Solved DCOM Restart Issue

[Broni]

Download TDSSKiller and save it to your desktop.

• Extract (unzip) its contents to your desktop.
• Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
• If an infected file is detected, the default action will be Cure, click on Continue.
• If a suspicious file is detected, the default action will be Skip, click on Continue.
• It may ask you to reboot the computer to complete the process. Click on Reboot Now.
• If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
• If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

 

[TimSimm2]

19:53:27.0386 0x1108 TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
19:54:11.0261 0x1108 KSN EULA was not accepted. For auto accept you could use -accepteulaksn command line parameter.
19:54:11.0271 0x1108 ============================================================
19:54:11.0271 0x1108 Current date / time: 2014/01/20 19:54:11.0271
19:54:11.0271 0x1108 SystemInfo:
19:54:11.0271 0x1108
19:54:11.0271 0x1108 OS Version: 6.1.7601 ServicePack: 1.0
19:54:11.0271 0x1108 Product type: Workstation
19:54:11.0271 0x1108 ComputerName: TIM-PC
19:54:11.0271 0x1108 UserName: Tim
19:54:11.0271 0x1108 Windows directory: C:\Windows
19:54:11.0271 0x1108 System windows directory: C:\Windows
19:54:11.0271 0x1108 Running under WOW64
19:54:11.0271 0x1108 Processor architecture: Intel x64
19:54:11.0271 0x1108 Number of processors: 1
19:54:11.0271 0x1108 Page size: 0x1000
19:54:11.0271 0x1108 Boot type: Normal boot
19:54:11.0271 0x1108 ============================================================
19:54:13.0748 0x1108 KLMD registered as C:\Windows\system32\drivers\63204668.sys
19:54:14.0166 0x1108 System UUID: {73E5DCE7-32F2-6EAE-EA15-4C1D6A217EB6}
19:54:14.0180 0x1108 Skipping KSN library initialization due to KSN EULA unacceptance
19:54:14.0565 0x1108 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:54:14.0596 0x1108 ============================================================
19:54:14.0596 0x1108 \Device\Harddisk0\DR0:
19:54:14.0597 0x1108 MBR partitions:
19:54:14.0597 0x1108 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:54:14.0597 0x1108 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D192800
19:54:14.0597 0x1108 ============================================================
19:54:14.0640 0x1108 C: <-> \Device\Harddisk0\DR0\Partition2
19:54:14.0640 0x1108 ============================================================
19:54:14.0641 0x1108 Initialize success
19:54:14.0641 0x1108 ============================================================
19:54:19.0559 0x11fc ============================================================
19:54:19.0559 0x11fc Scan started
19:54:19.0559 0x11fc Mode: Manual;
19:54:19.0559 0x11fc ============================================================
19:54:20.0041 0x11fc ================ Scan system memory ========================
19:54:20.0041 0x11fc System memory - ok
19:54:20.0051 0x11fc ================ Scan services =============================
19:54:20.0251 0x11fc [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:54:20.0251 0x11fc 1394ohci - ok
19:54:20.0321 0x11fc [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:54:20.0331 0x11fc ACPI - ok
19:54:20.0381 0x11fc [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:54:20.0381 0x11fc AcpiPmi - ok
19:54:20.0541 0x11fc [ 1BA1AB4141A92EB34DA99F1249CA2D4D, 43ADF35146E61E0DE58D2ACC2994538F6025135ECEB30073BEF05A804BB38107 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:54:20.0551 0x11fc AdobeFlashPlayerUpdateSvc - ok
19:54:20.0611 0x11fc [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:54:20.0641 0x11fc adp94xx - ok
19:54:20.0701 0x11fc [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:54:20.0711 0x11fc adpahci - ok
19:54:20.0741 0x11fc [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:54:20.0758 0x11fc adpu320 - ok
19:54:20.0793 0x11fc [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:54:20.0793 0x11fc AeLookupSvc - ok
19:54:20.0883 0x11fc [ 1C7857B62DE5994A75B054A9FD4C3825, 83F963D7E636532B1AD30B1E727EC429317CA540F6EB3BB268FCC0B163B67767 ] AFD C:\Windows\system32\drivers\afd.sys
19:54:20.0893 0x11fc AFD - ok
19:54:20.0953 0x11fc [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
19:54:20.0953 0x11fc agp440 - ok
19:54:20.0973 0x11fc [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
19:54:20.0983 0x11fc ALG - ok
19:54:21.0023 0x11fc [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
19:54:21.0023 0x11fc aliide - ok
19:54:21.0073 0x11fc [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
19:54:21.0073 0x11fc amdide - ok
19:54:21.0123 0x11fc [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:54:21.0133 0x11fc AmdK8 - ok
19:54:21.0163 0x11fc [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:54:21.0163 0x11fc AmdPPM - ok
19:54:21.0213 0x11fc [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:54:21.0223 0x11fc amdsata - ok
19:54:21.0263 0x11fc [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:54:21.0263 0x11fc amdsbs - ok
19:54:21.0303 0x11fc [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:54:21.0303 0x11fc amdxata - ok
19:54:21.0363 0x11fc [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
19:54:21.0363 0x11fc AppID - ok
19:54:21.0393 0x11fc [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:54:21.0403 0x11fc AppIDSvc - ok
19:54:21.0463 0x11fc [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
19:54:21.0463 0x11fc Appinfo - ok
19:54:21.0523 0x11fc [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
19:54:21.0533 0x11fc arc - ok
19:54:21.0553 0x11fc [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:54:21.0553 0x11fc arcsas - ok
19:54:21.0693 0x11fc [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:54:21.0693 0x11fc aspnet_state - ok
19:54:21.0743 0x11fc [ 9C2BEA3957EFFD45F352F0938DFB3721, 7006CC604C480CF512A29AD03BA17FFA564FDDF34CE768ACBD805611503D5012 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
19:54:21.0753 0x11fc aswMonFlt - ok
19:54:21.0783 0x11fc [ 679712B7A353EE665B9301592164A172, CA3C918106A355BAFD0833BB493DF2CCBC2D0F90CA7EBF5E27CC088C7170B0E0 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
19:54:21.0783 0x11fc aswRdr - ok
19:54:21.0833 0x11fc [ C04F7B373881009D7994D9BF55D24AB4, 5DEEA804F4F9862024F40A204E88DBCFFBDD2DC87CA86145E3FB649CFCCDC624 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
19:54:21.0833 0x11fc aswRvrt - ok
19:54:21.0913 0x11fc [ 52B5F8FAF7E78C02D26B0B6E3A05F596, 7C45BA507529F822D4397BD5F001EC861C85E9CBB1F75927E48843B15D5C0B8E ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
19:54:21.0963 0x11fc aswSnx - ok
19:54:22.0023 0x11fc [ 251360C2FCA22BAFE0583314B3262F98, 1EB1B4620E3AFA8ACDDE5F1A6EC4AAEDD40AE2FC5C013AF1B13B03C4B60F6CEB ] aswSP C:\Windows\system32\drivers\aswSP.sys
19:54:22.0043 0x11fc aswSP - ok
19:54:22.0073 0x11fc [ AAB5F5336EDBB5D99CC7E1A9F4D8F63F, 01B40475DCA40E7B426DB0578A33DB62D62640F3A7F9F95A6BBF0AD3CF0F2941 ] aswStm C:\Windows\system32\drivers\aswStm.sys
19:54:22.0083 0x11fc aswStm - ok
19:54:22.0103 0x11fc [ 90399625F341AB76BA4B85A5E860EB1F, 92DD461B14240222F451F971642844A4DAD9DF4FFEAA8F12D16EA117822BEEF3 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
19:54:22.0113 0x11fc aswVmm - ok
19:54:22.0143 0x11fc [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:54:22.0143 0x11fc AsyncMac - ok
19:54:22.0193 0x11fc [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
19:54:22.0193 0x11fc atapi - ok
19:54:22.0283 0x11fc [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:54:22.0313 0x11fc AudioEndpointBuilder - ok
19:54:22.0366 0x11fc [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:54:22.0381 0x11fc AudioSrv - ok
19:54:22.0525 0x11fc [ D74884939D53612FD84AC82C59CCFE27, 07BFB34A3748E018C0A674A6253A03FFA522B31AE1942E84B3CC4DDDED9C16A9 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:54:22.0535 0x11fc avast! Antivirus - ok
19:54:22.0585 0x11fc [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:54:22.0595 0x11fc AxInstSV - ok
19:54:22.0665 0x11fc [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
19:54:22.0685 0x11fc b06bdrv - ok
19:54:22.0735 0x11fc [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:54:22.0745 0x11fc b57nd60a - ok
19:54:22.0795 0x11fc [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
19:54:22.0795 0x11fc BDESVC - ok
19:54:22.0825 0x11fc [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
19:54:22.0825 0x11fc Beep - ok
19:54:22.0895 0x11fc [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
19:54:22.0935 0x11fc BFE - ok
19:54:22.0987 0x11fc [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll
19:54:23.0037 0x11fc BITS - ok
19:54:23.0067 0x11fc [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:54:23.0067 0x11fc blbdrive - ok
19:54:23.0107 0x11fc [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:54:23.0117 0x11fc bowser - ok
19:54:23.0147 0x11fc [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:54:23.0147 0x11fc BrFiltLo - ok
19:54:23.0167 0x11fc [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:54:23.0167 0x11fc BrFiltUp - ok
19:54:23.0207 0x11fc [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
19:54:23.0217 0x11fc BridgeMP - ok
19:54:23.0257 0x11fc [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
19:54:23.0267 0x11fc Browser - ok
19:54:23.0297 0x11fc [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:54:23.0307 0x11fc Brserid - ok
19:54:23.0337 0x11fc [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:54:23.0337 0x11fc BrSerWdm - ok
19:54:23.0367 0x11fc [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:54:23.0367 0x11fc BrUsbMdm - ok
19:54:23.0397 0x11fc [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:54:23.0397 0x11fc BrUsbSer - ok
19:54:23.0417 0x11fc [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:54:23.0427 0x11fc BTHMODEM - ok
19:54:23.0476 0x11fc [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
19:54:23.0481 0x11fc bthserv - ok
19:54:23.0509 0x11fc catchme - ok
19:54:23.0529 0x11fc [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:54:23.0529 0x11fc cdfs - ok
19:54:23.0609 0x11fc [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
19:54:23.0609 0x11fc cdrom - ok
19:54:23.0669 0x11fc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
19:54:23.0689 0x11fc CertPropSvc - ok
19:54:23.0739 0x11fc [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:54:23.0739 0x11fc circlass - ok
19:54:23.0789 0x11fc [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
19:54:23.0819 0x11fc CLFS - ok
19:54:23.0879 0x11fc [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:54:23.0879 0x11fc clr_optimization_v2.0.50727_32 - ok
19:54:23.0939 0x11fc [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:54:23.0949 0x11fc clr_optimization_v2.0.50727_64 - ok
19:54:24.0019 0x11fc [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:54:24.0029 0x11fc clr_optimization_v4.0.30319_32 - ok
19:54:24.0049 0x11fc [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:54:24.0059 0x11fc clr_optimization_v4.0.30319_64 - ok
19:54:24.0099 0x11fc [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:54:24.0099 0x11fc CmBatt - ok
19:54:24.0139 0x11fc [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:54:24.0139 0x11fc cmdide - ok
19:54:24.0199 0x11fc [ AAFCB52FE0037207FB6FBEA070D25EFE, 7D035BFB6DD86944CCDE6D71811891406D7FD08344EF8CF57C4D932E096F1377 ] CNG C:\Windows\system32\Drivers\cng.sys
19:54:24.0229 0x11fc CNG - ok
19:54:24.0269 0x11fc [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:54:24.0269 0x11fc Compbatt - ok
19:54:24.0319 0x11fc [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:54:24.0319 0x11fc CompositeBus - ok
19:54:24.0349 0x11fc COMSysApp - ok
19:54:24.0411 0x11fc [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:54:24.0411 0x11fc crcdisk - ok
19:54:24.0471 0x11fc [ D8129C49798CBBFB2E4351D4B7B8EF9C, 7C125DBA3F88E7C6D98AE0869EDB7995360904A913923528ABD0429B2608C313 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:54:24.0481 0x11fc CryptSvc - ok
19:54:24.0551 0x11fc [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:54:24.0591 0x11fc DcomLaunch - ok
19:54:24.0637 0x11fc [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
19:54:24.0649 0x11fc defragsvc - ok
19:54:24.0683 0x11fc [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:54:24.0693 0x11fc DfsC - ok
19:54:24.0763 0x11fc [ E428DFFA96FAD07D8CA3C9082563A225, F3D2E94A9FF2CF68CC99A8B42B8DEA5E57D46000D1845DC0908224493480C79F ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
19:54:24.0773 0x11fc dg_ssudbus - ok
19:54:24.0843 0x11fc [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
19:54:24.0853 0x11fc Dhcp - ok
19:54:24.0898 0x11fc [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
19:54:24.0901 0x11fc discache - ok
19:54:24.0925 0x11fc [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:54:24.0935 0x11fc Disk - ok
19:54:24.0975 0x11fc [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:54:24.0985 0x11fc Dnscache - ok
19:54:25.0025 0x11fc [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
19:54:25.0035 0x11fc dot3svc - ok
19:54:25.0055 0x11fc [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
19:54:25.0065 0x11fc DPS - ok
19:54:25.0095 0x11fc [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:54:25.0105 0x11fc drmkaud - ok
19:54:25.0195 0x11fc [ AF2E16242AA723F68F461B6EAE2EAD3D, 3973633C6D231DB8D92DE310D3A0836C64639B9A20C6C56385FB218A707C1BC3 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:54:25.0240 0x11fc DXGKrnl - ok
19:54:25.0267 0x11fc EagleX64 - ok
19:54:25.0317 0x11fc [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
19:54:25.0327 0x11fc EapHost - ok
19:54:25.0471 0x11fc [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
19:54:25.0617 0x11fc ebdrv - ok
19:54:25.0681 0x11fc [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] EFS C:\Windows\System32\lsass.exe
19:54:25.0681 0x11fc EFS - ok
19:54:25.0791 0x11fc [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:54:25.0821 0x11fc ehRecvr - ok
19:54:25.0861 0x11fc [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
19:54:25.0871 0x11fc ehSched - ok
19:54:25.0931 0x11fc [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:54:25.0951 0x11fc elxstor - ok
19:54:26.0001 0x11fc [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:54:26.0001 0x11fc ErrDev - ok
19:54:26.0081 0x11fc [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
19:54:26.0101 0x11fc EventSystem - ok
19:54:26.0143 0x11fc [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
19:54:26.0152 0x11fc exfat - ok
19:54:26.0179 0x11fc [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:54:26.0183 0x11fc fastfat - ok
19:54:26.0243 0x11fc [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
19:54:26.0273 0x11fc Fax - ok
19:54:26.0293 0x11fc [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:54:26.0303 0x11fc fdc - ok
19:54:26.0345 0x11fc [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
19:54:26.0345 0x11fc fdPHost - ok
19:54:26.0365 0x11fc [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
19:54:26.0365 0x11fc FDResPub - ok
19:54:26.0385 0x11fc [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:54:26.0395 0x11fc FileInfo - ok
19:54:26.0415 0x11fc [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:54:26.0425 0x11fc Filetrace - ok
19:54:26.0435 0x11fc [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:54:26.0445 0x11fc flpydisk - ok
19:54:26.0475 0x11fc [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:54:26.0485 0x11fc FltMgr - ok
19:54:26.0585 0x11fc [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
19:54:26.0655 0x11fc FontCache - ok
19:54:26.0697 0x11fc [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:54:26.0707 0x11fc FontCache3.0.0.0 - ok
19:54:26.0747 0x11fc [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:54:26.0747 0x11fc FsDepends - ok
19:54:26.0777 0x11fc [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:54:26.0777 0x11fc Fs_Rec - ok
19:54:26.0857 0x11fc [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:54:26.0867 0x11fc fvevol - ok
19:54:26.0897 0x11fc [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:54:26.0907 0x11fc gagp30kx - ok
19:54:26.0957 0x11fc [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
19:54:26.0997 0x11fc gpsvc - ok
19:54:27.0107 0x11fc [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:54:27.0117 0x11fc gupdate - ok
19:54:27.0127 0x11fc [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:54:27.0137 0x11fc gupdatem - ok
19:54:27.0167 0x11fc [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:54:27.0177 0x11fc hcw85cir - ok
19:54:27.0257 0x11fc [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:54:27.0267 0x11fc HdAudAddService - ok
19:54:27.0307 0x11fc [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
19:54:27.0307 0x11fc HDAudBus - ok
19:54:27.0337 0x11fc [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:54:27.0337 0x11fc HidBatt - ok
19:54:27.0367 0x11fc [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:54:27.0377 0x11fc HidBth - ok
19:54:27.0397 0x11fc [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:54:27.0397 0x11fc HidIr - ok
19:54:27.0427 0x11fc [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
19:54:27.0437 0x11fc hidserv - ok
19:54:27.0467 0x11fc [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:54:27.0467 0x11fc HidUsb - ok
19:54:27.0497 0x11fc [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:54:27.0507 0x11fc hkmsvc - ok
19:54:27.0547 0x11fc [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:54:27.0557 0x11fc HomeGroupListener - ok
19:54:27.0587 0x11fc [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:54:27.0597 0x11fc HomeGroupProvider - ok
19:54:27.0637 0x11fc [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:54:27.0637 0x11fc HpSAMD - ok
19:54:27.0707 0x11fc [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:54:27.0727 0x11fc HTTP - ok
19:54:27.0753 0x11fc [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:54:27.0756 0x11fc hwpolicy - ok
19:54:27.0829 0x11fc [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:54:27.0829 0x11fc i8042prt - ok
19:54:27.0899 0x11fc [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:54:27.0919 0x11fc iaStorV - ok
19:54:27.0991 0x11fc [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:54:28.0031 0x11fc idsvc - ok
19:54:28.0434 0x11fc [ 8814F0B9A09C647D3D7BE735450E7B4C, E82AD0DC556AE7663C1A5CE75DA3619E1614BC88F52558496FF0D569DE04E1CA ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
19:54:28.0972 0x11fc igfx - ok
19:54:29.0006 0x11fc [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:54:29.0010 0x11fc iirsp - ok
19:54:29.0087 0x11fc [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT C:\Windows\System32\ikeext.dll
19:54:29.0127 0x11fc IKEEXT - ok
19:54:29.0328 0x11fc [ 7A3585C4000C8340AE6B7FA08F9EF50F, B93F23464E7D929B90D80650698372128546CFEDA72216823CBE51A08D3368E0 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:54:29.0479 0x11fc IntcAzAudAddService - ok
19:54:29.0508 0x11fc [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
19:54:29.0510 0x11fc intelide - ok
19:54:29.0553 0x11fc [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:54:29.0553 0x11fc intelppm - ok
19:54:29.0613 0x11fc [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:54:29.0613 0x11fc IPBusEnum - ok
19:54:29.0653 0x11fc [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:54:29.0663 0x11fc IpFilterDriver - ok
19:54:29.0753 0x11fc [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:54:29.0793 0x11fc iphlpsvc - ok
19:54:29.0843 0x11fc [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:54:29.0843 0x11fc IPMIDRV - ok
19:54:29.0883 0x11fc [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:54:29.0883 0x11fc IPNAT - ok
19:54:29.0923 0x11fc [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:54:29.0923 0x11fc IRENUM - ok
19:54:29.0973 0x11fc [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:54:29.0983 0x11fc isapnp - ok
19:54:30.0033 0x11fc [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:54:30.0053 0x11fc iScsiPrt - ok
19:54:30.0203 0x11fc [ C59715BFC9DB2A17ABE92577DFF6A2B8, 662A04681BC45527DEE4A8B83F316FD55DD2C765EF826ADA9636AABF8A5144D9 ] JumpDesktop C:\Program Files (x86)\Jump Desktop\JumpService.exe
19:54:30.0203 0x11fc JumpDesktop - ok
19:54:30.0273 0x11fc [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
19:54:30.0283 0x11fc kbdclass - ok
19:54:30.0333 0x11fc [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
19:54:30.0333 0x11fc kbdhid - ok
19:54:30.0353 0x11fc [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] KeyIso C:\Windows\system32\lsass.exe
19:54:30.0363 0x11fc KeyIso - ok
19:54:30.0533 0x11fc [ 140692763A50BFFF322CDC076300587E, 4B6D9AE479EDDB429C1DE36406517FA65C2B3927B20792B3A27CEE05A6B7A3AB ] Kodak AiO Network Discovery Service C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
19:54:30.0553 0x11fc Kodak AiO Network Discovery Service - ok
19:54:30.0633 0x11fc [ E29F999616D7C08B0E91296908C47CAF, 285594B526A15911238B89E5FCBCFFA48A6C69CCC481918D2C474C6BB12869E6 ] Kodak AiO Status Monitor Service C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
19:54:30.0663 0x11fc Kodak AiO Status Monitor Service - ok
19:54:30.0725 0x11fc [ 97A7070AEA4C058B6418519E869A63B4, 15345C2D6CA159BD498002974A0BD21CAB611124D85E3320248B47652AEF23C8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:54:30.0725 0x11fc KSecDD - ok
19:54:30.0785 0x11fc [ 7EFB9333E4ECCE6AE4AE9D777D9E553E, 94F1382291BD748BAE7EDBCB56F43B8564A1EE22E2DBEB37066559EE3D065FBA ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:54:30.0795 0x11fc KSecPkg - ok
19:54:30.0835 0x11fc [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:54:30.0845 0x11fc ksthunk - ok
19:54:30.0885 0x11fc [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
19:54:30.0915 0x11fc KtmRm - ok
19:54:30.0975 0x11fc [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
19:54:30.0995 0x11fc LanmanServer - ok
19:54:31.0035 0x11fc [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:54:31.0045 0x11fc LanmanWorkstation - ok
19:54:31.0205 0x11fc [ 935E2093CEED8198C820B7F60BB63167, 7C8A7A0501BA31624143C576B0D8C6C74AF7869A9734E4AB142715B766F2B59D ] LiveUpdateSvc C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
19:54:31.0320 0x11fc LiveUpdateSvc - ok
19:54:31.0389 0x11fc [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:54:31.0399 0x11fc lltdio - ok
19:54:31.0429 0x11fc [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:54:31.0449 0x11fc lltdsvc - ok
19:54:31.0469 0x11fc [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:54:31.0479 0x11fc lmhosts - ok
19:54:31.0509 0x11fc [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:54:31.0519 0x11fc LSI_FC - ok
19:54:31.0539 0x11fc [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:54:31.0549 0x11fc LSI_SAS - ok
19:54:31.0589 0x11fc [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:54:31.0589 0x11fc LSI_SAS2 - ok
19:54:31.0629 0x11fc [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:54:31.0639 0x11fc LSI_SCSI - ok
19:54:31.0659 0x11fc [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
19:54:31.0672 0x11fc luafv - ok
19:54:31.0711 0x11fc [ B3944D06EB4B64D57BD7E5FE89415F58, D6A4D17A887F54EEB6138909D10CD708582B10A51F1094275F53C9FFC2447F5F ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys
19:54:31.0711 0x11fc LVPr2M64 - ok
19:54:31.0731 0x11fc [ B3944D06EB4B64D57BD7E5FE89415F58, D6A4D17A887F54EEB6138909D10CD708582B10A51F1094275F53C9FFC2447F5F ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2M64.sys
19:54:31.0731 0x11fc LVPr2Mon - ok
19:54:31.0775 0x11fc [ 0C85B2B6FB74B36A251792D45E0EF860, 2E04204560C1159ABC25F273B0B7F81FDF9BA5E88C17929FD924C4E945DE5020 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
19:54:31.0783 0x11fc LVRS64 - ok
19:54:32.0008 0x11fc [ FF3A488924B0032B1A9CA6948C1FA9E8, 6F05852B75498210926F5CDF49D2A6DD97C39CD93D32E3200D7240AADA3E7BEE ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
19:54:32.0180 0x11fc LVUVC64 - ok
19:54:32.0217 0x11fc [ D33E2B74CF8B3A652BF0A9FBD068E87A, 46465387D04C2E5648D1CBD415E5D8757944A3C987A2497450F82D153BF7E868 ] ManyCam C:\Windows\system32\DRIVERS\ManyCam_x64.sys
19:54:32.0217 0x11fc ManyCam - ok
19:54:32.0317 0x11fc [ 90AA9E273410AD7A41D2D06E0FB46022, DE8D57149D503F9D5B3B6D4133482C9A19F8BB1FF0FCCADBB0F5B4E64121F92C ] mbamchameleon C:\Windows\system32\drivers\mbamchameleon.sys
19:54:32.0317 0x11fc mbamchameleon - ok
19:54:32.0437 0x11fc [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
19:54:32.0437 0x11fc MBAMProtector - ok
19:54:32.0557 0x11fc [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
19:54:32.0567 0x11fc MBAMScheduler - ok
19:54:32.0627 0x11fc [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
19:54:32.0667 0x11fc MBAMService - ok
19:54:32.0749 0x11fc [ 0C6125E43F42C4DA6E74D9AF2B75E40C, 61250E8CF42B0AF7CED7275A71D0FDE1CD1C825F83AE94CAB7BC9852F036EB90 ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
19:54:32.0759 0x11fc MBAMSwissArmy - ok
19:54:32.0789 0x11fc [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:54:32.0799 0x11fc Mcx2Svc - ok
19:54:32.0829 0x11fc [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:54:32.0829 0x11fc megasas - ok
19:54:32.0869 0x11fc [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:54:32.0879 0x11fc MegaSR - ok
19:54:32.0919 0x11fc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
19:54:32.0929 0x11fc MMCSS - ok
19:54:32.0949 0x11fc [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
19:54:32.0949 0x11fc Modem - ok
19:54:32.0989 0x11fc [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:54:32.0989 0x11fc monitor - ok
19:54:33.0009 0x11fc [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:54:33.0019 0x11fc mouclass - ok
19:54:33.0049 0x11fc [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:54:33.0049 0x11fc mouhid - ok
19:54:33.0079 0x11fc [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:54:33.0089 0x11fc mountmgr - ok
19:54:33.0199 0x11fc [ 3B9398E0146855B1DC0E3D9769C80F01, DF69DB5CA30A5577648635C27DD468AF98515D07DF379B3FFDCC6B40744EDE66 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:54:33.0199 0x11fc MozillaMaintenance - ok
19:54:33.0259 0x11fc [ F8A10560B35C66F9DE212F03DAD5BFA7, 3ADCBC309A55494326EE8D152F92DFD11E1F97C897C8019BAB547E75D735FE92 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
19:54:33.0269 0x11fc MpFilter - ok
19:54:33.0319 0x11fc [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
19:54:33.0329 0x11fc mpio - ok
19:54:33.0369 0x11fc [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:54:33.0369 0x11fc mpsdrv - ok
19:54:33.0459 0x11fc [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:54:33.0499 0x11fc MpsSvc - ok
19:54:33.0551 0x11fc [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:54:33.0551 0x11fc MRxDAV - ok
19:54:33.0591 0x11fc [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:54:33.0601 0x11fc mrxsmb - ok
19:54:33.0631 0x11fc [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:54:33.0641 0x11fc mrxsmb10 - ok
19:54:33.0671 0x11fc [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

 

[TimSimm2]

19:54:33.0731 0x11fc [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
19:54:33.0731 0x11fc msahci - ok
19:54:33.0761 0x11fc [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:54:33.0771 0x11fc msdsm - ok
19:54:33.0812 0x11fc [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
19:54:33.0821 0x11fc MSDTC - ok
19:54:33.0863 0x11fc [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:54:33.0863 0x11fc Msfs - ok
19:54:33.0893 0x11fc [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:54:33.0893 0x11fc mshidkmdf - ok
19:54:33.0923 0x11fc [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:54:33.0923 0x11fc msisadrv - ok
19:54:33.0963 0x11fc [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:54:33.0973 0x11fc MSiSCSI - ok
19:54:33.0983 0x11fc msiserver - ok
19:54:34.0023 0x11fc [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:54:34.0023 0x11fc MSKSSRV - ok
19:54:34.0143 0x11fc [ E07DEC52FF801841BA9B6878A60304FB, A57A999F411559EA97C830C9FE0234578E2E98EDAF72F9949891F901B83B22A4 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
19:54:34.0143 0x11fc MsMpSvc - ok
19:54:34.0173 0x11fc [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:54:34.0173 0x11fc MSPCLOCK - ok
19:54:34.0203 0x11fc [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:54:34.0203 0x11fc MSPQM - ok
19:54:34.0243 0x11fc [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:54:34.0263 0x11fc MsRPC - ok
19:54:34.0333 0x11fc [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:54:34.0334 0x11fc mssmbios - ok
19:54:34.0375 0x11fc [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:54:34.0375 0x11fc MSTEE - ok
19:54:34.0395 0x11fc [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:54:34.0395 0x11fc MTConfig - ok
19:54:34.0425 0x11fc [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
19:54:34.0425 0x11fc Mup - ok
19:54:34.0475 0x11fc [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
19:54:34.0505 0x11fc napagent - ok
19:54:34.0555 0x11fc [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:54:34.0575 0x11fc NativeWifiP - ok
19:54:34.0635 0x11fc [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
19:54:34.0655 0x11fc NDIS - ok
19:54:34.0687 0x11fc [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:54:34.0687 0x11fc NdisCap - ok
19:54:34.0727 0x11fc [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:54:34.0727 0x11fc NdisTapi - ok
19:54:34.0777 0x11fc [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:54:34.0777 0x11fc Ndisuio - ok
19:54:34.0817 0x11fc [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:54:34.0827 0x11fc NdisWan - ok
19:54:34.0857 0x11fc [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:54:34.0857 0x11fc NDProxy - ok
19:54:34.0907 0x11fc [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:54:34.0907 0x11fc NetBIOS - ok
19:54:34.0947 0x11fc [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:54:34.0947 0x11fc NetBT - ok
19:54:34.0967 0x11fc [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] Netlogon C:\Windows\system32\lsass.exe
19:54:34.0977 0x11fc Netlogon - ok
19:54:35.0009 0x11fc [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
19:54:35.0029 0x11fc Netman - ok
19:54:35.0089 0x11fc [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:54:35.0099 0x11fc NetMsmqActivator - ok
19:54:35.0119 0x11fc [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:54:35.0119 0x11fc NetPipeActivator - ok
19:54:35.0149 0x11fc [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
19:54:35.0170 0x11fc netprofm - ok
19:54:35.0201 0x11fc [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:54:35.0211 0x11fc NetTcpActivator - ok
19:54:35.0221 0x11fc [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:54:35.0231 0x11fc NetTcpPortSharing - ok
19:54:35.0261 0x11fc [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:54:35.0271 0x11fc nfrd960 - ok
19:54:35.0361 0x11fc [ 162100E0BC8377710F9D170631921C03, B4FC4F6BCCA5A61EC86F9D10F4FE284E9393CE4599CE64BC8360202F0108B499 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
19:54:35.0361 0x11fc NisDrv - ok
19:54:35.0421 0x11fc [ C6E15F2F95F9C0A6098D43510B604E52, 7B621846EC4DD066657536755455ADB016207A45D49FC5E5F1D50EAD2CCB6B13 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
19:54:35.0441 0x11fc NisSrv - ok
19:54:35.0501 0x11fc [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:54:35.0511 0x11fc NlaSvc - ok

 

[TimSimm2]

541 0x11fc [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:54:35.0541 0x11fc Npfs - ok
19:54:35.0581 0x11fc [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
19:54:35.0581 0x11fc nsi - ok
19:54:35.0631 0x11fc [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:54:35.0631 0x11fc nsiproxy - ok
19:54:35.0721 0x11fc [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:54:35.0762 0x11fc Ntfs - ok
19:54:35.0781 0x11fc [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
19:54:35.0782 0x11fc Null - ok
19:54:35.0833 0x11fc [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:54:35.0843 0x11fc nvraid - ok
19:54:35.0863 0x11fc [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:54:35.0863 0x11fc nvstor - ok
19:54:35.0913 0x11fc [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:54:35.0913 0x11fc nv_agp - ok
19:54:35.0973 0x11fc [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:54:35.0973 0x11fc ohci1394 - ok
19:54:36.0023 0x11fc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:54:36.0043 0x11fc p2pimsvc - ok
19:54:36.0083 0x11fc [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
19:54:36.0113 0x11fc p2psvc - ok
19:54:36.0143 0x11fc [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:54:36.0143 0x11fc Parport - ok
19:54:36.0193 0x11fc [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:54:36.0193 0x11fc partmgr - ok
19:54:36.0223 0x11fc [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
19:54:36.0233 0x11fc PcaSvc - ok
19:54:36.0293 0x11fc [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
19:54:36.0303 0x11fc pci - ok
19:54:36.0344 0x11fc [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
19:54:36.0348 0x11fc pciide - ok
19:54:36.0415 0x11fc [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:54:36.0425 0x11fc pcmcia - ok
19:54:36.0475 0x11fc [ 876FD95B7A3B7FE6179FBD16E7A6486C, 1CCD5B429983C167A4D57D125B9DDCEABBE70B3B170FA73C90E11CC37ED09AFB ] PCTCore C:\Windows\system32\drivers\PCTCore64.sys
19:54:36.0505 0x11fc PCTCore - ok
19:54:36.0555 0x11fc [ BA1F42A42F405F62CEFF6B69A2797F7C, 76706AF1D2935DA89883B718E575A2E4AFBD9295E0EB366B14506A60D19D2993 ] pctDS C:\Windows\system32\drivers\pctDS64.sys
19:54:36.0575 0x11fc pctDS - ok
19:54:36.0635 0x11fc [ 146CC91C93CED13E7FE40E8D8615BE39, 5088609B7218A4634855A7C9163C0F774B5D4A89E17462F671582C1814D5EBA3 ] pctEFA C:\Windows\system32\drivers\pctEFA64.sys
19:54:36.0675 0x11fc pctEFA - ok
19:54:36.0727 0x11fc [ 577F20EBF1E42BEBB238E2412B99C7EE, 484445FCF92F12E73DB83CB6643802CC5DA8F09AD5A356A46B880363C79C179D ] PCTSD C:\Windows\system32\Drivers\PCTSD64.sys
19:54:36.0737 0x11fc PCTSD - ok
19:54:36.0767 0x11fc [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
19:54:36.0767 0x11fc pcw - ok
19:54:36.0807 0x11fc [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:54:36.0837 0x11fc PEAUTH - ok
19:54:36.0929 0x11fc [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:54:36.0929 0x11fc PerfHost - ok
19:54:37.0031 0x11fc [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
19:54:37.0083 0x11fc pla - ok
19:54:37.0235 0x11fc [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:54:37.0265 0x11fc PlugPlay - ok
19:54:37.0305 0x11fc [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:54:37.0315 0x11fc PNRPAutoReg - ok
19:54:37.0345 0x11fc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:54:37.0355 0x11fc PNRPsvc - ok
19:54:37.0407 0x11fc [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:54:37.0437 0x11fc PolicyAgent - ok
19:54:37.0490 0x11fc [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
19:54:37.0499 0x11fc Power - ok
19:54:37.0529 0x11fc [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:54:37.0539 0x11fc PptpMiniport - ok
19:54:37.0579 0x11fc [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:54:37.0579 0x11fc Processor - ok
19:54:37.0629 0x11fc [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
19:54:37.0649 0x11fc ProfSvc - ok
19:54:37.0679 0x11fc [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] ProtectedStorage C:\Windows\system32\lsass.exe
19:54:37.0679 0x11fc ProtectedStorage - ok
19:54:37.0739 0x11fc [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:54:37.0739 0x11fc Psched - ok
19:54:37.0819 0x11fc [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:54:37.0881 0x11fc ql2300 - ok
19:54:37.0931 0x11fc [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:54:37.0933 0x11fc ql40xx - ok
19:54:37.0973 0x11fc [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
19:54:37.0983 0x11fc QWAVE - ok
19:54:38.0003 0x11fc [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:54:38.0013 0x11fc QWAVEdrv - ok
19:54:38.0033 0x11fc [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:54:38.0033 0x11fc RasAcd - ok
19:54:38.0063 0x11fc [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:54:38.0073 0x11fc RasAgileVpn - ok
19:54:38.0093 0x11fc [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
19:54:38.0093 0x11fc RasAuto - ok
19:54:38.0133 0x11fc [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:54:38.0133 0x11fc Rasl2tp - ok
19:54:38.0173 0x11fc [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
19:54:38.0193 0x11fc RasMan - ok
19:54:38.0233 0x11fc [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:54:38.0233 0x11fc RasPppoe - ok
19:54:38.0253 0x11fc [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:54:38.0263 0x11fc RasSstp - ok
19:54:38.0303 0x11fc [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:54:38.0313 0x11fc rdbss - ok
19:54:38.0333 0x11fc [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:54:38.0333 0x11fc rdpbus - ok
19:54:38.0365 0x11fc [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:54:38.0366 0x11fc RDPCDD - ok
19:54:38.0385 0x11fc [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:54:38.0395 0x11fc RDPENCDD - ok
19:54:38.0425 0x11fc [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:54:38.0425 0x11fc RDPREFMP - ok
19:54:38.0515 0x11fc [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:54:38.0515 0x11fc RdpVideoMiniport - ok
19:54:38.0555 0x11fc [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:54:38.0565 0x11fc RDPWD - ok
19:54:38.0615 0x11fc [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:54:38.0625 0x11fc rdyboost - ok
19:54:38.0685 0x11fc [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:54:38.0685 0x11fc RemoteAccess - ok
19:54:38.0715 0x11fc [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:54:38.0725 0x11fc RemoteRegistry - ok
19:54:38.0765 0x11fc [ 7B04C9843921AB1F695FB395422C5360, C9B02BE0384357FD242613C2A12029B45322AF9A795CD69F33500CA7530899A7 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
19:54:38.0775 0x11fc RimUsb - ok
19:54:38.0805 0x11fc [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:54:38.0815 0x11fc RpcEptMapper - ok
19:54:38.0865 0x11fc [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
19:54:38.0865 0x11fc RpcLocator - ok
19:54:38.0925 0x11fc [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
19:54:38.0945 0x11fc RpcSs - ok
19:54:38.0985 0x11fc [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:54:38.0987 0x11fc rspndr - ok
19:54:39.0057 0x11fc [ AC4CA62572CA516945AB92D6C9F501F4, 6CB4178DD1ED3D8224EA1F91CAA00AFBC756DCA2DFD71F399B05E511E79D5150 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
19:54:39.0097 0x11fc RTL8167 - ok
19:54:39.0189 0x11fc [ 945AB249D12CBE044782430C6013AA1A, 912514C99A8AEEBECBFCB3632520C12F9CB8A8286BE1C70567C8E9D5416320DF ] RTL8187B C:\Windows\system32\DRIVERS\RTL8187B.sys
19:54:39.0209 0x11fc RTL8187B - ok
19:54:39.0229 0x11fc [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] SamSs C:\Windows\system32\lsass.exe
19:54:39.0229 0x11fc SamSs - ok
19:54:39.0299 0x11fc [ 554CB4C2E076CC0960D9E5590E4C7FA5, 009EDA7CFEF619E215F6A10D3565ACEF0569D233F0D086E4DF995175D69D1807 ] SbieDrv C:\Program Files\Sandboxie\SbieDrv.sys
19:54:39.0309 0x11fc SbieDrv - ok
19:54:39.0349 0x11fc [ 1BCC17921C3067CE5A6E480F3DAA6378, 623B7155904D0F63859C0AE0C9230A113F3AA0B7D70DD585C757EFFDAFDD3AB8 ] SbieSvc C:\Program Files\Sandboxie\SbieSvc.exe
19:54:39.0359 0x11fc SbieSvc - ok
19:54:39.0399 0x11fc [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:54:39.0409 0x11fc sbp2port - ok
19:54:39.0469 0x11fc [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:54:39.0479 0x11fc SCardSvr - ok
19:54:39.0509 0x11fc [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:54:39.0509 0x11fc scfilter - ok
19:54:39.0579 0x11fc [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
19:54:39.0681 0x11fc Schedule - ok
19:54:39.0722 0x11fc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
19:54:39.0726 0x11fc SCPolicySvc - ok
19:54:39.0773 0x11fc [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:54:39.0783 0x11fc SDRSVC - ok
19:54:39.0813 0x11fc [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:54:39.0823 0x11fc secdrv - ok
19:54:39.0843 0x11fc [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
19:54:39.0853 0x11fc seclogon - ok
19:54:39.0893 0x11fc [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
19:54:39.0893 0x11fc SENS - ok
19:54:39.0913 0x11fc [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:54:39.0913 0x11fc SensrSvc - ok
19:54:39.0933 0x11fc [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:54:39.0943 0x11fc Serenum - ok
19:54:39.0983 0x11fc [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:54:39.0983 0x11fc Serial - ok
19:54:40.0033 0x11fc [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:54:40.0043 0x11fc sermouse - ok
19:54:40.0105 0x11fc [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
19:54:40.0115 0x11fc SessionEnv - ok
19:54:40.0195 0x11fc [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:54:40.0195 0x11fc sffdisk - ok
19:54:40.0235 0x11fc [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:54:40.0265 0x11fc sffp_mmc - ok
19:54:40.0305 0x11fc [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:54:40.0305 0x11fc sffp_sd - ok
19:54:40.0345 0x11fc [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:54:40.0345 0x11fc sfloppy - ok
19:54:40.0425 0x11fc [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:54:40.0445 0x11fc SharedAccess - ok
19:54:40.0495 0x11fc [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:54:40.0525 0x11fc ShellHWDetection - ok
19:54:40.0555 0x11fc [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:54:40.0565 0x11fc SiSRaid2 - ok
19:54:40.0585 0x11fc [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:54:40.0585 0x11fc SiSRaid4 - ok
19:54:40.0793 0x11fc [ 9F712B26EE3B0242DE997A42FD302E2C, 12663EB108F158282A965EE70980627C2F2332BA7944D7DE03B78E18BEB87D26 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
19:54:40.0957 0x11fc Skype C2C Service - ok
19:54:41.0099 0x11fc [ F5BBEDF602C310B00036EB2DBF4348A5, AC2712E639F0C54BCF00EB4E90E805335871EA27AE8A45DFC53EDF28822318C4 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:54:41.0099 0x11fc SkypeUpdate - ok
19:54:41.0159 0x11fc [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:54:41.0159 0x11fc Smb - ok
19:54:41.0199 0x11fc [ 5476D773EE180AEB9CADA786EA131777, BEBC1788A63FFC54047BE6633F8C3AF10F5E26C1F5B8255DAD88CEF81544B07C ] SmbDrvI C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
19:54:41.0199 0x11fc SmbDrvI - ok
19:54:41.0267 0x11fc [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:54:41.0271 0x11fc SNMPTRAP - ok
19:54:41.0291 0x11fc [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
19:54:41.0291 0x11fc spldr - ok
19:54:41.0351 0x11fc [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
19:54:41.0391 0x11fc Spooler - ok
19:54:41.0536 0x11fc [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
19:54:41.0668 0x11fc sppsvc - ok
19:54:41.0695 0x11fc [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:54:41.0702 0x11fc sppuinotify - ok
19:54:41.0747 0x11fc [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:54:41.0757 0x11fc srv - ok
19:54:41.0789 0x11fc [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:54:41.0809 0x11fc srv2 - ok
19:54:41.0839 0x11fc [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:54:41.0849 0x11fc srvnet - ok
19:54:41.0869 0x11fc [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:54:41.0889 0x11fc SSDPSRV - ok
19:54:41.0909 0x11fc [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:54:41.0909 0x11fc SstpSvc - ok
19:54:41.0999 0x11fc [ AAF6F247F1DC370C593B4430974EAD9C, 232D0D62EC83A5537ADB28B5DC01074BA812FE6C70C54F70CD7A5EF1BC19D3E1 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
19:54:42.0009 0x11fc ssudmdm - ok
19:54:42.0039 0x11fc [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:54:42.0049 0x11fc stexstor - ok
19:54:42.0099 0x11fc [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
19:54:42.0109 0x11fc StillCam - ok
19:54:42.0159 0x11fc [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
19:54:42.0189 0x11fc stisvc - ok
19:54:42.0251 0x11fc [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
19:54:42.0251 0x11fc swenum - ok
19:54:42.0301 0x11fc [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
19:54:42.0331 0x11fc swprv - ok
19:54:42.0434 0x11fc [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
19:54:42.0533 0x11fc SysMain - ok
19:54:42.0575 0x11fc [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:54:42.0585 0x11fc TabletInputService - ok
19:54:42.0615 0x11fc [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
19:54:42.0635 0x11fc TapiSrv - ok
19:54:42.0675 0x11fc [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
19:54:42.0685 0x11fc TBS - ok
19:54:42.0795 0x11fc [ B62A953F2BF3922C8764A29C34A22899, 4A117FF9D1BD58C6A1787DDA7402BAE30E4BA7A70FE3A144F41DD647AA7A3901 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:54:42.0848 0x11fc Tcpip - ok
19:54:42.0927 0x11fc [ B62A953F2BF3922C8764A29C34A22899, 4A117FF9D1BD58C6A1787DDA7402BAE30E4BA7A70FE3A144F41DD647AA7A3901 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:54:42.0975 0x11fc TCPIP6 - ok
19:54:43.0029 0x11fc [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:54:43.0029 0x11fc tcpipreg - ok
19:54:43.0079 0x11fc tdcmdpst - ok
19:54:43.0109 0x11fc [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:54:43.0109 0x11fc TDPIPE - ok
19:54:43.0159 0x11fc [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:54:43.0159 0x11fc TDTCP - ok
19:54:43.0199 0x11fc [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:54:43.0199 0x11fc tdx - ok
19:54:43.0461 0x11fc [ D53118C165AE5D188632B6CDEEE82A1B, 407885433688329DE733706DBF94D22704B6F55E2E846A288E2C2A546234621B ] TeamViewer8 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
19:54:43.0622 0x11fc TeamViewer8 - ok
19:54:43.0663 0x11fc [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
19:54:43.0673 0x11fc TermDD - ok
19:54:43.0733 0x11fc [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
19:54:43.0763 0x11fc TermService - ok
19:54:43.0815 0x11fc [ 9201BE2BAB8A9FF8E20D8439AE3BB04D, D973C4FE5B8D02B15476D72B49105840A04DBFF8BCB77117C0354D046E6C02FB ] Themes C:\Windows\system32\themeservice.dll
19:54:43.0835 0x11fc Themes - ok
19:54:43.0877 0x11fc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
19:54:43.0882 0x11fc THREADORDER - ok
19:54:43.0957 0x11fc [ 6F0257EE066B689350F6B0AA9861BF95, BEEB2A3C30C8762FEBBA117AF064EA14EEF10C959BD11C92C7A08CEC41C89E09 ] TODDSrv C:\Windows\SysWOW64\TODDSrv.exe
19:54:43.0967 0x11fc TODDSrv - ok
19:54:43.0997 0x11fc [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
19:54:44.0007 0x11fc TrkWks - ok
19:54:44.0077 0x11fc [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:54:44.0077 0x11fc TrustedInstaller - ok
19:54:44.0117 0x11fc [ CE18B2CDFC837C99E5FAE9CA6CBA5D30, CA302C2ED6A6BF4670BAAA4F5C14C0238CF0C80316856AA0DB053F4D593033AC ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:54:44.0129 0x11fc tssecsrv - ok
19:54:44.0179 0x11fc [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:54:44.0179 0x11fc TsUsbFlt - ok
19:54:44.0249 0x11fc [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:54:44.0249 0x11fc tunnel - ok
19:54:44.0299 0x11fc [ 9A744CC3D804EC38A6C2C65BC3C6FCD8, 28CDF1A8614444F4A7249FB7189B423579CA91D1373138CD3E6C048CE6D2799F ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS
19:54:44.0299 0x11fc TVALZ - ok
19:54:44.0479 0x11fc [ 56C10D3338B01D3FBCC5AF24B3833E1C, 99ABF0D33E2372521384DA3C98FD4A3534155AD5B6B7852EBE94E098AA3DC9B8 ] tvnserver C:\Program Files\TightVNC\tvnserver.exe
19:54:44.0581 0x11fc tvnserver - ok
19:54:44.0623 0x11fc [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:54:44.0633 0x11fc uagp35 - ok
19:54:44.0683 0x11fc [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:54:44.0693 0x11fc udfs - ok
19:54:44.0745 0x11fc [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:54:44.0755 0x11fc UI0Detect - ok
19:54:44.0785 0x11fc [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:54:44.0795 0x11fc uliagpkx - ok
19:54:44.0865 0x11fc [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:54:44.0875 0x11fc umbus - ok
19:54:44.0917 0x11fc [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:54:44.0927 0x11fc UmPass - ok
19:54:45.0037 0x11fc [ 67A95B9D129ED5399E7965CD09CF30E7, F1F2F684146F1CCB293BB9871117B8CFC1D04588A830F67CE5D3F0D034D93B2A ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
19:54:45.0057 0x11fc UMVPFSrv - ok
19:54:45.0097 0x11fc [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
19:54:45.0127 0x11fc upnphost - ok
19:54:45.0186 0x11fc [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A, DE1CDDEEF2285CC8387E88ACB13C000576DC8819DF6DC648C988068B5C83BB15 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:54:45.0189 0x11fc usbaudio - ok
19:54:45.0239 0x11fc [ 6F1A3157A1C89435352CEB543CDB359C, 325B46220779C5FE3B6F19FF794474837FAB9675D9C98ACB68CCE47B1CFE5F12 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:54:45.0239 0x11fc usbccgp - ok

 

[TimSimm2]

89 0x11fc [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:54:45.0299 0x11fc usbcir - ok
19:54:45.0329 0x11fc [ C025055FE7B87701EB042095DF1A2D7B, D7B34B6C2C5BD3C8141895AC21BB637EA5E3C4F7A85EEF4C4C36E6BB2045A3D9 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:54:45.0329 0x11fc usbehci - ok
19:54:45.0379 0x11fc [ 287C6C9410B111B68B52CA298F7B8C24, 98900C08FE662A00DF8B37837B2BEBF9ACB7989C387AF36B2109B05A4F462D4E ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:54:45.0389 0x11fc usbhub - ok
19:54:45.0438 0x11fc [ 9840FC418B4CBD632D3D0A667A725C31, 776D86A032DCA2842EF7AADB35473193CA80547223EFAA7F110F296C377077B0 ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:54:45.0441 0x11fc usbohci - ok
19:54:45.0471 0x11fc [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:54:45.0481 0x11fc usbprint - ok
19:54:45.0511 0x11fc [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:54:45.0511 0x11fc USBSTOR - ok
19:54:45.0531 0x11fc [ 62069A34518BCF9C1FD9E74B3F6DB7CD, C58E21424718729324B285BEE1C96551540FCC3FD650B2D10895EBA48D981E25 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:54:45.0531 0x11fc usbuhci - ok
19:54:45.0571 0x11fc [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
19:54:45.0571 0x11fc UxSms - ok
19:54:45.0601 0x11fc [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] VaultSvc C:\Windows\system32\lsass.exe
19:54:45.0601 0x11fc VaultSvc - ok
19:54:45.0661 0x11fc [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:54:45.0661 0x11fc vdrvroot - ok
19:54:45.0751 0x11fc [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
19:54:45.0781 0x11fc vds - ok
19:54:45.0828 0x11fc [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:54:45.0832 0x11fc vga - ok
19:54:45.0855 0x11fc [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
19:54:45.0856 0x11fc VgaSave - ok
19:54:45.0913 0x11fc [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:54:45.0923 0x11fc vhdmp - ok
19:54:45.0973 0x11fc [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
19:54:45.0983 0x11fc viaide - ok
19:54:46.0003 0x11fc [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:54:46.0013 0x11fc volmgr - ok
19:54:46.0053 0x11fc [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:54:46.0073 0x11fc volmgrx - ok
19:54:46.0103 0x11fc [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:54:46.0113 0x11fc volsnap - ok
19:54:46.0159 0x11fc [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:54:46.0165 0x11fc vsmraid - ok
19:54:46.0257 0x11fc [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
19:54:46.0339 0x11fc VSS - ok
19:54:46.0367 0x11fc [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
19:54:46.0370 0x11fc vwifibus - ok
19:54:46.0401 0x11fc [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:54:46.0411 0x11fc vwififlt - ok
19:54:46.0511 0x11fc [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
19:54:46.0521 0x11fc W32Time - ok
19:54:46.0570 0x11fc [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:54:46.0573 0x11fc WacomPen - ok
19:54:46.0623 0x11fc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:54:46.0623 0x11fc WANARP - ok
19:54:46.0653 0x11fc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:54:46.0653 0x11fc Wanarpv6 - ok
19:54:46.0743 0x11fc [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:54:46.0813 0x11fc WatAdminSvc - ok
19:54:46.0905 0x11fc [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
19:54:47.0007 0x11fc wbengine - ok
19:54:47.0049 0x11fc [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:54:47.0059 0x11fc WbioSrvc - ok
19:54:47.0109 0x11fc [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:54:47.0129 0x11fc wcncsvc - ok
19:54:47.0149 0x11fc [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:54:47.0159 0x11fc WcsPlugInService - ok
19:54:47.0201 0x11fc [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:54:47.0201 0x11fc Wd - ok
19:54:47.0271 0x11fc [ 442783E2CB0DA19873B7A63833FF4CB4, 09254970265476214F3187CC22A4F9C7C2769D419600E83FBE302C3A103E527F ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:54:47.0321 0x11fc Wdf01000 - ok
19:54:47.0341 0x11fc [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:54:47.0356 0x11fc WdiServiceHost - ok
19:54:47.0370 0x11fc [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:54:47.0373 0x11fc WdiSystemHost - ok
19:54:47.0453 0x11fc [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient C:\Windows\System32\webclnt.dll
19:54:47.0473 0x11fc WebClient - ok
19:54:47.0513 0x11fc [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:54:47.0523 0x11fc Wecsvc - ok
19:54:47.0543 0x11fc [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:54:47.0553 0x11fc wercplsupport - ok
19:54:47.0583 0x11fc [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
19:54:47.0593 0x11fc WerSvc - ok
19:54:47.0633 0x11fc [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:54:47.0643 0x11fc WfpLwf - ok
19:54:47.0663 0x11fc [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:54:47.0663 0x11fc WIMMount - ok
19:54:47.0693 0x11fc WinHttpAutoProxySvc - ok
19:54:47.0755 0x11fc [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:54:47.0765 0x11fc Winmgmt - ok
19:54:47.0875 0x11fc [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
19:54:47.0957 0x11fc WinRM - ok
19:54:48.0019 0x11fc [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:54:48.0029 0x11fc WinUsb - ok
19:54:48.0089 0x11fc [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:54:48.0139 0x11fc Wlansvc - ok
19:54:48.0298 0x11fc [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:54:48.0384 0x11fc wlidsvc - ok
19:54:48.0435 0x11fc [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:54:48.0435 0x11fc WmiAcpi - ok
19:54:48.0485 0x11fc [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:54:48.0495 0x11fc wmiApSrv - ok
19:54:48.0545 0x11fc WMPNetworkSvc - ok
19:54:48.0575 0x11fc [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:54:48.0585 0x11fc WPCSvc - ok
19:54:48.0615 0x11fc [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:54:48.0625 0x11fc WPDBusEnum - ok
19:54:48.0695 0x11fc [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:54:48.0695 0x11fc ws2ifsl - ok
19:54:48.0735 0x11fc [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
19:54:48.0745 0x11fc wscsvc - ok
19:54:48.0755 0x11fc WSearch - ok
19:54:48.0907 0x11fc [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
19:54:49.0005 0x11fc wuauserv - ok
19:54:49.0061 0x11fc [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:54:49.0071 0x11fc WudfPf - ok
19:54:49.0111 0x11fc [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:54:49.0111 0x11fc WUDFRd - ok
19:54:49.0171 0x11fc [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:54:49.0181 0x11fc wudfsvc - ok
19:54:49.0241 0x11fc [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc C:\Windows\System32\wwansvc.dll
19:54:49.0261 0x11fc WwanSvc - ok
19:54:49.0331 0x11fc [ 19FFB0CB63955A425AAC2A4B19D93AA2, 6D42BCA867D270BF42A20502CDF74B9078728B7780BC8EFC535DFF26991AEDB5 ] XMouseButton Launcher C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonSvc.exe
19:54:49.0341 0x11fc XMouseButton Launcher - ok
19:54:49.0351 0x11fc ================ Scan global ===============================
19:54:49.0391 0x11fc [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
19:54:49.0451 0x11fc [ 0C27239FEA4DB8A2AAC9E502186B7264, 102AA14D7A3CCCE913D9887AF4CCE87EA649A21BEF5196DFFCAD7E8F0B6A7293 ] C:\Windows\system32\winsrv.dll
19:54:49.0501 0x11fc [ 0C27239FEA4DB8A2AAC9E502186B7264, 102AA14D7A3CCCE913D9887AF4CCE87EA649A21BEF5196DFFCAD7E8F0B6A7293 ] C:\Windows\system32\winsrv.dll
19:54:49.0531 0x11fc [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
19:54:49.0571 0x11fc [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
19:54:49.0601 0x11fc [ Global ] - ok
19:54:49.0601 0x11fc ================ Scan MBR ==================================
19:54:49.0611 0x11fc [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:54:49.0871 0x11fc \Device\Harddisk0\DR0 - ok
19:54:49.0881 0x11fc ================ Scan VBR ==================================
19:54:49.0881 0x11fc [ 1EF289F6ACA8CF5BA484D43DCE5AA3FC ] \Device\Harddisk0\DR0\Partition1
19:54:49.0881 0x11fc \Device\Harddisk0\DR0\Partition1 - ok
19:54:49.0901 0x11fc [ 2AC56795AE0AEEE25A901BC5493750BA ] \Device\Harddisk0\DR0\Partition2
19:54:49.0901 0x11fc \Device\Harddisk0\DR0\Partition2 - ok
19:54:49.0911 0x11fc ============================================================
19:54:49.0911 0x11fc Scan finished
19:54:49.0911 0x11fc ============================================================
19:54:49.0931 0x1180 Detected object count: 0
19:54:49.0931 0x1180 Actual detected object count: 0
19:55:21.0778 0x1030 Deinitialize success

 

[TimSimm2]

19:51:49.0890 1068 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:51:54.0020 1068 Perform update action was selected
19:51:54.0021 3592 Deinitialize success
19:52:25.0661 4620 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:52:31.0280 4620 Perform update action was selected
19:52:31.0282 4612 Deinitialize success

 

[Broni]

Nothing there.

Re-run Combofix and post new log.

 

[TimSimm2]

I noticed that instead of my cpu shooting up to 100% and staying there, now, when I open the task manager its at about 70-80% then shoots up to 100% then it climbs back down then up then back down. I suppose its improvement but I can tell the issue is not fixed

ComboFix 14-01-16.03 - Tim 01/20/2014 20:46:45.2.1 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1913.809 [GMT -5:00]
Running from: c:\users\Tim\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2013-12-21 to 2014-01-21 )))))))))))))))))))))))))))))))
.
.
2014-01-21 02:05 . 2014-01-21 02:05 -------- d-----w- c:\users\hedev\AppData\Local\temp
2014-01-21 02:05 . 2014-01-21 02:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-20 22:24 . 2014-01-20 22:21 965000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EE0ED14C-18AE-4C09-9AF6-8220FB6CE135}\gapaengine.dll
2014-01-20 22:23 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{333BDE56-574F-45B5-A110-C299F1731E20}\mpengine.dll
2014-01-20 03:54 . 2014-01-20 03:54 -------- d-----w- C:\_OTL
2014-01-20 03:49 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-01-20 03:18 . 2014-01-20 03:18 -------- d-----w- c:\windows\ERUNT
2014-01-20 00:21 . 2014-01-20 00:46 -------- d-----w- C:\AdwCleaner
2014-01-19 01:41 . 2014-01-19 01:44 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-01-19 01:38 . 2014-01-19 01:38 -------- d-----w- c:\users\Default\AppData\Roaming\IObit
2014-01-17 23:50 . 2014-01-17 23:54 -------- d-----w- c:\users\Tim\AppData\Local\CrashDumps
2014-01-17 23:17 . 2014-01-17 23:17 888536 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2014-01-17 23:17 . 2014-01-17 23:17 73800 ----a-w- c:\windows\system32\RtNicProp64.dll
2014-01-17 23:17 . 2014-01-17 23:17 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2014-01-17 23:16 . 2014-01-17 23:16 -------- d-----w- c:\program files\Realtek
2014-01-17 23:16 . 2014-01-17 23:16 -------- d-----w- c:\windows\SysWow64\RTCOM
2014-01-17 23:13 . 2014-01-17 23:13 310104 ----a-w- c:\windows\system32\RP3DHT64.dll
2014-01-17 23:08 . 2014-01-17 23:08 90112 ----a-w- c:\windows\system32\igfxCoIn_v2869.dll
2014-01-17 23:07 . 2014-01-17 23:07 32496 ----a-w- c:\windows\system32\drivers\Smb_driver_Intel.sys
2014-01-17 22:10 . 2014-01-17 22:10 -------- d-----w- c:\programdata\ProductData
2014-01-17 22:09 . 2014-01-17 22:09 -------- d-----w- c:\programdata\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-01-17 22:09 . 2014-01-17 23:02 -------- d-----w- c:\programdata\IObit
2014-01-17 22:09 . 2014-01-20 00:10 -------- d-----w- c:\program files (x86)\IObit
2014-01-17 22:08 . 2014-01-17 23:01 -------- d-----w- c:\users\Tim\AppData\Roaming\IObit
2014-01-04 19:53 . 2014-01-19 01:41 117464 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-01-04 19:50 . 2014-01-04 19:50 89304 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-01-04 00:02 . 2014-01-04 00:02 -------- d-----w- c:\users\Tim\AppData\Local\Opera Software
2014-01-04 00:02 . 2014-01-04 00:02 -------- d-----w- c:\users\Tim\AppData\Roaming\Opera Software
2014-01-04 00:01 . 2014-01-04 00:01 -------- d-----w- c:\program files (x86)\Opera
2014-01-03 22:51 . 2014-01-20 23:45 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
2014-01-03 17:06 . 2014-01-03 17:06 -------- d-----w- c:\users\Tim\AppData\Roaming\AVAST Software
2014-01-03 17:04 . 2014-01-03 17:05 79672 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-01-03 17:04 . 2014-01-03 17:04 207904 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-01-03 17:04 . 2014-01-03 17:04 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-01-03 17:04 . 2014-01-03 17:04 1034464 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-01-03 17:04 . 2014-01-03 17:04 422216 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-01-03 17:04 . 2014-01-03 17:04 78648 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-01-03 17:04 . 2014-01-03 17:04 92544 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-01-03 17:04 . 2014-01-03 17:04 334136 ----a-w- c:\windows\system32\aswBoot.exe
2014-01-03 17:04 . 2014-01-03 17:04 43152 ----a-w- c:\windows\avastSS.scr
2014-01-03 17:02 . 2014-01-03 17:02 -------- d-----w- c:\program files\AVAST Software
2014-01-03 16:57 . 2014-01-03 16:57 -------- d-----w- c:\programdata\AVAST Software
2013-12-23 05:03 . 2013-12-23 05:05 -------- d-----w- C:\zsnesw151
2013-12-23 04:57 . 2013-12-23 04:57 -------- d-----w- c:\users\Mcx1-TIM-PC
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-19 07:33 . 2011-11-25 18:15 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-01-17 23:08 . 2011-02-11 23:46 61952 ----a-w- c:\windows\system32\igfxsrvc.dll
2014-01-17 23:08 . 2011-02-12 00:09 571904 ----a-w- c:\windows\SysWow64\igdumdx32.dll
2014-01-17 23:08 . 2009-07-13 21:59 4896768 ----a-w- c:\windows\SysWow64\igdumd32.dll
2014-01-17 23:08 . 2009-07-13 21:59 4722176 ----a-w- c:\windows\system32\igd10umd64.dll
2014-01-17 23:08 . 2011-02-11 23:45 108544 ----a-w- c:\windows\system32\hccutils.dll
2013-12-18 06:11 . 2013-12-18 06:11 354656 ----a-w- c:\windows\SysWow64\DivXControlPanelApplet.cpl
2013-12-10 20:34 . 2012-04-01 13:54 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-10 20:34 . 2011-11-25 23:34 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-10 20:33 . 2013-12-10 20:33 9293192 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Jump Desktop"="c:\program files (x86)\Jump Desktop\JumpDesktop.exe" [2013-05-07 469032]
"Spotify Web Helper"="c:\users\Tim\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-11-09 1140736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-01-03 3764024]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2013-11-15 1861968]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"KodakHomeCenter"="c:\program files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe" [2013-03-15 2236792]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys;c:\windows\SYSNATIVE\DRIVERS\LVPr2M64.sys [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
R3 LVUVC64;Logitech HD Webcam C270(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam_x64.sys;c:\windows\SYSNATIVE\DRIVERS\ManyCam_x64.sys [x]
R3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys;c:\windows\SYSNATIVE\drivers\mbamchameleon.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore64.sys;c:\windows\SYSNATIVE\drivers\PCTCore64.sys [x]
S0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS64.sys;c:\windows\SYSNATIVE\drivers\pctDS64.sys [x]
S0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA64.sys;c:\windows\SYSNATIVE\drivers\pctEFA64.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 PCTSD;PC Tools Spyware Doctor Driver;c:\windows\system32\Drivers\PCTSD64.sys;c:\windows\SYSNATIVE\Drivers\PCTSD64.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 JumpDesktop;Jump Desktop Service;c:\program files (x86)\Jump Desktop\JumpService.exe;c:\program files (x86)\Jump Desktop\JumpService.exe [x]
S2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files (x86)\Kodak\AiO\Center\EKAiOHostService.exe;c:\program files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [x]
S2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;c:\program files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe;c:\program files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 tvnserver;TightVNC Server;c:\program files\TightVNC\tvnserver.exe;c:\program files\TightVNC\tvnserver.exe [x]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
S2 XMouseButton Launcher;XMouseButton Launcher;c:\program files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonSvc.exe;c:\program files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonSvc.exe [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187B.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8187B.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 96433611
*Deregistered* - 96433611
.
Contents of the 'Scheduled Tasks' folder
.
2014-01-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 20:34]
.
2014-01-03 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1653703331-2215413810-4147242134-1001Core.job
- c:\users\Tim\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-13 16:03]
.
2014-01-21 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1653703331-2215413810-4147242134-1001UA.job
- c:\users\Tim\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-13 16:03]
.
2014-01-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-20 03:21]
.
2014-01-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-20 03:21]
.
2014-01-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1653703331-2215413810-4147242134-1001Core.job
- c:\users\Tim\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-18 16:37]
.
2014-01-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1653703331-2215413810-4147242134-1001UA.job
- c:\users\Tim\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-18 16:37]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
2014-01-17 22:10 2486592 ----a-w- c:\program files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-01-03 17:04 287280 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512]
"tvncontrol"="c:\program files\TightVNC\tvnserver.exe" [2013-07-19 2179056]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-10-01 497648]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-01-17 163360]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-01-17 387616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2014-01-17 418336]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2014-01-17 13662936]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
FF - ProfilePath - c:\users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\1t83d977.default\
FF - prefs.js: browser.startup.homepage - hxxp://google.com
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-01-20 21:09:36
ComboFix-quarantined-files.txt 2014-01-21 02:09
ComboFix2.txt 2014-01-19 21:58
.
Pre-Run: 118,401,966,080 bytes free
Post-Run: 124,158,906,368 bytes free
.
- - End Of File - - F2B5194C55432D17291E05DD422BD7BE
A36C5E4F47E84449FF07ED3517B43A31

 

[Broni]

Why do I see two AV programs running?
Avast and MSE.
You have to uninstall one of them.
You're making some constant changes to your computer.
We won't be getting anywhere if you won't follow my rules.

When done with reinstalling restart computer and post new Process Explorer log.

 

[TimSimm2]

You have a point. sorry I always used MSE then I heard that avast was better. never thought to uninstall MSE but done now. ill get the log for you soon

 

[TimSimm2]

Process PID CPU Private Bytes Working Set Description Company Name Command Line
audiodg.exe 680 17,788 K 17,460 K
DivXUpdate.exe 2208 5,964 K 15,548 K DivX Update "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
EKPrinterSDK.exe 2420 1,712 K 5,004 K Status Monitor SDK for KODAK AiO Printer (32-Bit Intel(R) Pentium(TM) 4 Optimized Build) Eastman Kodak Company "C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe"
hkcmd.exe 1816 2,628 K 9,408 K hkcmd Module Intel Corporation "C:\Windows\System32\hkcmd.exe"
igfxpers.exe 1852 1,748 K 6,148 K persistence Module Intel Corporation "C:\Windows\System32\igfxpers.exe"
mbamscheduler.exe 2680 2,104 K 5,796 K Malwarebytes Anti-Malware Malwarebytes Corporation "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"
procexp.exe 3520 2,584 K 6,012 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com "C:\Users\Tim\Desktop\ProcessExplorer\procexp.exe"
RAVCpl64.exe 1860 7,828 K 10,160 K Realtek HD Audio Manager Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
services.exe 580 5,572 K 9,824 K
smss.exe 300 368 K 1,020 K
spoolsv.exe 1504 6,168 K 11,328 K Spooler SubSystem App Microsoft Corporation C:\Windows\System32\spoolsv.exe
SpotifyWebHelper.exe 2140 1,824 K 5,920 K SpotifyWebHelper Spotify Ltd "C:\Users\Tim\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
sppsvc.exe 3160 2,640 K 8,400 K Microsoft Software Protection Platform Service Microsoft Corporation C:\Windows\system32\sppsvc.exe
svchost.exe 3684 5,576 K 11,352 K Host Process for Windows Services Microsoft Corporation C:\Windows\System32\svchost.exe -k LocalServicePeerNet
svchost.exe 2928 1,636 K 5,164 K Host Process for Windows Services Microsoft Corporation C:\Windows\system32\svchost.exe -k imgsvc
svchost.exe 320 2,056 K 5,192 K Host Process for Windows Services Microsoft Corporation C:\Windows\system32\svchost.exe -k GPSvcGroup
svchost.exe 3164 2,068 K 5,468 K Host Process for Windows Services Microsoft Corporation C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
svchost.exe 1592 13,480 K 18,256 K Host Process for Windows Services Microsoft Corporation C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
svchost.exe 728 3,744 K 8,724 K Host Process for Windows Services Microsoft Corporation C:\Windows\system32\svchost.exe -k DcomLaunch
taskeng.exe 1272 1,532 K 4,872 K
taskeng.exe 1372 1,688 K 5,372 K Task Scheduler Engine Microsoft Corporation taskeng.exe {B2F28885-1830-494B-A895-A74661D57613}
UMVPFSrv.exe 492 1,116 K 3,936 K Logitech User mode UMVPF service Logitech Inc. C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
wininit.exe 496 1,300 K 4,200 K
winlogon.exe 560 2,564 K 6,796 K
WLIDSVCM.EXE 2156 1,048 K 3,008 K
XMouseButtonSvc.exe 1700 < 0.01 1,028 K 3,432 K Windows service to run XMouseButtonControl with admin priviledges on any user session. Highresolution Enterprises C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonSvc.exe
TODDSrv.exe 2972 < 0.01 1,184 K 4,064 K TDCSrv Application TOSHIBA Corporation C:\Windows\SysWOW64\TODDSrv.exe
taskhost.exe 1600 < 0.01 2,940 K 6,540 K Host Process for Windows Tasks Microsoft Corporation "taskhost.exe"
svchost.exe 944 0.01 53,924 K 61,364 K Host Process for Windows Services Microsoft Corporation C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
WLIDSVC.EXE 1728 0.01 6,340 K 14,800 K "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
EKAiOHostService.exe 2328 0.01 26,856 K 25,872 K EKAiOHostService Module for Kodak AiO Printers Eastman Kodak Company C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
csrss.exe 444 0.01 1,936 K 4,244 K
JumpDesktop.exe 1752 0.02 26,760 K 29,564 K Jump Desktop Phase Five Systems "C:\Program Files (x86)\Jump Desktop\JumpDesktop.exe" autorun
JumpService.exe 1200 0.02 24,396 K 21,268 K Jump Desktop Service Phase Five Systems "C:\Program Files (x86)\Jump Desktop\JumpService.exe"
svchost.exe 316 0.03 8,776 K 15,788 K Host Process for Windows Services Microsoft Corporation C:\Windows\system32\svchost.exe -k LocalService
svchost.exe 1104 0.04 14,900 K 17,700 K Host Process for Windows Services Microsoft Corporation C:\Windows\system32\svchost.exe -k NetworkService
svchost.exe 1704 0.04 4,964 K 9,024 K Host Process for Windows Services Microsoft Corporation C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
lsm.exe 620 0.05 2,732 K 5,468 K
svchost.exe 808 0.06 3,828 K 7,568 K Host Process for Windows Services Microsoft Corporation C:\Windows\system32\svchost.exe -k RPCSS
SearchIndexer.exe 760 0.06 14,304 K 7,468 K Microsoft Windows Search Indexer Microsoft Corporation C:\Windows\system32\SearchIndexer.exe /Embedding
svchost.exe 856 0.06 18,388 K 21,292 K Host Process for Windows Services Microsoft Corporation C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
AvastUI.exe 2200 0.12 15,208 K 12,040 K avast! Antivirus AVAST Software "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
tvnserver.exe 3004 0.12 2,088 K 5,624 K TightVNC Server GlavSoft LLC. "C:\Program Files\TightVNC\tvnserver.exe" -service
svchost.exe 452 0.13 24,776 K 34,480 K Host Process for Windows Services Microsoft Corporation C:\Windows\system32\svchost.exe -k netsvcs
explorer.exe 1256 0.13 35,336 K 47,656 K Windows Explorer Microsoft Corporation C:\Windows\Explorer.EXE
lsass.exe 612 0.14 4,608 K 11,712 K Local Security Authority Process Microsoft Corporation C:\Windows\system32\lsass.exe
c2c_service.exe 2844 0.15 2,380 K 7,428 K Skype C2C Service Skype Technologies S.A. "C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
AvastSvc.exe 1352 0.21 37,544 K 48,612 K avast! Service AVAST Software "C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
XMouseButtonControl.exe 1760 0.25 2,028 K 6,340 K
System 4 0.91 112 K 324 K
csrss.exe 504 1.80 2,228 K 11,240 K
Interrupts n/a 3.02 0 K 0 K Hardware Interrupts and DPCs
dwm.exe 1244 4.48 46,756 K 22,040 K Desktop Window Manager Microsoft Corporation "C:\Windows\system32\Dwm.exe"
procexp64.exe 3792 16.82 32,424 K 38,348 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com "C:\Users\Tim\Desktop\ProcessExplorer\procexp.exe"
System Idle Process 0 71.27 0 K 24 K

 

[Broni]

Which AV program did you uninstall?

CPU usage looks much better. It's about 12% (if you deduct PE process itself which is not normally running) which is acceptable.

What worries me a bit is Hardware Interrupts CPU usage.

We need to check couple of things....

Download siv.zip (System Information Viewer) from here: System Information Viewer
Do NOT try to download siv32l.zip or siv64i.zip
Unzip downloaded file.
For 32-bit systems double click on SIV32X.exe to run the tool.
For 64-bit systems double click on SIV64X.exe to run the tool.
Click on Copy button at the bottom left.
That will save all information to the Clipboard.
Open Notepad.
Hold CTRL key on your keyboard and press V key.
That will paste all info to the Notepad.
Copy all content and paste it into your next reply.

• Download GSmartControl for Windows and save it to your desktop[/*]
• Unzip the folder to your desktop[/*]
• Double click gsmartcontrol.exe[/*]
• Allow the program to search for and list your hard drive(s)[/*]
• Double click your drive[/*]
• Go to the PERFORM TESTS tab[/*]
• Make sure that the TEST TYPE is set to SHORT SELF-TEST[/*]
• Click the EXECUTE button[/*]
• After the test completes, click the VIEW OUTPUT button and copy and paste the contents in your reply[/*]

 

[TimSimm2]

Got rid of mse. kept avast

SIV64X - System Information Viewer V4.42 TIM-PC::Tim

Windows 7 x64 Home Premium (Single User) V6.01 Build 7601 Service Pack 1 TOSHIBA L455 TIM-PC::Tim English (0409) United States (1)
Workgroup WORKGROUP 00 00:25:04 2014-01-20 21:57:01 [370MHz Single DDR2 RAM] PCIe x1@1 (x1) FSBRAM 1:2 MCH 0°C

Resource Usage 66% [1] 12% Current Maximum DDR2 RAM CAS Latency 6
System Physical Memory 1.24GB 836.00KB 1.88GB RAS to CAS Delay (tRCD) 6
System Paging File 1.31GB 2.42GB 3.74GB RAS Precharge (tRP) 6
System File Cache 696.44MB 1.19GB 868.04MB Cycle Time (tRAS) 18
Row Cycle Time (tRC) 24

Chips 1 Disks 37°C DIMMs 2GB

ACPI Embedded Controller MB 77°C BAT 12.43 100% Fans 0

Processor FSB 20% CPU Utilisation Volts Temp APIC Socket P BGA-479 Intel Celeron Single-Core 900 (Perryville) 2.20GHz [E0]
CPU-0 1.02GHz x11 92MHz U 16% K 3% D 1% 1.18 69°C 0.0.0 Technology 45nm x64 Family 6 Model 23 (17) Stepping 10 Revision 07
Memory GPU 0.4% GPU Utilisation CPUs 1 Cores 1 Intel(R) Celeron(R) CPU 900 @ 2.20GHz
GPU-0 487MHz 400MHz Activity 0% 1.05 L1 Code Cache 8-way 64-byte 32KB
L1 Data Cache 8-way 64-byte 32KB [3/3] Temp 8.0°C
L2 Unified Cache 4-way 64-byte 1MB [14] Fan 0 RPM
[Cache-0 Latency] [MMX SSSE3 XD]

[ OK ] [ Copy] [Windows] [Machine] [Status] [USB Bus] [Network] [ SPD ] [Volumes] [ Wi-Fi] [PCI Bus] [ About] [ Help]

 

[TimSimm2]

Smartctl 5.43 2012-06-30 r3573 [i686-w64-mingw32-win7(64)-sp1] (sf-5.43-1)
Copyright (C) 2002-12 by Bruce Allen, http://smartmontools.sourceforge.net

=== START OF INFORMATION SECTION ===
Model Family: Seagate Momentus 5400.6
Device Model: ST9250315AS
Serial Number: 6VCWDCPA
LU WWN Device Id: 5 000c50 03e604216
Firmware Version: 0002BSM1
User Capacity: 250,059,350,016 bytes [250 GB]
Sector Size: 512 bytes logical/physical
Device is: In smartctl database [for details use: -P show]
ATA Version is: 8
ATA Standard is: ATA-8-ACS revision 4
Local Time is: Mon Jan 20 21:59:24 2014 EST
SMART support is: Available - device has SMART capability.
SMART support is: Enabled

=== START OF READ SMART DATA SECTION ===
SMART overall-health self-assessment test result: PASSED

General SMART Values:
Offline data collection status: (0x00) Offline data collection activity
was never started.
Auto Offline Data Collection: Disabled.
Self-test execution status: ( 121) The previous self-test completed having
the read element of the test failed.
Total time to complete Offline
data collection: ( 0) seconds.
Offline data collection
capabilities: (0x73) SMART execute Offline immediate.
Auto Offline data collection on/off support.
Suspend Offline collection upon new
command.
No Offline surface scan supported.
Self-test supported.
Conveyance Self-test supported.
Selective Self-test supported.
SMART capabilities: (0x0003) Saves SMART data before entering
power-saving mode.
Supports SMART auto save timer.
Error logging capability: (0x01) Error logging supported.
General Purpose Logging supported.
Short self-test routine
recommended polling time: ( 1) minutes.
Extended self-test routine
recommended polling time: ( 72) minutes.
Conveyance self-test routine
recommended polling time: ( 2) minutes.
SCT capabilities: (0x103b) SCT Status supported.
SCT Error Recovery Control supported.
SCT Feature Control supported.
SCT Data Table supported.

SMART Attributes Data Structure revision number: 10
Vendor Specific SMART Attributes with Thresholds:
ID# ATTRIBUTE_NAME FLAG VALUE WORST THRESH TYPE UPDATED WHEN_FAILED RAW_VALUE
1 Raw_Read_Error_Rate 0x000f 101 086 006 Pre-fail Always - 40588793
3 Spin_Up_Time 0x0003 099 099 000 Pre-fail Always - 0
4 Start_Stop_Count 0x0032 099 099 020 Old_age Always - 1228
5 Reallocated_Sector_Ct 0x0033 100 100 036 Pre-fail Always - 5
7 Seek_Error_Rate 0x000f 085 060 030 Pre-fail Always - 365426840
9 Power_On_Hours 0x0032 088 088 000 Old_age Always - 10660
10 Spin_Retry_Count 0x0013 100 100 097 Pre-fail Always - 0
12 Power_Cycle_Count 0x0032 099 099 020 Old_age Always - 1204
184 End-to-End_Error 0x0032 100 100 099 Old_age Always - 0
187 Reported_Uncorrect 0x0032 001 001 000 Old_age Always - 4297
188 Command_Timeout 0x0032 100 099 000 Old_age Always - 28
189 High_Fly_Writes 0x003a 100 100 000 Old_age Always - 0
190 Airflow_Temperature_Cel 0x0022 063 047 045 Old_age Always - 37 (Min/Max 21/42)
191 G-Sense_Error_Rate 0x0032 099 099 000 Old_age Always - 2552
192 Power-Off_Retract_Count 0x0032 100 100 000 Old_age Always - 102
193 Load_Cycle_Count 0x0032 097 097 000 Old_age Always - 7384
194 Temperature_Celsius 0x0022 037 053 000 Old_age Always - 37 (0 9 0 0 0)
195 Hardware_ECC_Recovered 0x001a 044 038 000 Old_age Always - 40588793
197 Current_Pending_Sector 0x0012 100 100 000 Old_age Always - 7
198 Offline_Uncorrectable 0x0010 100 100 000 Old_age Offline - 7
199 UDMA_CRC_Error_Count 0x003e 200 200 000 Old_age Always - 0

SMART Error Log Version: 1
ATA Error Count: 4624 (device log contains only the most recent five errors)
CR = Command Register [HEX]
FR = Features Register [HEX]
SC = Sector Count Register [HEX]
SN = Sector Number Register [HEX]
CL = Cylinder Low Register [HEX]
CH = Cylinder High Register [HEX]
DH = Device/Head Register [HEX]
DC = Device Command Register [HEX]
ER = Error register [HEX]
ST = Status register [HEX]
Powered_Up_Time is measured from power on, and printed as
DDd+hh:mm:SS.sss where DD=days, hh=hours, mm=minutes,
SS=sec, and sss=millisec. It "wraps" after 49.710 days.

Error 4624 occurred at disk power-on lifetime: 10659 hours (444 days + 3 hours)
When the command that caused the error occurred, the device was active or idle.

After command completion occurred, registers were:
ER ST SC SN CL CH DH
-- -- -- -- -- -- --
40 51 00 21 37 86 0f Error: WP at LBA = 0x0f863721 = 260454177

Commands leading to the command that caused the error were:
CR FR SC SN CL CH DH DC Powered_Up_Time Command/Feature_Name
-- -- -- -- -- -- -- -- ---------------- --------------------
61 00 08 68 f6 62 40 00 02:28:44.941 WRITE FPDMA QUEUED
61 00 08 b0 41 03 40 00 02:28:44.940 WRITE FPDMA QUEUED
61 00 10 48 f6 62 40 00 02:28:44.940 WRITE FPDMA QUEUED
61 00 08 d0 ed 5e 40 00 02:28:44.939 WRITE FPDMA QUEUED
61 00 10 10 f6 62 40 00 02:28:44.939 WRITE FPDMA QUEUED

Error 4623 occurred at disk power-on lifetime: 10659 hours (444 days + 3 hours)
When the command that caused the error occurred, the device was active or idle.

After command completion occurred, registers were:
ER ST SC SN CL CH DH
-- -- -- -- -- -- --
40 51 00 21 37 86 0f Error: WP at LBA = 0x0f863721 = 260454177

Commands leading to the command that caused the error were:
CR FR SC SN CL CH DH DC Powered_Up_Time Command/Feature_Name
-- -- -- -- -- -- -- -- ---------------- --------------------
61 00 20 f0 8f 5f 40 00 02:28:42.470 WRITE FPDMA QUEUED
61 00 10 80 f5 62 40 00 02:28:42.469 WRITE FPDMA QUEUED
60 00 20 20 37 86 4f 00 02:28:42.469 READ FPDMA QUEUED
61 00 08 d0 ed 5e 40 00 02:28:42.468 WRITE FPDMA QUEUED
61 00 08 f8 58 03 40 00 02:28:42.468 WRITE FPDMA QUEUED

Error 4622 occurred at disk power-on lifetime: 10659 hours (444 days + 3 hours)
When the command that caused the error occurred, the device was active or idle.

After command completion occurred, registers were:
ER ST SC SN CL CH DH
-- -- -- -- -- -- --
40 51 00 21 37 86 0f Error: WP at LBA = 0x0f863721 = 260454177

Commands leading to the command that caused the error were:
CR FR SC SN CL CH DH DC Powered_Up_Time Command/Feature_Name
-- -- -- -- -- -- -- -- ---------------- --------------------
61 00 08 b0 41 03 40 00 02:28:39.965 WRITE FPDMA QUEUED
61 00 08 e8 f2 63 40 00 02:28:39.965 WRITE FPDMA QUEUED
61 00 08 c8 ed 5e 40 00 02:28:39.964 WRITE FPDMA QUEUED
61 00 20 28 f5 62 40 00 02:28:39.963 WRITE FPDMA QUEUED
61 00 08 91 5a 71 42 00 02:28:39.963 WRITE FPDMA QUEUED

Error 4621 occurred at disk power-on lifetime: 10659 hours (444 days + 3 hours)
When the command that caused the error occurred, the device was active or idle.

After command completion occurred, registers were:
ER ST SC SN CL CH DH
-- -- -- -- -- -- --
40 51 00 21 37 86 0f Error: WP at LBA = 0x0f863721 = 260454177

Commands leading to the command that caused the error were:
CR FR SC SN CL CH DH DC Powered_Up_Time Command/Feature_Name
-- -- -- -- -- -- -- -- ---------------- --------------------
61 00 10 50 f4 62 40 00 02:28:37.409 WRITE FPDMA QUEUED
61 00 08 c0 ed 5e 40 00 02:28:37.409 WRITE FPDMA QUEUED
61 00 10 38 f4 62 40 00 02:28:37.408 WRITE FPDMA QUEUED
61 00 08 d0 ed 5e 40 00 02:28:37.407 WRITE FPDMA QUEUED
60 00 00 ff ff ff 4f 00 02:28:37.406 READ FPDMA QUEUED

Error 4620 occurred at disk power-on lifetime: 10659 hours (444 days + 3 hours)
When the command that caused the error occurred, the device was active or idle.

After command completion occurred, registers were:
ER ST SC SN CL CH DH
-- -- -- -- -- -- --
40 51 00 21 37 86 0f Error: UNC at LBA = 0x0f863721 = 260454177

Commands leading to the command that caused the error were:
CR FR SC SN CL CH DH DC Powered_Up_Time Command/Feature_Name
-- -- -- -- -- -- -- -- ---------------- --------------------
60 00 00 ff ff ff 4f 00 02:28:35.000 READ FPDMA QUEUED
60 00 00 ff ff ff 4f 00 02:28:34.993 READ FPDMA QUEUED
60 00 00 ff ff ff 4f 00 02:28:34.987 READ FPDMA QUEUED
61 00 10 e8 f3 62 40 00 02:28:34.968 WRITE FPDMA QUEUED
61 00 18 c8 f3 62 40 00 02:28:34.968 WRITE FPDMA QUEUED

SMART Self-test log structure revision number 1
Num Test_Description Status Remaining LifeTime(hours) LBA_of_first_error
# 1 Short offline Completed: read failure 90% 10660 253093418

SMART Selective self-test log data structure revision number 1
SPAN MIN_LBA MAX_LBA CURRENT_TEST_STATUS
1 0 0 Not_testing
2 0 0 Not_testing
3 0 0 Not_testing
4 0 0 Not_testing
5 0 0 Not_testing
Selective self-test flags (0x0):
After scanning selected spans, do NOT read-scan remainder of disk.
If Selective self-test is pending on power-up, resume after 0 minute delay.

 

[Broni]

You don't have to run the second tool for now.
Hold on...

 

[Broni]

I didn't see your last reply.
Hold on...

 

[TimSimm2]

O ok sorry

 

[Broni]

Run hard drive diagnostics: http://www.bleepingcomputer.com/forums/topic28744.html/page__view__findpost__p__160520
Make sure, you select tool, which is appropriate for the brand of your hard drive.
Depending on the program, it'll create bootable floppy, or bootable CD.
If downloaded file is of .iso type, use ImgBurn: http://www.imgburn.com/ to burn .iso file to a CD (select "Write image file to disc" option), and make the CD bootable.
For Toshiba hard drives, see here: http://storage.toshiba.com/storage-services-support/warranty-support/software-utilities#diagnostic

Note : If you do not know how to set your computer to boot from CD follow the steps here

Your drive is Seagate.

 

[TimSimm2]

Ok. will have to do this another time as unfortunately at the moment I have no cd-rs to create the boot disc

 

[Broni]

Let me know.
At this point your computer should be clean of malware so we have to have some other issues.

 

[TimSimm2]

Ill try to get some soon

 

[Broni]

 

[TimSimm2]

Still havent had the chance to pick some up

 

[Broni]

Keep me posted.

 

[TimSimm2]

I will