Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Zekos malware


  • This topic is locked This topic is locked
18 replies to this topic

#1 Fab1199

Fab1199

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:11 AM

Posted 07 June 2014 - 07:34 PM

Attached File  attach.txt   5.44KB   0 downloadsMy post before this one: http://www.bleepingcomputer.com/forums/t/534765/dcom-keeps-restarting-my-computer/
So basically what happens is that every 20 minutes now my computer will restart. Now confirmed as "Zekos Malware" thanks to Broni <3.
DDS text: DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 8.0.7600.16385  BrowserJavaVersion: 10.51.2
Run by UltimatePC at 19:11:46 on 2014-06-07
Microsoft Windows 7 Ultimate   6.1.7600.0.1252.1.1033.18.3070.682 [GMT -5:00]
.
AV: AVG AntiVirus 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ================
.
C:\PROGRA~1\AVG\AVG2014\avgrsx.exe
C:\Program Files\AVG\AVG2014\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\nvwmi.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\nvwmi.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2014\avgidsagent.exe
C:\Program Files\AVG\AVG2014\avgwdsvc.exe
C:\Program Files\AVG\AVG2014\avgnsx.exe
C:\Program Files\AVG\AVG2014\avgemcx.exe
C:\Program Files\AVG\AVG2014\avgcsrvx.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\AVG\AVG2014\avgui.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
.
============== Pseudo HJT Report ===============
.
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [Overwolf] c:\program files\overwolf\Overwolf.exe -silent
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [AVG_UI] "c:\program files\avg\avg2014\avgui.exe" /TRAYONLY
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{16A75700-1B4D-4AEB-BA5A-F3CB8FB7FEE0} : DHCPNameServer = 192.168.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\35.0.1916.114\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R?2 MBAMService;MBAMService;c:\program files\malwarebytes anti-malware\mbamservice.exe [2014-5-18 857912]
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-10-24 147768]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-10-31 222520]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-10-1 102712]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-9-10 27448]
R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [2013-11-5 120600]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-11-4 209176]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2013-9-17 22840]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-11-1 176952]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2013-8-1 193848]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2014\avgidsagent.exe [2014-5-13 3478544]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2014\avgwdsvc.exe [2014-5-13 348008]
R2 NVWMI;NVIDIA WMI Provider;c:\windows\system32\nvwmi.exe [2013-11-27 1873184]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
R3 Linksys_adapter_H;Linksys Adapter Network Driver;c:\windows\system32\drivers\AE2500w7.sys [2013-11-27 1092160]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-5-18 23256]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\drivers\vcsvad.sys [2013-12-6 17792]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes anti-malware\mbamscheduler.exe [2014-5-18 1809720]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2014-1-2 107736]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2014-5-18 51416]
.
=============== Created Last 30 ================
.
2014-06-07 14:20:33 -------- d-----w- c:\programdata\RogueKiller
2014-06-07 13:42:25 10989752 ----a-w- C:\TRANSLATE
2014-06-07 03:41:25 -------- d-----w- c:\program files\McAfee Security Scan
2014-05-18 23:07:31 -------- d-----w- c:\program files\DLLSuite
2014-05-18 20:34:47 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-05-18 20:28:19 75480 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-05-18 20:28:19 51416 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-05-18 20:28:19 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-05-18 20:28:19 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-05-18 19:39:28 -------- d-----w- c:\users\ultimatepc\appdata\local\Skype
2014-05-18 19:39:06 -------- d-----r- c:\program files\Skype
2014-05-18 19:33:52 -------- d-----w- c:\users\ultimatepc\appdata\roaming\.minecraft
.
==================== Find3M  ====================
.
2014-05-18 21:27:32 107736 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
.
============= FINISH: 19:12:54.69 ===============


Edited by Fab1199, 07 June 2014 - 07:36 PM.


BC AdBot (Login to Remove)

 


#2 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:07:11 AM

Posted 08 June 2014 - 07:46 PM

Hello Fab1199,

  • Welcome to Bleeping Computer.
  • My name is fireman4it and I will be helping you with your Malware problem.

    Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
      
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
      
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
  • In the upper right hand corner of the topic you will see a button called Follow This Topic.I suggest you click it and select Immediate E-Mail notification and click on Follow This Topic. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

      
  • Finally, please reply using the Post  button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.
  •   I will be analyzing your log. I will get back to you with instructions.

 

 

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#3 Fab1199

Fab1199
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:11 AM

Posted 08 June 2014 - 10:27 PM

FRST Text: Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:06-06-2014

Ran by UltimatePC (administrator) on ULTIMATEPC-PC on 08-06-2014 22:24:26
Running from C:\Users\UltimatePC\Desktop
Platform: Microsoft Windows 7 Ultimate  (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvwmi.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvwmi.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2602784 2013-11-11] ()
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-12-10] (Adobe Systems Incorporated)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [5181456 2014-05-13] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-3847062085-1073995744-3344967251-1000\...\Run: [Overwolf] => C:\Program Files\Overwolf\Overwolf.exe -silent
HKU\S-1-5-21-3847062085-1073995744-3344967251-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-3847062085-1073995744-3344967251-1000\...\MountPoints2: {5dec1395-1efb-11e3-a953-806e6f6e6963} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\autorun.exe
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x4E16FB86700ECF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll No File
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
========================== Services (Whitelisted) =================
 
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3644432 2014-05-13] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [292424 2014-05-13] (AVG Technologies CZ, s.r.o.)
S2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
U2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 NVWMI; C:\Windows\system32\nvwmi.exe [1873184 2013-11-11] (NVIDIA Corporation)
 
==================== Drivers (Whitelisted) ====================
 
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [122136 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [198936 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [149784 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [192280 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [237848 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [107288 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [210200 2014-05-13] (AVG Technologies CZ, s.r.o.)
R3 Linksys_adapter_H; C:\Windows\System32\DRIVERS\AE2500w7.sys [1092160 2011-03-28] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-04-03] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [107736 2014-05-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51416 2014-04-03] (Malwarebytes Corporation)
R3 VCSVADHWSer; C:\Windows\System32\DRIVERS\vcsvad.sys [17792 2008-12-26] (Avnex)
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-06-08 22:23 - 2014-06-08 22:24 - 00018787 _____ () C:\Users\UltimatePC\Desktop\Addition.txt
2014-06-08 22:23 - 2014-06-08 22:24 - 00008441 _____ () C:\Users\UltimatePC\Desktop\FRST.txt
2014-06-08 22:22 - 2014-06-08 22:24 - 00000000 ____D () C:\FRST
2014-06-08 22:22 - 2014-06-08 22:22 - 01063424 _____ (Farbar) C:\Users\UltimatePC\Downloads\FRST.exe
2014-06-08 22:22 - 2014-06-08 22:22 - 01063424 _____ (Farbar) C:\Users\UltimatePC\Desktop\FRST.exe
2014-06-08 15:41 - 2014-06-08 15:41 - 00000000 ____D () C:\Users\UltimatePC\AppData\Roaming\LolClient
2014-06-08 14:10 - 2014-06-08 14:11 - 00000000 ____D () C:\Users\UltimatePC\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2014-06-08 14:10 - 2014-06-08 14:10 - 00002536 _____ () C:\Users\UltimatePC\Desktop\Windows 7 USB DVD Download Tool.lnk
2014-06-08 14:10 - 2014-06-08 14:10 - 00000000 ____D () C:\Users\UltimatePC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2014-06-08 14:08 - 2014-06-08 14:08 - 02721168 _____ (Microsoft Corporation) C:\Users\UltimatePC\Downloads\Windows7-USB-DVD-tool.exe
2014-06-08 14:05 - 2014-06-08 14:19 - 2147484822 _____ () C:\Users\UltimatePC\Downloads\X17-59463.iso
2014-06-08 14:03 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-06-08 14:03 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-06-08 14:03 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-06-08 14:02 - 2014-06-08 14:02 - 00001613 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk
2014-06-08 14:02 - 2014-06-08 14:02 - 00000000 ____D () C:\Riot Games
2014-06-08 14:02 - 2014-06-08 14:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2014-06-08 14:00 - 2014-06-08 20:49 - 00000000 ____D () C:\Users\UltimatePC\AppData\Local\PMB Files
2014-06-08 14:00 - 2014-06-08 14:04 - 00000000 ____D () C:\ProgramData\PMB Files
2014-06-08 14:00 - 2014-06-08 14:00 - 00000000 ____D () C:\Program Files\Pando Networks
2014-06-08 13:59 - 2014-06-08 13:59 - 32229024 _____ (Riot Games) C:\Users\UltimatePC\Downloads\LeagueofLegends_NA_Installer_05_07_13.exe
2014-06-08 13:59 - 2014-06-08 13:59 - 00000000 ____D () C:\Users\UltimatePC\AppData\Roaming\Riot Games
2014-06-08 11:05 - 2014-06-08 11:05 - 00000000 ____D () C:\Users\UltimatePC\AppData\Roaming\TS3Client
2014-06-08 10:55 - 2014-06-08 14:42 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-06-08 10:55 - 2014-06-08 10:55 - 00000340 _____ () C:\Windows\system32\jupdate-1.7.0_60-b19.log
2014-06-08 10:55 - 2014-06-08 10:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-08 10:55 - 2014-06-08 10:55 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-06-08 10:54 - 2014-06-08 10:54 - 00918952 _____ (Oracle Corporation) C:\Users\UltimatePC\Downloads\chromeinstall-7u60.exe
2014-06-07 19:13 - 2014-06-07 19:13 - 00005571 _____ () C:\Users\UltimatePC\Desktop\attach.txt
2014-06-07 19:13 - 2014-06-07 19:12 - 00008074 _____ () C:\Users\UltimatePC\Desktop\dds.txt
2014-06-07 19:08 - 2014-06-07 19:08 - 00688992 ____R (Swearware) C:\Users\UltimatePC\Downloads\dds.com
2014-06-07 18:26 - 2014-06-07 18:26 - 01940216 _____ (Bleeping Computer, LLC) C:\Users\UltimatePC\Downloads\iExplore.exe
2014-06-07 18:26 - 2014-06-07 18:26 - 00000076 _____ () C:\Users\UltimatePC\Desktop\iExplore.exe.url
2014-06-07 18:25 - 2014-06-07 18:28 - 00002914 _____ () C:\Users\UltimatePC\Desktop\Rkill.txt
2014-06-07 18:24 - 2014-06-07 18:25 - 01940216 _____ (Bleeping Computer, LLC) C:\Users\UltimatePC\Downloads\rkill.exe
2014-06-07 09:20 - 2014-06-07 21:07 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-06-07 08:42 - 2014-06-07 08:43 - 10989752 _____ (Reimage®) C:\TRANSLATE
2014-06-06 22:41 - 2014-06-07 21:14 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-06 21:58 - 2014-06-06 21:58 - 00081938 _____ () C:\Users\UltimatePC\Downloads\minecraft.jar
2014-06-06 21:57 - 2014-06-06 21:57 - 00675988 _____ () C:\Users\UltimatePC\Downloads\Minecraft (1).exe
2014-05-18 18:07 - 2014-05-18 18:07 - 00000000 ____D () C:\Program Files\DLLSuite
2014-05-18 15:46 - 2014-05-18 15:46 - 29455743 _____ () C:\Users\UltimatePC\Downloads\HydroMelonz Pack (Faithful).zip
2014-05-18 15:34 - 2014-05-18 15:51 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-05-18 15:30 - 2014-05-18 15:30 - 12589848 _____ (Malwarebytes Corp.) C:\Users\UltimatePC\Downloads\mbar-1.07.0.1009.exe
2014-05-18 15:28 - 2014-06-07 21:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-18 15:28 - 2014-06-07 21:14 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-05-18 15:28 - 2014-05-18 15:31 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-18 15:28 - 2014-05-18 15:28 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-18 15:28 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-18 15:28 - 2014-04-03 09:50 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-18 15:27 - 2014-05-18 15:27 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\UltimatePC\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-18 15:25 - 2014-05-18 15:25 - 00982016 _____ (Farbar) C:\Users\UltimatePC\Downloads\MiniToolBox.exe
2014-05-18 15:11 - 2014-05-18 15:11 - 19121882 _____ () C:\Users\UltimatePC\Downloads\Slix.zip
2014-05-18 14:49 - 2014-05-18 14:49 - 00818889 _____ () C:\Users\UltimatePC\Downloads\OptiFine_1.7.4_HD_U_D1.jar
2014-05-18 14:39 - 2014-05-18 14:39 - 00002685 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-05-18 14:39 - 2014-05-18 14:39 - 00000000 ___RD () C:\Program Files\Skype
2014-05-18 14:39 - 2014-05-18 14:39 - 00000000 ____D () C:\Users\UltimatePC\AppData\Local\Skype
2014-05-18 14:39 - 2014-05-18 14:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-05-18 14:39 - 2014-05-18 14:39 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-05-18 14:33 - 2014-06-07 21:13 - 00000000 ____D () C:\Users\UltimatePC\AppData\Roaming\.minecraft
2014-05-13 14:19 - 2014-05-13 14:19 - 00192280 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx86.sys
2014-05-13 14:17 - 2014-05-13 14:17 - 00237848 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avglogx.sys
2014-05-13 14:17 - 2014-05-13 14:17 - 00210200 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdix.sys
2014-05-13 14:17 - 2014-05-13 14:17 - 00149784 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidshx.sys
2014-05-13 14:17 - 2014-05-13 14:17 - 00122136 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiskx.sys
2014-05-13 14:17 - 2014-05-13 14:17 - 00107288 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx86.sys
2014-05-13 14:09 - 2014-05-13 14:09 - 00198936 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdriverx.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00027416 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx86.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00021272 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsshimx.sys
 
==================== One Month Modified Files and Folders =======
 
2014-06-08 22:24 - 2014-06-08 22:23 - 00018787 _____ () C:\Users\UltimatePC\Desktop\Addition.txt
2014-06-08 22:24 - 2014-06-08 22:23 - 00008441 _____ () C:\Users\UltimatePC\Desktop\FRST.txt
2014-06-08 22:24 - 2014-06-08 22:22 - 00000000 ____D () C:\FRST
2014-06-08 22:24 - 2013-09-16 13:27 - 00000000 ____D () C:\Users\UltimatePC\AppData\Local\Temp
2014-06-08 22:22 - 2014-06-08 22:22 - 01063424 _____ (Farbar) C:\Users\UltimatePC\Downloads\FRST.exe
2014-06-08 22:22 - 2014-06-08 22:22 - 01063424 _____ (Farbar) C:\Users\UltimatePC\Desktop\FRST.exe
2014-06-08 22:21 - 2013-11-27 17:11 - 00000000 ____D () C:\Users\UltimatePC\AppData\Roaming\Skype
2014-06-08 22:17 - 2013-11-27 17:06 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-08 22:13 - 2014-01-10 19:13 - 00000000 ____D () C:\ProgramData\MFAData
2014-06-08 21:57 - 2009-07-13 23:34 - 00009584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-08 21:57 - 2009-07-13 23:34 - 00009584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-08 20:49 - 2014-06-08 14:00 - 00000000 ____D () C:\Users\UltimatePC\AppData\Local\PMB Files
2014-06-08 18:23 - 2013-09-16 13:14 - 00710327 _____ () C:\Windows\WindowsUpdate.log
2014-06-08 15:41 - 2014-06-08 15:41 - 00000000 ____D () C:\Users\UltimatePC\AppData\Roaming\LolClient
2014-06-08 14:42 - 2014-06-08 10:55 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-06-08 14:42 - 2014-01-26 17:41 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-06-08 14:42 - 2014-01-26 17:41 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-06-08 14:42 - 2014-01-26 17:41 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-06-08 14:42 - 2013-11-27 17:18 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-08 14:30 - 2013-09-16 13:30 - 00782336 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-08 14:26 - 2013-11-27 17:06 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-08 14:25 - 2013-11-27 17:23 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-08 14:25 - 2009-07-13 23:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-08 14:25 - 2009-07-13 23:39 - 00049832 _____ () C:\Windows\setupact.log
2014-06-08 14:19 - 2014-06-08 14:05 - 2147484822 _____ () C:\Users\UltimatePC\Downloads\X17-59463.iso
2014-06-08 14:11 - 2014-06-08 14:10 - 00000000 ____D () C:\Users\UltimatePC\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2014-06-08 14:10 - 2014-06-08 14:10 - 00002536 _____ () C:\Users\UltimatePC\Desktop\Windows 7 USB DVD Download Tool.lnk
2014-06-08 14:10 - 2014-06-08 14:10 - 00000000 ____D () C:\Users\UltimatePC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2014-06-08 14:08 - 2014-06-08 14:08 - 02721168 _____ (Microsoft Corporation) C:\Users\UltimatePC\Downloads\Windows7-USB-DVD-tool.exe
2014-06-08 14:04 - 2014-06-08 14:00 - 00000000 ____D () C:\ProgramData\PMB Files
2014-06-08 14:02 - 2014-06-08 14:02 - 00001613 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk
2014-06-08 14:02 - 2014-06-08 14:02 - 00000000 ____D () C:\Riot Games
2014-06-08 14:02 - 2014-06-08 14:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2014-06-08 14:02 - 2013-11-27 19:06 - 00000000 __SHD () C:\Windows\system32\AI_RecycleBin
2014-06-08 14:00 - 2014-06-08 14:00 - 00000000 ____D () C:\Program Files\Pando Networks
2014-06-08 13:59 - 2014-06-08 13:59 - 32229024 _____ (Riot Games) C:\Users\UltimatePC\Downloads\LeagueofLegends_NA_Installer_05_07_13.exe
2014-06-08 13:59 - 2014-06-08 13:59 - 00000000 ____D () C:\Users\UltimatePC\AppData\Roaming\Riot Games
2014-06-08 11:05 - 2014-06-08 11:05 - 00000000 ____D () C:\Users\UltimatePC\AppData\Roaming\TS3Client
2014-06-08 10:55 - 2014-06-08 10:55 - 00000340 _____ () C:\Windows\system32\jupdate-1.7.0_60-b19.log
2014-06-08 10:55 - 2014-06-08 10:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-08 10:55 - 2014-06-08 10:55 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-06-08 10:55 - 2013-11-27 17:18 - 00000000 ____D () C:\Program Files\Java
2014-06-08 10:54 - 2014-06-08 10:54 - 00918952 _____ (Oracle Corporation) C:\Users\UltimatePC\Downloads\chromeinstall-7u60.exe
2014-06-08 09:58 - 2013-12-29 13:18 - 00000000 ____D () C:\Users\UltimatePC\AppData\Local\Adobe
2014-06-08 09:44 - 2014-01-10 19:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-06-08 09:44 - 2014-01-10 19:23 - 00000935 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-06-07 21:14 - 2014-06-06 22:41 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-07 21:14 - 2014-05-18 15:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-07 21:14 - 2014-05-18 15:28 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-06-07 21:14 - 2013-12-30 16:23 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-06-07 21:14 - 2013-11-27 17:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-07 21:14 - 2009-07-14 02:50 - 00000000 ____D () C:\Program Files\Windows Journal
2014-06-07 21:14 - 2009-07-14 02:49 - 00000000 ____D () C:\Windows\ShellNew
2014-06-07 21:14 - 2009-07-13 23:52 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-06-07 21:14 - 2009-07-13 23:52 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-06-07 21:14 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\system32\wfp
2014-06-07 21:14 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\registration
2014-06-07 21:14 - 2009-07-13 21:37 - 00000000 ____D () C:\Program Files\Common Files\Services
2014-06-07 21:13 - 2014-05-18 14:33 - 00000000 ____D () C:\Users\UltimatePC\AppData\Roaming\.minecraft
2014-06-07 21:13 - 2014-01-10 19:22 - 00000000 ____D () C:\ProgramData\AVG2014
2014-06-07 21:13 - 2013-12-23 21:13 - 00000000 ____D () C:\Program Files\Common Files\TechSmith Shared
2014-06-07 21:07 - 2014-06-07 09:20 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-06-07 19:13 - 2014-06-07 19:13 - 00005571 _____ () C:\Users\UltimatePC\Desktop\attach.txt
2014-06-07 19:12 - 2014-06-07 19:13 - 00008074 _____ () C:\Users\UltimatePC\Desktop\dds.txt
2014-06-07 19:08 - 2014-06-07 19:08 - 00688992 ____R (Swearware) C:\Users\UltimatePC\Downloads\dds.com
2014-06-07 18:28 - 2014-06-07 18:25 - 00002914 _____ () C:\Users\UltimatePC\Desktop\Rkill.txt
2014-06-07 18:28 - 2013-12-16 20:23 - 00002129 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-07 18:26 - 2014-06-07 18:26 - 01940216 _____ (Bleeping Computer, LLC) C:\Users\UltimatePC\Downloads\iExplore.exe
2014-06-07 18:26 - 2014-06-07 18:26 - 00000076 _____ () C:\Users\UltimatePC\Desktop\iExplore.exe.url
2014-06-07 18:25 - 2014-06-07 18:24 - 01940216 _____ (Bleeping Computer, LLC) C:\Users\UltimatePC\Downloads\rkill.exe
2014-06-07 18:18 - 2013-09-16 13:27 - 00000000 ____D () C:\Users\UltimatePC
2014-06-07 08:43 - 2014-06-07 08:42 - 10989752 _____ (Reimage®) C:\TRANSLATE
2014-06-06 23:31 - 2013-12-30 16:27 - 00000000 ____D () C:\Users\UltimatePC\AppData\Local\CrashDumps
2014-06-06 22:15 - 2013-09-16 13:27 - 00000000 ____D () C:\Users\UltimatePC\AppData\Local\VirtualStore
2014-06-06 21:58 - 2014-06-06 21:58 - 00081938 _____ () C:\Users\UltimatePC\Downloads\minecraft.jar
2014-06-06 21:57 - 2014-06-06 21:57 - 00675988 _____ () C:\Users\UltimatePC\Downloads\Minecraft (1).exe
2014-05-18 18:07 - 2014-05-18 18:07 - 00000000 ____D () C:\Program Files\DLLSuite
2014-05-18 16:41 - 2014-02-09 09:55 - 00000000 ____D () C:\600f34fa5f51411118
2014-05-18 16:41 - 2013-12-23 21:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2014-05-18 16:41 - 2013-12-23 21:13 - 00000000 ____D () C:\ProgramData\TechSmith
2014-05-18 16:41 - 2013-12-23 21:13 - 00000000 ____D () C:\Program Files\TechSmith
2014-05-18 16:41 - 2009-07-13 21:37 - 00000000 __RSD () C:\Windows\Media
2014-05-18 16:41 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\rescache
2014-05-18 16:41 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\AppCompat
2014-05-18 16:41 - 2009-07-13 21:37 - 00000000 ____D () C:\Program Files\Common Files\System
2014-05-18 16:41 - 2009-07-13 21:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-05-18 16:39 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-05-18 16:36 - 2013-12-17 07:44 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-05-18 16:27 - 2014-01-02 10:22 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2014-05-18 16:26 - 2013-11-27 20:31 - 00000988 _____ () C:\Windows\PFRO.log
2014-05-18 16:01 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\L2Schemas
2014-05-18 15:51 - 2014-05-18 15:34 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-05-18 15:46 - 2014-05-18 15:46 - 29455743 _____ () C:\Users\UltimatePC\Downloads\HydroMelonz Pack (Faithful).zip
2014-05-18 15:31 - 2014-05-18 15:28 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-18 15:30 - 2014-05-18 15:30 - 12589848 _____ (Malwarebytes Corp.) C:\Users\UltimatePC\Downloads\mbar-1.07.0.1009.exe
2014-05-18 15:28 - 2014-05-18 15:28 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-18 15:28 - 2014-01-02 10:21 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-18 15:27 - 2014-05-18 15:27 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\UltimatePC\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-18 15:25 - 2014-05-18 15:25 - 00982016 _____ (Farbar) C:\Users\UltimatePC\Downloads\MiniToolBox.exe
2014-05-18 15:11 - 2014-05-18 15:11 - 19121882 _____ () C:\Users\UltimatePC\Downloads\Slix.zip
2014-05-18 14:59 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-05-18 14:49 - 2014-05-18 14:49 - 00818889 _____ () C:\Users\UltimatePC\Downloads\OptiFine_1.7.4_HD_U_D1.jar
2014-05-18 14:39 - 2014-05-18 14:39 - 00002685 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-05-18 14:39 - 2014-05-18 14:39 - 00000000 ___RD () C:\Program Files\Skype
2014-05-18 14:39 - 2014-05-18 14:39 - 00000000 ____D () C:\Users\UltimatePC\AppData\Local\Skype
2014-05-18 14:39 - 2014-05-18 14:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-05-18 14:39 - 2014-05-18 14:39 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-05-18 14:39 - 2013-11-27 17:11 - 00000000 ____D () C:\ProgramData\Skype
2014-05-13 14:19 - 2014-05-13 14:19 - 00192280 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx86.sys
2014-05-13 14:17 - 2014-05-13 14:17 - 00237848 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avglogx.sys
2014-05-13 14:17 - 2014-05-13 14:17 - 00210200 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdix.sys
2014-05-13 14:17 - 2014-05-13 14:17 - 00149784 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidshx.sys
2014-05-13 14:17 - 2014-05-13 14:17 - 00122136 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiskx.sys
2014-05-13 14:17 - 2014-05-13 14:17 - 00107288 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx86.sys
2014-05-13 14:09 - 2014-05-13 14:09 - 00198936 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdriverx.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00027416 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx86.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00021272 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsshimx.sys
 
Some content of TEMP:
====================
C:\Users\UltimatePC\AppData\Local\Temp\Creative Cloud Helper.exe
C:\Users\UltimatePC\AppData\Local\Temp\GLF66A7.tmp.dll
C:\Users\UltimatePC\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\UltimatePC\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\UltimatePC\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe
C:\Users\UltimatePC\AppData\Local\Temp\swt-win32-3349.dll
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll
[2009-07-13 18:45] - [2009-07-13 20:16] - 0376320 ____A (Microsoft Corporation) 7B8559A747EC3D652EB1ED0216978893
 
 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-06-08 10:12
 
==================== End Of Log ============================
Addition Text : Additional scan result of Farbar Recovery Scan Tool (x86) Version:06-06-2014
Ran by UltimatePC at 2014-06-08 22:24:41
Running from C:\Users\UltimatePC\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: AVG AntiVirus 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
 
==================== Installed Programs ======================
 
Adobe Edge Animate CC (HKLM\...\{00603DFF-6EC5-4E9E-AB3A-AD4C7D61FF13}) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.9.900.152 - Adobe Systems Incorporated)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4592 - AVG Technologies)
AVG 2014 (Version: 14.0.3955 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4592 - AVG Technologies) Hidden
Camtasia Studio 8 (HKLM\...\{A7727F03-5311-4A12-9A63-2ACD20BA0497}) (Version: 8.2.1.1423 - TechSmith Corporation)
Fraps (remove only) (HKLM\...\Fraps) (Version:  - )
Google Chrome (HKLM\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Update Helper (Version: 1.3.24.7 - Google Inc.) Hidden
iTunes (HKLM\...\{C197BC08-3D82-4651-8886-E68C21578A38}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (Version: 2.1.60.19 - Oracle, Inc.) Hidden
League of Legends (HKLM\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (Version: 3.0.0 - Riot Games) Hidden
Malwarebytes Anti-Malware version 2.0.1.1004 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden
NVIDIA 3D Vision Controller Driver 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 331.82 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.82 - NVIDIA Corporation)
NVIDIA Control Panel 331.82 (Version: 331.82 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.82 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA nView 140.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 140.84 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.3182 - NVIDIA Corporation) Hidden
NVIDIA WMI 2.15.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.15.0 - NVIDIA Corporation)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41417}) (Version: 3.61.0 - dotPDN LLC)
Paint++ (HKLM\...\{F3AFF899-EB5E-4507-9646-E6EA2834DDB8}) (Version: 1.0.23 -  )
Pando Media Booster (HKLM\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
Skype™ 6.14 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows 7 USB/DVD Download Tool (HKLM\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinRAR 5.00 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
 
==================== Restore Points  =========================
 
07-06-2014 03:38:44 Installed Java 7 Update 60
07-06-2014 04:33:01 Windows Update
08-06-2014 15:55:00 Installed Java 7 Update 60
08-06-2014 19:00:07 Installed Microsoft Visual C++ 2005 Redistributable
08-06-2014 19:01:53 Installed League of Legends
08-06-2014 19:03:05 Installed DirectX
08-06-2014 19:09:59 Installed Windows 7 USB/DVD Download Tool
08-06-2014 19:40:25 Removed Java 7 Update 60
08-06-2014 19:41:44 Installed Java 7 Update 60
 
==================== Hosts content: ==========================
 
2009-07-13 21:04 - 2009-06-10 16:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {35D961AE-6D36-4D6C-A89C-7792954C13E2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-11-27] (Google Inc.)
Task: {3FFBBEAA-A78E-402D-8E01-DC7FD13C28C9} - System32\Tasks\AdobeAAMUpdater-1.0-UltimatePC-PC-UltimatePC => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-12-10] (Adobe Systems Incorporated)
Task: {E3301193-9279-401C-A27E-FE46D6A317F2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-11-27] (Google Inc.)
Task: {F663BD85-1D22-4BFD-94F0-6A41D1ED4C84} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-11-27 17:28 - 2013-11-11 09:26 - 00092448 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2013-09-13 20:51 - 2013-09-13 20:51 - 00087952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 20:51 - 2013-09-13 20:51 - 01242952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-11-27 17:28 - 2013-11-11 11:48 - 02152736 _____ () C:\Program Files\NVIDIA Corporation\nview\nview.dll
2013-11-27 17:28 - 2013-11-11 11:48 - 01684768 _____ () C:\Program Files\NVIDIA Corporation\nview\nvwimg.dll
2013-11-27 17:28 - 2013-11-11 11:48 - 00374560 _____ () C:\Program Files\NVIDIA Corporation\nview\nvshell.dll
2014-06-07 18:28 - 2014-05-13 18:40 - 00716616 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-06-07 18:28 - 2014-05-13 18:40 - 00126280 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-06-07 18:28 - 2014-05-13 18:40 - 04217672 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-06-07 18:28 - 2014-05-13 18:40 - 00414536 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-06-07 18:28 - 2014-05-13 18:40 - 01732424 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== EXE Association (whitelisted) =============
 
 
==================== Disabled items from MSCONFIG ==============
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/08/2014 02:11:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TrustedInstaller.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc1b4
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000002
Faulting process id: 0x1ae0
Faulting application start time: 0xTrustedInstaller.exe0
Faulting application path: TrustedInstaller.exe1
Faulting module path: TrustedInstaller.exe2
Report Id: TrustedInstaller.exe3
 
Error: (06/08/2014 10:30:33 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x800706BE
 
Error: (06/08/2014 10:28:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: ntdll.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdadb
Exception code: 0xc0000374
Fault offset: 0x000c283b
Faulting process id: 0x3e0
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3
 
Error: (06/07/2014 08:40:32 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Failed auto update retrieval of third-party root certificate from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/8F43288AD272F3103B6FB1428485EA3014C0BCFE.crt> with error: This network connection does not exist.
.
 
Error: (06/07/2014 08:39:59 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Failed auto update retrieval of third-party root certificate from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/8F43288AD272F3103B6FB1428485EA3014C0BCFE.crt> with error: 12029 (0x2efd).
 
Error: (06/07/2014 08:37:04 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Failed auto update retrieval of third-party root certificate from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/8F43288AD272F3103B6FB1428485EA3014C0BCFE.crt> with error: 12029 (0x2efd).
 
Error: (06/07/2014 08:35:03 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Failed auto update retrieval of third-party root certificate from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/8F43288AD272F3103B6FB1428485EA3014C0BCFE.crt> with error: 12029 (0x2efd).
 
Error: (06/07/2014 08:34:36 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Failed auto update retrieval of third-party root certificate from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/8F43288AD272F3103B6FB1428485EA3014C0BCFE.crt> with error: 12029 (0x2efd).
 
Error: (06/07/2014 08:34:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamservice.exe, version: 2.1.9.0, time stamp: 0x530619b7
Faulting module name: mbamservice.exe, version: 2.1.9.0, time stamp: 0x530619b7
Exception code: 0x40000015
Fault offset: 0x0007d28a
Faulting process id: 0xc2c
Faulting application start time: 0xmbamservice.exe0
Faulting application path: mbamservice.exe1
Faulting module path: mbamservice.exe2
Report Id: mbamservice.exe3
 
Error: (06/07/2014 08:34:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamscheduler.exe, version: 2.0.23.0, time stamp: 0x52f2947e
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x820
Faulting application start time: 0xmbamscheduler.exe0
Faulting application path: mbamscheduler.exe1
Faulting module path: mbamscheduler.exe2
Report Id: mbamscheduler.exe3
 
 
System errors:
=============
Error: (06/08/2014 02:27:49 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The MBAMService service hung on starting.
 
Error: (06/08/2014 02:26:27 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Power service terminated with the following error: 
%%4203
 
Error: (06/08/2014 02:26:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMScheduler service failed to start due to the following error: 
%%1053
 
Error: (06/08/2014 02:26:26 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the MBAMScheduler service to connect.
 
Error: (06/08/2014 02:25:54 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 2:24:06 PM on ‎6/‎8/‎2014 was unexpected.
 
Error: (06/08/2014 02:11:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Modules Installer service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
Error: (06/08/2014 10:38:38 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The MBAMService service hung on starting.
 
Error: (06/08/2014 10:37:15 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Power service terminated with the following error: 
%%4203
 
Error: (06/08/2014 10:36:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMScheduler service failed to start due to the following error: 
%%1053
 
Error: (06/08/2014 10:36:37 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the MBAMScheduler service to connect.
 
 
Microsoft Office Sessions:
=========================
Error: (06/08/2014 02:11:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TrustedInstaller.exe6.1.7600.163854a5bc1b4unknown0.0.0.000000000c0000005000000021ae001cf834beca08a19C:\Windows\servicing\TrustedInstaller.exeunknownb6d3020a-ef40-11e3-bd9e-00221934f75f
 
Error: (06/08/2014 10:30:33 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: 0x800706BE
 
Error: (06/08/2014 10:28:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe6.1.7600.163854a5bc100ntdll.dll6.1.7600.163854a5bdadbc0000374000c283b3e001cf8328a09c27afC:\Windows\system32\svchost.exeC:\Windows\SYSTEM32\ntdll.dll97a6f438-ef21-11e3-a956-00221934f75f
 
Error: (06/07/2014 08:40:32 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
 
Error: (06/07/2014 08:39:59 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
 
Error: (06/07/2014 08:37:04 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
 
Error: (06/07/2014 08:35:03 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
 
Error: (06/07/2014 08:34:36 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
 
Error: (06/07/2014 08:34:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbamservice.exe2.1.9.0530619b7mbamservice.exe2.1.9.0530619b7400000150007d28ac2c01cf82552b757e15C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exeC:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe722310ab-ee48-11e3-a3be-00221934f75f
 
Error: (06/07/2014 08:34:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbamscheduler.exe2.0.23.052f2947eMSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd82001cf82552119c123C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exeC:\Program Files\Malwarebytes Anti-Malware\MSVCR100.dll68f99190-ee48-11e3-a3be-00221934f75f
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 37%
Total physical RAM: 3069.62 MB
Available physical RAM: 1927.7 MB
Total Pagefile: 6137.51 MB
Available Pagefile: 3442.18 MB
Total Virtual: 2047.88 MB
Available Virtual: 1899.77 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:465.76 GB) (Free:396.28 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (D:) (Fixed) (Total:74.5 GB) (Free:74.4 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 707D707D)
Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 75 GB) (Disk ID: 80528052)
Partition 2: (Active) - (Size=74 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#4 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:07:11 AM

Posted 09 June 2014 - 06:08 PM

We need to find a replacement file on your system

Please do the following:
 

  • Open FRST 
  • Type rpcss.dl in the edit box after "Search:" so it looks like this:

        Search: rpcss.dll


    Click Search button and post the log it makes to your reply.


Edited by fireman4it, 09 June 2014 - 06:08 PM.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#5 Fab1199

Fab1199
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:11 AM

Posted 09 June 2014 - 07:02 PM

Farbar Recovery Scan Tool (x86) Version:09-06-2014 03
Ran by UltimatePC at 2014-06-09 18:52:52
Running from C:\Users\UltimatePC\Desktop
Boot Mode: Normal
 
================== Search: "rpcss.dll" ===================
 
C:\Windows.old.000\Windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7600.16385_none_69a1321f9f3393ad\rpcss.dll
[2009-07-13 18:45] - [2009-07-13 20:16] - 0376320 ____A (Microsoft Corporation) B82CD39E336973359D7C9BF911E8E84F
 
C:\Windows.old.000\Windows\System32\rpcss.dll
[2009-07-13 18:45] - [2009-07-13 20:16] - 0376320 ____A (Microsoft Corporation) B82CD39E336973359D7C9BF911E8E84F
 
C:\Windows.old\Windows\system32\rpcss.dll
[2009-03-19 19:51] - [2009-03-19 19:51] - 0845312 ____A (Microsoft Corporation) A6130365606F3D6332B014FC3DA931AA
 
C:\Windows.old\Windows\system32\dllcache\rpcss.dll
[2007-02-18 07:00] - [2009-03-19 19:51] - 0845312 ___AC (Microsoft Corporation) A6130365606F3D6332B014FC3DA931AA
 
C:\Windows.old\Windows\$NtUninstallKB956572$\rpcss.dll
[2009-06-03 00:06] - [2007-02-18 07:00] - 0838656 ____C (Microsoft Corporation) 8830EF3E7DDB479F00113A5B59B6F601
 
C:\Windows.old\Windows\$hf_mig$\KB956572\SP2QFE\rpcss.dll
[2009-03-19 19:42] - [2009-03-19 19:42] - 0845824 ____A (Microsoft Corporation) 303F3A093D6C5C221BC0980C75024A65
 
C:\Windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7600.16385_none_69a1321f9f3393ad\rpcss.dll
[2009-07-13 18:45] - [2009-07-13 20:16] - 0376320 ____A (Microsoft Corporation) B82CD39E336973359D7C9BF911E8E84F
 
C:\Windows\System32\rpcss.dll
[2009-07-13 18:45] - [2009-07-13 20:16] - 0376320 ____A (Microsoft Corporation) 7B8559A747EC3D652EB1ED0216978893
 
=== End Of Search ===


#6 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:07:11 AM

Posted 09 June 2014 - 07:16 PM

Download attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

Attached File  fixlist.txt   86bytes   1 downloads


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#7 Fab1199

Fab1199
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:11 AM

Posted 09 June 2014 - 08:10 PM

I have followed you instructions should the text look like this?

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:09-06-2014 03
Ran by UltimatePC at 2014-06-09 20:08:57 Run:1
Running from C:\Users\UltimatePC\Desktop
Boot Mode: Normal
 
==============================================
 
Content of fixlist:
*****************
Move: C:\Windows.old\Windows\system32\dllcache\rpcss.dll C:\Windows\System32\rpcss.dll
*****************
 
C:\Windows\System32\rpcss.dll => Moved successfully.
"C:\Windows.old\Windows\system32\dllcache\rpcss.dll"  moved successfully to C:\Windows\System32\rpcss.dll
 
==== End of Fixlog ====


#8 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:07:11 AM

Posted 09 June 2014 - 08:47 PM

Hows the machine running now?


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#9 Fab1199

Fab1199
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:11 AM

Posted 09 June 2014 - 09:11 PM

I still get notifications from avg about rpcss.dll and and so far i still get DCOM sometime but not as oftern.. any thing else that can help?

UPDATE : I re-did this (I honestly think i messed up my post before this) 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:09-06-2014 03
Ran by UltimatePC (administrator) on ULTIMATEPC-PC on 09-06-2014 21:26:50
Running from C:\Users\UltimatePC\Desktop
Platform: Microsoft Windows 7 Ultimate  (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvwmi.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvwmi.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2602784 2013-11-11] ()
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-12-10] (Adobe Systems Incorporated)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [5181456 2014-05-13] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-3847062085-1073995744-3344967251-1000\...\Run: [Overwolf] => C:\Program Files\Overwolf\Overwolf.exe -silent
HKU\S-1-5-21-3847062085-1073995744-3344967251-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-3847062085-1073995744-3344967251-1000\...\MountPoints2: {5dec1395-1efb-11e3-a953-806e6f6e6963} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\autorun.exe
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x4E16FB86700ECF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll No File
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll No File
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll No File
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
========================== Services (Whitelisted) =================
 
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3644432 2014-05-13] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [292424 2014-05-13] (AVG Technologies CZ, s.r.o.)
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [376320 2009-07-13] (Microsoft Corporation) [File not signed]
S2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
U2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 NVWMI; C:\Windows\system32\nvwmi.exe [1873184 2013-11-11] (NVIDIA Corporation)
R2 RpcSs; C:\Windows\system32\rpcss.dll [376320 2009-07-13] (Microsoft Corporation) [File not signed]
 
==================== Drivers (Whitelisted) ====================
 
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [122136 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [198936 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [149784 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [192280 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [237848 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [107288 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [210200 2014-05-13] (AVG Technologies CZ, s.r.o.)
R3 Linksys_adapter_H; C:\Windows\System32\DRIVERS\AE2500w7.sys [1092160 2011-03-28] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-04-03] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [107736 2014-05-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51416 2014-04-03] (Malwarebytes Corporation)
R3 VCSVADHWSer; C:\Windows\System32\DRIVERS\vcsvad.sys [17792 2008-12-26] (Avnex)
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-06-09 21:13 - 2014-06-09 21:13 - 01177600 _____ (Farbar) C:\Users\UltimatePC\Downloads\FRST.exe
2014-06-09 21:13 - 2014-06-09 21:13 - 01177600 _____ (Farbar) C:\Users\UltimatePC\Desktop\FRST.exe
2014-06-09 20:07 - 2014-06-09 20:07 - 00000086 _____ () C:\Users\UltimatePC\Downloads\fixlist.txt
2014-06-09 18:52 - 2014-06-09 18:56 - 00001723 _____ () C:\Users\UltimatePC\Desktop\Search.txt
2014-06-09 16:53 - 2014-06-09 16:53 - 00000000 ____D () C:\Windows\Sun
2014-06-08 22:23 - 2014-06-09 21:26 - 00008246 _____ () C:\Users\UltimatePC\Desktop\FRST.txt
2014-06-08 22:23 - 2014-06-08 22:25 - 00018787 _____ () C:\Users\UltimatePC\Desktop\Addition.txt
2014-06-08 22:22 - 2014-06-09 21:26 - 00000000 ____D () C:\FRST
2014-06-08 15:41 - 2014-06-08 15:41 - 00000000 ____D () C:\Users\UltimatePC\AppData\Roaming\LolClient
2014-06-08 14:10 - 2014-06-08 14:11 - 00000000 ____D () C:\Users\UltimatePC\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2014-06-08 14:10 - 2014-06-08 14:10 - 00002536 _____ () C:\Users\UltimatePC\Desktop\Windows 7 USB DVD Download Tool.lnk
2014-06-08 14:10 - 2014-06-08 14:10 - 00000000 ____D () C:\Users\UltimatePC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2014-06-08 14:08 - 2014-06-08 14:08 - 02721168 _____ (Microsoft Corporation) C:\Users\UltimatePC\Downloads\Windows7-USB-DVD-tool.exe
2014-06-08 14:05 - 2014-06-08 14:19 - 2147484822 _____ () C:\Users\UltimatePC\Downloads\X17-59463.iso
2014-06-08 14:03 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-06-08 14:03 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-06-08 14:03 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-06-08 14:02 - 2014-06-08 14:02 - 00001613 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk
2014-06-08 14:02 - 2014-06-08 14:02 - 00000000 ____D () C:\Riot Games
2014-06-08 14:02 - 2014-06-08 14:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2014-06-08 14:00 - 2014-06-09 21:26 - 00000000 ____D () C:\Users\UltimatePC\AppData\Local\PMB Files
2014-06-08 14:00 - 2014-06-09 21:26 - 00000000 ____D () C:\ProgramData\PMB Files
2014-06-08 14:00 - 2014-06-08 14:00 - 00000000 ____D () C:\Program Files\Pando Networks
2014-06-08 13:59 - 2014-06-08 13:59 - 32229024 _____ (Riot Games) C:\Users\UltimatePC\Downloads\LeagueofLegends_NA_Installer_05_07_13.exe
2014-06-08 13:59 - 2014-06-08 13:59 - 00000000 ____D () C:\Users\UltimatePC\AppData\Roaming\Riot Games
2014-06-08 11:05 - 2014-06-08 11:05 - 00000000 ____D () C:\Users\UltimatePC\AppData\Roaming\TS3Client
2014-06-08 10:55 - 2014-06-09 23:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-08 10:55 - 2014-06-08 10:55 - 00000340 _____ () C:\Windows\system32\jupdate-1.7.0_60-b19.log
2014-06-08 10:55 - 2014-06-08 10:55 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-06-08 10:55 - 2013-12-18 22:04 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-06-08 10:54 - 2014-06-08 10:54 - 00918952 _____ (Oracle Corporation) C:\Users\UltimatePC\Downloads\chromeinstall-7u60.exe
2014-06-07 19:13 - 2014-06-07 19:13 - 00005571 _____ () C:\Users\UltimatePC\Desktop\attach.txt
2014-06-07 19:13 - 2014-06-07 19:12 - 00008074 _____ () C:\Users\UltimatePC\Desktop\dds.txt
2014-06-07 19:08 - 2014-06-07 19:08 - 00688992 ____R (Swearware) C:\Users\UltimatePC\Downloads\dds.com
2014-06-07 18:26 - 2014-06-07 18:26 - 01940216 _____ (Bleeping Computer, LLC) C:\Users\UltimatePC\Downloads\iExplore.exe
2014-06-07 18:26 - 2014-06-07 18:26 - 00000076 _____ () C:\Users\UltimatePC\Desktop\iExplore.exe.url
2014-06-07 18:25 - 2014-06-07 18:28 - 00002914 _____ () C:\Users\UltimatePC\Desktop\Rkill.txt
2014-06-07 18:24 - 2014-06-07 18:25 - 01940216 _____ (Bleeping Computer, LLC) C:\Users\UltimatePC\Downloads\rkill.exe
2014-06-07 09:20 - 2014-06-07 21:07 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-06-07 08:42 - 2014-06-07 08:43 - 10989752 _____ (Reimage®) C:\TRANSLATE
2014-06-06 22:41 - 2014-06-07 21:14 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-06 21:58 - 2014-06-06 21:58 - 00081938 _____ () C:\Users\UltimatePC\Downloads\minecraft.jar
2014-06-06 21:57 - 2014-06-06 21:57 - 00675988 _____ () C:\Users\UltimatePC\Downloads\Minecraft (1).exe
2014-05-18 18:07 - 2014-05-18 18:07 - 00000000 ____D () C:\Program Files\DLLSuite
2014-05-18 15:46 - 2014-05-18 15:46 - 29455743 _____ () C:\Users\UltimatePC\Downloads\HydroMelonz Pack (Faithful).zip
2014-05-18 15:34 - 2014-05-18 15:51 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-05-18 15:30 - 2014-05-18 15:30 - 12589848 _____ (Malwarebytes Corp.) C:\Users\UltimatePC\Downloads\mbar-1.07.0.1009.exe
2014-05-18 15:28 - 2014-06-07 21:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-18 15:28 - 2014-06-07 21:14 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-05-18 15:28 - 2014-05-18 15:31 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-18 15:28 - 2014-05-18 15:28 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-18 15:28 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-18 15:28 - 2014-04-03 09:50 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-18 15:27 - 2014-05-18 15:27 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\UltimatePC\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-18 15:25 - 2014-05-18 15:25 - 00982016 _____ (Farbar) C:\Users\UltimatePC\Downloads\MiniToolBox.exe
2014-05-18 15:11 - 2014-05-18 15:11 - 19121882 _____ () C:\Users\UltimatePC\Downloads\Slix.zip
2014-05-18 14:49 - 2014-05-18 14:49 - 00818889 _____ () C:\Users\UltimatePC\Downloads\OptiFine_1.7.4_HD_U_D1.jar
2014-05-18 14:39 - 2014-05-18 14:39 - 00002685 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-05-18 14:39 - 2014-05-18 14:39 - 00000000 ___RD () C:\Program Files\Skype
2014-05-18 14:39 - 2014-05-18 14:39 - 00000000 ____D () C:\Users\UltimatePC\AppData\Local\Skype
2014-05-18 14:39 - 2014-05-18 14:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-05-18 14:39 - 2014-05-18 14:39 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-05-18 14:33 - 2014-06-07 21:13 - 00000000 ____D () C:\Users\UltimatePC\AppData\Roaming\.minecraft
2014-05-13 14:19 - 2014-05-13 14:19 - 00192280 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx86.sys
2014-05-13 14:17 - 2014-05-13 14:17 - 00237848 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avglogx.sys
2014-05-13 14:17 - 2014-05-13 14:17 - 00210200 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdix.sys
2014-05-13 14:17 - 2014-05-13 14:17 - 00149784 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidshx.sys
2014-05-13 14:17 - 2014-05-13 14:17 - 00122136 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiskx.sys
2014-05-13 14:17 - 2014-05-13 14:17 - 00107288 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx86.sys
2014-05-13 14:09 - 2014-05-13 14:09 - 00198936 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdriverx.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00027416 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx86.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00021272 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsshimx.sys
 
==================== One Month Modified Files and Folders =======
 
2014-06-09 23:44 - 2014-06-08 10:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-09 23:44 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\system32\wfp
2014-06-09 23:44 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\registration
2014-06-09 23:44 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\AppCompat
2014-06-09 21:27 - 2014-06-08 22:23 - 00008246 _____ () C:\Users\UltimatePC\Desktop\FRST.txt
2014-06-09 21:27 - 2013-09-16 13:27 - 00000000 ____D () C:\Users\UltimatePC\AppData\Local\Temp
2014-06-09 21:26 - 2014-06-08 22:22 - 00000000 ____D () C:\FRST
2014-06-09 21:26 - 2014-06-08 14:00 - 00000000 ____D () C:\Users\UltimatePC\AppData\Local\PMB Files
2014-06-09 21:26 - 2014-06-08 14:00 - 00000000 ____D () C:\ProgramData\PMB Files
2014-06-09 21:26 - 2013-11-27 17:11 - 00000000 ____D () C:\Users\UltimatePC\AppData\Roaming\Skype
2014-06-09 21:22 - 2013-11-27 17:23 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-09 21:22 - 2013-11-27 17:06 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-09 21:22 - 2009-07-13 23:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-09 21:22 - 2009-07-13 23:39 - 00050000 _____ () C:\Windows\setupact.log
2014-06-09 21:21 - 2013-09-16 13:14 - 00720984 _____ () C:\Windows\WindowsUpdate.log
2014-06-09 21:21 - 2009-07-13 23:34 - 00009584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-09 21:21 - 2009-07-13 23:34 - 00009584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-09 21:17 - 2013-11-27 17:06 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-09 21:13 - 2014-06-09 21:13 - 01177600 _____ (Farbar) C:\Users\UltimatePC\Downloads\FRST.exe
2014-06-09 21:13 - 2014-06-09 21:13 - 01177600 _____ (Farbar) C:\Users\UltimatePC\Desktop\FRST.exe
2014-06-09 20:56 - 2013-12-29 13:18 - 00000000 ____D () C:\Users\UltimatePC\AppData\Local\Adobe
2014-06-09 20:53 - 2013-09-16 13:30 - 00782336 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-09 20:51 - 2014-01-10 19:13 - 00000000 ____D () C:\ProgramData\MFAData
2014-06-09 20:45 - 2013-09-16 13:27 - 00000000 ____D () C:\Users\UltimatePC
2014-06-09 20:07 - 2014-06-09 20:07 - 00000086 _____ () C:\Users\UltimatePC\Downloads\fixlist.txt
2014-06-09 18:56 - 2014-06-09 18:52 - 00001723 _____ () C:\Users\UltimatePC\Desktop\Search.txt
2014-06-09 16:53 - 2014-06-09 16:53 - 00000000 ____D () C:\Windows\Sun
2014-06-08 22:25 - 2014-06-08 22:23 - 00018787 _____ () C:\Users\UltimatePC\Desktop\Addition.txt
2014-06-08 15:41 - 2014-06-08 15:41 - 00000000 ____D () C:\Users\UltimatePC\AppData\Roaming\LolClient
2014-06-08 14:42 - 2013-11-27 17:18 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-08 14:19 - 2014-06-08 14:05 - 2147484822 _____ () C:\Users\UltimatePC\Downloads\X17-59463.iso
2014-06-08 14:11 - 2014-06-08 14:10 - 00000000 ____D () C:\Users\UltimatePC\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2014-06-08 14:10 - 2014-06-08 14:10 - 00002536 _____ () C:\Users\UltimatePC\Desktop\Windows 7 USB DVD Download Tool.lnk
2014-06-08 14:10 - 2014-06-08 14:10 - 00000000 ____D () C:\Users\UltimatePC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2014-06-08 14:08 - 2014-06-08 14:08 - 02721168 _____ (Microsoft Corporation) C:\Users\UltimatePC\Downloads\Windows7-USB-DVD-tool.exe
2014-06-08 14:02 - 2014-06-08 14:02 - 00001613 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk
2014-06-08 14:02 - 2014-06-08 14:02 - 00000000 ____D () C:\Riot Games
2014-06-08 14:02 - 2014-06-08 14:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2014-06-08 14:02 - 2013-11-27 19:06 - 00000000 __SHD () C:\Windows\system32\AI_RecycleBin
2014-06-08 14:00 - 2014-06-08 14:00 - 00000000 ____D () C:\Program Files\Pando Networks
2014-06-08 13:59 - 2014-06-08 13:59 - 32229024 _____ (Riot Games) C:\Users\UltimatePC\Downloads\LeagueofLegends_NA_Installer_05_07_13.exe
2014-06-08 13:59 - 2014-06-08 13:59 - 00000000 ____D () C:\Users\UltimatePC\AppData\Roaming\Riot Games
2014-06-08 11:05 - 2014-06-08 11:05 - 00000000 ____D () C:\Users\UltimatePC\AppData\Roaming\TS3Client
2014-06-08 10:55 - 2014-06-08 10:55 - 00000340 _____ () C:\Windows\system32\jupdate-1.7.0_60-b19.log
2014-06-08 10:55 - 2014-06-08 10:55 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-06-08 10:55 - 2013-11-27 17:18 - 00000000 ____D () C:\Program Files\Java
2014-06-08 10:54 - 2014-06-08 10:54 - 00918952 _____ (Oracle Corporation) C:\Users\UltimatePC\Downloads\chromeinstall-7u60.exe
2014-06-08 09:44 - 2014-01-10 19:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-06-08 09:44 - 2014-01-10 19:23 - 00000935 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-06-07 21:14 - 2014-06-06 22:41 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-07 21:14 - 2014-05-18 15:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-07 21:14 - 2014-05-18 15:28 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-06-07 21:14 - 2013-12-30 16:23 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-06-07 21:14 - 2013-11-27 17:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-07 21:14 - 2009-07-14 02:50 - 00000000 ____D () C:\Program Files\Windows Journal
2014-06-07 21:14 - 2009-07-14 02:49 - 00000000 ____D () C:\Windows\ShellNew
2014-06-07 21:14 - 2009-07-13 23:52 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-06-07 21:14 - 2009-07-13 23:52 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-06-07 21:14 - 2009-07-13 21:37 - 00000000 ____D () C:\Program Files\Common Files\Services
2014-06-07 21:13 - 2014-05-18 14:33 - 00000000 ____D () C:\Users\UltimatePC\AppData\Roaming\.minecraft
2014-06-07 21:13 - 2014-01-10 19:22 - 00000000 ____D () C:\ProgramData\AVG2014
2014-06-07 21:13 - 2013-12-23 21:13 - 00000000 ____D () C:\Program Files\Common Files\TechSmith Shared
2014-06-07 21:07 - 2014-06-07 09:20 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-06-07 19:13 - 2014-06-07 19:13 - 00005571 _____ () C:\Users\UltimatePC\Desktop\attach.txt
2014-06-07 19:12 - 2014-06-07 19:13 - 00008074 _____ () C:\Users\UltimatePC\Desktop\dds.txt
2014-06-07 19:08 - 2014-06-07 19:08 - 00688992 ____R (Swearware) C:\Users\UltimatePC\Downloads\dds.com
2014-06-07 18:28 - 2014-06-07 18:25 - 00002914 _____ () C:\Users\UltimatePC\Desktop\Rkill.txt
2014-06-07 18:28 - 2013-12-16 20:23 - 00002129 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-07 18:26 - 2014-06-07 18:26 - 01940216 _____ (Bleeping Computer, LLC) C:\Users\UltimatePC\Downloads\iExplore.exe
2014-06-07 18:26 - 2014-06-07 18:26 - 00000076 _____ () C:\Users\UltimatePC\Desktop\iExplore.exe.url
2014-06-07 18:25 - 2014-06-07 18:24 - 01940216 _____ (Bleeping Computer, LLC) C:\Users\UltimatePC\Downloads\rkill.exe
2014-06-07 08:43 - 2014-06-07 08:42 - 10989752 _____ (Reimage®) C:\TRANSLATE
2014-06-06 23:31 - 2013-12-30 16:27 - 00000000 ____D () C:\Users\UltimatePC\AppData\Local\CrashDumps
2014-06-06 22:15 - 2013-09-16 13:27 - 00000000 ____D () C:\Users\UltimatePC\AppData\Local\VirtualStore
2014-06-06 21:58 - 2014-06-06 21:58 - 00081938 _____ () C:\Users\UltimatePC\Downloads\minecraft.jar
2014-06-06 21:57 - 2014-06-06 21:57 - 00675988 _____ () C:\Users\UltimatePC\Downloads\Minecraft (1).exe
2014-05-18 18:07 - 2014-05-18 18:07 - 00000000 ____D () C:\Program Files\DLLSuite
2014-05-18 16:41 - 2014-02-09 09:55 - 00000000 ____D () C:\600f34fa5f51411118
2014-05-18 16:41 - 2013-12-23 21:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2014-05-18 16:41 - 2013-12-23 21:13 - 00000000 ____D () C:\ProgramData\TechSmith
2014-05-18 16:41 - 2013-12-23 21:13 - 00000000 ____D () C:\Program Files\TechSmith
2014-05-18 16:41 - 2009-07-13 21:37 - 00000000 __RSD () C:\Windows\Media
2014-05-18 16:41 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\rescache
2014-05-18 16:41 - 2009-07-13 21:37 - 00000000 ____D () C:\Program Files\Common Files\System
2014-05-18 16:41 - 2009-07-13 21:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-05-18 16:39 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-05-18 16:36 - 2013-12-17 07:44 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-05-18 16:27 - 2014-01-02 10:22 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2014-05-18 16:26 - 2013-11-27 20:31 - 00000988 _____ () C:\Windows\PFRO.log
2014-05-18 16:01 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\L2Schemas
2014-05-18 15:51 - 2014-05-18 15:34 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-05-18 15:46 - 2014-05-18 15:46 - 29455743 _____ () C:\Users\UltimatePC\Downloads\HydroMelonz Pack (Faithful).zip
2014-05-18 15:31 - 2014-05-18 15:28 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-18 15:30 - 2014-05-18 15:30 - 12589848 _____ (Malwarebytes Corp.) C:\Users\UltimatePC\Downloads\mbar-1.07.0.1009.exe
2014-05-18 15:28 - 2014-05-18 15:28 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-18 15:28 - 2014-01-02 10:21 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-18 15:27 - 2014-05-18 15:27 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\UltimatePC\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-18 15:25 - 2014-05-18 15:25 - 00982016 _____ (Farbar) C:\Users\UltimatePC\Downloads\MiniToolBox.exe
2014-05-18 15:11 - 2014-05-18 15:11 - 19121882 _____ () C:\Users\UltimatePC\Downloads\Slix.zip
2014-05-18 14:59 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-05-18 14:49 - 2014-05-18 14:49 - 00818889 _____ () C:\Users\UltimatePC\Downloads\OptiFine_1.7.4_HD_U_D1.jar
2014-05-18 14:39 - 2014-05-18 14:39 - 00002685 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-05-18 14:39 - 2014-05-18 14:39 - 00000000 ___RD () C:\Program Files\Skype
2014-05-18 14:39 - 2014-05-18 14:39 - 00000000 ____D () C:\Users\UltimatePC\AppData\Local\Skype
2014-05-18 14:39 - 2014-05-18 14:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-05-18 14:39 - 2014-05-18 14:39 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-05-18 14:39 - 2013-11-27 17:11 - 00000000 ____D () C:\ProgramData\Skype
2014-05-13 14:19 - 2014-05-13 14:19 - 00192280 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx86.sys
2014-05-13 14:17 - 2014-05-13 14:17 - 00237848 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avglogx.sys
2014-05-13 14:17 - 2014-05-13 14:17 - 00210200 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdix.sys
2014-05-13 14:17 - 2014-05-13 14:17 - 00149784 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidshx.sys
2014-05-13 14:17 - 2014-05-13 14:17 - 00122136 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiskx.sys
2014-05-13 14:17 - 2014-05-13 14:17 - 00107288 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx86.sys
2014-05-13 14:09 - 2014-05-13 14:09 - 00198936 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdriverx.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00027416 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx86.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00021272 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsshimx.sys
 
Some content of TEMP:
====================
C:\Users\UltimatePC\AppData\Local\Temp\Creative Cloud Helper.exe
C:\Users\UltimatePC\AppData\Local\Temp\GLF66A7.tmp.dll
C:\Users\UltimatePC\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\UltimatePC\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\UltimatePC\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe
C:\Users\UltimatePC\AppData\Local\Temp\swt-win32-3349.dll
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll
[2009-07-13 18:45] - [2009-07-13 20:16] - 0376320 ____A (Microsoft Corporation) 7B8559A747EC3D652EB1ED0216978893
 
 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-06-08 10:12
 
==================== End Of Log ============================

Edited by Fab1199, 09 June 2014 - 09:30 PM.


#10 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:07:11 AM

Posted 09 June 2014 - 09:37 PM

Please delete your copy of TDSSKiller and download the latest version from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    image000q.png
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

    image001h.png
  • Click the Start Scan button.

    19695967.jpg
  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    67776163.jpg
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

    62117367.jpg

    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#11 Fab1199

Fab1199
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:11 AM

Posted 09 June 2014 - 09:53 PM

After I chose cure I immediately chose the reboot  computer option here are the results:  
21:43:37.0052 0x0ccc  TDSS rootkit removing tool 3.0.0.39 Jun  5 2014 20:35:54
21:43:39.0610 0x0ccc  ============================================================
21:43:39.0610 0x0ccc  Current date / time: 2014/06/09 21:43:39.0610
21:43:39.0610 0x0ccc  SystemInfo:
21:43:39.0610 0x0ccc  
21:43:39.0610 0x0ccc  OS Version: 6.1.7600 ServicePack: 0.0
21:43:39.0610 0x0ccc  Product type: Workstation
21:43:39.0610 0x0ccc  ComputerName: ULTIMATEPC-PC
21:43:39.0610 0x0ccc  UserName: UltimatePC
21:43:39.0610 0x0ccc  Windows directory: C:\Windows
21:43:39.0610 0x0ccc  System windows directory: C:\Windows
21:43:39.0610 0x0ccc  Processor architecture: Intel x86
21:43:39.0610 0x0ccc  Number of processors: 4
21:43:39.0610 0x0ccc  Page size: 0x1000
21:43:39.0610 0x0ccc  Boot type: Normal boot
21:43:39.0610 0x0ccc  ============================================================
21:43:44.0056 0x0ccc  KLMD registered as C:\Windows\system32\drivers\31062056.sys
21:43:45.0418 0x0ccc  System UUID: {81B21EE3-2A37-8A10-1986-64DA42E75FA8}
21:43:46.0157 0x0ccc  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:43:46.0179 0x0ccc  Drive \Device\Harddisk1\DR1 - Size: 0x12A05F2000 ( 74.51 Gb ), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:43:46.0181 0x0ccc  ============================================================
21:43:46.0181 0x0ccc  \Device\Harddisk0\DR0:
21:43:46.0182 0x0ccc  MBR partitions:
21:43:46.0182 0x0ccc  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
21:43:46.0182 0x0ccc  \Device\Harddisk1\DR1:
21:43:46.0182 0x0ccc  MBR partitions:
21:43:46.0182 0x0ccc  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x94FE97E
21:43:46.0182 0x0ccc  ============================================================
21:43:46.0292 0x0ccc  C: <-> \Device\Harddisk0\DR0\Partition1
21:43:46.0299 0x0ccc  D: <-> \Device\Harddisk1\DR1\Partition1
21:43:46.0299 0x0ccc  ============================================================
21:43:46.0299 0x0ccc  Initialize success
21:43:46.0299 0x0ccc  ============================================================
21:44:12.0183 0x0d80  ============================================================
21:44:12.0183 0x0d80  Scan started
21:44:12.0183 0x0d80  Mode: Manual; SigCheck; TDLFS; 
21:44:12.0183 0x0d80  ============================================================
21:44:12.0183 0x0d80  KSN ping started
21:44:14.0718 0x0d80  KSN ping finished: true
21:44:21.0211 0x0d80  ================ Scan system memory ========================
21:44:21.0211 0x0d80  Scan was interrupted by user!
21:44:21.0277 0x0d80  AV detected via SS2: AVG AntiVirus 2014, C:\Program Files\AVG\AVG2014\avgwsc.exe ( 14.0.0.4592 ), 0x41000 ( enabled : updated )
21:44:21.0286 0x0d80  Win FW state via NFP2: enabled
21:44:23.0868 0x0d80  ============================================================
21:44:23.0868 0x0d80  Scan finished
21:44:23.0868 0x0d80  ============================================================
21:44:23.0877 0x14f4  Detected object count: 0
21:44:23.0877 0x14f4  Actual detected object count: 0
21:44:38.0318 0x17e8  ============================================================
21:44:38.0318 0x17e8  Scan started
21:44:38.0318 0x17e8  Mode: Manual; SigCheck; TDLFS; 
21:44:38.0319 0x17e8  ============================================================
21:44:38.0319 0x17e8  KSN ping started
21:44:43.0704 0x17e8  KSN ping finished: true
21:44:50.0478 0x17e8  ================ Scan system memory ========================
21:44:50.0478 0x17e8  System memory - ok
21:44:50.0478 0x17e8  ================ Scan services =============================
21:44:50.0694 0x17e8  [ 6D2ACA41739BFE8CB86EE8E85F29697D, 74A4F53C8309A8E5E94CDE4D440DD5308566185E6D8D98FD08E70A25BD728C91 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
21:44:50.0827 0x17e8  1394ohci - ok
21:44:50.0872 0x17e8  [ F0E07D144C8685B8774BC32FC8DA4DF0, 39816ED2623CA9ABE2B2EDCDB2F8481634742F00FEEF7E324F34D2BAAD668A67 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
21:44:50.0887 0x17e8  ACPI - ok
21:44:50.0935 0x17e8  [ 98D81CA942D19F7D9153B095162AC013, ACE5C073323176621F3312AA9B1EE1A3382F8CDD590D90DC57B34035FD6BC281 ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys
21:44:51.0052 0x17e8  AcpiPmi - ok
21:44:51.0114 0x17e8  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
21:44:51.0185 0x17e8  adp94xx - ok
21:44:51.0220 0x17e8  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
21:44:51.0238 0x17e8  adpahci - ok
21:44:51.0268 0x17e8  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
21:44:51.0292 0x17e8  adpu320 - ok
21:44:51.0341 0x17e8  [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:44:51.0486 0x17e8  AeLookupSvc - ok
21:44:51.0575 0x17e8  [ DDC040FDB01EF1712A6B13E52AFB104C, BF17E91BBB85A04F1EEF580CD006101332CDE5B876A0D04C6932F30707BB184F ] AFD             C:\Windows\system32\drivers\afd.sys
21:44:51.0657 0x17e8  AFD - ok
21:44:51.0686 0x17e8  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
21:44:51.0699 0x17e8  agp440 - ok
21:44:51.0745 0x17e8  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
21:44:51.0759 0x17e8  aic78xx - ok
21:44:51.0823 0x17e8  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
21:44:51.0896 0x17e8  ALG - ok
21:44:51.0931 0x17e8  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
21:44:51.0940 0x17e8  aliide - ok
21:44:51.0971 0x17e8  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\DRIVERS\amdagp.sys
21:44:51.0981 0x17e8  amdagp - ok
21:44:51.0996 0x17e8  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
21:44:52.0009 0x17e8  amdide - ok
21:44:52.0048 0x17e8  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
21:44:52.0067 0x17e8  AmdK8 - ok
21:44:52.0090 0x17e8  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
21:44:52.0159 0x17e8  AmdPPM - ok
21:44:52.0203 0x17e8  [ 2101A86C25C154F8314B24EF49D7FBC2, E4C1326CF55850793B45B2BFDF361C4E98A07FB13E08BFD6DB50135489700998 ] amdsata         C:\Windows\system32\DRIVERS\amdsata.sys
21:44:52.0218 0x17e8  amdsata - ok
21:44:52.0264 0x17e8  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
21:44:52.0276 0x17e8  amdsbs - ok
21:44:52.0291 0x17e8  [ B81C2B5616F6420A9941EA093A92B150, DA2000C9E06533232F8716A6674BC9DFD5C3AAE1FC46F7A91B8E917DB913F42F ] amdxata         C:\Windows\system32\DRIVERS\amdxata.sys
21:44:52.0301 0x17e8  amdxata - ok
21:44:52.0337 0x17e8  [ FEB834C02CE1E84B6A38F953CA067706, E5A7F8B632ABFBD1283C3D44FB02449814EDB653B204E1720DAA780A6D64FD01 ] AppID           C:\Windows\system32\drivers\appid.sys
21:44:52.0432 0x17e8  AppID - ok
21:44:52.0482 0x17e8  [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:44:52.0529 0x17e8  AppIDSvc - ok
21:44:52.0562 0x17e8  [ 7DEAD9E3F65DCB2794F2711003BBF650, F541C30EEFD1BDB70F361B878B6E51DC728873695DD137148CE531FBACCDA21B ] Appinfo         C:\Windows\System32\appinfo.dll
21:44:52.0609 0x17e8  Appinfo - ok
21:44:52.0707 0x17e8  [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:44:52.0727 0x17e8  Apple Mobile Device - ok
21:44:52.0780 0x17e8  [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt         C:\Windows\System32\appmgmts.dll
21:44:52.0851 0x17e8  AppMgmt - ok
21:44:52.0916 0x17e8  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\DRIVERS\arc.sys
21:44:52.0927 0x17e8  arc - ok
21:44:52.0947 0x17e8  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
21:44:52.0957 0x17e8  arcsas - ok
21:44:53.0069 0x17e8  [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
21:44:53.0103 0x17e8  aspnet_state - ok
21:44:53.0146 0x17e8  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:44:53.0216 0x17e8  AsyncMac - ok
21:44:53.0224 0x17e8  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
21:44:53.0240 0x17e8  atapi - ok
21:44:53.0317 0x17e8  [ 510C873BFA135AA829F4180352772734, BC528D840EB338B0C5D11801C63D8EADD40AF8043DC77ACB4B42E8D20767538F ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:44:53.0401 0x17e8  AudioEndpointBuilder - ok
21:44:53.0415 0x17e8  [ 510C873BFA135AA829F4180352772734, BC528D840EB338B0C5D11801C63D8EADD40AF8043DC77ACB4B42E8D20767538F ] Audiosrv        C:\Windows\System32\Audiosrv.dll
21:44:53.0449 0x17e8  Audiosrv - ok
21:44:53.0510 0x17e8  [ 383D7AEC7F1A44B81F2069DB9EE5F313, 3C6BFBA33245C95B65999C73E9EA6861D47A5C50561E4B93DB59DFB361B8711D ] Avgdiskx        C:\Windows\system32\DRIVERS\avgdiskx.sys
21:44:53.0548 0x17e8  Avgdiskx - ok
21:44:53.0735 0x17e8  [ 561CE09C52F6E945ED4CE7E173D1F542, 25FB1B55E22D4DF3B03B6D395B6C4749C03B950139767FA095C24234BD962782 ] AVGIDSAgent     C:\Program Files\AVG\AVG2014\avgidsagent.exe
21:44:53.0964 0x17e8  AVGIDSAgent - ok
21:44:54.0007 0x17e8  [ E76F8CDCC1BF9952D165CA5D90025730, 2A1AE74A25782C4407CA665FC5E3F15BD3F823E44DF0BB4103EDDEA70D81D887 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdriverx.sys
21:44:54.0060 0x17e8  AVGIDSDriver - ok
21:44:54.0082 0x17e8  [ 486A27CBB8314577A92BEFF025D52345, EBAD1BF93E5246680018DC9B110D0FDAB40D11B730D23CA56ECB5F39C9B6E6D1 ] AVGIDSHX        C:\Windows\system32\DRIVERS\avgidshx.sys
21:44:54.0093 0x17e8  AVGIDSHX - ok
21:44:54.0137 0x17e8  [ B650C4774CAB608AAC9C650312DA2CBB, 20F3041B1D69BFDCBEDBCB07965B5FC8AB28C4FC8822A0D975FB5850A299A913 ] AVGIDSShim      C:\Windows\system32\DRIVERS\avgidsshimx.sys
21:44:54.0145 0x17e8  AVGIDSShim - ok
21:44:54.0176 0x17e8  [ B295472342FCD8E0D15FC099552BA89D, BDB6E0487DF37CDDFFC82F0C2BAF9A3F4FA67210AE9D76BD62499C4F6348EB19 ] Avgldx86        C:\Windows\system32\DRIVERS\avgldx86.sys
21:44:54.0187 0x17e8  Avgldx86 - ok
21:44:54.0233 0x17e8  [ 624A328461D9A365C1B41BC2B8AA055E, FF8C99FFEF51F493525CDD875569165B69205F3008691B9DEE0029D04D0F7B55 ] Avglogx         C:\Windows\system32\DRIVERS\avglogx.sys
21:44:54.0248 0x17e8  Avglogx - ok
21:44:54.0291 0x17e8  [ A7A3E71F9E4F6F93AEAE2B1A88A12FCB, 6724D7BEBC9F0504E794C395459B82486800D409D86E137AD9DE6A5B09DAFA19 ] Avgmfx86        C:\Windows\system32\DRIVERS\avgmfx86.sys
21:44:54.0301 0x17e8  Avgmfx86 - ok
21:44:54.0337 0x17e8  [ F2C626DD5CF3F2FACBBA053F465563EB, 15881EE4F08B713209C6088E148ECF2245349E3B99D266BFE60442DEEDB38F29 ] Avgrkx86        C:\Windows\system32\DRIVERS\avgrkx86.sys
21:44:54.0345 0x17e8  Avgrkx86 - ok
21:44:54.0368 0x17e8  [ 16EDEFD8D99936B2410D082A494D2E3F, B8D18E37FB931B67893F2B4F24D7B20BFC0AC4C45F5FBC5231B942A186D8B3EC ] Avgtdix         C:\Windows\system32\DRIVERS\avgtdix.sys
21:44:54.0380 0x17e8  Avgtdix - ok
21:44:54.0420 0x17e8  [ E5C581D358B62CF65776B8E4E17B9E5C, 955E4ECFD036330B139476CCCC7564B082C197D5E7577853E0C3D7B707EDB090 ] avgwd           C:\Program Files\AVG\AVG2014\avgwdsvc.exe
21:44:54.0434 0x17e8  avgwd - ok
21:44:54.0474 0x17e8  [ DD6A431B43E34B91A767D1CE33728175, 8BFF6474C9DFBEC96FA7B2789EF9B17C7910B52DBCF70CDA1F0C698CFA5EFB6E ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:44:54.0598 0x17e8  AxInstSV - ok
21:44:54.0658 0x17e8  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
21:44:54.0697 0x17e8  b06bdrv - ok
21:44:54.0801 0x17e8  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
21:44:54.0883 0x17e8  b57nd60x - ok
21:44:55.0040 0x17e8  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
21:44:55.0100 0x17e8  BDESVC - ok
21:44:55.0113 0x17e8  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:44:55.0160 0x17e8  Beep - ok
21:44:55.0227 0x17e8  [ 85AC71C045CEB054ED48A7841AAE0C11, BA0C0CC50E5C49838116AC9A12A7CF1A683601FD08D3CF6EC06620C51C0806FF ] BFE             C:\Windows\System32\bfe.dll
21:44:55.0326 0x17e8  BFE - ok
21:44:55.0489 0x17e8  [ 53F476476F55A27F580661BDE09C4EC4, 90DFBF97F011CFF41D2CFA2E33978BC746A7E693AC75EED1436130C4F10B4E67 ] BITS            C:\Windows\System32\qmgr.dll
21:44:55.0545 0x17e8  BITS - ok
21:44:55.0575 0x17e8  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
21:44:55.0611 0x17e8  blbdrive - ok
21:44:55.0876 0x17e8  [ FCAFAEF6798D7B51FF029F99A9898961, BFB37686B1386EB883B99DB6AC342C20514939F8B7A5CEC5D63865B3DC2B4D4F ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:44:56.0010 0x17e8  bowser - ok
21:44:56.0065 0x17e8  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:44:56.0109 0x17e8  BrFiltLo - ok
21:44:56.0115 0x17e8  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:44:56.0128 0x17e8  BrFiltUp - ok
21:44:56.0169 0x17e8  [ 598E1280E7FF3744F4B8329366CC5635, 9B6392AEBE7EF26253487AF8C7C114822ABB187BA32DA8DBF622DB1B8DA6F1C0 ] Browser         C:\Windows\System32\browser.dll
21:44:56.0193 0x17e8  Browser - ok
21:44:56.0209 0x17e8  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
21:44:56.0241 0x17e8  Brserid - ok
21:44:56.0251 0x17e8  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:44:56.0281 0x17e8  BrSerWdm - ok
21:44:56.0303 0x17e8  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:44:56.0320 0x17e8  BrUsbMdm - ok
21:44:56.0330 0x17e8  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:44:56.0377 0x17e8  BrUsbSer - ok
21:44:56.0411 0x17e8  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
21:44:56.0443 0x17e8  BTHMODEM - ok
21:44:56.0475 0x17e8  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
21:44:56.0538 0x17e8  bthserv - ok
21:44:56.0562 0x17e8  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:44:56.0589 0x17e8  cdfs - ok
21:44:56.0647 0x17e8  [ BA6E70AA0E6091BC39DE29477D866A77, A17A68BDA46995F75FB1C2C593A81CD3B2BFE290CEAA45FA2380DDF5537A23C9 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:44:56.0668 0x17e8  cdrom - ok
21:44:56.0706 0x17e8  [ 628A9E30EC5E18DD5DE6BE4DBDC12198, DDA43DCCB195440D6BD5752BD00D984F45BD6D23DBE2A656C33E3CD1E5D17AD7 ] CertPropSvc     C:\Windows\System32\certprop.dll
21:44:56.0731 0x17e8  CertPropSvc - ok
21:44:56.0746 0x17e8  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
21:44:56.0766 0x17e8  circlass - ok
21:44:56.0786 0x17e8  [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS            C:\Windows\system32\CLFS.sys
21:44:56.0801 0x17e8  CLFS - ok
21:44:56.0892 0x17e8  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:44:56.0916 0x17e8  clr_optimization_v2.0.50727_32 - ok
21:44:56.0972 0x17e8  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:44:57.0010 0x17e8  clr_optimization_v4.0.30319_32 - ok
21:44:57.0032 0x17e8  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
21:44:57.0045 0x17e8  CmBatt - ok
21:44:57.0067 0x17e8  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
21:44:57.0075 0x17e8  cmdide - ok
21:44:57.0110 0x17e8  [ 1B675691ED940766149C93E8F4488D68, A55C41B2B343B1CF53D737ED1752D0510052094FFC60FDB833279A8A52398132 ] CNG             C:\Windows\system32\Drivers\cng.sys
21:44:57.0136 0x17e8  CNG - ok
21:44:57.0164 0x17e8  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
21:44:57.0181 0x17e8  Compbatt - ok
21:44:57.0213 0x17e8  [ F1724BA27E97D627F808FB0BA77A28A6, F7D69082EEFEC0FB8B309F6AEE282D4A5DFC1A40851ED65904AA9582C5DEA5AB ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
21:44:57.0233 0x17e8  CompositeBus - ok
21:44:57.0258 0x17e8  COMSysApp - ok
21:44:57.0281 0x17e8  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
21:44:57.0298 0x17e8  crcdisk - ok
21:44:57.0345 0x17e8  [ 9C231178CE4FB385F4B54B0A9080B8A4, 08EFAEBFF68D5CCE432D75116ED4BDC63FEA651459C9AD363CBEEDB769806527 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:44:57.0370 0x17e8  CryptSvc - ok
21:44:57.0444 0x17e8  [ 27C9490BDD0AE48911AB8CF1932591ED, 751F576F797F8A7BA576C32598BD6FD2E60D4FACC7836CC5BA3F68C38D27CCCA ] CSC             C:\Windows\system32\drivers\csc.sys
21:44:57.0518 0x17e8  CSC - ok
21:44:57.0563 0x17e8  [ 56FB5F222EA30D3D3FC459879772CB73, 2C4646774575858E26DBA9C73853E06D0BD18CC8A4C73C633071FF5FE04CA0F4 ] CscService      C:\Windows\System32\cscsvc.dll
21:44:57.0606 0x17e8  CscService - ok
21:44:57.0645 0x17e8  [ 7B8559A747EC3D652EB1ED0216978893, 27C20E05CCAB25E4F320F60855C62B28E43FA3566CF480A7F29A8C6DDCC26986 ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:44:57.0675 0x17e8  DcomLaunch - detected Trojan.Win32.Patched.pj ( 0 )
21:45:03.0599 0x17e8  DcomLaunch ( Trojan.Win32.Patched.pj ) - infected
21:45:03.0599 0x17e8  Force sending object to P2P due to detect: DcomLaunch
21:45:17.0339 0x17e8  Object send P2P result: true
21:45:19.0882 0x17e8  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
21:45:19.0921 0x17e8  defragsvc - ok
21:45:19.0966 0x17e8  [ 8E09E52EE2E3CEB199EF3DD99CF9E3FB, B03D0CF11C1D0DCBB76E74D796F3AFA2F9598C918017C29670BED4E3A9962EF5 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:45:20.0026 0x17e8  DfsC - ok
21:45:20.0107 0x17e8  [ C56495FBD770712367CAD35E5DE72DA6, 9D5456A2E208F542F0B6C951EFCABA2A10919777C4287D7298A28F543D5BAC32 ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:45:20.0303 0x17e8  Dhcp - ok
21:45:20.0349 0x17e8  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
21:45:20.0398 0x17e8  discache - ok
21:45:20.0451 0x17e8  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
21:45:20.0461 0x17e8  Disk - ok
21:45:20.0506 0x17e8  [ D0722E963D3C6145446874241401B209, 542B3E6EC7E0161AB4732380343139959775E749996A97684A5D423833DDB196 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:45:20.0566 0x17e8  Dnscache - ok
21:45:20.0595 0x17e8  [ 4408C85C21EEA48EB0CE486BAEEF0502, 67EA726F4053665D94D7790EC89616EA0698A7548073A9211E3F75937B4384BE ] dot3svc         C:\Windows\System32\dot3svc.dll
21:45:20.0638 0x17e8  dot3svc - ok
21:45:20.0701 0x17e8  [ 7FA81C6E11CAA594ADB52084DA73A1E5, 9ED1C585D9CA091E75E4A2A1E5B923B104EBDC5FC9D12154DE909C583E4D0CAE ] DPS             C:\Windows\system32\dps.dll
21:45:20.0743 0x17e8  DPS - ok
21:45:20.0838 0x17e8  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:45:20.0857 0x17e8  drmkaud - ok
21:45:21.0046 0x17e8  [ 39806CFEDDCC55E686A49BCCD2972F23, EFD5816D3E8E7F0F8D8E52AB9C534737F32D2D6D3EACCA78940792C553881C64 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:45:21.0135 0x17e8  DXGKrnl - ok
21:45:21.0158 0x17e8  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
21:45:21.0214 0x17e8  EapHost - ok
21:45:22.0125 0x17e8  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
21:45:22.0506 0x17e8  ebdrv - ok
21:45:22.0706 0x17e8  [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] EFS             C:\Windows\System32\lsass.exe
21:45:22.0981 0x17e8  EFS - ok
21:45:23.0245 0x17e8  [ 3A74A6E33685662B125A3269B1F2114F, 183E180E4B35E549B5D7363D926E17226FF70CFDE7328F7B0B3676B9A27E2569 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:45:23.0391 0x17e8  ehRecvr - ok
21:45:23.0424 0x17e8  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
21:45:23.0457 0x17e8  ehSched - ok
21:45:23.0502 0x17e8  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
21:45:23.0529 0x17e8  elxstor - ok
21:45:23.0574 0x17e8  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys
21:45:23.0619 0x17e8  ErrDev - ok
21:45:23.0694 0x17e8  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
21:45:23.0722 0x17e8  EventSystem - ok
21:45:23.0742 0x17e8  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
21:45:23.0779 0x17e8  exfat - ok
21:45:23.0832 0x17e8  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:45:23.0859 0x17e8  fastfat - ok
21:45:23.0916 0x17e8  [ F7EA23CC5E6BF2181F3F399D54F6EFC1, 4659A2EDC5D5171668FB20BED7B56466A674876888519D6F524F7456EBD11263 ] Fax             C:\Windows\system32\fxssvc.exe
21:45:23.0974 0x17e8  Fax - ok
21:45:24.0010 0x17e8  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
21:45:24.0038 0x17e8  fdc - ok
21:45:24.0066 0x17e8  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
21:45:24.0153 0x17e8  fdPHost - ok
21:45:24.0163 0x17e8  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:45:24.0188 0x17e8  FDResPub - ok
21:45:24.0258 0x17e8  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:45:24.0480 0x17e8  FileInfo - ok
21:45:24.0509 0x17e8  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:45:24.0547 0x17e8  Filetrace - ok
21:45:24.0561 0x17e8  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
21:45:24.0593 0x17e8  flpydisk - ok
21:45:24.0617 0x17e8  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:45:24.0632 0x17e8  FltMgr - ok
21:45:24.0713 0x17e8  [ B6512A85815FDC3D560C3705F5BDB93D, A04D60BF4649DD7582C0E26E9CED93841D8B2729FDF6E1551F48A94AFD5A6436 ] FontCache       C:\Windows\system32\FntCache.dll
21:45:24.0799 0x17e8  FontCache - ok
21:45:24.0864 0x17e8  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:45:24.0872 0x17e8  FontCache3.0.0.0 - ok
21:45:24.0886 0x17e8  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:45:24.0896 0x17e8  FsDepends - ok
21:45:24.0910 0x17e8  [ A574B4360E438977038AAE4BF60D79A2, 7255CCDDDAC4853FA72E6487408C4B7390CBA37549CE952929B2A9CF3327C616 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:45:24.0919 0x17e8  Fs_Rec - ok
21:45:24.0966 0x17e8  [ 5592F5DBA26282D24D2B080EB438A4D7, 5376D6CFFE9A1406CFA0BF4325EB65206F57A5C50034DA7EB4238BEB08D4D6DB ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:45:24.0981 0x17e8  fvevol - ok
21:45:25.0023 0x17e8  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
21:45:25.0035 0x17e8  gagp30kx - ok
21:45:25.0066 0x17e8  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:45:25.0074 0x17e8  GEARAspiWDM - ok
21:45:25.0137 0x17e8  [ 8BA3C04702BF8F927AB36AE8313CA4EE, 3B6460C8134AA9D6E4FB978201B35FE9B67DD5BBB6C8D9625F3097DDA30C2893 ] gpsvc           C:\Windows\System32\gpsvc.dll
21:45:25.0188 0x17e8  gpsvc - ok
21:45:25.0293 0x17e8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
21:45:25.0304 0x17e8  gupdate - ok
21:45:25.0317 0x17e8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
21:45:25.0325 0x17e8  gupdatem - ok
21:45:25.0354 0x17e8  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:45:25.0430 0x17e8  hcw85cir - ok
21:45:25.0670 0x17e8  [ 3530CAD25DEBA7DC7DE8BB51632CBC5F, 6706B8AD211A4B89B6571ACD227412026EAD87D71456B3EC6E7DD8FA15B997BE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:45:25.0732 0x17e8  HdAudAddService - ok
21:45:25.0769 0x17e8  [ 717A2207FD6F13AD3E664C7D5A43C7BF, BF28A6F00B64FA0E801493E3289CFFD5E313E724DF7B5AB521C9E37A20890DCF ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
21:45:25.0799 0x17e8  HDAudBus - ok
21:45:25.0824 0x17e8  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
21:45:25.0858 0x17e8  HidBatt - ok
21:45:25.0899 0x17e8  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
21:45:25.0950 0x17e8  HidBth - ok
21:45:25.0990 0x17e8  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
21:45:26.0004 0x17e8  HidIr - ok
21:45:26.0057 0x17e8  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
21:45:26.0085 0x17e8  hidserv - ok
21:45:26.0129 0x17e8  [ 25072FB35AC90B25F9E4E3BACF774102, EBCE089947CC5A251A517CB91E81FCB948B18405FBACA04C874D4A48AF88676D ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:45:26.0144 0x17e8  HidUsb - ok
21:45:26.0213 0x17e8  [ 741C2A45CA8407E374AABA3E330B7872, FCF31C46297CFDF8240F0E783A61C8463FEDB1EF7A676AB89DFF0EAE9F3534B4 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:45:26.0288 0x17e8  hkmsvc - ok
21:45:26.0313 0x17e8  [ A768CA158BB06782A2835B907F4873C3, EFF736C6BA38FB8FC8807286AB273E7274F505E8E59D952E8563DF77C412C5AE ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:45:26.0340 0x17e8  HomeGroupListener - ok
21:45:26.0367 0x17e8  [ FB08DEC5EF43D0C66D83B8E9694E7549, 9C9ECE9E90F524791FC5DCE797BAE39605F966592126FF058BA3FA0BEFD07BEB ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:45:26.0383 0x17e8  HomeGroupProvider - ok
21:45:26.0468 0x17e8  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys
21:45:26.0478 0x17e8  HpSAMD - ok
21:45:26.0562 0x17e8  [ C531C7FD9E8B62021112787C4E2C5A5A, 09205E2A5BFB6C623B312B8AC82F7F7CA8A922B1D9A0E3952BD3BA47BBE1F18C ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:45:26.0638 0x17e8  HTTP - ok
21:45:26.0650 0x17e8  [ 8305F33CDE89AD6C7A0763ED0B5A8D42, A7CA4978DC1FF6105EA39124DF854F0B1FD478476B871ED0E018AF3AE2165282 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:45:26.0659 0x17e8  hwpolicy - ok
21:45:26.0695 0x17e8  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
21:45:26.0746 0x17e8  i8042prt - ok
21:45:26.0794 0x17e8  [ 934AF4D7C5F457B9F0743F4299B77B67, F232554352BB7CD716D6173FC1AB2661E49480994BB22E9A6FE7A33B51F0A51B ] iaStorV         C:\Windows\system32\DRIVERS\iaStorV.sys
21:45:26.0812 0x17e8  iaStorV - ok
21:45:26.0908 0x17e8  [ 5AF815EB5BC9802E5A064E2BA62BFC0C, DC8CED05F623D30C57E8A7A382A219B4266C9C766ABF8A8D71783EACB8607B82 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:45:26.0948 0x17e8  idsvc - ok
21:45:26.0995 0x17e8  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
21:45:27.0004 0x17e8  iirsp - ok
21:45:27.0062 0x17e8  [ FAC0EE6562B121B1399D6E855583F7A5, 034C9EE9232EB2CE64297EC4BCBEB5DA443ED9176C436CC754EF84FFB4AD4B08 ] IKEEXT          C:\Windows\System32\ikeext.dll
21:45:27.0102 0x17e8  IKEEXT - ok
21:45:27.0121 0x17e8  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
21:45:27.0132 0x17e8  intelide - ok
21:45:27.0171 0x17e8  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:45:27.0183 0x17e8  intelppm - ok
21:45:27.0251 0x17e8  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:45:27.0278 0x17e8  IPBusEnum - ok
21:45:27.0308 0x17e8  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:45:27.0333 0x17e8  IpFilterDriver - ok
21:45:27.0505 0x17e8  [ 477397B432A256A50EE7E4339EB9EA14, 3722938E69D16962F773F39669E9B90279DC9527BBC63564B33C89DAFD283497 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:45:27.0562 0x17e8  iphlpsvc - ok
21:45:27.0587 0x17e8  [ E4454B6C37D7FFD5649611F6496308A7, 5B2AA8C06076C9A1FF944E5EA07C29BA7FABEBB38E6BFB388ED46933EAC465FB ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys
21:45:27.0606 0x17e8  IPMIDRV - ok
21:45:27.0651 0x17e8  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:45:27.0742 0x17e8  IPNAT - ok
21:45:27.0840 0x17e8  [ 066F2BBE2EEC9A42B065B552BF356B4E, AE86DB5BFD4748C54C0C224E7FBEA3C032F1071A39303DF35AA04869D3950B7A ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
21:45:27.0875 0x17e8  iPod Service - ok
21:45:27.0908 0x17e8  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:45:27.0927 0x17e8  IRENUM - ok
21:45:27.0970 0x17e8  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys
21:45:27.0986 0x17e8  isapnp - ok
21:45:28.0015 0x17e8  [ ED46C223AE46C6866AB77CDC41C404B7, 1B2A4A3FF0E5F8F02717F20983D57612D62DFF809064A7E524700E7254BB7DB3 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
21:45:28.0029 0x17e8  iScsiPrt - ok
21:45:28.0110 0x17e8  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:45:28.0121 0x17e8  kbdclass - ok
21:45:28.0188 0x17e8  [ 3D9F0EBF350EDCFD6498057301455964, B3CB5F0C045B06C86E683F3C67DC0D4E37AF16E20B189B05C926A5A7011438FB ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
21:45:28.0208 0x17e8  kbdhid - ok
21:45:28.0386 0x17e8  [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] KeyIso          C:\Windows\system32\lsass.exe
21:45:28.0402 0x17e8  KeyIso - ok
21:45:28.0432 0x17e8  [ E36A061EC11B373826905B21BE10948F, CB9F8B76E0A99307A841B66CBD96C7087CC0B068699CBEF01040E37C6EA60E6A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:45:28.0467 0x17e8  KSecDD - ok
21:45:28.0581 0x17e8  [ 26C046977E85B95036453D7B88BA1820, 375B284AFB407CAE417D2090B112A0ED1CCD516ABFDDBFCD5D6AADE859F14ACD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:45:28.0596 0x17e8  KSecPkg - ok
21:45:28.0682 0x17e8  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:45:28.0734 0x17e8  KtmRm - ok
21:45:28.0776 0x17e8  [ BCA92CB047A4326925ECEF759DBAA233, C2A188F5526882A2E3AC4CC0190452DA37CBD93043DFE5571A20E8EFE9D56DA3 ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:45:28.0829 0x17e8  LanmanServer - ok
21:45:28.0871 0x17e8  [ B9891F885DCF1F0513A51CB58493CB1F, C883D243E1E7B7AEA031FB90FE4FCEED631F835DC95F9D9D60BC554E6EC358C2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:45:28.0899 0x17e8  LanmanWorkstation - ok
21:45:29.0003 0x17e8  [ A6E0D6305D1125AEAFD279AE60FEB07B, 7FC23F85D08C632B8D45EA39637D49AD3CD08EBF9A39E113C419F8A609760003 ] Linksys_adapter_H C:\Windows\system32\DRIVERS\AE2500w7.sys
21:45:29.0047 0x17e8  Linksys_adapter_H - ok
21:45:29.0098 0x17e8  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:45:29.0136 0x17e8  lltdio - ok
21:45:29.0184 0x17e8  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:45:29.0209 0x17e8  lltdsvc - ok
21:45:29.0222 0x17e8  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:45:29.0268 0x17e8  lmhosts - ok
21:45:29.0321 0x17e8  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
21:45:29.0332 0x17e8  LSI_FC - ok
21:45:29.0396 0x17e8  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
21:45:29.0409 0x17e8  LSI_SAS - ok
21:45:29.0458 0x17e8  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:45:29.0468 0x17e8  LSI_SAS2 - ok
21:45:29.0485 0x17e8  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:45:29.0497 0x17e8  LSI_SCSI - ok
21:45:29.0569 0x17e8  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
21:45:29.0660 0x17e8  luafv - ok
21:45:29.0738 0x17e8  [ 0C6EA0109CFEDF441F06D031E9A8D1A9, 61C18F1DD1DC5719252564A60F9E0CBD0AD275C065C5B95F330921C582EA532F ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
21:45:29.0747 0x17e8  MBAMProtector - ok
21:45:29.0905 0x17e8  [ 0E08BDD7326E657D59DB40BAD23D8169, 428C6CCCC0BB540DFD35847776140D60C186B9D2D14F0ACCD1A4D42A8877BD98 ] MBAMScheduler   C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
21:45:30.0002 0x17e8  MBAMScheduler - ok
21:45:30.0062 0x17e8  [ A8E7F3DB083EB0839DFC1C763CDD2594, BDF416E360A52130B23B029C89E6406A97FB0516C52C7E63B94CAECEEB431A2E ] MBAMService     C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
21:45:30.0101 0x17e8  MBAMService - ok
21:45:30.0161 0x17e8  [ 661B911FA04E73FB073FF9B1C9BD2E05, C5FD4F528A59141418DA279291E88E51D406D01FAD36435569D97E95FBA66164 ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
21:45:30.0175 0x17e8  MBAMSwissArmy - ok
21:45:30.0209 0x17e8  [ 18898A87CBA96DEA2074C19E140938A8, 70CBB36E349A1A2028E44137C3B306C610ACD068D117A70DA73F996F95B8BC62 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
21:45:30.0218 0x17e8  MBAMWebAccessControl - ok
21:45:30.0253 0x17e8  [ E2B0887816ED336685954E3D8FDAA51D, 4DCB08ADC6A89DCA68D1285734B283B567888EF72249F6BBA73A63D1BD462466 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:45:30.0340 0x17e8  Mcx2Svc - ok
21:45:30.0393 0x17e8  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
21:45:30.0405 0x17e8  megasas - ok
21:45:31.0499 0x17e8  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
21:45:31.0706 0x17e8  MegaSR - ok
21:45:32.0068 0x17e8  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
21:45:32.0253 0x17e8  MMCSS - ok
21:45:32.0322 0x17e8  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
21:45:32.0344 0x17e8  Modem - ok
21:45:32.0402 0x17e8  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:45:32.0454 0x17e8  monitor - ok
21:45:32.0525 0x17e8  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:45:32.0535 0x17e8  mouclass - ok
21:45:32.0552 0x17e8  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:45:32.0574 0x17e8  mouhid - ok
21:45:32.0608 0x17e8  [ 921C18727C5920D6C0300736646931C2, 19ACE502982E9C5B0134676102EAEE96675C9CA237E410DB36C389D6B4078301 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:45:32.0618 0x17e8  mountmgr - ok
21:45:32.0638 0x17e8  [ 2AF5997438C55FB79D33D015C30E1974, E8F048A02FEB400C133D0BFC1659921E73B59549E3F7D2A13929901B87A1901F ] mpio            C:\Windows\system32\DRIVERS\mpio.sys
21:45:32.0650 0x17e8  mpio - ok
21:45:32.0696 0x17e8  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:45:32.0756 0x17e8  mpsdrv - ok
21:45:32.0803 0x17e8  [ 5CD996CECF45CBC3E8D109C86B82D69E, ABE40DA4DA555D3D5054BE28BF82E775D90DCB9E31409DC95FABF2F016B17700 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:45:32.0853 0x17e8  MpsSvc - ok
21:45:32.0893 0x17e8  [ B1BE47008D20E43DA3ADC37C24CDB89D, 6E8555E84B42E5098227B35EA5ABADF2CD3AC247B37CB9E9304FF67064EBE59B ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:45:32.0911 0x17e8  MRxDAV - ok
21:45:32.0940 0x17e8  [ F4A054BE78AF7F410129C4B64B07DC9B, 65E14D38CCAB4FBB0C0D4A12F11B2E150AEC00AC692EE92A5CE6C982CF1190F5 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:45:32.0998 0x17e8  mrxsmb - ok
21:45:33.0035 0x17e8  [ DEFFA295BD1895C6ED8E3078412AC60B, 3F13CD67659EC2C8ABADC2C5B48B939ECDC6DB7CAAAAC3C2823AC12842BC1630 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:45:33.0083 0x17e8  mrxsmb10 - ok
21:45:33.0130 0x17e8  [ 24D76ABE5DCAD22F19D105F76FDF0CE1, D0A7E033B4DF4AA5A9600A2A7A890FDE20AC7CE87C660817EB92FE10E2DAD343 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:45:33.0155 0x17e8  mrxsmb20 - ok
21:45:33.0196 0x17e8  [ 4326D168944123F38DD3B2D9C37A0B12, 322AE93418BE3BA6B3E11C86431EC3F4B23CADC3B968B92978A08A7C0D0D8902 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
21:45:33.0206 0x17e8  msahci - ok
21:45:33.0249 0x17e8  [ 455029C7174A2DBB03DBA8A0D8BDDD9A, 614D71978B024109ADD9A7A74F74ABD5FAA1C36A2E859AF288398EAE7CD76DF2 ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys
21:45:33.0268 0x17e8  msdsm - ok
21:45:33.0301 0x17e8  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
21:45:33.0334 0x17e8  MSDTC - ok
21:45:33.0367 0x17e8  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:45:33.0411 0x17e8  Msfs - ok
21:45:33.0679 0x17e8  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:45:34.0107 0x17e8  mshidkmdf - ok
21:45:34.0193 0x17e8  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys
21:45:34.0265 0x17e8  msisadrv - ok
21:45:34.0660 0x17e8  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:45:34.0756 0x17e8  MSiSCSI - ok
21:45:34.0759 0x17e8  msiserver - ok
21:45:34.0785 0x17e8  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:45:34.0830 0x17e8  MSKSSRV - ok
21:45:34.0860 0x17e8  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:45:34.0882 0x17e8  MSPCLOCK - ok
21:45:34.0894 0x17e8  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:45:34.0931 0x17e8  MSPQM - ok
21:45:34.0959 0x17e8  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:45:34.0972 0x17e8  MsRPC - ok
21:45:34.0990 0x17e8  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
21:45:34.0998 0x17e8  mssmbios - ok
21:45:35.0007 0x17e8  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:45:35.0031 0x17e8  MSTEE - ok
21:45:35.0042 0x17e8  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
21:45:35.0080 0x17e8  MTConfig - ok
21:45:35.0105 0x17e8  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
21:45:35.0115 0x17e8  Mup - ok
21:45:35.0164 0x17e8  [ 80284F1985C70C86F0B5F86DA2DFE1DF, 424A5BBC28C72DA0DBABEB9E423B8C409754CD1BA3DFC9E174BF22D8BCE1BE63 ] napagent        C:\Windows\system32\qagentRT.dll
21:45:35.0215 0x17e8  napagent - ok
21:45:35.0688 0x17e8  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:45:35.0745 0x17e8  NativeWifiP - ok
21:45:35.0791 0x17e8  [ 23759D175A0A9BAAF04D05047BC135A8, 2C8C553B4E1ED3A644F619F16BCEDD5A3C6D74A17E6E75A3E740E06B1D636348 ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:45:35.0816 0x17e8  NDIS - ok
21:45:35.0862 0x17e8  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:45:35.0885 0x17e8  NdisCap - ok
21:45:35.0914 0x17e8  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:45:35.0941 0x17e8  NdisTapi - ok
21:45:35.0979 0x17e8  [ B30AE7F2B6D7E343B0DF32E6C08FCE75, 39BBBF7AF886732CB9ED3E6C06DA4318554089F3BEA74C74328FE1C6EF68E70B ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:45:36.0003 0x17e8  Ndisuio - ok
21:45:36.0037 0x17e8  [ 267C415EADCBE53C9CA873DEE39CF3A4, BAA8626BDA7B68176B19A99FBBD40FB2A774C8F44B56F9FFB99A1F5C16A1C555 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:45:36.0074 0x17e8  NdisWan - ok
21:45:36.0123 0x17e8  [ AF7E7C63DCEF3F8772726F86039D6EB4, 1CFDED48E8844138864786DBF9D5519162A6DB28F885A781934E8AFBD52EAC50 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:45:36.0149 0x17e8  NDProxy - ok
21:45:36.0191 0x17e8  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:45:36.0215 0x17e8  NetBIOS - ok
21:45:36.0248 0x17e8  [ DD52A733BF4CA5AF84562A5E2F963B91, 5CEB9664CED3D120F5408A12035748728710D41090A289CF66023CED4C838A1F ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:45:36.0274 0x17e8  NetBT - ok
21:45:36.0316 0x17e8  [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] Netlogon        C:\Windows\system32\lsass.exe
21:45:36.0328 0x17e8  Netlogon - ok
21:45:36.0379 0x17e8  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
21:45:36.0426 0x17e8  Netman - ok
21:45:36.0486 0x17e8  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:45:36.0525 0x17e8  NetMsmqActivator - ok
21:45:36.0536 0x17e8  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:45:36.0545 0x17e8  NetPipeActivator - ok
21:45:36.0573 0x17e8  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
21:45:36.0605 0x17e8  netprofm - ok
21:45:36.0612 0x17e8  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:45:36.0621 0x17e8  NetTcpActivator - ok
21:45:36.0626 0x17e8  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:45:36.0646 0x17e8  NetTcpPortSharing - ok
21:45:36.0696 0x17e8  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
21:45:36.0705 0x17e8  nfrd960 - ok
21:45:36.0765 0x17e8  [ 2226496E34BD40734946A054B1CD657F, 98392D98C9213822268971432BB55047ABD8B4EBD42483FA69BF50FB8FAD64A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:45:36.0808 0x17e8  NlaSvc - ok
21:45:36.0833 0x17e8  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:45:36.0858 0x17e8  Npfs - ok
21:45:36.0905 0x17e8  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
21:45:36.0935 0x17e8  nsi - ok
21:45:36.0939 0x17e8  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:45:36.0962 0x17e8  nsiproxy - ok
21:45:37.0022 0x17e8  [ 3795DCD21F740EE799FB7223234215AF, B03DBFD33B201134473D23038E0BD86CFE64556754BF4EBA42C10B67AEECAEA6 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:45:37.0086 0x17e8  Ntfs - ok
21:45:37.0105 0x17e8  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
21:45:37.0130 0x17e8  Null - ok
21:45:37.0497 0x17e8  [ 50199B0578F7A4ADD5E16A42946CF34B, D4CB42C4FC42355BE007088FBB60B2B773188AB81FB9111861C0682DBCD79EFD ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:45:37.0876 0x17e8  nvlddmkm - ok
21:45:37.0940 0x17e8  [ 3F3D04B1D08D43C16EA7963954EC768D, BA82C1D3D9F4AA5F1C9729D61D4E06DB961FDF2B1E9B483D29DB308204DF0754 ] nvraid          C:\Windows\system32\DRIVERS\nvraid.sys
21:45:37.0951 0x17e8  nvraid - ok
21:45:38.0032 0x17e8  [ C99F251A5DE63C6F129CF71933ACED0F, 24D48A5F5D699AB0DD4D4435F8F7C6B73A924AEF8F9D1170FD644E26499546A2 ] nvstor          C:\Windows\system32\DRIVERS\nvstor.sys
21:45:38.0044 0x17e8  nvstor - ok
21:45:38.0093 0x17e8  [ 4BD107E339C9955708FA35A96BB8A8A8, 540A2C12B844491F5089CAEDA0EA57DAE03471081866AE1A08C5E65E592F772B ] nvsvc           C:\Windows\system32\nvvsvc.exe
21:45:38.0157 0x17e8  nvsvc - ok
21:45:38.0218 0x17e8  [ B69C2727D16E44AB8B3501E95256F053, 2CB5AAD21701B426B1BCDC30CBA1B46101B34586CBF73A89A0A402ABD558F400 ] NVWMI           C:\Windows\system32\nvwmi.exe
21:45:38.0302 0x17e8  NVWMI - ok
21:45:38.0320 0x17e8  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys
21:45:38.0332 0x17e8  nv_agp - ok
21:45:38.0407 0x17e8  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
21:45:38.0438 0x17e8  ohci1394 - ok
21:45:38.0527 0x17e8  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:45:38.0563 0x17e8  p2pimsvc - ok
21:45:38.0617 0x17e8  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
21:45:38.0655 0x17e8  p2psvc - ok
21:45:38.0685 0x17e8  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
21:45:38.0702 0x17e8  Parport - ok
21:45:38.0714 0x17e8  [ FF4218952B51DE44FE910953A3E686B9, 871E4F8300AFE2AE770B8F00C12911A08D8BBD8E07C37A11AFF67CA92607A602 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:45:38.0724 0x17e8  partmgr - ok
21:45:38.0735 0x17e8  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
21:45:38.0768 0x17e8  Parvdm - ok
21:45:38.0794 0x17e8  [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:45:38.0817 0x17e8  PcaSvc - ok
21:45:38.0832 0x17e8  [ C858CB77C577780ECC456A892E7E7D0F, 21AE545B736739DE5A7B02CF227516BA6D02B1AAAECD8CC516CCF9F1FD710BCF ] pci             C:\Windows\system32\DRIVERS\pci.sys
21:45:38.0844 0x17e8  pci - ok
21:45:38.0875 0x17e8  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
21:45:38.0903 0x17e8  pciide - ok
21:45:38.0921 0x17e8  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
21:45:38.0949 0x17e8  pcmcia - ok
21:45:38.0962 0x17e8  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:45:38.0972 0x17e8  pcw - ok
21:45:39.0038 0x17e8  [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:45:39.0112 0x17e8  PEAUTH - ok
21:45:39.0166 0x17e8  [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
21:45:39.0309 0x17e8  PeerDistSvc - ok
21:45:39.0405 0x17e8  [ 9C1BFF7910C89A1D12E57343475840CB, 62E00E1278BD263B2AC8CB803C31F2818C54DB143C49470FAD07731E04BD2DE3 ] pla             C:\Windows\system32\pla.dll
21:45:39.0468 0x17e8  pla - ok
21:45:39.0519 0x17e8  [ 2CC2008F1296968FBA162ED9F9AFE328, 670E2BE4EB8210C9D6AEA635DFA20E390936762A22B2BB413BF9C7AF418150D6 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:45:39.0569 0x17e8  PlugPlay - ok
21:45:39.0597 0x17e8  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:45:39.0610 0x17e8  PNRPAutoReg - ok
21:45:39.0661 0x17e8  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:45:39.0680 0x17e8  PNRPsvc - ok
21:45:39.0732 0x17e8  [ 48E1B75C6DC0232FD92BAAE4BD344721, 5BA4EB5A60725836D8085EABF87F51160BA57E318A0C4378410217911A393CE7 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:45:39.0768 0x17e8  PolicyAgent - ok
21:45:40.0121 0x17e8  [ DBFF83F709A91049621C1D35DD45C92C, 0A722A44F431CAB5EA77FF5F25EB6975C2111B605564FF9FB59751067E7CD3A7 ] Power           C:\Windows\system32\umpo.dll
21:45:40.0152 0x17e8  Power - ok
21:45:40.0261 0x17e8  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:45:40.0286 0x17e8  PptpMiniport - ok
21:45:40.0302 0x17e8  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
21:45:40.0331 0x17e8  Processor - ok
21:45:40.0370 0x17e8  [ 630CF26F0227498B7D5A92B12548960F, 7B6E2A3C398DF2E8F63C03ED5B59BB8DA47D5C1ACA9F37438F71F35633ACD6CD ] ProfSvc         C:\Windows\system32\profsvc.dll
21:45:40.0412 0x17e8  ProfSvc - ok
21:45:40.0431 0x17e8  [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:45:40.0445 0x17e8  ProtectedStorage - ok
21:45:40.0497 0x17e8  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:45:40.0527 0x17e8  Psched - ok
21:45:40.0602 0x17e8  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
21:45:40.0658 0x17e8  ql2300 - ok
21:45:40.0686 0x17e8  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
21:45:40.0697 0x17e8  ql40xx - ok
21:45:40.0738 0x17e8  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
21:45:40.0770 0x17e8  QWAVE - ok
21:45:40.0797 0x17e8  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:45:40.0811 0x17e8  QWAVEdrv - ok
21:45:40.0835 0x17e8  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:45:40.0880 0x17e8  RasAcd - ok
21:45:40.0908 0x17e8  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:45:40.0958 0x17e8  RasAgileVpn - ok
21:45:40.0986 0x17e8  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
21:45:41.0014 0x17e8  RasAuto - ok
21:45:41.0028 0x17e8  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:45:41.0072 0x17e8  Rasl2tp - ok
21:45:41.0106 0x17e8  [ 0CE66EC736B7FC526D78F7624C7D2A94, D70B45AA413691CF84B24E966EBA1689955E54BDDA206380CAB7CD50F56D5CEB ] RasMan          C:\Windows\System32\rasmans.dll
21:45:41.0135 0x17e8  RasMan - ok
21:45:41.0174 0x17e8  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:45:41.0218 0x17e8  RasPppoe - ok
21:45:41.0255 0x17e8  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:45:41.0290 0x17e8  RasSstp - ok
21:45:41.0326 0x17e8  [ 835D7E81BF517A3B72384BDCC85E1CE6, DC855AF17150C1B27926293115C01B5E1FD00FABCE18AFAEAB3DC68BDE4C908B ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:45:41.0355 0x17e8  rdbss - ok
21:45:41.0414 0x17e8  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
21:45:41.0483 0x17e8  rdpbus - ok
21:45:41.0521 0x17e8  [ 1E016846895B15A99F9A176A05029075, 78AE674B6E7D3A69099B24AC07E06563A4C867F9DCD8548E4DAAE6FC5ACA4E29 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:45:41.0546 0x17e8  RDPCDD - ok
21:45:41.0590 0x17e8  [ C5FF95883FFEF704D50C40D21CFB3AB5, 26CC53DDE126A6BD99F606695F063BB7FDC4BBABB9F75F7AD7A84B58C837EEAA ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
21:45:41.0646 0x17e8  RDPDR - ok
21:45:41.0686 0x17e8  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:45:41.0707 0x17e8  RDPENCDD - ok
21:45:41.0744 0x17e8  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:45:41.0767 0x17e8  RDPREFMP - ok
21:45:41.0800 0x17e8  [ 801371BA9782282892D00AADB08EE367, 884DDC24B8400E76F65F54C249053333AD29543224F9EC156C64A6BDF584DDCD ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:45:41.0829 0x17e8  RDPWD - ok
21:45:41.0877 0x17e8  [ 4EA225BF1CF05E158853F30A99CA29A7, F211480F13E2FE36C31110AE67ABE74E9D572D3A36BEEDE29E14ECBD8C246878 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:45:41.0890 0x17e8  rdyboost - ok
21:45:41.0937 0x17e8  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:45:41.0990 0x17e8  RemoteAccess - ok
21:45:42.0039 0x17e8  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:45:42.0128 0x17e8  RemoteRegistry - ok
21:45:42.0156 0x17e8  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:45:42.0190 0x17e8  RpcEptMapper - ok
21:45:42.0210 0x17e8  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
21:45:42.0224 0x17e8  RpcLocator - ok
21:45:42.0255 0x17e8  [ 7B8559A747EC3D652EB1ED0216978893, 27C20E05CCAB25E4F320F60855C62B28E43FA3566CF480A7F29A8C6DDCC26986 ] RpcSs           C:\Windows\system32\rpcss.dll
21:45:42.0272 0x17e8  RpcSs - detected Trojan.Win32.Patched.pj ( 0 )
21:45:42.0272 0x17e8  RpcSs ( Trojan.Win32.Patched.pj ) - infected
21:45:42.0272 0x17e8  Force sending object to P2P due to detect: RpcSs
21:45:45.0027 0x17e8  Object send P2P result: true
21:45:47.0575 0x17e8  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:45:47.0630 0x17e8  rspndr - ok
21:45:47.0672 0x17e8  [ 5423D8437051E89DD34749F242C98648, 28FD190E13676B0FD452A73C3069B72206E2938DB2240BAA9BDB56687C748A2B ] s3cap           C:\Windows\system32\DRIVERS\vms3cap.sys
21:45:47.0696 0x17e8  s3cap - ok
21:45:47.0710 0x17e8  [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] SamSs           C:\Windows\system32\lsass.exe
21:45:47.0721 0x17e8  SamSs - ok
21:45:47.0759 0x17e8  [ 34EE0C44B724E3E4CE2EFF29126DE5B5, D27AAF77CB8830893558A600E19CDBF9A6AA7D69DE4B34F317ED4AFD38E8CAFB ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
21:45:47.0771 0x17e8  sbp2port - ok
21:45:47.0806 0x17e8  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:45:47.0848 0x17e8  SCardSvr - ok
21:45:47.0896 0x17e8  [ A95C54B2AC3CC9C73FCDF9E51A1D6B51, 8C0189A6AF9AEC46CBA4DA422C52B2D3E4858B2F2658DB6CA7996B5F368D2503 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:45:47.0942 0x17e8  scfilter - ok
21:45:48.0017 0x17e8  [ 3E8B0C453E25613A1F59762A5C42AA75, 86801C49664441A08F7E95031E52AD2518D61CCB945A857A18F0714351A8158C ] Schedule        C:\Windows\system32\schedsvc.dll
21:45:48.0088 0x17e8  Schedule - ok
21:45:48.0112 0x17e8  [ 628A9E30EC5E18DD5DE6BE4DBDC12198, DDA43DCCB195440D6BD5752BD00D984F45BD6D23DBE2A656C33E3CD1E5D17AD7 ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:45:48.0136 0x17e8  SCPolicySvc - ok
21:45:48.0151 0x17e8  [ 5FD90ABDBFAEE85986802622CBB03446, 0A8D9DC09C2ACA9EAABED04737E9EBF6EFB92BB2B9E5F37F10BFDF47CBF7DEDB ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:45:48.0180 0x17e8  SDRSVC - ok
21:45:48.0248 0x17e8  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:45:48.0287 0x17e8  secdrv - ok
21:45:48.0318 0x17e8  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
21:45:48.0374 0x17e8  seclogon - ok
21:45:48.0403 0x17e8  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
21:45:48.0452 0x17e8  SENS - ok
21:45:48.0506 0x17e8  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:45:48.0564 0x17e8  SensrSvc - ok
21:45:48.0580 0x17e8  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
21:45:48.0592 0x17e8  Serenum - ok
21:45:48.0610 0x17e8  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
21:45:48.0648 0x17e8  Serial - ok
21:45:48.0675 0x17e8  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
21:45:48.0714 0x17e8  sermouse - ok
21:45:48.0738 0x17e8  [ 8F55CE568C543D5ADF45C409D16718FC, 64D45854A91B656C1AF36EB272FDC54E9B5FB0200CB93E20F7D997DDA109EF7F ] SessionEnv      C:\Windows\system32\sessenv.dll
21:45:48.0784 0x17e8  SessionEnv - ok
21:45:48.0804 0x17e8  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
21:45:48.0840 0x17e8  sffdisk - ok
21:45:48.0861 0x17e8  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys
21:45:48.0894 0x17e8  sffp_mmc - ok
21:45:48.0921 0x17e8  [ 4F1E5B0FE7C8050668DBFADE8999AEFB, E36DAACC3D11F004808A3F44C471BBFDC2F33411D9F5C18B55B0DB2A6DA6E74C ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
21:45:48.0941 0x17e8  sffp_sd - ok
21:45:48.0957 0x17e8  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
21:45:48.0993 0x17e8  sfloppy - ok
21:45:49.0046 0x17e8  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:45:49.0078 0x17e8  SharedAccess - ok
21:45:49.0099 0x17e8  [ CD2E48FA5B29EE2B3B5858056D246EF2, B743F92D0121CF3D827753C85F1F5A14C2DAA1CAFD42C7810C3BECB853DB6175 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:45:49.0146 0x17e8  ShellHWDetection - ok
21:45:49.0169 0x17e8  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\DRIVERS\sisagp.sys
21:45:49.0179 0x17e8  sisagp - ok
21:45:49.0221 0x17e8  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:45:49.0232 0x17e8  SiSRaid2 - ok
21:45:49.0243 0x17e8  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
21:45:49.0253 0x17e8  SiSRaid4 - ok
21:45:49.0312 0x17e8  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
21:45:49.0325 0x17e8  SkypeUpdate - ok
21:45:49.0365 0x17e8  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:45:49.0417 0x17e8  Smb - ok
21:45:49.0464 0x17e8  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:45:49.0482 0x17e8  SNMPTRAP - ok
21:45:49.0494 0x17e8  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:45:49.0505 0x17e8  spldr - ok
21:45:49.0553 0x17e8  [ 49B6DD6AB3715B7A67965F17194E98A9, 331D69F3630BA978AC13471A2E7465351D04416343A595C62B94BADFFCD02B3A ] Spooler         C:\Windows\System32\spoolsv.exe
21:45:49.0576 0x17e8  Spooler - ok
21:45:49.0791 0x17e8  [ 4C287F9069FEDBD791178876EE9DE536, 6099E76FF6FBA002EBA2BA7BE4E3238D91332E077524D1DD402E0C9ADA22E852 ] sppsvc          C:\Windows\system32\sppsvc.exe
21:45:49.0942 0x17e8  sppsvc - ok
21:45:49.0972 0x17e8  [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7, E7A8A5774C62DC12B56DC3E0A385ACA9069F3A5E6AC664AD0C383EF44DCF81B3 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:45:50.0000 0x17e8  sppuinotify - ok
21:45:50.0046 0x17e8  [ 2BA4EBC7DFBA845A1EDBE1F75913BE33, 58D0B957469D55026A53C3963508C8B36BDB360A0A5B870332B79A39200DB3AC ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:45:50.0075 0x17e8  srv - ok
21:45:50.0094 0x17e8  [ DCE7E10FEAABD4CAE95948B3DE5340BB, B1E9CD14DC24BB161EFC83D83CE95D0A98008AD790041785C6C8B87564A491D7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:45:50.0125 0x17e8  srv2 - ok
21:45:50.0143 0x17e8  [ B5665BAA2120B8A54E22E9CD07C05106, 86E50853D412ACDC752AD182ED52B49DD679D75843E1E9D6A6425E750594692C ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:45:50.0168 0x17e8  srvnet - ok
21:45:50.0214 0x17e8  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:45:50.0248 0x17e8  SSDPSRV - ok
21:45:50.0272 0x17e8  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:45:50.0302 0x17e8  SstpSvc - ok
21:45:50.0431 0x17e8  [ 49D9C17FDDFAC66F27FA735E94923216, 18C8FE5B794927989CDD3BB7A5500C73CCC23559470EEB37D42FD9AD04098C0D ] Stereo Service  C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
21:45:50.0451 0x17e8  Stereo Service - ok
21:45:50.0508 0x17e8  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
21:45:50.0517 0x17e8  stexstor - ok
21:45:50.0574 0x17e8  [ A22825E7BB7018E8AF3E229A5AF17221, 5C97557F8BC6ABBB5BE624AE41AAC22C3D845F76C3E930337A4C07B2381086D7 ] StiSvc          C:\Windows\System32\wiaservc.dll
21:45:50.0606 0x17e8  StiSvc - ok
21:45:50.0644 0x17e8  [ 957E346CA948668F2496A6CCF6FF82CC, 5C0E0F0E0F2D36E3213885C60BC3B075AFD2257FEB4B8186FC1FE253E0C218AF ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
21:45:50.0654 0x17e8  storflt - ok
21:45:50.0697 0x17e8  [ D5751969DC3E4B88BF482AC8EC9FE019, DAEB50C0045364C75965B0E94744C6E2E1E85C8D00F1E8A5593F3EC780BDD7D9 ] storvsc         C:\Windows\system32\DRIVERS\storvsc.sys
21:45:50.0713 0x17e8  storvsc - ok
21:45:50.0739 0x17e8  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
21:45:50.0752 0x17e8  swenum - ok
21:45:50.0803 0x17e8  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
21:45:50.0844 0x17e8  swprv - ok
21:45:50.0908 0x17e8  [ 04105C8DA62353589C29BDAEB8D88BD8, CC7A3A779A143E09FE5C0AA6795A7B13496C4E121347949CB23F7946EE5E2DED ] SysMain         C:\Windows\system32\sysmain.dll
21:45:51.0001 0x17e8  SysMain - ok
21:45:51.0022 0x17e8  [ FCFB6C552FBC0DA299799CBD50AD9FD4, A2A90829087B1A7F9B57D6F184EB4AE38D10B2986B0DC8D2ACA5EE9412CA3976 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:45:51.0043 0x17e8  TabletInputService - ok
21:45:51.0064 0x17e8  [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF, FF66CBA014F3F8B721088F5AB3D004C1711E7F587CC8D4AC3DCFB45CDB746800 ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:45:51.0113 0x17e8  TapiSrv - ok
21:45:51.0126 0x17e8  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
21:45:51.0153 0x17e8  TBS - ok
21:45:51.0275 0x17e8  [ 2CC3D75488ABD3EC628BBB9A4FC84EFC, 62917CDBC6529D1CC3D7F6E211C717DC44033955749333DCBD052F9BF6639767 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:45:51.0334 0x17e8  Tcpip - ok
21:45:51.0407 0x17e8  [ 2CC3D75488ABD3EC628BBB9A4FC84EFC, 62917CDBC6529D1CC3D7F6E211C717DC44033955749333DCBD052F9BF6639767 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:45:51.0440 0x17e8  TCPIP6 - ok
21:45:51.0490 0x17e8  [ E64444523ADD154F86567C469BC0B17F, FBE8A1DC28C102068183754F6BF0D03F5D18FD24BEB7E4B57D1CFCEBB13B381F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:45:51.0550 0x17e8  tcpipreg - ok
21:45:51.0571 0x17e8  [ 1875C1490D99E70E449E3AFAE9FCBADF, FFDF03826DAB748D51B53B648B632E79B3CD6238F684FDEA749B4D0F93BE5A77 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:45:51.0596 0x17e8  TDPIPE - ok
21:45:51.0640 0x17e8  [ 7551E91EA999EE9A8E9C331D5A9C31F3, C98C97DFD6C7276CD999545A7BC67B56E1BDDFB2886412E9198012322F95A10D ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:45:51.0663 0x17e8  TDTCP - ok
21:45:51.0680 0x17e8  [ CB39E896A2A83702D1737BFD402B3542, FA77D98EA3606CA2FCEF0E0949FDE2C32A080B47CAFDE46CE903CA3CBFC5DF35 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:45:51.0705 0x17e8  tdx - ok
21:45:51.0729 0x17e8  [ C36F41EE20E6999DBF4B0425963268A5, 9DB789A17DF2C283D6E803EEA15F2BDFC56EE3BE342A5606DD5C179C3550ECA6 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
21:45:51.0739 0x17e8  TermDD - ok
21:45:51.0768 0x17e8  [ A01E50A04D7B1960B33E92B9080E6A94, 0512BF11F2FD62BDBD2B1AA34D509BE82AC374C37B925C8C0ED119C6331930FD ] TermService     C:\Windows\System32\termsrv.dll
21:45:51.0856 0x17e8  TermService - ok
21:45:51.0877 0x17e8  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
21:45:51.0927 0x17e8  Themes - ok
21:45:51.0974 0x17e8  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
21:45:52.0036 0x17e8  THREADORDER - ok
21:45:52.0075 0x17e8  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
21:45:52.0121 0x17e8  TrkWks - ok
21:45:52.0184 0x17e8  [ 41A4C781D2286208D397D72099304133, 447CAAD5589AA499EEE49FBA2CB53210359DB76AFF1DF2F0BD4D92A397037C1D ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:45:52.0206 0x17e8  TrustedInstaller - ok
21:45:52.0224 0x17e8  [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242, 9606DACB8CBDAF520282BE8C8F064535767405F138D9E9A215D2C59183E93CC1 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:45:52.0248 0x17e8  tssecsrv - ok
21:45:52.0294 0x17e8  [ 3E461D890A97F9D4C168F5FDA36E1D00, 82A8778F404F7AC5102802CF46F279F1E58AC74244665D06FD0C68A8BD887536 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:45:52.0318 0x17e8  tunnel - ok
21:45:52.0352 0x17e8  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
21:45:52.0362 0x17e8  uagp35 - ok
21:45:52.0381 0x17e8  [ 09CC3E16F8E5EE7168E01CF8FCBE061A, 81EEAC72A7C4D72666C743DEFF8096FDB465AA1FA8076C60D19CC192846F01CA ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:45:52.0411 0x17e8  udfs - ok
21:45:52.0438 0x17e8  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:45:52.0453 0x17e8  UI0Detect - ok
21:45:52.0466 0x17e8  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys
21:45:52.0476 0x17e8  uliagpkx - ok
21:45:52.0514 0x17e8  [ 049B3A50B3D646BAEEEE9EEC9B0668DC, 5774438BBD0976424C20559E14BA2AC158D9FF5D4E1FDC1C9C9F4D7A5CE8C377 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
21:45:52.0532 0x17e8  umbus - ok
21:45:52.0577 0x17e8  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
21:45:52.0590 0x17e8  UmPass - ok
21:45:52.0640 0x17e8  [ 8ECACA5454844F66386F7BE4AE0D7CD1, F3B02A9F598C6A9EFA019F5833959DD1A86FDFDB9FDDF99A8687BBB6211AAD00 ] UmRdpService    C:\Windows\System32\umrdp.dll
21:45:52.0665 0x17e8  UmRdpService - ok
21:45:52.0686 0x17e8  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
21:45:52.0716 0x17e8  upnphost - ok
21:45:52.0754 0x17e8  [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
21:45:52.0779 0x17e8  USBAAPL - ok
21:45:52.0830 0x17e8  [ 2436A42AAB4AD48A9B714E5B0F344627, A4DE6863BEFDC8DE7C43644F60CFD4182BE300B1EF4F3F86647218C32F745789 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
21:45:52.0860 0x17e8  usbaudio - ok
21:45:52.0909 0x17e8  [ 8455C4ED038EFD09E99327F9D2D48FFA, D166F98EA3D85F7DD6B5258949C186714A17EF89B6FDC9804165F7B4FA811C30 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:45:52.0926 0x17e8  usbccgp - ok
21:45:52.0969 0x17e8  [ 04EC7CEC62EC3B6D9354EEE93327FC82, 6CB41D8644618A5F701F6CA91FB65BB94AA83EA48992133B5262DC539B334B2E ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
21:45:52.0984 0x17e8  usbcir - ok
21:45:53.0000 0x17e8  [ 1C333BFD60F2FED2C7AD5DAF533CB742, 97AE9CA39482B886FCD063E80B8AB153E1FC1459452657393D8B1745EF69E1C3 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
21:45:53.0038 0x17e8  usbehci - ok
21:45:53.0070 0x17e8  [ EE6EF93CCFA94FAE8C6AB298273D8AE2, CBEE16CEAD02E994F0C2AD77DD8C01CB9964C6B42DE49FF7A787849CD25767B4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:45:53.0088 0x17e8  usbhub - ok
21:45:53.0100 0x17e8  [ A6FB7957EA7AFB1165991E54CE934B74, 1CE83D9E3276AE380F720C7700A17D58A37A2A77FD72DA69EE0C756B88DB3689 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
21:45:53.0113 0x17e8  usbohci - ok
21:45:53.0126 0x17e8  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
21:45:53.0160 0x17e8  usbprint - ok
21:45:53.0182 0x17e8  [ D8889D56E0D27E57ED4591837FE71D27, DB1B65EEBFB036086EC3347C1181D9D01FF65870EAEC4A1BA08AF43C35075647 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:45:53.0218 0x17e8  USBSTOR - ok
21:45:53.0240 0x17e8  [ 78780C3EBCE17405B1CCD07A3A8A7D72, FBFF3111E22EE0B4BCAFA81F89AAE985135BFF48EEFD130C09B49CCF8A9946B9 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
21:45:53.0291 0x17e8  usbuhci - ok
21:45:53.0325 0x17e8  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
21:45:53.0368 0x17e8  UxSms - ok
21:45:53.0383 0x17e8  [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] VaultSvc        C:\Windows\system32\lsass.exe
21:45:53.0394 0x17e8  VaultSvc - ok
21:45:53.0442 0x17e8  [ B2ABAB4CA46BAD182E27763DC19C780F, D581C2EAD3CEE2FEE8A1B6B0A4088518E78DC63FF38CB3CABA3F9CDC1367D9A9 ] VCSVADHWSer     C:\Windows\system32\DRIVERS\vcsvad.sys
21:45:53.0461 0x17e8  VCSVADHWSer - ok
21:45:53.0490 0x17e8  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys
21:45:53.0499 0x17e8  vdrvroot - ok
21:45:53.0543 0x17e8  [ 8C4E7C49D3641BC9E299E466A7F8867D, 4F2E742EFE2DE47EE187B3BCDFDCB525FE484B74700A226D7894F9633F957AFA ] vds             C:\Windows\System32\vds.exe
21:45:53.0596 0x17e8  vds - ok
21:45:53.0634 0x17e8  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:45:53.0649 0x17e8  vga - ok
21:45:53.0662 0x17e8  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:45:53.0685 0x17e8  VgaSave - ok
21:45:53.0733 0x17e8  [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583, 33DF8F7C9A3176175113CA10D69FAF17A5412C055943F14DDC9923531FADB82D ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
21:45:53.0747 0x17e8  vhdmp - ok
21:45:53.0785 0x17e8  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\DRIVERS\viaagp.sys
21:45:53.0795 0x17e8  viaagp - ok
21:45:53.0834 0x17e8  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
21:45:53.0868 0x17e8  ViaC7 - ok
21:45:53.0887 0x17e8  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\DRIVERS\viaide.sys
21:45:53.0896 0x17e8  viaide - ok
21:45:53.0937 0x17e8  [ 379B349F65F453D2A6E75EA6B7448E49, F52B1B3AE9F5D38B45C889A7B1EBE59533C17E73678D355D1466B5EF3338BF16 ] vmbus           C:\Windows\system32\DRIVERS\vmbus.sys
21:45:53.0949 0x17e8  vmbus - ok
21:45:53.0964 0x17e8  [ EC2BBAB4B84D0738C6C83D2234DC36FE, 8BA2FA187DAC6994D5A29897AE5F46E6424FB53C827553E0BB148E31825D6676 ] VMBusHID        C:\Windows\system32\DRIVERS\VMBusHID.sys
21:45:54.0010 0x17e8  VMBusHID - ok
21:45:54.0021 0x17e8  [ 384E5A2AA49934295171E499F86BA6F3, C79271F98506392422325C075144F45436F9979FE1E002B57F9426F3DA96CEF0 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys
21:45:54.0030 0x17e8  volmgr - ok
21:45:54.0051 0x17e8  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:45:54.0069 0x17e8  volmgrx - ok
21:45:54.0139 0x17e8  [ 58DF9D2481A56EDDE167E51B334D44FD, C77D7BE83CF1C0DEC80429C5A519E794FD2E8C1E6DAD6F5C92B5EB5694CEB8EA ] volsnap         C:\Windows\system32\DRIVERS\volsnap.sys
21:45:54.0180 0x17e8  volsnap - ok
21:45:54.0232 0x17e8  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
21:45:54.0243 0x17e8  vsmraid - ok
21:45:54.0300 0x17e8  [ 7EA2BCD94D9CFAF4C556F5CC94532A6C, 7CD6637BE0A08E3B0F9991D79751DCA8AEC9224B83301821DAA29C9F42B7A9E3 ] VSS             C:\Windows\system32\vssvc.exe
21:45:54.0339 0x17e8  VSS - ok
21:45:54.0350 0x17e8  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
21:45:54.0363 0x17e8  vwifibus - ok
21:45:54.0404 0x17e8  [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
21:45:54.0437 0x17e8  vwififlt - ok
21:45:54.0493 0x17e8  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
21:45:54.0526 0x17e8  W32Time - ok
21:45:54.0551 0x17e8  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
21:45:54.0563 0x17e8  WacomPen - ok
21:45:54.0607 0x17e8  [ 692A712062146E96D28BA0B7D75DE31B, B6D260272330E0C8EBFAD8F09212F48F1EFED42E6BD3F29A5780D0B691D55B34 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:45:54.0631 0x17e8  WANARP - ok
21:45:54.0635 0x17e8  [ 692A712062146E96D28BA0B7D75DE31B, B6D260272330E0C8EBFAD8F09212F48F1EFED42E6BD3F29A5780D0B691D55B34 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:45:54.0658 0x17e8  Wanarpv6 - ok
21:45:54.0727 0x17e8  [ 7790B77FE1E5EE47DCC66247095BB4C9, FFB541F83CDE32E65007D41217C2F46CDDF68121E2846B638EAB620ACA940B05 ] wbengine        C:\Windows\system32\wbengine.exe
21:45:54.0795 0x17e8  wbengine - ok
21:45:54.0818 0x17e8  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:45:54.0838 0x17e8  WbioSrvc - ok
21:45:54.0870 0x17e8  [ D0F88AA11EE1A62BCC6D6A8A7783CA11, 3DBC1806E6F8CD58A9E93EA2A0CDC83C1A90E37B5E385209E4D9A0C81922F447 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:45:54.0913 0x17e8  wcncsvc - ok
21:45:54.0961 0x17e8  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:45:54.0987 0x17e8  WcsPlugInService - ok
21:45:55.0003 0x17e8  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
21:45:55.0012 0x17e8  Wd - ok
21:45:55.0036 0x17e8  [ 9950E3D0F08141C7E89E64456AE7DC73, DE4B96812B305A63F5874BBF2DC40354FB45B3D96C1D33436E677099760BA448 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:45:55.0053 0x17e8  Wdf01000 - ok
21:45:55.0082 0x17e8  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:45:55.0111 0x17e8  WdiServiceHost - ok
21:45:55.0119 0x17e8  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:45:55.0143 0x17e8  WdiSystemHost - ok
21:45:55.0170 0x17e8  [ D87C7D2C517F82A5AB7A73E203063D9E, 8861AB4ECEDAE801008BE0406FCB19418AA2864E89D0776B94E25773E6DB5E88 ] WebClient       C:\Windows\System32\webclnt.dll
21:45:55.0190 0x17e8  WebClient - ok
21:45:55.0206 0x17e8  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:45:55.0241 0x17e8  Wecsvc - ok
21:45:55.0274 0x17e8  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:45:55.0313 0x17e8  wercplsupport - ok
21:45:55.0360 0x17e8  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
21:45:55.0385 0x17e8  WerSvc - ok
21:45:55.0437 0x17e8  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:45:55.0459 0x17e8  WfpLwf - ok
21:45:55.0492 0x17e8  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:45:55.0507 0x17e8  WIMMount - ok
21:45:55.0706 0x17e8  [ 3FAE8F94296001C32EAB62CD7D82E0FD, 180FAECC426CF8F46700C855022E5865D528B1A20686F96D11080AB2FE2E0430 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
21:45:55.0776 0x17e8  WinDefend - ok
21:45:55.0784 0x17e8  WinHttpAutoProxySvc - ok
21:45:55.0885 0x17e8  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:45:55.0936 0x17e8  Winmgmt - ok
21:45:56.0020 0x17e8  [ C4F5D3901D1B41D602DDC196E0B95B51, 20FF2A9DEE3ECBFB163DFA62A407E30ED49F609EF46936F286C2A08A24EA3E7C ] WinRM           C:\Windows\system32\WsmSvc.dll
21:45:56.0117 0x17e8  WinRM - ok
21:45:56.0176 0x17e8  [ 30FC6E5448D0CBAAA95280EEEF7FEDAE, 04374450882504D9031951F4E9317E5A128EBA5A22A3555ACD28BC742861AF9C ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
21:45:56.0192 0x17e8  WinUsb - ok
21:45:56.0242 0x17e8  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:45:56.0293 0x17e8  Wlansvc - ok
21:45:56.0565 0x17e8  [ 5E7C103F8475C4289847D15E129C20F7, C6325D3557545FA1DA26B0B1EA9A1C95AED1FA84A93BE29A771DAD9ECB00768B ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:45:56.0652 0x17e8  wlidsvc - ok
21:45:56.0667 0x17e8  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
21:45:56.0703 0x17e8  WmiAcpi - ok
21:45:56.0743 0x17e8  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:45:56.0768 0x17e8  wmiApSrv - ok
21:45:56.0825 0x17e8  [ 77FBD400984CF72BA0FC4B3489D65F74, 9AA404F17177FEB43A9EA1A86061B452E7C4A93C873E61B68269047519CD433E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
21:45:56.0914 0x17e8  WMPNetworkSvc - ok
21:45:56.0945 0x17e8  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:45:57.0011 0x17e8  WPCSvc - ok
21:45:57.0046 0x17e8  [ B7F658A2EBC07129538AD9AB35212637, 86774A760189E4B126C972A778F890C00C1C30EDD28044DD43B40644A8778B4D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:45:57.0165 0x17e8  WPDBusEnum - ok
21:45:57.0251 0x17e8  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:45:57.0299 0x17e8  ws2ifsl - ok
21:45:57.0334 0x17e8  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
21:45:57.0357 0x17e8  wscsvc - ok
21:45:57.0360 0x17e8  WSearch - ok
21:45:57.0455 0x17e8  [ A33408CC036F9C08142B11BE5E93F0A1, A6CE3681EE4DE3C9A8B8B5DA4E8E46DB4443A32D1339F7D0893F1F2153635D86 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:45:57.0560 0x17e8  wuauserv - ok
21:45:57.0579 0x17e8  [ 6F9B6C0C93232CFF47D0F72D6DB1D21E, C685A458951820ED0F09E6197251CE6FC55AAB75D4FBEFF2992805309239A47A ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:45:57.0604 0x17e8  WudfPf - ok
21:45:57.0648 0x17e8  [ F91FF1E51FCA30B3C3981DB7D5924252, D7052B58F22638CA8B59C6FD7408D6D6DD1C33910912CACC05C133472CE0DDCE ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:45:57.0695 0x17e8  WUDFRd - ok
21:45:57.0826 0x17e8  [ DDEE3682FE97037C45F4D7AB467CB8B6, D5A8F07AF4EDD9D7E17FEC6222D187E2981C177A479511E407756E0E5CB8D387 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:45:57.0853 0x17e8  wudfsvc - ok
21:45:57.0929 0x17e8  [ FF2D745B560F7C71B31F30F4D49F73D2, B2FBF7E5F58E34AC64FE6CF65800F1F07939279203BDE89375FAC92B884A4F37 ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:45:57.0971 0x17e8  WwanSvc - ok
21:45:58.0002 0x17e8  ================ Scan global ===============================
21:45:58.0033 0x17e8  [ 9A595DF601070DA78C40481120DD2C06, 4C2D6216F212DE9346339ED29152962A39E4435E70F18DD655156727E70818F6 ] C:\Windows\system32\basesrv.dll
21:45:58.0078 0x17e8  [ 827E4F75901CA3F990B1487D3301841E, A0B17C83D52DB95EDBA81C6ABD78E5E4E3BB65CB57F977B07172A96D4C2B743B ] C:\Windows\system32\winsrv.dll
21:45:58.0090 0x17e8  [ 827E4F75901CA3F990B1487D3301841E, A0B17C83D52DB95EDBA81C6ABD78E5E4E3BB65CB57F977B07172A96D4C2B743B ] C:\Windows\system32\winsrv.dll
21:45:58.0119 0x17e8  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
21:45:58.0243 0x17e8  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
21:45:58.0248 0x17e8  [ Global ] - ok
21:45:58.0249 0x17e8  ================ Scan MBR ==================================
21:45:58.0256 0x17e8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:45:58.0583 0x17e8  \Device\Harddisk0\DR0 - ok
21:45:58.0603 0x17e8  [ 2CDA0839C249E90E2E67B5C33D8EAAF4 ] \Device\Harddisk1\DR1
21:45:58.0712 0x17e8  \Device\Harddisk1\DR1 - ok
21:45:58.0713 0x17e8  ================ Scan VBR ==================================
21:45:58.0715 0x17e8  [ DEF3A0368C3B14B4DE877BB3A44B478F ] \Device\Harddisk0\DR0\Partition1
21:45:58.0717 0x17e8  \Device\Harddisk0\DR0\Partition1 - ok
21:45:58.0719 0x17e8  [ C9E868FC965F445D50F96BCA47B75277 ] \Device\Harddisk1\DR1\Partition1
21:45:58.0721 0x17e8  \Device\Harddisk1\DR1\Partition1 - ok
21:45:58.0721 0x17e8  ================ Scan generic autorun ======================
21:45:58.0821 0x17e8  [ 21A183353F1EB5FF618C127D38F4A5E2, F514D97A5A88109D813E86E1CAB6144472D2A09C1816CBFB59893B8F7D24D398 ] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe
21:45:58.0905 0x17e8  nwiz - ok
21:45:58.0960 0x17e8  [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
21:45:58.0968 0x17e8  APSDaemon - ok
21:45:59.0042 0x17e8  [ BAF535F843A3E790E04A7613811B55BC, 764608E1BC657FBBBB3E0DC5D36F0701CAA9D28BE15E416DF84AD3EFC7EB85D9 ] C:\Program Files\iTunes\iTunesHelper.exe
21:45:59.0051 0x17e8  iTunesHelper - ok
21:45:59.0228 0x17e8  [ BDBF2A7AD6CF18F2A7FBC431692B7B96, 73A91EC0E78773B4138132D5D6D4C8A702116C4BF7D1D986B52BE0070F19E5FC ] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
21:45:59.0248 0x17e8  AdobeAAMUpdater-1.0 - ok
21:45:59.0751 0x17e8  [ C8F0DCA0E032881B6C4422B502194629, 32996D4C0578FA9A12F3BD205F69E5357A31FBD2C9AC47DA2AB8D77196E587B1 ] C:\Program Files\AVG\AVG2014\avgui.exe
21:45:59.0957 0x17e8  AVG_UI - ok
21:46:00.0070 0x17e8  [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files\Windows Sidebar\Sidebar.exe
21:46:00.0174 0x17e8  Sidebar - ok
21:46:00.0223 0x17e8  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
21:46:00.0246 0x17e8  mctadmin - ok
21:46:00.0288 0x17e8  [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files\Windows Sidebar\Sidebar.exe
21:46:00.0346 0x17e8  Sidebar - ok
21:46:00.0354 0x17e8  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
21:46:00.0375 0x17e8  mctadmin - ok
21:46:00.0377 0x17e8  Overwolf - ok
21:46:03.0154 0x17e8  [ 9D4A0ECBF734E2EECDD5B473A2D705FE, F663B8EDA4C75DB6D3E3B68EE938FE43B0C05EF9B09598BFEB147D041D3F6A17 ] C:\Program Files\Skype\Phone\Skype.exe
21:46:03.0829 0x17e8  Skype - ok
21:46:03.0872 0x17e8  Waiting for KSN requests completion. In queue: 143
21:46:04.0872 0x17e8  Waiting for KSN requests completion. In queue: 143
21:46:05.0873 0x17e8  Waiting for KSN requests completion. In queue: 143
21:46:06.0877 0x17e8  AV detected via SS2: AVG AntiVirus 2014, C:\Program Files\AVG\AVG2014\avgwsc.exe ( 14.0.0.4592 ), 0x41000 ( enabled : updated )
21:46:06.0880 0x17e8  Win FW state via NFP2: enabled
21:46:09.0367 0x17e8  ============================================================
21:46:09.0367 0x17e8  Scan finished
21:46:09.0367 0x17e8  ============================================================
21:46:09.0375 0x16d8  Detected object count: 2
21:46:09.0375 0x16d8  Actual detected object count: 2
21:46:29.0282 0x16d8  C:\Windows\system32\rpcss.dll - copied to quarantine
21:46:30.0681 0x16d8  Backup copy found, using it..
21:46:30.0708 0x16d8  C:\Windows\system32\rpcss.dll - will be cured on reboot
21:46:30.0708 0x16d8  DcomLaunch ( Trojan.Win32.Patched.pj ) - User select action: Cure 
21:46:30.0777 0x16d8  C:\Windows\system32\rpcss.dll - copied to quarantine
21:46:30.0979 0x16d8  Backup copy found, using it..
21:46:31.0012 0x16d8  C:\Windows\system32\rpcss.dll - will be cured on reboot
21:46:31.0012 0x16d8  RpcSs ( Trojan.Win32.Patched.pj ) - User select action: Cure 
21:46:32.0068 0x16d8  KLMD registered as C:\Windows\system32\drivers\87118738.sys
21:46:36.0274 0x16e0  Deinitialize success

Edited by Fab1199, 09 June 2014 - 09:55 PM.


#12 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:07:11 AM

Posted 10 June 2014 - 04:03 PM

Please run TDSS killer again and post the log.


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#13 Fab1199

Fab1199
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:11 AM

Posted 10 June 2014 - 06:13 PM

18:10:43.0105 0x179c  TDSS rootkit removing tool 3.0.0.39 Jun  5 2014 20:35:54
18:10:46.0049 0x179c  ============================================================
18:10:46.0049 0x179c  Current date / time: 2014/06/10 18:10:46.0049
18:10:46.0049 0x179c  SystemInfo:
18:10:46.0049 0x179c  
18:10:46.0049 0x179c  OS Version: 6.1.7600 ServicePack: 0.0
18:10:46.0049 0x179c  Product type: Workstation
18:10:46.0049 0x179c  ComputerName: ULTIMATEPC-PC
18:10:46.0049 0x179c  UserName: UltimatePC
18:10:46.0050 0x179c  Windows directory: C:\Windows
18:10:46.0050 0x179c  System windows directory: C:\Windows
18:10:46.0050 0x179c  Processor architecture: Intel x86
18:10:46.0050 0x179c  Number of processors: 4
18:10:46.0050 0x179c  Page size: 0x1000
18:10:46.0050 0x179c  Boot type: Normal boot
18:10:46.0050 0x179c  ============================================================
18:10:49.0210 0x179c  KLMD registered as C:\Windows\system32\drivers\80798114.sys
18:10:49.0720 0x179c  System UUID: {81B21EE3-2A37-8A10-1986-64DA42E75FA8}
18:10:50.0179 0x179c  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:10:53.0953 0x179c  Drive \Device\Harddisk1\DR1 - Size: 0x12A05F2000 ( 74.51 Gb ), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:10:54.0020 0x179c  ============================================================
18:10:54.0020 0x179c  \Device\Harddisk0\DR0:
18:10:54.0043 0x179c  MBR partitions:
18:10:54.0043 0x179c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
18:10:54.0043 0x179c  \Device\Harddisk1\DR1:
18:10:54.0044 0x179c  MBR partitions:
18:10:54.0044 0x179c  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x94FE97E
18:10:54.0044 0x179c  ============================================================
18:10:54.0063 0x179c  C: <-> \Device\Harddisk0\DR0\Partition1
18:10:54.0072 0x179c  D: <-> \Device\Harddisk1\DR1\Partition1
18:10:54.0087 0x179c  ============================================================
18:10:54.0087 0x179c  Initialize success
18:10:54.0087 0x179c  ============================================================
18:11:00.0718 0x0d30  ============================================================
18:11:00.0718 0x0d30  Scan started
18:11:00.0718 0x0d30  Mode: Manual; 
18:11:00.0718 0x0d30  ============================================================
18:11:00.0718 0x0d30  KSN ping started
18:11:14.0791 0x0d30  KSN ping finished: true
18:11:17.0830 0x0d30  ================ Scan system memory ========================
18:11:17.0830 0x0d30  System memory - ok
18:11:17.0830 0x0d30  ================ Scan services =============================
18:11:18.0037 0x0d30  [ 6D2ACA41739BFE8CB86EE8E85F29697D, 74A4F53C8309A8E5E94CDE4D440DD5308566185E6D8D98FD08E70A25BD728C91 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
18:11:18.0042 0x0d30  1394ohci - ok
18:11:18.0098 0x0d30  [ F0E07D144C8685B8774BC32FC8DA4DF0, 39816ED2623CA9ABE2B2EDCDB2F8481634742F00FEEF7E324F34D2BAAD668A67 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
18:11:18.0104 0x0d30  ACPI - ok
18:11:18.0136 0x0d30  [ 98D81CA942D19F7D9153B095162AC013, ACE5C073323176621F3312AA9B1EE1A3382F8CDD590D90DC57B34035FD6BC281 ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys
18:11:18.0137 0x0d30  AcpiPmi - ok
18:11:18.0173 0x0d30  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
18:11:18.0182 0x0d30  adp94xx - ok
18:11:18.0204 0x0d30  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
18:11:18.0213 0x0d30  adpahci - ok
18:11:18.0247 0x0d30  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
18:11:18.0251 0x0d30  adpu320 - ok
18:11:18.0292 0x0d30  [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:11:18.0296 0x0d30  AeLookupSvc - ok
18:11:18.0349 0x0d30  [ DDC040FDB01EF1712A6B13E52AFB104C, BF17E91BBB85A04F1EEF580CD006101332CDE5B876A0D04C6932F30707BB184F ] AFD             C:\Windows\system32\drivers\afd.sys
18:11:18.0357 0x0d30  AFD - ok
18:11:18.0370 0x0d30  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
18:11:18.0373 0x0d30  agp440 - ok
18:11:18.0405 0x0d30  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
18:11:18.0407 0x0d30  aic78xx - ok
18:11:18.0466 0x0d30  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
18:11:18.0469 0x0d30  ALG - ok
18:11:18.0499 0x0d30  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
18:11:18.0501 0x0d30  aliide - ok
18:11:18.0513 0x0d30  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\DRIVERS\amdagp.sys
18:11:18.0516 0x0d30  amdagp - ok
18:11:18.0522 0x0d30  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
18:11:18.0523 0x0d30  amdide - ok
18:11:18.0532 0x0d30  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
18:11:18.0535 0x0d30  AmdK8 - ok
18:11:18.0548 0x0d30  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
18:11:18.0551 0x0d30  AmdPPM - ok
18:11:18.0563 0x0d30  [ 2101A86C25C154F8314B24EF49D7FBC2, E4C1326CF55850793B45B2BFDF361C4E98A07FB13E08BFD6DB50135489700998 ] amdsata         C:\Windows\system32\DRIVERS\amdsata.sys
18:11:18.0566 0x0d30  amdsata - ok
18:11:18.0582 0x0d30  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
18:11:18.0586 0x0d30  amdsbs - ok
18:11:18.0600 0x0d30  [ B81C2B5616F6420A9941EA093A92B150, DA2000C9E06533232F8716A6674BC9DFD5C3AAE1FC46F7A91B8E917DB913F42F ] amdxata         C:\Windows\system32\DRIVERS\amdxata.sys
18:11:18.0602 0x0d30  amdxata - ok
18:11:18.0630 0x0d30  [ FEB834C02CE1E84B6A38F953CA067706, E5A7F8B632ABFBD1283C3D44FB02449814EDB653B204E1720DAA780A6D64FD01 ] AppID           C:\Windows\system32\drivers\appid.sys
18:11:18.0632 0x0d30  AppID - ok
18:11:18.0707 0x0d30  [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:11:18.0710 0x0d30  AppIDSvc - ok
18:11:18.0722 0x0d30  [ 7DEAD9E3F65DCB2794F2711003BBF650, F541C30EEFD1BDB70F361B878B6E51DC728873695DD137148CE531FBACCDA21B ] Appinfo         C:\Windows\System32\appinfo.dll
18:11:18.0725 0x0d30  Appinfo - ok
18:11:19.0042 0x0d30  [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:11:19.0045 0x0d30  Apple Mobile Device - ok
18:11:19.0097 0x0d30  [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt         C:\Windows\System32\appmgmts.dll
18:11:19.0101 0x0d30  AppMgmt - ok
18:11:19.0117 0x0d30  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\DRIVERS\arc.sys
18:11:19.0120 0x0d30  arc - ok
18:11:19.0131 0x0d30  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
18:11:19.0135 0x0d30  arcsas - ok
18:11:19.0229 0x0d30  [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
18:11:19.0257 0x0d30  aspnet_state - ok
18:11:19.0289 0x0d30  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:11:19.0291 0x0d30  AsyncMac - ok
18:11:19.0296 0x0d30  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
18:11:19.0297 0x0d30  atapi - ok
18:11:19.0366 0x0d30  [ 510C873BFA135AA829F4180352772734, BC528D840EB338B0C5D11801C63D8EADD40AF8043DC77ACB4B42E8D20767538F ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:11:19.0376 0x0d30  AudioEndpointBuilder - ok
18:11:19.0387 0x0d30  [ 510C873BFA135AA829F4180352772734, BC528D840EB338B0C5D11801C63D8EADD40AF8043DC77ACB4B42E8D20767538F ] Audiosrv        C:\Windows\System32\Audiosrv.dll
18:11:19.0394 0x0d30  Audiosrv - ok
18:11:19.0462 0x0d30  [ 383D7AEC7F1A44B81F2069DB9EE5F313, 3C6BFBA33245C95B65999C73E9EA6861D47A5C50561E4B93DB59DFB361B8711D ] Avgdiskx        C:\Windows\system32\DRIVERS\avgdiskx.sys
18:11:19.0483 0x0d30  Avgdiskx - ok
18:11:19.0644 0x0d30  [ 561CE09C52F6E945ED4CE7E173D1F542, 25FB1B55E22D4DF3B03B6D395B6C4749C03B950139767FA095C24234BD962782 ] AVGIDSAgent     C:\Program Files\AVG\AVG2014\avgidsagent.exe
18:11:19.0753 0x0d30  AVGIDSAgent - ok
18:11:19.0799 0x0d30  [ E76F8CDCC1BF9952D165CA5D90025730, 2A1AE74A25782C4407CA665FC5E3F15BD3F823E44DF0BB4103EDDEA70D81D887 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdriverx.sys
18:11:19.0804 0x0d30  AVGIDSDriver - ok
18:11:19.0817 0x0d30  [ 486A27CBB8314577A92BEFF025D52345, EBAD1BF93E5246680018DC9B110D0FDAB40D11B730D23CA56ECB5F39C9B6E6D1 ] AVGIDSHX        C:\Windows\system32\DRIVERS\avgidshx.sys
18:11:19.0821 0x0d30  AVGIDSHX - ok
18:11:19.0830 0x0d30  [ B650C4774CAB608AAC9C650312DA2CBB, 20F3041B1D69BFDCBEDBCB07965B5FC8AB28C4FC8822A0D975FB5850A299A913 ] AVGIDSShim      C:\Windows\system32\DRIVERS\avgidsshimx.sys
18:11:19.0832 0x0d30  AVGIDSShim - ok
18:11:19.0844 0x0d30  [ B295472342FCD8E0D15FC099552BA89D, BDB6E0487DF37CDDFFC82F0C2BAF9A3F4FA67210AE9D76BD62499C4F6348EB19 ] Avgldx86        C:\Windows\system32\DRIVERS\avgldx86.sys
18:11:19.0849 0x0d30  Avgldx86 - ok
18:11:19.0876 0x0d30  [ 624A328461D9A365C1B41BC2B8AA055E, FF8C99FFEF51F493525CDD875569165B69205F3008691B9DEE0029D04D0F7B55 ] Avglogx         C:\Windows\system32\DRIVERS\avglogx.sys
18:11:19.0882 0x0d30  Avglogx - ok
18:11:19.0924 0x0d30  [ A7A3E71F9E4F6F93AEAE2B1A88A12FCB, 6724D7BEBC9F0504E794C395459B82486800D409D86E137AD9DE6A5B09DAFA19 ] Avgmfx86        C:\Windows\system32\DRIVERS\avgmfx86.sys
18:11:19.0927 0x0d30  Avgmfx86 - ok
18:11:19.0980 0x0d30  [ F2C626DD5CF3F2FACBBA053F465563EB, 15881EE4F08B713209C6088E148ECF2245349E3B99D266BFE60442DEEDB38F29 ] Avgrkx86        C:\Windows\system32\DRIVERS\avgrkx86.sys
18:11:19.0983 0x0d30  Avgrkx86 - ok
18:11:20.0019 0x0d30  [ 16EDEFD8D99936B2410D082A494D2E3F, B8D18E37FB931B67893F2B4F24D7B20BFC0AC4C45F5FBC5231B942A186D8B3EC ] Avgtdix         C:\Windows\system32\DRIVERS\avgtdix.sys
18:11:20.0024 0x0d30  Avgtdix - ok
18:11:20.0097 0x0d30  [ E5C581D358B62CF65776B8E4E17B9E5C, 955E4ECFD036330B139476CCCC7564B082C197D5E7577853E0C3D7B707EDB090 ] avgwd           C:\Program Files\AVG\AVG2014\avgwdsvc.exe
18:11:20.0114 0x0d30  avgwd - ok
18:11:20.0167 0x0d30  [ DD6A431B43E34B91A767D1CE33728175, 8BFF6474C9DFBEC96FA7B2789EF9B17C7910B52DBCF70CDA1F0C698CFA5EFB6E ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:11:20.0171 0x0d30  AxInstSV - ok
18:11:20.0237 0x0d30  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
18:11:20.0247 0x0d30  b06bdrv - ok
18:11:20.0298 0x0d30  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
18:11:20.0303 0x0d30  b57nd60x - ok
18:11:20.0350 0x0d30  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
18:11:20.0353 0x0d30  BDESVC - ok
18:11:20.0365 0x0d30  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:11:20.0367 0x0d30  Beep - ok
18:11:20.0412 0x0d30  [ 85AC71C045CEB054ED48A7841AAE0C11, BA0C0CC50E5C49838116AC9A12A7CF1A683601FD08D3CF6EC06620C51C0806FF ] BFE             C:\Windows\System32\bfe.dll
18:11:20.0422 0x0d30  BFE - ok
18:11:20.0474 0x0d30  [ 53F476476F55A27F580661BDE09C4EC4, 90DFBF97F011CFF41D2CFA2E33978BC746A7E693AC75EED1436130C4F10B4E67 ] BITS            C:\Windows\System32\qmgr.dll
18:11:20.0515 0x0d30  BITS - ok
18:11:20.0535 0x0d30  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
18:11:20.0537 0x0d30  blbdrive - ok
18:11:20.0578 0x0d30  [ FCAFAEF6798D7B51FF029F99A9898961, BFB37686B1386EB883B99DB6AC342C20514939F8B7A5CEC5D63865B3DC2B4D4F ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:11:20.0581 0x0d30  bowser - ok
18:11:20.0591 0x0d30  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:11:20.0593 0x0d30  BrFiltLo - ok
18:11:20.0604 0x0d30  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:11:20.0606 0x0d30  BrFiltUp - ok
18:11:20.0645 0x0d30  [ 598E1280E7FF3744F4B8329366CC5635, 9B6392AEBE7EF26253487AF8C7C114822ABB187BA32DA8DBF622DB1B8DA6F1C0 ] Browser         C:\Windows\System32\browser.dll
18:11:20.0648 0x0d30  Browser - ok
18:11:20.0668 0x0d30  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
18:11:20.0675 0x0d30  Brserid - ok
18:11:20.0686 0x0d30  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:11:20.0689 0x0d30  BrSerWdm - ok
18:11:20.0696 0x0d30  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:11:20.0698 0x0d30  BrUsbMdm - ok
18:11:20.0707 0x0d30  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:11:20.0708 0x0d30  BrUsbSer - ok
18:11:20.0720 0x0d30  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
18:11:20.0724 0x0d30  BTHMODEM - ok
18:11:20.0768 0x0d30  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
18:11:20.0771 0x0d30  bthserv - ok
18:11:20.0805 0x0d30  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:11:20.0808 0x0d30  cdfs - ok
18:11:20.0857 0x0d30  [ BA6E70AA0E6091BC39DE29477D866A77, A17A68BDA46995F75FB1C2C593A81CD3B2BFE290CEAA45FA2380DDF5537A23C9 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
18:11:20.0860 0x0d30  cdrom - ok
18:11:20.0899 0x0d30  [ 628A9E30EC5E18DD5DE6BE4DBDC12198, DDA43DCCB195440D6BD5752BD00D984F45BD6D23DBE2A656C33E3CD1E5D17AD7 ] CertPropSvc     C:\Windows\System32\certprop.dll
18:11:20.0902 0x0d30  CertPropSvc - ok
18:11:20.0914 0x0d30  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
18:11:20.0917 0x0d30  circlass - ok
18:11:20.0936 0x0d30  [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS            C:\Windows\system32\CLFS.sys
18:11:20.0942 0x0d30  CLFS - ok
18:11:21.0026 0x0d30  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:11:21.0030 0x0d30  clr_optimization_v2.0.50727_32 - ok
18:11:21.0090 0x0d30  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:11:21.0158 0x0d30  clr_optimization_v4.0.30319_32 - ok
18:11:21.0175 0x0d30  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
18:11:21.0177 0x0d30  CmBatt - ok
18:11:21.0185 0x0d30  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
18:11:21.0187 0x0d30  cmdide - ok
18:11:21.0236 0x0d30  [ 1B675691ED940766149C93E8F4488D68, A55C41B2B343B1CF53D737ED1752D0510052094FFC60FDB833279A8A52398132 ] CNG             C:\Windows\system32\Drivers\cng.sys
18:11:21.0247 0x0d30  CNG - ok
18:11:21.0259 0x0d30  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
18:11:21.0261 0x0d30  Compbatt - ok
18:11:21.0306 0x0d30  [ F1724BA27E97D627F808FB0BA77A28A6, F7D69082EEFEC0FB8B309F6AEE282D4A5DFC1A40851ED65904AA9582C5DEA5AB ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
18:11:21.0308 0x0d30  CompositeBus - ok
18:11:21.0324 0x0d30  COMSysApp - ok
18:11:21.0341 0x0d30  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
18:11:21.0343 0x0d30  crcdisk - ok
18:11:21.0388 0x0d30  [ 9C231178CE4FB385F4B54B0A9080B8A4, 08EFAEBFF68D5CCE432D75116ED4BDC63FEA651459C9AD363CBEEDB769806527 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:11:21.0392 0x0d30  CryptSvc - ok
18:11:21.0439 0x0d30  [ 27C9490BDD0AE48911AB8CF1932591ED, 751F576F797F8A7BA576C32598BD6FD2E60D4FACC7836CC5BA3F68C38D27CCCA ] CSC             C:\Windows\system32\drivers\csc.sys
18:11:21.0447 0x0d30  CSC - ok
18:11:21.0472 0x0d30  [ 56FB5F222EA30D3D3FC459879772CB73, 2C4646774575858E26DBA9C73853E06D0BD18CC8A4C73C633071FF5FE04CA0F4 ] CscService      C:\Windows\System32\cscsvc.dll
18:11:21.0485 0x0d30  CscService - ok
18:11:21.0529 0x0d30  [ B82CD39E336973359D7C9BF911E8E84F, 45DB8F1E88FC25A81D2F3C2F8A8CDB6B34C44950B038E24FB71DCDD9823DB22A ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:11:21.0539 0x0d30  DcomLaunch - ok
18:11:21.0571 0x0d30  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
18:11:21.0576 0x0d30  defragsvc - ok
18:11:21.0588 0x0d30  [ 8E09E52EE2E3CEB199EF3DD99CF9E3FB, B03D0CF11C1D0DCBB76E74D796F3AFA2F9598C918017C29670BED4E3A9962EF5 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:11:21.0591 0x0d30  DfsC - ok
18:11:21.0637 0x0d30  [ C56495FBD770712367CAD35E5DE72DA6, 9D5456A2E208F542F0B6C951EFCABA2A10919777C4287D7298A28F543D5BAC32 ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:11:21.0644 0x0d30  Dhcp - ok
18:11:21.0654 0x0d30  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
18:11:21.0656 0x0d30  discache - ok
18:11:21.0706 0x0d30  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
18:11:21.0708 0x0d30  Disk - ok
18:11:21.0721 0x0d30  [ D0722E963D3C6145446874241401B209, 542B3E6EC7E0161AB4732380343139959775E749996A97684A5D423833DDB196 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:11:21.0726 0x0d30  Dnscache - ok
18:11:21.0750 0x0d30  [ 4408C85C21EEA48EB0CE486BAEEF0502, 67EA726F4053665D94D7790EC89616EA0698A7548073A9211E3F75937B4384BE ] dot3svc         C:\Windows\System32\dot3svc.dll
18:11:21.0756 0x0d30  dot3svc - ok
18:11:21.0797 0x0d30  [ 7FA81C6E11CAA594ADB52084DA73A1E5, 9ED1C585D9CA091E75E4A2A1E5B923B104EBDC5FC9D12154DE909C583E4D0CAE ] DPS             C:\Windows\system32\dps.dll
18:11:21.0802 0x0d30  DPS - ok
18:11:21.0835 0x0d30  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:11:21.0836 0x0d30  drmkaud - ok
18:11:21.0888 0x0d30  [ 39806CFEDDCC55E686A49BCCD2972F23, EFD5816D3E8E7F0F8D8E52AB9C534737F32D2D6D3EACCA78940792C553881C64 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:11:21.0903 0x0d30  DXGKrnl - ok
18:11:21.0964 0x0d30  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
18:11:21.0967 0x0d30  EapHost - ok
18:11:22.0075 0x0d30  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
18:11:22.0160 0x0d30  ebdrv - ok
18:11:22.0188 0x0d30  [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] EFS             C:\Windows\System32\lsass.exe
18:11:22.0195 0x0d30  EFS - ok
18:11:22.0280 0x0d30  [ 3A74A6E33685662B125A3269B1F2114F, 183E180E4B35E549B5D7363D926E17226FF70CFDE7328F7B0B3676B9A27E2569 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
18:11:22.0294 0x0d30  ehRecvr - ok
18:11:22.0304 0x0d30  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
18:11:22.0307 0x0d30  ehSched - ok
18:11:22.0330 0x0d30  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
18:11:22.0340 0x0d30  elxstor - ok
18:11:22.0355 0x0d30  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys
18:11:22.0357 0x0d30  ErrDev - ok
18:11:22.0409 0x0d30  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
18:11:22.0415 0x0d30  EventSystem - ok
18:11:22.0438 0x0d30  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
18:11:22.0442 0x0d30  exfat - ok
18:11:22.0461 0x0d30  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:11:22.0465 0x0d30  fastfat - ok
18:11:22.0505 0x0d30  [ F7EA23CC5E6BF2181F3F399D54F6EFC1, 4659A2EDC5D5171668FB20BED7B56466A674876888519D6F524F7456EBD11263 ] Fax             C:\Windows\system32\fxssvc.exe
18:11:22.0520 0x0d30  Fax - ok
18:11:22.0533 0x0d30  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
18:11:22.0535 0x0d30  fdc - ok
18:11:22.0547 0x0d30  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
18:11:22.0549 0x0d30  fdPHost - ok
18:11:22.0561 0x0d30  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:11:22.0564 0x0d30  FDResPub - ok
18:11:22.0573 0x0d30  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:11:22.0576 0x0d30  FileInfo - ok
18:11:22.0591 0x0d30  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:11:22.0593 0x0d30  Filetrace - ok
18:11:22.0608 0x0d30  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
18:11:22.0610 0x0d30  flpydisk - ok
18:11:22.0649 0x0d30  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:11:22.0653 0x0d30  FltMgr - ok
18:11:22.0713 0x0d30  [ B6512A85815FDC3D560C3705F5BDB93D, A04D60BF4649DD7582C0E26E9CED93841D8B2729FDF6E1551F48A94AFD5A6436 ] FontCache       C:\Windows\system32\FntCache.dll
18:11:22.0730 0x0d30  FontCache - ok
18:11:22.0813 0x0d30  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:11:22.0816 0x0d30  FontCache3.0.0.0 - ok
18:11:22.0821 0x0d30  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:11:22.0823 0x0d30  FsDepends - ok
18:11:22.0833 0x0d30  [ A574B4360E438977038AAE4BF60D79A2, 7255CCDDDAC4853FA72E6487408C4B7390CBA37549CE952929B2A9CF3327C616 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:11:22.0835 0x0d30  Fs_Rec - ok
18:11:22.0872 0x0d30  [ 5592F5DBA26282D24D2B080EB438A4D7, 5376D6CFFE9A1406CFA0BF4325EB65206F57A5C50034DA7EB4238BEB08D4D6DB ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:11:22.0877 0x0d30  fvevol - ok
18:11:22.0913 0x0d30  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
18:11:22.0915 0x0d30  gagp30kx - ok
18:11:22.0956 0x0d30  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:11:22.0958 0x0d30  GEARAspiWDM - ok
18:11:23.0013 0x0d30  [ 8BA3C04702BF8F927AB36AE8313CA4EE, 3B6460C8134AA9D6E4FB978201B35FE9B67DD5BBB6C8D9625F3097DDA30C2893 ] gpsvc           C:\Windows\System32\gpsvc.dll
18:11:23.0026 0x0d30  gpsvc - ok
18:11:23.0091 0x0d30  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
18:11:23.0095 0x0d30  gupdate - ok
18:11:23.0099 0x0d30  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
18:11:23.0101 0x0d30  gupdatem - ok
18:11:23.0111 0x0d30  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:11:23.0113 0x0d30  hcw85cir - ok
18:11:23.0154 0x0d30  [ 3530CAD25DEBA7DC7DE8BB51632CBC5F, 6706B8AD211A4B89B6571ACD227412026EAD87D71456B3EC6E7DD8FA15B997BE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:11:23.0161 0x0d30  HdAudAddService - ok
18:11:23.0202 0x0d30  [ 717A2207FD6F13AD3E664C7D5A43C7BF, BF28A6F00B64FA0E801493E3289CFFD5E313E724DF7B5AB521C9E37A20890DCF ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
18:11:23.0205 0x0d30  HDAudBus - ok
18:11:23.0214 0x0d30  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
18:11:23.0216 0x0d30  HidBatt - ok
18:11:23.0231 0x0d30  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
18:11:23.0235 0x0d30  HidBth - ok
18:11:23.0272 0x0d30  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
18:11:23.0275 0x0d30  HidIr - ok
18:11:23.0314 0x0d30  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
18:11:23.0317 0x0d30  hidserv - ok
18:11:23.0361 0x0d30  [ 25072FB35AC90B25F9E4E3BACF774102, EBCE089947CC5A251A517CB91E81FCB948B18405FBACA04C874D4A48AF88676D ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
18:11:23.0363 0x0d30  HidUsb - ok
18:11:23.0402 0x0d30  [ 741C2A45CA8407E374AABA3E330B7872, FCF31C46297CFDF8240F0E783A61C8463FEDB1EF7A676AB89DFF0EAE9F3534B4 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:11:23.0406 0x0d30  hkmsvc - ok
18:11:23.0420 0x0d30  [ A768CA158BB06782A2835B907F4873C3, EFF736C6BA38FB8FC8807286AB273E7274F505E8E59D952E8563DF77C412C5AE ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:11:23.0426 0x0d30  HomeGroupListener - ok
18:11:23.0466 0x0d30  [ FB08DEC5EF43D0C66D83B8E9694E7549, 9C9ECE9E90F524791FC5DCE797BAE39605F966592126FF058BA3FA0BEFD07BEB ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:11:23.0471 0x0d30  HomeGroupProvider - ok
18:11:23.0484 0x0d30  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys
18:11:23.0486 0x0d30  HpSAMD - ok
18:11:23.0536 0x0d30  [ C531C7FD9E8B62021112787C4E2C5A5A, 09205E2A5BFB6C623B312B8AC82F7F7CA8A922B1D9A0E3952BD3BA47BBE1F18C ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:11:23.0547 0x0d30  HTTP - ok
18:11:23.0558 0x0d30  [ 8305F33CDE89AD6C7A0763ED0B5A8D42, A7CA4978DC1FF6105EA39124DF854F0B1FD478476B871ED0E018AF3AE2165282 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:11:23.0559 0x0d30  hwpolicy - ok
18:11:23.0593 0x0d30  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
18:11:23.0596 0x0d30  i8042prt - ok
18:11:23.0618 0x0d30  [ 934AF4D7C5F457B9F0743F4299B77B67, F232554352BB7CD716D6173FC1AB2661E49480994BB22E9A6FE7A33B51F0A51B ] iaStorV         C:\Windows\system32\DRIVERS\iaStorV.sys
18:11:23.0625 0x0d30  iaStorV - ok
18:11:23.0687 0x0d30  [ 5AF815EB5BC9802E5A064E2BA62BFC0C, DC8CED05F623D30C57E8A7A382A219B4266C9C766ABF8A8D71783EACB8607B82 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:11:23.0709 0x0d30  idsvc - ok
18:11:23.0727 0x0d30  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
18:11:23.0730 0x0d30  iirsp - ok
18:11:23.0786 0x0d30  [ FAC0EE6562B121B1399D6E855583F7A5, 034C9EE9232EB2CE64297EC4BCBEB5DA443ED9176C436CC754EF84FFB4AD4B08 ] IKEEXT          C:\Windows\System32\ikeext.dll
18:11:23.0800 0x0d30  IKEEXT - ok
18:11:23.0812 0x0d30  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
18:11:23.0814 0x0d30  intelide - ok
18:11:23.0845 0x0d30  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:11:23.0847 0x0d30  intelppm - ok
18:11:23.0858 0x0d30  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:11:23.0862 0x0d30  IPBusEnum - ok
18:11:23.0874 0x0d30  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:11:23.0877 0x0d30  IpFilterDriver - ok
18:11:23.0902 0x0d30  [ 477397B432A256A50EE7E4339EB9EA14, 3722938E69D16962F773F39669E9B90279DC9527BBC63564B33C89DAFD283497 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:11:23.0913 0x0d30  iphlpsvc - ok
18:11:23.0928 0x0d30  [ E4454B6C37D7FFD5649611F6496308A7, 5B2AA8C06076C9A1FF944E5EA07C29BA7FABEBB38E6BFB388ED46933EAC465FB ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys
18:11:23.0931 0x0d30  IPMIDRV - ok
18:11:23.0942 0x0d30  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:11:23.0945 0x0d30  IPNAT - ok
18:11:23.0996 0x0d30  [ 066F2BBE2EEC9A42B065B552BF356B4E, AE86DB5BFD4748C54C0C224E7FBEA3C032F1071A39303DF35AA04869D3950B7A ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
18:11:24.0008 0x0d30  iPod Service - ok
18:11:24.0050 0x0d30  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:11:24.0051 0x0d30  IRENUM - ok
18:11:24.0061 0x0d30  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys
18:11:24.0063 0x0d30  isapnp - ok
18:11:24.0082 0x0d30  [ ED46C223AE46C6866AB77CDC41C404B7, 1B2A4A3FF0E5F8F02717F20983D57612D62DFF809064A7E524700E7254BB7DB3 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
18:11:24.0086 0x0d30  iScsiPrt - ok
18:11:24.0135 0x0d30  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
18:11:24.0137 0x0d30  kbdclass - ok
18:11:24.0171 0x0d30  [ 3D9F0EBF350EDCFD6498057301455964, B3CB5F0C045B06C86E683F3C67DC0D4E37AF16E20B189B05C926A5A7011438FB ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
18:11:24.0173 0x0d30  kbdhid - ok
18:11:24.0186 0x0d30  [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] KeyIso          C:\Windows\system32\lsass.exe
18:11:24.0188 0x0d30  KeyIso - ok
18:11:24.0200 0x0d30  [ E36A061EC11B373826905B21BE10948F, CB9F8B76E0A99307A841B66CBD96C7087CC0B068699CBEF01040E37C6EA60E6A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:11:24.0203 0x0d30  KSecDD - ok
18:11:24.0236 0x0d30  [ 26C046977E85B95036453D7B88BA1820, 375B284AFB407CAE417D2090B112A0ED1CCD516ABFDDBFCD5D6AADE859F14ACD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:11:24.0239 0x0d30  KSecPkg - ok
18:11:24.0281 0x0d30  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:11:24.0289 0x0d30  KtmRm - ok
18:11:24.0309 0x0d30  [ BCA92CB047A4326925ECEF759DBAA233, C2A188F5526882A2E3AC4CC0190452DA37CBD93043DFE5571A20E8EFE9D56DA3 ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:11:24.0315 0x0d30  LanmanServer - ok
18:11:24.0338 0x0d30  [ B9891F885DCF1F0513A51CB58493CB1F, C883D243E1E7B7AEA031FB90FE4FCEED631F835DC95F9D9D60BC554E6EC358C2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:11:24.0342 0x0d30  LanmanWorkstation - ok
18:11:24.0419 0x0d30  [ A6E0D6305D1125AEAFD279AE60FEB07B, 7FC23F85D08C632B8D45EA39637D49AD3CD08EBF9A39E113C419F8A609760003 ] Linksys_adapter_H C:\Windows\system32\DRIVERS\AE2500w7.sys
18:11:24.0453 0x0d30  Linksys_adapter_H - ok
18:11:24.0506 0x0d30  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:11:24.0508 0x0d30  lltdio - ok
18:11:24.0542 0x0d30  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:11:24.0548 0x0d30  lltdsvc - ok
18:11:24.0564 0x0d30  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:11:24.0567 0x0d30  lmhosts - ok
18:11:24.0599 0x0d30  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
18:11:24.0602 0x0d30  LSI_FC - ok
18:11:24.0613 0x0d30  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
18:11:24.0616 0x0d30  LSI_SAS - ok
18:11:24.0625 0x0d30  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:11:24.0627 0x0d30  LSI_SAS2 - ok
18:11:24.0644 0x0d30  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:11:24.0647 0x0d30  LSI_SCSI - ok
18:11:24.0685 0x0d30  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
18:11:24.0688 0x0d30  luafv - ok
18:11:24.0755 0x0d30  [ 0C6EA0109CFEDF441F06D031E9A8D1A9, 61C18F1DD1DC5719252564A60F9E0CBD0AD275C065C5B95F330921C582EA532F ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
18:11:24.0758 0x0d30  MBAMProtector - ok
18:11:24.0871 0x0d30  [ 0E08BDD7326E657D59DB40BAD23D8169, 428C6CCCC0BB540DFD35847776140D60C186B9D2D14F0ACCD1A4D42A8877BD98 ] MBAMScheduler   C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
18:11:24.0930 0x0d30  MBAMScheduler - ok
18:11:24.0962 0x0d30  [ A8E7F3DB083EB0839DFC1C763CDD2594, BDF416E360A52130B23B029C89E6406A97FB0516C52C7E63B94CAECEEB431A2E ] MBAMService     C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
18:11:24.0979 0x0d30  MBAMService - ok
18:11:24.0995 0x0d30  [ 661B911FA04E73FB073FF9B1C9BD2E05, C5FD4F528A59141418DA279291E88E51D406D01FAD36435569D97E95FBA66164 ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
18:11:24.0999 0x0d30  MBAMSwissArmy - ok
18:11:25.0035 0x0d30  [ 18898A87CBA96DEA2074C19E140938A8, 70CBB36E349A1A2028E44137C3B306C610ACD068D117A70DA73F996F95B8BC62 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
18:11:25.0037 0x0d30  MBAMWebAccessControl - ok
18:11:25.0060 0x0d30  [ E2B0887816ED336685954E3D8FDAA51D, 4DCB08ADC6A89DCA68D1285734B283B567888EF72249F6BBA73A63D1BD462466 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
18:11:25.0066 0x0d30  Mcx2Svc - ok
18:11:25.0085 0x0d30  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
18:11:25.0087 0x0d30  megasas - ok
18:11:25.0132 0x0d30  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
18:11:25.0137 0x0d30  MegaSR - ok
18:11:25.0176 0x0d30  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
18:11:25.0179 0x0d30  MMCSS - ok
18:11:25.0194 0x0d30  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
18:11:25.0196 0x0d30  Modem - ok
18:11:25.0236 0x0d30  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:11:25.0239 0x0d30  monitor - ok
18:11:25.0275 0x0d30  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:11:25.0278 0x0d30  mouclass - ok
18:11:25.0286 0x0d30  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:11:25.0287 0x0d30  mouhid - ok
18:11:25.0300 0x0d30  [ 921C18727C5920D6C0300736646931C2, 19ACE502982E9C5B0134676102EAEE96675C9CA237E410DB36C389D6B4078301 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:11:25.0303 0x0d30  mountmgr - ok
18:11:25.0314 0x0d30  [ 2AF5997438C55FB79D33D015C30E1974, E8F048A02FEB400C133D0BFC1659921E73B59549E3F7D2A13929901B87A1901F ] mpio            C:\Windows\system32\DRIVERS\mpio.sys
18:11:25.0318 0x0d30  mpio - ok
18:11:25.0346 0x0d30  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:11:25.0349 0x0d30  mpsdrv - ok
18:11:25.0371 0x0d30  [ 5CD996CECF45CBC3E8D109C86B82D69E, ABE40DA4DA555D3D5054BE28BF82E775D90DCB9E31409DC95FABF2F016B17700 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:11:25.0384 0x0d30  MpsSvc - ok
18:11:25.0402 0x0d30  [ B1BE47008D20E43DA3ADC37C24CDB89D, 6E8555E84B42E5098227B35EA5ABADF2CD3AC247B37CB9E9304FF67064EBE59B ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:11:25.0406 0x0d30  MRxDAV - ok
18:11:25.0449 0x0d30  [ F4A054BE78AF7F410129C4B64B07DC9B, 65E14D38CCAB4FBB0C0D4A12F11B2E150AEC00AC692EE92A5CE6C982CF1190F5 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:11:25.0453 0x0d30  mrxsmb - ok
18:11:25.0477 0x0d30  [ DEFFA295BD1895C6ED8E3078412AC60B, 3F13CD67659EC2C8ABADC2C5B48B939ECDC6DB7CAAAAC3C2823AC12842BC1630 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:11:25.0482 0x0d30  mrxsmb10 - ok
18:11:25.0514 0x0d30  [ 24D76ABE5DCAD22F19D105F76FDF0CE1, D0A7E033B4DF4AA5A9600A2A7A890FDE20AC7CE87C660817EB92FE10E2DAD343 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:11:25.0517 0x0d30  mrxsmb20 - ok
18:11:25.0531 0x0d30  [ 4326D168944123F38DD3B2D9C37A0B12, 322AE93418BE3BA6B3E11C86431EC3F4B23CADC3B968B92978A08A7C0D0D8902 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
18:11:25.0533 0x0d30  msahci - ok
18:11:25.0548 0x0d30  [ 455029C7174A2DBB03DBA8A0D8BDDD9A, 614D71978B024109ADD9A7A74F74ABD5FAA1C36A2E859AF288398EAE7CD76DF2 ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys
18:11:25.0552 0x0d30  msdsm - ok
18:11:25.0565 0x0d30  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
18:11:25.0570 0x0d30  MSDTC - ok
18:11:25.0584 0x0d30  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:11:25.0587 0x0d30  Msfs - ok
18:11:25.0596 0x0d30  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:11:25.0598 0x0d30  mshidkmdf - ok
18:11:25.0611 0x0d30  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys
18:11:25.0613 0x0d30  msisadrv - ok
18:11:25.0637 0x0d30  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:11:25.0642 0x0d30  MSiSCSI - ok
18:11:25.0646 0x0d30  msiserver - ok
18:11:25.0654 0x0d30  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:11:25.0656 0x0d30  MSKSSRV - ok
18:11:25.0670 0x0d30  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:11:25.0672 0x0d30  MSPCLOCK - ok
18:11:25.0686 0x0d30  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:11:25.0688 0x0d30  MSPQM - ok
18:11:25.0702 0x0d30  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:11:25.0707 0x0d30  MsRPC - ok
18:11:25.0716 0x0d30  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
18:11:25.0718 0x0d30  mssmbios - ok
18:11:25.0726 0x0d30  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:11:25.0727 0x0d30  MSTEE - ok
18:11:25.0735 0x0d30  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
18:11:25.0737 0x0d30  MTConfig - ok
18:11:25.0757 0x0d30  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
18:11:25.0760 0x0d30  Mup - ok
18:11:25.0808 0x0d30  [ 80284F1985C70C86F0B5F86DA2DFE1DF, 424A5BBC28C72DA0DBABEB9E423B8C409754CD1BA3DFC9E174BF22D8BCE1BE63 ] napagent        C:\Windows\system32\qagentRT.dll
18:11:25.0846 0x0d30  napagent - ok
18:11:25.0971 0x0d30  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:11:25.0994 0x0d30  NativeWifiP - ok
18:11:26.0034 0x0d30  [ 23759D175A0A9BAAF04D05047BC135A8, 2C8C553B4E1ED3A644F619F16BCEDD5A3C6D74A17E6E75A3E740E06B1D636348 ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:11:26.0049 0x0d30  NDIS - ok
18:11:26.0089 0x0d30  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:11:26.0091 0x0d30  NdisCap - ok
18:11:26.0125 0x0d30  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:11:26.0127 0x0d30  NdisTapi - ok
18:11:26.0139 0x0d30  [ B30AE7F2B6D7E343B0DF32E6C08FCE75, 39BBBF7AF886732CB9ED3E6C06DA4318554089F3BEA74C74328FE1C6EF68E70B ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:11:26.0142 0x0d30  Ndisuio - ok
18:11:26.0153 0x0d30  [ 267C415EADCBE53C9CA873DEE39CF3A4, BAA8626BDA7B68176B19A99FBBD40FB2A774C8F44B56F9FFB99A1F5C16A1C555 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:11:26.0156 0x0d30  NdisWan - ok
18:11:26.0166 0x0d30  [ AF7E7C63DCEF3F8772726F86039D6EB4, 1CFDED48E8844138864786DBF9D5519162A6DB28F885A781934E8AFBD52EAC50 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:11:26.0169 0x0d30  NDProxy - ok
18:11:26.0198 0x0d30  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:11:26.0200 0x0d30  NetBIOS - ok
18:11:26.0216 0x0d30  [ DD52A733BF4CA5AF84562A5E2F963B91, 5CEB9664CED3D120F5408A12035748728710D41090A289CF66023CED4C838A1F ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:11:26.0221 0x0d30  NetBT - ok
18:11:26.0235 0x0d30  [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] Netlogon        C:\Windows\system32\lsass.exe
18:11:26.0237 0x0d30  Netlogon - ok
18:11:26.0279 0x0d30  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
18:11:26.0287 0x0d30  Netman - ok
18:11:26.0321 0x0d30  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:11:26.0355 0x0d30  NetMsmqActivator - ok
18:11:26.0371 0x0d30  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:11:26.0373 0x0d30  NetPipeActivator - ok
18:11:26.0400 0x0d30  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
18:11:26.0409 0x0d30  netprofm - ok
18:11:26.0415 0x0d30  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:11:26.0417 0x0d30  NetTcpActivator - ok
18:11:26.0421 0x0d30  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:11:26.0424 0x0d30  NetTcpPortSharing - ok
18:11:26.0457 0x0d30  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
18:11:26.0459 0x0d30  nfrd960 - ok
18:11:26.0475 0x0d30  [ 2226496E34BD40734946A054B1CD657F, 98392D98C9213822268971432BB55047ABD8B4EBD42483FA69BF50FB8FAD64A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:11:26.0482 0x0d30  NlaSvc - ok
18:11:26.0494 0x0d30  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:11:26.0496 0x0d30  Npfs - ok
18:11:26.0507 0x0d30  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
18:11:26.0510 0x0d30  nsi - ok
18:11:26.0514 0x0d30  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:11:26.0515 0x0d30  nsiproxy - ok
18:11:26.0558 0x0d30  [ 3795DCD21F740EE799FB7223234215AF, B03DBFD33B201134473D23038E0BD86CFE64556754BF4EBA42C10B67AEECAEA6 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:11:26.0597 0x0d30  Ntfs - ok
18:11:26.0607 0x0d30  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
18:11:26.0609 0x0d30  Null - ok
18:11:26.0935 0x0d30  [ 50199B0578F7A4ADD5E16A42946CF34B, D4CB42C4FC42355BE007088FBB60B2B773188AB81FB9111861C0682DBCD79EFD ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:11:27.0213 0x0d30  nvlddmkm - ok
18:11:27.0259 0x0d30  [ 3F3D04B1D08D43C16EA7963954EC768D, BA82C1D3D9F4AA5F1C9729D61D4E06DB961FDF2B1E9B483D29DB308204DF0754 ] nvraid          C:\Windows\system32\DRIVERS\nvraid.sys
18:11:27.0263 0x0d30  nvraid - ok
18:11:27.0295 0x0d30  [ C99F251A5DE63C6F129CF71933ACED0F, 24D48A5F5D699AB0DD4D4435F8F7C6B73A924AEF8F9D1170FD644E26499546A2 ] nvstor          C:\Windows\system32\DRIVERS\nvstor.sys
18:11:27.0298 0x0d30  nvstor - ok
18:11:27.0350 0x0d30  [ 4BD107E339C9955708FA35A96BB8A8A8, 540A2C12B844491F5089CAEDA0EA57DAE03471081866AE1A08C5E65E592F772B ] nvsvc           C:\Windows\system32\nvvsvc.exe
18:11:27.0364 0x0d30  nvsvc - ok
18:11:27.0446 0x0d30  [ B69C2727D16E44AB8B3501E95256F053, 2CB5AAD21701B426B1BCDC30CBA1B46101B34586CBF73A89A0A402ABD558F400 ] NVWMI           C:\Windows\system32\nvwmi.exe
18:11:27.0498 0x0d30  NVWMI - ok
18:11:27.0514 0x0d30  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys
18:11:27.0518 0x0d30  nv_agp - ok
18:11:27.0552 0x0d30  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
18:11:27.0554 0x0d30  ohci1394 - ok
18:11:27.0588 0x0d30  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:11:27.0595 0x0d30  p2pimsvc - ok
18:11:27.0628 0x0d30  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
18:11:27.0636 0x0d30  p2psvc - ok
18:11:27.0653 0x0d30  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
18:11:27.0656 0x0d30  Parport - ok
18:11:27.0667 0x0d30  [ FF4218952B51DE44FE910953A3E686B9, 871E4F8300AFE2AE770B8F00C12911A08D8BBD8E07C37A11AFF67CA92607A602 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:11:27.0670 0x0d30  partmgr - ok
18:11:27.0679 0x0d30  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
18:11:27.0681 0x0d30  Parvdm - ok
18:11:27.0696 0x0d30  [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:11:27.0702 0x0d30  PcaSvc - ok
18:11:27.0718 0x0d30  [ C858CB77C577780ECC456A892E7E7D0F, 21AE545B736739DE5A7B02CF227516BA6D02B1AAAECD8CC516CCF9F1FD710BCF ] pci             C:\Windows\system32\DRIVERS\pci.sys
18:11:27.0722 0x0d30  pci - ok
18:11:27.0736 0x0d30  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
18:11:27.0738 0x0d30  pciide - ok
18:11:27.0756 0x0d30  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
18:11:27.0762 0x0d30  pcmcia - ok
18:11:27.0771 0x0d30  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:11:27.0773 0x0d30  pcw - ok
18:11:27.0831 0x0d30  [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:11:27.0844 0x0d30  PEAUTH - ok
18:11:27.0902 0x0d30  [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
18:11:27.0923 0x0d30  PeerDistSvc - ok
18:11:27.0976 0x0d30  [ 9C1BFF7910C89A1D12E57343475840CB, 62E00E1278BD263B2AC8CB803C31F2818C54DB143C49470FAD07731E04BD2DE3 ] pla             C:\Windows\system32\pla.dll
18:11:28.0028 0x0d30  pla - ok
18:11:28.0080 0x0d30  [ 2CC2008F1296968FBA162ED9F9AFE328, 670E2BE4EB8210C9D6AEA635DFA20E390936762A22B2BB413BF9C7AF418150D6 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:11:28.0088 0x0d30  PlugPlay - ok
18:11:28.0100 0x0d30  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:11:28.0103 0x0d30  PNRPAutoReg - ok
18:11:28.0121 0x0d30  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:11:28.0126 0x0d30  PNRPsvc - ok
18:11:28.0184 0x0d30  [ 48E1B75C6DC0232FD92BAAE4BD344721, 5BA4EB5A60725836D8085EABF87F51160BA57E318A0C4378410217911A393CE7 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:11:28.0193 0x0d30  PolicyAgent - ok
18:11:28.0233 0x0d30  [ DBFF83F709A91049621C1D35DD45C92C, 0A722A44F431CAB5EA77FF5F25EB6975C2111B605564FF9FB59751067E7CD3A7 ] Power           C:\Windows\system32\umpo.dll
18:11:28.0238 0x0d30  Power - ok
18:11:28.0264 0x0d30  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:11:28.0267 0x0d30  PptpMiniport - ok
18:11:28.0281 0x0d30  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
18:11:28.0284 0x0d30  Processor - ok
18:11:28.0323 0x0d30  [ 630CF26F0227498B7D5A92B12548960F, 7B6E2A3C398DF2E8F63C03ED5B59BB8DA47D5C1ACA9F37438F71F35633ACD6CD ] ProfSvc         C:\Windows\system32\profsvc.dll
18:11:28.0329 0x0d30  ProfSvc - ok
18:11:28.0342 0x0d30  [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:11:28.0344 0x0d30  ProtectedStorage - ok
18:11:28.0376 0x0d30  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:11:28.0379 0x0d30  Psched - ok
18:11:28.0446 0x0d30  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
18:11:28.0489 0x0d30  ql2300 - ok
18:11:28.0506 0x0d30  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
18:11:28.0510 0x0d30  ql40xx - ok
18:11:28.0531 0x0d30  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
18:11:28.0537 0x0d30  QWAVE - ok
18:11:28.0550 0x0d30  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:11:28.0552 0x0d30  QWAVEdrv - ok
18:11:28.0564 0x0d30  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:11:28.0566 0x0d30  RasAcd - ok
18:11:28.0604 0x0d30  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:11:28.0606 0x0d30  RasAgileVpn - ok
18:11:28.0620 0x0d30  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
18:11:28.0625 0x0d30  RasAuto - ok
18:11:28.0640 0x0d30  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:11:28.0643 0x0d30  Rasl2tp - ok
18:11:28.0685 0x0d30  [ 0CE66EC736B7FC526D78F7624C7D2A94, D70B45AA413691CF84B24E966EBA1689955E54BDDA206380CAB7CD50F56D5CEB ] RasMan          C:\Windows\System32\rasmans.dll
18:11:28.0692 0x0d30  RasMan - ok
18:11:28.0703 0x0d30  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:11:28.0705 0x0d30  RasPppoe - ok
18:11:28.0741 0x0d30  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:11:28.0744 0x0d30  RasSstp - ok
18:11:28.0762 0x0d30  [ 835D7E81BF517A3B72384BDCC85E1CE6, DC855AF17150C1B27926293115C01B5E1FD00FABCE18AFAEAB3DC68BDE4C908B ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:11:28.0768 0x0d30  rdbss - ok
18:11:28.0776 0x0d30  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
18:11:28.0778 0x0d30  rdpbus - ok
18:11:28.0791 0x0d30  [ 1E016846895B15A99F9A176A05029075, 78AE674B6E7D3A69099B24AC07E06563A4C867F9DCD8548E4DAAE6FC5ACA4E29 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:11:28.0793 0x0d30  RDPCDD - ok
18:11:28.0835 0x0d30  [ C5FF95883FFEF704D50C40D21CFB3AB5, 26CC53DDE126A6BD99F606695F063BB7FDC4BBABB9F75F7AD7A84B58C837EEAA ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
18:11:28.0839 0x0d30  RDPDR - ok
18:11:28.0865 0x0d30  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:11:28.0866 0x0d30  RDPENCDD - ok
18:11:28.0880 0x0d30  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
18:11:28.0882 0x0d30  RDPREFMP - ok
18:11:28.0904 0x0d30  [ 801371BA9782282892D00AADB08EE367, 884DDC24B8400E76F65F54C249053333AD29543224F9EC156C64A6BDF584DDCD ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:11:28.0908 0x0d30  RDPWD - ok
18:11:28.0939 0x0d30  [ 4EA225BF1CF05E158853F30A99CA29A7, F211480F13E2FE36C31110AE67ABE74E9D572D3A36BEEDE29E14ECBD8C246878 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:11:28.0944 0x0d30  rdyboost - ok
18:11:28.0983 0x0d30  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:11:28.0987 0x0d30  RemoteAccess - ok
18:11:29.0001 0x0d30  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:11:29.0007 0x0d30  RemoteRegistry - ok
18:11:29.0046 0x0d30  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:11:29.0050 0x0d30  RpcEptMapper - ok
18:11:29.0089 0x0d30  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
18:11:29.0091 0x0d30  RpcLocator - ok
18:11:29.0117 0x0d30  [ B82CD39E336973359D7C9BF911E8E84F, 45DB8F1E88FC25A81D2F3C2F8A8CDB6B34C44950B038E24FB71DCDD9823DB22A ] RpcSs           C:\Windows\system32\rpcss.dll
18:11:29.0124 0x0d30  RpcSs - ok
18:11:29.0149 0x0d30  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:11:29.0151 0x0d30  rspndr - ok
18:11:29.0182 0x0d30  [ 99009D64E1B73B080652E98DEB09C391, 617A72A47E005C357058D9D3F259146FEFE6F6E3605EF96E1F9754EC6537A389 ] RzDxgk          C:\Windows\system32\drivers\RzDxgk.sys
18:11:29.0186 0x0d30  RzDxgk - ok
18:11:29.0212 0x0d30  [ 4B1B7AA6F076713703FA2DB2E5C2B598, 78FF8B313D01E3DFD6BFA6F432D5F5F105E3D4C9ED099903D712CD03D8DC90A8 ] rzendpt         C:\Windows\system32\DRIVERS\rzendpt.sys
18:11:29.0213 0x0d30  rzendpt - ok
18:11:29.0242 0x0d30  [ 4572C123C0BE59354EBDC8C496F69476, FE769521FBB4A07920FFE9B0CE5BAD83FCEE3BAAB22B09CFCA979A9DD1681867 ] RzFilter        C:\Windows\system32\drivers\RzFilter.sys
18:11:29.0243 0x0d30  RzFilter - ok
18:11:29.0278 0x0d30  [ 0B7D99438DA5A5E2CD0DCAF2A3CA33F0, 86D5F2987FE929A820B67F42F3D2C721720FC850A0508AFB1E920AC6A543EF30 ] rzmpos          C:\Windows\system32\DRIVERS\rzmpos.sys
18:11:29.0279 0x0d30  rzmpos - ok
18:11:29.0364 0x0d30  [ 2FC5E7818A8A734A35BB0752FD84A605, B9E79A658613F924641646CE263F714AACCCF704C42571BC9AC30057F9187A24 ] RzOvlMon        C:\Program Files\Razer\Core\rzovlmon.exe
18:11:29.0390 0x0d30  RzOvlMon - ok
18:11:29.0406 0x0d30  [ F8B8E895C1CCD6AF2BC6E53379895180, 20E0367BE8661DD2C44FB0D682E864ABC0E5FE434D2B3ED55972F6F342743B41 ] rzudd           C:\Windows\system32\DRIVERS\rzudd.sys
18:11:29.0409 0x0d30  rzudd - ok
18:11:29.0428 0x0d30  [ 5423D8437051E89DD34749F242C98648, 28FD190E13676B0FD452A73C3069B72206E2938DB2240BAA9BDB56687C748A2B ] s3cap           C:\Windows\system32\DRIVERS\vms3cap.sys
18:11:29.0430 0x0d30  s3cap - ok
18:11:29.0441 0x0d30  [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] SamSs           C:\Windows\system32\lsass.exe
18:11:29.0443 0x0d30  SamSs - ok
18:11:29.0491 0x0d30  [ 34EE0C44B724E3E4CE2EFF29126DE5B5, D27AAF77CB8830893558A600E19CDBF9A6AA7D69DE4B34F317ED4AFD38E8CAFB ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
18:11:29.0494 0x0d30  sbp2port - ok
18:11:29.0530 0x0d30  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:11:29.0535 0x0d30  SCardSvr - ok
18:11:29.0553 0x0d30  [ A95C54B2AC3CC9C73FCDF9E51A1D6B51, 8C0189A6AF9AEC46CBA4DA422C52B2D3E4858B2F2658DB6CA7996B5F368D2503 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:11:29.0555 0x0d30  scfilter - ok
18:11:29.0631 0x0d30  [ 3E8B0C453E25613A1F59762A5C42AA75, 86801C49664441A08F7E95031E52AD2518D61CCB945A857A18F0714351A8158C ] Schedule        C:\Windows\system32\schedsvc.dll
18:11:29.0648 0x0d30  Schedule - ok
18:11:29.0661 0x0d30  [ 628A9E30EC5E18DD5DE6BE4DBDC12198, DDA43DCCB195440D6BD5752BD00D984F45BD6D23DBE2A656C33E3CD1E5D17AD7 ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:11:29.0663 0x0d30  SCPolicySvc - ok
18:11:29.0675 0x0d30  [ 5FD90ABDBFAEE85986802622CBB03446, 0A8D9DC09C2ACA9EAABED04737E9EBF6EFB92BB2B9E5F37F10BFDF47CBF7DEDB ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:11:29.0680 0x0d30  SDRSVC - ok
18:11:29.0705 0x0d30  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:11:29.0707 0x0d30  secdrv - ok
18:11:29.0716 0x0d30  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
18:11:29.0720 0x0d30  seclogon - ok
18:11:29.0734 0x0d30  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
18:11:29.0738 0x0d30  SENS - ok
18:11:29.0779 0x0d30  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:11:29.0782 0x0d30  SensrSvc - ok
18:11:29.0803 0x0d30  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
18:11:29.0804 0x0d30  Serenum - ok
18:11:29.0817 0x0d30  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
18:11:29.0820 0x0d30  Serial - ok
18:11:29.0831 0x0d30  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
18:11:29.0833 0x0d30  sermouse - ok
18:11:29.0852 0x0d30  [ 8F55CE568C543D5ADF45C409D16718FC, 64D45854A91B656C1AF36EB272FDC54E9B5FB0200CB93E20F7D997DDA109EF7F ] SessionEnv      C:\Windows\system32\sessenv.dll
18:11:29.0857 0x0d30  SessionEnv - ok
18:11:29.0868 0x0d30  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
18:11:29.0870 0x0d30  sffdisk - ok
18:11:29.0884 0x0d30  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys
18:11:29.0886 0x0d30  sffp_mmc - ok
18:11:29.0894 0x0d30  [ 4F1E5B0FE7C8050668DBFADE8999AEFB, E36DAACC3D11F004808A3F44C471BBFDC2F33411D9F5C18B55B0DB2A6DA6E74C ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
18:11:29.0895 0x0d30  sffp_sd - ok
18:11:29.0905 0x0d30  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
18:11:29.0907 0x0d30  sfloppy - ok
18:11:29.0952 0x0d30  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:11:29.0960 0x0d30  SharedAccess - ok
18:11:29.0980 0x0d30  [ CD2E48FA5B29EE2B3B5858056D246EF2, B743F92D0121CF3D827753C85F1F5A14C2DAA1CAFD42C7810C3BECB853DB6175 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:11:29.0989 0x0d30  ShellHWDetection - ok
18:11:30.0009 0x0d30  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\DRIVERS\sisagp.sys
18:11:30.0012 0x0d30  sisagp - ok
18:11:30.0052 0x0d30  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:11:30.0055 0x0d30  SiSRaid2 - ok
18:11:30.0065 0x0d30  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
18:11:30.0068 0x0d30  SiSRaid4 - ok
18:11:30.0110 0x0d30  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
18:11:30.0114 0x0d30  SkypeUpdate - ok
18:11:30.0155 0x0d30  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:11:30.0157 0x0d30  Smb - ok
18:11:30.0187 0x0d30  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:11:30.0190 0x0d30  SNMPTRAP - ok
18:11:30.0200 0x0d30  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:11:30.0203 0x0d30  spldr - ok
18:11:30.0223 0x0d30  [ 49B6DD6AB3715B7A67965F17194E98A9, 331D69F3630BA978AC13471A2E7465351D04416343A595C62B94BADFFCD02B3A ] Spooler         C:\Windows\System32\spoolsv.exe
18:11:30.0231 0x0d30  Spooler - ok
18:11:30.0346 0x0d30  [ 4C287F9069FEDBD791178876EE9DE536, 6099E76FF6FBA002EBA2BA7BE4E3238D91332E077524D1DD402E0C9ADA22E852 ] sppsvc          C:\Windows\system32\sppsvc.exe
18:11:30.0434 0x0d30  sppsvc - ok
18:11:30.0453 0x0d30  [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7, E7A8A5774C62DC12B56DC3E0A385ACA9069F3A5E6AC664AD0C383EF44DCF81B3 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
18:11:30.0457 0x0d30  sppuinotify - ok
18:11:30.0494 0x0d30  [ 2BA4EBC7DFBA845A1EDBE1F75913BE33, 58D0B957469D55026A53C3963508C8B36BDB360A0A5B870332B79A39200DB3AC ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:11:30.0500 0x0d30  srv - ok
18:11:30.0517 0x0d30  [ DCE7E10FEAABD4CAE95948B3DE5340BB, B1E9CD14DC24BB161EFC83D83CE95D0A98008AD790041785C6C8B87564A491D7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:11:30.0525 0x0d30  srv2 - ok
18:11:30.0541 0x0d30  [ B5665BAA2120B8A54E22E9CD07C05106, 86E50853D412ACDC752AD182ED52B49DD679D75843E1E9D6A6425E750594692C ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:11:30.0545 0x0d30  srvnet - ok
18:11:30.0562 0x0d30  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:11:30.0568 0x0d30  SSDPSRV - ok
18:11:30.0579 0x0d30  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:11:30.0584 0x0d30  SstpSvc - ok
18:11:30.0670 0x0d30  [ 49D9C17FDDFAC66F27FA735E94923216, 18C8FE5B794927989CDD3BB7A5500C73CCC23559470EEB37D42FD9AD04098C0D ] Stereo Service  C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:11:30.0679 0x0d30  Stereo Service - ok
18:11:30.0714 0x0d30  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
18:11:30.0717 0x0d30  stexstor - ok
18:11:30.0768 0x0d30  [ A22825E7BB7018E8AF3E229A5AF17221, 5C97557F8BC6ABBB5BE624AE41AAC22C3D845F76C3E930337A4C07B2381086D7 ] StiSvc          C:\Windows\System32\wiaservc.dll
18:11:30.0780 0x0d30  StiSvc - ok
18:11:30.0818 0x0d30  [ 957E346CA948668F2496A6CCF6FF82CC, 5C0E0F0E0F2D36E3213885C60BC3B075AFD2257FEB4B8186FC1FE253E0C218AF ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
18:11:30.0820 0x0d30  storflt - ok
18:11:30.0846 0x0d30  [ D5751969DC3E4B88BF482AC8EC9FE019, DAEB50C0045364C75965B0E94744C6E2E1E85C8D00F1E8A5593F3EC780BDD7D9 ] storvsc         C:\Windows\system32\DRIVERS\storvsc.sys
18:11:30.0848 0x0d30  storvsc - ok
18:11:30.0861 0x0d30  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
18:11:30.0863 0x0d30  swenum - ok
18:11:30.0885 0x0d30  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
18:11:30.0894 0x0d30  swprv - ok
18:11:30.0933 0x0d30  [ 04105C8DA62353589C29BDAEB8D88BD8, CC7A3A779A143E09FE5C0AA6795A7B13496C4E121347949CB23F7946EE5E2DED ] SysMain         C:\Windows\system32\sysmain.dll
18:11:30.0972 0x0d30  SysMain - ok
18:11:30.0987 0x0d30  [ FCFB6C552FBC0DA299799CBD50AD9FD4, A2A90829087B1A7F9B57D6F184EB4AE38D10B2986B0DC8D2ACA5EE9412CA3976 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:11:31.0011 0x0d30  TabletInputService - ok
18:11:31.0026 0x0d30  [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF, FF66CBA014F3F8B721088F5AB3D004C1711E7F587CC8D4AC3DCFB45CDB746800 ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:11:31.0034 0x0d30  TapiSrv - ok
18:11:31.0049 0x0d30  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
18:11:31.0054 0x0d30  TBS - ok
18:11:31.0114 0x0d30  [ 2CC3D75488ABD3EC628BBB9A4FC84EFC, 62917CDBC6529D1CC3D7F6E211C717DC44033955749333DCBD052F9BF6639767 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:11:31.0157 0x0d30  Tcpip - ok
18:11:31.0231 0x0d30  [ 2CC3D75488ABD3EC628BBB9A4FC84EFC, 62917CDBC6529D1CC3D7F6E211C717DC44033955749333DCBD052F9BF6639767 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:11:31.0250 0x0d30  TCPIP6 - ok
18:11:31.0297 0x0d30  [ E64444523ADD154F86567C469BC0B17F, FBE8A1DC28C102068183754F6BF0D03F5D18FD24BEB7E4B57D1CFCEBB13B381F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:11:31.0299 0x0d30  tcpipreg - ok
18:11:31.0344 0x0d30  [ 1875C1490D99E70E449E3AFAE9FCBADF, FFDF03826DAB748D51B53B648B632E79B3CD6238F684FDEA749B4D0F93BE5A77 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:11:31.0346 0x0d30  TDPIPE - ok
18:11:31.0372 0x0d30  [ 7551E91EA999EE9A8E9C331D5A9C31F3, C98C97DFD6C7276CD999545A7BC67B56E1BDDFB2886412E9198012322F95A10D ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:11:31.0374 0x0d30  TDTCP - ok
18:11:31.0388 0x0d30  [ CB39E896A2A83702D1737BFD402B3542, FA77D98EA3606CA2FCEF0E0949FDE2C32A080B47CAFDE46CE903CA3CBFC5DF35 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:11:31.0392 0x0d30  tdx - ok
18:11:31.0402 0x0d30  [ C36F41EE20E6999DBF4B0425963268A5, 9DB789A17DF2C283D6E803EEA15F2BDFC56EE3BE342A5606DD5C179C3550ECA6 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
18:11:31.0405 0x0d30  TermDD - ok
18:11:31.0429 0x0d30  [ A01E50A04D7B1960B33E92B9080E6A94, 0512BF11F2FD62BDBD2B1AA34D509BE82AC374C37B925C8C0ED119C6331930FD ] TermService     C:\Windows\System32\termsrv.dll
18:11:31.0443 0x0d30  TermService - ok
18:11:31.0459 0x0d30  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
18:11:31.0463 0x0d30  Themes - ok
18:11:31.0473 0x0d30  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
18:11:31.0475 0x0d30  THREADORDER - ok
18:11:31.0516 0x0d30  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
18:11:31.0520 0x0d30  TrkWks - ok
18:11:31.0591 0x0d30  [ 41A4C781D2286208D397D72099304133, 447CAAD5589AA499EEE49FBA2CB53210359DB76AFF1DF2F0BD4D92A397037C1D ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:11:31.0596 0x0d30  TrustedInstaller - ok
18:11:31.0606 0x0d30  [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242, 9606DACB8CBDAF520282BE8C8F064535767405F138D9E9A215D2C59183E93CC1 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:11:31.0608 0x0d30  tssecsrv - ok
18:11:31.0659 0x0d30  [ 3E461D890A97F9D4C168F5FDA36E1D00, 82A8778F404F7AC5102802CF46F279F1E58AC74244665D06FD0C68A8BD887536 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:11:31.0662 0x0d30  tunnel - ok
18:11:31.0684 0x0d30  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
18:11:31.0686 0x0d30  uagp35 - ok
18:11:31.0704 0x0d30  [ 09CC3E16F8E5EE7168E01CF8FCBE061A, 81EEAC72A7C4D72666C743DEFF8096FDB465AA1FA8076C60D19CC192846F01CA ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:11:31.0710 0x0d30  udfs - ok
18:11:31.0728 0x0d30  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:11:31.0732 0x0d30  UI0Detect - ok
18:11:31.0765 0x0d30  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys
18:11:31.0768 0x0d30  uliagpkx - ok
18:11:31.0811 0x0d30  [ 049B3A50B3D646BAEEEE9EEC9B0668DC, 5774438BBD0976424C20559E14BA2AC158D9FF5D4E1FDC1C9C9F4D7A5CE8C377 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
18:11:31.0814 0x0d30  umbus - ok
18:11:31.0859 0x0d30  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
18:11:31.0861 0x0d30  UmPass - ok
18:11:31.0905 0x0d30  [ 8ECACA5454844F66386F7BE4AE0D7CD1, F3B02A9F598C6A9EFA019F5833959DD1A86FDFDB9FDDF99A8687BBB6211AAD00 ] UmRdpService    C:\Windows\System32\umrdp.dll
18:11:31.0911 0x0d30  UmRdpService - ok
18:11:31.0926 0x0d30  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
18:11:31.0934 0x0d30  upnphost - ok
18:11:31.0970 0x0d30  [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
18:11:31.0973 0x0d30  USBAAPL - ok
18:11:32.0012 0x0d30  [ 2436A42AAB4AD48A9B714E5B0F344627, A4DE6863BEFDC8DE7C43644F60CFD4182BE300B1EF4F3F86647218C32F745789 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
18:11:32.0015 0x0d30  usbaudio - ok
18:11:32.0049 0x0d30  [ 8455C4ED038EFD09E99327F9D2D48FFA, D166F98EA3D85F7DD6B5258949C186714A17EF89B6FDC9804165F7B4FA811C30 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:11:32.0052 0x0d30  usbccgp - ok
18:11:32.0067 0x0d30  [ 04EC7CEC62EC3B6D9354EEE93327FC82, 6CB41D8644618A5F701F6CA91FB65BB94AA83EA48992133B5262DC539B334B2E ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
18:11:32.0071 0x0d30  usbcir - ok
18:11:32.0082 0x0d30  [ 1C333BFD60F2FED2C7AD5DAF533CB742, 97AE9CA39482B886FCD063E80B8AB153E1FC1459452657393D8B1745EF69E1C3 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
18:11:32.0084 0x0d30  usbehci - ok
18:11:32.0102 0x0d30  [ EE6EF93CCFA94FAE8C6AB298273D8AE2, CBEE16CEAD02E994F0C2AD77DD8C01CB9964C6B42DE49FF7A787849CD25767B4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:11:32.0109 0x0d30  usbhub - ok
18:11:32.0149 0x0d30  [ A6FB7957EA7AFB1165991E54CE934B74, 1CE83D9E3276AE380F720C7700A17D58A37A2A77FD72DA69EE0C756B88DB3689 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
18:11:32.0151 0x0d30  usbohci - ok
18:11:32.0160 0x0d30  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
18:11:32.0162 0x0d30  usbprint - ok
18:11:32.0173 0x0d30  [ D8889D56E0D27E57ED4591837FE71D27, DB1B65EEBFB036086EC3347C1181D9D01FF65870EAEC4A1BA08AF43C35075647 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:11:32.0176 0x0d30  USBSTOR - ok
18:11:32.0189 0x0d30  [ 78780C3EBCE17405B1CCD07A3A8A7D72, FBFF3111E22EE0B4BCAFA81F89AAE985135BFF48EEFD130C09B49CCF8A9946B9 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
18:11:32.0191 0x0d30  usbuhci - ok
18:11:32.0224 0x0d30  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
18:11:32.0228 0x0d30  UxSms - ok
18:11:32.0240 0x0d30  [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] VaultSvc        C:\Windows\system32\lsass.exe
18:11:32.0241 0x0d30  VaultSvc - ok
18:11:32.0291 0x0d30  [ B2ABAB4CA46BAD182E27763DC19C780F, D581C2EAD3CEE2FEE8A1B6B0A4088518E78DC63FF38CB3CABA3F9CDC1367D9A9 ] VCSVADHWSer     C:\Windows\system32\DRIVERS\vcsvad.sys
18:11:32.0294 0x0d30  VCSVADHWSer - ok
18:11:32.0305 0x0d30  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys
18:11:32.0308 0x0d30  vdrvroot - ok
18:11:32.0332 0x0d30  [ 8C4E7C49D3641BC9E299E466A7F8867D, 4F2E742EFE2DE47EE187B3BCDFDCB525FE484B74700A226D7894F9633F957AFA ] vds             C:\Windows\System32\vds.exe
18:11:32.0343 0x0d30  vds - ok
18:11:32.0358 0x0d30  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:11:32.0360 0x0d30  vga - ok
18:11:32.0369 0x0d30  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:11:32.0371 0x0d30  VgaSave - ok
18:11:32.0389 0x0d30  [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583, 33DF8F7C9A3176175113CA10D69FAF17A5412C055943F14DDC9923531FADB82D ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
18:11:32.0393 0x0d30  vhdmp - ok
18:11:32.0426 0x0d30  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\DRIVERS\viaagp.sys
18:11:32.0429 0x0d30  viaagp - ok
18:11:32.0442 0x0d30  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
18:11:32.0445 0x0d30  ViaC7 - ok
18:11:32.0448 0x0d30  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\DRIVERS\viaide.sys
18:11:32.0449 0x0d30  viaide - ok
18:11:32.0486 0x0d30  [ 379B349F65F453D2A6E75EA6B7448E49, F52B1B3AE9F5D38B45C889A7B1EBE59533C17E73678D355D1466B5EF3338BF16 ] vmbus           C:\Windows\system32\DRIVERS\vmbus.sys
18:11:32.0490 0x0d30  vmbus - ok
18:11:32.0505 0x0d30  [ EC2BBAB4B84D0738C6C83D2234DC36FE, 8BA2FA187DAC6994D5A29897AE5F46E6424FB53C827553E0BB148E31825D6676 ] VMBusHID        C:\Windows\system32\DRIVERS\VMBusHID.sys
18:11:32.0507 0x0d30  VMBusHID - ok
18:11:32.0520 0x0d30  [ 384E5A2AA49934295171E499F86BA6F3, C79271F98506392422325C075144F45436F9979FE1E002B57F9426F3DA96CEF0 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys
18:11:32.0523 0x0d30  volmgr - ok
18:11:32.0542 0x0d30  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:11:32.0547 0x0d30  volmgrx - ok
18:11:32.0589 0x0d30  [ 58DF9D2481A56EDDE167E51B334D44FD, C77D7BE83CF1C0DEC80429C5A519E794FD2E8C1E6DAD6F5C92B5EB5694CEB8EA ] volsnap         C:\Windows\system32\DRIVERS\volsnap.sys
18:11:32.0594 0x0d30  volsnap - ok
18:11:32.0640 0x0d30  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
18:11:32.0643 0x0d30  vsmraid - ok
18:11:32.0699 0x0d30  [ 7EA2BCD94D9CFAF4C556F5CC94532A6C, 7CD6637BE0A08E3B0F9991D79751DCA8AEC9224B83301821DAA29C9F42B7A9E3 ] VSS             C:\Windows\system32\vssvc.exe
18:11:32.0721 0x0d30  VSS - ok
18:11:32.0733 0x0d30  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
18:11:32.0735 0x0d30  vwifibus - ok
18:11:32.0762 0x0d30  [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
18:11:32.0764 0x0d30  vwififlt - ok
18:11:32.0785 0x0d30  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
18:11:32.0793 0x0d30  W32Time - ok
18:11:32.0809 0x0d30  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
18:11:32.0811 0x0d30  WacomPen - ok
18:11:32.0857 0x0d30  [ 692A712062146E96D28BA0B7D75DE31B, B6D260272330E0C8EBFAD8F09212F48F1EFED42E6BD3F29A5780D0B691D55B34 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:11:32.0859 0x0d30  WANARP - ok
18:11:32.0863 0x0d30  [ 692A712062146E96D28BA0B7D75DE31B, B6D260272330E0C8EBFAD8F09212F48F1EFED42E6BD3F29A5780D0B691D55B34 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:11:32.0864 0x0d30  Wanarpv6 - ok
18:11:32.0934 0x0d30  [ 7790B77FE1E5EE47DCC66247095BB4C9, FFB541F83CDE32E65007D41217C2F46CDDF68121E2846B638EAB620ACA940B05 ] wbengine        C:\Windows\system32\wbengine.exe
18:11:32.0977 0x0d30  wbengine - ok
18:11:32.0992 0x0d30  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:11:32.0998 0x0d30  WbioSrvc - ok
18:11:33.0019 0x0d30  [ D0F88AA11EE1A62BCC6D6A8A7783CA11, 3DBC1806E6F8CD58A9E93EA2A0CDC83C1A90E37B5E385209E4D9A0C81922F447 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:11:33.0027 0x0d30  wcncsvc - ok
18:11:33.0044 0x0d30  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:11:33.0048 0x0d30  WcsPlugInService - ok
18:11:33.0061 0x0d30  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
18:11:33.0063 0x0d30  Wd - ok
18:11:33.0086 0x0d30  [ 9950E3D0F08141C7E89E64456AE7DC73, DE4B96812B305A63F5874BBF2DC40354FB45B3D96C1D33436E677099760BA448 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:11:33.0096 0x0d30  Wdf01000 - ok
18:11:33.0113 0x0d30  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:11:33.0118 0x0d30  WdiServiceHost - ok
18:11:33.0121 0x0d30  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:11:33.0124 0x0d30  WdiSystemHost - ok
18:11:33.0145 0x0d30  [ D87C7D2C517F82A5AB7A73E203063D9E, 8861AB4ECEDAE801008BE0406FCB19418AA2864E89D0776B94E25773E6DB5E88 ] WebClient       C:\Windows\System32\webclnt.dll
18:11:33.0151 0x0d30  WebClient - ok
18:11:33.0164 0x0d30  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:11:33.0169 0x0d30  Wecsvc - ok
18:11:33.0182 0x0d30  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:11:33.0186 0x0d30  wercplsupport - ok
18:11:33.0218 0x0d30  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
18:11:33.0222 0x0d30  WerSvc - ok
18:11:33.0270 0x0d30  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
18:11:33.0271 0x0d30  WfpLwf - ok
18:11:33.0275 0x0d30  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:11:33.0276 0x0d30  WIMMount - ok
18:11:33.0377 0x0d30  [ 3FAE8F94296001C32EAB62CD7D82E0FD, 180FAECC426CF8F46700C855022E5865D528B1A20686F96D11080AB2FE2E0430 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
18:11:33.0393 0x0d30  WinDefend - ok
18:11:33.0400 0x0d30  WinHttpAutoProxySvc - ok
18:11:33.0477 0x0d30  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:11:33.0482 0x0d30  Winmgmt - ok
18:11:33.0528 0x0d30  [ C4F5D3901D1B41D602DDC196E0B95B51, 20FF2A9DEE3ECBFB163DFA62A407E30ED49F609EF46936F286C2A08A24EA3E7C ] WinRM           C:\Windows\system32\WsmSvc.dll
18:11:33.0565 0x0d30  WinRM - ok
18:11:33.0609 0x0d30  [ 30FC6E5448D0CBAAA95280EEEF7FEDAE, 04374450882504D9031951F4E9317E5A128EBA5A22A3555ACD28BC742861AF9C ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
18:11:33.0611 0x0d30  WinUsb - ok
18:11:33.0642 0x0d30  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:11:33.0661 0x0d30  Wlansvc - ok
18:11:33.0830 0x0d30  [ 5E7C103F8475C4289847D15E129C20F7, C6325D3557545FA1DA26B0B1EA9A1C95AED1FA84A93BE29A771DAD9ECB00768B ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:11:33.0881 0x0d30  wlidsvc - ok
18:11:33.0900 0x0d30  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
18:11:33.0902 0x0d30  WmiAcpi - ok
18:11:33.0943 0x0d30  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:11:33.0947 0x0d30  wmiApSrv - ok
18:11:34.0008 0x0d30  [ 77FBD400984CF72BA0FC4B3489D65F74, 9AA404F17177FEB43A9EA1A86061B452E7C4A93C873E61B68269047519CD433E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
18:11:34.0042 0x0d30  WMPNetworkSvc - ok
18:11:34.0062 0x0d30  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:11:34.0065 0x0d30  WPCSvc - ok
18:11:34.0079 0x0d30  [ B7F658A2EBC07129538AD9AB35212637, 86774A760189E4B126C972A778F890C00C1C30EDD28044DD43B40644A8778B4D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:11:34.0084 0x0d30  WPDBusEnum - ok
18:11:34.0100 0x0d30  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:11:34.0101 0x0d30  ws2ifsl - ok
18:11:34.0126 0x0d30  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
18:11:34.0130 0x0d30  wscsvc - ok
18:11:34.0133 0x0d30  WSearch - ok
18:11:34.0213 0x0d30  [ A33408CC036F9C08142B11BE5E93F0A1, A6CE3681EE4DE3C9A8B8B5DA4E8E46DB4443A32D1339F7D0893F1F2153635D86 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:11:34.0270 0x0d30  wuauserv - ok
18:11:34.0288 0x0d30  [ 6F9B6C0C93232CFF47D0F72D6DB1D21E, C685A458951820ED0F09E6197251CE6FC55AAB75D4FBEFF2992805309239A47A ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:11:34.0291 0x0d30  WudfPf - ok
18:11:34.0324 0x0d30  [ F91FF1E51FCA30B3C3981DB7D5924252, D7052B58F22638CA8B59C6FD7408D6D6DD1C33910912CACC05C133472CE0DDCE ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:11:34.0327 0x0d30  WUDFRd - ok
18:11:34.0351 0x0d30  [ DDEE3682FE97037C45F4D7AB467CB8B6, D5A8F07AF4EDD9D7E17FEC6222D187E2981C177A479511E407756E0E5CB8D387 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:11:34.0356 0x0d30  wudfsvc - ok
18:11:34.0413 0x0d30  [ FF2D745B560F7C71B31F30F4D49F73D2, B2FBF7E5F58E34AC64FE6CF65800F1F07939279203BDE89375FAC92B884A4F37 ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:11:34.0436 0x0d30  WwanSvc - ok
18:11:34.0449 0x0d30  ================ Scan global ===============================
18:11:34.0492 0x0d30  [ 9A595DF601070DA78C40481120DD2C06, 4C2D6216F212DE9346339ED29152962A39E4435E70F18DD655156727E70818F6 ] C:\Windows\system32\basesrv.dll
18:11:34.0544 0x0d30  [ 827E4F75901CA3F990B1487D3301841E, A0B17C83D52DB95EDBA81C6ABD78E5E4E3BB65CB57F977B07172A96D4C2B743B ] C:\Windows\system32\winsrv.dll
18:11:34.0557 0x0d30  [ 827E4F75901CA3F990B1487D3301841E, A0B17C83D52DB95EDBA81C6ABD78E5E4E3BB65CB57F977B07172A96D4C2B743B ] C:\Windows\system32\winsrv.dll
18:11:34.0595 0x0d30  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
18:11:34.0619 0x0d30  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
18:11:34.0626 0x0d30  [ Global ] - ok
18:11:34.0627 0x0d30  ================ Scan MBR ==================================
18:11:34.0640 0x0d30  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:11:34.0811 0x0d30  \Device\Harddisk0\DR0 - ok
18:11:34.0825 0x0d30  [ 2CDA0839C249E90E2E67B5C33D8EAAF4 ] \Device\Harddisk1\DR1
18:11:34.0880 0x0d30  \Device\Harddisk1\DR1 - ok
18:11:34.0881 0x0d30  ================ Scan VBR ==================================
18:11:34.0883 0x0d30  [ DEF3A0368C3B14B4DE877BB3A44B478F ] \Device\Harddisk0\DR0\Partition1
18:11:34.0884 0x0d30  \Device\Harddisk0\DR0\Partition1 - ok
18:11:34.0886 0x0d30  [ C9E868FC965F445D50F96BCA47B75277 ] \Device\Harddisk1\DR1\Partition1
18:11:34.0887 0x0d30  \Device\Harddisk1\DR1\Partition1 - ok
18:11:34.0887 0x0d30  ================ Scan generic autorun ======================
18:11:34.0972 0x0d30  [ 21A183353F1EB5FF618C127D38F4A5E2, F514D97A5A88109D813E86E1CAB6144472D2A09C1816CBFB59893B8F7D24D398 ] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe
18:11:35.0038 0x0d30  nwiz - ok
18:11:35.0086 0x0d30  [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
18:11:35.0089 0x0d30  APSDaemon - ok
18:11:35.0168 0x0d30  [ BAF535F843A3E790E04A7613811B55BC, 764608E1BC657FBBBB3E0DC5D36F0701CAA9D28BE15E416DF84AD3EFC7EB85D9 ] C:\Program Files\iTunes\iTunesHelper.exe
18:11:35.0172 0x0d30  iTunesHelper - ok
18:11:35.0322 0x0d30  [ BDBF2A7AD6CF18F2A7FBC431692B7B96, 73A91EC0E78773B4138132D5D6D4C8A702116C4BF7D1D986B52BE0070F19E5FC ] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
18:11:35.0361 0x0d30  AdobeAAMUpdater-1.0 - ok
18:11:35.0583 0x0d30  [ C8F0DCA0E032881B6C4422B502194629, 32996D4C0578FA9A12F3BD205F69E5357A31FBD2C9AC47DA2AB8D77196E587B1 ] C:\Program Files\AVG\AVG2014\avgui.exe
18:11:35.0738 0x0d30  AVG_UI - ok
18:11:35.0847 0x0d30  [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files\Windows Sidebar\Sidebar.exe
18:11:35.0880 0x0d30  Sidebar - ok
18:11:35.0924 0x0d30  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
18:11:35.0931 0x0d30  mctadmin - ok
18:11:35.0972 0x0d30  [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files\Windows Sidebar\Sidebar.exe
18:11:35.0988 0x0d30  Sidebar - ok
18:11:35.0995 0x0d30  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
18:11:35.0998 0x0d30  mctadmin - ok
18:11:35.0999 0x0d30  Overwolf - ok
18:11:36.0571 0x0d30  [ 9D4A0ECBF734E2EECDD5B473A2D705FE, F663B8EDA4C75DB6D3E3B68EE938FE43B0C05EF9B09598BFEB147D041D3F6A17 ] C:\Program Files\Skype\Phone\Skype.exe
18:11:37.0104 0x0d30  Skype - ok
18:11:37.0255 0x0d30  [ A817A995FC4B50D2EB6287B07D08CCB4, 080176F48A8D65D1FEB309E715E5CC1B0E5B23C6C5824783658AB46121702D7E ] C:\Program Files\Clownfish\Clownfish.exe
18:11:37.0445 0x0d30  Clownfish - ok
18:11:37.0447 0x0d30  Waiting for KSN requests completion. In queue: 34
18:11:38.0447 0x0d30  Waiting for KSN requests completion. In queue: 34
18:11:39.0447 0x0d30  Waiting for KSN requests completion. In queue: 34
18:11:40.0447 0x0d30  Waiting for KSN requests completion. In queue: 34
18:11:41.0447 0x0d30  Waiting for KSN requests completion. In queue: 34
18:11:42.0447 0x0d30  Waiting for KSN requests completion. In queue: 34
18:11:43.0728 0x0d30  AV detected via SS2: AVG AntiVirus 2014, C:\Program Files\AVG\AVG2014\avgwsc.exe ( 14.0.0.4592 ), 0x41000 ( enabled : updated )
18:11:43.0766 0x0d30  Win FW state via NFP2: enabled
18:11:46.0233 0x0d30  ============================================================
18:11:46.0233 0x0d30  Scan finished
18:11:46.0233 0x0d30  ============================================================
18:11:46.0239 0x13e8  Detected object count: 0
18:11:46.0239 0x13e8  Actual detected object count: 0
18:12:16.0103 0x18d0  Deinitialize success


#14 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:07:11 AM

Posted 11 June 2014 - 05:16 PM

Download 51a5f31352b88-icon_MBAR.pngMalwarebytes Anti-Rootkit to your desktop.

  • Extract the ZIP archive and double-click "mbar.exe" to start the tool.
  • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
  • Click in the introduction screen "next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
  • When the scan is finished and no malware has been found select "Exit".
  • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
  • Open the MBAR folder and paste the content of the following files in your next reply:
  • "mbar-log-{date} (xx-xx-xx).txt"
  • "system-log.txt"

[/*]


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#15 Fab1199

Fab1199
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:11 AM

Posted 11 June 2014 - 05:36 PM

mbar log 

Malwarebytes Anti-Rootkit BETA 1.07.0.1012

www.malwarebytes.org
 
Database version: v2014.06.11.08
 
Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
UltimatePC :: ULTIMATEPC-PC [administrator]
 
6/11/2014 5:22:34 PM
mbar-log-2014-06-11 (17-22-34).txt
 
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 247002
Time elapsed: 7 minute(s), 45 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
Physical Sectors Detected: 0
(No malicious items detected)
 
(end)
 
System log
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1012
 
© Malwarebytes Corporation 2011-2012
 
OS version: 6.1.7600 Windows 7 x86
 
Account is Administrative
 
Internet Explorer version: 8.0.7600.16385
 
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.992000 GHz
Memory total: 3218726912, free: 1903824896
 
Downloaded database version: v2014.06.11.08
Downloaded database version: v2014.06.02.01
=======================================
Initializing...
------------ Kernel report ------------
     06/11/2014 17:22:27
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\halmacpi.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\DRIVERS\ACPI.sys
\SystemRoot\system32\DRIVERS\WMILIB.SYS
\SystemRoot\system32\DRIVERS\msisadrv.sys
\SystemRoot\system32\DRIVERS\pci.sys
\SystemRoot\system32\DRIVERS\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\atapi.sys
\SystemRoot\system32\DRIVERS\ataport.SYS
\SystemRoot\system32\DRIVERS\msahci.sys
\SystemRoot\system32\DRIVERS\PCIIDEX.SYS
\SystemRoot\system32\DRIVERS\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\vmstorfl.sys
\SystemRoot\system32\DRIVERS\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\avgrkx86.sys
\SystemRoot\system32\DRIVERS\avglogx.sys
\SystemRoot\system32\DRIVERS\avgmfx86.sys
\SystemRoot\system32\DRIVERS\avgidshx.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\avgtdix.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\??\C:\Windows\system32\drivers\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\avgldx86.sys
\SystemRoot\system32\DRIVERS\avgidsshimx.sys
\SystemRoot\system32\DRIVERS\avgidsdriverx.sys
\SystemRoot\system32\DRIVERS\avgdiskx.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\??\C:\Windows\system32\drivers\RzDxgk.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\b57nd60x.sys
\SystemRoot\system32\DRIVERS\parport.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\vcsvad.sys
\SystemRoot\system32\DRIVERS\portcls.sys
\SystemRoot\system32\DRIVERS\drmk.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\rdpbus.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\HdAudio.sys
\SystemRoot\system32\DRIVERS\AE2500w7.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\kbdhid.sys
\??\C:\Windows\system32\drivers\RzFilter.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_msahci.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\mbam.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\parvdm.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\spsys.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\rzmpos.sys
\SystemRoot\system32\DRIVERS\rzendpt.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\rzudd.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xffffffff85e487c0
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP1T0L0-1\
Lower Device Object: 0xffffffff85ce0908
Lower Device Driver Name: \Driver\atapi\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff85e48030
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-0\
Lower Device Object: 0xffffffff85cd7030
Lower Device Driver Name: \Driver\atapi\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff85e48030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff85e48d18, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff85e48030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff85cd7030, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 707D707D
 
Partition information:
 
    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 63  Numsec = 976768002
    Partition file system is NTFS
    Partition is bootable
 
    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
Disk Size: 500107862016 bytes
Sector size: 512 bytes
 
Scanning physical sectors of unpartitioned space on drive 0 (1-62-976753168-976773168)...
Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xffffffff85e487c0, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff85e49020, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff85e487c0, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff85ce0908, DeviceName: \Device\Ide\IdeDeviceP1T0L0-1\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 80528052
 
Partition information:
 
    Partition 0 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
    Partition 1 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 63  Numsec = 156232062
    Partition file system is NTFS
    Partition is not bootable
 
    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
Disk Size: 80000000000 bytes
Sector size: 512 bytes
 
Done!
File "c:\programdata\avg2014\chjw\8eeb0b0eeb09780.dat:bf598904-0f60-4e0f-928d-723fc7402f42" is sparse (flags = 32768)
File "C:\Windows\System32\config\systemprofile\AppData\Local\Avg2014\log\avgcfg.log.1" is compressed (flags = 1)
File "C:\Windows\System32\config\systemprofile\AppData\Local\Avg2014\log\avgcore.log.1" is compressed (flags = 1)
Scan finished
=======================================
 
 
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-63-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-1-1-63-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...
Removal finished

Edited by Fab1199, 11 June 2014 - 05:37 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users