288  sbp2port - ok
12:28:33.0839 0x1288  [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:28:33.0843 0x1288  SCardSvr - ok
12:28:33.0846 0x1288  [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
12:28:33.0849 0x1288  ScDeviceEnum - ok
12:28:33.0851 0x1288  [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
12:28:33.0852 0x1288  scfilter - ok
12:28:33.0870 0x1288  [ A95838FFFAEAA7500263D491575F7E0C, FEB79ECAE6D9AB0C29D9AFE12F60502A8357B3A382C0FACF4C6DA4852B6ECFA4 ] Schedule        C:\Windows\system32\schedsvc.dll
12:28:33.0887 0x1288  Schedule - ok
12:28:33.0891 0x1288  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:28:33.0893 0x1288  SCPolicySvc - ok
12:28:33.0899 0x1288  [ FDEC5799BA499D18AFA3A540538866E7, 551EE0945FE4EC213FFF623E524500B57531EFEA2D76FA7ED1D2D605E7E2168F ] sdbus           C:\Windows\System32\drivers\sdbus.sys
12:28:33.0902 0x1288  sdbus - ok
12:28:33.0988 0x1288  [ 98EF79CC2B07398AC525F9EA1AE0366F, D0D5D69696ED339F363024AF3271867F4C55572C67FD0F2AA27D24B37982E39A ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
12:28:34.0030 0x1288  SDScannerService - ok
12:28:34.0038 0x1288  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
12:28:34.0039 0x1288  sdstor - ok
12:28:34.0054 0x1288  [ 14BF6B3AB327D519ED007CDDC56F6900, 4E5DC4AF45347C885E0E87F205EE1F95BB4713A0B581CD7317FBEEE2A9628982 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
12:28:34.0064 0x1288  SDUpdateService - ok
12:28:34.0069 0x1288  [ 820EBE67AB99F033FDE25B2692157991, A9E86FE6EFD3CFD4EA1A26121C706335A6791CC6F81EE98AE2BE7EA566ECFEBB ] SDWSCService    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
12:28:34.0071 0x1288  SDWSCService - ok
12:28:34.0074 0x1288  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:28:34.0074 0x1288  secdrv - ok
12:28:34.0077 0x1288  [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon        C:\Windows\system32\seclogon.dll
12:28:34.0078 0x1288  seclogon - ok
12:28:34.0081 0x1288  [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS            C:\Windows\System32\sens.dll
12:28:34.0082 0x1288  SENS - ok
12:28:34.0088 0x1288  [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
12:28:34.0092 0x1288  SensrSvc - ok
12:28:34.0094 0x1288  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
12:28:34.0095 0x1288  SerCx - ok
12:28:34.0099 0x1288  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
12:28:34.0100 0x1288  SerCx2 - ok
12:28:34.0103 0x1288  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\Windows\System32\drivers\serenum.sys
12:28:34.0103 0x1288  Serenum - ok
12:28:34.0107 0x1288  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\Windows\System32\drivers\serial.sys
12:28:34.0108 0x1288  Serial - ok
12:28:34.0110 0x1288  [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse        C:\Windows\System32\drivers\sermouse.sys
12:28:34.0111 0x1288  sermouse - ok
12:28:34.0119 0x1288  [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv      C:\Windows\system32\sessenv.dll
12:28:34.0124 0x1288  SessionEnv - ok
12:28:34.0126 0x1288  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
12:28:34.0126 0x1288  sfloppy - ok
12:28:34.0135 0x1288  [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:28:34.0141 0x1288  SharedAccess - ok
12:28:34.0152 0x1288  [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:28:34.0160 0x1288  ShellHWDetection - ok
12:28:34.0163 0x1288  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
12:28:34.0163 0x1288  SiSRaid2 - ok
12:28:34.0166 0x1288  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
12:28:34.0167 0x1288  SiSRaid4 - ok
12:28:34.0172 0x1288  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
12:28:34.0173 0x1288  SkypeUpdate - ok
12:28:34.0176 0x1288  [ B6EBAD9D72DA681E1976AD51DE1B73F5, 59C9E2EB3340D9A28B9EB06379975B79D62F8239C1F0B24B3BF2D3756C58A512 ] SmbDrvI         C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
12:28:34.0176 0x1288  SmbDrvI - ok
12:28:34.0179 0x1288  [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost         C:\Windows\System32\smphost.dll
12:28:34.0180 0x1288  smphost - ok
12:28:34.0184 0x1288  [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:28:34.0185 0x1288  SNMPTRAP - ok
12:28:34.0193 0x1288  [ 87765EF43C33BE342F4ACB0E3FBF89A6, 3C1DDED7F96F796702F1BC73D5CEE5251DD16011AA349FE4EE1D9C002E0171C6 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
12:28:34.0198 0x1288  spaceport - ok
12:28:34.0201 0x1288  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
12:28:34.0202 0x1288  SpbCx - ok
12:28:34.0214 0x1288  [ FE0CB40F36D3FCDD3A1B312EF72C38D5, 42EA50869752164764DFE8CE7E1C247BE8342A0C15F39158DC808E8A692C460F ] Spooler         C:\Windows\System32\spoolsv.exe
12:28:34.0225 0x1288  Spooler - ok
12:28:34.0311 0x1288  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\Windows\system32\sppsvc.exe
12:28:34.0378 0x1288  sppsvc - ok
12:28:34.0391 0x1288  [ 2B78788A1485F9B99A578A299DF42C02, A87183A9B13585C9E850437A45237105D39D7F3212ADB079D6AB430B67A59643 ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:28:34.0396 0x1288  srv - ok
12:28:34.0407 0x1288  [ E62EAEF0BAC9DD61BF22D4A7F2F18571, 910D85FDDBAF0E003A0CA0C23D27615F1B7D6145FB9E3A1661E93498196B303A ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:28:34.0414 0x1288  srv2 - ok
12:28:34.0420 0x1288  [ 466BDC0006103F2547D308DD3CD64398, 334E0729B369C7F7CBB9878F423B53E05476D1288A8ECEB18240318ABF2370C1 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:28:34.0424 0x1288  srvnet - ok
12:28:34.0429 0x1288  [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:28:34.0433 0x1288  SSDPSRV - ok
12:28:34.0437 0x1288  [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:28:34.0440 0x1288  SstpSvc - ok
12:28:34.0448 0x1288  [ 718D79F2E7EC3AFFD3661DA81F93BBEA, BA2A4E58E5EE06392EE6F4C2E738DC807EC5A8B9F6DD4B7935FE27CBC648E390 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
12:28:34.0452 0x1288  Stereo Service - ok
12:28:34.0455 0x1288  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
12:28:34.0455 0x1288  stexstor - ok
12:28:34.0466 0x1288  [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc          C:\Windows\System32\wiaservc.dll
12:28:34.0475 0x1288  stisvc - ok
12:28:34.0478 0x1288  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\Windows\system32\drivers\storahci.sys
12:28:34.0480 0x1288  storahci - ok
12:28:34.0482 0x1288  [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
12:28:34.0483 0x1288  storflt - ok
12:28:34.0485 0x1288  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\Windows\system32\drivers\stornvme.sys
12:28:34.0486 0x1288  stornvme - ok
12:28:34.0489 0x1288  [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc         C:\Windows\system32\storsvc.dll
12:28:34.0490 0x1288  StorSvc - ok
12:28:34.0493 0x1288  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\Windows\system32\drivers\storvsc.sys
12:28:34.0493 0x1288  storvsc - ok
12:28:34.0495 0x1288  [ 03618F935379614837F915D04C45FC0E, 9CC0CBA7AFC58E7F921C13FA3F5269714F1F827535A311E11EA48689C4D539DE ] storvsp         C:\Windows\System32\drivers\storvsp.sys
12:28:34.0496 0x1288  storvsp - ok
12:28:34.0498 0x1288  [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc           C:\Windows\system32\svsvc.dll
12:28:34.0500 0x1288  svsvc - ok
12:28:34.0502 0x1288  [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum          C:\Windows\System32\drivers\swenum.sys
12:28:34.0502 0x1288  swenum - ok
12:28:34.0514 0x1288  [ E3C92D60F6AD7763961D1E7628002844, A33EED7CB3EE0EF4890AAD095F989FCA7F44CA1055E03D3892AB543DEE74C9B6 ] swprv           C:\Windows\System32\swprv.dll
12:28:34.0522 0x1288  swprv - ok
12:28:34.0525 0x1288  [ 25F0DA8E7F26416FDB5D77592B5C1A8B, 99E7ACA2FA0E3D98BA30947F7E7A59662D36048D9EB83E5BA04D643033B84DB5 ] Synth3dVsc      C:\Windows\System32\drivers\Synth3dVsc.sys
12:28:34.0526 0x1288  Synth3dVsc - ok
12:28:34.0543 0x1288  [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain         C:\Windows\system32\sysmain.dll
12:28:34.0559 0x1288  SysMain - ok
12:28:34.0565 0x1288  [ D65B1C952AEB864C2BAC7A770B17ECCE, 3EFAAFFF73390D9CB660E0F42B305512396CF66ED06E4A20ED67E8722FB4355B ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
12:28:34.0570 0x1288  SystemEventsBroker - ok
12:28:34.0574 0x1288  [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\Windows\System32\TabSvc.dll
12:28:34.0577 0x1288  TabletInputService - ok
12:28:34.0579 0x1288  [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
12:28:34.0580 0x1288  tap0901 - ok
12:28:34.0586 0x1288  [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:28:34.0591 0x1288  TapiSrv - ok
12:28:34.0626 0x1288  [ FEEFE783D87C9063CDAC6DBDCF95F533, EBD00EEE90AC657823A88190BBBED6DA47AF597510C201F3392F4325069D2669 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:28:34.0652 0x1288  Tcpip - ok
12:28:34.0689 0x1288  [ FEEFE783D87C9063CDAC6DBDCF95F533, EBD00EEE90AC657823A88190BBBED6DA47AF597510C201F3392F4325069D2669 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
12:28:34.0715 0x1288  TCPIP6 - ok
12:28:34.0720 0x1288  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:28:34.0721 0x1288  tcpipreg - ok
12:28:34.0726 0x1288  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:28:34.0727 0x1288  tdx - ok
12:28:34.0729 0x1288  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
12:28:34.0730 0x1288  terminpt - ok
12:28:34.0745 0x1288  [ 2C77831737491F4D684D315B95C62883, 90A2574A281F19646CFCDA5FDF40063220058290D2D5523AD91B7E709EC36D3D ] TermService     C:\Windows\System32\termsrv.dll
12:28:34.0758 0x1288  TermService - ok
12:28:34.0762 0x1288  [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes          C:\Windows\system32\themeservice.dll
12:28:34.0765 0x1288  Themes - ok
12:28:34.0768 0x1288  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER     C:\Windows\system32\mmcss.dll
12:28:34.0770 0x1288  THREADORDER - ok
12:28:34.0774 0x1288  [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
12:28:34.0778 0x1288  TimeBroker - ok
12:28:34.0783 0x1288  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\Windows\system32\drivers\tpm.sys
12:28:34.0785 0x1288  TPM - ok
12:28:34.0789 0x1288  [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks          C:\Windows\System32\trkwks.dll
12:28:34.0791 0x1288  TrkWks - ok
12:28:34.0794 0x1288  [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:28:34.0796 0x1288  TrustedInstaller - ok
12:28:34.0799 0x1288  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
12:28:34.0800 0x1288  TsUsbFlt - ok
12:28:34.0802 0x1288  [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
12:28:34.0802 0x1288  TsUsbGD - ok
12:28:34.0806 0x1288  [ 4A445D5E44CD996D18E128EF321D54B2, 7B5F504F34B0CBBD1D4B0F3634F707F4876D6B14B41EEEB09AEAA4BDDC75FDDD ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
12:28:34.0808 0x1288  tsusbhub - ok
12:28:34.0811 0x1288  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:28:34.0813 0x1288  tunnel - ok
12:28:34.0815 0x1288  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
12:28:34.0816 0x1288  uagp35 - ok
12:28:34.0819 0x1288  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
12:28:34.0820 0x1288  UASPStor - ok
12:28:34.0825 0x1288  [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
12:28:34.0827 0x1288  UCX01000 - ok
12:28:34.0834 0x1288  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:28:34.0837 0x1288  udfs - ok
12:28:34.0840 0x1288  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\Windows\System32\drivers\UEFI.sys
12:28:34.0840 0x1288  UEFI - ok
12:28:34.0844 0x1288  [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:28:34.0845 0x1288  UI0Detect - ok
12:28:34.0848 0x1288  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:28:34.0849 0x1288  uliagpkx - ok
12:28:34.0851 0x1288  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\Windows\System32\drivers\umbus.sys
12:28:34.0852 0x1288  umbus - ok
12:28:34.0855 0x1288  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\Windows\System32\drivers\umpass.sys
12:28:34.0855 0x1288  UmPass - ok
12:28:34.0860 0x1288  [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService    C:\Windows\System32\umrdp.dll
12:28:34.0865 0x1288  UmRdpService - ok
12:28:34.0873 0x1288  [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost        C:\Windows\System32\upnphost.dll
12:28:34.0880 0x1288  upnphost - ok
12:28:34.0885 0x1288  [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
12:28:34.0886 0x1288  usbaudio - ok
12:28:34.0891 0x1288  [ 433ECDE01A52691FA7ACA51C10C09B70, B896296A3F8EF2AF3AC5F0091B9848156608586F1E10A95D70700BAB51E8062A ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
12:28:34.0893 0x1288  usbccgp - ok
12:28:34.0896 0x1288  [ C02500A0EE2A47804077060DEEA26F92, 516187FE7060E8DA4DE4EB031649FAF47B155F6A00AB424DA663B4F0FEC266F3 ] UsbCharger      C:\Windows\system32\DRIVERS\UsbCharger.sys
12:28:34.0896 0x1288  UsbCharger - ok
12:28:34.0900 0x1288  [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
12:28:34.0901 0x1288  usbcir - ok
12:28:34.0905 0x1288  [ 5477D6E27C7D266EF8C152B9A25ADE5E, FEE81677D284A78A0C0FB60F887A952CFC759AE78B01206D73F59FE33612C519 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
12:28:34.0906 0x1288  usbehci - ok
12:28:34.0915 0x1288  [ DF56C2C04EFA328D7A66B69007130266, 719316EB25A8C7B82C7941D1C5B964CC4EDA4A997732F481526DE7356F6FC0D8 ] usbhub          C:\Windows\System32\drivers\usbhub.sys
12:28:34.0919 0x1288  usbhub - ok
12:28:34.0929 0x1288  [ CFC52C49BEFE4D70D87FFA900EAB9777, 09A2F5D8AB07C3AE3F2B092F4DD7AE5838736CDC263016F188B442B32EC928F8 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
12:28:34.0934 0x1288  USBHUB3 - ok
12:28:34.0937 0x1288  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\Windows\System32\drivers\usbohci.sys
12:28:34.0938 0x1288  usbohci - ok
12:28:34.0940 0x1288  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
12:28:34.0941 0x1288  usbprint - ok
12:28:34.0945 0x1288  [ EA23453240137F6773174E0D93F61A69, 579AD09FB428C2BB8B4055128620A7AADD1B606C1EA44B87A01D69A84232A5D9 ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
12:28:34.0947 0x1288  USBSTOR - ok
12:28:34.0949 0x1288  [ BA4FA655E0FC577DB7436FC963932CE4, 3336FDECD4AEC6B316D4C0803E22A12719EBEDD1A9427C0DF5D3B263BE600EE6 ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
12:28:34.0950 0x1288  usbuhci - ok
12:28:34.0955 0x1288  [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
12:28:34.0958 0x1288  usbvideo - ok
12:28:34.0965 0x1288  [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
12:28:34.0969 0x1288  USBXHCI - ok
12:28:34.0971 0x1288  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc        C:\Windows\system32\lsass.exe
12:28:34.0973 0x1288  VaultSvc - ok
12:28:34.0975 0x1288  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
12:28:34.0976 0x1288  vdrvroot - ok
12:28:34.0995 0x1288  [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds             C:\Windows\System32\vds.exe
12:28:35.0009 0x1288  vds - ok
12:28:35.0014 0x1288  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
12:28:35.0016 0x1288  VerifierExt - ok
12:28:35.0028 0x1288  [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
12:28:35.0034 0x1288  vhdmp - ok
12:28:35.0036 0x1288  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\Windows\system32\drivers\viaide.sys
12:28:35.0037 0x1288  viaide - ok
12:28:35.0042 0x1288  [ 3CE922E34DB12D9F3C0EA856BC09687C, E50A1885FBC775E49614989ECFEA4ACBBDDA16AF459CC5361EED9E23CC7CD42C ] Vid             C:\Windows\System32\drivers\Vid.sys
12:28:35.0044 0x1288  Vid - ok
12:28:35.0047 0x1288  [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus           C:\Windows\system32\drivers\vmbus.sys
12:28:35.0049 0x1288  vmbus - ok
12:28:35.0051 0x1288  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
12:28:35.0051 0x1288  VMBusHID - ok
12:28:35.0055 0x1288  [ 68F8C26DEA2D42E8DEC0778943433C80, 81E8F9D62815F94952CEEABD0689473CC330F7890F66872DCD35A43C06ED33CD ] vmbusr          C:\Windows\System32\drivers\vmbusr.sys
12:28:35.0056 0x1288  vmbusr - ok
12:28:35.0065 0x1288  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
12:28:35.0072 0x1288  vmicguestinterface - ok
12:28:35.0080 0x1288  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
12:28:35.0085 0x1288  vmicheartbeat - ok
12:28:35.0094 0x1288  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
12:28:35.0099 0x1288  vmickvpexchange - ok
12:28:35.0107 0x1288  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv         C:\Windows\System32\ICSvc.dll
12:28:35.0113 0x1288  vmicrdv - ok
12:28:35.0122 0x1288  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
12:28:35.0127 0x1288  vmicshutdown - ok
12:28:35.0135 0x1288  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync    C:\Windows\System32\ICSvc.dll
12:28:35.0141 0x1288  vmictimesync - ok
12:28:35.0149 0x1288  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss         C:\Windows\System32\ICSvc.dll
12:28:35.0155 0x1288  vmicvss - ok
12:28:35.0159 0x1288  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:28:35.0160 0x1288  volmgr - ok
12:28:35.0167 0x1288  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:28:35.0171 0x1288  volmgrx - ok
12:28:35.0179 0x1288  [ 3595FBDF25F8BA6256072D103937D7D6, 547AA103804790E31F6E5658923627945948B48F36354EEA2FC0FE09098F9FD5 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:28:35.0182 0x1288  volsnap - ok
12:28:35.0185 0x1288  [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci            C:\Windows\System32\drivers\vpci.sys
12:28:35.0186 0x1288  vpci - ok
12:28:35.0189 0x1288  [ ADBE96C33D1A5BB1BBAF90B4BC84F523, 6E9C9ED3D51E4B6E494D42ECA6F824AD86D676C12C39BBE6B8BD96366BCB02DA ] vpcivsp         C:\Windows\System32\drivers\vpcivsp.sys
12:28:35.0190 0x1288  vpcivsp - ok
12:28:35.0194 0x1288  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
12:28:35.0196 0x1288  vsmraid - ok
12:28:35.0217 0x1288  [ 4957B27219515B93A508B91068B87BF5, 5B6B37A57FC8F4FC8B119C013338292550C63AB5295A596D382D8DCF26D751A2 ] VSS             C:\Windows\system32\vssvc.exe
12:28:35.0233 0x1288  VSS - ok
12:28:35.0240 0x1288  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
12:28:35.0244 0x1288  VSTXRAID - ok
12:28:35.0246 0x1288  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
12:28:35.0247 0x1288  vwifibus - ok
12:28:35.0255 0x1288  [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time         C:\Windows\system32\w32time.dll
12:28:35.0261 0x1288  W32Time - ok
12:28:35.0263 0x1288  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
12:28:35.0264 0x1288  WacomPen - ok
12:28:35.0286 0x1288  [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine        C:\Windows\system32\wbengine.exe
12:28:35.0305 0x1288  wbengine - ok
12:28:35.0315 0x1288  [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
12:28:35.0322 0x1288  WbioSrvc - ok
12:28:35.0329 0x1288  [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
12:28:35.0335 0x1288  Wcmsvc - ok
12:28:35.0344 0x1288  [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:28:35.0351 0x1288  wcncsvc - ok
12:28:35.0353 0x1288  [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:28:35.0355 0x1288  WcsPlugInService - ok
12:28:35.0358 0x1288  [ F5D4FA3E1F4879C361FFF3855259D2C2, 48C60FE4AAB011E2250157506FF0624031BFA346F8F2F8C6DFDF6F3CAA4F3F42 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
12:28:35.0359 0x1288  WdBoot - ok
12:28:35.0372 0x1288  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:28:35.0382 0x1288  Wdf01000 - ok
12:28:35.0388 0x1288  [ 019CC610AD95FF47EAD7C08B7A683B96, BB9D42F8ED90ECA2E7B8C906E06A1EA859FAD9BD1B3492BB1E28C0D00004812A ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
12:28:35.0391 0x1288  WdFilter - ok
12:28:35.0393 0x1288  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:28:35.0396 0x1288  WdiServiceHost - ok
12:28:35.0398 0x1288  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:28:35.0400 0x1288  WdiSystemHost - ok
12:28:35.0404 0x1288  [ 6CC1BB8F6851A262E2E824F0E92D5EEF, 45A88A984179BBA38C1F4434C4D6C2823C1FE6AFBE8CB0F656DAE0092D1D5611 ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
12:28:35.0405 0x1288  WdNisDrv - ok
12:28:35.0407 0x1288  WdNisSvc - ok
12:28:35.0412 0x1288  [ 6588A957873326361AB1CAC4E76F8394, BE17880CEDCAE5ED3B983443E3777842646A3E48B661422A717656E11F6DBA94 ] WebClient       C:\Windows\System32\webclnt.dll
12:28:35.0416 0x1288  WebClient - ok
12:28:35.0422 0x1288  [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:28:35.0425 0x1288  Wecsvc - ok
12:28:35.0428 0x1288  [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
12:28:35.0429 0x1288  WEPHOSTSVC - ok
12:28:35.0432 0x1288  [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:28:35.0434 0x1288  wercplsupport - ok
12:28:35.0438 0x1288  [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:28:35.0440 0x1288  WerSvc - ok
12:28:35.0443 0x1288  [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
12:28:35.0444 0x1288  WFPLWFS - ok
12:28:35.0448 0x1288  [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc          C:\Windows\System32\wiarpc.dll
12:28:35.0450 0x1288  WiaRpc - ok
12:28:35.0452 0x1288  [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
12:28:35.0452 0x1288  WIMMount - ok
12:28:35.0454 0x1288  WinDefend - ok
12:28:35.0468 0x1288  [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
12:28:35.0477 0x1288  WinHttpAutoProxySvc - ok
12:28:35.0486 0x1288  [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:28:35.0488 0x1288  Winmgmt - ok
12:28:35.0524 0x1288  [ C8D6344BDE2691A196E61C0D3372EAB7, FF8EB79D8A7E298343C22B83276FF68293D08A9DA438BB22600BEFC4CA93A91D ] WinRM           C:\Windows\system32\WsmSvc.dll
12:28:35.0556 0x1288  WinRM - ok
12:28:35.0564 0x1288  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
12:28:35.0565 0x1288  WinUsb - ok
12:28:35.0587 0x1288  [ 5A917027826D759CC3238C7D3CEC3438, A8FFA28B6D8A314692AA08788FC9E2E0F03D8AD1FCD662826ABA71DB39C3605A ] WlanSvc         C:\Windows\System32\wlansvc.dll
12:28:35.0607 0x1288  WlanSvc - ok
12:28:35.0631 0x1288  [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
12:28:35.0649 0x1288  wlidsvc - ok
12:28:35.0653 0x1288  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
12:28:35.0653 0x1288  WmiAcpi - ok
12:28:35.0659 0x1288  [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:28:35.0661 0x1288  wmiApSrv - ok
12:28:35.0662 0x1288  WMPNetworkSvc - ok
12:28:35.0667 0x1288  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\Windows\system32\drivers\Wof.sys
12:28:35.0669 0x1288  Wof - ok
12:28:35.0693 0x1288  [ 65C65F3BD784158C456E721DDC9F0EA2, CBD3ADFD960456BD4B9557BF691E12D31153499549F5D3D08258BD62013952ED ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
12:28:35.0714 0x1288  workfolderssvc - ok
12:28:35.0718 0x1288  [ C1F564F324685C088ECAB1933576CF91, 022F0EC160352AB73AF7DA557D1A5798964231B82C556F22F4163E8B3E4088B2 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
12:28:35.0719 0x1288  wpcfltr - ok
12:28:35.0721 0x1288  [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:28:35.0724 0x1288  WPCSvc - ok
12:28:35.0727 0x1288  [ D27491CFCE452C154CECFA155AD0EBC8, 1F3F74C253E3B07DE7EFE27C34DD9AF08617C7B03BB44C2902F69BA9DA3F21F2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:28:35.0729 0x1288  WPDBusEnum - ok
12:28:35.0731 0x1288  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
12:28:35.0732 0x1288  WpdUpFltr - ok
12:28:35.0733 0x1288  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:28:35.0734 0x1288  ws2ifsl - ok
12:28:35.0739 0x1288  [ 515583507D3828E827FF6352C9ACCEFA, D0C42020FA787804DA26FE07D67C8880FE027A230BD9EB6A706862D89181F2BE ] wscsvc          C:\Windows\System32\wscsvc.dll
12:28:35.0741 0x1288  wscsvc - ok
12:28:35.0743 0x1288  WSearch - ok
12:28:35.0793 0x1288  [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService       C:\Windows\System32\WSService.dll
12:28:35.0837 0x1288  WSService - ok
12:28:35.0890 0x1288  [ 7E609FBF50774CC5A239420FE34EBB9C, 69B643B11717D51BC5D3F1CDE47D4C9E198AB8D9160C852DBE9B940E40AD8A57 ] wuauserv        C:\Windows\system32\wuaueng.dll
12:28:35.0929 0x1288  wuauserv - ok
12:28:35.0939 0x1288  [ 2FEAE33E9B2B56104596E1BA444405A9, 0A142F50E06F6224B9CB36B3CE62BE0B36DE8B8DB9F9E05D287DFB884CC7826E ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
12:28:35.0940 0x1288  WudfPf - ok
12:28:35.0945 0x1288  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
12:28:35.0947 0x1288  WUDFRd - ok
12:28:35.0951 0x1288  [ BB73CBC65AABC4EA0A5C6A1474A0A743, D644B3C6A7202CADDADB3B68FE1B2A7C76B023FE58F667EED4D538C1F4A65D64 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:28:35.0954 0x1288  wudfsvc - ok
12:28:35.0958 0x1288  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFWpdMtp      C:\Windows\system32\DRIVERS\WUDFRd.sys
12:28:35.0960 0x1288  WUDFWpdMtp - ok
12:28:35.0969 0x1288  [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc         C:\Windows\System32\wwansvc.dll
12:28:35.0977 0x1288  WwanSvc - ok
12:28:35.0981 0x1288  ================ Scan global ===============================
12:28:35.0985 0x1288  [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\Windows\system32\basesrv.dll
12:28:35.0990 0x1288  [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\Windows\system32\winsrv.dll
12:28:35.0996 0x1288  [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\Windows\system32\sxssrv.dll
12:28:36.0004 0x1288  [ B4B610BBCB002EC478C6FD80CF915697, CE22B87A7C7C0D325CE66FB97E7318B4A41EE0BD14D902A410126A1EBBEAA6FB ] C:\Windows\system32\services.exe
12:28:36.0009 0x1288  [ Global ] - ok
12:28:36.0009 0x1288  ================ Scan MBR ==================================
12:28:36.0011 0x1288  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:28:36.0100 0x1288  \Device\Harddisk0\DR0 - ok
12:28:36.0101 0x1288  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
12:28:36.0416 0x1288  \Device\Harddisk1\DR1 - ok
12:28:36.0418 0x1288  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
12:28:36.0420 0x1288  \Device\Harddisk2\DR2 - ok
12:28:36.0421 0x1288  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk3\DR3
12:28:36.0465 0x1288  \Device\Harddisk3\DR3 - ok
12:28:36.0468 0x1288  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk4\DR4
12:28:36.0474 0x1288  \Device\Harddisk4\DR4 - ok
12:28:36.0474 0x1288  ================ Scan VBR ==================================
12:28:36.0477 0x1288  [ 3126CBAFF527C564019BE627F42F354D ] \Device\Harddisk0\DR0\Partition1
12:28:36.0479 0x1288  \Device\Harddisk0\DR0\Partition1 - ok
12:28:36.0481 0x1288  [ 5710279A7104D2B681810CD16A3671EA ] \Device\Harddisk0\DR0\Partition2
12:28:36.0483 0x1288  \Device\Harddisk0\DR0\Partition2 - ok
12:28:36.0486 0x1288  [ F86F2101D277DD608B855823855E6EE6 ] \Device\Harddisk1\DR1\Partition1
12:28:36.0537 0x1288  \Device\Harddisk1\DR1\Partition1 - ok
12:28:36.0542 0x1288  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk2\DR2\Partition1
12:28:36.0542 0x1288  \Device\Harddisk2\DR2\Partition1 - ok
12:28:36.0549 0x1288  [ 1309F0A416FE1AA198BD4646F0976831 ] \Device\Harddisk2\DR2\Partition2
12:28:36.0623 0x1288  \Device\Harddisk2\DR2\Partition2 - ok
12:28:36.0628 0x1288  [ A24D0092D99BDAAC97100AFD8FB46A0B ] \Device\Harddisk3\DR3\Partition1
12:28:36.0701 0x1288  \Device\Harddisk3\DR3\Partition1 - ok
12:28:36.0706 0x1288  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk4\DR4\Partition1
12:28:36.0706 0x1288  \Device\Harddisk4\DR4\Partition1 - ok
12:28:36.0713 0x1288  [ 1E3326CF746022939A312A32907C09B0 ] \Device\Harddisk4\DR4\Partition2
12:28:36.0767 0x1288  \Device\Harddisk4\DR4\Partition2 - ok
12:28:36.0768 0x1288  ================ Scan generic autorun ======================
12:28:36.0775 0x1288  [ D94BCD3B86F5220BEFC277B395EEE845, 61D3DE5621CE855F8EA5BF2308D0DFFB3B517BF7187AEE1FEF6785C5880E7D49 ] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe
12:28:36.0778 0x1288  IAStorIcon - ok
12:28:36.0837 0x1288  [ 44FE94FCDF97E574B6986C5A81758628, D950CF92623CA2AD053F7DCC44B483176D02E721C716255957DA90A083D0F1B9 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
12:28:36.0863 0x1288  NvBackend - ok
12:28:36.0871 0x1288  [ 6E0BDFBEEED65B017F2E4C2C910B0520, 54D798C2E2804DCDB84E9650EA4A032C669B10C586B396D5505F16235D83882C ] C:\Windows\system32\rundll32.exe
12:28:36.0872 0x1288  ShadowPlay - ok
12:28:37.0107 0x1288  [ 493ABE82E781DC998DCA299CE0CA9F50, 9FA0FBC03058802848B6D73B609C14C80F4764A79EB305D2CC0D76F3EDC88765 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
12:28:37.0248 0x1288  RTHDVCPL - ok
12:28:37.0356 0x1288  [ C8F0DCA0E032881B6C4422B502194629, 32996D4C0578FA9A12F3BD205F69E5357A31FBD2C9AC47DA2AB8D77196E587B1 ] C:\Program Files (x86)\AVG\AVG2014\avgui.exe
12:28:37.0407 0x1288  AVG_UI - ok
12:28:37.0434 0x1288  [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
12:28:37.0443 0x1288  Adobe ARM - ok
12:28:37.0525 0x1288  [ AF49D1C79EA49A7833017F290EE63B82, FFE98E8F6AE3BFAB324B3A7C6C6C00545C597A6861CBDD82ACE97591C6A1D287 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
12:28:37.0580 0x1288  SDTray - ok
12:28:37.0617 0x1288  [ 29CCCF1B7D5E1BDA60FC9F354AF9E7DC, BCACEA85A805857E4D1163730D800B5E22FCE2E45A0596FC10573A4EE03AD6A4 ] C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
12:28:37.0636 0x1288  iSkysoft Helper Compact.exe - ok
12:28:37.0640 0x1288  DelaypluginInstall - ok
12:28:37.0645 0x1288  [ EDAD4A8A1D46AFCF9E76B996D55116EB, 937549E6FBF5D7282E56866C705539646F2CB6839FD74BF7AA8FB2BA5CCEE940 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
12:28:37.0647 0x1288  SunJavaUpdateSched - ok
12:28:37.0648 0x1288  GoogleDriveSync - ok
12:28:37.0653 0x1288  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Users\Iderlan\AppData\Local\Google\Update\GoogleUpdate.exe
12:28:37.0654 0x1288  Google Update - ok
12:28:37.0810 0x1288  [ 2BE5A08628802F3E4AD7D43FF3927045, 7D6789E3E0A88E1EB54D2668A61CB9FF97394E8243FBA0D29CBFAA7F96E4C882 ] C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe
12:28:37.0909 0x1288  GarenaPlus - ok
12:28:37.0965 0x1288  [ F73154E180105822A5F9B755BA933737, 1CD775B6CE3736A70EC5FC7A6B77A2FEDA70D59B49A66046CC20B341005501D9 ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
12:28:38.0002 0x1288  DAEMON Tools Lite - ok
12:28:38.0035 0x1288  [ 5BA7FEC1D9E3E2CCE7400E0977E3F1B3, E6FDEA1F57C56B74EBCC5EAD18AE5CA8AD657FBDC66001040CF1693008F40AB8 ] C:\Users\Iderlan\AppData\Roaming\uTorrent\uTorrent.exe
12:28:38.0100 0x1288  uTorrent - ok
12:28:38.0102 0x1288  Waiting for KSN requests completion. In queue: 245
12:28:39.0103 0x1288  Waiting for KSN requests completion. In queue: 245
12:28:40.0103 0x1288  Waiting for KSN requests completion. In queue: 245
12:28:41.0201 0x1288  AV detected via SS2: AVG Internet Security 2014, C:\Program Files (x86)\AVG\AVG2014\avgwsc.exe ( 14.0.0.4592 ), 0x41000 ( enabled : updated )
12:28:41.0202 0x1288  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.5.218.0 ), 0x60100 ( disabled : updated )
12:28:41.0202 0x1288  FW detected via SS2: AVG Internet Security 2014, C:\Program Files (x86)\AVG\AVG2014\avgwsc.exe ( 14.0.0.4592 ), 0x41010 ( enabled )
12:28:43.0764 0x1288  ============================================================
12:28:43.0765 0x1288  Scan finished
12:28:43.0765 0x1288  ============================================================
12:28:43.0769 0x11b0  Detected object count: 0
12:28:43.0769 0x11b0  Actual detected object count: 0
 

 

aswMBR Log

 

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2014-06-07 12:34:50
-----------------------------
12:34:50.397    OS Version: Windows x64 6.2.9200
12:34:50.397    Number of processors: 8 586 0x3C03
12:34:50.397    ComputerName: AZZAZEL  UserName: Iderlan
12:34:50.687    Initialize success
12:35:03.833    AVAST engine defs: 14060701
12:35:15.185    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000038
12:35:15.187    Disk 0 Vendor: KINGSTON_SV300S37A120G 505ABBF1 Size: 114473MB BusType: 11
12:35:15.188    Disk 1  \Device\Harddisk1\DR1 -> \Device\00000039
12:35:15.190    Disk 1 Vendor: WDC_WD20EARX-008FB0 51.0AB51 Size: 1907729MB BusType: 11
12:35:15.191    Disk 2  \Device\Harddisk2\DR2 -> \Device\0000003a
12:35:15.192    Disk 2 Vendor: WDC_WD20EARX-00PASB0 51.0AB51 Size: 1907729MB BusType: 11
12:35:15.194    Disk 3  \Device\Harddisk3\DR3 -> \Device\0000003b
12:35:15.196    Disk 3 Vendor: SAMSUNG_HD154UI 1AG01118 Size: 1430799MB BusType: 11
12:35:15.197    Disk 4  \Device\Harddisk4\DR4 -> \Device\0000003c
12:35:15.200    Disk 4 Vendor: ST4000DM000-1F2168 CC54 Size: 3815447MB BusType: 11
12:35:15.209    Disk 0 MBR read successfully
12:35:15.211    Disk 0 MBR scan
12:35:15.215    Disk 0 Windows 7 default MBR code
12:35:15.217    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
12:35:15.223    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       114371 MB offset 206848
12:35:15.235    Disk 0 scanning C:\Windows\system32\drivers
12:35:17.659    Service scanning
12:35:24.162    Modules scanning
12:35:24.176    Disk 0 trace - called modules:
12:35:24.194    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll iaStorA.sys
12:35:24.200    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe0000f4db060]
12:35:24.207    3 CLASSPNP.SYS[fffff800a0a3927b] -> nt!IofCallDriver -> [0xffffe0000d78de50]
12:35:24.212    5 ACPI.sys[fffff800a014b7aa] -> nt!IofCallDriver -> [0xffffe0000d7aeb70]
12:35:24.219    7 ACPI.sys[fffff800a014b7aa] -> nt!IofCallDriver -> \Device\00000038[0xffffe0000d7b3060]
12:35:24.499    AVAST engine scan C:\Windows
12:35:24.942    AVAST engine scan C:\Windows\system32
12:36:17.727    AVAST engine scan C:\Windows\system32\drivers
12:36:23.877    AVAST engine scan C:\Users\Iderlan
12:36:33.020    Disk 0 MBR has been saved successfully to "C:\Users\Iderlan\Desktop\MBR.dat"
12:36:33.024    The log file has been saved successfully to "C:\Users\Iderlan\Desktop\aswMBR.txt"

 

Attached Files

  • Attached File  MBR.zip   595bytes   0 downloads


#12 nasdaq

nasdaq

  • Malware Response Team
  • 39,586 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:04 AM

Posted 07 June 2014 - 12:17 PM

Run the RogueKiller tool and delete/fix all this is found.

Submit a fresh log for my review.

Restart the computer normally.

Let me know if the problem persists.

#13 AzZazell

AzZazell
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:04 AM

Posted 07 June 2014 - 08:01 PM

Problem still remains.

RogueKiller V9.0.2.0 (x64) [Jun  3 2014] Por Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Site : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Sistema Operacional : Windows 8.1 (6.3.9200 ) 64 bits version
Iniciado em : Modo Normal
Usuario : Iderlan [Privilegios de Admnistrador]
Modo : Remover -- Data : 06/07/2014  21:56:00

¤¤¤ Entradas ruins : 0 ¤¤¤

¤¤¤ Entradas do Registro : 18 ¤¤¤
[PUM.Proxy] (X64) HKEY_USERS\RK_AzZazel_ON_D_8661\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=  -> NÃO SELECIONADO
[PUM.Proxy] (X86) HKEY_USERS\RK_AzZazel_ON_D_8661\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=  -> NÃO SELECIONADO
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\RK_Software_ON_D_BB06\Microsoft\Windows\CurrentVersion\Policies\System | EnableLUA : 0  -> NÃO SELECIONADO
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\RK_Software_ON_D_BB06\Microsoft\Windows\CurrentVersion\Policies\System | EnableLUA : 0  -> NÃO SELECIONADO
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\RK_Software_ON_D_BB06\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0  -> NÃO SELECIONADO
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0  -> NÃO SELECIONADO
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\RK_Software_ON_D_BB06\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0  -> NÃO SELECIONADO
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0  -> NÃO SELECIONADO
[PUM.Desktop] (X64) HKEY_USERS\RK_AzZazel_ON_D_8661\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop | NoChangingWallpaper : 0  -> NÃO SELECIONADO
[PUM.Desktop] (X86) HKEY_USERS\RK_AzZazel_ON_D_8661\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop | NoChangingWallpaper : 0  -> NÃO SELECIONADO
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\RK_Software_ON_D_BB06\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> NÃO SELECIONADO
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\RK_Software_ON_D_BB06\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> NÃO SELECIONADO
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> NÃO SELECIONADO
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> NÃO SELECIONADO
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\RK_Software_ON_D_BB06\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> NÃO SELECIONADO
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\RK_Software_ON_D_BB06\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> NÃO SELECIONADO
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> NÃO SELECIONADO
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> NÃO SELECIONADO

¤¤¤ As tarefas agendadas : 0 ¤¤¤

¤¤¤ Arquivos : 0 ¤¤¤

¤¤¤ Arquivo de Hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 0 ¤¤¤

¤¤¤ Os navegadores da Web : 1 ¤¤¤
[PUM.Proxy][FIREFX:Config] 7qa418qk.default : user_pref("network.proxy.type", 2); -> NÃO SELECIONADO

¤¤¤ Verificaçao do MBR : ¤¤¤
+++++ PhysicalDrive0: KINGSTON SV300S37A120G +++++
--- User ---
[MBR] 9dc0d2770094cd7cdba26fe3147c612e
[BSP] bc1c317214a38fa50d1986ee075520c6 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 114371 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: WDC WD20EARX-008FB0 +++++
--- User ---
[MBR] ac77c4c1db37c993b830c0599af1abd7
[BSP] b0993718534fbcabc2bd41bcd2d7d76a : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 1907727 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive2: WDC WD20EARX-00PASB0 +++++
--- User ---
[MBR] 0086f36f0b7bc8b257f89fc226376c3d
[BSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 2097152 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive3: SAMSUNG HD154UI +++++
--- User ---
[MBR] 540fc1ef42ef51e4d267574f3332c7ae
[BSP] 0d6aa2cea73eb6b6ea420a0cc4ee5001 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 1430797 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive4: ST4000DM000-1F2168 +++++
--- User ---
[MBR] 0086f36f0b7bc8b257f89fc226376c3d
[BSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 2097152 MB
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_DEL_06072014_122406.log - RKreport_SCN_06072014_122342.log - RKreport_SCN_06072014_215529.log
 



#14 nasdaq

nasdaq

  • Malware Response Team
  • 39,586 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:04 AM

Posted 08 June 2014 - 09:08 AM

Try this.

Please download MiniToolBox to Desktop and run it.

Check mark the following boxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List last 10 Event Viewer log
  • List content of Hosts
  • List IP Configuration
  • List Winsock Entries
  • Click Go and copy/paste the log (Result.txt) into your next post.
  • Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


#15 AzZazell

AzZazell
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:04 AM

Posted 08 June 2014 - 02:43 PM

MiniToolBox by Farbar  Version: 23-01-2014
Ran by Iderlan (administrator) on 08-06-2014 at 16:42:30
Running from "C:\Users\Iderlan\Desktop"
Microsoft Windows 8.1 Enterprise  (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Configura‡ao de IP do Windows

Libera‡ao do Cache do DNS Resolver bem-sucedida.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20host%20%3D%3D%20's.hulu.com'%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('youtube.com%2Fvideoplayback')%20!%3D%20-1%20%26%26%20url.indexOf('%26gcr%3Dus')%20!%3D%20-1%20%26%26%20url.indexOf('%26ptchn')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fext.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fpiki.fm*')%20%7C%7C%20(shExpMatch(host%2C%20'(*.turntable.fm%7Cturntable.fm)')%20%26%26%20url.indexOf('.css')%20%3D%3D%20-1%20%26%26%20url.indexOf('.js')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fhtml5.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Flisten.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.grooveshark.com*')%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fdsc.discovery.com%2F*')%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*'))%20%7B%20return%20'PROXY%20ab-us22.personalitycores.com%3A8000%3B%20PROXY%20ab-us01.personalitycores.com%3A8000%3B%20PROXY%20ab-us18.personalitycores.com%3A8000%3B%20PROXY%20ab-us13.personalitycores.com%3A8000%3B%20PROXY%20ab-us15.personalitycores.com%3A8000%3B%20PROXY%20ab-us20.personalitycores.com%3A8000%3B%20PROXY%20ab-us17.personalitycores.com%3A8000%3B%20PROXY%20ab-us03.personalitycores.com%3A8000%3B%20PROXY%20ab-us16.personalitycores.com%3A8000%3B%20PROXY%20ab-us09.personalitycores.com%3A8000%3B%20PROXY%20ab-us12.personalitycores.com%3A8000%3B%20PROXY%20ab-us14.personalitycores.com%3A8000%3B%20PROXY%20ab-us10.personalitycores.com%3A8000%3B%20PROXY%20ab-us21.personalitycores.com%3A8000%3B%20PROXY%20ab-us11.personalitycores.com%3A8000%3B%20PROXY%20ab-us08.personalitycores.com%3A8000%3B%20PROXY%20ab-us02.personalitycores.com%3A8000%3B%20PROXY%20ab-us07.personalitycores.com%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D"
"network.proxy.no_proxies_on", ""
"network.proxy.type", 2

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel® Ethernet Connection I217-V = Ethernet (Connected)
TAP-Windows Adapter V9 = Local Area Connection 2 (Media disconnected)


# ----------------------------------
# Configura‡ao de IPv4
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="other_0" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
add address name="Local Area Connection 2" address=10.3.0.1 mask=255.255.255.0


popd
# Final da configura‡ao IPv4



Configura‡ao de IP do Windows

   Nome do host. . . . . . . . . . . . . . . . : AzZazel
   Sufixo DNS prim rio . . . . . . . . . . . . :
   Tipo de n¢. . . . . . . . . . . . . . . . . : h¡brido
   Roteamento de IP ativado. . . . . . . . . . : nao
   Proxy WINS ativado. . . . . . . . . . . . . : nao
   Lista de pesquisa de sufixo DNS . . . . . . : home

Adaptador Ethernet Local Area Connection 2:

   Estado da m¡dia. . . . . . . . . . . . . .  : m¡dia desconectada
   Sufixo DNS espec¡fico de conexao. . . . . . :
   Descri‡ao . . . . . . . . . . . . . . . . . : TAP-Windows Adapter V9
   Endere‡o F¡sico . . . . . . . . . . . . . . : 00-FF-B6-7B-D3-F5
   DHCP Habilitado . . . . . . . . . . . . . . : Nao
   Configura‡ao Autom tica Habilitada. . . . . : Sim

Adaptador Ethernet Ethernet:

   Sufixo DNS espec¡fico de conexao. . . . . . : home
   Descri‡ao . . . . . . . . . . . . . . . . . : Intel® Ethernet Connection I217-V
   Endere‡o F¡sico . . . . . . . . . . . . . . : 94-DE-80-B4-A3-77
   DHCP Habilitado . . . . . . . . . . . . . . : Sim
   Configura‡ao Autom tica Habilitada. . . . . : Sim
   Endere‡o IPv6 de link local . . . . . . . . : fe80::34ca:4946:e8d4:40d0%3(Preferencial)
   Endere‡o IPv4. . . . . . . .  . . . . . . . : 192.168.25.8(Preferencial)
   M scara de Sub-rede . . . . . . . . . . . . : 255.255.255.0
   Concessao Obtida. . . . . . . . . . . . . . : domingo, 8 de junho de 2014 08:29:57
   Concessao Expira. . . . . . . . . . . . . . : segunda-feira, 9 de junho de 2014 10:21:34
   Gateway Padrao. . . . . . . . . . . . . . . : 192.168.25.1
   Servidor DHCP . . . . . . . . . . . . . . . : 192.168.25.1
   IAID de DHCPv6. . . . . . . . . . . . . . . : 60087936
   DUID de Cliente DHCPv6. . . . . . . . . . . : 00-01-00-01-1A-76-40-C5-94-DE-80-B4-A3-77
   Servidores DNS. . . . . . . . . . . . . . . : 192.168.25.1
   NetBIOS em Tcpip. . . . . . . . . . . . . . : Habilitado

Adaptador de t£nel isatap.home:

   Estado da m¡dia. . . . . . . . . . . . . .  : m¡dia desconectada
   Sufixo DNS espec¡fico de conexao. . . . . . : home
   Descri‡ao . . . . . . . . . . . . . . . . . : Microsoft ISATAP Adapter
   Endere‡o F¡sico . . . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Habilitado . . . . . . . . . . . . . . : Nao
   Configura‡ao Autom tica Habilitada. . . . . : Sim

Adaptador de t£nel Teredo Tunneling Pseudo-Interface:

   Sufixo DNS espec¡fico de conexao. . . . . . :
   Descri‡ao . . . . . . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Endere‡o F¡sico . . . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Habilitado . . . . . . . . . . . . . . : Nao
   Configura‡ao Autom tica Habilitada. . . . . : Sim
   Endere‡o IPv6 . . . . . . . . . . : 2001:0:5ef5:79fd:30aa:2e8a:4c4f:d150(Preferencial)
   Endere‡o IPv6 de link local . . . . . . . . : fe80::30aa:2e8a:4c4f:d150%5(Preferencial)
   Gateway Padrao. . . . . . . . . . . . . . . : ::
   IAID de DHCPv6. . . . . . . . . . . . . . . : 134217728
   DUID de Cliente DHCPv6. . . . . . . . . . . : 00-01-00-01-1A-76-40-C5-94-DE-80-B4-A3-77
   NetBIOS em Tcpip. . . . . . . . . . . . . . : Desabilitado
Servidor:  PowerBox.home
Address:  192.168.25.1

Nome:    google.com
Addresses:  2800:3f0:4004:801::1004
      173.194.42.163
      173.194.42.164
      173.194.42.161
      173.194.42.162
      173.194.42.165
      173.194.42.169
      173.194.42.174
      173.194.42.168
      173.194.42.167
      173.194.42.160
      173.194.42.166


Disparando google.com [173.194.42.168] com 32 bytes de dados:
Resposta de 173.194.42.168: bytes=32 tempo=19ms TTL=56
Resposta de 173.194.42.168: bytes=32 tempo=21ms TTL=56

Estat¡sticas do Ping para 173.194.42.168:
    Pacotes: Enviados = 2, Recebidos = 2, Perdidos = 0 (0% de
             perda),
Aproximar um n£mero redondo de vezes em milissegundos:
    M¡nimo = 19ms, M ximo = 21ms, M‚dia = 20ms
Servidor:  PowerBox.home
Address:  192.168.25.1

Nome:    yahoo.com
Addresses:  98.138.253.109
      206.190.36.45
      98.139.183.24


Disparando yahoo.com [98.139.183.24] com 32 bytes de dados:
Resposta de 98.139.183.24: bytes=32 tempo=144ms TTL=50
Resposta de 98.139.183.24: bytes=32 tempo=157ms TTL=50

Estat¡sticas do Ping para 98.139.183.24:
    Pacotes: Enviados = 2, Recebidos = 2, Perdidos = 0 (0% de
             perda),
Aproximar um n£mero redondo de vezes em milissegundos:
    M¡nimo = 144ms, M ximo = 157ms, M‚dia = 150ms

Disparando 127.0.0.1 com 32 bytes de dados:
Resposta de 127.0.0.1: bytes=32 tempo<1ms TTL=128
Resposta de 127.0.0.1: bytes=32 tempo<1ms TTL=128

Estat¡sticas do Ping para 127.0.0.1:
    Pacotes: Enviados = 2, Recebidos = 2, Perdidos = 0 (0% de
             perda),
Aproximar um n£mero redondo de vezes em milissegundos:
    M¡nimo = 0ms, M ximo = 0ms, M‚dia = 0ms
===========================================================================
Lista de interfaces
  6...00 ff b6 7b d3 f5 ......TAP-Windows Adapter V9
  3...94 de 80 b4 a3 77 ......Intel® Ethernet Connection I217-V
  1...........................Software Loopback Interface 1
  4...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
  5...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

Tabela de rotas IPv4
===========================================================================
Rotas ativas:
Endere‡o de rede          M scara   Ender. gateway       Interface   Custo
          0.0.0.0          0.0.0.0     192.168.25.1     192.168.25.8     10
        127.0.0.0        255.0.0.0      No v¡nculo         127.0.0.1    306
        127.0.0.1  255.255.255.255      No v¡nculo         127.0.0.1    306
  127.255.255.255  255.255.255.255      No v¡nculo         127.0.0.1    306
     192.168.25.0    255.255.255.0      No v¡nculo      192.168.25.8    266
     192.168.25.8  255.255.255.255      No v¡nculo      192.168.25.8    266
   192.168.25.255  255.255.255.255      No v¡nculo      192.168.25.8    266
        224.0.0.0        240.0.0.0      No v¡nculo         127.0.0.1    306
        224.0.0.0        240.0.0.0      No v¡nculo      192.168.25.8    266
  255.255.255.255  255.255.255.255      No v¡nculo         127.0.0.1    306
  255.255.255.255  255.255.255.255      No v¡nculo      192.168.25.8    266
===========================================================================
Rotas persistentes:
  Nenhuma

Tabela de rotas IPv6
===========================================================================
Rotas ativas:
 Se destino de rede de m‚trica      Gateway
  5    306 ::/0                     No v¡nculo
  1    306 ::1/128                  No v¡nculo
  5    306 2001::/32                No v¡nculo
  5    306 2001:0:5ef5:79fd:30aa:2e8a:4c4f:d150/128
                                    No v¡nculo
  3    266 fe80::/64                No v¡nculo
  5    306 fe80::/64                No v¡nculo
  5    306 fe80::30aa:2e8a:4c4f:d150/128
                                    No v¡nculo
  3    266 fe80::34ca:4946:e8d4:40d0/128
                                    No v¡nculo
  1    306 ff00::/8                 No v¡nculo
  3    266 ff00::/8                 No v¡nculo
  5    306 ff00::/8                 No v¡nculo
===========================================================================
Rotas persistentes:
  Nenhuma
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [53760] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [64000] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67584] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [84480] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30208] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/08/2014 01:28:26 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.34014 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 9296.  Message ID: [0x2509].

Error: (06/08/2014 01:20:32 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.34014 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 2704.  Message ID: [0x2509].

Error: (06/08/2014 01:18:33 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.34014 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 12052.  Message ID: [0x2509].

Error: (06/08/2014 11:44:19 AM) (Source: SideBySide) (User: )
Description: Falha na geração de contexto de ativação para "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Erro no arquivo de manifesto ou de política "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2", na linha C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (06/08/2014 10:21:50 AM) (Source: Software Protection Platform Service) (User: )
Description: Falha na Ativação de Licença (slui.exe). Código de erro:
hr=0x8007232B
Argumento de linha de comando:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=81671aaf-79d1-4eb1-b004-8cbbe173afea;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (06/08/2014 10:21:50 AM) (Source: Software Protection Platform Service) (User: )
Description: Falha na Ativação de Licença (slui.exe). Código de erro:
hr=0x8007232B
Argumento de linha de comando:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=81671aaf-79d1-4eb1-b004-8cbbe173afea;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (06/08/2014 10:20:59 AM) (Source: Software Protection Platform Service) (User: )
Description: Falha na Ativação de Licença (slui.exe). Código de erro:
hr=0x800705B4
Argumento de linha de comando:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=81671aaf-79d1-4eb1-b004-8cbbe173afea;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (06/08/2014 08:30:36 AM) (Source: Software Protection Platform Service) (User: )
Description: Falha na Ativação de Licença (slui.exe). Código de erro:
hr=0x8007232B
Argumento de linha de comando:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=81671aaf-79d1-4eb1-b004-8cbbe173afea;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (06/08/2014 08:30:10 AM) (Source: Software Protection Platform Service) (User: )
Description: Falha na Ativação de Licença (slui.exe). Código de erro:
hr=0x8007232B
Argumento de linha de comando:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=81671aaf-79d1-4eb1-b004-8cbbe173afea;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (06/08/2014 08:28:46 AM) (Source: Application Hang) (User: )
Description: O programa Explorer.EXE versão 6.3.9600.17039 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID do Processo: 12a4

Hora de Início: 01cf830c9d8fddb6

Hora de Término: 0

Caminho do Aplicativo: C:\Windows\Explorer.EXE

ID do Relatório: 0a754c3c-ef00-11e3-82ae-94de80b4a377

Nome completo do pacote com falha:

ID do aplicativo relativo ao pacote com falha:


System errors:
=============
Error: (06/08/2014 08:29:41 AM) (Source: Ntfs) (User: )
Description: O gerenciador de recursos de transações no volume D: encontrou um erro sem nova tentativa e não pôde ser iniciado. Os dados contêm o código de erro.

Error: (06/08/2014 08:29:41 AM) (Source: disk) (User: )
Description: O dispositivo, \Device\Harddisk1\DR1, possui um setor defeituoso.

Error: (06/08/2014 08:29:38 AM) (Source: disk) (User: )
Description: O dispositivo, \Device\Harddisk1\DR1, possui um setor defeituoso.

Error: (06/08/2014 08:29:35 AM) (Source: disk) (User: )
Description: O dispositivo, \Device\Harddisk1\DR1, possui um setor defeituoso.

Error: (06/08/2014 08:29:32 AM) (Source: disk) (User: )
Description: O dispositivo, \Device\Harddisk1\DR1, possui um setor defeituoso.

Error: (06/08/2014 08:26:47 AM) (Source: Ntfs) (User: )
Description: O gerenciador de recursos de transações no volume D: encontrou um erro sem nova tentativa e não pôde ser iniciado. Os dados contêm o código de erro.

Error: (06/08/2014 08:26:47 AM) (Source: disk) (User: )
Description: O dispositivo, \Device\Harddisk1\DR1, possui um setor defeituoso.

Error: (06/08/2014 08:26:45 AM) (Source: disk) (User: )
Description: O dispositivo, \Device\Harddisk1\DR1, possui um setor defeituoso.

Error: (06/08/2014 08:26:42 AM) (Source: disk) (User: )
Description: O dispositivo, \Device\Harddisk1\DR1, possui um setor defeituoso.

Error: (06/08/2014 08:26:39 AM) (Source: disk) (User: )
Description: O dispositivo, \Device\Harddisk1\DR1, possui um setor defeituoso.


Microsoft Office Sessions:
=========================
Error: (06/08/2014 01:28:26 PM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version 4.0.30319.34014 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 9296.  Message ID: [0x2509].

Error: (06/08/2014 01:20:32 PM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version 4.0.30319.34014 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 2704.  Message ID: [0x2509].

Error: (06/08/2014 01:18:33 PM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version 4.0.30319.34014 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 12052.  Message ID: [0x2509].

Error: (06/08/2014 11:44:19 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (06/08/2014 10:21:50 AM) (Source: Software Protection Platform Service)(User: )
Description: hr=0x8007232BRuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=81671aaf-79d1-4eb1-b004-8cbbe173afea;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (06/08/2014 10:21:50 AM) (Source: Software Protection Platform Service)(User: )
Description: hr=0x8007232BRuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=81671aaf-79d1-4eb1-b004-8cbbe173afea;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (06/08/2014 10:20:59 AM) (Source: Software Protection Platform Service)(User: )
Description: hr=0x800705B4RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=81671aaf-79d1-4eb1-b004-8cbbe173afea;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (06/08/2014 08:30:36 AM) (Source: Software Protection Platform Service)(User: )
Description: hr=0x8007232BRuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=81671aaf-79d1-4eb1-b004-8cbbe173afea;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (06/08/2014 08:30:10 AM) (Source: Software Protection Platform Service)(User: )
Description: hr=0x8007232BRuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=81671aaf-79d1-4eb1-b004-8cbbe173afea;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (06/08/2014 08:28:46 AM) (Source: Application Hang)(User: )
Description: Explorer.EXE6.3.9600.1703912a401cf830c9d8fddb60C:\Windows\Explorer.EXE0a754c3c-ef00-11e3-82ae-94de80b4a377


**** End of log ****
 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users