Inactive-A Need help.
- Thread starter HITAKU
- Start date
- Status
Broni
Posts: 56,041 +516
Welcome aboard
Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.
Please, observe following rules:
Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.
Please, observe following rules:
- Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
- If you're stuck, or you're not sure about certain step, always ask before doing anything else.
- Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
- Never run more than one scan at a time.
- Keep updating me regarding your computer behavior, good, or bad.
- The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
- If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
- I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
HITAKU
Posts: 18 +0
Here's the log from mbam
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 1/4/2015
Scan Time: 9:22:02 PM
Logfile: log for MBAM.txt
Administrator: Yes
Version: 2.00.4.1028
Malware Database: v2015.01.04.07
Rootkit Database: v2014.12.30.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7
CPU: x86
File System: NTFS
User: olive
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 385590
Time Elapsed: 20 min, 23 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 25
PUP.Optional.Alnaddy.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{CD3AED25-23AB-4543-B915-159449C37197}, Quarantined, [30374da6246562d41d1d39a91fe354ac],
PUP.Optional.Alnaddy.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{CD3AED25-23AB-4543-B915-159449C37197}, Quarantined, [30374da6246562d41d1d39a91fe354ac],
PUP.Optional.UTorrentControl.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{7473B6BD-4691-4744-A82B-7854EB3D70B6}, Quarantined, [5a0dfdf68504b87e1dcb7c66768c4fb1],
PUP.Optional.UTorrentControl.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{7473B6BD-4691-4744-A82B-7854EB3D70B6}, Quarantined, [5a0dfdf68504b87e1dcb7c66768c4fb1],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{5FDB0CD8-5760-44D1-8D13-A78BF558C3C7}, Quarantined, [4027aa499fea39fdb47c2cb633cf7987],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{631ACB68-57C3-48AF-9CC5-FCEC0837FFD3}, Quarantined, [5a0d5b98f396360002e1a63b29d9936d],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{796B75F6-6187-47E2-8F1F-C16E059E6E19}, Quarantined, [9acd7281177278be558911d08f731ae6],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{9359DA42-06FB-46F2-9E4A-05C05B98A5EF}, Quarantined, [7deaec07f396ea4ca889d50d2fd3659b],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{D5E9B421-C309-41DE-9014-800A2ADCDEB0}, Quarantined, [76f1668dd5b479bdf5f048997989a15f],
PUP.Optional.Sanbreel.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{db0d16b6-738d-4e8c-944f-3c5beb857f38}Gw, Quarantined, [323543b0553485b1aa21e697d72c17e9],
PUP.Optional.GoPhoto.A, HKLM\SOFTWARE\GoPhoto.it V9.0, Quarantined, [254260939ced58de41ca5b14d42f9b65],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\InboxAce_1g, Quarantined, [541317dc0e7b9a9cac455780a95b7a86],
PUP.Optional.LuckyTab.A, HKLM\SOFTWARE\LuckyTab, Quarantined, [3037e60d6227d6603ff1ab3bd92bd12f],
PUP.Optional.WPM.A, HKLM\SOFTWARE\supWindowsMangerProtect, Quarantined, [a1c633c0305934020bf0f2eadb29de22],
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, Quarantined, [5d0ab04393f67db9b4401a5203007f81],
PUP.Optional.GoPhoto.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\GoPhoto.it V9.0, Quarantined, [4d1a53a05f2a2115cc4184eb649fbc44],
PUP.Optional.TornTV.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Torntv V9.0, Quarantined, [11566f84127759dd356bfea3b74ca15f],
PUP.Optional.GoPhoto.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\GoPhoto.it V9.0, Quarantined, [8bdca1529cedf14517f6bdb229daef11],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\InboxAce_1g, Quarantined, [79ee23d07910181ed58b503c847f837d],
PUP.Optional.MyEmoticons.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Search Protection, Quarantined, [184fe60d2960ab8bda0d1092a75c24dc],
PUP.Optional.FastStart.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS, Quarantined, [d295b241167372c423beafc5f40fec14],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\FilmFanatic, Quarantined, [f7702ec5cbbe3ff7add7cdbf7e8550b0],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\InboxAce_1g, Quarantined, [a2c58d66c9c0d46227399bf146bded13],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\TelevisionFanatic, Quarantined, [8ed9d71cd8b1bb7b41247814fc07a759],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\UtilityChest_49, Quarantined, [7ee95c976128ba7c79e6a0ecca398a76],
Registry Values: 8
PUP.Optional.UTorrentControl.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{7473B6BD-4691-4744-A82B-7854EB3D70B6}, ½¶stâ??FDG¨+xTë=p¶, Quarantined, [5a0dfdf68504b87e1dcb7c66768c4fb1]
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{5FDB0CD8-5760-44D1-8D13-A78BF558C3C7}, Quarantined, [4027aa499fea39fdb47c2cb633cf7987],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{796B75F6-6187-47E2-8F1F-C16E059E6E19}, Quarantined, [9acd7281177278be558911d08f731ae6],
PUP.Optional.UTorrentControl.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{7473B6BD-4691-4744-A82B-7854EB3D70B6}, Quarantined, [ec7be211b0d90531faee3fa36e94926e],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{5fdb0cd8-5760-44d1-8d13-a78bf558c3c7}, Quarantined, [5215e211f89176c07cb4a43e91719868],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{796b75f6-6187-47e2-8f1f-c16e059e6e19}, Quarantined, [1b4cb93a434696a0de004d94dd25847c],
PUP.Optional.FastStart.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|faststartff@gmail.com, C:\Users\olive\AppData\Roaming\Mozilla\Firefox\Profiles\1a3szy42.default\extensions\faststartff@gmail.com, Quarantined, [a1c69e55e7a26ec80f067c608183cd33]
PUP.Optional.FastStart.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, faststartff@gmail.com, Quarantined, [d295b241167372c423beafc5f40fec14]
Registry Data: 0
(No malicious items detected)
Folders: 4
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, Quarantined, [d49329ca830691a5fbd04bf9e71c22de],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, Quarantined, [d49329ca830691a5fbd04bf9e71c22de],
PUP.Optional.GoPhoto.A, C:\Users\olive\AppData\LocalLow\GoPhoto.it V9.0, Quarantined, [6601797afa8f37ff0cb265f204ffdf21],
PUP.Optional.LuckyTab.A, C:\Users\olive\AppData\Roaming\Microsoft\Windows\Start Menu\LuckyTab, Quarantined, [79ee4da612771f1769b7b2ab4ab9cd33],
Files: 21
PUP.Optional.WindowsProtectManger.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, Quarantined, [3b2c03f0cfba2f077820546e19e8857b],
Trojan.Agent.ED, C:\Users\olive\AppData\Local\Temp\UpdateFlashPlayer_43dd7ae3.exe, Quarantined, [c5a2db183a4ffa3c1844f40f8c7626da],
Hacktool.CheatEngine, C:\Users\olive\Downloads\Marvel Avengers Alliance Trainer V7 x86 - Brandons PC.rar, Quarantined, [b1b642b1761347efc3b3f04afb058878],
Trojan.Zbot, C:\Users\olive\AppData\Local\Awrdworks\tmp58A1.exe, Quarantined, [62055a997c0df244a848df2005fc17e9],
Backdoor.Bot, C:\Users\olive\AppData\Local\Awrdworks\tmpFB8F.exe, Quarantined, [53142fc47f0a6cca6d5956a99c6553ad],
PUP.Optional.Spigot.A, C:\Users\olive\AppData\Roaming\Mozilla\Firefox\Profiles\1a3szy42.default\searchplugins\yahoo_ff.xml, Quarantined, [da8dc42f4e3b4beb169c78ea2ad908f8],
PUP.Optional.Sanbreel.A, C:\Windows\System32\drivers\{db0d16b6-738d-4e8c-944f-3c5beb857f38}Gw.sys, Quarantined, [323543b0553485b1aa21e697d72c17e9],
PUP.Optional.Conduit.A, C:\Users\olive\AppData\Local\CRE\ejpbbhjlbipncjklfjjaedaieimbmdda.crx, Quarantined, [fe69955e3c4de74f96785f20af542cd4],
PUP.Optional.WebSearchs.A, C:\Users\olive\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_istart.webssearches.com_0.localstorage, Quarantined, [e384668db8d165d15e6d4d328e754db3],
PUP.Optional.WebSearchs.A, C:\Users\olive\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_istart.webssearches.com_0.localstorage-journal, Quarantined, [9dca6e8529609f97c704f48bfa0921df],
PUP.Optional.LuckyTab.A, C:\Windows\System32\Tasks\LuckyTab, Quarantined, [eb7cba3947423ef8e94634b2f113867a],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\conf, Quarantined, [d49329ca830691a5fbd04bf9e71c22de],
PUP.Optional.GoPhoto.A, C:\Users\olive\AppData\LocalLow\GoPhoto.it V9.0\DTFProxyToServerSect_bCrossriderApp0034068_p2056.dat, Quarantined, [6601797afa8f37ff0cb265f204ffdf21],
PUP.Optional.GoPhoto.A, C:\Users\olive\AppData\LocalLow\GoPhoto.it V9.0\DTFProxyToServerSect_bCrossriderApp0034068_p2568.dat, Quarantined, [6601797afa8f37ff0cb265f204ffdf21],
PUP.Optional.GoPhoto.A, C:\Users\olive\AppData\LocalLow\GoPhoto.it V9.0\DTFProxyToServerSect_bCrossriderApp0034068_p3512.dat, Quarantined, [6601797afa8f37ff0cb265f204ffdf21],
PUP.Optional.GoPhoto.A, C:\Users\olive\AppData\LocalLow\GoPhoto.it V9.0\DTFProxyToServerSect_bCrossriderApp0034068_p3588.dat, Quarantined, [6601797afa8f37ff0cb265f204ffdf21],
PUP.Optional.GoPhoto.A, C:\Users\olive\AppData\LocalLow\GoPhoto.it V9.0\DTFProxyToServerSect_bCrossriderApp0034068_p3884.dat, Quarantined, [6601797afa8f37ff0cb265f204ffdf21],
PUP.Optional.GoPhoto.A, C:\Users\olive\AppData\LocalLow\GoPhoto.it V9.0\DTFProxyToServerSect_bCrossriderApp0034068_p7816.dat, Quarantined, [6601797afa8f37ff0cb265f204ffdf21],
PUP.Optional.LuckyTab.A, C:\Users\olive\AppData\Roaming\Microsoft\Windows\Start Menu\LuckyTab\Get Lucky.lnk, Quarantined, [79ee4da612771f1769b7b2ab4ab9cd33],
PUP.Optional.LuckyTab.A, C:\Users\olive\AppData\Roaming\Microsoft\Windows\Start Menu\LuckyTab\Help.lnk, Quarantined, [79ee4da612771f1769b7b2ab4ab9cd33],
PUP.Optional.WebsSearches.A, C:\Users\olive\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "startup_urls": [ "http://search.softonic.com/MON00006/tb_v1?SearchSource=48&cc=", "http://istart.webssearches.com/?typ...id=WDCXWD1200BEVS-00UST0_WD-WXEY0742991729917", "http://www.google.com/", "http://istart.webssearches.com/?type=hppp&ts=1418595098&from=exp&uid=WDCXWD1200BEVS" ],), Replaced,[aabdce25612865d1eac27c4448bdc53b]
Physical Sectors: 0
(No malicious items detected)
(end)
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 1/4/2015
Scan Time: 9:22:02 PM
Logfile: log for MBAM.txt
Administrator: Yes
Version: 2.00.4.1028
Malware Database: v2015.01.04.07
Rootkit Database: v2014.12.30.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7
CPU: x86
File System: NTFS
User: olive
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 385590
Time Elapsed: 20 min, 23 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 25
PUP.Optional.Alnaddy.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{CD3AED25-23AB-4543-B915-159449C37197}, Quarantined, [30374da6246562d41d1d39a91fe354ac],
PUP.Optional.Alnaddy.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{CD3AED25-23AB-4543-B915-159449C37197}, Quarantined, [30374da6246562d41d1d39a91fe354ac],
PUP.Optional.UTorrentControl.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{7473B6BD-4691-4744-A82B-7854EB3D70B6}, Quarantined, [5a0dfdf68504b87e1dcb7c66768c4fb1],
PUP.Optional.UTorrentControl.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{7473B6BD-4691-4744-A82B-7854EB3D70B6}, Quarantined, [5a0dfdf68504b87e1dcb7c66768c4fb1],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{5FDB0CD8-5760-44D1-8D13-A78BF558C3C7}, Quarantined, [4027aa499fea39fdb47c2cb633cf7987],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{631ACB68-57C3-48AF-9CC5-FCEC0837FFD3}, Quarantined, [5a0d5b98f396360002e1a63b29d9936d],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{796B75F6-6187-47E2-8F1F-C16E059E6E19}, Quarantined, [9acd7281177278be558911d08f731ae6],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{9359DA42-06FB-46F2-9E4A-05C05B98A5EF}, Quarantined, [7deaec07f396ea4ca889d50d2fd3659b],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{D5E9B421-C309-41DE-9014-800A2ADCDEB0}, Quarantined, [76f1668dd5b479bdf5f048997989a15f],
PUP.Optional.Sanbreel.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{db0d16b6-738d-4e8c-944f-3c5beb857f38}Gw, Quarantined, [323543b0553485b1aa21e697d72c17e9],
PUP.Optional.GoPhoto.A, HKLM\SOFTWARE\GoPhoto.it V9.0, Quarantined, [254260939ced58de41ca5b14d42f9b65],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\InboxAce_1g, Quarantined, [541317dc0e7b9a9cac455780a95b7a86],
PUP.Optional.LuckyTab.A, HKLM\SOFTWARE\LuckyTab, Quarantined, [3037e60d6227d6603ff1ab3bd92bd12f],
PUP.Optional.WPM.A, HKLM\SOFTWARE\supWindowsMangerProtect, Quarantined, [a1c633c0305934020bf0f2eadb29de22],
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, Quarantined, [5d0ab04393f67db9b4401a5203007f81],
PUP.Optional.GoPhoto.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\GoPhoto.it V9.0, Quarantined, [4d1a53a05f2a2115cc4184eb649fbc44],
PUP.Optional.TornTV.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Torntv V9.0, Quarantined, [11566f84127759dd356bfea3b74ca15f],
PUP.Optional.GoPhoto.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\GoPhoto.it V9.0, Quarantined, [8bdca1529cedf14517f6bdb229daef11],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\InboxAce_1g, Quarantined, [79ee23d07910181ed58b503c847f837d],
PUP.Optional.MyEmoticons.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Search Protection, Quarantined, [184fe60d2960ab8bda0d1092a75c24dc],
PUP.Optional.FastStart.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS, Quarantined, [d295b241167372c423beafc5f40fec14],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\FilmFanatic, Quarantined, [f7702ec5cbbe3ff7add7cdbf7e8550b0],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\InboxAce_1g, Quarantined, [a2c58d66c9c0d46227399bf146bded13],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\TelevisionFanatic, Quarantined, [8ed9d71cd8b1bb7b41247814fc07a759],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\UtilityChest_49, Quarantined, [7ee95c976128ba7c79e6a0ecca398a76],
Registry Values: 8
PUP.Optional.UTorrentControl.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{7473B6BD-4691-4744-A82B-7854EB3D70B6}, ½¶stâ??FDG¨+xTë=p¶, Quarantined, [5a0dfdf68504b87e1dcb7c66768c4fb1]
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{5FDB0CD8-5760-44D1-8D13-A78BF558C3C7}, Quarantined, [4027aa499fea39fdb47c2cb633cf7987],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{796B75F6-6187-47E2-8F1F-C16E059E6E19}, Quarantined, [9acd7281177278be558911d08f731ae6],
PUP.Optional.UTorrentControl.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{7473B6BD-4691-4744-A82B-7854EB3D70B6}, Quarantined, [ec7be211b0d90531faee3fa36e94926e],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{5fdb0cd8-5760-44d1-8d13-a78bf558c3c7}, Quarantined, [5215e211f89176c07cb4a43e91719868],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{796b75f6-6187-47e2-8f1f-c16e059e6e19}, Quarantined, [1b4cb93a434696a0de004d94dd25847c],
PUP.Optional.FastStart.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|faststartff@gmail.com, C:\Users\olive\AppData\Roaming\Mozilla\Firefox\Profiles\1a3szy42.default\extensions\faststartff@gmail.com, Quarantined, [a1c69e55e7a26ec80f067c608183cd33]
PUP.Optional.FastStart.A, HKU\S-1-5-21-2864508046-1840752021-4048113893-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, faststartff@gmail.com, Quarantined, [d295b241167372c423beafc5f40fec14]
Registry Data: 0
(No malicious items detected)
Folders: 4
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, Quarantined, [d49329ca830691a5fbd04bf9e71c22de],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, Quarantined, [d49329ca830691a5fbd04bf9e71c22de],
PUP.Optional.GoPhoto.A, C:\Users\olive\AppData\LocalLow\GoPhoto.it V9.0, Quarantined, [6601797afa8f37ff0cb265f204ffdf21],
PUP.Optional.LuckyTab.A, C:\Users\olive\AppData\Roaming\Microsoft\Windows\Start Menu\LuckyTab, Quarantined, [79ee4da612771f1769b7b2ab4ab9cd33],
Files: 21
PUP.Optional.WindowsProtectManger.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, Quarantined, [3b2c03f0cfba2f077820546e19e8857b],
Trojan.Agent.ED, C:\Users\olive\AppData\Local\Temp\UpdateFlashPlayer_43dd7ae3.exe, Quarantined, [c5a2db183a4ffa3c1844f40f8c7626da],
Hacktool.CheatEngine, C:\Users\olive\Downloads\Marvel Avengers Alliance Trainer V7 x86 - Brandons PC.rar, Quarantined, [b1b642b1761347efc3b3f04afb058878],
Trojan.Zbot, C:\Users\olive\AppData\Local\Awrdworks\tmp58A1.exe, Quarantined, [62055a997c0df244a848df2005fc17e9],
Backdoor.Bot, C:\Users\olive\AppData\Local\Awrdworks\tmpFB8F.exe, Quarantined, [53142fc47f0a6cca6d5956a99c6553ad],
PUP.Optional.Spigot.A, C:\Users\olive\AppData\Roaming\Mozilla\Firefox\Profiles\1a3szy42.default\searchplugins\yahoo_ff.xml, Quarantined, [da8dc42f4e3b4beb169c78ea2ad908f8],
PUP.Optional.Sanbreel.A, C:\Windows\System32\drivers\{db0d16b6-738d-4e8c-944f-3c5beb857f38}Gw.sys, Quarantined, [323543b0553485b1aa21e697d72c17e9],
PUP.Optional.Conduit.A, C:\Users\olive\AppData\Local\CRE\ejpbbhjlbipncjklfjjaedaieimbmdda.crx, Quarantined, [fe69955e3c4de74f96785f20af542cd4],
PUP.Optional.WebSearchs.A, C:\Users\olive\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_istart.webssearches.com_0.localstorage, Quarantined, [e384668db8d165d15e6d4d328e754db3],
PUP.Optional.WebSearchs.A, C:\Users\olive\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_istart.webssearches.com_0.localstorage-journal, Quarantined, [9dca6e8529609f97c704f48bfa0921df],
PUP.Optional.LuckyTab.A, C:\Windows\System32\Tasks\LuckyTab, Quarantined, [eb7cba3947423ef8e94634b2f113867a],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\conf, Quarantined, [d49329ca830691a5fbd04bf9e71c22de],
PUP.Optional.GoPhoto.A, C:\Users\olive\AppData\LocalLow\GoPhoto.it V9.0\DTFProxyToServerSect_bCrossriderApp0034068_p2056.dat, Quarantined, [6601797afa8f37ff0cb265f204ffdf21],
PUP.Optional.GoPhoto.A, C:\Users\olive\AppData\LocalLow\GoPhoto.it V9.0\DTFProxyToServerSect_bCrossriderApp0034068_p2568.dat, Quarantined, [6601797afa8f37ff0cb265f204ffdf21],
PUP.Optional.GoPhoto.A, C:\Users\olive\AppData\LocalLow\GoPhoto.it V9.0\DTFProxyToServerSect_bCrossriderApp0034068_p3512.dat, Quarantined, [6601797afa8f37ff0cb265f204ffdf21],
PUP.Optional.GoPhoto.A, C:\Users\olive\AppData\LocalLow\GoPhoto.it V9.0\DTFProxyToServerSect_bCrossriderApp0034068_p3588.dat, Quarantined, [6601797afa8f37ff0cb265f204ffdf21],
PUP.Optional.GoPhoto.A, C:\Users\olive\AppData\LocalLow\GoPhoto.it V9.0\DTFProxyToServerSect_bCrossriderApp0034068_p3884.dat, Quarantined, [6601797afa8f37ff0cb265f204ffdf21],
PUP.Optional.GoPhoto.A, C:\Users\olive\AppData\LocalLow\GoPhoto.it V9.0\DTFProxyToServerSect_bCrossriderApp0034068_p7816.dat, Quarantined, [6601797afa8f37ff0cb265f204ffdf21],
PUP.Optional.LuckyTab.A, C:\Users\olive\AppData\Roaming\Microsoft\Windows\Start Menu\LuckyTab\Get Lucky.lnk, Quarantined, [79ee4da612771f1769b7b2ab4ab9cd33],
PUP.Optional.LuckyTab.A, C:\Users\olive\AppData\Roaming\Microsoft\Windows\Start Menu\LuckyTab\Help.lnk, Quarantined, [79ee4da612771f1769b7b2ab4ab9cd33],
PUP.Optional.WebsSearches.A, C:\Users\olive\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "startup_urls": [ "http://search.softonic.com/MON00006/tb_v1?SearchSource=48&cc=", "http://istart.webssearches.com/?typ...id=WDCXWD1200BEVS-00UST0_WD-WXEY0742991729917", "http://www.google.com/", "http://istart.webssearches.com/?type=hppp&ts=1418595098&from=exp&uid=WDCXWD1200BEVS" ],), Replaced,[aabdce25612865d1eac27c4448bdc53b]
Physical Sectors: 0
(No malicious items detected)
(end)
HITAKU
Posts: 18 +0
AND from DDS
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 5/3/2012 12:41:07 AM
System Uptime: 1/4/2015 9:49:58 PM (0 hours ago)
.
Motherboard: Hewlett-Packard | | 30D9
Processor: Intel(R) Pentium(R) Dual CPU T2330 @ 1.60GHz | CPU | 1600/533mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 112 GiB total, 8.006 GiB free.
E: is CDROM ()
H: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Teredo Tunneling Adapter
Device ID: ROOT\*TEREDO\0000
Manufacturer: Microsoft
Name: Teredo Tunneling Pseudo-Interface
PNP Device ID: ROOT\*TEREDO\0000
Service: tunnel
.
==== System Restore Points ===================
.
RP253: 1/4/2015 8:20:15 PM - Removed Dawn of War - Soulstorm
.
==== Image File Execution Options =============
.
.
==== Installed Programs ======================
.
.
==== End Of File ===========================
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 5/3/2012 12:41:07 AM
System Uptime: 1/4/2015 9:49:58 PM (0 hours ago)
.
Motherboard: Hewlett-Packard | | 30D9
Processor: Intel(R) Pentium(R) Dual CPU T2330 @ 1.60GHz | CPU | 1600/533mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 112 GiB total, 8.006 GiB free.
E: is CDROM ()
H: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Teredo Tunneling Adapter
Device ID: ROOT\*TEREDO\0000
Manufacturer: Microsoft
Name: Teredo Tunneling Pseudo-Interface
PNP Device ID: ROOT\*TEREDO\0000
Service: tunnel
.
==== System Restore Points ===================
.
RP253: 1/4/2015 8:20:15 PM - Removed Dawn of War - Soulstorm
.
==== Image File Execution Options =============
.
.
==== Installed Programs ======================
.
.
==== End Of File ===========================
HITAKU
Posts: 18 +0
It only produced one txt file the attach.txt.
Here is it.
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 5/3/2012 12:41:07 AM
System Uptime: 1/6/2015 5:06:53 PM (9 hours ago)
.
Motherboard: Hewlett-Packard | | 30D9
Processor: Intel(R) Pentium(R) Dual CPU T2330 @ 1.60GHz | CPU | 1600/533mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 112 GiB total, 9.725 GiB free.
E: is CDROM ()
H: is Removable
J: is FIXED (NTFS) - 298 GiB total, 2.793 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Teredo Tunneling Adapter
Device ID: ROOT\*TEREDO\0000
Manufacturer: Microsoft
Name: Teredo Tunneling Pseudo-Interface
PNP Device ID: ROOT\*TEREDO\0000
Service: tunnel
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Image File Execution Options =============
.
.
==== Installed Programs ======================
.
.
==== End Of File ===========================
Here is it.
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 5/3/2012 12:41:07 AM
System Uptime: 1/6/2015 5:06:53 PM (9 hours ago)
.
Motherboard: Hewlett-Packard | | 30D9
Processor: Intel(R) Pentium(R) Dual CPU T2330 @ 1.60GHz | CPU | 1600/533mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 112 GiB total, 9.725 GiB free.
E: is CDROM ()
H: is Removable
J: is FIXED (NTFS) - 298 GiB total, 2.793 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Teredo Tunneling Adapter
Device ID: ROOT\*TEREDO\0000
Manufacturer: Microsoft
Name: Teredo Tunneling Pseudo-Interface
PNP Device ID: ROOT\*TEREDO\0000
Service: tunnel
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Image File Execution Options =============
.
.
==== Installed Programs ======================
.
.
==== End Of File ===========================
Broni
Posts: 56,041 +516
Download TDSSKiller and save it to your desktop.
- Doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
- If an infected file is detected, the default action will be Cure, click on Continue.
- If a suspicious file is detected, the default action will be Skip, click on Continue.
- It may ask you to reboot the computer to complete the process. Click on Reboot Now.
- If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
- If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
HITAKU
Posts: 18 +0
The link direct me to the site but after 10 sec it says " Page not found"
here where it directed me: "http://media.kaspersky.com/utilities/VirusUtilities/EN/tdsskiller.exe"
here where it directed me: "http://media.kaspersky.com/utilities/VirusUtilities/EN/tdsskiller.exe"
Broni
Posts: 56,041 +516
Uploaded it for you here: https://www.sendspace.com/file/khqkgn
HITAKU
Posts: 18 +0
Here's for the tdss.
19:13:35.0560 0x08d0 TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
19:13:39.0922 0x08d0 ============================================================
19:13:39.0922 0x08d0 Current date / time: 2015/01/08 19:13:39.0922
19:13:39.0923 0x08d0 SystemInfo:
19:13:39.0923 0x08d0
19:13:39.0923 0x08d0 OS Version: 6.1.7600 ServicePack: 0.0
19:13:39.0923 0x08d0 Product type: Workstation
19:13:39.0923 0x08d0 ComputerName: OLIVE-PC
19:13:39.0925 0x08d0 UserName: olive
19:13:39.0925 0x08d0 Windows directory: C:\Windows
19:13:39.0925 0x08d0 System windows directory: C:\Windows
19:13:39.0925 0x08d0 Processor architecture: Intel x86
19:13:39.0925 0x08d0 Number of processors: 2
19:13:39.0925 0x08d0 Page size: 0x1000
19:13:39.0925 0x08d0 Boot type: Normal boot
19:13:39.0925 0x08d0 ============================================================
19:13:43.0671 0x08d0 KLMD registered as C:\Windows\system32\drivers\78542569.sys
19:13:44.0100 0x08d0 System UUID: {C8CBF445-03A0-52DC-9B0F-1FB9B98FC570}
19:13:44.0942 0x08d0 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:13:44.0948 0x08d0 ============================================================
19:13:44.0948 0x08d0 \Device\Harddisk0\DR0:
19:13:44.0948 0x08d0 MBR partitions:
19:13:44.0948 0x08d0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:13:44.0948 0x08d0 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61000
19:13:44.0948 0x08d0 ============================================================
19:13:44.0987 0x08d0 C: <-> \Device\Harddisk0\DR0\Partition2
19:13:44.0987 0x08d0 ============================================================
19:13:44.0988 0x08d0 Initialize success
19:13:44.0988 0x08d0 ============================================================
19:13:47.0215 0x1048 ============================================================
19:13:47.0215 0x1048 Scan started
19:13:47.0215 0x1048 Mode: Manual;
19:13:47.0215 0x1048 ============================================================
19:13:47.0215 0x1048 KSN ping started
19:14:01.0257 0x1048 KSN ping finished: true
19:14:03.0568 0x1048 ================ Scan system memory ========================
19:14:03.0568 0x1048 System memory - ok
19:14:03.0568 0x1048 ================ Scan services =============================
19:14:03.0790 0x1048 [ 6D2ACA41739BFE8CB86EE8E85F29697D, 74A4F53C8309A8E5E94CDE4D440DD5308566185E6D8D98FD08E70A25BD728C91 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
19:14:03.0839 0x1048 1394ohci - ok
19:14:03.0917 0x1048 [ F0E07D144C8685B8774BC32FC8DA4DF0, 39816ED2623CA9ABE2B2EDCDB2F8481634742F00FEEF7E324F34D2BAAD668A67 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
19:14:03.0934 0x1048 ACPI - ok
19:14:03.0962 0x1048 [ 98D81CA942D19F7D9153B095162AC013, ACE5C073323176621F3312AA9B1EE1A3382F8CDD590D90DC57B34035FD6BC281 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
19:14:04.0008 0x1048 AcpiPmi - ok
19:14:04.0471 0x1048 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
19:14:04.0526 0x1048 AdobeARMservice - ok
19:14:04.0632 0x1048 [ A6B6AB9502B63F43A9A56AE6AFB22078, DD1F0BA3D8F3333F52A71EAE3719A001F6EF844D647FFABF0E4C56C6C764ACA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:14:04.0653 0x1048 AdobeFlashPlayerUpdateSvc - ok
19:14:04.0724 0x1048 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:14:04.0805 0x1048 adp94xx - ok
19:14:04.0857 0x1048 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:14:04.0943 0x1048 adpahci - ok
19:14:04.0985 0x1048 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:14:05.0109 0x1048 adpu320 - ok
19:14:05.0178 0x1048 [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:14:05.0188 0x1048 AeLookupSvc - ok
19:14:05.0246 0x1048 [ DDC040FDB01EF1712A6B13E52AFB104C, BF17E91BBB85A04F1EEF580CD006101332CDE5B876A0D04C6932F30707BB184F ] AFD C:\Windows\system32\drivers\afd.sys
19:14:05.0281 0x1048 AFD - ok
19:14:05.0308 0x1048 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
19:14:05.0359 0x1048 agp440 - ok
19:14:05.0404 0x1048 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
19:14:05.0472 0x1048 aic78xx - ok
19:14:05.0521 0x1048 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
19:14:05.0606 0x1048 ALG - ok
19:14:05.0639 0x1048 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
19:14:05.0694 0x1048 aliide - ok
19:14:05.0719 0x1048 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\DRIVERS\amdagp.sys
19:14:05.0784 0x1048 amdagp - ok
19:14:05.0818 0x1048 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
19:14:05.0865 0x1048 amdide - ok
19:14:05.0901 0x1048 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:14:05.0995 0x1048 AmdK8 - ok
19:14:06.0020 0x1048 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:14:06.0070 0x1048 AmdPPM - ok
19:14:06.0101 0x1048 [ 2101A86C25C154F8314B24EF49D7FBC2, E4C1326CF55850793B45B2BFDF361C4E98A07FB13E08BFD6DB50135489700998 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
19:14:06.0198 0x1048 amdsata - ok
19:14:06.0223 0x1048 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:14:06.0345 0x1048 amdsbs - ok
19:14:06.0370 0x1048 [ B81C2B5616F6420A9941EA093A92B150, DA2000C9E06533232F8716A6674BC9DFD5C3AAE1FC46F7A91B8E917DB913F42F ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
19:14:06.0378 0x1048 amdxata - ok
19:14:06.0465 0x1048 [ 3A2154B4F22AF4771F40B8F2FC7DBBF6, D7DD16B071E84306DFAFDED4D1CECD696D5FAC167CFB434223B5AEE97B3093E2 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
19:14:06.0554 0x1048 ApfiltrService - ok
19:14:06.0589 0x1048 [ FEB834C02CE1E84B6A38F953CA067706, E5A7F8B632ABFBD1283C3D44FB02449814EDB653B204E1720DAA780A6D64FD01 ] AppID C:\Windows\system32\drivers\appid.sys
19:14:06.0636 0x1048 AppID - ok
19:14:06.0666 0x1048 [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:14:06.0694 0x1048 AppIDSvc - ok
19:14:06.0728 0x1048 [ 7DEAD9E3F65DCB2794F2711003BBF650, F541C30EEFD1BDB70F361B878B6E51DC728873695DD137148CE531FBACCDA21B ] Appinfo C:\Windows\System32\appinfo.dll
19:14:06.0733 0x1048 Appinfo - ok
19:14:06.0815 0x1048 [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt C:\Windows\System32\appmgmts.dll
19:14:06.0895 0x1048 AppMgmt - ok
19:14:06.0956 0x1048 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\DRIVERS\arc.sys
19:14:07.0010 0x1048 arc - ok
19:14:07.0035 0x1048 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:14:07.0095 0x1048 arcsas - ok
19:14:07.0243 0x1048 [ 2FE0D5DB69014980A970D3BF9A85D2B1, 3837F176B0CB7FEA2689D90B50B62F660FE579A5EB1E47C827DFA95596B72D1E ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
19:14:07.0329 0x1048 aspnet_state - ok
19:14:07.0367 0x1048 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:14:07.0400 0x1048 AsyncMac - ok
19:14:07.0426 0x1048 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\DRIVERS\atapi.sys
19:14:07.0428 0x1048 atapi - ok
19:14:07.0499 0x1048 [ 510C873BFA135AA829F4180352772734, BC528D840EB338B0C5D11801C63D8EADD40AF8043DC77ACB4B42E8D20767538F ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:14:07.0521 0x1048 AudioEndpointBuilder - ok
19:14:07.0566 0x1048 [ 510C873BFA135AA829F4180352772734, BC528D840EB338B0C5D11801C63D8EADD40AF8043DC77ACB4B42E8D20767538F ] Audiosrv C:\Windows\System32\Audiosrv.dll
19:14:07.0581 0x1048 Audiosrv - ok
19:14:07.0659 0x1048 [ CB2C2B24BD7E64CFB2B24D401FF5BBC0, F48ABD9F5BF91BF5F25E6D5EE02647F7DD8E1C1A11FEEE2C1C1B3BD34E3D0F85 ] Avgdiskx C:\Windows\system32\DRIVERS\avgdiskx.sys
19:14:07.0711 0x1048 Avgdiskx - ok
19:14:08.0028 0x1048 [ 225B28E9303D375314C744AE181DF95F, 6BC8F19F6B4D901661022CD8F4EA90A8F1895B6B3BD1225B3708E2CBDCAB8D50 ] AVGIDSAgent C:\Program Files\AVG\AVG2015\avgidsagent.exe
19:14:08.0187 0x1048 AVGIDSAgent - ok
19:14:08.0266 0x1048 [ EB1AA821F99D5D2DA05511AE8D4704C4, 68AE41B7DA35200B24E27733DC05D9DA1F2D4C98524531AB8F1BD2AB4AFC831C ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdriverx.sys
19:14:08.0312 0x1048 AVGIDSDriver - ok
19:14:08.0356 0x1048 [ D1663A0114691080C624D857A8343D5B, 8E7029A8FE7A62F4BED7687C54699D0709876D05D93CAA499B4BC69BF8C59091 ] AVGIDSHX C:\Windows\system32\DRIVERS\avgidshx.sys
19:14:08.0362 0x1048 AVGIDSHX - ok
19:14:08.0414 0x1048 [ 2429F7F025F63532B6B264D97E4ECA49, EDE2C88B3B4B2A3AC59A3AB0B2FEC1D2CC75AA8AFFF0F5011D07AB4F053390D9 ] AVGIDSShim C:\Windows\system32\DRIVERS\avgidsshimx.sys
19:14:08.0438 0x1048 AVGIDSShim - ok
19:14:08.0493 0x1048 [ 9AFD535116E986D49877B811F3665E8E, 6843415ED638BB26A17BE9AB7A49D36070A588088256D4D0D1B4789FBDA6730B ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys
19:14:08.0526 0x1048 Avgldx86 - ok
19:14:08.0607 0x1048 [ D94378757947E02AE9BC484DF196A44D, 91B711C07320EFFDB780356EF84D39A06673198C4E0B45EE1D1412B996CB9227 ] Avglogx C:\Windows\system32\DRIVERS\avglogx.sys
19:14:08.0614 0x1048 Avglogx - ok
19:14:08.0668 0x1048 [ 35DD83C14AA01F4817BA46A4D6B6A520, 563619CDFC2ACC061C2421091E3527CA3C6C5F595008C5E9E45CFBE954D45841 ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys
19:14:08.0672 0x1048 Avgmfx86 - ok
19:14:08.0745 0x1048 [ F016B95273E0B1961F204F7FD2FFD811, 9F89323177B68DEDE6B1F09790E6A978376B4FCBDC029283B297A3C4D9B242FF ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys
19:14:08.0747 0x1048 Avgrkx86 - ok
19:14:08.0785 0x1048 [ 5A22A7A67BFB67D3223B7A339FC97780, 1DADB75B30665866FC93DADDC1EC9F612CD8CE5EC8582BCAF2A527FFDAFF8DBE ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys
19:14:08.0861 0x1048 Avgtdix - ok
19:14:08.0944 0x1048 [ 4A00A998F421769A47A858FC1C8AE87A, 9FB642CA8C7094B8BFDEB2D806909D7B62E7F1CD0B29B6CDC928A6F046E240C2 ] avgtp C:\Windows\system32\drivers\avgtpx86.sys
19:14:08.0983 0x1048 avgtp - ok
19:14:09.0035 0x1048 [ 2B38C7E964FA19A298D04CA177FF8B6F, B233B6AD03217AD72A8F4253FDCF182E6007B5D28178F38BDCACBC16BD69D0CB ] avgwd C:\Program Files\AVG\AVG2015\avgwdsvc.exe
19:14:09.0045 0x1048 avgwd - ok
19:14:09.0098 0x1048 [ DD6A431B43E34B91A767D1CE33728175, 8BFF6474C9DFBEC96FA7B2789EF9B17C7910B52DBCF70CDA1F0C698CFA5EFB6E ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:14:09.0123 0x1048 AxInstSV - ok
19:14:09.0181 0x1048 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
19:14:09.0245 0x1048 b06bdrv - ok
19:14:09.0286 0x1048 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
19:14:09.0388 0x1048 b57nd60x - ok
19:14:09.0453 0x1048 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
19:14:09.0478 0x1048 BDESVC - ok
19:14:09.0495 0x1048 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
19:14:09.0525 0x1048 Beep - ok
19:14:09.0577 0x1048 [ 85AC71C045CEB054ED48A7841AAE0C11, BA0C0CC50E5C49838116AC9A12A7CF1A683601FD08D3CF6EC06620C51C0806FF ] BFE C:\Windows\System32\bfe.dll
19:14:09.0611 0x1048 BFE - ok
19:14:09.0677 0x1048 [ 53F476476F55A27F580661BDE09C4EC4, 90DFBF97F011CFF41D2CFA2E33978BC746A7E693AC75EED1436130C4F10B4E67 ] BITS C:\Windows\system32\qmgr.dll
19:14:09.0699 0x1048 BITS - ok
19:14:09.0728 0x1048 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:14:09.0761 0x1048 blbdrive - ok
19:14:09.0780 0x1048 [ FCAFAEF6798D7B51FF029F99A9898961, BFB37686B1386EB883B99DB6AC342C20514939F8B7A5CEC5D63865B3DC2B4D4F ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:14:09.0785 0x1048 bowser - ok
19:14:09.0809 0x1048 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:14:09.0848 0x1048 BrFiltLo - ok
19:14:09.0868 0x1048 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:14:09.0913 0x1048 BrFiltUp - ok
19:14:09.0974 0x1048 [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
19:14:10.0013 0x1048 BridgeMP - ok
19:14:10.0051 0x1048 [ 598E1280E7FF3744F4B8329366CC5635, 9B6392AEBE7EF26253487AF8C7C114822ABB187BA32DA8DBF622DB1B8DA6F1C0 ] Browser C:\Windows\System32\browser.dll
19:14:10.0055 0x1048 Browser - ok
19:14:10.0098 0x1048 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:14:10.0159 0x1048 Brserid - ok
19:14:10.0180 0x1048 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:14:10.0223 0x1048 BrSerWdm - ok
19:14:10.0248 0x1048 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:14:10.0294 0x1048 BrUsbMdm - ok
19:14:10.0318 0x1048 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:14:10.0351 0x1048 BrUsbSer - ok
19:14:10.0374 0x1048 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:14:10.0407 0x1048 BTHMODEM - ok
19:14:10.0442 0x1048 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
19:14:10.0469 0x1048 bthserv - ok
19:14:10.0538 0x1048 catchme - ok
19:14:10.0564 0x1048 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:14:10.0601 0x1048 cdfs - ok
19:14:10.0646 0x1048 [ BA6E70AA0E6091BC39DE29477D866A77, A17A68BDA46995F75FB1C2C593A81CD3B2BFE290CEAA45FA2380DDF5537A23C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:14:10.0689 0x1048 cdrom - ok
19:14:10.0722 0x1048 [ 628A9E30EC5E18DD5DE6BE4DBDC12198, DDA43DCCB195440D6BD5752BD00D984F45BD6D23DBE2A656C33E3CD1E5D17AD7 ] CertPropSvc C:\Windows\System32\certprop.dll
19:14:10.0770 0x1048 CertPropSvc - ok
19:14:10.0805 0x1048 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:14:10.0838 0x1048 circlass - ok
19:14:10.0870 0x1048 [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS C:\Windows\system32\CLFS.sys
19:14:10.0882 0x1048 CLFS - ok
19:14:10.0936 0x1048 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:14:10.0988 0x1048 clr_optimization_v2.0.50727_32 - ok
19:14:11.0062 0x1048 [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:14:11.0118 0x1048 clr_optimization_v4.0.30319_32 - ok
19:14:11.0165 0x1048 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:14:11.0212 0x1048 CmBatt - ok
19:14:11.0233 0x1048 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
19:14:11.0274 0x1048 cmdide - ok
19:14:11.0308 0x1048 [ 1B675691ED940766149C93E8F4488D68, A55C41B2B343B1CF53D737ED1752D0510052094FFC60FDB833279A8A52398132 ] CNG C:\Windows\system32\Drivers\cng.sys
19:14:11.0337 0x1048 CNG - ok
19:14:11.0378 0x1048 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:14:11.0381 0x1048 Compbatt - ok
19:14:11.0422 0x1048 [ F1724BA27E97D627F808FB0BA77A28A6, F7D69082EEFEC0FB8B309F6AEE282D4A5DFC1A40851ED65904AA9582C5DEA5AB ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
19:14:11.0469 0x1048 CompositeBus - ok
19:14:11.0489 0x1048 COMSysApp - ok
19:14:11.0520 0x1048 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:14:11.0581 0x1048 crcdisk - ok
19:14:11.0630 0x1048 [ 9C231178CE4FB385F4B54B0A9080B8A4, 08EFAEBFF68D5CCE432D75116ED4BDC63FEA651459C9AD363CBEEDB769806527 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:14:11.0637 0x1048 CryptSvc - ok
19:14:11.0687 0x1048 [ 27C9490BDD0AE48911AB8CF1932591ED, 751F576F797F8A7BA576C32598BD6FD2E60D4FACC7836CC5BA3F68C38D27CCCA ] CSC C:\Windows\system32\drivers\csc.sys
19:14:11.0772 0x1048 CSC - ok
19:14:11.0822 0x1048 [ 56FB5F222EA30D3D3FC459879772CB73, 2C4646774575858E26DBA9C73853E06D0BD18CC8A4C73C633071FF5FE04CA0F4 ] CscService C:\Windows\System32\cscsvc.dll
19:14:11.0866 0x1048 CscService - ok
19:14:11.0927 0x1048 [ B82CD39E336973359D7C9BF911E8E84F, 45DB8F1E88FC25A81D2F3C2F8A8CDB6B34C44950B038E24FB71DCDD9823DB22A ] DcomLaunch C:\Windows\system32\rpcss.dll
19:14:11.0945 0x1048 DcomLaunch - ok
19:14:12.0003 0x1048 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
19:14:12.0060 0x1048 defragsvc - ok
19:14:12.0104 0x1048 [ 8E09E52EE2E3CEB199EF3DD99CF9E3FB, B03D0CF11C1D0DCBB76E74D796F3AFA2F9598C918017C29670BED4E3A9962EF5 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:14:12.0162 0x1048 DfsC - ok
19:14:12.0571 0x1048 [ 560B0DCE52DFED6623B27C9BAFA6F236, BB4156BB1CCA64CCDE065870DAE56CD58BF05CEBF7C3B17C7A821FDF02A8B157 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
19:14:12.0649 0x1048 dg_ssudbus - ok
19:14:12.0702 0x1048 [ C56495FBD770712367CAD35E5DE72DA6, 9D5456A2E208F542F0B6C951EFCABA2A10919777C4287D7298A28F543D5BAC32 ] Dhcp C:\Windows\system32\dhcpcore.dll
19:14:12.0712 0x1048 Dhcp - ok
19:14:12.0757 0x1048 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
19:14:12.0782 0x1048 discache - ok
19:14:12.0937 0x1048 [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:14:12.0940 0x1048 Disk - ok
19:14:13.0061 0x1048 [ D0722E963D3C6145446874241401B209, 542B3E6EC7E0161AB4732380343139959775E749996A97684A5D423833DDB196 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:14:13.0068 0x1048 Dnscache - ok
19:14:13.0104 0x1048 [ 4408C85C21EEA48EB0CE486BAEEF0502, 67EA726F4053665D94D7790EC89616EA0698A7548073A9211E3F75937B4384BE ] dot3svc C:\Windows\System32\dot3svc.dll
19:14:13.0164 0x1048 dot3svc - ok
19:14:13.0211 0x1048 [ 7FA81C6E11CAA594ADB52084DA73A1E5, 9ED1C585D9CA091E75E4A2A1E5B923B104EBDC5FC9D12154DE909C583E4D0CAE ] DPS C:\Windows\system32\dps.dll
19:14:13.0237 0x1048 DPS - ok
19:14:13.0293 0x1048 [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:14:13.0344 0x1048 drmkaud - ok
19:14:13.0396 0x1048 [ 39806CFEDDCC55E686A49BCCD2972F23, EFD5816D3E8E7F0F8D8E52AB9C534737F32D2D6D3EACCA78940792C553881C64 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:14:13.0522 0x1048 DXGKrnl - ok
19:14:13.0574 0x1048 EagleXNt - ok
19:14:13.0624 0x1048 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
19:14:13.0635 0x1048 EapHost - ok
19:14:13.0840 0x1048 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
19:14:14.0197 0x1048 ebdrv - ok
19:14:14.0248 0x1048 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] EFS C:\Windows\System32\lsass.exe
19:14:14.0252 0x1048 EFS - ok
19:14:14.0327 0x1048 [ 3A74A6E33685662B125A3269B1F2114F, 183E180E4B35E549B5D7363D926E17226FF70CFDE7328F7B0B3676B9A27E2569 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:14:14.0726 0x1048 ehRecvr - ok
19:14:14.0776 0x1048 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
19:14:14.0816 0x1048 ehSched - ok
19:14:14.0881 0x1048 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:14:14.0962 0x1048 elxstor - ok
19:14:14.0990 0x1048 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
19:14:15.0028 0x1048 ErrDev - ok
19:14:15.0098 0x1048 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
19:14:15.0120 0x1048 EventSystem - ok
19:14:15.0171 0x1048 ewusbnet - ok
19:14:15.0229 0x1048 [ 57C171EA22F0A7F068FCB0CAEDD1E8E7, 9AAF39AA22372FB8582C1422581C08E61444BF843E1CE2E199EB00FBEA6F9C06 ] ew_hwusbdev C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
19:14:15.0275 0x1048 ew_hwusbdev - ok
19:14:15.0319 0x1048 [ 08003548A6E614261401DCB57913565A, 72E7B313925CD37403ABA4823ECA5FB530D97E80E6D3B1C14D390586A533D5EA ] ew_usbenumfilter C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys
19:14:15.0353 0x1048 ew_usbenumfilter - ok
19:14:15.0377 0x1048 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
19:14:15.0384 0x1048 exfat - ok
19:14:15.0417 0x1048 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:14:15.0424 0x1048 fastfat - ok
19:14:15.0492 0x1048 [ F7EA23CC5E6BF2181F3F399D54F6EFC1, 4659A2EDC5D5171668FB20BED7B56466A674876888519D6F524F7456EBD11263 ] Fax C:\Windows\system32\fxssvc.exe
19:14:15.0509 0x1048 Fax - ok
19:14:15.0536 0x1048 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:14:15.0572 0x1048 fdc - ok
19:14:15.0605 0x1048 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
19:14:15.0607 0x1048 fdPHost - ok
19:14:15.0628 0x1048 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
19:14:15.0631 0x1048 FDResPub - ok
19:14:15.0651 0x1048 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:14:15.0654 0x1048 FileInfo - ok
19:14:15.0671 0x1048 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:14:15.0704 0x1048 Filetrace - ok
19:14:15.0724 0x1048 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:14:15.0758 0x1048 flpydisk - ok
19:14:15.0787 0x1048 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:14:15.0794 0x1048 FltMgr - ok
19:14:15.0852 0x1048 [ B6512A85815FDC3D560C3705F5BDB93D, A04D60BF4649DD7582C0E26E9CED93841D8B2729FDF6E1551F48A94AFD5A6436 ] FontCache C:\Windows\system32\FntCache.dll
19:14:15.0885 0x1048 FontCache - ok
19:14:15.0925 0x1048 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:14:16.0011 0x1048 FontCache3.0.0.0 - ok
19:14:16.0038 0x1048 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:14:16.0083 0x1048 FsDepends - ok
19:14:16.0105 0x1048 [ A574B4360E438977038AAE4BF60D79A2, 7255CCDDDAC4853FA72E6487408C4B7390CBA37549CE952929B2A9CF3327C616 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:14:16.0108 0x1048 Fs_Rec - ok
19:14:16.0145 0x1048 [ 5592F5DBA26282D24D2B080EB438A4D7, 5376D6CFFE9A1406CFA0BF4325EB65206F57A5C50034DA7EB4238BEB08D4D6DB ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:14:16.0156 0x1048 fvevol - ok
19:14:16.0195 0x1048 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:14:16.0249 0x1048 gagp30kx - ok
-continue-
19:13:35.0560 0x08d0 TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
19:13:39.0922 0x08d0 ============================================================
19:13:39.0922 0x08d0 Current date / time: 2015/01/08 19:13:39.0922
19:13:39.0923 0x08d0 SystemInfo:
19:13:39.0923 0x08d0
19:13:39.0923 0x08d0 OS Version: 6.1.7600 ServicePack: 0.0
19:13:39.0923 0x08d0 Product type: Workstation
19:13:39.0923 0x08d0 ComputerName: OLIVE-PC
19:13:39.0925 0x08d0 UserName: olive
19:13:39.0925 0x08d0 Windows directory: C:\Windows
19:13:39.0925 0x08d0 System windows directory: C:\Windows
19:13:39.0925 0x08d0 Processor architecture: Intel x86
19:13:39.0925 0x08d0 Number of processors: 2
19:13:39.0925 0x08d0 Page size: 0x1000
19:13:39.0925 0x08d0 Boot type: Normal boot
19:13:39.0925 0x08d0 ============================================================
19:13:43.0671 0x08d0 KLMD registered as C:\Windows\system32\drivers\78542569.sys
19:13:44.0100 0x08d0 System UUID: {C8CBF445-03A0-52DC-9B0F-1FB9B98FC570}
19:13:44.0942 0x08d0 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:13:44.0948 0x08d0 ============================================================
19:13:44.0948 0x08d0 \Device\Harddisk0\DR0:
19:13:44.0948 0x08d0 MBR partitions:
19:13:44.0948 0x08d0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:13:44.0948 0x08d0 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61000
19:13:44.0948 0x08d0 ============================================================
19:13:44.0987 0x08d0 C: <-> \Device\Harddisk0\DR0\Partition2
19:13:44.0987 0x08d0 ============================================================
19:13:44.0988 0x08d0 Initialize success
19:13:44.0988 0x08d0 ============================================================
19:13:47.0215 0x1048 ============================================================
19:13:47.0215 0x1048 Scan started
19:13:47.0215 0x1048 Mode: Manual;
19:13:47.0215 0x1048 ============================================================
19:13:47.0215 0x1048 KSN ping started
19:14:01.0257 0x1048 KSN ping finished: true
19:14:03.0568 0x1048 ================ Scan system memory ========================
19:14:03.0568 0x1048 System memory - ok
19:14:03.0568 0x1048 ================ Scan services =============================
19:14:03.0790 0x1048 [ 6D2ACA41739BFE8CB86EE8E85F29697D, 74A4F53C8309A8E5E94CDE4D440DD5308566185E6D8D98FD08E70A25BD728C91 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
19:14:03.0839 0x1048 1394ohci - ok
19:14:03.0917 0x1048 [ F0E07D144C8685B8774BC32FC8DA4DF0, 39816ED2623CA9ABE2B2EDCDB2F8481634742F00FEEF7E324F34D2BAAD668A67 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
19:14:03.0934 0x1048 ACPI - ok
19:14:03.0962 0x1048 [ 98D81CA942D19F7D9153B095162AC013, ACE5C073323176621F3312AA9B1EE1A3382F8CDD590D90DC57B34035FD6BC281 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
19:14:04.0008 0x1048 AcpiPmi - ok
19:14:04.0471 0x1048 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
19:14:04.0526 0x1048 AdobeARMservice - ok
19:14:04.0632 0x1048 [ A6B6AB9502B63F43A9A56AE6AFB22078, DD1F0BA3D8F3333F52A71EAE3719A001F6EF844D647FFABF0E4C56C6C764ACA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:14:04.0653 0x1048 AdobeFlashPlayerUpdateSvc - ok
19:14:04.0724 0x1048 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:14:04.0805 0x1048 adp94xx - ok
19:14:04.0857 0x1048 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:14:04.0943 0x1048 adpahci - ok
19:14:04.0985 0x1048 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:14:05.0109 0x1048 adpu320 - ok
19:14:05.0178 0x1048 [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:14:05.0188 0x1048 AeLookupSvc - ok
19:14:05.0246 0x1048 [ DDC040FDB01EF1712A6B13E52AFB104C, BF17E91BBB85A04F1EEF580CD006101332CDE5B876A0D04C6932F30707BB184F ] AFD C:\Windows\system32\drivers\afd.sys
19:14:05.0281 0x1048 AFD - ok
19:14:05.0308 0x1048 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
19:14:05.0359 0x1048 agp440 - ok
19:14:05.0404 0x1048 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
19:14:05.0472 0x1048 aic78xx - ok
19:14:05.0521 0x1048 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
19:14:05.0606 0x1048 ALG - ok
19:14:05.0639 0x1048 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
19:14:05.0694 0x1048 aliide - ok
19:14:05.0719 0x1048 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\DRIVERS\amdagp.sys
19:14:05.0784 0x1048 amdagp - ok
19:14:05.0818 0x1048 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
19:14:05.0865 0x1048 amdide - ok
19:14:05.0901 0x1048 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:14:05.0995 0x1048 AmdK8 - ok
19:14:06.0020 0x1048 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:14:06.0070 0x1048 AmdPPM - ok
19:14:06.0101 0x1048 [ 2101A86C25C154F8314B24EF49D7FBC2, E4C1326CF55850793B45B2BFDF361C4E98A07FB13E08BFD6DB50135489700998 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
19:14:06.0198 0x1048 amdsata - ok
19:14:06.0223 0x1048 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:14:06.0345 0x1048 amdsbs - ok
19:14:06.0370 0x1048 [ B81C2B5616F6420A9941EA093A92B150, DA2000C9E06533232F8716A6674BC9DFD5C3AAE1FC46F7A91B8E917DB913F42F ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
19:14:06.0378 0x1048 amdxata - ok
19:14:06.0465 0x1048 [ 3A2154B4F22AF4771F40B8F2FC7DBBF6, D7DD16B071E84306DFAFDED4D1CECD696D5FAC167CFB434223B5AEE97B3093E2 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
19:14:06.0554 0x1048 ApfiltrService - ok
19:14:06.0589 0x1048 [ FEB834C02CE1E84B6A38F953CA067706, E5A7F8B632ABFBD1283C3D44FB02449814EDB653B204E1720DAA780A6D64FD01 ] AppID C:\Windows\system32\drivers\appid.sys
19:14:06.0636 0x1048 AppID - ok
19:14:06.0666 0x1048 [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:14:06.0694 0x1048 AppIDSvc - ok
19:14:06.0728 0x1048 [ 7DEAD9E3F65DCB2794F2711003BBF650, F541C30EEFD1BDB70F361B878B6E51DC728873695DD137148CE531FBACCDA21B ] Appinfo C:\Windows\System32\appinfo.dll
19:14:06.0733 0x1048 Appinfo - ok
19:14:06.0815 0x1048 [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt C:\Windows\System32\appmgmts.dll
19:14:06.0895 0x1048 AppMgmt - ok
19:14:06.0956 0x1048 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\DRIVERS\arc.sys
19:14:07.0010 0x1048 arc - ok
19:14:07.0035 0x1048 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:14:07.0095 0x1048 arcsas - ok
19:14:07.0243 0x1048 [ 2FE0D5DB69014980A970D3BF9A85D2B1, 3837F176B0CB7FEA2689D90B50B62F660FE579A5EB1E47C827DFA95596B72D1E ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
19:14:07.0329 0x1048 aspnet_state - ok
19:14:07.0367 0x1048 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:14:07.0400 0x1048 AsyncMac - ok
19:14:07.0426 0x1048 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\DRIVERS\atapi.sys
19:14:07.0428 0x1048 atapi - ok
19:14:07.0499 0x1048 [ 510C873BFA135AA829F4180352772734, BC528D840EB338B0C5D11801C63D8EADD40AF8043DC77ACB4B42E8D20767538F ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:14:07.0521 0x1048 AudioEndpointBuilder - ok
19:14:07.0566 0x1048 [ 510C873BFA135AA829F4180352772734, BC528D840EB338B0C5D11801C63D8EADD40AF8043DC77ACB4B42E8D20767538F ] Audiosrv C:\Windows\System32\Audiosrv.dll
19:14:07.0581 0x1048 Audiosrv - ok
19:14:07.0659 0x1048 [ CB2C2B24BD7E64CFB2B24D401FF5BBC0, F48ABD9F5BF91BF5F25E6D5EE02647F7DD8E1C1A11FEEE2C1C1B3BD34E3D0F85 ] Avgdiskx C:\Windows\system32\DRIVERS\avgdiskx.sys
19:14:07.0711 0x1048 Avgdiskx - ok
19:14:08.0028 0x1048 [ 225B28E9303D375314C744AE181DF95F, 6BC8F19F6B4D901661022CD8F4EA90A8F1895B6B3BD1225B3708E2CBDCAB8D50 ] AVGIDSAgent C:\Program Files\AVG\AVG2015\avgidsagent.exe
19:14:08.0187 0x1048 AVGIDSAgent - ok
19:14:08.0266 0x1048 [ EB1AA821F99D5D2DA05511AE8D4704C4, 68AE41B7DA35200B24E27733DC05D9DA1F2D4C98524531AB8F1BD2AB4AFC831C ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdriverx.sys
19:14:08.0312 0x1048 AVGIDSDriver - ok
19:14:08.0356 0x1048 [ D1663A0114691080C624D857A8343D5B, 8E7029A8FE7A62F4BED7687C54699D0709876D05D93CAA499B4BC69BF8C59091 ] AVGIDSHX C:\Windows\system32\DRIVERS\avgidshx.sys
19:14:08.0362 0x1048 AVGIDSHX - ok
19:14:08.0414 0x1048 [ 2429F7F025F63532B6B264D97E4ECA49, EDE2C88B3B4B2A3AC59A3AB0B2FEC1D2CC75AA8AFFF0F5011D07AB4F053390D9 ] AVGIDSShim C:\Windows\system32\DRIVERS\avgidsshimx.sys
19:14:08.0438 0x1048 AVGIDSShim - ok
19:14:08.0493 0x1048 [ 9AFD535116E986D49877B811F3665E8E, 6843415ED638BB26A17BE9AB7A49D36070A588088256D4D0D1B4789FBDA6730B ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys
19:14:08.0526 0x1048 Avgldx86 - ok
19:14:08.0607 0x1048 [ D94378757947E02AE9BC484DF196A44D, 91B711C07320EFFDB780356EF84D39A06673198C4E0B45EE1D1412B996CB9227 ] Avglogx C:\Windows\system32\DRIVERS\avglogx.sys
19:14:08.0614 0x1048 Avglogx - ok
19:14:08.0668 0x1048 [ 35DD83C14AA01F4817BA46A4D6B6A520, 563619CDFC2ACC061C2421091E3527CA3C6C5F595008C5E9E45CFBE954D45841 ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys
19:14:08.0672 0x1048 Avgmfx86 - ok
19:14:08.0745 0x1048 [ F016B95273E0B1961F204F7FD2FFD811, 9F89323177B68DEDE6B1F09790E6A978376B4FCBDC029283B297A3C4D9B242FF ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys
19:14:08.0747 0x1048 Avgrkx86 - ok
19:14:08.0785 0x1048 [ 5A22A7A67BFB67D3223B7A339FC97780, 1DADB75B30665866FC93DADDC1EC9F612CD8CE5EC8582BCAF2A527FFDAFF8DBE ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys
19:14:08.0861 0x1048 Avgtdix - ok
19:14:08.0944 0x1048 [ 4A00A998F421769A47A858FC1C8AE87A, 9FB642CA8C7094B8BFDEB2D806909D7B62E7F1CD0B29B6CDC928A6F046E240C2 ] avgtp C:\Windows\system32\drivers\avgtpx86.sys
19:14:08.0983 0x1048 avgtp - ok
19:14:09.0035 0x1048 [ 2B38C7E964FA19A298D04CA177FF8B6F, B233B6AD03217AD72A8F4253FDCF182E6007B5D28178F38BDCACBC16BD69D0CB ] avgwd C:\Program Files\AVG\AVG2015\avgwdsvc.exe
19:14:09.0045 0x1048 avgwd - ok
19:14:09.0098 0x1048 [ DD6A431B43E34B91A767D1CE33728175, 8BFF6474C9DFBEC96FA7B2789EF9B17C7910B52DBCF70CDA1F0C698CFA5EFB6E ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:14:09.0123 0x1048 AxInstSV - ok
19:14:09.0181 0x1048 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
19:14:09.0245 0x1048 b06bdrv - ok
19:14:09.0286 0x1048 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
19:14:09.0388 0x1048 b57nd60x - ok
19:14:09.0453 0x1048 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
19:14:09.0478 0x1048 BDESVC - ok
19:14:09.0495 0x1048 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
19:14:09.0525 0x1048 Beep - ok
19:14:09.0577 0x1048 [ 85AC71C045CEB054ED48A7841AAE0C11, BA0C0CC50E5C49838116AC9A12A7CF1A683601FD08D3CF6EC06620C51C0806FF ] BFE C:\Windows\System32\bfe.dll
19:14:09.0611 0x1048 BFE - ok
19:14:09.0677 0x1048 [ 53F476476F55A27F580661BDE09C4EC4, 90DFBF97F011CFF41D2CFA2E33978BC746A7E693AC75EED1436130C4F10B4E67 ] BITS C:\Windows\system32\qmgr.dll
19:14:09.0699 0x1048 BITS - ok
19:14:09.0728 0x1048 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:14:09.0761 0x1048 blbdrive - ok
19:14:09.0780 0x1048 [ FCAFAEF6798D7B51FF029F99A9898961, BFB37686B1386EB883B99DB6AC342C20514939F8B7A5CEC5D63865B3DC2B4D4F ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:14:09.0785 0x1048 bowser - ok
19:14:09.0809 0x1048 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:14:09.0848 0x1048 BrFiltLo - ok
19:14:09.0868 0x1048 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:14:09.0913 0x1048 BrFiltUp - ok
19:14:09.0974 0x1048 [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
19:14:10.0013 0x1048 BridgeMP - ok
19:14:10.0051 0x1048 [ 598E1280E7FF3744F4B8329366CC5635, 9B6392AEBE7EF26253487AF8C7C114822ABB187BA32DA8DBF622DB1B8DA6F1C0 ] Browser C:\Windows\System32\browser.dll
19:14:10.0055 0x1048 Browser - ok
19:14:10.0098 0x1048 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:14:10.0159 0x1048 Brserid - ok
19:14:10.0180 0x1048 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:14:10.0223 0x1048 BrSerWdm - ok
19:14:10.0248 0x1048 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:14:10.0294 0x1048 BrUsbMdm - ok
19:14:10.0318 0x1048 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:14:10.0351 0x1048 BrUsbSer - ok
19:14:10.0374 0x1048 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:14:10.0407 0x1048 BTHMODEM - ok
19:14:10.0442 0x1048 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
19:14:10.0469 0x1048 bthserv - ok
19:14:10.0538 0x1048 catchme - ok
19:14:10.0564 0x1048 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:14:10.0601 0x1048 cdfs - ok
19:14:10.0646 0x1048 [ BA6E70AA0E6091BC39DE29477D866A77, A17A68BDA46995F75FB1C2C593A81CD3B2BFE290CEAA45FA2380DDF5537A23C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:14:10.0689 0x1048 cdrom - ok
19:14:10.0722 0x1048 [ 628A9E30EC5E18DD5DE6BE4DBDC12198, DDA43DCCB195440D6BD5752BD00D984F45BD6D23DBE2A656C33E3CD1E5D17AD7 ] CertPropSvc C:\Windows\System32\certprop.dll
19:14:10.0770 0x1048 CertPropSvc - ok
19:14:10.0805 0x1048 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:14:10.0838 0x1048 circlass - ok
19:14:10.0870 0x1048 [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS C:\Windows\system32\CLFS.sys
19:14:10.0882 0x1048 CLFS - ok
19:14:10.0936 0x1048 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:14:10.0988 0x1048 clr_optimization_v2.0.50727_32 - ok
19:14:11.0062 0x1048 [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:14:11.0118 0x1048 clr_optimization_v4.0.30319_32 - ok
19:14:11.0165 0x1048 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:14:11.0212 0x1048 CmBatt - ok
19:14:11.0233 0x1048 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
19:14:11.0274 0x1048 cmdide - ok
19:14:11.0308 0x1048 [ 1B675691ED940766149C93E8F4488D68, A55C41B2B343B1CF53D737ED1752D0510052094FFC60FDB833279A8A52398132 ] CNG C:\Windows\system32\Drivers\cng.sys
19:14:11.0337 0x1048 CNG - ok
19:14:11.0378 0x1048 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:14:11.0381 0x1048 Compbatt - ok
19:14:11.0422 0x1048 [ F1724BA27E97D627F808FB0BA77A28A6, F7D69082EEFEC0FB8B309F6AEE282D4A5DFC1A40851ED65904AA9582C5DEA5AB ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
19:14:11.0469 0x1048 CompositeBus - ok
19:14:11.0489 0x1048 COMSysApp - ok
19:14:11.0520 0x1048 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:14:11.0581 0x1048 crcdisk - ok
19:14:11.0630 0x1048 [ 9C231178CE4FB385F4B54B0A9080B8A4, 08EFAEBFF68D5CCE432D75116ED4BDC63FEA651459C9AD363CBEEDB769806527 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:14:11.0637 0x1048 CryptSvc - ok
19:14:11.0687 0x1048 [ 27C9490BDD0AE48911AB8CF1932591ED, 751F576F797F8A7BA576C32598BD6FD2E60D4FACC7836CC5BA3F68C38D27CCCA ] CSC C:\Windows\system32\drivers\csc.sys
19:14:11.0772 0x1048 CSC - ok
19:14:11.0822 0x1048 [ 56FB5F222EA30D3D3FC459879772CB73, 2C4646774575858E26DBA9C73853E06D0BD18CC8A4C73C633071FF5FE04CA0F4 ] CscService C:\Windows\System32\cscsvc.dll
19:14:11.0866 0x1048 CscService - ok
19:14:11.0927 0x1048 [ B82CD39E336973359D7C9BF911E8E84F, 45DB8F1E88FC25A81D2F3C2F8A8CDB6B34C44950B038E24FB71DCDD9823DB22A ] DcomLaunch C:\Windows\system32\rpcss.dll
19:14:11.0945 0x1048 DcomLaunch - ok
19:14:12.0003 0x1048 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
19:14:12.0060 0x1048 defragsvc - ok
19:14:12.0104 0x1048 [ 8E09E52EE2E3CEB199EF3DD99CF9E3FB, B03D0CF11C1D0DCBB76E74D796F3AFA2F9598C918017C29670BED4E3A9962EF5 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:14:12.0162 0x1048 DfsC - ok
19:14:12.0571 0x1048 [ 560B0DCE52DFED6623B27C9BAFA6F236, BB4156BB1CCA64CCDE065870DAE56CD58BF05CEBF7C3B17C7A821FDF02A8B157 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
19:14:12.0649 0x1048 dg_ssudbus - ok
19:14:12.0702 0x1048 [ C56495FBD770712367CAD35E5DE72DA6, 9D5456A2E208F542F0B6C951EFCABA2A10919777C4287D7298A28F543D5BAC32 ] Dhcp C:\Windows\system32\dhcpcore.dll
19:14:12.0712 0x1048 Dhcp - ok
19:14:12.0757 0x1048 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
19:14:12.0782 0x1048 discache - ok
19:14:12.0937 0x1048 [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:14:12.0940 0x1048 Disk - ok
19:14:13.0061 0x1048 [ D0722E963D3C6145446874241401B209, 542B3E6EC7E0161AB4732380343139959775E749996A97684A5D423833DDB196 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:14:13.0068 0x1048 Dnscache - ok
19:14:13.0104 0x1048 [ 4408C85C21EEA48EB0CE486BAEEF0502, 67EA726F4053665D94D7790EC89616EA0698A7548073A9211E3F75937B4384BE ] dot3svc C:\Windows\System32\dot3svc.dll
19:14:13.0164 0x1048 dot3svc - ok
19:14:13.0211 0x1048 [ 7FA81C6E11CAA594ADB52084DA73A1E5, 9ED1C585D9CA091E75E4A2A1E5B923B104EBDC5FC9D12154DE909C583E4D0CAE ] DPS C:\Windows\system32\dps.dll
19:14:13.0237 0x1048 DPS - ok
19:14:13.0293 0x1048 [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:14:13.0344 0x1048 drmkaud - ok
19:14:13.0396 0x1048 [ 39806CFEDDCC55E686A49BCCD2972F23, EFD5816D3E8E7F0F8D8E52AB9C534737F32D2D6D3EACCA78940792C553881C64 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:14:13.0522 0x1048 DXGKrnl - ok
19:14:13.0574 0x1048 EagleXNt - ok
19:14:13.0624 0x1048 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
19:14:13.0635 0x1048 EapHost - ok
19:14:13.0840 0x1048 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
19:14:14.0197 0x1048 ebdrv - ok
19:14:14.0248 0x1048 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] EFS C:\Windows\System32\lsass.exe
19:14:14.0252 0x1048 EFS - ok
19:14:14.0327 0x1048 [ 3A74A6E33685662B125A3269B1F2114F, 183E180E4B35E549B5D7363D926E17226FF70CFDE7328F7B0B3676B9A27E2569 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:14:14.0726 0x1048 ehRecvr - ok
19:14:14.0776 0x1048 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
19:14:14.0816 0x1048 ehSched - ok
19:14:14.0881 0x1048 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:14:14.0962 0x1048 elxstor - ok
19:14:14.0990 0x1048 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
19:14:15.0028 0x1048 ErrDev - ok
19:14:15.0098 0x1048 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
19:14:15.0120 0x1048 EventSystem - ok
19:14:15.0171 0x1048 ewusbnet - ok
19:14:15.0229 0x1048 [ 57C171EA22F0A7F068FCB0CAEDD1E8E7, 9AAF39AA22372FB8582C1422581C08E61444BF843E1CE2E199EB00FBEA6F9C06 ] ew_hwusbdev C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
19:14:15.0275 0x1048 ew_hwusbdev - ok
19:14:15.0319 0x1048 [ 08003548A6E614261401DCB57913565A, 72E7B313925CD37403ABA4823ECA5FB530D97E80E6D3B1C14D390586A533D5EA ] ew_usbenumfilter C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys
19:14:15.0353 0x1048 ew_usbenumfilter - ok
19:14:15.0377 0x1048 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
19:14:15.0384 0x1048 exfat - ok
19:14:15.0417 0x1048 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:14:15.0424 0x1048 fastfat - ok
19:14:15.0492 0x1048 [ F7EA23CC5E6BF2181F3F399D54F6EFC1, 4659A2EDC5D5171668FB20BED7B56466A674876888519D6F524F7456EBD11263 ] Fax C:\Windows\system32\fxssvc.exe
19:14:15.0509 0x1048 Fax - ok
19:14:15.0536 0x1048 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:14:15.0572 0x1048 fdc - ok
19:14:15.0605 0x1048 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
19:14:15.0607 0x1048 fdPHost - ok
19:14:15.0628 0x1048 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
19:14:15.0631 0x1048 FDResPub - ok
19:14:15.0651 0x1048 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:14:15.0654 0x1048 FileInfo - ok
19:14:15.0671 0x1048 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:14:15.0704 0x1048 Filetrace - ok
19:14:15.0724 0x1048 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:14:15.0758 0x1048 flpydisk - ok
19:14:15.0787 0x1048 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:14:15.0794 0x1048 FltMgr - ok
19:14:15.0852 0x1048 [ B6512A85815FDC3D560C3705F5BDB93D, A04D60BF4649DD7582C0E26E9CED93841D8B2729FDF6E1551F48A94AFD5A6436 ] FontCache C:\Windows\system32\FntCache.dll
19:14:15.0885 0x1048 FontCache - ok
19:14:15.0925 0x1048 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:14:16.0011 0x1048 FontCache3.0.0.0 - ok
19:14:16.0038 0x1048 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:14:16.0083 0x1048 FsDepends - ok
19:14:16.0105 0x1048 [ A574B4360E438977038AAE4BF60D79A2, 7255CCDDDAC4853FA72E6487408C4B7390CBA37549CE952929B2A9CF3327C616 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:14:16.0108 0x1048 Fs_Rec - ok
19:14:16.0145 0x1048 [ 5592F5DBA26282D24D2B080EB438A4D7, 5376D6CFFE9A1406CFA0BF4325EB65206F57A5C50034DA7EB4238BEB08D4D6DB ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:14:16.0156 0x1048 fvevol - ok
19:14:16.0195 0x1048 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:14:16.0249 0x1048 gagp30kx - ok
-continue-
HITAKU
Posts: 18 +0
19:14:16.0331 0x1048 GGSAFERDriver - ok
19:14:16.0387 0x1048 [ 8BA3C04702BF8F927AB36AE8313CA4EE, 3B6460C8134AA9D6E4FB978201B35FE9B67DD5BBB6C8D9625F3097DDA30C2893 ] gpsvc C:\Windows\System32\gpsvc.dll
19:14:16.0411 0x1048 gpsvc - ok
19:14:16.0562 0x1048 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
19:14:16.0568 0x1048 gupdate - ok
19:14:16.0605 0x1048 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
19:14:16.0609 0x1048 gupdatem - ok
19:14:16.0669 0x1048 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
19:14:16.0754 0x1048 gusvc - ok
19:14:16.0799 0x1048 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:14:16.0845 0x1048 hcw85cir - ok
19:14:16.0892 0x1048 [ 3530CAD25DEBA7DC7DE8BB51632CBC5F, 6706B8AD211A4B89B6571ACD227412026EAD87D71456B3EC6E7DD8FA15B997BE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:14:16.0972 0x1048 HdAudAddService - ok
19:14:17.0003 0x1048 [ 717A2207FD6F13AD3E664C7D5A43C7BF, BF28A6F00B64FA0E801493E3289CFFD5E313E724DF7B5AB521C9E37A20890DCF ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:14:17.0008 0x1048 HDAudBus - ok
19:14:17.0028 0x1048 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:14:17.0070 0x1048 HidBatt - ok
19:14:17.0099 0x1048 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:14:17.0157 0x1048 HidBth - ok
19:14:17.0186 0x1048 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:14:17.0226 0x1048 HidIr - ok
19:14:17.0255 0x1048 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\System32\hidserv.dll
19:14:17.0284 0x1048 hidserv - ok
19:14:17.0341 0x1048 [ 25072FB35AC90B25F9E4E3BACF774102, EBCE089947CC5A251A517CB91E81FCB948B18405FBACA04C874D4A48AF88676D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:14:17.0346 0x1048 HidUsb - ok
19:14:17.0367 0x1048 [ 741C2A45CA8407E374AABA3E330B7872, FCF31C46297CFDF8240F0E783A61C8463FEDB1EF7A676AB89DFF0EAE9F3534B4 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:14:17.0399 0x1048 hkmsvc - ok
19:14:17.0431 0x1048 [ A768CA158BB06782A2835B907F4873C3, EFF736C6BA38FB8FC8807286AB273E7274F505E8E59D952E8563DF77C412C5AE ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:14:17.0450 0x1048 HomeGroupListener - ok
19:14:17.0495 0x1048 [ FB08DEC5EF43D0C66D83B8E9694E7549, 9C9ECE9E90F524791FC5DCE797BAE39605F966592126FF058BA3FA0BEFD07BEB ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:14:17.0508 0x1048 HomeGroupProvider - ok
19:14:17.0531 0x1048 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
19:14:17.0583 0x1048 HpSAMD - ok
19:14:17.0641 0x1048 [ DD1E0A26D0F60A7EA65A1BEEC7D44EAB, 3A863AEB10E12608007EF08DDC272BFA7670F7CB9CD3CE9896CFAB439C4B236A ] HssDRV6 C:\Windows\system32\DRIVERS\hssdrv6.sys
19:14:17.0701 0x1048 HssDRV6 - ok
19:14:17.0753 0x1048 [ C531C7FD9E8B62021112787C4E2C5A5A, 09205E2A5BFB6C623B312B8AC82F7F7CA8A922B1D9A0E3952BD3BA47BBE1F18C ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:14:17.0788 0x1048 HTTP - ok
19:14:17.0857 0x1048 [ 8A670E1FC2B308C6023E009728CE1B16, DCE9A99F2B9B2A54B75A3C09CBD0D04141D53F82157493E8E3B9F7E63E0C8122 ] huawei_cdcacm C:\Windows\system32\DRIVERS\ew_jucdcacm.sys
19:14:17.0917 0x1048 huawei_cdcacm - ok
19:14:17.0988 0x1048 [ 4F3C8140A1725FBAAA786A351AF13437, 98E03B18CD1D01E5FF12C54B80655CFAE98E19A84F862DF14D6E6A130469FF77 ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
19:14:18.0039 0x1048 huawei_enumerator - ok
19:14:18.0077 0x1048 [ E43FBF827B32F11BF4E33FE67C52FE0C, 7FF0D9CFF65F97D29B72DCA2C92E58833A23234096BB78E24CE9BC041D322817 ] huawei_ext_ctrl C:\Windows\system32\DRIVERS\ew_juextctrl.sys
19:14:18.0117 0x1048 huawei_ext_ctrl - ok
19:14:18.0167 0x1048 [ 8461051F23E42C5710FE66E38632C5F8, 30AAB04E972F90DE5F12C14308D18D26B2687552444C0981C0C8B9DAA5983B32 ] huawei_wwanecm C:\Windows\system32\DRIVERS\ew_juwwanecm.sys
19:14:18.0236 0x1048 huawei_wwanecm - ok
19:14:18.0310 0x1048 [ 8ABB5F714050209E5C7537DE18F7FB7B, 8AAA8F5BDF167F62958F98E0750940AFFD9D01D1879BF8E17DE034E2991FDA8C ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
19:14:18.0380 0x1048 hwdatacard - ok
19:14:18.0543 0x1048 [ 5EF3427AE503B5C03A48F7C9FF458B69, C75D6E860AA9A1EA0351388B137FE39CE47E96471841BDCA96FF63C87CE99132 ] HWDeviceService.exe C:\ProgramData\DatacardService\HWDeviceService.exe
19:14:18.0553 0x1048 HWDeviceService.exe - ok
19:14:18.0571 0x1048 [ 8305F33CDE89AD6C7A0763ED0B5A8D42, A7CA4978DC1FF6105EA39124DF854F0B1FD478476B871ED0E018AF3AE2165282 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:14:18.0581 0x1048 hwpolicy - ok
19:14:18.0599 0x1048 hwusbdev - ok
19:14:18.0680 0x1048 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:14:18.0749 0x1048 i8042prt - ok
19:14:18.0827 0x1048 [ 934AF4D7C5F457B9F0743F4299B77B67, F232554352BB7CD716D6173FC1AB2661E49480994BB22E9A6FE7A33B51F0A51B ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
19:14:18.0930 0x1048 iaStorV - ok
19:14:19.0030 0x1048 [ 5AF815EB5BC9802E5A064E2BA62BFC0C, DC8CED05F623D30C57E8A7A382A219B4266C9C766ABF8A8D71783EACB8607B82 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:14:19.0448 0x1048 idsvc - ok
19:14:19.0773 0x1048 [ 9467514EA189475A6E7FDC5D7BDE9D3F, E6F5B99BF6B614832770F9310B06334A8174C7660DDEC7589433640527A14683 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
19:14:20.0406 0x1048 igfx - ok
19:14:20.0511 0x1048 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:14:20.0545 0x1048 iirsp - ok
19:14:20.0601 0x1048 [ FAC0EE6562B121B1399D6E855583F7A5, 034C9EE9232EB2CE64297EC4BCBEB5DA443ED9176C436CC754EF84FFB4AD4B08 ] IKEEXT C:\Windows\System32\ikeext.dll
19:14:20.0634 0x1048 IKEEXT - ok
19:14:20.0670 0x1048 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
19:14:20.0671 0x1048 intelide - ok
19:14:20.0705 0x1048 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:14:20.0708 0x1048 intelppm - ok
19:14:20.0737 0x1048 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:14:20.0768 0x1048 IPBusEnum - ok
19:14:20.0789 0x1048 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:14:20.0823 0x1048 IpFilterDriver - ok
19:14:20.0888 0x1048 [ 477397B432A256A50EE7E4339EB9EA14, 3722938E69D16962F773F39669E9B90279DC9527BBC63564B33C89DAFD283497 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:14:20.0920 0x1048 iphlpsvc - ok
19:14:20.0945 0x1048 [ E4454B6C37D7FFD5649611F6496308A7, 5B2AA8C06076C9A1FF944E5EA07C29BA7FABEBB38E6BFB388ED46933EAC465FB ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
19:14:20.0978 0x1048 IPMIDRV - ok
19:14:21.0017 0x1048 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:14:21.0054 0x1048 IPNAT - ok
19:14:21.0091 0x1048 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:14:21.0121 0x1048 IRENUM - ok
19:14:21.0138 0x1048 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
19:14:21.0175 0x1048 isapnp - ok
19:14:21.0215 0x1048 [ ED46C223AE46C6866AB77CDC41C404B7, 1B2A4A3FF0E5F8F02717F20983D57612D62DFF809064A7E524700E7254BB7DB3 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
19:14:21.0263 0x1048 iScsiPrt - ok
19:14:21.0321 0x1048 [ 462D4F9C777737BF151A82BD26F02D05, 8A2C696B9B6D61DE8173C2F1E55D54F3EFCFC0C36F943938B73C56190EA55832 ] jrdusbser C:\Windows\system32\DRIVERS\jrdusbser.sys
19:14:21.0387 0x1048 jrdusbser - ok
19:14:21.0435 0x1048 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:14:21.0470 0x1048 kbdclass - ok
19:14:21.0495 0x1048 [ 3D9F0EBF350EDCFD6498057301455964, B3CB5F0C045B06C86E683F3C67DC0D4E37AF16E20B189B05C926A5A7011438FB ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:14:21.0527 0x1048 kbdhid - ok
19:14:21.0547 0x1048 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] KeyIso C:\Windows\system32\lsass.exe
19:14:21.0551 0x1048 KeyIso - ok
19:14:21.0572 0x1048 [ E36A061EC11B373826905B21BE10948F, CB9F8B76E0A99307A841B66CBD96C7087CC0B068699CBEF01040E37C6EA60E6A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:14:21.0575 0x1048 KSecDD - ok
19:14:21.0602 0x1048 [ 26C046977E85B95036453D7B88BA1820, 375B284AFB407CAE417D2090B112A0ED1CCD516ABFDDBFCD5D6AADE859F14ACD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:14:21.0614 0x1048 KSecPkg - ok
19:14:21.0661 0x1048 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
19:14:21.0711 0x1048 KtmRm - ok
19:14:21.0763 0x1048 [ BCA92CB047A4326925ECEF759DBAA233, C2A188F5526882A2E3AC4CC0190452DA37CBD93043DFE5571A20E8EFE9D56DA3 ] LanmanServer C:\Windows\System32\srvsvc.dll
19:14:21.0809 0x1048 LanmanServer - ok
19:14:21.0849 0x1048 [ B9891F885DCF1F0513A51CB58493CB1F, C883D243E1E7B7AEA031FB90FE4FCEED631F835DC95F9D9D60BC554E6EC358C2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:14:21.0857 0x1048 LanmanWorkstation - ok
19:14:21.0904 0x1048 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:14:21.0917 0x1048 lltdio - ok
19:14:21.0966 0x1048 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:14:22.0014 0x1048 lltdsvc - ok
19:14:22.0047 0x1048 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:14:22.0066 0x1048 lmhosts - ok
19:14:22.0108 0x1048 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:14:22.0163 0x1048 LSI_FC - ok
19:14:22.0181 0x1048 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:14:22.0228 0x1048 LSI_SAS - ok
19:14:22.0247 0x1048 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:14:22.0287 0x1048 LSI_SAS2 - ok
19:14:22.0305 0x1048 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:14:22.0351 0x1048 LSI_SCSI - ok
19:14:22.0383 0x1048 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
19:14:22.0392 0x1048 luafv - ok
19:14:22.0457 0x1048 [ 59A2783ABA6019BED0C843C706E10A6A, EE9F5D846169DCE44B59528AC5104D4CBA94575031528E413C4F5DA058B7059C ] massfilter C:\Windows\system32\drivers\massfilter.sys
19:14:22.0489 0x1048 massfilter - ok
19:14:22.0515 0x1048 MBAMSwissArmy - ok
19:14:22.0571 0x1048 [ 8FD868E32459ECE2A1BB0169F513D31E, F28E47FBEC8EC8424FFFB359668E0FEEA66A69E9D737D75472934FAC39770390 ] mcdbus C:\Windows\system32\DRIVERS\mcdbus.sys
19:14:22.0608 0x1048 mcdbus - ok
19:14:22.0633 0x1048 [ E2B0887816ED336685954E3D8FDAA51D, 4DCB08ADC6A89DCA68D1285734B283B567888EF72249F6BBA73A63D1BD462466 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:14:22.0661 0x1048 Mcx2Svc - ok
19:14:22.0686 0x1048 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:14:22.0720 0x1048 megasas - ok
19:14:22.0759 0x1048 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:14:22.0846 0x1048 MegaSR - ok
19:14:23.0015 0x1048 [ FAFE367D032ED82E9332B4C741A20216, 7B123766E360570E0FCB211835B7910D6A1806C25A06BCA9227AB9E993376CA8 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
19:14:23.0067 0x1048 Microsoft Office Groove Audit Service - ok
19:14:23.0091 0x1048 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
19:14:23.0096 0x1048 MMCSS - ok
19:14:23.0119 0x1048 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
19:14:23.0153 0x1048 Modem - ok
19:14:23.0199 0x1048 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:14:23.0201 0x1048 monitor - ok
19:14:23.0228 0x1048 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:14:23.0265 0x1048 mouclass - ok
19:14:23.0310 0x1048 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:14:23.0313 0x1048 mouhid - ok
19:14:23.0331 0x1048 [ 921C18727C5920D6C0300736646931C2, 19ACE502982E9C5B0134676102EAEE96675C9CA237E410DB36C389D6B4078301 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:14:23.0334 0x1048 mountmgr - ok
19:14:23.0447 0x1048 [ E1B6FCAE82474FC071155263E2841D54, 341E2CEB1A86586730130311C4FAF86851151D5F08EF915A5F89B6C4094AE1F4 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:14:23.0516 0x1048 MozillaMaintenance - ok
19:14:23.0549 0x1048 [ 2AF5997438C55FB79D33D015C30E1974, E8F048A02FEB400C133D0BFC1659921E73B59549E3F7D2A13929901B87A1901F ] mpio C:\Windows\system32\DRIVERS\mpio.sys
19:14:23.0593 0x1048 mpio - ok
19:14:23.0627 0x1048 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:14:23.0629 0x1048 mpsdrv - ok
19:14:23.0681 0x1048 [ 5CD996CECF45CBC3E8D109C86B82D69E, ABE40DA4DA555D3D5054BE28BF82E775D90DCB9E31409DC95FABF2F016B17700 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:14:23.0700 0x1048 MpsSvc - ok
19:14:23.0727 0x1048 [ B1BE47008D20E43DA3ADC37C24CDB89D, 6E8555E84B42E5098227B35EA5ABADF2CD3AC247B37CB9E9304FF67064EBE59B ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:14:23.0771 0x1048 MRxDAV - ok
19:14:23.0789 0x1048 [ F4A054BE78AF7F410129C4B64B07DC9B, 65E14D38CCAB4FBB0C0D4A12F11B2E150AEC00AC692EE92A5CE6C982CF1190F5 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:14:23.0796 0x1048 mrxsmb - ok
19:14:23.0820 0x1048 [ DEFFA295BD1895C6ED8E3078412AC60B, 3F13CD67659EC2C8ABADC2C5B48B939ECDC6DB7CAAAAC3C2823AC12842BC1630 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:14:23.0831 0x1048 mrxsmb10 - ok
19:14:23.0851 0x1048 [ 24D76ABE5DCAD22F19D105F76FDF0CE1, D0A7E033B4DF4AA5A9600A2A7A890FDE20AC7CE87C660817EB92FE10E2DAD343 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:14:23.0866 0x1048 mrxsmb20 - ok
19:14:23.0882 0x1048 [ 4326D168944123F38DD3B2D9C37A0B12, 322AE93418BE3BA6B3E11C86431EC3F4B23CADC3B968B92978A08A7C0D0D8902 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
19:14:23.0887 0x1048 msahci - ok
19:14:23.0913 0x1048 [ 455029C7174A2DBB03DBA8A0D8BDDD9A, 614D71978B024109ADD9A7A74F74ABD5FAA1C36A2E859AF288398EAE7CD76DF2 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
19:14:23.0973 0x1048 msdsm - ok
19:14:23.0997 0x1048 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
19:14:24.0082 0x1048 MSDTC - ok
19:14:24.0118 0x1048 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:14:24.0170 0x1048 Msfs - ok
19:14:24.0192 0x1048 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:14:24.0254 0x1048 mshidkmdf - ok
19:14:24.0272 0x1048 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
19:14:24.0283 0x1048 msisadrv - ok
19:14:24.0332 0x1048 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:14:24.0386 0x1048 MSiSCSI - ok
19:14:24.0416 0x1048 msiserver - ok
19:14:24.0468 0x1048 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:14:24.0512 0x1048 MSKSSRV - ok
19:14:24.0542 0x1048 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:14:24.0582 0x1048 MSPCLOCK - ok
19:14:24.0595 0x1048 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:14:24.0639 0x1048 MSPQM - ok
19:14:24.0669 0x1048 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:14:24.0687 0x1048 MsRPC - ok
19:14:24.0720 0x1048 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:14:24.0724 0x1048 mssmbios - ok
19:14:24.0761 0x1048 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:14:24.0840 0x1048 MSTEE - ok
19:14:24.0980 0x1048 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:14:25.0122 0x1048 MTConfig - ok
19:14:25.0271 0x1048 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
19:14:25.0280 0x1048 Mup - ok
19:14:25.0348 0x1048 [ 80284F1985C70C86F0B5F86DA2DFE1DF, 424A5BBC28C72DA0DBABEB9E423B8C409754CD1BA3DFC9E174BF22D8BCE1BE63 ] napagent C:\Windows\system32\qagentRT.dll
19:14:25.0396 0x1048 napagent - ok
19:14:25.0451 0x1048 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:14:25.0465 0x1048 NativeWifiP - ok
19:14:25.0541 0x1048 [ 23759D175A0A9BAAF04D05047BC135A8, 2C8C553B4E1ED3A644F619F16BCEDD5A3C6D74A17E6E75A3E740E06B1D636348 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:14:25.0586 0x1048 NDIS - ok
19:14:25.0620 0x1048 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:14:25.0664 0x1048 NdisCap - ok
19:14:25.0696 0x1048 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:14:25.0749 0x1048 NdisTapi - ok
19:14:25.0778 0x1048 [ B30AE7F2B6D7E343B0DF32E6C08FCE75, 39BBBF7AF886732CB9ED3E6C06DA4318554089F3BEA74C74328FE1C6EF68E70B ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:14:25.0784 0x1048 Ndisuio - ok
19:14:25.0810 0x1048 [ 267C415EADCBE53C9CA873DEE39CF3A4, BAA8626BDA7B68176B19A99FBBD40FB2A774C8F44B56F9FFB99A1F5C16A1C555 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:14:25.0862 0x1048 NdisWan - ok
19:14:25.0897 0x1048 [ AF7E7C63DCEF3F8772726F86039D6EB4, 1CFDED48E8844138864786DBF9D5519162A6DB28F885A781934E8AFBD52EAC50 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:14:25.0960 0x1048 NDProxy - ok
19:14:25.0985 0x1048 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:14:26.0038 0x1048 NetBIOS - ok
19:14:26.0064 0x1048 [ DD52A733BF4CA5AF84562A5E2F963B91, 5CEB9664CED3D120F5408A12035748728710D41090A289CF66023CED4C838A1F ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:14:26.0111 0x1048 NetBT - ok
19:14:26.0131 0x1048 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] Netlogon C:\Windows\system32\lsass.exe
19:14:26.0134 0x1048 Netlogon - ok
19:14:26.0180 0x1048 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
19:14:26.0193 0x1048 Netman - ok
19:14:26.0258 0x1048 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:14:26.0559 0x1048 NetMsmqActivator - ok
19:14:26.0582 0x1048 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:14:26.0588 0x1048 NetPipeActivator - ok
19:14:27.0447 0x1048 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
19:14:27.0461 0x1048 netprofm - ok
19:14:27.0473 0x1048 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:14:27.0478 0x1048 NetTcpActivator - ok
19:14:27.0493 0x1048 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:14:27.0498 0x1048 NetTcpPortSharing - ok
19:14:27.0779 0x1048 [ 58218EC6B61B1169CF54AAB0D00F5FE2, B76ABB2AD78CE68D30F0F08563B0593D658298CDCF1B138B6E9FB0D64CBCC3C2 ] netw5v32 C:\Windows\system32\DRIVERS\netw5v32.sys
19:14:28.0155 0x1048 netw5v32 - ok
19:14:28.0273 0x1048 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:14:28.0309 0x1048 nfrd960 - ok
19:14:28.0342 0x1048 [ 2226496E34BD40734946A054B1CD657F, 98392D98C9213822268971432BB55047ABD8B4EBD42483FA69BF50FB8FAD64A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:14:28.0353 0x1048 NlaSvc - ok
19:14:28.0370 0x1048 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:14:28.0404 0x1048 Npfs - ok
19:14:28.0435 0x1048 npggsvc - ok
19:14:28.0509 0x1048 [ 9131FE60ADFAB595C8DA53AD6A06AA31, 25284CAE27071FA4391765862A81F9BDFC5398ABF4CCF4E2DF5B0972CFE66E72 ] NPPTNT2 C:\Windows\system32\npptNT2.sys
19:14:28.0541 0x1048 NPPTNT2 - ok
19:14:28.0571 0x1048 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
19:14:28.0576 0x1048 nsi - ok
19:14:28.0606 0x1048 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:14:28.0635 0x1048 nsiproxy - ok
19:14:28.0712 0x1048 [ 3795DCD21F740EE799FB7223234215AF, B03DBFD33B201134473D23038E0BD86CFE64556754BF4EBA42C10B67AEECAEA6 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:14:28.0747 0x1048 Ntfs - ok
19:14:28.0781 0x1048 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
19:14:28.0819 0x1048 Null - ok
19:14:28.0845 0x1048 [ 3F3D04B1D08D43C16EA7963954EC768D, BA82C1D3D9F4AA5F1C9729D61D4E06DB961FDF2B1E9B483D29DB308204DF0754 ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
19:14:28.0905 0x1048 nvraid - ok
19:14:28.0929 0x1048 [ C99F251A5DE63C6F129CF71933ACED0F, 24D48A5F5D699AB0DD4D4435F8F7C6B73A924AEF8F9D1170FD644E26499546A2 ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
19:14:28.0999 0x1048 nvstor - ok
19:14:29.0027 0x1048 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
19:14:29.0087 0x1048 nv_agp - ok
19:14:29.0194 0x1048 [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:14:29.0336 0x1048 odserv - ok
19:14:29.0367 0x1048 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
19:14:29.0421 0x1048 ohci1394 - ok
19:14:29.0523 0x1048 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:14:29.0607 0x1048 ose - ok
-continue-
19:14:16.0387 0x1048 [ 8BA3C04702BF8F927AB36AE8313CA4EE, 3B6460C8134AA9D6E4FB978201B35FE9B67DD5BBB6C8D9625F3097DDA30C2893 ] gpsvc C:\Windows\System32\gpsvc.dll
19:14:16.0411 0x1048 gpsvc - ok
19:14:16.0562 0x1048 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
19:14:16.0568 0x1048 gupdate - ok
19:14:16.0605 0x1048 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
19:14:16.0609 0x1048 gupdatem - ok
19:14:16.0669 0x1048 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
19:14:16.0754 0x1048 gusvc - ok
19:14:16.0799 0x1048 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:14:16.0845 0x1048 hcw85cir - ok
19:14:16.0892 0x1048 [ 3530CAD25DEBA7DC7DE8BB51632CBC5F, 6706B8AD211A4B89B6571ACD227412026EAD87D71456B3EC6E7DD8FA15B997BE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:14:16.0972 0x1048 HdAudAddService - ok
19:14:17.0003 0x1048 [ 717A2207FD6F13AD3E664C7D5A43C7BF, BF28A6F00B64FA0E801493E3289CFFD5E313E724DF7B5AB521C9E37A20890DCF ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:14:17.0008 0x1048 HDAudBus - ok
19:14:17.0028 0x1048 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:14:17.0070 0x1048 HidBatt - ok
19:14:17.0099 0x1048 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:14:17.0157 0x1048 HidBth - ok
19:14:17.0186 0x1048 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:14:17.0226 0x1048 HidIr - ok
19:14:17.0255 0x1048 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\System32\hidserv.dll
19:14:17.0284 0x1048 hidserv - ok
19:14:17.0341 0x1048 [ 25072FB35AC90B25F9E4E3BACF774102, EBCE089947CC5A251A517CB91E81FCB948B18405FBACA04C874D4A48AF88676D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:14:17.0346 0x1048 HidUsb - ok
19:14:17.0367 0x1048 [ 741C2A45CA8407E374AABA3E330B7872, FCF31C46297CFDF8240F0E783A61C8463FEDB1EF7A676AB89DFF0EAE9F3534B4 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:14:17.0399 0x1048 hkmsvc - ok
19:14:17.0431 0x1048 [ A768CA158BB06782A2835B907F4873C3, EFF736C6BA38FB8FC8807286AB273E7274F505E8E59D952E8563DF77C412C5AE ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:14:17.0450 0x1048 HomeGroupListener - ok
19:14:17.0495 0x1048 [ FB08DEC5EF43D0C66D83B8E9694E7549, 9C9ECE9E90F524791FC5DCE797BAE39605F966592126FF058BA3FA0BEFD07BEB ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:14:17.0508 0x1048 HomeGroupProvider - ok
19:14:17.0531 0x1048 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
19:14:17.0583 0x1048 HpSAMD - ok
19:14:17.0641 0x1048 [ DD1E0A26D0F60A7EA65A1BEEC7D44EAB, 3A863AEB10E12608007EF08DDC272BFA7670F7CB9CD3CE9896CFAB439C4B236A ] HssDRV6 C:\Windows\system32\DRIVERS\hssdrv6.sys
19:14:17.0701 0x1048 HssDRV6 - ok
19:14:17.0753 0x1048 [ C531C7FD9E8B62021112787C4E2C5A5A, 09205E2A5BFB6C623B312B8AC82F7F7CA8A922B1D9A0E3952BD3BA47BBE1F18C ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:14:17.0788 0x1048 HTTP - ok
19:14:17.0857 0x1048 [ 8A670E1FC2B308C6023E009728CE1B16, DCE9A99F2B9B2A54B75A3C09CBD0D04141D53F82157493E8E3B9F7E63E0C8122 ] huawei_cdcacm C:\Windows\system32\DRIVERS\ew_jucdcacm.sys
19:14:17.0917 0x1048 huawei_cdcacm - ok
19:14:17.0988 0x1048 [ 4F3C8140A1725FBAAA786A351AF13437, 98E03B18CD1D01E5FF12C54B80655CFAE98E19A84F862DF14D6E6A130469FF77 ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
19:14:18.0039 0x1048 huawei_enumerator - ok
19:14:18.0077 0x1048 [ E43FBF827B32F11BF4E33FE67C52FE0C, 7FF0D9CFF65F97D29B72DCA2C92E58833A23234096BB78E24CE9BC041D322817 ] huawei_ext_ctrl C:\Windows\system32\DRIVERS\ew_juextctrl.sys
19:14:18.0117 0x1048 huawei_ext_ctrl - ok
19:14:18.0167 0x1048 [ 8461051F23E42C5710FE66E38632C5F8, 30AAB04E972F90DE5F12C14308D18D26B2687552444C0981C0C8B9DAA5983B32 ] huawei_wwanecm C:\Windows\system32\DRIVERS\ew_juwwanecm.sys
19:14:18.0236 0x1048 huawei_wwanecm - ok
19:14:18.0310 0x1048 [ 8ABB5F714050209E5C7537DE18F7FB7B, 8AAA8F5BDF167F62958F98E0750940AFFD9D01D1879BF8E17DE034E2991FDA8C ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
19:14:18.0380 0x1048 hwdatacard - ok
19:14:18.0543 0x1048 [ 5EF3427AE503B5C03A48F7C9FF458B69, C75D6E860AA9A1EA0351388B137FE39CE47E96471841BDCA96FF63C87CE99132 ] HWDeviceService.exe C:\ProgramData\DatacardService\HWDeviceService.exe
19:14:18.0553 0x1048 HWDeviceService.exe - ok
19:14:18.0571 0x1048 [ 8305F33CDE89AD6C7A0763ED0B5A8D42, A7CA4978DC1FF6105EA39124DF854F0B1FD478476B871ED0E018AF3AE2165282 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:14:18.0581 0x1048 hwpolicy - ok
19:14:18.0599 0x1048 hwusbdev - ok
19:14:18.0680 0x1048 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:14:18.0749 0x1048 i8042prt - ok
19:14:18.0827 0x1048 [ 934AF4D7C5F457B9F0743F4299B77B67, F232554352BB7CD716D6173FC1AB2661E49480994BB22E9A6FE7A33B51F0A51B ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
19:14:18.0930 0x1048 iaStorV - ok
19:14:19.0030 0x1048 [ 5AF815EB5BC9802E5A064E2BA62BFC0C, DC8CED05F623D30C57E8A7A382A219B4266C9C766ABF8A8D71783EACB8607B82 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:14:19.0448 0x1048 idsvc - ok
19:14:19.0773 0x1048 [ 9467514EA189475A6E7FDC5D7BDE9D3F, E6F5B99BF6B614832770F9310B06334A8174C7660DDEC7589433640527A14683 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
19:14:20.0406 0x1048 igfx - ok
19:14:20.0511 0x1048 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:14:20.0545 0x1048 iirsp - ok
19:14:20.0601 0x1048 [ FAC0EE6562B121B1399D6E855583F7A5, 034C9EE9232EB2CE64297EC4BCBEB5DA443ED9176C436CC754EF84FFB4AD4B08 ] IKEEXT C:\Windows\System32\ikeext.dll
19:14:20.0634 0x1048 IKEEXT - ok
19:14:20.0670 0x1048 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
19:14:20.0671 0x1048 intelide - ok
19:14:20.0705 0x1048 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:14:20.0708 0x1048 intelppm - ok
19:14:20.0737 0x1048 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:14:20.0768 0x1048 IPBusEnum - ok
19:14:20.0789 0x1048 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:14:20.0823 0x1048 IpFilterDriver - ok
19:14:20.0888 0x1048 [ 477397B432A256A50EE7E4339EB9EA14, 3722938E69D16962F773F39669E9B90279DC9527BBC63564B33C89DAFD283497 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:14:20.0920 0x1048 iphlpsvc - ok
19:14:20.0945 0x1048 [ E4454B6C37D7FFD5649611F6496308A7, 5B2AA8C06076C9A1FF944E5EA07C29BA7FABEBB38E6BFB388ED46933EAC465FB ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
19:14:20.0978 0x1048 IPMIDRV - ok
19:14:21.0017 0x1048 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:14:21.0054 0x1048 IPNAT - ok
19:14:21.0091 0x1048 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:14:21.0121 0x1048 IRENUM - ok
19:14:21.0138 0x1048 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
19:14:21.0175 0x1048 isapnp - ok
19:14:21.0215 0x1048 [ ED46C223AE46C6866AB77CDC41C404B7, 1B2A4A3FF0E5F8F02717F20983D57612D62DFF809064A7E524700E7254BB7DB3 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
19:14:21.0263 0x1048 iScsiPrt - ok
19:14:21.0321 0x1048 [ 462D4F9C777737BF151A82BD26F02D05, 8A2C696B9B6D61DE8173C2F1E55D54F3EFCFC0C36F943938B73C56190EA55832 ] jrdusbser C:\Windows\system32\DRIVERS\jrdusbser.sys
19:14:21.0387 0x1048 jrdusbser - ok
19:14:21.0435 0x1048 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:14:21.0470 0x1048 kbdclass - ok
19:14:21.0495 0x1048 [ 3D9F0EBF350EDCFD6498057301455964, B3CB5F0C045B06C86E683F3C67DC0D4E37AF16E20B189B05C926A5A7011438FB ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:14:21.0527 0x1048 kbdhid - ok
19:14:21.0547 0x1048 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] KeyIso C:\Windows\system32\lsass.exe
19:14:21.0551 0x1048 KeyIso - ok
19:14:21.0572 0x1048 [ E36A061EC11B373826905B21BE10948F, CB9F8B76E0A99307A841B66CBD96C7087CC0B068699CBEF01040E37C6EA60E6A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:14:21.0575 0x1048 KSecDD - ok
19:14:21.0602 0x1048 [ 26C046977E85B95036453D7B88BA1820, 375B284AFB407CAE417D2090B112A0ED1CCD516ABFDDBFCD5D6AADE859F14ACD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:14:21.0614 0x1048 KSecPkg - ok
19:14:21.0661 0x1048 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
19:14:21.0711 0x1048 KtmRm - ok
19:14:21.0763 0x1048 [ BCA92CB047A4326925ECEF759DBAA233, C2A188F5526882A2E3AC4CC0190452DA37CBD93043DFE5571A20E8EFE9D56DA3 ] LanmanServer C:\Windows\System32\srvsvc.dll
19:14:21.0809 0x1048 LanmanServer - ok
19:14:21.0849 0x1048 [ B9891F885DCF1F0513A51CB58493CB1F, C883D243E1E7B7AEA031FB90FE4FCEED631F835DC95F9D9D60BC554E6EC358C2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:14:21.0857 0x1048 LanmanWorkstation - ok
19:14:21.0904 0x1048 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:14:21.0917 0x1048 lltdio - ok
19:14:21.0966 0x1048 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:14:22.0014 0x1048 lltdsvc - ok
19:14:22.0047 0x1048 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:14:22.0066 0x1048 lmhosts - ok
19:14:22.0108 0x1048 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:14:22.0163 0x1048 LSI_FC - ok
19:14:22.0181 0x1048 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:14:22.0228 0x1048 LSI_SAS - ok
19:14:22.0247 0x1048 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:14:22.0287 0x1048 LSI_SAS2 - ok
19:14:22.0305 0x1048 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:14:22.0351 0x1048 LSI_SCSI - ok
19:14:22.0383 0x1048 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
19:14:22.0392 0x1048 luafv - ok
19:14:22.0457 0x1048 [ 59A2783ABA6019BED0C843C706E10A6A, EE9F5D846169DCE44B59528AC5104D4CBA94575031528E413C4F5DA058B7059C ] massfilter C:\Windows\system32\drivers\massfilter.sys
19:14:22.0489 0x1048 massfilter - ok
19:14:22.0515 0x1048 MBAMSwissArmy - ok
19:14:22.0571 0x1048 [ 8FD868E32459ECE2A1BB0169F513D31E, F28E47FBEC8EC8424FFFB359668E0FEEA66A69E9D737D75472934FAC39770390 ] mcdbus C:\Windows\system32\DRIVERS\mcdbus.sys
19:14:22.0608 0x1048 mcdbus - ok
19:14:22.0633 0x1048 [ E2B0887816ED336685954E3D8FDAA51D, 4DCB08ADC6A89DCA68D1285734B283B567888EF72249F6BBA73A63D1BD462466 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:14:22.0661 0x1048 Mcx2Svc - ok
19:14:22.0686 0x1048 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:14:22.0720 0x1048 megasas - ok
19:14:22.0759 0x1048 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:14:22.0846 0x1048 MegaSR - ok
19:14:23.0015 0x1048 [ FAFE367D032ED82E9332B4C741A20216, 7B123766E360570E0FCB211835B7910D6A1806C25A06BCA9227AB9E993376CA8 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
19:14:23.0067 0x1048 Microsoft Office Groove Audit Service - ok
19:14:23.0091 0x1048 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
19:14:23.0096 0x1048 MMCSS - ok
19:14:23.0119 0x1048 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
19:14:23.0153 0x1048 Modem - ok
19:14:23.0199 0x1048 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:14:23.0201 0x1048 monitor - ok
19:14:23.0228 0x1048 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:14:23.0265 0x1048 mouclass - ok
19:14:23.0310 0x1048 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:14:23.0313 0x1048 mouhid - ok
19:14:23.0331 0x1048 [ 921C18727C5920D6C0300736646931C2, 19ACE502982E9C5B0134676102EAEE96675C9CA237E410DB36C389D6B4078301 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:14:23.0334 0x1048 mountmgr - ok
19:14:23.0447 0x1048 [ E1B6FCAE82474FC071155263E2841D54, 341E2CEB1A86586730130311C4FAF86851151D5F08EF915A5F89B6C4094AE1F4 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:14:23.0516 0x1048 MozillaMaintenance - ok
19:14:23.0549 0x1048 [ 2AF5997438C55FB79D33D015C30E1974, E8F048A02FEB400C133D0BFC1659921E73B59549E3F7D2A13929901B87A1901F ] mpio C:\Windows\system32\DRIVERS\mpio.sys
19:14:23.0593 0x1048 mpio - ok
19:14:23.0627 0x1048 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:14:23.0629 0x1048 mpsdrv - ok
19:14:23.0681 0x1048 [ 5CD996CECF45CBC3E8D109C86B82D69E, ABE40DA4DA555D3D5054BE28BF82E775D90DCB9E31409DC95FABF2F016B17700 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:14:23.0700 0x1048 MpsSvc - ok
19:14:23.0727 0x1048 [ B1BE47008D20E43DA3ADC37C24CDB89D, 6E8555E84B42E5098227B35EA5ABADF2CD3AC247B37CB9E9304FF67064EBE59B ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:14:23.0771 0x1048 MRxDAV - ok
19:14:23.0789 0x1048 [ F4A054BE78AF7F410129C4B64B07DC9B, 65E14D38CCAB4FBB0C0D4A12F11B2E150AEC00AC692EE92A5CE6C982CF1190F5 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:14:23.0796 0x1048 mrxsmb - ok
19:14:23.0820 0x1048 [ DEFFA295BD1895C6ED8E3078412AC60B, 3F13CD67659EC2C8ABADC2C5B48B939ECDC6DB7CAAAAC3C2823AC12842BC1630 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:14:23.0831 0x1048 mrxsmb10 - ok
19:14:23.0851 0x1048 [ 24D76ABE5DCAD22F19D105F76FDF0CE1, D0A7E033B4DF4AA5A9600A2A7A890FDE20AC7CE87C660817EB92FE10E2DAD343 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:14:23.0866 0x1048 mrxsmb20 - ok
19:14:23.0882 0x1048 [ 4326D168944123F38DD3B2D9C37A0B12, 322AE93418BE3BA6B3E11C86431EC3F4B23CADC3B968B92978A08A7C0D0D8902 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
19:14:23.0887 0x1048 msahci - ok
19:14:23.0913 0x1048 [ 455029C7174A2DBB03DBA8A0D8BDDD9A, 614D71978B024109ADD9A7A74F74ABD5FAA1C36A2E859AF288398EAE7CD76DF2 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
19:14:23.0973 0x1048 msdsm - ok
19:14:23.0997 0x1048 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
19:14:24.0082 0x1048 MSDTC - ok
19:14:24.0118 0x1048 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:14:24.0170 0x1048 Msfs - ok
19:14:24.0192 0x1048 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:14:24.0254 0x1048 mshidkmdf - ok
19:14:24.0272 0x1048 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
19:14:24.0283 0x1048 msisadrv - ok
19:14:24.0332 0x1048 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:14:24.0386 0x1048 MSiSCSI - ok
19:14:24.0416 0x1048 msiserver - ok
19:14:24.0468 0x1048 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:14:24.0512 0x1048 MSKSSRV - ok
19:14:24.0542 0x1048 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:14:24.0582 0x1048 MSPCLOCK - ok
19:14:24.0595 0x1048 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:14:24.0639 0x1048 MSPQM - ok
19:14:24.0669 0x1048 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:14:24.0687 0x1048 MsRPC - ok
19:14:24.0720 0x1048 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:14:24.0724 0x1048 mssmbios - ok
19:14:24.0761 0x1048 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:14:24.0840 0x1048 MSTEE - ok
19:14:24.0980 0x1048 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:14:25.0122 0x1048 MTConfig - ok
19:14:25.0271 0x1048 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
19:14:25.0280 0x1048 Mup - ok
19:14:25.0348 0x1048 [ 80284F1985C70C86F0B5F86DA2DFE1DF, 424A5BBC28C72DA0DBABEB9E423B8C409754CD1BA3DFC9E174BF22D8BCE1BE63 ] napagent C:\Windows\system32\qagentRT.dll
19:14:25.0396 0x1048 napagent - ok
19:14:25.0451 0x1048 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:14:25.0465 0x1048 NativeWifiP - ok
19:14:25.0541 0x1048 [ 23759D175A0A9BAAF04D05047BC135A8, 2C8C553B4E1ED3A644F619F16BCEDD5A3C6D74A17E6E75A3E740E06B1D636348 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:14:25.0586 0x1048 NDIS - ok
19:14:25.0620 0x1048 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:14:25.0664 0x1048 NdisCap - ok
19:14:25.0696 0x1048 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:14:25.0749 0x1048 NdisTapi - ok
19:14:25.0778 0x1048 [ B30AE7F2B6D7E343B0DF32E6C08FCE75, 39BBBF7AF886732CB9ED3E6C06DA4318554089F3BEA74C74328FE1C6EF68E70B ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:14:25.0784 0x1048 Ndisuio - ok
19:14:25.0810 0x1048 [ 267C415EADCBE53C9CA873DEE39CF3A4, BAA8626BDA7B68176B19A99FBBD40FB2A774C8F44B56F9FFB99A1F5C16A1C555 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:14:25.0862 0x1048 NdisWan - ok
19:14:25.0897 0x1048 [ AF7E7C63DCEF3F8772726F86039D6EB4, 1CFDED48E8844138864786DBF9D5519162A6DB28F885A781934E8AFBD52EAC50 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:14:25.0960 0x1048 NDProxy - ok
19:14:25.0985 0x1048 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:14:26.0038 0x1048 NetBIOS - ok
19:14:26.0064 0x1048 [ DD52A733BF4CA5AF84562A5E2F963B91, 5CEB9664CED3D120F5408A12035748728710D41090A289CF66023CED4C838A1F ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:14:26.0111 0x1048 NetBT - ok
19:14:26.0131 0x1048 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] Netlogon C:\Windows\system32\lsass.exe
19:14:26.0134 0x1048 Netlogon - ok
19:14:26.0180 0x1048 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
19:14:26.0193 0x1048 Netman - ok
19:14:26.0258 0x1048 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:14:26.0559 0x1048 NetMsmqActivator - ok
19:14:26.0582 0x1048 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:14:26.0588 0x1048 NetPipeActivator - ok
19:14:27.0447 0x1048 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
19:14:27.0461 0x1048 netprofm - ok
19:14:27.0473 0x1048 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:14:27.0478 0x1048 NetTcpActivator - ok
19:14:27.0493 0x1048 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:14:27.0498 0x1048 NetTcpPortSharing - ok
19:14:27.0779 0x1048 [ 58218EC6B61B1169CF54AAB0D00F5FE2, B76ABB2AD78CE68D30F0F08563B0593D658298CDCF1B138B6E9FB0D64CBCC3C2 ] netw5v32 C:\Windows\system32\DRIVERS\netw5v32.sys
19:14:28.0155 0x1048 netw5v32 - ok
19:14:28.0273 0x1048 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:14:28.0309 0x1048 nfrd960 - ok
19:14:28.0342 0x1048 [ 2226496E34BD40734946A054B1CD657F, 98392D98C9213822268971432BB55047ABD8B4EBD42483FA69BF50FB8FAD64A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:14:28.0353 0x1048 NlaSvc - ok
19:14:28.0370 0x1048 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:14:28.0404 0x1048 Npfs - ok
19:14:28.0435 0x1048 npggsvc - ok
19:14:28.0509 0x1048 [ 9131FE60ADFAB595C8DA53AD6A06AA31, 25284CAE27071FA4391765862A81F9BDFC5398ABF4CCF4E2DF5B0972CFE66E72 ] NPPTNT2 C:\Windows\system32\npptNT2.sys
19:14:28.0541 0x1048 NPPTNT2 - ok
19:14:28.0571 0x1048 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
19:14:28.0576 0x1048 nsi - ok
19:14:28.0606 0x1048 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:14:28.0635 0x1048 nsiproxy - ok
19:14:28.0712 0x1048 [ 3795DCD21F740EE799FB7223234215AF, B03DBFD33B201134473D23038E0BD86CFE64556754BF4EBA42C10B67AEECAEA6 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:14:28.0747 0x1048 Ntfs - ok
19:14:28.0781 0x1048 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
19:14:28.0819 0x1048 Null - ok
19:14:28.0845 0x1048 [ 3F3D04B1D08D43C16EA7963954EC768D, BA82C1D3D9F4AA5F1C9729D61D4E06DB961FDF2B1E9B483D29DB308204DF0754 ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
19:14:28.0905 0x1048 nvraid - ok
19:14:28.0929 0x1048 [ C99F251A5DE63C6F129CF71933ACED0F, 24D48A5F5D699AB0DD4D4435F8F7C6B73A924AEF8F9D1170FD644E26499546A2 ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
19:14:28.0999 0x1048 nvstor - ok
19:14:29.0027 0x1048 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
19:14:29.0087 0x1048 nv_agp - ok
19:14:29.0194 0x1048 [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:14:29.0336 0x1048 odserv - ok
19:14:29.0367 0x1048 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
19:14:29.0421 0x1048 ohci1394 - ok
19:14:29.0523 0x1048 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:14:29.0607 0x1048 ose - ok
-continue-
HITAKU
Posts: 18 +0
19:14:29.0672 0x1048 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:14:29.0707 0x1048 p2pimsvc - ok
19:14:29.0743 0x1048 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
19:14:29.0777 0x1048 p2psvc - ok
19:14:29.0818 0x1048 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:14:29.0823 0x1048 Parport - ok
19:14:29.0838 0x1048 [ FF4218952B51DE44FE910953A3E686B9, 871E4F8300AFE2AE770B8F00C12911A08D8BBD8E07C37A11AFF67CA92607A602 ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:14:29.0842 0x1048 partmgr - ok
19:14:29.0859 0x1048 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
19:14:29.0906 0x1048 Parvdm - ok
19:14:29.0940 0x1048 [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:14:29.0959 0x1048 PcaSvc - ok
19:14:29.0982 0x1048 [ C858CB77C577780ECC456A892E7E7D0F, 21AE545B736739DE5A7B02CF227516BA6D02B1AAAECD8CC516CCF9F1FD710BCF ] pci C:\Windows\system32\DRIVERS\pci.sys
19:14:29.0991 0x1048 pci - ok
19:14:30.0007 0x1048 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\DRIVERS\pciide.sys
19:14:30.0046 0x1048 pciide - ok
19:14:30.0068 0x1048 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:14:30.0134 0x1048 pcmcia - ok
19:14:30.0154 0x1048 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
19:14:30.0156 0x1048 pcw - ok
19:14:30.0200 0x1048 [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:14:30.0218 0x1048 PEAUTH - ok
19:14:30.0659 0x1048 [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
19:14:30.0722 0x1048 PeerDistSvc - ok
19:14:30.0853 0x1048 [ 9C1BFF7910C89A1D12E57343475840CB, 62E00E1278BD263B2AC8CB803C31F2818C54DB143C49470FAD07731E04BD2DE3 ] pla C:\Windows\system32\pla.dll
19:14:31.0000 0x1048 pla - ok
19:14:31.0071 0x1048 [ 2CC2008F1296968FBA162ED9F9AFE328, 670E2BE4EB8210C9D6AEA635DFA20E390936762A22B2BB413BF9C7AF418150D6 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:14:31.0087 0x1048 PlugPlay - ok
19:14:31.0193 0x1048 [ 1713D9DE407313138118D501B0E3C05B, 75D89D507BFEBC8F9FBEB988C721BFB721FD0535BE915F370F3966967BA0B419 ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
19:14:31.0266 0x1048 PnkBstrA - ok
19:14:31.0289 0x1048 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:14:31.0318 0x1048 PNRPAutoReg - ok
19:14:31.0352 0x1048 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:14:31.0376 0x1048 PNRPsvc - ok
19:14:31.0439 0x1048 [ 48E1B75C6DC0232FD92BAAE4BD344721, 5BA4EB5A60725836D8085EABF87F51160BA57E318A0C4378410217911A393CE7 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:14:31.0454 0x1048 PolicyAgent - ok
19:14:31.0501 0x1048 [ DBFF83F709A91049621C1D35DD45C92C, 0A722A44F431CAB5EA77FF5F25EB6975C2111B605564FF9FB59751067E7CD3A7 ] Power C:\Windows\system32\umpo.dll
19:14:31.0516 0x1048 Power - ok
19:14:31.0572 0x1048 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:14:31.0611 0x1048 PptpMiniport - ok
19:14:31.0642 0x1048 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:14:31.0675 0x1048 Processor - ok
19:14:31.0708 0x1048 [ 630CF26F0227498B7D5A92B12548960F, 7B6E2A3C398DF2E8F63C03ED5B59BB8DA47D5C1ACA9F37438F71F35633ACD6CD ] ProfSvc C:\Windows\system32\profsvc.dll
19:14:31.0719 0x1048 ProfSvc - ok
19:14:31.0739 0x1048 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:14:31.0743 0x1048 ProtectedStorage - ok
19:14:31.0782 0x1048 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:14:31.0788 0x1048 Psched - ok
19:14:31.0878 0x1048 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:14:32.0064 0x1048 ql2300 - ok
19:14:32.0093 0x1048 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:14:32.0221 0x1048 ql40xx - ok
19:14:32.0406 0x1048 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
19:14:32.0474 0x1048 QWAVE - ok
19:14:32.0496 0x1048 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:14:32.0544 0x1048 QWAVEdrv - ok
19:14:32.0565 0x1048 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:14:32.0599 0x1048 RasAcd - ok
19:14:32.0634 0x1048 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:14:32.0667 0x1048 RasAgileVpn - ok
19:14:32.0694 0x1048 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
19:14:32.0724 0x1048 RasAuto - ok
19:14:32.0918 0x1048 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:14:33.0094 0x1048 Rasl2tp - ok
19:14:33.0130 0x1048 [ 0CE66EC736B7FC526D78F7624C7D2A94, D70B45AA413691CF84B24E966EBA1689955E54BDDA206380CAB7CD50F56D5CEB ] RasMan C:\Windows\System32\rasmans.dll
19:14:33.0142 0x1048 RasMan - ok
19:14:33.0163 0x1048 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:14:33.0204 0x1048 RasPppoe - ok
19:14:33.0222 0x1048 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:14:33.0260 0x1048 RasSstp - ok
19:14:33.0370 0x1048 [ 3B4642DE518A76310C62EEB9A64F771A, 198CF37D779FF9D3D529CF8C222A0A35D04AE3EF69D7861FB3F14D5CC3B3406C ] Razer Game Scanner Service C:\Program Files\Razer\Razer Services\GSS\GameScannerService.exe
19:14:33.0376 0x1048 Razer Game Scanner Service - ok
19:14:33.0413 0x1048 [ 835D7E81BF517A3B72384BDCC85E1CE6, DC855AF17150C1B27926293115C01B5E1FD00FABCE18AFAEAB3DC68BDE4C908B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:14:33.0467 0x1048 rdbss - ok
19:14:33.0486 0x1048 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:14:33.0516 0x1048 rdpbus - ok
19:14:33.0533 0x1048 [ 1E016846895B15A99F9A176A05029075, 78AE674B6E7D3A69099B24AC07E06563A4C867F9DCD8548E4DAAE6FC5ACA4E29 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:14:33.0538 0x1048 RDPCDD - ok
19:14:33.0591 0x1048 [ C5FF95883FFEF704D50C40D21CFB3AB5, 26CC53DDE126A6BD99F606695F063BB7FDC4BBABB9F75F7AD7A84B58C837EEAA ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
19:14:33.0636 0x1048 RDPDR - ok
19:14:33.0663 0x1048 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:14:33.0701 0x1048 RDPENCDD - ok
19:14:33.0730 0x1048 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:14:33.0759 0x1048 RDPREFMP - ok
19:14:33.0934 0x1048 [ 801371BA9782282892D00AADB08EE367, 884DDC24B8400E76F65F54C249053333AD29543224F9EC156C64A6BDF584DDCD ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:14:34.0092 0x1048 RDPWD - ok
19:14:34.0135 0x1048 [ 4EA225BF1CF05E158853F30A99CA29A7, F211480F13E2FE36C31110AE67ABE74E9D572D3A36BEEDE29E14ECBD8C246878 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:14:34.0141 0x1048 rdyboost - ok
19:14:34.0246 0x1048 [ 89525CC2DBAD44F7199B9CC188B3F9C5, 09708EFA65BC1CCF92E6F2E143FCF88C645B1633AFE0DED833CDF945CB077D8C ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
19:14:34.0248 0x1048 RealNetworks Downloader Resolver Service - ok
19:14:34.0288 0x1048 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:14:34.0317 0x1048 RemoteAccess - ok
19:14:34.0356 0x1048 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:14:34.0386 0x1048 RemoteRegistry - ok
19:14:34.0415 0x1048 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:14:34.0421 0x1048 RpcEptMapper - ok
19:14:34.0449 0x1048 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
19:14:34.0485 0x1048 RpcLocator - ok
19:14:34.0526 0x1048 [ B82CD39E336973359D7C9BF911E8E84F, 45DB8F1E88FC25A81D2F3C2F8A8CDB6B34C44950B038E24FB71DCDD9823DB22A ] RpcSs C:\Windows\system32\rpcss.dll
19:14:34.0540 0x1048 RpcSs - ok
19:14:34.0581 0x1048 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:14:34.0584 0x1048 rspndr - ok
19:14:34.0604 0x1048 [ 4E20765744BFBC16F6D6E5BD5598786B, CDB5AB7F8BE3C0085D08DC00CC8DB3266ABA16228B2F022380482C9D05070839 ] RTL8023xp C:\Windows\system32\DRIVERS\Rtnicxp.sys
19:14:34.0638 0x1048 RTL8023xp - ok
19:14:34.0728 0x1048 [ B5019713CEE4CE9E6C0BF0E4142F0A5B, C3A532300622DFDCBDAEE31A9E8CCA063F7B6A6A581E35D2631A2A667848B936 ] RzKLService C:\Program Files\Razer\Razer Cortex\RzKLService.exe
19:14:34.0734 0x1048 RzKLService - ok
19:14:34.0800 0x1048 [ 8ACD8981ED99105443896B632F87F300, 03984C0CB52B4B0930403C3E50945D9648EA2AEBE13AC4FF58A2B43AA5B7E990 ] rzpmgrk C:\Windows\system32\drivers\rzpmgrk.sys
19:14:34.0802 0x1048 rzpmgrk - ok
19:14:34.0852 0x1048 [ 5423D8437051E89DD34749F242C98648, 28FD190E13676B0FD452A73C3069B72206E2938DB2240BAA9BDB56687C748A2B ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
19:14:34.0895 0x1048 s3cap - ok
19:14:34.0935 0x1048 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] SamSs C:\Windows\system32\lsass.exe
19:14:34.0939 0x1048 SamSs - ok
19:14:34.0976 0x1048 [ 34EE0C44B724E3E4CE2EFF29126DE5B5, D27AAF77CB8830893558A600E19CDBF9A6AA7D69DE4B34F317ED4AFD38E8CAFB ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
19:14:35.0015 0x1048 sbp2port - ok
19:14:35.0051 0x1048 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:14:35.0088 0x1048 SCardSvr - ok
19:14:35.0201 0x1048 [ 9FEB2026A460916D1A1198B460632630, 1DA85ECAE71949AF20C48BC6155246EDD00C48516F30270AD937871EBFC19EF1 ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
19:14:35.0246 0x1048 SCDEmu - ok
19:14:35.0285 0x1048 [ A95C54B2AC3CC9C73FCDF9E51A1D6B51, 8C0189A6AF9AEC46CBA4DA422C52B2D3E4858B2F2658DB6CA7996B5F368D2503 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:14:35.0329 0x1048 scfilter - ok
19:14:35.0400 0x1048 [ 3E8B0C453E25613A1F59762A5C42AA75, 86801C49664441A08F7E95031E52AD2518D61CCB945A857A18F0714351A8158C ] Schedule C:\Windows\system32\schedsvc.dll
19:14:35.0425 0x1048 Schedule - ok
19:14:35.0457 0x1048 [ 628A9E30EC5E18DD5DE6BE4DBDC12198, DDA43DCCB195440D6BD5752BD00D984F45BD6D23DBE2A656C33E3CD1E5D17AD7 ] SCPolicySvc C:\Windows\System32\certprop.dll
19:14:35.0460 0x1048 SCPolicySvc - ok
19:14:35.0487 0x1048 [ 5FD90ABDBFAEE85986802622CBB03446, 0A8D9DC09C2ACA9EAABED04737E9EBF6EFB92BB2B9E5F37F10BFDF47CBF7DEDB ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:14:35.0514 0x1048 SDRSVC - ok
19:14:35.0535 0x1048 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:14:35.0537 0x1048 secdrv - ok
19:14:35.0564 0x1048 [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\Windows\system32\seclogon.dll
19:14:35.0568 0x1048 seclogon - ok
19:14:35.0588 0x1048 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\system32\sens.dll
19:14:35.0666 0x1048 SENS - ok
19:14:35.0715 0x1048 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:14:35.0740 0x1048 SensrSvc - ok
19:14:35.0766 0x1048 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:14:35.0800 0x1048 Serenum - ok
19:14:35.0820 0x1048 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:14:35.0855 0x1048 Serial - ok
19:14:35.0873 0x1048 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:14:35.0904 0x1048 sermouse - ok
19:14:35.0949 0x1048 [ 8F55CE568C543D5ADF45C409D16718FC, 64D45854A91B656C1AF36EB272FDC54E9B5FB0200CB93E20F7D997DDA109EF7F ] SessionEnv C:\Windows\system32\sessenv.dll
19:14:35.0976 0x1048 SessionEnv - ok
19:14:36.0002 0x1048 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
19:14:36.0037 0x1048 sffdisk - ok
19:14:36.0070 0x1048 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
19:14:36.0114 0x1048 sffp_mmc - ok
19:14:36.0136 0x1048 [ 4F1E5B0FE7C8050668DBFADE8999AEFB, E36DAACC3D11F004808A3F44C471BBFDC2F33411D9F5C18B55B0DB2A6DA6E74C ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
19:14:36.0188 0x1048 sffp_sd - ok
19:14:36.0200 0x1048 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:14:36.0245 0x1048 sfloppy - ok
19:14:36.0294 0x1048 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:14:36.0314 0x1048 SharedAccess - ok
19:14:36.0377 0x1048 [ CD2E48FA5B29EE2B3B5858056D246EF2, B743F92D0121CF3D827753C85F1F5A14C2DAA1CAFD42C7810C3BECB853DB6175 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:14:36.0409 0x1048 ShellHWDetection - ok
19:14:36.0437 0x1048 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\DRIVERS\sisagp.sys
19:14:36.0500 0x1048 sisagp - ok
19:14:36.0532 0x1048 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:14:36.0577 0x1048 SiSRaid2 - ok
19:14:36.0599 0x1048 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:14:36.0651 0x1048 SiSRaid4 - ok
19:14:36.0773 0x1048 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
19:14:37.0433 0x1048 SkypeUpdate - ok
19:14:37.0490 0x1048 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:14:37.0543 0x1048 Smb - ok
19:14:37.0589 0x1048 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:14:37.0595 0x1048 SNMPTRAP - ok
19:14:37.0615 0x1048 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
19:14:37.0631 0x1048 spldr - ok
19:14:37.0668 0x1048 [ 49B6DD6AB3715B7A67965F17194E98A9, 331D69F3630BA978AC13471A2E7465351D04416343A595C62B94BADFFCD02B3A ] Spooler C:\Windows\System32\spoolsv.exe
19:14:37.0686 0x1048 Spooler - ok
19:14:37.0962 0x1048 [ 4C287F9069FEDBD791178876EE9DE536, 6099E76FF6FBA002EBA2BA7BE4E3238D91332E077524D1DD402E0C9ADA22E852 ] sppsvc C:\Windows\system32\sppsvc.exe
19:14:38.0234 0x1048 sppsvc - ok
19:14:38.0320 0x1048 [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7, E7A8A5774C62DC12B56DC3E0A385ACA9069F3A5E6AC664AD0C383EF44DCF81B3 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:14:38.0364 0x1048 sppuinotify - ok
19:14:38.0401 0x1048 [ 2BA4EBC7DFBA845A1EDBE1F75913BE33, 58D0B957469D55026A53C3963508C8B36BDB360A0A5B870332B79A39200DB3AC ] srv C:\Windows\system32\DRIVERS\srv.sys
19:14:38.0422 0x1048 srv - ok
19:14:38.0459 0x1048 [ DCE7E10FEAABD4CAE95948B3DE5340BB, B1E9CD14DC24BB161EFC83D83CE95D0A98008AD790041785C6C8B87564A491D7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:14:38.0481 0x1048 srv2 - ok
19:14:38.0530 0x1048 [ E00FDFAFF025E94F9821153750C35A6D, 6ECDC5F314A29B859B0DCB7FF114CACE0718612556299B16412C21F9539DC9B5 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL3.SYS
19:14:38.0576 0x1048 SrvHsfHDA - ok
19:14:38.0640 0x1048 [ CEB4E3B6890E1E42DCA6694D9E59E1A0, 00D841690A88F1051A238F67AACCE905E8A59C86070F215A8D31FA3E68C6BF35 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV3.SYS
19:14:38.0785 0x1048 SrvHsfV92 - ok
19:14:38.0848 0x1048 [ BC0C7EA89194C299F051C24119000E17, F5FB21F7AD7370F3D5DF7C23F33118ECF19865B995AF12E9A8A8D893E7E6264F ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
19:14:38.0923 0x1048 SrvHsfWinac - ok
19:14:38.0942 0x1048 [ B5665BAA2120B8A54E22E9CD07C05106, 86E50853D412ACDC752AD182ED52B49DD679D75843E1E9D6A6425E750594692C ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:14:38.0946 0x1048 srvnet - ok
19:14:38.0977 0x1048 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:14:38.0989 0x1048 SSDPSRV - ok
19:14:39.0011 0x1048 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:14:39.0018 0x1048 SstpSvc - ok
19:14:39.0061 0x1048 [ 585FDB94DB04AC1C56298D1FD1F1389E, 5CEBAAF3B649E580B3EF2B9B38426D6EE13B244BE1274BA0C0A468EC4CFB680C ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
19:14:39.0122 0x1048 ssudmdm - ok
19:14:39.0192 0x1048 [ 306521935042FC0A6988D528643619B3, 6FCC06EA71F5C83A8C3A8B7152E9FF48BCFBD35ED8C134A0879735F9135BB20C ] StarOpen C:\Windows\system32\drivers\StarOpen.sys
19:14:39.0292 0x1048 StarOpen - ok
19:14:39.0408 0x1048 [ CC7ED069C2FC82B5B1555C2044C765CC, CE43363544A3EE2C5133CD0D47BF34AFAFA4EAD6AC9EB9A772EE55E89D4D89D4 ] Steam Client Service C:\Program Files\Common Files\Steam\SteamService.exe
19:14:39.0673 0x1048 Steam Client Service - ok
19:14:39.0707 0x1048 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:14:39.0746 0x1048 stexstor - ok
19:14:39.0801 0x1048 [ A22825E7BB7018E8AF3E229A5AF17221, 5C97557F8BC6ABBB5BE624AE41AAC22C3D845F76C3E930337A4C07B2381086D7 ] StiSvc C:\Windows\System32\wiaservc.dll
19:14:39.0819 0x1048 StiSvc - ok
19:14:39.0845 0x1048 [ 957E346CA948668F2496A6CCF6FF82CC, 5C0E0F0E0F2D36E3213885C60BC3B075AFD2257FEB4B8186FC1FE253E0C218AF ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
19:14:39.0847 0x1048 storflt - ok
19:14:39.0888 0x1048 [ D5751969DC3E4B88BF482AC8EC9FE019, DAEB50C0045364C75965B0E94744C6E2E1E85C8D00F1E8A5593F3EC780BDD7D9 ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
19:14:39.0922 0x1048 storvsc - ok
19:14:40.0036 0x1048 Sun_Philippines Wave Modem Device Helper - ok
19:14:40.0048 0x1048 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:14:40.0086 0x1048 swenum - ok
19:14:40.0135 0x1048 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
19:14:40.0180 0x1048 swprv - ok
19:14:40.0263 0x1048 [ 04105C8DA62353589C29BDAEB8D88BD8, CC7A3A779A143E09FE5C0AA6795A7B13496C4E121347949CB23F7946EE5E2DED ] SysMain C:\Windows\system32\sysmain.dll
19:14:40.0333 0x1048 SysMain - ok
19:14:40.0384 0x1048 [ FCFB6C552FBC0DA299799CBD50AD9FD4, A2A90829087B1A7F9B57D6F184EB4AE38D10B2986B0DC8D2ACA5EE9412CA3976 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:14:40.0423 0x1048 TabletInputService - ok
19:14:40.0500 0x1048 [ FD90A16CEB10D4FDAA00AAF39B8FF58F, A0471D1AE2704BCFE70C61A83B24B45ED92D71706BEC7D599BB7418BF8B854F1 ] taphss C:\Windows\system32\DRIVERS\taphss.sys
19:14:40.0553 0x1048 taphss - ok
19:14:40.0580 0x1048 [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF, FF66CBA014F3F8B721088F5AB3D004C1711E7F587CC8D4AC3DCFB45CDB746800 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:14:40.0595 0x1048 TapiSrv - ok
19:14:40.0619 0x1048 [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\Windows\System32\tbssvc.dll
19:14:40.0629 0x1048 TBS - ok
19:14:41.0173 0x1048 [ 2CC3D75488ABD3EC628BBB9A4FC84EFC, 62917CDBC6529D1CC3D7F6E211C717DC44033955749333DCBD052F9BF6639767 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:14:41.0230 0x1048 Tcpip - ok
19:14:41.0307 0x1048 [ 2CC3D75488ABD3EC628BBB9A4FC84EFC, 62917CDBC6529D1CC3D7F6E211C717DC44033955749333DCBD052F9BF6639767 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:14:41.0350 0x1048 TCPIP6 - ok
19:14:41.0392 0x1048 [ E64444523ADD154F86567C469BC0B17F, FBE8A1DC28C102068183754F6BF0D03F5D18FD24BEB7E4B57D1CFCEBB13B381F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:14:41.0395 0x1048 tcpipreg - ok
19:14:41.0425 0x1048 [ 1875C1490D99E70E449E3AFAE9FCBADF, FFDF03826DAB748D51B53B648B632E79B3CD6238F684FDEA749B4D0F93BE5A77 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:14:41.0454 0x1048 TDPIPE - ok
19:14:41.0472 0x1048 [ 7551E91EA999EE9A8E9C331D5A9C31F3, C98C97DFD6C7276CD999545A7BC67B56E1BDDFB2886412E9198012322F95A10D ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:14:41.0507 0x1048 TDTCP - ok
19:14:41.0540 0x1048 [ CB39E896A2A83702D1737BFD402B3542, FA77D98EA3606CA2FCEF0E0949FDE2C32A080B47CAFDE46CE903CA3CBFC5DF35 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:14:41.0575 0x1048 tdx - ok
19:14:41.0598 0x1048 [ C36F41EE20E6999DBF4B0425963268A5, 9DB789A17DF2C283D6E803EEA15F2BDFC56EE3BE342A5606DD5C179C3550ECA6 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:14:41.0621 0x1048 TermDD - ok
19:14:41.0689 0x1048 [ A01E50A04D7B1960B33E92B9080E6A94, 0512BF11F2FD62BDBD2B1AA34D509BE82AC374C37B925C8C0ED119C6331930FD ] TermService C:\Windows\System32\termsrv.dll
19:14:41.0746 0x1048 TermService - ok
19:14:41.0768 0x1048 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
19:14:41.0774 0x1048 Themes - ok
19:14:41.0797 0x1048 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
19:14:41.0802 0x1048 THREADORDER - ok
19:14:41.0823 0x1048 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
19:14:41.0830 0x1048 TrkWks - ok
19:14:41.0877 0x1048 [ 41A4C781D2286208D397D72099304133, 447CAAD5589AA499EEE49FBA2CB53210359DB76AFF1DF2F0BD4D92A397037C1D ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:14:41.0936 0x1048 TrustedInstaller - ok
19:14:41.0964 0x1048 [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242, 9606DACB8CBDAF520282BE8C8F064535767405F138D9E9A215D2C59183E93CC1 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:14:41.0998 0x1048 tssecsrv - ok
19:14:42.0034 0x1048 [ 3E461D890A97F9D4C168F5FDA36E1D00, 82A8778F404F7AC5102802CF46F279F1E58AC74244665D06FD0C68A8BD887536 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:14:42.0073 0x1048 tunnel - ok
19:14:42.0093 0x1048 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:14:42.0128 0x1048 uagp35 - ok
19:14:42.0166 0x1048 [ 09CC3E16F8E5EE7168E01CF8FCBE061A, 81EEAC72A7C4D72666C743DEFF8096FDB465AA1FA8076C60D19CC192846F01CA ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:14:42.0220 0x1048 udfs - ok
19:14:42.0337 0x1048 [ BDFC75512F7D8124DD7601734D73FB82, 9405411208C9006FB73EFA12355CFA613EAF89585C4D256F68B1579B994A5D9D ] UI Assistant Service C:\Program Files\ZTE Connection Manager\AssistantServices.exe
19:14:42.0346 0x1048 UI Assistant Service - ok
19:14:42.0378 0x1048 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:14:42.0437 0x1048 UI0Detect - ok
19:14:42.0467 0x1048 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
19:14:42.0520 0x1048 uliagpkx - ok
19:14:42.0564 0x1048 [ 049B3A50B3D646BAEEEE9EEC9B0668DC, 5774438BBD0976424C20559E14BA2AC158D9FF5D4E1FDC1C9C9F4D7A5CE8C377 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:14:42.0612 0x1048 umbus - ok
19:14:42.0639 0x1048 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:14:42.0693 0x1048 UmPass - ok
19:14:42.0789 0x1048 [ 8ECACA5454844F66386F7BE4AE0D7CD1, F3B02A9F598C6A9EFA019F5833959DD1A86FDFDB9FDDF99A8687BBB6211AAD00 ] UmRdpService C:\Windows\System32\umrdp.dll
19:14:42.0834 0x1048 UmRdpService - ok
19:14:42.0879 0x1048 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
19:14:42.0913 0x1048 upnphost - ok
19:14:42.0987 0x1048 [ 2436A42AAB4AD48A9B714E5B0F344627, A4DE6863BEFDC8DE7C43644F60CFD4182BE300B1EF4F3F86647218C32F745789 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:14:43.0052 0x1048 usbaudio - ok
19:14:43.0080 0x1048 [ 8455C4ED038EFD09E99327F9D2D48FFA, D166F98EA3D85F7DD6B5258949C186714A17EF89B6FDC9804165F7B4FA811C30 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:14:43.0133 0x1048 usbccgp - ok
19:14:43.0163 0x1048 [ 04EC7CEC62EC3B6D9354EEE93327FC82, 6CB41D8644618A5F701F6CA91FB65BB94AA83EA48992133B5262DC539B334B2E ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
19:14:43.0219 0x1048 usbcir - ok
19:14:43.0253 0x1048 [ 1C333BFD60F2FED2C7AD5DAF533CB742, 97AE9CA39482B886FCD063E80B8AB153E1FC1459452657393D8B1745EF69E1C3 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:14:43.0306 0x1048 usbehci - ok
19:14:43.0356 0x1048 [ EE6EF93CCFA94FAE8C6AB298273D8AE2, CBEE16CEAD02E994F0C2AD77DD8C01CB9964C6B42DE49FF7A787849CD25767B4 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:14:43.0426 0x1048 usbhub - ok
19:14:43.0446 0x1048 [ A6FB7957EA7AFB1165991E54CE934B74, 1CE83D9E3276AE380F720C7700A17D58A37A2A77FD72DA69EE0C756B88DB3689 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
19:14:43.0499 0x1048 usbohci - ok
19:14:43.0530 0x1048 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:14:43.0594 0x1048 usbprint - ok
19:14:43.0644 0x1048 [ 576096CCBC07E7C4EA4F5E6686D6888F, 8C643F43BD0017979548389C4DB36A1EE872CCF19C86FAE3752A4989173E28ED ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:14:43.0681 0x1048 usbscan - ok
19:14:43.0724 0x1048 [ D8889D56E0D27E57ED4591837FE71D27, DB1B65EEBFB036086EC3347C1181D9D01FF65870EAEC4A1BA08AF43C35075647 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:14:43.0762 0x1048 USBSTOR - ok
19:14:43.0781 0x1048 [ 78780C3EBCE17405B1CCD07A3A8A7D72, FBFF3111E22EE0B4BCAFA81F89AAE985135BFF48EEFD130C09B49CCF8A9946B9 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:14:43.0826 0x1048 usbuhci - ok
19:14:43.0875 0x1048 [ F642A7E4BF78CFA359CCA0A3557C28D7, 12F1ABDD5C871147AFC682BCEF099F319A4F542AC3F0B647D7A5DFE63EDAE061 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
19:14:43.0934 0x1048 usbvideo - ok
19:14:43.0968 0x1048 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
19:14:43.0974 0x1048 UxSms - ok
19:14:43.0989 0x1048 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] VaultSvc C:\Windows\system32\lsass.exe
19:14:43.0993 0x1048 VaultSvc - ok
19:14:44.0030 0x1048 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
19:14:44.0032 0x1048 vdrvroot - ok
19:14:44.0076 0x1048 [ 8C4E7C49D3641BC9E299E466A7F8867D, 4F2E742EFE2DE47EE187B3BCDFDCB525FE484B74700A226D7894F9633F957AFA ] vds C:\Windows\System32\vds.exe
19:14:44.0158 0x1048 vds - ok
19:14:44.0179 0x1048 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:14:44.0209 0x1048 vga - ok
19:14:44.0230 0x1048 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys
19:14:44.0260 0x1048 VgaSave - ok
19:14:44.0286 0x1048 [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583, 33DF8F7C9A3176175113CA10D69FAF17A5412C055943F14DDC9923531FADB82D ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
19:14:44.0336 0x1048 vhdmp - ok
19:14:44.0432 0x1048 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\DRIVERS\viaagp.sys
19:14:44.0479 0x1048 viaagp - ok
19:14:44.0496 0x1048 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
19:14:44.0534 0x1048 ViaC7 - ok
19:14:44.0557 0x1048 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
19:14:44.0615 0x1048 viaide - ok
19:14:44.0660 0x1048 [ 379B349F65F453D2A6E75EA6B7448E49, F52B1B3AE9F5D38B45C889A7B1EBE59533C17E73678D355D1466B5EF3338BF16 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
19:14:44.0742 0x1048 vmbus - ok
19:14:44.0844 0x1048 [ EC2BBAB4B84D0738C6C83D2234DC36FE, 8BA2FA187DAC6994D5A29897AE5F46E6424FB53C827553E0BB148E31825D6676 ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
19:14:44.0923 0x1048 VMBusHID - ok
19:14:45.0083 0x1048 [ 384E5A2AA49934295171E499F86BA6F3, C79271F98506392422325C075144F45436F9979FE1E002B57F9426F3DA96CEF0 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
19:14:45.0091 0x1048 volmgr - ok
19:14:45.0133 0x1048 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:14:45.0142 0x1048 volmgrx - ok
19:14:45.0167 0x1048 [ 58DF9D2481A56EDDE167E51B334D44FD, C77D7BE83CF1C0DEC80429C5A519E794FD2E8C1E6DAD6F5C92B5EB5694CEB8EA ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
19:14:45.0175 0x1048 volsnap - ok
19:14:45.0226 0x1048 [ 63EF70B7BFB875436D5983E3C77F0681, D0C9A7D42393DEFF33507D4A7ECC207D7CB071D78404B70398A0480C121708AB ] vpcbus C:\Windows\system32\DRIVERS\vpchbus.sys
19:14:45.0275 0x1048 vpcbus - ok
19:14:45.0314 0x1048 [ 2559494DC74877AFCE97C6F75E4B7020, D5B74A2E076427D9F41C81E98AD1AA934A3B749B3C7D4EEA750CB02DAA3A3FDA ] vpcnfltr C:\Windows\system32\DRIVERS\vpcnfltr.sys
19:14:45.0356 0x1048 vpcnfltr - ok
19:14:45.0375 0x1048 [ AC0ADAD2AD5A166100CF59FB9A7880B7, D47B1C57F61BC18BE85F3D276ABA936CCF354C03994622710498EE1B440E4698 ] vpcusb C:\Windows\system32\DRIVERS\vpcusb.sys
19:14:45.0417 0x1048 vpcusb - ok
19:14:45.0451 0x1048 [ 7A806CC4416FE9B1B9C091E31BC638BC, 5F98E6B9285267B2C16DC8E61D6827F787FF44EDA085493E1F68305396EBB675 ] vpcvmm C:\Windows\system32\drivers\vpcvmm.sys
19:14:45.0474 0x1048 vpcvmm - ok
19:14:45.0514 0x1048 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:14:45.0575 0x1048 vsmraid - ok
19:14:45.0662 0x1048 [ 7EA2BCD94D9CFAF4C556F5CC94532A6C, 7CD6637BE0A08E3B0F9991D79751DCA8AEC9224B83301821DAA29C9F42B7A9E3 ] VSS C:\Windows\system32\vssvc.exe
19:14:45.0846 0x1048 VSS - ok
19:14:45.0888 0x1048 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
19:14:45.0982 0x1048 vwifibus - ok
19:14:46.0034 0x1048 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll
19:14:46.0122 0x1048 W32Time - ok
19:14:46.0269 0x1048 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:14:46.0311 0x1048 WacomPen - ok
19:14:46.0352 0x1048 [ 692A712062146E96D28BA0B7D75DE31B, B6D260272330E0C8EBFAD8F09212F48F1EFED42E6BD3F29A5780D0B691D55B34 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:14:46.0394 0x1048 WANARP - ok
19:14:46.0403 0x1048 [ 692A712062146E96D28BA0B7D75DE31B, B6D260272330E0C8EBFAD8F09212F48F1EFED42E6BD3F29A5780D0B691D55B34 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:14:46.0407 0x1048 Wanarpv6 - ok
19:14:46.0514 0x1048 [ 7790B77FE1E5EE47DCC66247095BB4C9, FFB541F83CDE32E65007D41217C2F46CDDF68121E2846B638EAB620ACA940B05 ] wbengine C:\Windows\system32\wbengine.exe
19:14:46.0712 0x1048 wbengine - ok
19:14:46.0787 0x1048 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:14:46.0847 0x1048 WbioSrvc - ok
19:14:46.0901 0x1048 [ D0F88AA11EE1A62BCC6D6A8A7783CA11, 3DBC1806E6F8CD58A9E93EA2A0CDC83C1A90E37B5E385209E4D9A0C81922F447 ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:14:47.0008 0x1048 wcncsvc - ok
19:14:47.0033 0x1048 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:14:47.0063 0x1048 WcsPlugInService - ok
19:14:47.0088 0x1048 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:14:47.0123 0x1048 Wd - ok
19:14:47.0160 0x1048 [ 9950E3D0F08141C7E89E64456AE7DC73, DE4B96812B305A63F5874BBF2DC40354FB45B3D96C1D33436E677099760BA448 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:14:47.0173 0x1048 Wdf01000 - ok
19:14:47.0193 0x1048 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:14:47.0201 0x1048 WdiServiceHost - ok
19:14:47.0209 0x1048 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:14:47.0216 0x1048 WdiSystemHost - ok
-continue-
19:14:29.0707 0x1048 p2pimsvc - ok
19:14:29.0743 0x1048 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
19:14:29.0777 0x1048 p2psvc - ok
19:14:29.0818 0x1048 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:14:29.0823 0x1048 Parport - ok
19:14:29.0838 0x1048 [ FF4218952B51DE44FE910953A3E686B9, 871E4F8300AFE2AE770B8F00C12911A08D8BBD8E07C37A11AFF67CA92607A602 ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:14:29.0842 0x1048 partmgr - ok
19:14:29.0859 0x1048 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
19:14:29.0906 0x1048 Parvdm - ok
19:14:29.0940 0x1048 [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:14:29.0959 0x1048 PcaSvc - ok
19:14:29.0982 0x1048 [ C858CB77C577780ECC456A892E7E7D0F, 21AE545B736739DE5A7B02CF227516BA6D02B1AAAECD8CC516CCF9F1FD710BCF ] pci C:\Windows\system32\DRIVERS\pci.sys
19:14:29.0991 0x1048 pci - ok
19:14:30.0007 0x1048 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\DRIVERS\pciide.sys
19:14:30.0046 0x1048 pciide - ok
19:14:30.0068 0x1048 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:14:30.0134 0x1048 pcmcia - ok
19:14:30.0154 0x1048 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
19:14:30.0156 0x1048 pcw - ok
19:14:30.0200 0x1048 [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:14:30.0218 0x1048 PEAUTH - ok
19:14:30.0659 0x1048 [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
19:14:30.0722 0x1048 PeerDistSvc - ok
19:14:30.0853 0x1048 [ 9C1BFF7910C89A1D12E57343475840CB, 62E00E1278BD263B2AC8CB803C31F2818C54DB143C49470FAD07731E04BD2DE3 ] pla C:\Windows\system32\pla.dll
19:14:31.0000 0x1048 pla - ok
19:14:31.0071 0x1048 [ 2CC2008F1296968FBA162ED9F9AFE328, 670E2BE4EB8210C9D6AEA635DFA20E390936762A22B2BB413BF9C7AF418150D6 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:14:31.0087 0x1048 PlugPlay - ok
19:14:31.0193 0x1048 [ 1713D9DE407313138118D501B0E3C05B, 75D89D507BFEBC8F9FBEB988C721BFB721FD0535BE915F370F3966967BA0B419 ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
19:14:31.0266 0x1048 PnkBstrA - ok
19:14:31.0289 0x1048 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:14:31.0318 0x1048 PNRPAutoReg - ok
19:14:31.0352 0x1048 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:14:31.0376 0x1048 PNRPsvc - ok
19:14:31.0439 0x1048 [ 48E1B75C6DC0232FD92BAAE4BD344721, 5BA4EB5A60725836D8085EABF87F51160BA57E318A0C4378410217911A393CE7 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:14:31.0454 0x1048 PolicyAgent - ok
19:14:31.0501 0x1048 [ DBFF83F709A91049621C1D35DD45C92C, 0A722A44F431CAB5EA77FF5F25EB6975C2111B605564FF9FB59751067E7CD3A7 ] Power C:\Windows\system32\umpo.dll
19:14:31.0516 0x1048 Power - ok
19:14:31.0572 0x1048 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:14:31.0611 0x1048 PptpMiniport - ok
19:14:31.0642 0x1048 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:14:31.0675 0x1048 Processor - ok
19:14:31.0708 0x1048 [ 630CF26F0227498B7D5A92B12548960F, 7B6E2A3C398DF2E8F63C03ED5B59BB8DA47D5C1ACA9F37438F71F35633ACD6CD ] ProfSvc C:\Windows\system32\profsvc.dll
19:14:31.0719 0x1048 ProfSvc - ok
19:14:31.0739 0x1048 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:14:31.0743 0x1048 ProtectedStorage - ok
19:14:31.0782 0x1048 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:14:31.0788 0x1048 Psched - ok
19:14:31.0878 0x1048 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:14:32.0064 0x1048 ql2300 - ok
19:14:32.0093 0x1048 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:14:32.0221 0x1048 ql40xx - ok
19:14:32.0406 0x1048 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
19:14:32.0474 0x1048 QWAVE - ok
19:14:32.0496 0x1048 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:14:32.0544 0x1048 QWAVEdrv - ok
19:14:32.0565 0x1048 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:14:32.0599 0x1048 RasAcd - ok
19:14:32.0634 0x1048 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:14:32.0667 0x1048 RasAgileVpn - ok
19:14:32.0694 0x1048 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
19:14:32.0724 0x1048 RasAuto - ok
19:14:32.0918 0x1048 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:14:33.0094 0x1048 Rasl2tp - ok
19:14:33.0130 0x1048 [ 0CE66EC736B7FC526D78F7624C7D2A94, D70B45AA413691CF84B24E966EBA1689955E54BDDA206380CAB7CD50F56D5CEB ] RasMan C:\Windows\System32\rasmans.dll
19:14:33.0142 0x1048 RasMan - ok
19:14:33.0163 0x1048 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:14:33.0204 0x1048 RasPppoe - ok
19:14:33.0222 0x1048 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:14:33.0260 0x1048 RasSstp - ok
19:14:33.0370 0x1048 [ 3B4642DE518A76310C62EEB9A64F771A, 198CF37D779FF9D3D529CF8C222A0A35D04AE3EF69D7861FB3F14D5CC3B3406C ] Razer Game Scanner Service C:\Program Files\Razer\Razer Services\GSS\GameScannerService.exe
19:14:33.0376 0x1048 Razer Game Scanner Service - ok
19:14:33.0413 0x1048 [ 835D7E81BF517A3B72384BDCC85E1CE6, DC855AF17150C1B27926293115C01B5E1FD00FABCE18AFAEAB3DC68BDE4C908B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:14:33.0467 0x1048 rdbss - ok
19:14:33.0486 0x1048 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:14:33.0516 0x1048 rdpbus - ok
19:14:33.0533 0x1048 [ 1E016846895B15A99F9A176A05029075, 78AE674B6E7D3A69099B24AC07E06563A4C867F9DCD8548E4DAAE6FC5ACA4E29 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:14:33.0538 0x1048 RDPCDD - ok
19:14:33.0591 0x1048 [ C5FF95883FFEF704D50C40D21CFB3AB5, 26CC53DDE126A6BD99F606695F063BB7FDC4BBABB9F75F7AD7A84B58C837EEAA ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
19:14:33.0636 0x1048 RDPDR - ok
19:14:33.0663 0x1048 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:14:33.0701 0x1048 RDPENCDD - ok
19:14:33.0730 0x1048 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:14:33.0759 0x1048 RDPREFMP - ok
19:14:33.0934 0x1048 [ 801371BA9782282892D00AADB08EE367, 884DDC24B8400E76F65F54C249053333AD29543224F9EC156C64A6BDF584DDCD ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:14:34.0092 0x1048 RDPWD - ok
19:14:34.0135 0x1048 [ 4EA225BF1CF05E158853F30A99CA29A7, F211480F13E2FE36C31110AE67ABE74E9D572D3A36BEEDE29E14ECBD8C246878 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:14:34.0141 0x1048 rdyboost - ok
19:14:34.0246 0x1048 [ 89525CC2DBAD44F7199B9CC188B3F9C5, 09708EFA65BC1CCF92E6F2E143FCF88C645B1633AFE0DED833CDF945CB077D8C ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
19:14:34.0248 0x1048 RealNetworks Downloader Resolver Service - ok
19:14:34.0288 0x1048 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:14:34.0317 0x1048 RemoteAccess - ok
19:14:34.0356 0x1048 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:14:34.0386 0x1048 RemoteRegistry - ok
19:14:34.0415 0x1048 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:14:34.0421 0x1048 RpcEptMapper - ok
19:14:34.0449 0x1048 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
19:14:34.0485 0x1048 RpcLocator - ok
19:14:34.0526 0x1048 [ B82CD39E336973359D7C9BF911E8E84F, 45DB8F1E88FC25A81D2F3C2F8A8CDB6B34C44950B038E24FB71DCDD9823DB22A ] RpcSs C:\Windows\system32\rpcss.dll
19:14:34.0540 0x1048 RpcSs - ok
19:14:34.0581 0x1048 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:14:34.0584 0x1048 rspndr - ok
19:14:34.0604 0x1048 [ 4E20765744BFBC16F6D6E5BD5598786B, CDB5AB7F8BE3C0085D08DC00CC8DB3266ABA16228B2F022380482C9D05070839 ] RTL8023xp C:\Windows\system32\DRIVERS\Rtnicxp.sys
19:14:34.0638 0x1048 RTL8023xp - ok
19:14:34.0728 0x1048 [ B5019713CEE4CE9E6C0BF0E4142F0A5B, C3A532300622DFDCBDAEE31A9E8CCA063F7B6A6A581E35D2631A2A667848B936 ] RzKLService C:\Program Files\Razer\Razer Cortex\RzKLService.exe
19:14:34.0734 0x1048 RzKLService - ok
19:14:34.0800 0x1048 [ 8ACD8981ED99105443896B632F87F300, 03984C0CB52B4B0930403C3E50945D9648EA2AEBE13AC4FF58A2B43AA5B7E990 ] rzpmgrk C:\Windows\system32\drivers\rzpmgrk.sys
19:14:34.0802 0x1048 rzpmgrk - ok
19:14:34.0852 0x1048 [ 5423D8437051E89DD34749F242C98648, 28FD190E13676B0FD452A73C3069B72206E2938DB2240BAA9BDB56687C748A2B ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
19:14:34.0895 0x1048 s3cap - ok
19:14:34.0935 0x1048 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] SamSs C:\Windows\system32\lsass.exe
19:14:34.0939 0x1048 SamSs - ok
19:14:34.0976 0x1048 [ 34EE0C44B724E3E4CE2EFF29126DE5B5, D27AAF77CB8830893558A600E19CDBF9A6AA7D69DE4B34F317ED4AFD38E8CAFB ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
19:14:35.0015 0x1048 sbp2port - ok
19:14:35.0051 0x1048 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:14:35.0088 0x1048 SCardSvr - ok
19:14:35.0201 0x1048 [ 9FEB2026A460916D1A1198B460632630, 1DA85ECAE71949AF20C48BC6155246EDD00C48516F30270AD937871EBFC19EF1 ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
19:14:35.0246 0x1048 SCDEmu - ok
19:14:35.0285 0x1048 [ A95C54B2AC3CC9C73FCDF9E51A1D6B51, 8C0189A6AF9AEC46CBA4DA422C52B2D3E4858B2F2658DB6CA7996B5F368D2503 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:14:35.0329 0x1048 scfilter - ok
19:14:35.0400 0x1048 [ 3E8B0C453E25613A1F59762A5C42AA75, 86801C49664441A08F7E95031E52AD2518D61CCB945A857A18F0714351A8158C ] Schedule C:\Windows\system32\schedsvc.dll
19:14:35.0425 0x1048 Schedule - ok
19:14:35.0457 0x1048 [ 628A9E30EC5E18DD5DE6BE4DBDC12198, DDA43DCCB195440D6BD5752BD00D984F45BD6D23DBE2A656C33E3CD1E5D17AD7 ] SCPolicySvc C:\Windows\System32\certprop.dll
19:14:35.0460 0x1048 SCPolicySvc - ok
19:14:35.0487 0x1048 [ 5FD90ABDBFAEE85986802622CBB03446, 0A8D9DC09C2ACA9EAABED04737E9EBF6EFB92BB2B9E5F37F10BFDF47CBF7DEDB ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:14:35.0514 0x1048 SDRSVC - ok
19:14:35.0535 0x1048 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:14:35.0537 0x1048 secdrv - ok
19:14:35.0564 0x1048 [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\Windows\system32\seclogon.dll
19:14:35.0568 0x1048 seclogon - ok
19:14:35.0588 0x1048 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\system32\sens.dll
19:14:35.0666 0x1048 SENS - ok
19:14:35.0715 0x1048 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:14:35.0740 0x1048 SensrSvc - ok
19:14:35.0766 0x1048 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:14:35.0800 0x1048 Serenum - ok
19:14:35.0820 0x1048 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:14:35.0855 0x1048 Serial - ok
19:14:35.0873 0x1048 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:14:35.0904 0x1048 sermouse - ok
19:14:35.0949 0x1048 [ 8F55CE568C543D5ADF45C409D16718FC, 64D45854A91B656C1AF36EB272FDC54E9B5FB0200CB93E20F7D997DDA109EF7F ] SessionEnv C:\Windows\system32\sessenv.dll
19:14:35.0976 0x1048 SessionEnv - ok
19:14:36.0002 0x1048 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
19:14:36.0037 0x1048 sffdisk - ok
19:14:36.0070 0x1048 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
19:14:36.0114 0x1048 sffp_mmc - ok
19:14:36.0136 0x1048 [ 4F1E5B0FE7C8050668DBFADE8999AEFB, E36DAACC3D11F004808A3F44C471BBFDC2F33411D9F5C18B55B0DB2A6DA6E74C ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
19:14:36.0188 0x1048 sffp_sd - ok
19:14:36.0200 0x1048 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:14:36.0245 0x1048 sfloppy - ok
19:14:36.0294 0x1048 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:14:36.0314 0x1048 SharedAccess - ok
19:14:36.0377 0x1048 [ CD2E48FA5B29EE2B3B5858056D246EF2, B743F92D0121CF3D827753C85F1F5A14C2DAA1CAFD42C7810C3BECB853DB6175 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:14:36.0409 0x1048 ShellHWDetection - ok
19:14:36.0437 0x1048 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\DRIVERS\sisagp.sys
19:14:36.0500 0x1048 sisagp - ok
19:14:36.0532 0x1048 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:14:36.0577 0x1048 SiSRaid2 - ok
19:14:36.0599 0x1048 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:14:36.0651 0x1048 SiSRaid4 - ok
19:14:36.0773 0x1048 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
19:14:37.0433 0x1048 SkypeUpdate - ok
19:14:37.0490 0x1048 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:14:37.0543 0x1048 Smb - ok
19:14:37.0589 0x1048 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:14:37.0595 0x1048 SNMPTRAP - ok
19:14:37.0615 0x1048 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
19:14:37.0631 0x1048 spldr - ok
19:14:37.0668 0x1048 [ 49B6DD6AB3715B7A67965F17194E98A9, 331D69F3630BA978AC13471A2E7465351D04416343A595C62B94BADFFCD02B3A ] Spooler C:\Windows\System32\spoolsv.exe
19:14:37.0686 0x1048 Spooler - ok
19:14:37.0962 0x1048 [ 4C287F9069FEDBD791178876EE9DE536, 6099E76FF6FBA002EBA2BA7BE4E3238D91332E077524D1DD402E0C9ADA22E852 ] sppsvc C:\Windows\system32\sppsvc.exe
19:14:38.0234 0x1048 sppsvc - ok
19:14:38.0320 0x1048 [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7, E7A8A5774C62DC12B56DC3E0A385ACA9069F3A5E6AC664AD0C383EF44DCF81B3 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:14:38.0364 0x1048 sppuinotify - ok
19:14:38.0401 0x1048 [ 2BA4EBC7DFBA845A1EDBE1F75913BE33, 58D0B957469D55026A53C3963508C8B36BDB360A0A5B870332B79A39200DB3AC ] srv C:\Windows\system32\DRIVERS\srv.sys
19:14:38.0422 0x1048 srv - ok
19:14:38.0459 0x1048 [ DCE7E10FEAABD4CAE95948B3DE5340BB, B1E9CD14DC24BB161EFC83D83CE95D0A98008AD790041785C6C8B87564A491D7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:14:38.0481 0x1048 srv2 - ok
19:14:38.0530 0x1048 [ E00FDFAFF025E94F9821153750C35A6D, 6ECDC5F314A29B859B0DCB7FF114CACE0718612556299B16412C21F9539DC9B5 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL3.SYS
19:14:38.0576 0x1048 SrvHsfHDA - ok
19:14:38.0640 0x1048 [ CEB4E3B6890E1E42DCA6694D9E59E1A0, 00D841690A88F1051A238F67AACCE905E8A59C86070F215A8D31FA3E68C6BF35 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV3.SYS
19:14:38.0785 0x1048 SrvHsfV92 - ok
19:14:38.0848 0x1048 [ BC0C7EA89194C299F051C24119000E17, F5FB21F7AD7370F3D5DF7C23F33118ECF19865B995AF12E9A8A8D893E7E6264F ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
19:14:38.0923 0x1048 SrvHsfWinac - ok
19:14:38.0942 0x1048 [ B5665BAA2120B8A54E22E9CD07C05106, 86E50853D412ACDC752AD182ED52B49DD679D75843E1E9D6A6425E750594692C ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:14:38.0946 0x1048 srvnet - ok
19:14:38.0977 0x1048 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:14:38.0989 0x1048 SSDPSRV - ok
19:14:39.0011 0x1048 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:14:39.0018 0x1048 SstpSvc - ok
19:14:39.0061 0x1048 [ 585FDB94DB04AC1C56298D1FD1F1389E, 5CEBAAF3B649E580B3EF2B9B38426D6EE13B244BE1274BA0C0A468EC4CFB680C ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
19:14:39.0122 0x1048 ssudmdm - ok
19:14:39.0192 0x1048 [ 306521935042FC0A6988D528643619B3, 6FCC06EA71F5C83A8C3A8B7152E9FF48BCFBD35ED8C134A0879735F9135BB20C ] StarOpen C:\Windows\system32\drivers\StarOpen.sys
19:14:39.0292 0x1048 StarOpen - ok
19:14:39.0408 0x1048 [ CC7ED069C2FC82B5B1555C2044C765CC, CE43363544A3EE2C5133CD0D47BF34AFAFA4EAD6AC9EB9A772EE55E89D4D89D4 ] Steam Client Service C:\Program Files\Common Files\Steam\SteamService.exe
19:14:39.0673 0x1048 Steam Client Service - ok
19:14:39.0707 0x1048 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:14:39.0746 0x1048 stexstor - ok
19:14:39.0801 0x1048 [ A22825E7BB7018E8AF3E229A5AF17221, 5C97557F8BC6ABBB5BE624AE41AAC22C3D845F76C3E930337A4C07B2381086D7 ] StiSvc C:\Windows\System32\wiaservc.dll
19:14:39.0819 0x1048 StiSvc - ok
19:14:39.0845 0x1048 [ 957E346CA948668F2496A6CCF6FF82CC, 5C0E0F0E0F2D36E3213885C60BC3B075AFD2257FEB4B8186FC1FE253E0C218AF ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
19:14:39.0847 0x1048 storflt - ok
19:14:39.0888 0x1048 [ D5751969DC3E4B88BF482AC8EC9FE019, DAEB50C0045364C75965B0E94744C6E2E1E85C8D00F1E8A5593F3EC780BDD7D9 ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
19:14:39.0922 0x1048 storvsc - ok
19:14:40.0036 0x1048 Sun_Philippines Wave Modem Device Helper - ok
19:14:40.0048 0x1048 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:14:40.0086 0x1048 swenum - ok
19:14:40.0135 0x1048 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
19:14:40.0180 0x1048 swprv - ok
19:14:40.0263 0x1048 [ 04105C8DA62353589C29BDAEB8D88BD8, CC7A3A779A143E09FE5C0AA6795A7B13496C4E121347949CB23F7946EE5E2DED ] SysMain C:\Windows\system32\sysmain.dll
19:14:40.0333 0x1048 SysMain - ok
19:14:40.0384 0x1048 [ FCFB6C552FBC0DA299799CBD50AD9FD4, A2A90829087B1A7F9B57D6F184EB4AE38D10B2986B0DC8D2ACA5EE9412CA3976 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:14:40.0423 0x1048 TabletInputService - ok
19:14:40.0500 0x1048 [ FD90A16CEB10D4FDAA00AAF39B8FF58F, A0471D1AE2704BCFE70C61A83B24B45ED92D71706BEC7D599BB7418BF8B854F1 ] taphss C:\Windows\system32\DRIVERS\taphss.sys
19:14:40.0553 0x1048 taphss - ok
19:14:40.0580 0x1048 [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF, FF66CBA014F3F8B721088F5AB3D004C1711E7F587CC8D4AC3DCFB45CDB746800 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:14:40.0595 0x1048 TapiSrv - ok
19:14:40.0619 0x1048 [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\Windows\System32\tbssvc.dll
19:14:40.0629 0x1048 TBS - ok
19:14:41.0173 0x1048 [ 2CC3D75488ABD3EC628BBB9A4FC84EFC, 62917CDBC6529D1CC3D7F6E211C717DC44033955749333DCBD052F9BF6639767 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:14:41.0230 0x1048 Tcpip - ok
19:14:41.0307 0x1048 [ 2CC3D75488ABD3EC628BBB9A4FC84EFC, 62917CDBC6529D1CC3D7F6E211C717DC44033955749333DCBD052F9BF6639767 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:14:41.0350 0x1048 TCPIP6 - ok
19:14:41.0392 0x1048 [ E64444523ADD154F86567C469BC0B17F, FBE8A1DC28C102068183754F6BF0D03F5D18FD24BEB7E4B57D1CFCEBB13B381F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:14:41.0395 0x1048 tcpipreg - ok
19:14:41.0425 0x1048 [ 1875C1490D99E70E449E3AFAE9FCBADF, FFDF03826DAB748D51B53B648B632E79B3CD6238F684FDEA749B4D0F93BE5A77 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:14:41.0454 0x1048 TDPIPE - ok
19:14:41.0472 0x1048 [ 7551E91EA999EE9A8E9C331D5A9C31F3, C98C97DFD6C7276CD999545A7BC67B56E1BDDFB2886412E9198012322F95A10D ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:14:41.0507 0x1048 TDTCP - ok
19:14:41.0540 0x1048 [ CB39E896A2A83702D1737BFD402B3542, FA77D98EA3606CA2FCEF0E0949FDE2C32A080B47CAFDE46CE903CA3CBFC5DF35 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:14:41.0575 0x1048 tdx - ok
19:14:41.0598 0x1048 [ C36F41EE20E6999DBF4B0425963268A5, 9DB789A17DF2C283D6E803EEA15F2BDFC56EE3BE342A5606DD5C179C3550ECA6 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:14:41.0621 0x1048 TermDD - ok
19:14:41.0689 0x1048 [ A01E50A04D7B1960B33E92B9080E6A94, 0512BF11F2FD62BDBD2B1AA34D509BE82AC374C37B925C8C0ED119C6331930FD ] TermService C:\Windows\System32\termsrv.dll
19:14:41.0746 0x1048 TermService - ok
19:14:41.0768 0x1048 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
19:14:41.0774 0x1048 Themes - ok
19:14:41.0797 0x1048 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
19:14:41.0802 0x1048 THREADORDER - ok
19:14:41.0823 0x1048 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
19:14:41.0830 0x1048 TrkWks - ok
19:14:41.0877 0x1048 [ 41A4C781D2286208D397D72099304133, 447CAAD5589AA499EEE49FBA2CB53210359DB76AFF1DF2F0BD4D92A397037C1D ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:14:41.0936 0x1048 TrustedInstaller - ok
19:14:41.0964 0x1048 [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242, 9606DACB8CBDAF520282BE8C8F064535767405F138D9E9A215D2C59183E93CC1 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:14:41.0998 0x1048 tssecsrv - ok
19:14:42.0034 0x1048 [ 3E461D890A97F9D4C168F5FDA36E1D00, 82A8778F404F7AC5102802CF46F279F1E58AC74244665D06FD0C68A8BD887536 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:14:42.0073 0x1048 tunnel - ok
19:14:42.0093 0x1048 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:14:42.0128 0x1048 uagp35 - ok
19:14:42.0166 0x1048 [ 09CC3E16F8E5EE7168E01CF8FCBE061A, 81EEAC72A7C4D72666C743DEFF8096FDB465AA1FA8076C60D19CC192846F01CA ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:14:42.0220 0x1048 udfs - ok
19:14:42.0337 0x1048 [ BDFC75512F7D8124DD7601734D73FB82, 9405411208C9006FB73EFA12355CFA613EAF89585C4D256F68B1579B994A5D9D ] UI Assistant Service C:\Program Files\ZTE Connection Manager\AssistantServices.exe
19:14:42.0346 0x1048 UI Assistant Service - ok
19:14:42.0378 0x1048 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:14:42.0437 0x1048 UI0Detect - ok
19:14:42.0467 0x1048 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
19:14:42.0520 0x1048 uliagpkx - ok
19:14:42.0564 0x1048 [ 049B3A50B3D646BAEEEE9EEC9B0668DC, 5774438BBD0976424C20559E14BA2AC158D9FF5D4E1FDC1C9C9F4D7A5CE8C377 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:14:42.0612 0x1048 umbus - ok
19:14:42.0639 0x1048 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:14:42.0693 0x1048 UmPass - ok
19:14:42.0789 0x1048 [ 8ECACA5454844F66386F7BE4AE0D7CD1, F3B02A9F598C6A9EFA019F5833959DD1A86FDFDB9FDDF99A8687BBB6211AAD00 ] UmRdpService C:\Windows\System32\umrdp.dll
19:14:42.0834 0x1048 UmRdpService - ok
19:14:42.0879 0x1048 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
19:14:42.0913 0x1048 upnphost - ok
19:14:42.0987 0x1048 [ 2436A42AAB4AD48A9B714E5B0F344627, A4DE6863BEFDC8DE7C43644F60CFD4182BE300B1EF4F3F86647218C32F745789 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:14:43.0052 0x1048 usbaudio - ok
19:14:43.0080 0x1048 [ 8455C4ED038EFD09E99327F9D2D48FFA, D166F98EA3D85F7DD6B5258949C186714A17EF89B6FDC9804165F7B4FA811C30 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:14:43.0133 0x1048 usbccgp - ok
19:14:43.0163 0x1048 [ 04EC7CEC62EC3B6D9354EEE93327FC82, 6CB41D8644618A5F701F6CA91FB65BB94AA83EA48992133B5262DC539B334B2E ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
19:14:43.0219 0x1048 usbcir - ok
19:14:43.0253 0x1048 [ 1C333BFD60F2FED2C7AD5DAF533CB742, 97AE9CA39482B886FCD063E80B8AB153E1FC1459452657393D8B1745EF69E1C3 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:14:43.0306 0x1048 usbehci - ok
19:14:43.0356 0x1048 [ EE6EF93CCFA94FAE8C6AB298273D8AE2, CBEE16CEAD02E994F0C2AD77DD8C01CB9964C6B42DE49FF7A787849CD25767B4 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:14:43.0426 0x1048 usbhub - ok
19:14:43.0446 0x1048 [ A6FB7957EA7AFB1165991E54CE934B74, 1CE83D9E3276AE380F720C7700A17D58A37A2A77FD72DA69EE0C756B88DB3689 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
19:14:43.0499 0x1048 usbohci - ok
19:14:43.0530 0x1048 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:14:43.0594 0x1048 usbprint - ok
19:14:43.0644 0x1048 [ 576096CCBC07E7C4EA4F5E6686D6888F, 8C643F43BD0017979548389C4DB36A1EE872CCF19C86FAE3752A4989173E28ED ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:14:43.0681 0x1048 usbscan - ok
19:14:43.0724 0x1048 [ D8889D56E0D27E57ED4591837FE71D27, DB1B65EEBFB036086EC3347C1181D9D01FF65870EAEC4A1BA08AF43C35075647 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:14:43.0762 0x1048 USBSTOR - ok
19:14:43.0781 0x1048 [ 78780C3EBCE17405B1CCD07A3A8A7D72, FBFF3111E22EE0B4BCAFA81F89AAE985135BFF48EEFD130C09B49CCF8A9946B9 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:14:43.0826 0x1048 usbuhci - ok
19:14:43.0875 0x1048 [ F642A7E4BF78CFA359CCA0A3557C28D7, 12F1ABDD5C871147AFC682BCEF099F319A4F542AC3F0B647D7A5DFE63EDAE061 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
19:14:43.0934 0x1048 usbvideo - ok
19:14:43.0968 0x1048 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
19:14:43.0974 0x1048 UxSms - ok
19:14:43.0989 0x1048 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] VaultSvc C:\Windows\system32\lsass.exe
19:14:43.0993 0x1048 VaultSvc - ok
19:14:44.0030 0x1048 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
19:14:44.0032 0x1048 vdrvroot - ok
19:14:44.0076 0x1048 [ 8C4E7C49D3641BC9E299E466A7F8867D, 4F2E742EFE2DE47EE187B3BCDFDCB525FE484B74700A226D7894F9633F957AFA ] vds C:\Windows\System32\vds.exe
19:14:44.0158 0x1048 vds - ok
19:14:44.0179 0x1048 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:14:44.0209 0x1048 vga - ok
19:14:44.0230 0x1048 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys
19:14:44.0260 0x1048 VgaSave - ok
19:14:44.0286 0x1048 [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583, 33DF8F7C9A3176175113CA10D69FAF17A5412C055943F14DDC9923531FADB82D ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
19:14:44.0336 0x1048 vhdmp - ok
19:14:44.0432 0x1048 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\DRIVERS\viaagp.sys
19:14:44.0479 0x1048 viaagp - ok
19:14:44.0496 0x1048 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
19:14:44.0534 0x1048 ViaC7 - ok
19:14:44.0557 0x1048 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
19:14:44.0615 0x1048 viaide - ok
19:14:44.0660 0x1048 [ 379B349F65F453D2A6E75EA6B7448E49, F52B1B3AE9F5D38B45C889A7B1EBE59533C17E73678D355D1466B5EF3338BF16 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
19:14:44.0742 0x1048 vmbus - ok
19:14:44.0844 0x1048 [ EC2BBAB4B84D0738C6C83D2234DC36FE, 8BA2FA187DAC6994D5A29897AE5F46E6424FB53C827553E0BB148E31825D6676 ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
19:14:44.0923 0x1048 VMBusHID - ok
19:14:45.0083 0x1048 [ 384E5A2AA49934295171E499F86BA6F3, C79271F98506392422325C075144F45436F9979FE1E002B57F9426F3DA96CEF0 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
19:14:45.0091 0x1048 volmgr - ok
19:14:45.0133 0x1048 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:14:45.0142 0x1048 volmgrx - ok
19:14:45.0167 0x1048 [ 58DF9D2481A56EDDE167E51B334D44FD, C77D7BE83CF1C0DEC80429C5A519E794FD2E8C1E6DAD6F5C92B5EB5694CEB8EA ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
19:14:45.0175 0x1048 volsnap - ok
19:14:45.0226 0x1048 [ 63EF70B7BFB875436D5983E3C77F0681, D0C9A7D42393DEFF33507D4A7ECC207D7CB071D78404B70398A0480C121708AB ] vpcbus C:\Windows\system32\DRIVERS\vpchbus.sys
19:14:45.0275 0x1048 vpcbus - ok
19:14:45.0314 0x1048 [ 2559494DC74877AFCE97C6F75E4B7020, D5B74A2E076427D9F41C81E98AD1AA934A3B749B3C7D4EEA750CB02DAA3A3FDA ] vpcnfltr C:\Windows\system32\DRIVERS\vpcnfltr.sys
19:14:45.0356 0x1048 vpcnfltr - ok
19:14:45.0375 0x1048 [ AC0ADAD2AD5A166100CF59FB9A7880B7, D47B1C57F61BC18BE85F3D276ABA936CCF354C03994622710498EE1B440E4698 ] vpcusb C:\Windows\system32\DRIVERS\vpcusb.sys
19:14:45.0417 0x1048 vpcusb - ok
19:14:45.0451 0x1048 [ 7A806CC4416FE9B1B9C091E31BC638BC, 5F98E6B9285267B2C16DC8E61D6827F787FF44EDA085493E1F68305396EBB675 ] vpcvmm C:\Windows\system32\drivers\vpcvmm.sys
19:14:45.0474 0x1048 vpcvmm - ok
19:14:45.0514 0x1048 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:14:45.0575 0x1048 vsmraid - ok
19:14:45.0662 0x1048 [ 7EA2BCD94D9CFAF4C556F5CC94532A6C, 7CD6637BE0A08E3B0F9991D79751DCA8AEC9224B83301821DAA29C9F42B7A9E3 ] VSS C:\Windows\system32\vssvc.exe
19:14:45.0846 0x1048 VSS - ok
19:14:45.0888 0x1048 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
19:14:45.0982 0x1048 vwifibus - ok
19:14:46.0034 0x1048 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll
19:14:46.0122 0x1048 W32Time - ok
19:14:46.0269 0x1048 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:14:46.0311 0x1048 WacomPen - ok
19:14:46.0352 0x1048 [ 692A712062146E96D28BA0B7D75DE31B, B6D260272330E0C8EBFAD8F09212F48F1EFED42E6BD3F29A5780D0B691D55B34 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:14:46.0394 0x1048 WANARP - ok
19:14:46.0403 0x1048 [ 692A712062146E96D28BA0B7D75DE31B, B6D260272330E0C8EBFAD8F09212F48F1EFED42E6BD3F29A5780D0B691D55B34 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:14:46.0407 0x1048 Wanarpv6 - ok
19:14:46.0514 0x1048 [ 7790B77FE1E5EE47DCC66247095BB4C9, FFB541F83CDE32E65007D41217C2F46CDDF68121E2846B638EAB620ACA940B05 ] wbengine C:\Windows\system32\wbengine.exe
19:14:46.0712 0x1048 wbengine - ok
19:14:46.0787 0x1048 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:14:46.0847 0x1048 WbioSrvc - ok
19:14:46.0901 0x1048 [ D0F88AA11EE1A62BCC6D6A8A7783CA11, 3DBC1806E6F8CD58A9E93EA2A0CDC83C1A90E37B5E385209E4D9A0C81922F447 ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:14:47.0008 0x1048 wcncsvc - ok
19:14:47.0033 0x1048 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:14:47.0063 0x1048 WcsPlugInService - ok
19:14:47.0088 0x1048 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:14:47.0123 0x1048 Wd - ok
19:14:47.0160 0x1048 [ 9950E3D0F08141C7E89E64456AE7DC73, DE4B96812B305A63F5874BBF2DC40354FB45B3D96C1D33436E677099760BA448 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:14:47.0173 0x1048 Wdf01000 - ok
19:14:47.0193 0x1048 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:14:47.0201 0x1048 WdiServiceHost - ok
19:14:47.0209 0x1048 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:14:47.0216 0x1048 WdiSystemHost - ok
-continue-
HITAKU
Posts: 18 +0
19:14:47.0249 0x1048 [ D87C7D2C517F82A5AB7A73E203063D9E, 8861AB4ECEDAE801008BE0406FCB19418AA2864E89D0776B94E25773E6DB5E88 ] WebClient C:\Windows\System32\webclnt.dll
19:14:47.0283 0x1048 WebClient - ok
19:14:47.0314 0x1048 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:14:47.0349 0x1048 Wecsvc - ok
19:14:47.0374 0x1048 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:14:47.0383 0x1048 wercplsupport - ok
19:14:47.0409 0x1048 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll
19:14:47.0417 0x1048 WerSvc - ok
19:14:47.0457 0x1048 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:14:47.0493 0x1048 WfpLwf - ok
19:14:47.0523 0x1048 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:14:47.0557 0x1048 WIMMount - ok
19:14:47.0637 0x1048 [ 3FAE8F94296001C32EAB62CD7D82E0FD, 180FAECC426CF8F46700C855022E5865D528B1A20686F96D11080AB2FE2E0430 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
19:14:47.0696 0x1048 WinDefend - ok
19:14:47.0724 0x1048 WinHttpAutoProxySvc - ok
19:14:47.0798 0x1048 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:14:47.0805 0x1048 Winmgmt - ok
19:14:47.0903 0x1048 [ C4F5D3901D1B41D602DDC196E0B95B51, 20FF2A9DEE3ECBFB163DFA62A407E30ED49F609EF46936F286C2A08A24EA3E7C ] WinRM C:\Windows\system32\WsmSvc.dll
19:14:48.0027 0x1048 WinRM - ok
19:14:48.0096 0x1048 [ 30FC6E5448D0CBAAA95280EEEF7FEDAE, 04374450882504D9031951F4E9317E5A128EBA5A22A3555ACD28BC742861AF9C ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:14:48.0133 0x1048 WinUsb - ok
19:14:48.0205 0x1048 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:14:48.0269 0x1048 Wlansvc - ok
19:14:48.0313 0x1048 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
19:14:48.0314 0x1048 WmiAcpi - ok
19:14:48.0347 0x1048 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:14:48.0398 0x1048 wmiApSrv - ok
19:14:48.0505 0x1048 [ 77FBD400984CF72BA0FC4B3489D65F74, 9AA404F17177FEB43A9EA1A86061B452E7C4A93C873E61B68269047519CD433E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
19:14:48.0574 0x1048 WMPNetworkSvc - ok
19:14:48.0611 0x1048 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:14:48.0634 0x1048 WPCSvc - ok
19:14:48.0656 0x1048 [ B7F658A2EBC07129538AD9AB35212637, 86774A760189E4B126C972A778F890C00C1C30EDD28044DD43B40644A8778B4D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:14:48.0665 0x1048 WPDBusEnum - ok
19:14:48.0693 0x1048 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:14:48.0728 0x1048 ws2ifsl - ok
19:14:48.0746 0x1048 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\system32\wscsvc.dll
19:14:48.0754 0x1048 wscsvc - ok
19:14:48.0763 0x1048 WSearch - ok
19:14:48.0885 0x1048 [ A33408CC036F9C08142B11BE5E93F0A1, A6CE3681EE4DE3C9A8B8B5DA4E8E46DB4443A32D1339F7D0893F1F2153635D86 ] wuauserv C:\Windows\system32\wuaueng.dll
19:14:49.0005 0x1048 wuauserv - ok
19:14:49.0088 0x1048 [ 6F9B6C0C93232CFF47D0F72D6DB1D21E, C685A458951820ED0F09E6197251CE6FC55AAB75D4FBEFF2992805309239A47A ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:14:49.0103 0x1048 WudfPf - ok
19:14:49.0125 0x1048 [ F91FF1E51FCA30B3C3981DB7D5924252, D7052B58F22638CA8B59C6FD7408D6D6DD1C33910912CACC05C133472CE0DDCE ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:14:49.0148 0x1048 WUDFRd - ok
19:14:49.0171 0x1048 [ DDEE3682FE97037C45F4D7AB467CB8B6, D5A8F07AF4EDD9D7E17FEC6222D187E2981C177A479511E407756E0E5CB8D387 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:14:49.0187 0x1048 wudfsvc - ok
19:14:49.0220 0x1048 [ FF2D745B560F7C71B31F30F4D49F73D2, B2FBF7E5F58E34AC64FE6CF65800F1F07939279203BDE89375FAC92B884A4F37 ] WwanSvc C:\Windows\System32\wwansvc.dll
19:14:49.0271 0x1048 WwanSvc - ok
19:14:49.0357 0x1048 [ B53430A93FEF17B08AC3A9F245B9720F, D860214ABA4282515801AB4FFA119584C0C64CF31471F423E44EBB2C3101472C ] ZSMC303 C:\Windows\system32\Drivers\usbVM303.sys
19:14:49.0441 0x1048 ZSMC303 - ok
19:14:49.0504 0x1048 [ 3862318F85BE7A91957ADA5E814ED58C, 28EC5D2A5892DA27796632034ED93B898363BBBFEFBE3B70EBDBFE7F917921E8 ] ZTEusbmdm6k C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
19:14:49.0584 0x1048 ZTEusbmdm6k - ok
19:14:49.0618 0x1048 [ 3862318F85BE7A91957ADA5E814ED58C, 28EC5D2A5892DA27796632034ED93B898363BBBFEFBE3B70EBDBFE7F917921E8 ] ZTEusbnmea C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
19:14:49.0671 0x1048 ZTEusbnmea - ok
19:14:49.0700 0x1048 [ 3862318F85BE7A91957ADA5E814ED58C, 28EC5D2A5892DA27796632034ED93B898363BBBFEFBE3B70EBDBFE7F917921E8 ] ZTEusbser6k C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
19:14:49.0768 0x1048 ZTEusbser6k - ok
19:14:49.0820 0x1048 ================ Scan global ===============================
19:14:49.0852 0x1048 [ 9A595DF601070DA78C40481120DD2C06, 4C2D6216F212DE9346339ED29152962A39E4435E70F18DD655156727E70818F6 ] C:\Windows\system32\basesrv.dll
19:14:49.0893 0x1048 [ 827E4F75901CA3F990B1487D3301841E, A0B17C83D52DB95EDBA81C6ABD78E5E4E3BB65CB57F977B07172A96D4C2B743B ] C:\Windows\system32\winsrv.dll
19:14:49.0929 0x1048 [ 827E4F75901CA3F990B1487D3301841E, A0B17C83D52DB95EDBA81C6ABD78E5E4E3BB65CB57F977B07172A96D4C2B743B ] C:\Windows\system32\winsrv.dll
19:14:49.0966 0x1048 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
19:14:50.0026 0x1048 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
19:14:50.0047 0x1048 [ Global ] - ok
19:14:50.0049 0x1048 ================ Scan MBR ==================================
19:14:50.0067 0x1048 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:14:50.0265 0x1048 \Device\Harddisk0\DR0 - ok
19:14:50.0266 0x1048 ================ Scan VBR ==================================
19:14:50.0270 0x1048 [ 32D53C37DC3458A4D221C52F3ECF767B ] \Device\Harddisk0\DR0\Partition1
19:14:50.0314 0x1048 \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
19:14:50.0314 0x1048 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
19:14:53.0358 0x1048 [ EFD3A4BB27D1B780477D88DD9DE51C4A ] \Device\Harddisk0\DR0\Partition2
19:14:53.0361 0x1048 \Device\Harddisk0\DR0\Partition2 - ok
19:14:53.0362 0x1048 ================ Scan generic autorun ======================
19:14:53.0420 0x1048 [ BD4BCA17C9CF5A93F06934B158DEA801, 30253692D381E24E4029470B1A34101F6A63AC446525A1F4628FFEC855906254 ] C:\Program Files\Razer\Razer Cortex\RazerCortex.exe
19:14:53.0424 0x1048 RazerCortex - ok
19:14:53.0693 0x1048 [ 7E713E2ED0226EA82E97A630684115BE, C99F83CF01E7926DE8D2FBCDFA9565D2BCC2D156976458367AEBDB3B327FB849 ] C:\Program Files\AVG\AVG2015\avgui.exe
19:14:53.0861 0x1048 AVG_UI - ok
19:14:54.0769 0x1048 [ F4C796C55570F012BFDD70CD218DEDF3, 2FCCB52FA9A855861DB8346755AEA7CAD75561E924EA0D475B6950C5BBAA7D4C ] C:\Program Files\Garena Plus\GarenaMessenger.exe
19:14:55.0257 0x1048 GarenaPlus - ok
19:14:55.0432 0x1048 [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files\Windows Sidebar\Sidebar.exe
19:14:55.0495 0x1048 Sidebar - ok
19:14:55.0527 0x1048 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
19:14:55.0584 0x1048 mctadmin - ok
19:14:55.0588 0x1048 Waiting for KSN requests completion. In queue: 5
19:14:56.0589 0x1048 Waiting for KSN requests completion. In queue: 5
19:14:57.0589 0x1048 Waiting for KSN requests completion. In queue: 5
19:14:58.0589 0x1048 Waiting for KSN requests completion. In queue: 5
19:14:59.0825 0x1048 AV detected via SS2: AVG AntiVirus Free Edition 2015, C:\Program Files\AVG\AVG2015\avgwsc.exe ( 15.0.0.5645 ), 0x41000 ( enabled : updated )
19:14:59.0840 0x1048 Win FW state via NFP2: enabled
19:15:14.0957 0x1048 ============================================================
19:15:14.0957 0x1048 Scan finished
19:15:14.0957 0x1048 ============================================================
19:15:14.0980 0x0278 Detected object count: 1
19:15:14.0980 0x0278 Actual detected object count: 1
19:19:33.0228 0x0278 \Device\Harddisk0\DR0\Partition1 - copied to quarantine
19:19:33.0319 0x0278 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - will be cured on reboot
19:19:33.0360 0x0278 \Device\Harddisk0\DR0\Partition1 - ok
19:19:33.0360 0x0278 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Cure
19:19:34.0809 0x0278 KLMD registered as C:\Windows\system32\drivers\43928678.sys
19:19:56.0502 0x1560 Deinitialize success
_end_
19:14:47.0283 0x1048 WebClient - ok
19:14:47.0314 0x1048 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:14:47.0349 0x1048 Wecsvc - ok
19:14:47.0374 0x1048 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:14:47.0383 0x1048 wercplsupport - ok
19:14:47.0409 0x1048 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll
19:14:47.0417 0x1048 WerSvc - ok
19:14:47.0457 0x1048 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:14:47.0493 0x1048 WfpLwf - ok
19:14:47.0523 0x1048 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:14:47.0557 0x1048 WIMMount - ok
19:14:47.0637 0x1048 [ 3FAE8F94296001C32EAB62CD7D82E0FD, 180FAECC426CF8F46700C855022E5865D528B1A20686F96D11080AB2FE2E0430 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
19:14:47.0696 0x1048 WinDefend - ok
19:14:47.0724 0x1048 WinHttpAutoProxySvc - ok
19:14:47.0798 0x1048 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:14:47.0805 0x1048 Winmgmt - ok
19:14:47.0903 0x1048 [ C4F5D3901D1B41D602DDC196E0B95B51, 20FF2A9DEE3ECBFB163DFA62A407E30ED49F609EF46936F286C2A08A24EA3E7C ] WinRM C:\Windows\system32\WsmSvc.dll
19:14:48.0027 0x1048 WinRM - ok
19:14:48.0096 0x1048 [ 30FC6E5448D0CBAAA95280EEEF7FEDAE, 04374450882504D9031951F4E9317E5A128EBA5A22A3555ACD28BC742861AF9C ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:14:48.0133 0x1048 WinUsb - ok
19:14:48.0205 0x1048 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:14:48.0269 0x1048 Wlansvc - ok
19:14:48.0313 0x1048 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
19:14:48.0314 0x1048 WmiAcpi - ok
19:14:48.0347 0x1048 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:14:48.0398 0x1048 wmiApSrv - ok
19:14:48.0505 0x1048 [ 77FBD400984CF72BA0FC4B3489D65F74, 9AA404F17177FEB43A9EA1A86061B452E7C4A93C873E61B68269047519CD433E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
19:14:48.0574 0x1048 WMPNetworkSvc - ok
19:14:48.0611 0x1048 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:14:48.0634 0x1048 WPCSvc - ok
19:14:48.0656 0x1048 [ B7F658A2EBC07129538AD9AB35212637, 86774A760189E4B126C972A778F890C00C1C30EDD28044DD43B40644A8778B4D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:14:48.0665 0x1048 WPDBusEnum - ok
19:14:48.0693 0x1048 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:14:48.0728 0x1048 ws2ifsl - ok
19:14:48.0746 0x1048 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\system32\wscsvc.dll
19:14:48.0754 0x1048 wscsvc - ok
19:14:48.0763 0x1048 WSearch - ok
19:14:48.0885 0x1048 [ A33408CC036F9C08142B11BE5E93F0A1, A6CE3681EE4DE3C9A8B8B5DA4E8E46DB4443A32D1339F7D0893F1F2153635D86 ] wuauserv C:\Windows\system32\wuaueng.dll
19:14:49.0005 0x1048 wuauserv - ok
19:14:49.0088 0x1048 [ 6F9B6C0C93232CFF47D0F72D6DB1D21E, C685A458951820ED0F09E6197251CE6FC55AAB75D4FBEFF2992805309239A47A ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:14:49.0103 0x1048 WudfPf - ok
19:14:49.0125 0x1048 [ F91FF1E51FCA30B3C3981DB7D5924252, D7052B58F22638CA8B59C6FD7408D6D6DD1C33910912CACC05C133472CE0DDCE ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:14:49.0148 0x1048 WUDFRd - ok
19:14:49.0171 0x1048 [ DDEE3682FE97037C45F4D7AB467CB8B6, D5A8F07AF4EDD9D7E17FEC6222D187E2981C177A479511E407756E0E5CB8D387 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:14:49.0187 0x1048 wudfsvc - ok
19:14:49.0220 0x1048 [ FF2D745B560F7C71B31F30F4D49F73D2, B2FBF7E5F58E34AC64FE6CF65800F1F07939279203BDE89375FAC92B884A4F37 ] WwanSvc C:\Windows\System32\wwansvc.dll
19:14:49.0271 0x1048 WwanSvc - ok
19:14:49.0357 0x1048 [ B53430A93FEF17B08AC3A9F245B9720F, D860214ABA4282515801AB4FFA119584C0C64CF31471F423E44EBB2C3101472C ] ZSMC303 C:\Windows\system32\Drivers\usbVM303.sys
19:14:49.0441 0x1048 ZSMC303 - ok
19:14:49.0504 0x1048 [ 3862318F85BE7A91957ADA5E814ED58C, 28EC5D2A5892DA27796632034ED93B898363BBBFEFBE3B70EBDBFE7F917921E8 ] ZTEusbmdm6k C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
19:14:49.0584 0x1048 ZTEusbmdm6k - ok
19:14:49.0618 0x1048 [ 3862318F85BE7A91957ADA5E814ED58C, 28EC5D2A5892DA27796632034ED93B898363BBBFEFBE3B70EBDBFE7F917921E8 ] ZTEusbnmea C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
19:14:49.0671 0x1048 ZTEusbnmea - ok
19:14:49.0700 0x1048 [ 3862318F85BE7A91957ADA5E814ED58C, 28EC5D2A5892DA27796632034ED93B898363BBBFEFBE3B70EBDBFE7F917921E8 ] ZTEusbser6k C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
19:14:49.0768 0x1048 ZTEusbser6k - ok
19:14:49.0820 0x1048 ================ Scan global ===============================
19:14:49.0852 0x1048 [ 9A595DF601070DA78C40481120DD2C06, 4C2D6216F212DE9346339ED29152962A39E4435E70F18DD655156727E70818F6 ] C:\Windows\system32\basesrv.dll
19:14:49.0893 0x1048 [ 827E4F75901CA3F990B1487D3301841E, A0B17C83D52DB95EDBA81C6ABD78E5E4E3BB65CB57F977B07172A96D4C2B743B ] C:\Windows\system32\winsrv.dll
19:14:49.0929 0x1048 [ 827E4F75901CA3F990B1487D3301841E, A0B17C83D52DB95EDBA81C6ABD78E5E4E3BB65CB57F977B07172A96D4C2B743B ] C:\Windows\system32\winsrv.dll
19:14:49.0966 0x1048 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
19:14:50.0026 0x1048 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
19:14:50.0047 0x1048 [ Global ] - ok
19:14:50.0049 0x1048 ================ Scan MBR ==================================
19:14:50.0067 0x1048 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:14:50.0265 0x1048 \Device\Harddisk0\DR0 - ok
19:14:50.0266 0x1048 ================ Scan VBR ==================================
19:14:50.0270 0x1048 [ 32D53C37DC3458A4D221C52F3ECF767B ] \Device\Harddisk0\DR0\Partition1
19:14:50.0314 0x1048 \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
19:14:50.0314 0x1048 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
19:14:53.0358 0x1048 [ EFD3A4BB27D1B780477D88DD9DE51C4A ] \Device\Harddisk0\DR0\Partition2
19:14:53.0361 0x1048 \Device\Harddisk0\DR0\Partition2 - ok
19:14:53.0362 0x1048 ================ Scan generic autorun ======================
19:14:53.0420 0x1048 [ BD4BCA17C9CF5A93F06934B158DEA801, 30253692D381E24E4029470B1A34101F6A63AC446525A1F4628FFEC855906254 ] C:\Program Files\Razer\Razer Cortex\RazerCortex.exe
19:14:53.0424 0x1048 RazerCortex - ok
19:14:53.0693 0x1048 [ 7E713E2ED0226EA82E97A630684115BE, C99F83CF01E7926DE8D2FBCDFA9565D2BCC2D156976458367AEBDB3B327FB849 ] C:\Program Files\AVG\AVG2015\avgui.exe
19:14:53.0861 0x1048 AVG_UI - ok
19:14:54.0769 0x1048 [ F4C796C55570F012BFDD70CD218DEDF3, 2FCCB52FA9A855861DB8346755AEA7CAD75561E924EA0D475B6950C5BBAA7D4C ] C:\Program Files\Garena Plus\GarenaMessenger.exe
19:14:55.0257 0x1048 GarenaPlus - ok
19:14:55.0432 0x1048 [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files\Windows Sidebar\Sidebar.exe
19:14:55.0495 0x1048 Sidebar - ok
19:14:55.0527 0x1048 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
19:14:55.0584 0x1048 mctadmin - ok
19:14:55.0588 0x1048 Waiting for KSN requests completion. In queue: 5
19:14:56.0589 0x1048 Waiting for KSN requests completion. In queue: 5
19:14:57.0589 0x1048 Waiting for KSN requests completion. In queue: 5
19:14:58.0589 0x1048 Waiting for KSN requests completion. In queue: 5
19:14:59.0825 0x1048 AV detected via SS2: AVG AntiVirus Free Edition 2015, C:\Program Files\AVG\AVG2015\avgwsc.exe ( 15.0.0.5645 ), 0x41000 ( enabled : updated )
19:14:59.0840 0x1048 Win FW state via NFP2: enabled
19:15:14.0957 0x1048 ============================================================
19:15:14.0957 0x1048 Scan finished
19:15:14.0957 0x1048 ============================================================
19:15:14.0980 0x0278 Detected object count: 1
19:15:14.0980 0x0278 Actual detected object count: 1
19:19:33.0228 0x0278 \Device\Harddisk0\DR0\Partition1 - copied to quarantine
19:19:33.0319 0x0278 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - will be cured on reboot
19:19:33.0360 0x0278 \Device\Harddisk0\DR0\Partition1 - ok
19:19:33.0360 0x0278 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Cure
19:19:34.0809 0x0278 KLMD registered as C:\Windows\system32\drivers\43928678.sys
19:19:56.0502 0x1560 Deinitialize success
_end_
HITAKU
Posts: 18 +0
The one I post is this name "TDSSKiller.3.0.0.42_08.01.2015_19.13.35_log" and I saw another one name "TDSSKiller.3.0.0.42_08.01.2015_19.23.29_log".
here's what it says:
19:23:29.0169 0x0eac TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
19:23:31.0175 0x0eac ============================================================
19:23:31.0175 0x0eac Current date / time: 2015/01/08 19:23:31.0175
19:23:31.0175 0x0eac SystemInfo:
19:23:31.0175 0x0eac
19:23:31.0175 0x0eac OS Version: 6.1.7600 ServicePack: 0.0
19:23:31.0175 0x0eac Product type: Workstation
19:23:31.0175 0x0eac ComputerName: OLIVE-PC
19:23:31.0175 0x0eac UserName: olive
19:23:31.0175 0x0eac Windows directory: C:\Windows
19:23:31.0175 0x0eac System windows directory: C:\Windows
19:23:31.0175 0x0eac Processor architecture: Intel x86
19:23:31.0175 0x0eac Number of processors: 2
19:23:31.0175 0x0eac Page size: 0x1000
19:23:31.0175 0x0eac Boot type: Normal boot
19:23:31.0176 0x0eac ============================================================
19:23:31.0178 0x0eac BG loaded
19:23:38.0872 0x0eac System UUID: {C8CBF445-03A0-52DC-9B0F-1FB9B98FC570}
19:23:43.0034 0x0eac Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:23:43.0040 0x0eac ============================================================
19:23:43.0040 0x0eac \Device\Harddisk0\DR0:
19:23:43.0041 0x0eac MBR partitions:
19:23:43.0041 0x0eac \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:23:43.0041 0x0eac \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61000
19:23:43.0041 0x0eac ============================================================
19:23:43.0256 0x0eac C: <-> \Device\Harddisk0\DR0\Partition2
19:23:43.0257 0x0eac ============================================================
19:23:43.0257 0x0eac Initialize success
19:23:43.0257 0x0eac ============================================================
19:47:12.0247 0x0e8c Deinitialize success
here's what it says:
19:23:29.0169 0x0eac TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
19:23:31.0175 0x0eac ============================================================
19:23:31.0175 0x0eac Current date / time: 2015/01/08 19:23:31.0175
19:23:31.0175 0x0eac SystemInfo:
19:23:31.0175 0x0eac
19:23:31.0175 0x0eac OS Version: 6.1.7600 ServicePack: 0.0
19:23:31.0175 0x0eac Product type: Workstation
19:23:31.0175 0x0eac ComputerName: OLIVE-PC
19:23:31.0175 0x0eac UserName: olive
19:23:31.0175 0x0eac Windows directory: C:\Windows
19:23:31.0175 0x0eac System windows directory: C:\Windows
19:23:31.0175 0x0eac Processor architecture: Intel x86
19:23:31.0175 0x0eac Number of processors: 2
19:23:31.0175 0x0eac Page size: 0x1000
19:23:31.0175 0x0eac Boot type: Normal boot
19:23:31.0176 0x0eac ============================================================
19:23:31.0178 0x0eac BG loaded
19:23:38.0872 0x0eac System UUID: {C8CBF445-03A0-52DC-9B0F-1FB9B98FC570}
19:23:43.0034 0x0eac Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:23:43.0040 0x0eac ============================================================
19:23:43.0040 0x0eac \Device\Harddisk0\DR0:
19:23:43.0041 0x0eac MBR partitions:
19:23:43.0041 0x0eac \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:23:43.0041 0x0eac \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61000
19:23:43.0041 0x0eac ============================================================
19:23:43.0256 0x0eac C: <-> \Device\Harddisk0\DR0\Partition2
19:23:43.0257 0x0eac ============================================================
19:23:43.0257 0x0eac Initialize success
19:23:43.0257 0x0eac ============================================================
19:47:12.0247 0x0e8c Deinitialize success
HITAKU
Posts: 18 +0
Im sorry for the delay lost my internet of a few days.
I found the second txt. names attach.txt. is that it? and wait for TDSS killer or DDS
here's what it written inside.
IF TDSS its above the last comment I made because TDSS makes only one txt.
for DDS the attach.txt I have the log
ATTACH.TXT:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 5/3/2012 12:41:07 AM
System Uptime: 1/6/2015 5:06:53 PM (9 hours ago)
.
Motherboard: Hewlett-Packard | | 30D9
Processor: Intel(R) Pentium(R) Dual CPU T2330 @ 1.60GHz | CPU | 1600/533mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 112 GiB total, 9.725 GiB free.
E: is CDROM ()
H: is Removable
J: is FIXED (NTFS) - 298 GiB total, 2.793 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Teredo Tunneling Adapter
Device ID: ROOT\*TEREDO\0000
Manufacturer: Microsoft
Name: Teredo Tunneling Pseudo-Interface
PNP Device ID: ROOT\*TEREDO\0000
Service: tunnel
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Image File Execution Options =============
.
.
==== Installed Programs ======================
.
.
==== End Of File ===========================
I found the second txt. names attach.txt. is that it? and wait for TDSS killer or DDS
here's what it written inside.
IF TDSS its above the last comment I made because TDSS makes only one txt.
for DDS the attach.txt I have the log
ATTACH.TXT:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 5/3/2012 12:41:07 AM
System Uptime: 1/6/2015 5:06:53 PM (9 hours ago)
.
Motherboard: Hewlett-Packard | | 30D9
Processor: Intel(R) Pentium(R) Dual CPU T2330 @ 1.60GHz | CPU | 1600/533mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 112 GiB total, 9.725 GiB free.
E: is CDROM ()
H: is Removable
J: is FIXED (NTFS) - 298 GiB total, 2.793 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Teredo Tunneling Adapter
Device ID: ROOT\*TEREDO\0000
Manufacturer: Microsoft
Name: Teredo Tunneling Pseudo-Interface
PNP Device ID: ROOT\*TEREDO\0000
Service: tunnel
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Image File Execution Options =============
.
.
==== Installed Programs ======================
.
.
==== End Of File ===========================
HITAKU
Posts: 18 +0
And here's the DDS.txt
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: BrowserJavaVersion: 10.71.2
Run by olive at 1:58:04 on 2015-01-15
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3062.1028 [GMT 8:00]
.
AV: AVG AntiVirus Free Edition 2015 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2015 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ================
.
c:\PROGRA~1\AVG\AVG2015\avgrsx.exe
C:\Program Files\AVG\AVG2015\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\AVG\AVG2015\avgidsagent.exe
C:\Program Files\AVG\AVG2015\avgwdsvc.exe
C:\ProgramData\DatacardService\HWDeviceService.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files\Razer\Razer Cortex\RzKLService.exe
C:\Program Files\ZTE Connection Manager\AssistantServices.exe
C:\Program Files\AVG\AVG2015\avgnsx.exe
C:\Program Files\AVG\AVG2015\avgemcx.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Garena Plus\ggdllhost.exe
C:\Program Files\AVG\AVG PC Tuneup\BoostSpeed.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler.exe
C:\Program Files\AVG\AVG2015\avgui.exe
C:\Windows\VM303_STI.EXE
C:\Program Files\Razer\Razer Cortex\main.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\ctfmon.exe
C:\Program Files\Razer\Razer Services\GSS\GameScannerService.exe
C:\Program Files\Razer\Razer Cortex\ProcessCapturer.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Google\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Google\Chrome\Application\chrome.exe
C:\Program Files\Garena Plus\GarenaMessenger.exe
C:\Program Files\Razer\Razer Cortex\ProcessCapturer.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Garena Plus\bbtalk\BBtalk.exe
C:\Users\olive\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files\Google\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Google\Chrome\Application\chrome.exe
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uProxyOverride = <-loopback>
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} -
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.9012.1008\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [GarenaPlus] "c:\program files\garena plus\GarenaMessenger.exe" -autolaunch
mRun: [RazerCortex] c:\program files\razer\razer cortex\RazerCortex.exe -autorun
mRun: [AVG_UI] "c:\program files\avg\avg2015\avgui.exe" /TRAYONLY
mRun: [BigDog303] c:\windows\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
uPolicies-Explorer: NoDriveTypeAutoRun = dword:255
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-001055-0002-0055-ABCDEFFEDCBC} - <orphaned>
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{2E03FDE5-6C32-4085-A19F-F1A01CDE27A0} : NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
TCP: Interfaces\{2E03FDE5-6C32-4085-A19F-F1A01CDE27A0}\8616070797022656163686 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{2E03FDE5-6C32-4085-A19F-F1A01CDE27A0}\9434 : DHCPNameServer = 10.254.1.51 10.254.1.52
TCP: Interfaces\{52235E54-F1A5-48F9-8386-7D46220F77A1} : NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
TCP: Interfaces\{57BD95B5-B59F-42ED-BA98-50E075A5568D} : NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
TCP: Interfaces\{A5A48058-D931-4EB9-8103-176541C0D409} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{F25ABC70-30A0-4EAB-90F8-502E7806697B} : NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
Hosts: 107.181.187.25 www.google-analytics.com.
Hosts: 107.181.187.25 google-analytics.com.
Hosts: 107.181.187.25 connect.facebook.net.
Hosts: 146.0.75.12 www.google-analytics.com.
Hosts: 146.0.75.12 google-analytics.com.
.
Note: multiple HOSTS entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\olive\appdata\roaming\mozilla\firefox\profiles\1a3szy42.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo!
FF - prefs.js: keyword.URL - hxxps://ph.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=407453&p=
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\garena plus\bbtalk\plugins\npplugin\npGarenaTalkPlugin.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.25.11\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlchromebrowserrecordext.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlhtml5videoshim.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlpepperflashvideoshim.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\npdlplugin.dll
FF - plugin: c:\users\olive\appdata\local\facebook\video\skype\npFacebookVideoCalling.dll
FF - plugin: c:\users\olive\appdata\local\google\update\1.3.25.11\npGoogleUpdate3.dll
FF - plugin: c:\users\olive\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1203133.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_14_0_0_145.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2014-11-18 154904]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2014-7-18 230680]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2014-10-5 98584]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2014-6-18 27416]
R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [2014-6-18 121624]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2014-12-8 208152]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2014-6-18 21272]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2014-8-28 192792]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2014-10-10 200984]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-9-5 42784]
R1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\drivers\hssdrv6.sys [2012-8-2 35560]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2015\avgidsagent.exe [2014-12-18 3432976]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2015\avgwdsvc.exe [2014-12-18 298080]
R2 HWDeviceService.exe;HWDeviceService.exe;c:\programdata\datacardservice\HWDeviceService.exe [2011-3-14 271712]
R2 Razer Game Scanner Service;Razer Game Scanner;c:\program files\razer\razer services\gss\GameScannerService.exe [2014-11-1 183488]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2013-3-6 39056]
R2 RzKLService;RzKLService;c:\program files\razer\razer cortex\RzKLService.exe [2014-12-17 105448]
R2 rzpmgrk;rzpmgrk;c:\windows\system32\drivers\rzpmgrk.sys [2014-12-17 20416]
R2 UI Assistant Service;UI Assistant Service;c:\program files\zte connection manager\AssistantServices.exe [2012-6-16 252784]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [2014-11-17 76544]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-11 4231168]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-14 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-14 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-14 661504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2014-1-22 88576]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [2014-11-17 102784]
S3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\drivers\ew_usbenumfilter.sys [2014-11-17 11136]
S3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\drivers\ew_jucdcacm.sys [2014-11-17 96000]
S3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\drivers\ew_juextctrl.sys [2014-11-17 27520]
S3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\drivers\ew_juwwanecm.sys [2014-11-17 205312]
S3 jrdusbser;Mobile Connector Device for Legacy Serial Communication;c:\windows\system32\drivers\jrdusbser.sys [2014-8-3 106112]
S3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2012-6-16 9216]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2014-1-22 184192]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2015-1-8 1343400]
S4 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-10-23 172192]
S4 Sun_Philippines Wave Modem Device Helper;Sun_Philippines Wave Modem Device Helper;c:\program files\sun broadband wireless\backgroundservice\servicemanager.exe -start --> c:\program files\sun broadband wireless\backgroundservice\ServiceManager.exe -start [?]
.
=============== File Associations ===============
.
FileExt: .inf: inffile=c:\windows\system32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2015-01-10 17:35:11 -------- d-----w- c:\users\olive\appdata\local\Blizzard Entertainment
2015-01-10 17:35:00 -------- d-----w- c:\users\olive\appdata\roaming\Battle.net
2015-01-10 17:35:00 -------- d-----w- c:\users\olive\appdata\local\Battle.net
2015-01-10 17:34:35 -------- d-----w- c:\program files\Battle.net
2015-01-08 17:46:21 -------- d-----w- c:\users\olive\appdata\local\SKIDROW
2015-01-08 17:38:06 -------- d-----w- c:\program files\WB Games
2015-01-08 13:59:10 -------- d-----w- c:\windows\system32\Wat
2015-01-08 11:19:33 -------- d-----w- C:\TDSSKiller_Quarantine
2015-01-05 09:47:38 -------- d-----w- c:\users\olive\appdata\local\CrashDumps
2015-01-04 17:02:29 -------- d-----w- C:\_OTL
2015-01-04 16:40:14 -------- d-----w- c:\windows\ERUNT
2015-01-04 16:37:00 -------- d-----w- c:\program files\GreenTree Applications
2015-01-04 16:02:47 -------- d-sh--w- C:\$RECYCLE.BIN
2015-01-04 15:37:13 98816 ----a-w- c:\windows\sed.exe
2015-01-04 15:37:13 256000 ----a-w- c:\windows\PEV.exe
2015-01-04 15:37:13 208896 ----a-w- c:\windows\MBR.exe
2015-01-04 15:37:01 -------- d-----w- C:\ComboFix
2015-01-04 14:10:51 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-01-04 11:56:17 35064 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-01-04 11:56:13 -------- d-----w- c:\programdata\RogueKiller
2015-01-02 11:19:20 -------- d-----w- c:\users\olive\appdata\roaming\AVG2015
2015-01-02 11:17:35 -------- d-----w- c:\programdata\AVG2015
2015-01-02 10:58:48 -------- d-----w- c:\users\olive\appdata\roaming\Otbiwag
2015-01-01 22:22:43 -------- d-----w- c:\users\olive\appdata\roaming\Kingosoft
2015-01-01 22:22:42 -------- d-----w- c:\users\olive\appdata\local\Kingosoft
2015-01-01 13:04:24 54525952 ----a-w- c:\programdata\microsoft\secure\icons\cachedicons\data\ea2e004c755697b78396fa02fadb4f50\iZotope Ozone.exe
2015-01-01 13:04:24 54525952 ----a-w- c:\programdata\microsoft\secure\icons\cachedicons\data\e4f0d8e365dd54a24f2a193f4af5cba4\Nero 9 Free.exe
2015-01-01 13:04:24 54525952 ----a-w- c:\programdata\microsoft\secure\icons\cachedicons\data\a3b0d64320e2a06f78a4a1221e3da272\DAVID-Laserscanner.exe
2015-01-01 13:04:24 54525952 ----a-w- c:\programdata\microsoft\secure\icons\cachedicons\data\8646436c62bba011bbcfd52998b505e4\ESET NOD32 Antivirus.exe
2015-01-01 13:04:24 54525952 ----a-w- c:\programdata\microsoft\secure\icons\cachedicons\data\7cee339141a0d7894f391e98f381eeac\LoiLoScope.exe
2015-01-01 13:04:24 54525952 ----a-w- c:\programdata\microsoft\secure\icons\cachedicons\data\6f66e74d7dec373feb2ec39156706ac8\Droppix Recorder.exe
2015-01-01 13:04:24 54525952 ----a-w- c:\programdata\microsoft\secure\icons\cachedicons\data\03e76d6e4033ee7dfd6c1dc6aca61d33\Sapphire Plug-ins AE.exe
2014-12-31 21:30:18 12582912 ----a-w- c:\programdata\microsoft\secure\icons\cachedicons\data\fc8ba40bbfd1fb2fb6e6b36d11fec0df\Lite x264 Codec Pack.exe
2014-12-31 10:55:38 -------- d-----w- c:\users\olive\appdata\roaming\Woqoasri
2014-12-29 10:49:17 -------- d-----w- c:\users\olive\appdata\roaming\Cokuveim
2014-12-27 20:39:48 -------- d-----w- c:\program files\common files\Steam
2014-12-27 20:39:46 -------- d-----w- c:\program files\Steam
2014-12-27 11:33:16 -------- d-----w- c:\users\olive\appdata\roaming\Aksolai
2014-12-27 10:40:22 -------- d-----w- c:\users\olive\appdata\roaming\Oqtaovi
2014-12-26 19:12:25 -------- d-----w- c:\users\olive\appdata\roaming\Microsoft Game Studios
2014-12-26 18:19:24 -------- d-----w- c:\windows\system32\original
2014-12-23 10:34:01 -------- d-----w- c:\users\olive\appdata\local\Owpics
2014-12-21 09:55:02 -------- d-----w- c:\users\olive\appdata\local\Awrdworks
2014-12-21 06:33:36 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-12-17 12:23:41 -------- d-----w- c:\users\olive\appdata\local\Razer_Inc
2014-12-17 12:18:53 -------- d-----w- c:\users\olive\appdata\local\Razer
2014-12-17 12:17:58 20416 ----a-w- c:\windows\system32\drivers\rzpmgrk.sys
2014-12-17 12:17:19 -------- d-----w- c:\users\olive\appdata\roaming\AVG
2014-12-17 12:09:13 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2014-12-17 12:09:13 49472 ----a-w- c:\windows\system32\netfxperf.dll
2014-12-17 12:09:13 297808 ----a-w- c:\windows\system32\mscoree.dll
2014-12-17 12:09:13 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2014-12-17 12:09:13 1130824 ----a-w- c:\windows\system32\dfshim.dll
2014-12-17 11:56:56 -------- d-----w- c:\users\olive\appdata\local\Avg2015
.
==================== Find3M ====================
.
2015-01-08 13:59:31 409088 ----a-w- c:\windows\system32\systemcpl.dll
2015-01-08 13:59:31 13824 ----a-w- c:\windows\system32\slwga.dll
2015-01-08 13:59:28 811520 ----a-w- c:\windows\system32\user32.dll
2014-12-13 21:46:18 1249654704 ----a-w- C:\PointBlank_GarenaPlus_Install_1034.exe
2014-12-13 18:40:54 234768 ----a-w- c:\windows\system32\PnkBstrB.xtr
2014-12-13 18:40:54 234768 ----a-w- c:\windows\system32\PnkBstrB.exe
2014-12-13 18:35:49 138264 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2014-12-13 17:50:06 138056 ----a-w- c:\users\olive\appdata\roaming\PnkBstrK.sys
2014-12-13 17:49:30 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2014-12-08 13:25:06 208152 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2014-11-18 13:41:58 154904 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2012-08-23 04:12:02 172432 ----a-w- c:\program files\1gres.dll
.
============= FINISH: 1:59:59.29 ===============
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: BrowserJavaVersion: 10.71.2
Run by olive at 1:58:04 on 2015-01-15
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3062.1028 [GMT 8:00]
.
AV: AVG AntiVirus Free Edition 2015 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2015 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ================
.
c:\PROGRA~1\AVG\AVG2015\avgrsx.exe
C:\Program Files\AVG\AVG2015\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\AVG\AVG2015\avgidsagent.exe
C:\Program Files\AVG\AVG2015\avgwdsvc.exe
C:\ProgramData\DatacardService\HWDeviceService.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files\Razer\Razer Cortex\RzKLService.exe
C:\Program Files\ZTE Connection Manager\AssistantServices.exe
C:\Program Files\AVG\AVG2015\avgnsx.exe
C:\Program Files\AVG\AVG2015\avgemcx.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Garena Plus\ggdllhost.exe
C:\Program Files\AVG\AVG PC Tuneup\BoostSpeed.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler.exe
C:\Program Files\AVG\AVG2015\avgui.exe
C:\Windows\VM303_STI.EXE
C:\Program Files\Razer\Razer Cortex\main.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\ctfmon.exe
C:\Program Files\Razer\Razer Services\GSS\GameScannerService.exe
C:\Program Files\Razer\Razer Cortex\ProcessCapturer.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Google\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Google\Chrome\Application\chrome.exe
C:\Program Files\Garena Plus\GarenaMessenger.exe
C:\Program Files\Razer\Razer Cortex\ProcessCapturer.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Garena Plus\bbtalk\BBtalk.exe
C:\Users\olive\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files\Google\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Google\Chrome\Application\chrome.exe
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uProxyOverride = <-loopback>
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} -
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.9012.1008\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [GarenaPlus] "c:\program files\garena plus\GarenaMessenger.exe" -autolaunch
mRun: [RazerCortex] c:\program files\razer\razer cortex\RazerCortex.exe -autorun
mRun: [AVG_UI] "c:\program files\avg\avg2015\avgui.exe" /TRAYONLY
mRun: [BigDog303] c:\windows\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
uPolicies-Explorer: NoDriveTypeAutoRun = dword:255
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-001055-0002-0055-ABCDEFFEDCBC} - <orphaned>
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{2E03FDE5-6C32-4085-A19F-F1A01CDE27A0} : NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
TCP: Interfaces\{2E03FDE5-6C32-4085-A19F-F1A01CDE27A0}\8616070797022656163686 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{2E03FDE5-6C32-4085-A19F-F1A01CDE27A0}\9434 : DHCPNameServer = 10.254.1.51 10.254.1.52
TCP: Interfaces\{52235E54-F1A5-48F9-8386-7D46220F77A1} : NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
TCP: Interfaces\{57BD95B5-B59F-42ED-BA98-50E075A5568D} : NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
TCP: Interfaces\{A5A48058-D931-4EB9-8103-176541C0D409} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{F25ABC70-30A0-4EAB-90F8-502E7806697B} : NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
Hosts: 107.181.187.25 www.google-analytics.com.
Hosts: 107.181.187.25 google-analytics.com.
Hosts: 107.181.187.25 connect.facebook.net.
Hosts: 146.0.75.12 www.google-analytics.com.
Hosts: 146.0.75.12 google-analytics.com.
.
Note: multiple HOSTS entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\olive\appdata\roaming\mozilla\firefox\profiles\1a3szy42.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo!
FF - prefs.js: keyword.URL - hxxps://ph.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=407453&p=
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\garena plus\bbtalk\plugins\npplugin\npGarenaTalkPlugin.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.25.11\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlchromebrowserrecordext.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlhtml5videoshim.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlpepperflashvideoshim.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\npdlplugin.dll
FF - plugin: c:\users\olive\appdata\local\facebook\video\skype\npFacebookVideoCalling.dll
FF - plugin: c:\users\olive\appdata\local\google\update\1.3.25.11\npGoogleUpdate3.dll
FF - plugin: c:\users\olive\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1203133.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_14_0_0_145.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2014-11-18 154904]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2014-7-18 230680]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2014-10-5 98584]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2014-6-18 27416]
R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [2014-6-18 121624]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2014-12-8 208152]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2014-6-18 21272]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2014-8-28 192792]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2014-10-10 200984]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-9-5 42784]
R1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\drivers\hssdrv6.sys [2012-8-2 35560]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2015\avgidsagent.exe [2014-12-18 3432976]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2015\avgwdsvc.exe [2014-12-18 298080]
R2 HWDeviceService.exe;HWDeviceService.exe;c:\programdata\datacardservice\HWDeviceService.exe [2011-3-14 271712]
R2 Razer Game Scanner Service;Razer Game Scanner;c:\program files\razer\razer services\gss\GameScannerService.exe [2014-11-1 183488]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2013-3-6 39056]
R2 RzKLService;RzKLService;c:\program files\razer\razer cortex\RzKLService.exe [2014-12-17 105448]
R2 rzpmgrk;rzpmgrk;c:\windows\system32\drivers\rzpmgrk.sys [2014-12-17 20416]
R2 UI Assistant Service;UI Assistant Service;c:\program files\zte connection manager\AssistantServices.exe [2012-6-16 252784]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [2014-11-17 76544]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-11 4231168]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-14 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-14 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-14 661504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2014-1-22 88576]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [2014-11-17 102784]
S3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\drivers\ew_usbenumfilter.sys [2014-11-17 11136]
S3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\drivers\ew_jucdcacm.sys [2014-11-17 96000]
S3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\drivers\ew_juextctrl.sys [2014-11-17 27520]
S3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\drivers\ew_juwwanecm.sys [2014-11-17 205312]
S3 jrdusbser;Mobile Connector Device for Legacy Serial Communication;c:\windows\system32\drivers\jrdusbser.sys [2014-8-3 106112]
S3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2012-6-16 9216]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2014-1-22 184192]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2015-1-8 1343400]
S4 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-10-23 172192]
S4 Sun_Philippines Wave Modem Device Helper;Sun_Philippines Wave Modem Device Helper;c:\program files\sun broadband wireless\backgroundservice\servicemanager.exe -start --> c:\program files\sun broadband wireless\backgroundservice\ServiceManager.exe -start [?]
.
=============== File Associations ===============
.
FileExt: .inf: inffile=c:\windows\system32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2015-01-10 17:35:11 -------- d-----w- c:\users\olive\appdata\local\Blizzard Entertainment
2015-01-10 17:35:00 -------- d-----w- c:\users\olive\appdata\roaming\Battle.net
2015-01-10 17:35:00 -------- d-----w- c:\users\olive\appdata\local\Battle.net
2015-01-10 17:34:35 -------- d-----w- c:\program files\Battle.net
2015-01-08 17:46:21 -------- d-----w- c:\users\olive\appdata\local\SKIDROW
2015-01-08 17:38:06 -------- d-----w- c:\program files\WB Games
2015-01-08 13:59:10 -------- d-----w- c:\windows\system32\Wat
2015-01-08 11:19:33 -------- d-----w- C:\TDSSKiller_Quarantine
2015-01-05 09:47:38 -------- d-----w- c:\users\olive\appdata\local\CrashDumps
2015-01-04 17:02:29 -------- d-----w- C:\_OTL
2015-01-04 16:40:14 -------- d-----w- c:\windows\ERUNT
2015-01-04 16:37:00 -------- d-----w- c:\program files\GreenTree Applications
2015-01-04 16:02:47 -------- d-sh--w- C:\$RECYCLE.BIN
2015-01-04 15:37:13 98816 ----a-w- c:\windows\sed.exe
2015-01-04 15:37:13 256000 ----a-w- c:\windows\PEV.exe
2015-01-04 15:37:13 208896 ----a-w- c:\windows\MBR.exe
2015-01-04 15:37:01 -------- d-----w- C:\ComboFix
2015-01-04 14:10:51 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-01-04 11:56:17 35064 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-01-04 11:56:13 -------- d-----w- c:\programdata\RogueKiller
2015-01-02 11:19:20 -------- d-----w- c:\users\olive\appdata\roaming\AVG2015
2015-01-02 11:17:35 -------- d-----w- c:\programdata\AVG2015
2015-01-02 10:58:48 -------- d-----w- c:\users\olive\appdata\roaming\Otbiwag
2015-01-01 22:22:43 -------- d-----w- c:\users\olive\appdata\roaming\Kingosoft
2015-01-01 22:22:42 -------- d-----w- c:\users\olive\appdata\local\Kingosoft
2015-01-01 13:04:24 54525952 ----a-w- c:\programdata\microsoft\secure\icons\cachedicons\data\ea2e004c755697b78396fa02fadb4f50\iZotope Ozone.exe
2015-01-01 13:04:24 54525952 ----a-w- c:\programdata\microsoft\secure\icons\cachedicons\data\e4f0d8e365dd54a24f2a193f4af5cba4\Nero 9 Free.exe
2015-01-01 13:04:24 54525952 ----a-w- c:\programdata\microsoft\secure\icons\cachedicons\data\a3b0d64320e2a06f78a4a1221e3da272\DAVID-Laserscanner.exe
2015-01-01 13:04:24 54525952 ----a-w- c:\programdata\microsoft\secure\icons\cachedicons\data\8646436c62bba011bbcfd52998b505e4\ESET NOD32 Antivirus.exe
2015-01-01 13:04:24 54525952 ----a-w- c:\programdata\microsoft\secure\icons\cachedicons\data\7cee339141a0d7894f391e98f381eeac\LoiLoScope.exe
2015-01-01 13:04:24 54525952 ----a-w- c:\programdata\microsoft\secure\icons\cachedicons\data\6f66e74d7dec373feb2ec39156706ac8\Droppix Recorder.exe
2015-01-01 13:04:24 54525952 ----a-w- c:\programdata\microsoft\secure\icons\cachedicons\data\03e76d6e4033ee7dfd6c1dc6aca61d33\Sapphire Plug-ins AE.exe
2014-12-31 21:30:18 12582912 ----a-w- c:\programdata\microsoft\secure\icons\cachedicons\data\fc8ba40bbfd1fb2fb6e6b36d11fec0df\Lite x264 Codec Pack.exe
2014-12-31 10:55:38 -------- d-----w- c:\users\olive\appdata\roaming\Woqoasri
2014-12-29 10:49:17 -------- d-----w- c:\users\olive\appdata\roaming\Cokuveim
2014-12-27 20:39:48 -------- d-----w- c:\program files\common files\Steam
2014-12-27 20:39:46 -------- d-----w- c:\program files\Steam
2014-12-27 11:33:16 -------- d-----w- c:\users\olive\appdata\roaming\Aksolai
2014-12-27 10:40:22 -------- d-----w- c:\users\olive\appdata\roaming\Oqtaovi
2014-12-26 19:12:25 -------- d-----w- c:\users\olive\appdata\roaming\Microsoft Game Studios
2014-12-26 18:19:24 -------- d-----w- c:\windows\system32\original
2014-12-23 10:34:01 -------- d-----w- c:\users\olive\appdata\local\Owpics
2014-12-21 09:55:02 -------- d-----w- c:\users\olive\appdata\local\Awrdworks
2014-12-21 06:33:36 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-12-17 12:23:41 -------- d-----w- c:\users\olive\appdata\local\Razer_Inc
2014-12-17 12:18:53 -------- d-----w- c:\users\olive\appdata\local\Razer
2014-12-17 12:17:58 20416 ----a-w- c:\windows\system32\drivers\rzpmgrk.sys
2014-12-17 12:17:19 -------- d-----w- c:\users\olive\appdata\roaming\AVG
2014-12-17 12:09:13 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2014-12-17 12:09:13 49472 ----a-w- c:\windows\system32\netfxperf.dll
2014-12-17 12:09:13 297808 ----a-w- c:\windows\system32\mscoree.dll
2014-12-17 12:09:13 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2014-12-17 12:09:13 1130824 ----a-w- c:\windows\system32\dfshim.dll
2014-12-17 11:56:56 -------- d-----w- c:\users\olive\appdata\local\Avg2015
.
==================== Find3M ====================
.
2015-01-08 13:59:31 409088 ----a-w- c:\windows\system32\systemcpl.dll
2015-01-08 13:59:31 13824 ----a-w- c:\windows\system32\slwga.dll
2015-01-08 13:59:28 811520 ----a-w- c:\windows\system32\user32.dll
2014-12-13 21:46:18 1249654704 ----a-w- C:\PointBlank_GarenaPlus_Install_1034.exe
2014-12-13 18:40:54 234768 ----a-w- c:\windows\system32\PnkBstrB.xtr
2014-12-13 18:40:54 234768 ----a-w- c:\windows\system32\PnkBstrB.exe
2014-12-13 18:35:49 138264 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2014-12-13 17:50:06 138056 ----a-w- c:\users\olive\appdata\roaming\PnkBstrK.sys
2014-12-13 17:49:30 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2014-12-08 13:25:06 208152 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2014-11-18 13:41:58 154904 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2012-08-23 04:12:02 172432 ----a-w- c:\program files\1gres.dll
.
============= FINISH: 1:59:59.29 ===============
Broni
Posts: 56,041 +516
Please download ComboFix from Here, Here or Here to your Desktop.
**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
**Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error Illegal operation attempted on a registery key that has been marked for deletion, restart computer to fix the issue.
**Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.
Make sure, you re-enable your security programs, when you're done with Combofix.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
NOTE.
If, for some reason, Combofix refuses to run, try the following...
Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.
Download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.
rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/
Restart computer in safe mode
When the scan is done Notepad will open with rKill.txt log.
NOTE. rKill.txt log will also be present on your desktop.
Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.
IF you had to run rKill post BOTH logs, rKill.txt and Combofix.txt.
**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
- Never rename Combofix unless instructed.
- Close any open browsers.
- Very Important! Temporarily disable your anti-virus and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
- Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
- Close any open browsers.
- WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
- Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
- If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
If the connection is not there use restore point you created prior to running Combofix. - Double click on combofix.exe & follow the prompts.
NOTE1. If Combofix asks you to install Recovery Console, please allow it.
NOTE 2. If Combofix asks you to update the program, always do so.
- When finished, it will produce a report for you.
- Please post the "C:\ComboFix.txt"
**Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error Illegal operation attempted on a registery key that has been marked for deletion, restart computer to fix the issue.
**Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.
Make sure, you re-enable your security programs, when you're done with Combofix.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
NOTE.
If, for some reason, Combofix refuses to run, try the following...
Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.
Download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.
rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/
Restart computer in safe mode
- Double-click on the Rkill desktop icon to run the tool.
- If using Vista or Windows 7 right-click on it and choose Run As Administrator.
- A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
- If not, delete the file, then download and use the one provided in Link 2.
- Do not reboot until instructed.
- If the tool does not run from any of the links provided, please let me know.
When the scan is done Notepad will open with rKill.txt log.
NOTE. rKill.txt log will also be present on your desktop.
Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.
IF you had to run rKill post BOTH logs, rKill.txt and Combofix.txt.
HITAKU
Posts: 18 +0
Here's for combo fix.
ComboFix 15-01-04.01 - olive 01/04/2015 23:40:34.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3062.1156 [GMT 8:00]
Running from: C:\Users\olive\Downloads\ComboFix.exe
AV: AVG AntiVirus Free Edition 2015 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Free Edition 2015 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
((((((((((((((((((((((((( Files Created from 2014-12-04 to 2015-01-04 )))))))))))))))))))))))))))))))
2015-01-04 15:58:27 . 2015-01-04 15:58:27 -------- d-----w- C:\Users\Guest\AppData\Local\temp
2015-01-04 15:58:27 . 2015-01-04 15:58:27 -------- d-----w- C:\Users\Default\AppData\Local\temp
2015-01-04 14:57:35 . 2015-01-04 15:21:53 -------- d-----w- C:\FRST
2015-01-04 14:10:51 . 2015-01-04 15:02:00 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-01-04 13:07:33 . 2015-01-04 15:09:39 114904 ----a-w- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-01-04 13:06:40 . 2015-01-04 14:08:02 79576 ----a-w- C:\Windows\system32\drivers\mbamchameleon.sys
2015-01-04 13:06:40 . 2015-01-04 13:06:44 -------- d-----w- C:\Program Files\Malwarebytes Anti-Malware
2015-01-04 13:06:40 . 2014-11-20 22:14:20 51928 ----a-w- C:\Windows\system32\drivers\mwac.sys
2015-01-04 13:06:40 . 2014-11-20 22:14:06 23256 ----a-w- C:\Windows\system32\drivers\mbam.sys
2015-01-04 11:56:17 . 2015-01-04 14:02:52 35064 ----a-w- C:\Windows\system32\drivers\TrueSight.sys
2015-01-04 11:56:13 . 2015-01-04 11:56:16 -------- d-----w- C:\ProgramData\RogueKiller
2015-01-02 14:45:32 . 2015-01-02 14:45:32 318464 ----a-w- C:\ProgramData\Microsoft\Secure\Icons\temp\tmp3614.exe
2015-01-02 11:17:35 . 2015-01-04 11:07:57 -------- d-----w- C:\ProgramData\AVG2015
2015-01-02 11:16:33 . 2015-01-02 11:26:36 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Local\Avg2015
2015-01-02 10:58:48 . 2015-01-02 11:36:39 -------- d-----w- C:\Users\olive\AppData\Roaming\Otbiwag
2015-01-01 22:22:43 . 2015-01-01 22:22:43 -------- d-----w- C:\Users\olive\AppData\Roaming\Kingosoft
2015-01-01 22:22:42 . 2015-01-01 22:22:42 -------- d-----w- C:\Users\olive\AppData\Local\Kingosoft
2015-01-01 22:22:26 . 2015-01-01 22:22:37 -------- d-----w- C:\Program Files\Kingo ROOT
2015-01-01 13:04:24 . 2015-01-01 13:04:26 54525952 ----a-w- C:\ProgramData\Microsoft\Secure\Icons\CachedIcons\data\ea2e004c755697b78396fa02fadb4f50\iZotope Ozone.exe
2015-01-01 13:04:24 . 2015-01-01 13:04:26 54525952 ----a-w- C:\ProgramData\Microsoft\Secure\Icons\CachedIcons\data\e4f0d8e365dd54a24f2a193f4af5cba4\Nero 9 Free.exe
2015-01-01 13:04:24 . 2015-01-01 13:04:26 54525952 ----a-w- C:\ProgramData\Microsoft\Secure\Icons\CachedIcons\data\a3b0d64320e2a06f78a4a1221e3da272\DAVID-Laserscanner.exe
2015-01-01 13:04:24 . 2015-01-01 13:04:26 54525952 ----a-w- C:\ProgramData\Microsoft\Secure\Icons\CachedIcons\data\8646436c62bba011bbcfd52998b505e4\ESET NOD32 Antivirus.exe
2015-01-01 13:04:24 . 2015-01-01 13:04:26 54525952 ----a-w- C:\ProgramData\Microsoft\Secure\Icons\CachedIcons\data\7cee339141a0d7894f391e98f381eeac\LoiLoScope.exe
2015-01-01 13:04:24 . 2015-01-01 13:04:26 54525952 ----a-w- C:\ProgramData\Microsoft\Secure\Icons\CachedIcons\data\6f66e74d7dec373feb2ec39156706ac8\Droppix Recorder.exe
2015-01-01 13:04:24 . 2015-01-01 13:04:26 54525952 ----a-w- C:\ProgramData\Microsoft\Secure\Icons\CachedIcons\data\03e76d6e4033ee7dfd6c1dc6aca61d33\Sapphire Plug-ins AE.exe
2014-12-31 21:30:18 . 2014-12-31 21:30:18 12582912 ----a-w- C:\ProgramData\Microsoft\Secure\Icons\CachedIcons\data\fc8ba40bbfd1fb2fb6e6b36d11fec0df\Lite x264 Codec Pack.exe
2014-12-31 10:55:38 . 2015-01-02 11:36:29 -------- d-----w- C:\Users\olive\AppData\Roaming\Woqoasri
2014-12-29 11:52:42 . 2014-12-29 11:52:42 -------- d-----w- C:\Program Files\GreenTree Applications
2014-12-29 10:49:17 . 2015-01-02 11:36:41 -------- d-----w- C:\Users\olive\AppData\Roaming\Cokuveim
2014-12-29 10:06:00 . 2014-12-29 10:06:01 -------- d-----w- C:\Users\Administrator
2014-12-27 20:39:48 . 2014-12-27 21:04:46 -------- d-----w- C:\Program Files\Common Files\Steam
2014-12-27 20:39:46 . 2014-12-27 22:49:51 -------- d-----w- C:\Program Files\Steam
2014-12-27 11:33:16 . 2015-01-02 11:27:14 -------- d-----w- C:\Users\olive\AppData\Roaming\Aksolai
2014-12-27 10:40:22 . 2015-01-02 11:36:39 -------- d-----w- C:\Users\olive\AppData\Roaming\Oqtaovi
2014-12-26 19:12:25 . 2014-12-26 19:12:25 -------- d-----w- C:\Users\olive\AppData\Roaming\Microsoft Game Studios
2014-12-26 18:19:24 . 2014-12-26 18:19:24 -------- d-----w- C:\Windows\system32\original
2014-12-23 10:34:01 . 2015-01-04 13:34:34 -------- d-----w- C:\Users\olive\AppData\Local\Owpics
2014-12-21 09:55:02 . 2015-01-04 13:33:27 -------- d-----w- C:\Users\olive\AppData\Local\Awrdworks
2014-12-21 06:33:36 . 2014-09-26 10:42:26 96680 ----a-w- C:\Windows\system32\WindowsAccessBridge.dll
2014-12-17 12:18:53 . 2014-12-17 12:18:53 -------- d-----w- C:\Users\olive\AppData\Local\Razer
2014-12-17 12:18:11 . 2014-12-17 12:18:11 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Local\Razer
2014-12-17 12:17:58 . 2014-10-31 22:27:07 20416 ----a-w- C:\Windows\system32\drivers\rzpmgrk.sys
2014-12-17 12:17:56 . 2014-12-17 12:18:16 -------- d-----w- C:\ProgramData\Razer
2014-12-17 12:17:56 . 2014-12-17 12:18:16 -------- d-----w- C:\Program Files\Razer
2014-12-17 12:17:19 . 2014-12-17 12:17:19 -------- d-----w- C:\Users\olive\AppData\Roaming\AVG
2014-12-17 12:09:13 . 2009-11-25 03:47:34 99176 ----a-w- C:\Windows\system32\PresentationHostProxy.dll
2014-12-17 12:09:13 . 2009-11-25 03:47:34 49472 ----a-w- C:\Windows\system32\netfxperf.dll
2014-12-17 12:09:13 . 2009-11-25 03:47:34 297808 ----a-w- C:\Windows\system32\mscoree.dll
2014-12-17 12:09:13 . 2009-11-25 03:47:34 295264 ----a-w- C:\Windows\system32\PresentationHost.exe
2014-12-17 12:09:13 . 2009-11-25 03:47:34 1130824 ----a-w- C:\Windows\system32\dfshim.dll
2014-12-17 11:56:56 . 2015-01-04 11:35:48 -------- d-----w- C:\Users\olive\AppData\Local\Avg2015
2014-12-14 22:11:52 . 2014-12-14 22:11:52 -------- d-----w- C:\ProgramData\IHProtectUpDate
2014-12-13 21:53:32 . 2014-12-13 21:53:32 1566720 ----a-w- C:\ProgramData\Microsoft\Secure\Icons\IconsCacheHelper.dll
2014-12-13 21:53:31 . 2014-12-13 21:53:31 1964544 ----a-w- C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll
2014-12-13 21:50:24 . 2014-12-25 02:53:40 -------- d-----w- C:\Program Files\GarenaPBPH
2014-12-13 18:48:04 . 2014-12-13 21:46:18 1249654704 ----a-w- C:\PointBlank_GarenaPlus_Install_1034.exe
2014-12-13 18:34:17 . 2014-12-13 18:40:54 234768 ----a-w- C:\Windows\system32\PnkBstrB.xtr
2014-12-13 18:34:13 . 2014-12-13 18:34:13 -------- d-----w- C:\Users\olive\AppData\Local\PunkBuster
2014-12-13 17:50:06 . 2014-12-13 18:35:49 138264 ----a-w- C:\Windows\system32\drivers\PnkBstrK.sys
2014-12-13 17:50:06 . 2014-12-13 17:50:06 138056 ----a-w- C:\Users\olive\AppData\Roaming\PnkBstrK.sys
2014-12-13 17:49:36 . 2014-12-13 18:40:54 234768 ----a-w- C:\Windows\system32\PnkBstrB.exe
2014-12-13 17:49:30 . 2014-12-13 17:49:30 75136 ----a-w- C:\Windows\system32\PnkBstrA.exe
2014-12-08 13:25:06 . 2014-12-08 13:25:06 208152 ----a-w- C:\Windows\system32\drivers\avgidsdriverx.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2014-11-18 13:41:58 . 2014-11-18 13:41:58 154904 ----a-w- C:\Windows\system32\drivers\avgidshx.sys
2014-10-10 07:13:58 . 2014-10-10 07:13:58 200984 ----a-w- C:\Windows\system32\drivers\avgtdix.sys
2012-08-23 04:12:02 . 2012-10-07 07:11:40 172432 ----a-w- C:\Program Files\1gres.dll
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}"= "C:\Program Files\Yahoo!\Companion\Installs\cpn8\yt.dll" [2014-02-11 18:36:26 1565464]
[HKEY_CLASSES_ROOT\clsid\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}]
[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin.1]
[HKEY_CLASSES_ROOT\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}]
[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12:26 130736 ----a-w- C:\Users\olive\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12:26 130736 ----a-w- C:\Users\olive\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12:26 130736 ----a-w- C:\Users\olive\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GarenaPlus"="C:\Program Files\Garena Plus\GarenaMessenger.exe" [2014-10-27 07:22:17 9974576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RazerCortex"="C:\Program Files\Razer\Razer Cortex\RazerCortex.exe" [2014-09-11 08:01:12 60640]
"AVG_UI"="C:\Program Files\AVG\AVG2015\avgui.exe" [2014-12-18 01:51:14 3667472]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
[HKLM\~\startupfolder\C:^Users^olive^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
path=C:\Users\olive\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
backup=C:\Windows\pss\Dropbox.lnk.Startup
backupExtension=.Startup
[HKLM\~\startupfolder\C:^Users^olive^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk]
path=C:\Users\olive\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
backup=C:\Windows\pss\MagicDisc.lnk.Startup
backupExtension=.Startup
[HKLM\~\startupfolder\C:^Users^olive^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=C:\Users\olive\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=C:\Windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
backupExtension=.Startup
[HKLM\~\startupfolder\C:^Users^olive^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Warcraft Config.lnk]
path=C:\Users\olive\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Warcraft Config.lnk
backup=C:\Windows\pss\Warcraft Config.lnk.Startup
backupExtension=.Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-11-21 16:57:26 959904 ----a-w- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
2007-10-24 20:44:38 212992 ----a-w- C:\Program Files\Apoint2K\Apoint.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BigDog303]
2006-01-24 15:07:00 61440 ----a-w- C:\Windows\VM303_STI.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus CX5500 Series]
2007-03-01 06:01:00 180736 ----a-w- C:\Windows\System32\spool\drivers\w32x86\3\E_FATICAP.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
2013-11-29 03:14:16 138096 ----atw- C:\Users\olive\AppData\Local\Facebook\Update\FacebookUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarenaPlus]
2014-10-27 07:22:17 9974576 ----a-w- C:\Program Files\Garena Plus\GarenaMessenger.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2012-06-13 18:11:38 116648 ----atw- C:\Users\olive\AppData\Local\Google\Update\GoogleUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-27 07:47:42 31016 ----a-w- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2009-10-02 12:34:32 173592 ----a-w- C:\Windows\System32\hkcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2009-10-02 12:34:48 141848 ----a-w- C:\Windows\System32\igfxtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
2012-05-25 15:25:02 6595928 ----a-w- C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Owpics]
2014-12-25 14:31:10 1280512 ----a-w- C:\Users\olive\AppData\Local\Owpics\PIM.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2009-10-02 12:34:42 150552 ----a-w- C:\Windows\System32\igfxpers.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
2011-06-15 06:19:14 307200 ----a-w- C:\Program Files\PowerISO\PWRISOVM.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2014-01-17 08:24:00 421888 ----a-w- C:\Program Files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RazerCortex]
2014-09-11 08:01:12 60640 ----a-w- C:\Program Files\Razer\Razer Cortex\RazerCortex.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2014-02-10 09:46:14 20922016 ----a-r- C:\Program Files\Skype\Phone\Skype.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2014-09-26 10:19:22 271744 ----a-w- C:\Program Files\Common Files\Java\Java Update\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sun_Philippines Wave ModemListener]
2011-08-22 16:28:00 118784 ----a-w- C:\Program Files\Sun Broadband Wireless\BackgroundService\ModemListener.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2013-08-24 10:28:37 39408 ----a-w- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2013-03-26 08:26:56 295512 ----a-w- C:\Program Files\Real\RealPlayer\Update\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UIExec]
2010-07-23 03:26:30 138584 ----a-w- C:\Program Files\ZTE Connection Manager\UIExec.exe
R2 HWDeviceService.exe;HWDeviceService.exe;C:\ProgramData\DatacardService\HWDeviceService.exe [2011-03-14 15:27:28 271712]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 00:52:12 88576]
R3 EagleXNt;EagleXNt;C:\Windows\system32\drivers\EagleXNt.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 01:52:02 102784]
R3 ew_usbenumfilter;huawei_CompositeFilter;C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2012-10-30 04:42:16 11136]
R3 ewusbnet;HUAWEI USB-NDIS miniport;C:\Windows\system32\DRIVERS\ewusbnet.sys [x]
R3 GGSAFERDriver;GGSAFER Driver;C:\Program Files\Garena Plus\Room\safedrv.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2012-08-20 00:54:18 96000]
R3 huawei_ext_ctrl;huawei_ext_ctrl;C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2012-08-20 00:54:20 27520]
R3 huawei_wwanecm;huawei_wwanecm;C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [2012-12-03 11:21:04 205312]
R3 hwusbdev;Huawei DataCard USB PNP Device;C:\Windows\system32\DRIVERS\ewusbdev.sys [x]
R3 jrdusbser;Mobile Connector Device for Legacy Serial Communication;C:\Windows\system32\DRIVERS\jrdusbser.sys [2011-06-20 01:00:46 106112]
R3 massfilter;ZTE Mass Storage Filter Driver;C:\Windows\system32\drivers\massfilter.sys [2010-01-18 22:20:58 9216]
R3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des [2013-10-22 15:46:38 5132656]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 00:52:12 184192]
R4 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-05-14 10:26:12 3289208]
R4 SkypeUpdate;Skype Updater;C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 00:15:08 172192]
R4 Sun_Philippines Wave Modem Device Helper;Sun_Philippines Wave Modem Device Helper;C:\Program Files\Sun Broadband Wireless\BackgroundService\ServiceManager.exe [2011-06-20 01:00:24 49752]
S0 AVGIDSHX;AVGIDSHX;C:\Windows\system32\DRIVERS\avgidshx.sys [2014-11-18 13:41:58 154904]
S0 Avglogx;AVG Logging Driver;C:\Windows\system32\DRIVERS\avglogx.sys [2014-07-18 06:55:24 230680]
S0 Avgrkx86;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx86.sys [2014-06-18 12:03:36 27416]
S1 Avgdiskx;AVG Disk Driver;C:\Windows\system32\DRIVERS\avgdiskx.sys [2014-06-18 12:03:34 121624]
S1 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2014-12-08 13:25:06 208152]
S1 AVGIDSShim;AVGIDSShim;C:\Windows\system32\DRIVERS\avgidsshimx.sys [2014-06-18 12:03:34 21272]
S1 Avgldx86;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx86.sys [2014-08-28 12:43:36 192792]
S1 Avgtdix;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdix.sys [2014-10-10 07:13:58 200984]
S1 avgtp;avgtp;C:\Windows\system32\drivers\avgtpx86.sys [2014-05-09 04:14:39 42784]
S1 HssDRV6;Hotspot Shield Routing Driver 6;C:\Windows\system32\DRIVERS\hssdrv6.sys [2012-08-01 18:13:42 35560]
S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files\AVG\AVG2015\avgidsagent.exe [2014-12-18 01:54:30 3432976]
S2 avgwd;AVG WatchDog;C:\Program Files\AVG\AVG2015\avgwdsvc.exe [2014-12-18 01:45:26 298080]
S2 MBAMScheduler;MBAMScheduler;C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-11-20 22:12:54 1871160]
S2 MBAMService;MBAMService;C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2014-11-20 22:12:56 969016]
S2 Razer Game Scanner Service;Razer Game Scanner;C:\Program Files\Razer\Razer Services\GSS\GameScannerService.exe [2014-10-31 22:27:38 183488]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-03-05 23:21:52 39056]
S2 RzKLService;RzKLService;C:\Program Files\Razer\Razer Cortex\RzKLService.exe [2014-09-11 08:01:18 105448]
S2 rzpmgrk;rzpmgrk;C:\Windows\system32\drivers\rzpmgrk.sys [2014-10-31 22:27:07 20416]
S2 UI Assistant Service;UI Assistant Service;C:\Program Files\ZTE Connection Manager\AssistantServices.exe [2010-07-23 03:24:20 252784]
S3 huawei_enumerator;huawei_enumerator;C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2012-08-20 00:54:18 76544]
S3 MBAMProtector;MBAMProtector;C:\Windows\system32\drivers\mbam.sys [2014-11-20 22:14:06 23256]
S3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-01-04 15:09:39 114904]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\system32\drivers\mwac.sys [2014-11-20 22:14:20 51928]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 22:02:51 4231168]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 22:13:45 207360]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 22:13:46 980992]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 22:13:45 661504]
--- Other Services/Drivers In Memory ---
*NewlyCreated* - MBAMSWISSARMY
Contents of the 'Scheduled Tasks' folder
2015-01-04 C:\Windows\Tasks\Adobe Flash Player Updater.job
- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-13 17:54:50 . 2014-07-13 22:16:24]
2015-01-04 C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2864508046-1840752021-4048113893-1000Core.job
- C:\Users\olive\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-11-18 14:10:49 . 2013-11-29 03:14:16]
2015-01-04 C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2864508046-1840752021-4048113893-1000UA.job
- C:\Users\olive\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-11-18 14:10:49 . 2013-11-29 03:14:16]
2015-01-04 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2013-08-24 10:28:12 . 2000-12-31 17:28:29]
2015-01-04 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2013-08-24 10:28:12 . 2000-12-31 17:28:29]
2015-01-04 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2864508046-1840752021-4048113893-1000Core.job
- C:\Users\olive\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-13 18:11:38 . 2012-06-13 18:11:38]
2015-01-04 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2864508046-1840752021-4048113893-1000UA.job
- C:\Users\olive\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-13 18:11:38 . 2012-06-13 18:11:38]
------- Supplementary Scan -------
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = <-loopback>
IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{2E03FDE5-6C32-4085-A19F-F1A01CDE27A0}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
TCP: Interfaces\{52235E54-F1A5-48F9-8386-7D46220F77A1}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
TCP: Interfaces\{57BD95B5-B59F-42ED-BA98-50E075A5568D}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
TCP: Interfaces\{A5A48058-D931-4EB9-8103-176541C0D409}: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{F25ABC70-30A0-4EAB-90F8-502E7806697B}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
FF - ProfilePath - C:\Users\olive\AppData\Roaming\Mozilla\Firefox\Profiles\1a3szy42.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo!
FF - prefs.js: keyword.URL - hxxps://ph.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=407453&p=
- - - - ORPHANS REMOVED - - - -
MSConfigStartUp-ATNworks - C:\Users\olive\AppData\Local\Awrdworks\jgmd400.dll
MSConfigStartUp-Awrdworks - C:\Users\olive\AppData\Local\Awrdworks\tmpFB8F.exe
MSConfigStartUp-Okivul - C:\Users\olive\AppData\Roaming\Aksolai\ogmyafq.exe
MSConfigStartUp-SearchProtection - C:\Users\olive\AppData\Roaming\Search Protection\SearchProtection.EXE
MSConfigStartUp-vProt - C:\Program Files\AVG Secure Search\vprot.exe
MSConfigStartUp-Zauzrimaop - C:\Users\olive\AppData\Roaming\Oqtaovi\ebisr.exe
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="C:\Windows\system32\GameMon.des -service"
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-2864508046-1840752021-4048113893-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:f8,9c,84,f5,1b,e1,ee,6f,87,9a,8e,39,b9,ef,fc,7a,7e,d1,bc,6c,e9,15,27,
d1,0a,c7,b7,8d,de,d6,78,b6,e3,03,4c,1f,2f,e5,1b,4f,8a,e8,ba,f0,d1,7a,3c,b6,\
"??"=hex:04,86,4b,0d,c3,1c,4e,f2,8c,a0,6e,d2,6f,aa,70,ab
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'Explorer.exe'(20812)
C:\Users\olive\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
C:\Program Files\Microsoft Office\Office12\1033\GrooveIntlResource.dll
C:\Windows\system32\igfxpph.dll
C:\Windows\system32\hccutils.DLL
Completion time: 2015-01-05 00:03:58
ComboFix-quarantined-files.txt 2015-01-04 16:03:56
Pre-Run: 11,941,728,256 bytes free
Post-Run: 11,753,074,688 bytes free
- - End Of File - - 2FEF1D5B8BB1501382C203CB59ABCFD1
A36C5E4F47E84449FF07ED3517B43A31
ComboFix 15-01-04.01 - olive 01/04/2015 23:40:34.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3062.1156 [GMT 8:00]
Running from: C:\Users\olive\Downloads\ComboFix.exe
AV: AVG AntiVirus Free Edition 2015 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Free Edition 2015 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
((((((((((((((((((((((((( Files Created from 2014-12-04 to 2015-01-04 )))))))))))))))))))))))))))))))
2015-01-04 15:58:27 . 2015-01-04 15:58:27 -------- d-----w- C:\Users\Guest\AppData\Local\temp
2015-01-04 15:58:27 . 2015-01-04 15:58:27 -------- d-----w- C:\Users\Default\AppData\Local\temp
2015-01-04 14:57:35 . 2015-01-04 15:21:53 -------- d-----w- C:\FRST
2015-01-04 14:10:51 . 2015-01-04 15:02:00 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-01-04 13:07:33 . 2015-01-04 15:09:39 114904 ----a-w- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-01-04 13:06:40 . 2015-01-04 14:08:02 79576 ----a-w- C:\Windows\system32\drivers\mbamchameleon.sys
2015-01-04 13:06:40 . 2015-01-04 13:06:44 -------- d-----w- C:\Program Files\Malwarebytes Anti-Malware
2015-01-04 13:06:40 . 2014-11-20 22:14:20 51928 ----a-w- C:\Windows\system32\drivers\mwac.sys
2015-01-04 13:06:40 . 2014-11-20 22:14:06 23256 ----a-w- C:\Windows\system32\drivers\mbam.sys
2015-01-04 11:56:17 . 2015-01-04 14:02:52 35064 ----a-w- C:\Windows\system32\drivers\TrueSight.sys
2015-01-04 11:56:13 . 2015-01-04 11:56:16 -------- d-----w- C:\ProgramData\RogueKiller
2015-01-02 14:45:32 . 2015-01-02 14:45:32 318464 ----a-w- C:\ProgramData\Microsoft\Secure\Icons\temp\tmp3614.exe
2015-01-02 11:17:35 . 2015-01-04 11:07:57 -------- d-----w- C:\ProgramData\AVG2015
2015-01-02 11:16:33 . 2015-01-02 11:26:36 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Local\Avg2015
2015-01-02 10:58:48 . 2015-01-02 11:36:39 -------- d-----w- C:\Users\olive\AppData\Roaming\Otbiwag
2015-01-01 22:22:43 . 2015-01-01 22:22:43 -------- d-----w- C:\Users\olive\AppData\Roaming\Kingosoft
2015-01-01 22:22:42 . 2015-01-01 22:22:42 -------- d-----w- C:\Users\olive\AppData\Local\Kingosoft
2015-01-01 22:22:26 . 2015-01-01 22:22:37 -------- d-----w- C:\Program Files\Kingo ROOT
2015-01-01 13:04:24 . 2015-01-01 13:04:26 54525952 ----a-w- C:\ProgramData\Microsoft\Secure\Icons\CachedIcons\data\ea2e004c755697b78396fa02fadb4f50\iZotope Ozone.exe
2015-01-01 13:04:24 . 2015-01-01 13:04:26 54525952 ----a-w- C:\ProgramData\Microsoft\Secure\Icons\CachedIcons\data\e4f0d8e365dd54a24f2a193f4af5cba4\Nero 9 Free.exe
2015-01-01 13:04:24 . 2015-01-01 13:04:26 54525952 ----a-w- C:\ProgramData\Microsoft\Secure\Icons\CachedIcons\data\a3b0d64320e2a06f78a4a1221e3da272\DAVID-Laserscanner.exe
2015-01-01 13:04:24 . 2015-01-01 13:04:26 54525952 ----a-w- C:\ProgramData\Microsoft\Secure\Icons\CachedIcons\data\8646436c62bba011bbcfd52998b505e4\ESET NOD32 Antivirus.exe
2015-01-01 13:04:24 . 2015-01-01 13:04:26 54525952 ----a-w- C:\ProgramData\Microsoft\Secure\Icons\CachedIcons\data\7cee339141a0d7894f391e98f381eeac\LoiLoScope.exe
2015-01-01 13:04:24 . 2015-01-01 13:04:26 54525952 ----a-w- C:\ProgramData\Microsoft\Secure\Icons\CachedIcons\data\6f66e74d7dec373feb2ec39156706ac8\Droppix Recorder.exe
2015-01-01 13:04:24 . 2015-01-01 13:04:26 54525952 ----a-w- C:\ProgramData\Microsoft\Secure\Icons\CachedIcons\data\03e76d6e4033ee7dfd6c1dc6aca61d33\Sapphire Plug-ins AE.exe
2014-12-31 21:30:18 . 2014-12-31 21:30:18 12582912 ----a-w- C:\ProgramData\Microsoft\Secure\Icons\CachedIcons\data\fc8ba40bbfd1fb2fb6e6b36d11fec0df\Lite x264 Codec Pack.exe
2014-12-31 10:55:38 . 2015-01-02 11:36:29 -------- d-----w- C:\Users\olive\AppData\Roaming\Woqoasri
2014-12-29 11:52:42 . 2014-12-29 11:52:42 -------- d-----w- C:\Program Files\GreenTree Applications
2014-12-29 10:49:17 . 2015-01-02 11:36:41 -------- d-----w- C:\Users\olive\AppData\Roaming\Cokuveim
2014-12-29 10:06:00 . 2014-12-29 10:06:01 -------- d-----w- C:\Users\Administrator
2014-12-27 20:39:48 . 2014-12-27 21:04:46 -------- d-----w- C:\Program Files\Common Files\Steam
2014-12-27 20:39:46 . 2014-12-27 22:49:51 -------- d-----w- C:\Program Files\Steam
2014-12-27 11:33:16 . 2015-01-02 11:27:14 -------- d-----w- C:\Users\olive\AppData\Roaming\Aksolai
2014-12-27 10:40:22 . 2015-01-02 11:36:39 -------- d-----w- C:\Users\olive\AppData\Roaming\Oqtaovi
2014-12-26 19:12:25 . 2014-12-26 19:12:25 -------- d-----w- C:\Users\olive\AppData\Roaming\Microsoft Game Studios
2014-12-26 18:19:24 . 2014-12-26 18:19:24 -------- d-----w- C:\Windows\system32\original
2014-12-23 10:34:01 . 2015-01-04 13:34:34 -------- d-----w- C:\Users\olive\AppData\Local\Owpics
2014-12-21 09:55:02 . 2015-01-04 13:33:27 -------- d-----w- C:\Users\olive\AppData\Local\Awrdworks
2014-12-21 06:33:36 . 2014-09-26 10:42:26 96680 ----a-w- C:\Windows\system32\WindowsAccessBridge.dll
2014-12-17 12:18:53 . 2014-12-17 12:18:53 -------- d-----w- C:\Users\olive\AppData\Local\Razer
2014-12-17 12:18:11 . 2014-12-17 12:18:11 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Local\Razer
2014-12-17 12:17:58 . 2014-10-31 22:27:07 20416 ----a-w- C:\Windows\system32\drivers\rzpmgrk.sys
2014-12-17 12:17:56 . 2014-12-17 12:18:16 -------- d-----w- C:\ProgramData\Razer
2014-12-17 12:17:56 . 2014-12-17 12:18:16 -------- d-----w- C:\Program Files\Razer
2014-12-17 12:17:19 . 2014-12-17 12:17:19 -------- d-----w- C:\Users\olive\AppData\Roaming\AVG
2014-12-17 12:09:13 . 2009-11-25 03:47:34 99176 ----a-w- C:\Windows\system32\PresentationHostProxy.dll
2014-12-17 12:09:13 . 2009-11-25 03:47:34 49472 ----a-w- C:\Windows\system32\netfxperf.dll
2014-12-17 12:09:13 . 2009-11-25 03:47:34 297808 ----a-w- C:\Windows\system32\mscoree.dll
2014-12-17 12:09:13 . 2009-11-25 03:47:34 295264 ----a-w- C:\Windows\system32\PresentationHost.exe
2014-12-17 12:09:13 . 2009-11-25 03:47:34 1130824 ----a-w- C:\Windows\system32\dfshim.dll
2014-12-17 11:56:56 . 2015-01-04 11:35:48 -------- d-----w- C:\Users\olive\AppData\Local\Avg2015
2014-12-14 22:11:52 . 2014-12-14 22:11:52 -------- d-----w- C:\ProgramData\IHProtectUpDate
2014-12-13 21:53:32 . 2014-12-13 21:53:32 1566720 ----a-w- C:\ProgramData\Microsoft\Secure\Icons\IconsCacheHelper.dll
2014-12-13 21:53:31 . 2014-12-13 21:53:31 1964544 ----a-w- C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll
2014-12-13 21:50:24 . 2014-12-25 02:53:40 -------- d-----w- C:\Program Files\GarenaPBPH
2014-12-13 18:48:04 . 2014-12-13 21:46:18 1249654704 ----a-w- C:\PointBlank_GarenaPlus_Install_1034.exe
2014-12-13 18:34:17 . 2014-12-13 18:40:54 234768 ----a-w- C:\Windows\system32\PnkBstrB.xtr
2014-12-13 18:34:13 . 2014-12-13 18:34:13 -------- d-----w- C:\Users\olive\AppData\Local\PunkBuster
2014-12-13 17:50:06 . 2014-12-13 18:35:49 138264 ----a-w- C:\Windows\system32\drivers\PnkBstrK.sys
2014-12-13 17:50:06 . 2014-12-13 17:50:06 138056 ----a-w- C:\Users\olive\AppData\Roaming\PnkBstrK.sys
2014-12-13 17:49:36 . 2014-12-13 18:40:54 234768 ----a-w- C:\Windows\system32\PnkBstrB.exe
2014-12-13 17:49:30 . 2014-12-13 17:49:30 75136 ----a-w- C:\Windows\system32\PnkBstrA.exe
2014-12-08 13:25:06 . 2014-12-08 13:25:06 208152 ----a-w- C:\Windows\system32\drivers\avgidsdriverx.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2014-11-18 13:41:58 . 2014-11-18 13:41:58 154904 ----a-w- C:\Windows\system32\drivers\avgidshx.sys
2014-10-10 07:13:58 . 2014-10-10 07:13:58 200984 ----a-w- C:\Windows\system32\drivers\avgtdix.sys
2012-08-23 04:12:02 . 2012-10-07 07:11:40 172432 ----a-w- C:\Program Files\1gres.dll
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}"= "C:\Program Files\Yahoo!\Companion\Installs\cpn8\yt.dll" [2014-02-11 18:36:26 1565464]
[HKEY_CLASSES_ROOT\clsid\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}]
[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin.1]
[HKEY_CLASSES_ROOT\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}]
[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12:26 130736 ----a-w- C:\Users\olive\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12:26 130736 ----a-w- C:\Users\olive\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12:26 130736 ----a-w- C:\Users\olive\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GarenaPlus"="C:\Program Files\Garena Plus\GarenaMessenger.exe" [2014-10-27 07:22:17 9974576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RazerCortex"="C:\Program Files\Razer\Razer Cortex\RazerCortex.exe" [2014-09-11 08:01:12 60640]
"AVG_UI"="C:\Program Files\AVG\AVG2015\avgui.exe" [2014-12-18 01:51:14 3667472]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
[HKLM\~\startupfolder\C:^Users^olive^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
path=C:\Users\olive\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
backup=C:\Windows\pss\Dropbox.lnk.Startup
backupExtension=.Startup
[HKLM\~\startupfolder\C:^Users^olive^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk]
path=C:\Users\olive\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
backup=C:\Windows\pss\MagicDisc.lnk.Startup
backupExtension=.Startup
[HKLM\~\startupfolder\C:^Users^olive^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=C:\Users\olive\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=C:\Windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
backupExtension=.Startup
[HKLM\~\startupfolder\C:^Users^olive^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Warcraft Config.lnk]
path=C:\Users\olive\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Warcraft Config.lnk
backup=C:\Windows\pss\Warcraft Config.lnk.Startup
backupExtension=.Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-11-21 16:57:26 959904 ----a-w- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
2007-10-24 20:44:38 212992 ----a-w- C:\Program Files\Apoint2K\Apoint.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BigDog303]
2006-01-24 15:07:00 61440 ----a-w- C:\Windows\VM303_STI.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus CX5500 Series]
2007-03-01 06:01:00 180736 ----a-w- C:\Windows\System32\spool\drivers\w32x86\3\E_FATICAP.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
2013-11-29 03:14:16 138096 ----atw- C:\Users\olive\AppData\Local\Facebook\Update\FacebookUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarenaPlus]
2014-10-27 07:22:17 9974576 ----a-w- C:\Program Files\Garena Plus\GarenaMessenger.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2012-06-13 18:11:38 116648 ----atw- C:\Users\olive\AppData\Local\Google\Update\GoogleUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-27 07:47:42 31016 ----a-w- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2009-10-02 12:34:32 173592 ----a-w- C:\Windows\System32\hkcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2009-10-02 12:34:48 141848 ----a-w- C:\Windows\System32\igfxtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
2012-05-25 15:25:02 6595928 ----a-w- C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Owpics]
2014-12-25 14:31:10 1280512 ----a-w- C:\Users\olive\AppData\Local\Owpics\PIM.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2009-10-02 12:34:42 150552 ----a-w- C:\Windows\System32\igfxpers.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
2011-06-15 06:19:14 307200 ----a-w- C:\Program Files\PowerISO\PWRISOVM.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2014-01-17 08:24:00 421888 ----a-w- C:\Program Files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RazerCortex]
2014-09-11 08:01:12 60640 ----a-w- C:\Program Files\Razer\Razer Cortex\RazerCortex.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2014-02-10 09:46:14 20922016 ----a-r- C:\Program Files\Skype\Phone\Skype.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2014-09-26 10:19:22 271744 ----a-w- C:\Program Files\Common Files\Java\Java Update\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sun_Philippines Wave ModemListener]
2011-08-22 16:28:00 118784 ----a-w- C:\Program Files\Sun Broadband Wireless\BackgroundService\ModemListener.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2013-08-24 10:28:37 39408 ----a-w- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2013-03-26 08:26:56 295512 ----a-w- C:\Program Files\Real\RealPlayer\Update\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UIExec]
2010-07-23 03:26:30 138584 ----a-w- C:\Program Files\ZTE Connection Manager\UIExec.exe
R2 HWDeviceService.exe;HWDeviceService.exe;C:\ProgramData\DatacardService\HWDeviceService.exe [2011-03-14 15:27:28 271712]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 00:52:12 88576]
R3 EagleXNt;EagleXNt;C:\Windows\system32\drivers\EagleXNt.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 01:52:02 102784]
R3 ew_usbenumfilter;huawei_CompositeFilter;C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2012-10-30 04:42:16 11136]
R3 ewusbnet;HUAWEI USB-NDIS miniport;C:\Windows\system32\DRIVERS\ewusbnet.sys [x]
R3 GGSAFERDriver;GGSAFER Driver;C:\Program Files\Garena Plus\Room\safedrv.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2012-08-20 00:54:18 96000]
R3 huawei_ext_ctrl;huawei_ext_ctrl;C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2012-08-20 00:54:20 27520]
R3 huawei_wwanecm;huawei_wwanecm;C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [2012-12-03 11:21:04 205312]
R3 hwusbdev;Huawei DataCard USB PNP Device;C:\Windows\system32\DRIVERS\ewusbdev.sys [x]
R3 jrdusbser;Mobile Connector Device for Legacy Serial Communication;C:\Windows\system32\DRIVERS\jrdusbser.sys [2011-06-20 01:00:46 106112]
R3 massfilter;ZTE Mass Storage Filter Driver;C:\Windows\system32\drivers\massfilter.sys [2010-01-18 22:20:58 9216]
R3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des [2013-10-22 15:46:38 5132656]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 00:52:12 184192]
R4 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-05-14 10:26:12 3289208]
R4 SkypeUpdate;Skype Updater;C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 00:15:08 172192]
R4 Sun_Philippines Wave Modem Device Helper;Sun_Philippines Wave Modem Device Helper;C:\Program Files\Sun Broadband Wireless\BackgroundService\ServiceManager.exe [2011-06-20 01:00:24 49752]
S0 AVGIDSHX;AVGIDSHX;C:\Windows\system32\DRIVERS\avgidshx.sys [2014-11-18 13:41:58 154904]
S0 Avglogx;AVG Logging Driver;C:\Windows\system32\DRIVERS\avglogx.sys [2014-07-18 06:55:24 230680]
S0 Avgrkx86;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx86.sys [2014-06-18 12:03:36 27416]
S1 Avgdiskx;AVG Disk Driver;C:\Windows\system32\DRIVERS\avgdiskx.sys [2014-06-18 12:03:34 121624]
S1 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2014-12-08 13:25:06 208152]
S1 AVGIDSShim;AVGIDSShim;C:\Windows\system32\DRIVERS\avgidsshimx.sys [2014-06-18 12:03:34 21272]
S1 Avgldx86;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx86.sys [2014-08-28 12:43:36 192792]
S1 Avgtdix;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdix.sys [2014-10-10 07:13:58 200984]
S1 avgtp;avgtp;C:\Windows\system32\drivers\avgtpx86.sys [2014-05-09 04:14:39 42784]
S1 HssDRV6;Hotspot Shield Routing Driver 6;C:\Windows\system32\DRIVERS\hssdrv6.sys [2012-08-01 18:13:42 35560]
S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files\AVG\AVG2015\avgidsagent.exe [2014-12-18 01:54:30 3432976]
S2 avgwd;AVG WatchDog;C:\Program Files\AVG\AVG2015\avgwdsvc.exe [2014-12-18 01:45:26 298080]
S2 MBAMScheduler;MBAMScheduler;C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-11-20 22:12:54 1871160]
S2 MBAMService;MBAMService;C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2014-11-20 22:12:56 969016]
S2 Razer Game Scanner Service;Razer Game Scanner;C:\Program Files\Razer\Razer Services\GSS\GameScannerService.exe [2014-10-31 22:27:38 183488]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-03-05 23:21:52 39056]
S2 RzKLService;RzKLService;C:\Program Files\Razer\Razer Cortex\RzKLService.exe [2014-09-11 08:01:18 105448]
S2 rzpmgrk;rzpmgrk;C:\Windows\system32\drivers\rzpmgrk.sys [2014-10-31 22:27:07 20416]
S2 UI Assistant Service;UI Assistant Service;C:\Program Files\ZTE Connection Manager\AssistantServices.exe [2010-07-23 03:24:20 252784]
S3 huawei_enumerator;huawei_enumerator;C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2012-08-20 00:54:18 76544]
S3 MBAMProtector;MBAMProtector;C:\Windows\system32\drivers\mbam.sys [2014-11-20 22:14:06 23256]
S3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-01-04 15:09:39 114904]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\system32\drivers\mwac.sys [2014-11-20 22:14:20 51928]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 22:02:51 4231168]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 22:13:45 207360]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 22:13:46 980992]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 22:13:45 661504]
--- Other Services/Drivers In Memory ---
*NewlyCreated* - MBAMSWISSARMY
Contents of the 'Scheduled Tasks' folder
2015-01-04 C:\Windows\Tasks\Adobe Flash Player Updater.job
- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-13 17:54:50 . 2014-07-13 22:16:24]
2015-01-04 C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2864508046-1840752021-4048113893-1000Core.job
- C:\Users\olive\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-11-18 14:10:49 . 2013-11-29 03:14:16]
2015-01-04 C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2864508046-1840752021-4048113893-1000UA.job
- C:\Users\olive\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-11-18 14:10:49 . 2013-11-29 03:14:16]
2015-01-04 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2013-08-24 10:28:12 . 2000-12-31 17:28:29]
2015-01-04 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2013-08-24 10:28:12 . 2000-12-31 17:28:29]
2015-01-04 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2864508046-1840752021-4048113893-1000Core.job
- C:\Users\olive\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-13 18:11:38 . 2012-06-13 18:11:38]
2015-01-04 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2864508046-1840752021-4048113893-1000UA.job
- C:\Users\olive\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-13 18:11:38 . 2012-06-13 18:11:38]
------- Supplementary Scan -------
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = <-loopback>
IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{2E03FDE5-6C32-4085-A19F-F1A01CDE27A0}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
TCP: Interfaces\{52235E54-F1A5-48F9-8386-7D46220F77A1}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
TCP: Interfaces\{57BD95B5-B59F-42ED-BA98-50E075A5568D}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
TCP: Interfaces\{A5A48058-D931-4EB9-8103-176541C0D409}: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{F25ABC70-30A0-4EAB-90F8-502E7806697B}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
FF - ProfilePath - C:\Users\olive\AppData\Roaming\Mozilla\Firefox\Profiles\1a3szy42.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo!
FF - prefs.js: keyword.URL - hxxps://ph.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=407453&p=
- - - - ORPHANS REMOVED - - - -
MSConfigStartUp-ATNworks - C:\Users\olive\AppData\Local\Awrdworks\jgmd400.dll
MSConfigStartUp-Awrdworks - C:\Users\olive\AppData\Local\Awrdworks\tmpFB8F.exe
MSConfigStartUp-Okivul - C:\Users\olive\AppData\Roaming\Aksolai\ogmyafq.exe
MSConfigStartUp-SearchProtection - C:\Users\olive\AppData\Roaming\Search Protection\SearchProtection.EXE
MSConfigStartUp-vProt - C:\Program Files\AVG Secure Search\vprot.exe
MSConfigStartUp-Zauzrimaop - C:\Users\olive\AppData\Roaming\Oqtaovi\ebisr.exe
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="C:\Windows\system32\GameMon.des -service"
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-2864508046-1840752021-4048113893-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:f8,9c,84,f5,1b,e1,ee,6f,87,9a,8e,39,b9,ef,fc,7a,7e,d1,bc,6c,e9,15,27,
d1,0a,c7,b7,8d,de,d6,78,b6,e3,03,4c,1f,2f,e5,1b,4f,8a,e8,ba,f0,d1,7a,3c,b6,\
"??"=hex:04,86,4b,0d,c3,1c,4e,f2,8c,a0,6e,d2,6f,aa,70,ab
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'Explorer.exe'(20812)
C:\Users\olive\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
C:\Program Files\Microsoft Office\Office12\1033\GrooveIntlResource.dll
C:\Windows\system32\igfxpph.dll
C:\Windows\system32\hccutils.DLL
Completion time: 2015-01-05 00:03:58
ComboFix-quarantined-files.txt 2015-01-04 16:03:56
Pre-Run: 11,941,728,256 bytes free
Post-Run: 11,753,074,688 bytes free
- - End Of File - - 2FEF1D5B8BB1501382C203CB59ABCFD1
A36C5E4F47E84449FF07ED3517B43A31
Broni
Posts: 56,041 +516
- Close all open programs and internet browsers.
- Double click on adwcleaner.exe to run the tool.
- Click on Scan button.
- When the scan has finished click on Clean button.
- Your computer will be rebooted automatically. A text file will open after the restart.
- Please post the contents of that logfile with your next reply.
- You can find the logfile at C:\AdwCleaner[S1].txt as well.
- Shut down your protection software now to avoid potential conflicts.
- Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
- The tool will open and start scanning your system.
- Please be patient as this can take a while to complete depending on your system's specifications.
- On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
- Post the contents of JRT.txt into your next message.
Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
- Double-click to run it. When the tool opens click Yes to disclaimer.
- Press Scan button.
- It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
- The first time the tool is run, it makes also another log (Addition.txt). Please copy and paste it to your reply.
HITAKU
Posts: 18 +0
Sorry for the very late reply computers lagging and the connection's slowing down dont know why though.
but heres adware.
# AdwCleaner v4.106 - Report created 05/01/2015 at 00:31:51
# Updated 21/12/2014 by Xplode
# Database : 2015-01-03.1 [Live]
# Operating System : Windows 7 Ultimate (32 bits)
# Username : olive - OLIVE-PC
# Running from : C:\Users\olive\Downloads\adwcleaner_4.106.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : YahooAUService
[#] Service Deleted : Skype C2C Service
***** [ Files / Folders ] *****
[x] Not Deleted : C:\ProgramData\ytd video downloader
Folder Deleted : C:\ProgramData\Yahoo! Companion
Folder Deleted : C:\ProgramData\IHProtectUpDate
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
Folder Deleted : C:\Program Files\GreenTree Applications
Folder Deleted : C:\Users\Guest\AppData\LocalLow\Yahoo! Companion
Folder Deleted : C:\Users\olive\AppData\Local\CrashRpt
Folder Deleted : C:\Users\olive\AppData\LocalLow\Yahoo! Companion
Folder Deleted : C:\Users\olive\AppData\Roaming\Allmyapps
Folder Deleted : C:\Users\olive\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh
File Deleted : C:\Users\olive\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage
File Deleted : C:\Users\olive\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage-journal
***** [ Scheduled Tasks ] *****
Task Deleted : MySearchDial
Task Deleted : LuckyTab
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2FF49ED5-A3EF-410B-918E-97DECEB5996D}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}]
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E85D6642-6EE8-465F-9ED6-8098FB498B4C}
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion
***** [ Browsers ] *****
-\\ Internet Explorer v0.0.0.0
-\\ Mozilla Firefox v29.0.1 (en-US)
[1a3szy42.default\prefs.js] - Line Deleted : user_pref("extensions.irmysearch.aflt", "ir_14_15_ch");
[1a3szy42.default\prefs.js] - Line Deleted : user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1QzutDtD0F0FyDtBtBtAyD0EyDyE0D0DyB0AtN0D0Tzu0SzztAtCtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StAyDyC0EtDzzzzyEtGyCyByCyDt[...]
[1a3szy42.default\prefs.js] - Line Deleted : user_pref("extensions.irmysearch.cr", "467833748");
[1a3szy42.default\prefs.js] - Line Deleted : user_pref("extensions.irmysearch.instlRef", "140305_b");
-\\ Google Chrome v
[C:\Users\olive\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
[C:\Users\olive\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxps://isearch.avg.com/search?cid={2A162F12-EB0E-4473-9886-272890716F9C}&mid=1159d21ad8cb47d0a3a4d1527e5b20ba-8bd6b6317ec7acc6dcc8fd6d71dc761a18b5d161&lang=en&ds=AVG&pr=fr&d=2012-09-27%2012:05:31&v=12.2.5.34&sap=dsp&q={searchTerms}
[C:\Users\olive\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\olive\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : ngoiabglmnijabkfknliolcbjfcmbmdl
[C:\Users\olive\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : lifbcibllhkdhoafpjfnlhfpfgnpldfl
[C:\Users\olive\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : oiokahphinmbmakkehgelkmpolmnbkdh
[C:\Users\olive\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Startup_URLs] : hxxp://istart.webssearches.com/?type=hppp&ts=1418595098&from=exp&uid=WDCXWD1200BEVS
[C:\Users\olive\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Startup_URLs] : hxxp://search.softonic.com/MON00006/tb_v1?SearchSource=48&cc=
[C:\Users\olive\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Startup_URLs] : hxxp://istart.webssearches.com/?type=hppp&ts=1418595098&from=exp&uid=WDCXWD1200BEVS
*************************
AdwCleaner[R0].txt - [73021 octets] - [04/05/2014 23:58:13]
AdwCleaner[R10].txt - [3232 octets] - [29/12/2014 19:36:37]
AdwCleaner[R11].txt - [2312 octets] - [04/01/2015 19:40:31]
AdwCleaner[R12].txt - [6608 octets] - [05/01/2015 00:25:40]
AdwCleaner[R1].txt - [4087 octets] - [05/05/2014 00:14:57]
AdwCleaner[R2].txt - [9265 octets] - [05/05/2014 22:38:30]
AdwCleaner[R3].txt - [10463 octets] - [19/05/2014 22:29:39]
AdwCleaner[R4].txt - [10595 octets] - [26/05/2014 01:31:46]
AdwCleaner[R5].txt - [1390 octets] - [26/05/2014 01:40:45]
AdwCleaner[R6].txt - [2493 octets] - [12/06/2014 09:36:51]
AdwCleaner[R7].txt - [2120 octets] - [17/08/2014 18:24:48]
AdwCleaner[R8].txt - [4292 octets] - [15/12/2014 06:33:28]
AdwCleaner[R9].txt - [2764 octets] - [29/12/2014 19:27:41]
AdwCleaner[S0].txt - [71810 octets] - [05/05/2014 00:06:44]
AdwCleaner[S1].txt - [6590 octets] - [26/05/2014 01:33:41]
AdwCleaner[S2].txt - [2492 octets] - [12/06/2014 09:39:39]
AdwCleaner[S3].txt - [4307 octets] - [15/12/2014 06:35:45]
AdwCleaner[S4].txt - [3059 octets] - [29/12/2014 19:38:29]
AdwCleaner[S5].txt - [6669 octets] - [05/01/2015 00:31:51]
########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [6729 octets] ##########
but heres adware.
# AdwCleaner v4.106 - Report created 05/01/2015 at 00:31:51
# Updated 21/12/2014 by Xplode
# Database : 2015-01-03.1 [Live]
# Operating System : Windows 7 Ultimate (32 bits)
# Username : olive - OLIVE-PC
# Running from : C:\Users\olive\Downloads\adwcleaner_4.106.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : YahooAUService
[#] Service Deleted : Skype C2C Service
***** [ Files / Folders ] *****
[x] Not Deleted : C:\ProgramData\ytd video downloader
Folder Deleted : C:\ProgramData\Yahoo! Companion
Folder Deleted : C:\ProgramData\IHProtectUpDate
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
Folder Deleted : C:\Program Files\GreenTree Applications
Folder Deleted : C:\Users\Guest\AppData\LocalLow\Yahoo! Companion
Folder Deleted : C:\Users\olive\AppData\Local\CrashRpt
Folder Deleted : C:\Users\olive\AppData\LocalLow\Yahoo! Companion
Folder Deleted : C:\Users\olive\AppData\Roaming\Allmyapps
Folder Deleted : C:\Users\olive\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh
File Deleted : C:\Users\olive\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage
File Deleted : C:\Users\olive\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage-journal
***** [ Scheduled Tasks ] *****
Task Deleted : MySearchDial
Task Deleted : LuckyTab
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2FF49ED5-A3EF-410B-918E-97DECEB5996D}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}]
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E85D6642-6EE8-465F-9ED6-8098FB498B4C}
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion
***** [ Browsers ] *****
-\\ Internet Explorer v0.0.0.0
-\\ Mozilla Firefox v29.0.1 (en-US)
[1a3szy42.default\prefs.js] - Line Deleted : user_pref("extensions.irmysearch.aflt", "ir_14_15_ch");
[1a3szy42.default\prefs.js] - Line Deleted : user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1QzutDtD0F0FyDtBtBtAyD0EyDyE0D0DyB0AtN0D0Tzu0SzztAtCtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StAyDyC0EtDzzzzyEtGyCyByCyDt[...]
[1a3szy42.default\prefs.js] - Line Deleted : user_pref("extensions.irmysearch.cr", "467833748");
[1a3szy42.default\prefs.js] - Line Deleted : user_pref("extensions.irmysearch.instlRef", "140305_b");
-\\ Google Chrome v
[C:\Users\olive\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
[C:\Users\olive\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxps://isearch.avg.com/search?cid={2A162F12-EB0E-4473-9886-272890716F9C}&mid=1159d21ad8cb47d0a3a4d1527e5b20ba-8bd6b6317ec7acc6dcc8fd6d71dc761a18b5d161&lang=en&ds=AVG&pr=fr&d=2012-09-27%2012:05:31&v=12.2.5.34&sap=dsp&q={searchTerms}
[C:\Users\olive\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\olive\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : ngoiabglmnijabkfknliolcbjfcmbmdl
[C:\Users\olive\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : lifbcibllhkdhoafpjfnlhfpfgnpldfl
[C:\Users\olive\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : oiokahphinmbmakkehgelkmpolmnbkdh
[C:\Users\olive\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Startup_URLs] : hxxp://istart.webssearches.com/?type=hppp&ts=1418595098&from=exp&uid=WDCXWD1200BEVS
[C:\Users\olive\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Startup_URLs] : hxxp://search.softonic.com/MON00006/tb_v1?SearchSource=48&cc=
[C:\Users\olive\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Startup_URLs] : hxxp://istart.webssearches.com/?type=hppp&ts=1418595098&from=exp&uid=WDCXWD1200BEVS
*************************
AdwCleaner[R0].txt - [73021 octets] - [04/05/2014 23:58:13]
AdwCleaner[R10].txt - [3232 octets] - [29/12/2014 19:36:37]
AdwCleaner[R11].txt - [2312 octets] - [04/01/2015 19:40:31]
AdwCleaner[R12].txt - [6608 octets] - [05/01/2015 00:25:40]
AdwCleaner[R1].txt - [4087 octets] - [05/05/2014 00:14:57]
AdwCleaner[R2].txt - [9265 octets] - [05/05/2014 22:38:30]
AdwCleaner[R3].txt - [10463 octets] - [19/05/2014 22:29:39]
AdwCleaner[R4].txt - [10595 octets] - [26/05/2014 01:31:46]
AdwCleaner[R5].txt - [1390 octets] - [26/05/2014 01:40:45]
AdwCleaner[R6].txt - [2493 octets] - [12/06/2014 09:36:51]
AdwCleaner[R7].txt - [2120 octets] - [17/08/2014 18:24:48]
AdwCleaner[R8].txt - [4292 octets] - [15/12/2014 06:33:28]
AdwCleaner[R9].txt - [2764 octets] - [29/12/2014 19:27:41]
AdwCleaner[S0].txt - [71810 octets] - [05/05/2014 00:06:44]
AdwCleaner[S1].txt - [6590 octets] - [26/05/2014 01:33:41]
AdwCleaner[S2].txt - [2492 octets] - [12/06/2014 09:39:39]
AdwCleaner[S3].txt - [4307 octets] - [15/12/2014 06:35:45]
AdwCleaner[S4].txt - [3059 octets] - [29/12/2014 19:38:29]
AdwCleaner[S5].txt - [6669 octets] - [05/01/2015 00:31:51]
########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [6729 octets] ##########
HITAKU
Posts: 18 +0
FSRT
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-01-2015 03
Ran by olive (administrator) on OLIVE-PC on 04-01-2015 23:19:26
Running from C:\Users\olive\Downloads
Loaded Profile: olive (Available profiles: olive & Administrator & Guest)
Platform: Microsoft Windows 7 Ultimate (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
() C:\ProgramData\DatacardService\HWDeviceService.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(AVG) C:\Program Files\AVG\AVG PC Tuneup\BoostSpeed.exe
() C:\Program Files\Garena Plus\ggdllhost.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Razer Inc.) C:\Program Files\Razer\Razer Cortex\RzKLService.exe
() C:\Program Files\ZTE Connection Manager\AssistantServices.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler.exe
() C:\Program Files\Razer\Razer Services\GSS\GameScannerService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe
() C:\Program Files\Garena Plus\GarenaMessenger.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgemcx.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Google Inc.) C:\Program Files\Google\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcfgex.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RazerCortex] => C:\Program Files\Razer\Razer Cortex\RazerCortex.exe [60640 2014-09-11] (Razer Inc.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3667472 2014-12-18] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-2864508046-1840752021-4048113893-1000\...\Run: [GarenaPlus] => C:\Program Files\Garena Plus\GarenaMessenger.exe [9974576 2014-10-27] ()
HKU\S-1-5-21-2864508046-1840752021-4048113893-1000\...\MountPoints2: F - F:\Autorun.exe
HKU\S-1-5-21-2864508046-1840752021-4048113893-1000\...\MountPoints2: {0d656420-b6e5-11e1-974c-001b38bfc949} - E:\AutoRun.exe
HKU\S-1-5-21-2864508046-1840752021-4048113893-1000\...\MountPoints2: {0d65642d-b6e5-11e1-974c-001b38bfc949} - E:\AutoRun.exe
HKU\S-1-5-21-2864508046-1840752021-4048113893-1000\...\MountPoints2: {16ff6448-0a34-11e3-a362-001b38bfc949} - F:\AutoRun.exe
HKU\S-1-5-21-2864508046-1840752021-4048113893-1000\...\MountPoints2: {16ff6461-0a34-11e3-a362-001b38bfc949} - F:\AutoRun.exe
HKU\S-1-5-21-2864508046-1840752021-4048113893-1000\...\MountPoints2: {356cf467-6e2a-11e4-95d4-001b38bfc949} - F:\AutoRun.exe
HKU\S-1-5-21-2864508046-1840752021-4048113893-1000\...\MountPoints2: {356cf479-6e2a-11e4-95d4-001b38bfc949} - F:\AutoRun.exe
HKU\S-1-5-21-2864508046-1840752021-4048113893-1000\...\MountPoints2: {47567d4e-4f82-11e3-bf05-001b38bfc949} - F:\AutoRun.exe
HKU\S-1-5-21-2864508046-1840752021-4048113893-1000\...\MountPoints2: {4eb76fee-4b42-11e3-b09c-001b38bfc949} - F:\AutoRun.exe
HKU\S-1-5-21-2864508046-1840752021-4048113893-1000\...\MountPoints2: {538fa989-18a1-11e3-b162-001b38bfc949} - F:\AutoRun.exe
HKU\S-1-5-21-2864508046-1840752021-4048113893-1000\...\MountPoints2: {538fa99c-18a1-11e3-b162-001b38bfc949} - F:\AutoRun.exe
HKU\S-1-5-21-2864508046-1840752021-4048113893-1000\...\MountPoints2: {7b336ec9-004c-11e4-a8e6-001b38bfc949} - F:\AutoRun.exe
HKU\S-1-5-21-2864508046-1840752021-4048113893-1000\...\MountPoints2: {8d783105-4f24-11e3-b8e5-001b38bfc949} - F:\AutoRun.exe
HKU\S-1-5-21-2864508046-1840752021-4048113893-1000\...\MountPoints2: {8d783117-4f24-11e3-b8e5-001b38bfc949} - F:\AutoRun.exe
HKU\S-1-5-21-2864508046-1840752021-4048113893-1000\...\MountPoints2: {a1566cba-4abe-11e3-bcc3-001b38bfc949} - F:\AutoRun.exe
HKU\S-1-5-21-2864508046-1840752021-4048113893-1000\...\MountPoints2: {bfe0d345-0832-11e3-aa3a-001b38bfc949} - E:\Autoplay.exe
HKU\S-1-5-21-2864508046-1840752021-4048113893-1000\...\MountPoints2: {c9408903-632b-11e3-827c-001b38bfc949} - F:\AutoRun.exe
HKU\S-1-5-21-2864508046-1840752021-4048113893-1000\...\MountPoints2: {ef230741-0898-11e3-a1f1-001b38bfc949} - F:\autorun.exe
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\olive\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\olive\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\olive\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-2864508046-1840752021-4048113893-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ksa.msn.com/?rd=1&ucc=SA&dcc=SA&opt=0
URLSearchHook: HKU\S-1-5-21-2864508046-1840752021-4048113893-1000 - YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn8\yt.dll (Yahoo! Inc.)
SearchScopes: HKLM -> DefaultScope value is missing.
SearchScopes: HKU\S-1-5-21-2864508046-1840752021-4048113893-1000 -> DefaultScope {9B0DF573-F9ED-440B-9A62-49DCDEF15264} URL = https://ph.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=407453&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2864508046-1840752021-4048113893-1000 -> {492CBCC4-502D-4C79-99C4-9BC09FD8FEE6} URL = http://ph.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=407453&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2864508046-1840752021-4048113893-1000 -> {9B0DF573-F9ED-440B-9A62-49DCDEF15264} URL = https://ph.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=407453&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2864508046-1840752021-4048113893-1000 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://search.yahoo.com/search?p={searchTerms}&fr=mkg028
SearchScopes: HKU\S-1-5-21-2864508046-1840752021-4048113893-1000 -> {E85D6642-6EE8-465F-9ED6-8098FB498B4C} URL = https://isearch.avg.com/search?cid=...61a18b5d161&lang=en&ds=AVG&pr=fr&d=2012-09-27 12:05:31&v=12.2.5.34&sap=dsp&q={searchTerms}
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll No File
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKU\S-1-5-21-2864508046-1840752021-4048113893-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2E03FDE5-6C32-4085-A19F-F1A01CDE27A0}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{52235E54-F1A5-48F9-8386-7D46220F77A1}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{57BD95B5-B59F-42ED-BA98-50E075A5568D}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{F25ABC70-30A0-4EAB-90F8-502E7806697B}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
FireFox:
========
FF ProfilePath: C:\Users\olive\AppData\Roaming\Mozilla\Firefox\Profiles\1a3szy42.default
FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Keyword.URL: https://ph.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=407453&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.1.18 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.1.18 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @t.garena.com/garenatalk -> C:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2864508046-1840752021-4048113893-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\olive\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-2864508046-1840752021-4048113893-1000: @tools.google.com/Google Update;version=3 -> C:\Users\olive\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2864508046-1840752021-4048113893-1000: @tools.google.com/Google Update;version=9 -> C:\Users\olive\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2864508046-1840752021-4048113893-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\olive\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-03-26]
FF HKLM\...\Firefox\Extensions: [{DAC3F861-B30D-40dd-9166-F4E75327FAC7}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: No Name - C:\Users\olive\AppData\Roaming\Mozilla\Firefox\Profiles\1a3szy42.default\extensions\ffxtlbr@alnaddyToolbar.com [Not Found]
FF Extension: No Name - C:\Users\olive\AppData\Roaming\Mozilla\Firefox\Profiles\1a3szy42.default\extensions\{A88AA718-8AA6-F9FC-95E3-C4CC78077993} [Not Found]
Chrome:
=======
CHR Profile: C:\Users\olive\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\olive\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-14]
CHR Extension: (YouTube) - C:\Users\olive\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-14]
CHR Extension: (Google Search) - C:\Users\olive\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-14]
CHR Extension: (Google Wallet) - C:\Users\olive\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-14]
CHR Extension: (Battlefield Play4Free) - C:\Users\olive\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh [2014-12-13]
CHR Extension: (Gmail) - C:\Users\olive\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-26]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-03-06]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3432976 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [298080 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [271712 2011-03-14] ()
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 npggsvc; C:\Windows\system32\GameMon.des [5132656 2013-10-22] (INCA Internet Co., Ltd.)
S4 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75136 2014-12-14] ()
R2 Razer Game Scanner Service; C:\Program Files\Razer\Razer Services\GSS\GameScannerService.exe [183488 2014-11-01] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-03-06] ()
R2 RzKLService; C:\Program Files\Razer\Razer Cortex\RzKLService.exe [105448 2014-09-11] (Razer Inc.)
S4 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3289208 2013-05-14] (Skype Technologies S.A.)
S4 Sun_Philippines Wave Modem Device Helper; C:\Program Files\Sun Broadband Wireless\BackgroundService\ServiceManager.exe [49752 2011-06-20] () [File not signed]
R2 UI Assistant Service; C:\Program Files\ZTE Connection Manager\AssistantServices.exe [252784 2010-07-23] ()
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [208152 2014-12-08] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [154904 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [192792 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [230680 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [200984 2014-10-10] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-05-09] (AVG Technologies)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [35560 2012-08-02] (AnchorFree Inc.)
S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [96000 2012-08-20] (Huawei Technologies Co., Ltd.)
S3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [27520 2012-08-20] (Huawei Technologies Co., Ltd.)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [205312 2012-12-03] (Huawei Technologies Co., Ltd.)
S3 jrdusbser; C:\Windows\System32\DRIVERS\jrdusbser.sys [106112 2011-06-20] (TCT International Mobile Ltd)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-01-04] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-11-21] (Malwarebytes Corporation)
R3 mcdbus; C:\Windows\System32\DRIVERS\mcdbus.sys [116736 2009-02-24] (MagicISO, Inc.) [File not signed]
S3 NPPTNT2; C:\Windows\system32\npptNT2.sys [4682 2004-12-31] (INCA Internet Co., Ltd.) [File not signed]
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [20416 2014-11-01] (Razer, Inc.)
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [60156 2011-06-15] (PowerISO Computing, Inc.) [File not signed]
R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
R3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [33512 2012-08-02] (AnchorFree Inc)
R3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [165376 2009-07-23] (Microsoft Corporation)
R1 vpcnfltr; C:\Windows\System32\DRIVERS\vpcnfltr.sys [55040 2009-07-23] (Microsoft Corporation)
R3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [78336 2009-07-23] (Microsoft Corporation)
R1 vpcvmm; C:\Windows\System32\drivers\vpcvmm.sys [293904 2009-07-23] (Microsoft Corporation)
S3 ZSMC303; C:\Windows\System32\Drivers\usbVM303.sys [391300 2006-02-23] (Vimicro Corporation)
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files\Garena Plus\Room\safedrv.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-04 23:19 - 2015-01-04 23:20 - 00021810 _____ () C:\Users\olive\Downloads\FRST.txt
2015-01-04 23:18 - 2015-01-04 23:18 - 00006425 _____ () C:\Users\olive\Downloads\fixlist.txt
2015-01-04 23:17 - 2015-01-04 23:17 - 01115136 _____ (Farbar) C:\Users\olive\Downloads\FRST.exe
2015-01-04 22:57 - 2015-01-04 23:19 - 00000000 ____D () C:\FRST
2015-01-04 22:52 - 2015-01-04 22:52 - 00000076 _____ () C:\Users\olive\Desktop\virus help.txt
2015-01-04 22:10 - 2015-01-04 23:02 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-01-04 22:07 - 2015-01-04 22:47 - 00000000 ____D () C:\Users\olive\Desktop\mbar
2015-01-04 22:04 - 2015-01-04 22:07 - 16448208 _____ (Malwarebytes Corp.) C:\Users\olive\Downloads\mbar-1.08.2.1001.exe
2015-01-04 21:59 - 2015-01-04 21:59 - 00001122 _____ () C:\Users\olive\Desktop\attach.txt
2015-01-04 21:57 - 2015-01-04 21:57 - 00688992 ____R (Swearware) C:\Users\olive\Downloads\dds.com
2015-01-04 21:50 - 2015-01-04 23:02 - 00007376 _____ () C:\Windows\PFRO.log
2015-01-04 21:07 - 2015-01-04 23:09 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-04 21:06 - 2015-01-04 22:08 - 00079576 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-04 21:06 - 2015-01-04 21:06 - 00001024 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-04 21:06 - 2015-01-04 21:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-04 21:06 - 2015-01-04 21:06 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-01-04 21:06 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-04 21:06 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-04 21:03 - 2015-01-04 22:54 - 00000000 ____D () C:\Users\olive\Desktop\logss
2015-01-04 20:51 - 2015-01-04 21:05 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\olive\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-04 20:16 - 2015-01-04 20:16 - 00144944 _____ () C:\Windows\Minidump\010415-45614-01.dmp
2015-01-04 19:56 - 2015-01-04 22:02 - 00035064 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-01-04 19:56 - 2015-01-04 19:56 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-01-04 19:49 - 2015-01-04 19:55 - 15298136 _____ () C:\Users\olive\Downloads\RogueKiller.exe
2015-01-03 16:44 - 2015-01-03 17:10 - 606244774 _____ () C:\Users\olive\Downloads\Halo.rar
2015-01-03 03:25 - 2015-01-03 03:26 - 21273772 _____ () C:\Users\olive\Downloads\AttackOnTitanTributeGame v11212014b [juupzz-creation].rar
2015-01-03 00:08 - 2015-01-04 23:07 - 00000616 _____ () C:\Windows\setupact.log
2015-01-02 19:19 - 2015-01-02 19:19 - 00000000 ____D () C:\Users\olive\AppData\Roaming\AVG2015
2015-01-02 19:18 - 2015-01-02 19:18 - 00000895 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2015-01-02 19:18 - 2015-01-02 19:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-01-02 19:17 - 2015-01-04 19:07 - 00000000 ____D () C:\ProgramData\AVG2015
2015-01-02 19:09 - 2015-01-02 19:10 - 04578040 _____ (AVG Technologies) C:\Users\olive\Downloads\avg_free_stb_all_2015_5315_ppc12 (1).exe
2015-01-02 18:58 - 2015-01-02 19:36 - 00000000 ____D () C:\Users\olive\AppData\Roaming\Otbiwag
2015-01-02 09:56 - 2015-01-02 09:56 - 00000000 ____D () C:\Users\olive\Downloads\Modern Combat 3 Fallen Nation v1.1.4g apkmania.com
2015-01-02 09:23 - 2015-01-02 09:31 - 90248213 _____ () C:\Users\olive\Downloads\Modern Combat 3 Fallen Nation v1.1.4g apkmania.com.rar
2015-01-02 09:20 - 2015-01-02 09:22 - 00000000 ____D () C:\Users\olive\Downloads\com.gameloft.android.ANMP.GloftM3HM build.1120 apkmania.com
2015-01-02 07:09 - 2015-01-02 07:09 - 00000000 ____D () C:\Users\olive\Downloads\MC5-110k-Data-Obb
2015-01-02 06:39 - 2015-01-02 06:39 - 00000000 ____D () C:\Users\olive\Downloads\Odin3-v1.85
2015-01-02 06:38 - 2015-01-02 06:38 - 00000000 ____D () C:\Users\olive\Downloads\Samsung Galaxy Tab2 7.0 GT- P3100_CF-Auto-Root-espressor_
2015-01-02 06:35 - 2015-01-02 06:37 - 11131427 _____ () C:\Users\olive\Downloads\Samsung Galaxy Tab2 7.0 GT- P3100_CF-Auto-Root-espressor_.rar
2015-01-02 06:34 - 2015-01-02 06:34 - 00121176 _____ (Company V) C:\Users\olive\Downloads\download
2015-01-02 06:22 - 2015-01-02 06:22 - 00000953 _____ () C:\Users\Public\Desktop\Kingo ROOT.lnk
2015-01-02 06:22 - 2015-01-02 06:22 - 00000000 ____D () C:\Users\olive\AppData\Roaming\Kingosoft
2015-01-02 06:22 - 2015-01-02 06:22 - 00000000 ____D () C:\Users\olive\AppData\Local\Kingosoft
2015-01-02 06:22 - 2015-01-02 06:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kingo ROOT
2015-01-02 06:22 - 2015-01-02 06:22 - 00000000 ____D () C:\Program Files\Kingo ROOT
2015-01-02 01:43 - 2015-01-02 01:43 - 00001474 _____ () C:\Users\olive\Downloads\up09253.zip
2015-01-01 11:12 - 2015-01-01 11:30 - 00000000 ____D () C:\Users\olive\Downloads\War Of Ages
2015-01-01 11:10 - 2015-01-01 11:10 - 00054568 _____ () C:\Users\olive\Downloads\[kat.sitescrack.com]war.of.ages.discography.2005.2012.torrent
2015-01-01 11:08 - 2015-01-01 11:08 - 00017811 _____ () C:\Users\olive\Downloads\[kat.sitescrack.com]war.of.ages.discography.includes.2010.release.jonnybeans.torrent
2015-01-01 06:08 - 2015-01-01 06:08 - 00002688 _____ () C:\Users\olive\Downloads\[kickass.so]modern.combat.5.blackout.mc5.1.0.2f.update.cracked.patched.apk.data.obb.android.download.free.torrent
2015-01-01 05:58 - 2015-01-01 06:13 - 00000000 ____D () C:\Users\olive\Downloads\Exiles v2.18 apkmania.com
2015-01-01 05:50 - 2015-01-02 07:09 - 00000000 ____D () C:\Users\olive\Downloads\Modern Combat 5 - Blackout v1.0.2f apkmania.com
2014-12-31 18:55 - 2015-01-02 19:36 - 00000000 ____D () C:\Users\olive\AppData\Roaming\Woqoasri
2014-12-29 19:52 - 2014-12-29 19:52 - 00001211 _____ () C:\Users\Public\Desktop\YTD Video Downloader.lnk
2014-12-29 19:52 - 2014-12-29 19:52 - 00000000 ____D () C:\Program Files\GreenTree Applications
2014-12-29 18:49 - 2015-01-02 19:36 - 00000000 ____D () C:\Users\olive\AppData\Roaming\Cokuveim
2014-12-29 18:06 - 2014-12-29 18:06 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini
2014-12-29 18:06 - 2014-12-29 18:06 - 00000000 ____D () C:\Users\Administrator
2014-12-29 18:06 - 2009-07-14 12:42 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-29 18:06 - 2009-07-14 12:37 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-12-29 02:17 - 2014-12-29 02:17 - 00020681 _____ () C:\Users\olive\Downloads\[ZenSub] Mangaka-san to Assistant-san - OVA (BDRip 1280x720 x264 FLAC).mkv.torrent
2014-12-28 04:39 - 2014-12-28 06:49 - 00000000 ____D () C:\Program Files\Steam
2014-12-28 04:39 - 2014-12-28 05:04 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-12-28 04:39 - 2014-12-28 04:39 - 01142392 _____ () C:\Users\olive\Downloads\SteamSetup.exe
2014-12-28 04:39 - 2014-12-28 04:39 - 01142392 _____ () C:\Users\olive\Downloads\SteamSetup (1).exe
2014-12-28 04:39 - 2014-12-28 04:39 - 00000885 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-12-28 04:39 - 2014-12-28 04:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-12-27 20:33 - 2014-12-27 20:33 - 00000009 _____ () C:\Users\olive\Desktop\stalk.txt
2014-12-27 19:33 - 2015-01-02 19:27 - 00000000 ____D () C:\Users\olive\AppData\Roaming\Aksolai
2014-12-27 18:40 - 2015-01-02 19:36 - 00000000 ____D () C:\Users\olive\AppData\Roaming\Oqtaovi
2014-12-27 03:27 - 2014-12-27 03:27 - 00000000 ____D () C:\Users\olive\Downloads\Halo 2 Activation
2014-12-27 03:26 - 2014-12-27 03:26 - 00168211 _____ () C:\Users\olive\Downloads\Halo 2 Activation.rar
2014-12-27 03:20 - 2014-12-27 03:20 - 00000000 ____D () C:\Users\olive\Downloads\rzr-hal2
2014-12-27 03:19 - 2014-12-27 03:19 - 00003773 ____R () C:\Users\olive\Downloads\rzr-hal2.rar
2014-12-27 03:18 - 2014-12-27 03:18 - 00000559 _____ () C:\Users\olive\Downloads\[kickass.so]halo.2.crack.only.torrent
2014-12-27 03:12 - 2014-12-27 03:12 - 00000000 ____D () C:\Users\olive\AppData\Roaming\Microsoft Game Studios
2014-12-27 02:19 - 2014-12-27 02:19 - 00000000 ____D () C:\Windows\system32\original
2014-12-27 01:47 - 2014-12-27 01:47 - 00000000 ____D () C:\Users\olive\Downloads\[PC] Halo 2 XP + VISTA [RIP] [dopeman]
2014-12-25 11:00 - 2014-12-25 11:00 - 00013554 _____ () C:\Users\olive\Downloads\[kickass.so]pc.halo.2.xp.vista.rip.dopeman.zip.torrent
2014-12-24 04:36 - 2014-12-24 04:44 - 00000000 ____D () C:\Users\olive\Downloads\Cabin Fever (2002)
2014-12-24 04:35 - 2014-12-24 04:35 - 00015852 _____ () C:\Users\olive\Downloads\Cabin_Fever_2002_720p.torrent
2014-12-24 04:31 - 2014-12-24 04:31 - 00015403 _____ () C:\Users\olive\Downloads\The_Signal_2014_1080p_1080p.torrent
2014-12-23 18:34 - 2015-01-04 21:34 - 00000000 ____D () C:\Users\olive\AppData\Local\Owpics
2014-12-23 14:21 - 2014-12-23 14:21 - 00000106 _____ () C:\Users\olive\Desktop\galleon shop location.txt
2014-12-21 17:55 - 2015-01-04 21:33 - 00000000 ____D () C:\Users\olive\AppData\Local\Awrdworks
2014-12-21 14:33 - 2014-12-21 14:33 - 00004286 _____ () C:\Windows\system32\jupdate-1.7.0_71-b14.log
2014-12-21 14:33 - 2014-12-21 14:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-21 14:33 - 2014-09-26 18:42 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-12-21 14:33 - 2014-09-26 18:36 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-12-21 14:33 - 2014-09-26 18:36 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-12-21 14:33 - 2014-09-26 18:35 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-12-17 20:23 - 2014-12-17 20:23 - 00000000 ____D () C:\Users\olive\AppData\Local\Razer_Inc
2014-12-17 20:22 - 2014-12-17 20:22 - 00000000 ____D () C:\Users\olive\Documents\Razer
2014-12-17 20:18 - 2014-12-17 20:18 - 00001956 _____ () C:\Users\Public\Desktop\Razer Cortex.lnk
2014-12-17 20:18 - 2014-12-17 20:18 - 00000000 ____D () C:\Users\olive\AppData\Local\Razer
2014-12-17 20:18 - 2014-12-17 20:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2014-12-17 20:17 - 2014-12-17 20:18 - 00000000 ____D () C:\ProgramData\Razer
2014-12-17 20:17 - 2014-12-17 20:18 - 00000000 ____D () C:\Program Files\Razer
2014-12-17 20:17 - 2014-12-17 20:17 - 00000000 ____D () C:\Users\olive\AppData\Roaming\AVG
2014-12-17 20:17 - 2014-11-01 06:27 - 00020416 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpmgrk.sys
2014-12-17 20:09 - 2009-11-25 11:47 - 01130824 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-12-17 20:09 - 2009-11-25 11:47 - 00297808 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2014-12-17 20:09 - 2009-11-25 11:47 - 00295264 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2014-12-17 20:09 - 2009-11-25 11:47 - 00099176 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2014-12-17 20:09 - 2009-11-25 11:47 - 00049472 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2014-12-17 19:56 - 2015-01-04 19:35 - 00000000 ____D () C:\Users\olive\AppData\Local\Avg2015
2014-12-17 19:56 - 2014-12-17 19:56 - 04578040 _____ (AVG Technologies) C:\Users\olive\Downloads\avg_free_stb_all_2015_5315_ppc12.exe
2014-12-15 18:09 - 2014-12-15 18:09 - 00101072 _____ (GreenTree Applications SRL) C:\Users\olive\Downloads\YTDSetup (1).exe
2014-12-15 17:43 - 2014-12-15 17:43 - 00101072 _____ (GreenTree Applications SRL) C:\Users\olive\Downloads\YTDSetup.exe
2014-12-15 06:11 - 2014-12-15 06:11 - 00000000 ____D () C:\ProgramData\IHProtectUpDate
2014-12-14 05:55 - 2014-12-14 05:56 - 00000000 ____D () C:\Users\olive\Downloads\Big Hero 6 2014 HDCAM NEW SOURCE XviD AC3 ACAB
2014-12-14 05:54 - 2015-01-01 22:38 - 00000761 _____ () C:\Windows\system32\Drivers\etc\hosts.txt
2014-12-14 05:50 - 2014-12-25 10:53 - 00000000 ____D () C:\Program Files\GarenaPBPH
2014-12-14 02:48 - 2014-12-14 05:46 - 1249654704 _____ () C:\PointBlank_GarenaPlus_Install_1034.exe
2014-12-14 02:34 - 2014-12-14 02:40 - 00234768 _____ () C:\Windows\system32\PnkBstrB.xtr
2014-12-14 02:34 - 2014-12-14 02:34 - 00000000 ____D () C:\Users\olive\AppData\Local\PunkBuster
2014-12-14 01:50 - 2014-12-14 02:35 - 00138264 _____ () C:\Windows\system32\Drivers\PnkBstrK.sys
2014-12-14 01:50 - 2014-12-14 02:33 - 00000000 ____D () C:\Users\olive\Documents\Battlefield Play4Free
2014-12-14 01:50 - 2014-12-14 01:50 - 00138056 _____ () C:\Users\olive\AppData\Roaming\PnkBstrK.sys
2014-12-14 01:49 - 2014-12-14 02:40 - 00234768 _____ () C:\Windows\system32\PnkBstrB.exe
2014-12-14 01:49 - 2014-12-14 01:49 - 00075136 _____ () C:\Windows\system32\PnkBstrA.exe
2014-12-14 01:49 - 2014-12-14 01:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games
2014-12-14 00:19 - 2014-12-14 00:40 - 137678830 _____ () C:\Users\olive\Downloads\Big Hero 6.rar
2014-12-08 21:25 - 2014-12-08 21:25 - 00208152 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdriverx.sys
2014-12-05 18:15 - 2014-12-05 18:29 - 18409608 _____ () C:\Users\olive\Downloads\TouchPal X Keyboard apk 5.5.0.3 apkdock.com.zip
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-04 23:20 - 2012-08-15 18:01 - 00000000 ____D () C:\ProgramData\TEMP
2015-01-04 23:19 - 2013-11-18 22:10 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2864508046-1840752021-4048113893-1000UA.job
2015-01-04 23:13 - 2009-07-14 12:34 - 00017136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-04 23:13 - 2009-07-14 12:34 - 00017136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-04 23:11 - 2013-12-27 04:58 - 00000000 ____D () C:\Users\olive\AppData\Roaming\GarenaPlus
2015-01-04 23:11 - 2013-12-27 04:46 - 00000000 ____D () C:\ProgramData\GarenaMessenger
2015-01-04 23:11 - 2012-05-03 00:33 - 02060227 _____ () C:\Windows\WindowsUpdate.log
2015-01-04 23:07 - 2013-08-24 18:28 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-04 23:07 - 2009-07-14 12:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-04 22:54 - 2012-08-15 17:08 - 00000000 ____D () C:\ProgramData\MFAData
2015-01-04 22:49 - 2009-07-14 12:52 - 00000000 ____D () C:\Windows\addins
2015-01-04 22:47 - 2013-08-19 12:02 - 00000000 ____D () C:\Users\olive\Desktop\games
2015-01-04 22:35 - 2013-08-24 18:28 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-04 22:31 - 2012-06-14 01:54 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-04 22:24 - 2012-06-14 02:11 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2864508046-1840752021-4048113893-1000UA.job
2015-01-04 22:24 - 2012-06-14 02:11 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2864508046-1840752021-4048113893-1000Core.job
2015-01-04 21:43 - 2012-08-15 23:06 - 00000000 ____D () C:\Users\olive\AppData\Local\CRE
2015-01-04 21:43 - 2012-05-03 01:33 - 00000000 ____D () C:\Users\olive\AppData\Roaming\vlc
2015-01-04 21:06 - 2012-10-04 19:18 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-04 20:32 - 2013-09-21 02:02 - 00007594 _____ () C:\Users\olive\AppData\Local\resmon.resmoncfg
2015-01-04 20:21 - 2012-06-16 19:56 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-01-04 20:16 - 2014-01-27 06:40 - 00000000 ____D () C:\Windows\Minidump
2015-01-04 19:42 - 2014-05-04 23:58 - 00000000 ____D () C:\AdwCleaner
2015-01-04 19:26 - 2013-12-27 06:42 - 00000000 ____D () C:\Users\olive\Desktop\melancholy
2015-01-04 11:19 - 2013-11-18 22:10 - 00000906 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2864508046-1840752021-4048113893-1000Core.job
2015-01-03 16:16 - 2014-04-17 14:21 - 00000000 ____D () C:\Users\olive\Desktop\d
2015-01-03 16:04 - 2012-05-03 00:45 - 00800548 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-03 06:28 - 2014-06-03 13:54 - 00000000 ____D () C:\Users\olive\AppData\Roaming\uTorrent
2015-01-02 19:52 - 2014-10-06 20:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo II
2015-01-02 19:52 - 2014-08-13 20:02 - 00000000 ____D () C:\Users\olive\Desktop\misc
2015-01-02 19:52 - 2014-04-10 02:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sigma Team
2015-01-02 19:52 - 2013-09-09 00:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Bro
2015-01-02 19:52 - 2013-08-21 12:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Master of Defense
2015-01-02 19:52 - 2012-05-03 01:20 - 00000000 ____D () C:\Users\olive\Desktop\PALARO
2015-01-02 19:52 - 2009-07-14 12:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-02 19:17 - 2012-08-15 17:13 - 00000000 ___HD () C:\$AVG
2015-01-02 19:16 - 2012-08-15 17:12 - 00000000 ____D () C:\Program Files\AVG
2015-01-02 07:16 - 2014-09-09 04:13 - 00000000 ____D () C:\Users\olive\Desktop\com.gameloft.android.ANMP.GloftM5HM apkmania.com
2015-01-01 18:15 - 2014-02-17 11:26 - 00000000 ____D () C:\Users\olive\Desktop\Gravity 2013 1080p WEBDL x264 Pimp4003
2014-12-30 18:17 - 2013-12-27 04:47 - 00000000 ____D () C:\Program Files\Garena Plus
2014-12-30 05:18 - 2013-11-19 21:17 - 00000000 ____D () C:\Users\olive\AppData\Roaming\.minecraft
2014-12-29 19:42 - 2009-07-14 12:53 - 00032612 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-27 02:27 - 2013-08-19 05:00 - 00000000 ____D () C:\Users\olive\Documents\My Games
2014-12-25 10:53 - 2013-12-27 04:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garena
2014-12-24 21:21 - 2009-07-14 10:37 - 00000000 ____D () C:\Windows\rescache
2014-12-21 14:33 - 2013-06-22 15:38 - 00000000 ____D () C:\Program Files\Java
2014-12-18 22:02 - 2009-07-14 10:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-12-17 20:09 - 2012-05-03 01:27 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-12-17 17:29 - 2009-07-14 12:33 - 00412432 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-17 06:06 - 2012-05-03 01:00 - 00108824 _____ () C:\Users\olive\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-15 18:21 - 2013-12-24 21:41 - 00000000 ____D () C:\ProgramData\YTD Video Downloader
2014-12-15 15:17 - 2012-12-20 19:00 - 00000000 ____D () C:\ProgramData\InstallMate
2014-12-15 06:22 - 2009-07-14 10:04 - 00000580 _____ () C:\Windows\win.ini
2014-12-15 06:17 - 2013-12-26 17:47 - 00000983 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-14 06:42 - 2014-08-08 19:10 - 00000000 ____D () C:\Users\olive\AppData\Roaming\CDisplayEx
2014-12-14 02:45 - 2014-05-13 00:32 - 00000000 ____D () C:\Program Files\EA Games
2014-12-14 01:49 - 2009-07-14 10:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-12-13 19:44 - 2014-06-08 22:54 - 00000000 ____D () C:\Dev-Cpp
Some content of TEMP:
====================
C:\Users\olive\AppData\Local\Temp\dllnt_dump.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-04 12:51
==================== End Of Log ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-01-2015 03
Ran by olive (administrator) on OLIVE-PC on 04-01-2015 23:19:26
Running from C:\Users\olive\Downloads
Loaded Profile: olive (Available profiles: olive & Administrator & Guest)
Platform: Microsoft Windows 7 Ultimate (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
() C:\ProgramData\DatacardService\HWDeviceService.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(AVG) C:\Program Files\AVG\AVG PC Tuneup\BoostSpeed.exe
() C:\Program Files\Garena Plus\ggdllhost.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Razer Inc.) C:\Program Files\Razer\Razer Cortex\RzKLService.exe
() C:\Program Files\ZTE Connection Manager\AssistantServices.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler.exe
() C:\Program Files\Razer\Razer Services\GSS\GameScannerService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe
() C:\Program Files\Garena Plus\GarenaMessenger.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgemcx.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Google Inc.) C:\Program Files\Google\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcfgex.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RazerCortex] => C:\Program Files\Razer\Razer Cortex\RazerCortex.exe [60640 2014-09-11] (Razer Inc.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3667472 2014-12-18] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-2864508046-1840752021-4048113893-1000\...\Run: [GarenaPlus] => C:\Program Files\Garena Plus\GarenaMessenger.exe [9974576 2014-10-27] ()
HKU\S-1-5-21-2864508046-1840752021-4048113893-1000\...\MountPoints2: F - F:\Autorun.exe
HKU\S-1-5-21-2864508046-1840752021-4048113893-1000\...\MountPoints2: {0d656420-b6e5-11e1-974c-001b38bfc949} - E:\AutoRun.exe
HKU\S-1-5-21-2864508046-1840752021-4048113893-1000\...\MountPoints2: {0d65642d-b6e5-11e1-974c-001b38bfc949} - E:\AutoRun.exe
HKU\S-1-5-21-2864508046-1840752021-4048113893-1000\...\MountPoints2: {16ff6448-0a34-11e3-a362-001b38bfc949} - F:\AutoRun.exe
HKU\S-1-5-21-2864508046-1840752021-4048113893-1000\...\MountPoints2: {16ff6461-0a34-11e3-a362-001b38bfc949} - F:\AutoRun.exe
HKU\S-1-5-21-2864508046-1840752021-4048113893-1000\...\MountPoints2: {356cf467-6e2a-11e4-95d4-001b38bfc949} - F:\AutoRun.exe
HKU\S-1-5-21-2864508046-1840752021-4048113893-1000\...\MountPoints2: {356cf479-6e2a-11e4-95d4-001b38bfc949} - F:\AutoRun.exe
HKU\S-1-5-21-2864508046-1840752021-4048113893-1000\...\MountPoints2: {47567d4e-4f82-11e3-bf05-001b38bfc949} - F:\AutoRun.exe
HKU\S-1-5-21-2864508046-1840752021-4048113893-1000\...\MountPoints2: {4eb76fee-4b42-11e3-b09c-001b38bfc949} - F:\AutoRun.exe
HKU\S-1-5-21-2864508046-1840752021-4048113893-1000\...\MountPoints2: {538fa989-18a1-11e3-b162-001b38bfc949} - F:\AutoRun.exe
HKU\S-1-5-21-2864508046-1840752021-4048113893-1000\...\MountPoints2: {538fa99c-18a1-11e3-b162-001b38bfc949} - F:\AutoRun.exe
HKU\S-1-5-21-2864508046-1840752021-4048113893-1000\...\MountPoints2: {7b336ec9-004c-11e4-a8e6-001b38bfc949} - F:\AutoRun.exe
HKU\S-1-5-21-2864508046-1840752021-4048113893-1000\...\MountPoints2: {8d783105-4f24-11e3-b8e5-001b38bfc949} - F:\AutoRun.exe
HKU\S-1-5-21-2864508046-1840752021-4048113893-1000\...\MountPoints2: {8d783117-4f24-11e3-b8e5-001b38bfc949} - F:\AutoRun.exe
HKU\S-1-5-21-2864508046-1840752021-4048113893-1000\...\MountPoints2: {a1566cba-4abe-11e3-bcc3-001b38bfc949} - F:\AutoRun.exe
HKU\S-1-5-21-2864508046-1840752021-4048113893-1000\...\MountPoints2: {bfe0d345-0832-11e3-aa3a-001b38bfc949} - E:\Autoplay.exe
HKU\S-1-5-21-2864508046-1840752021-4048113893-1000\...\MountPoints2: {c9408903-632b-11e3-827c-001b38bfc949} - F:\AutoRun.exe
HKU\S-1-5-21-2864508046-1840752021-4048113893-1000\...\MountPoints2: {ef230741-0898-11e3-a1f1-001b38bfc949} - F:\autorun.exe
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\olive\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\olive\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\olive\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-2864508046-1840752021-4048113893-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ksa.msn.com/?rd=1&ucc=SA&dcc=SA&opt=0
URLSearchHook: HKU\S-1-5-21-2864508046-1840752021-4048113893-1000 - YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn8\yt.dll (Yahoo! Inc.)
SearchScopes: HKLM -> DefaultScope value is missing.
SearchScopes: HKU\S-1-5-21-2864508046-1840752021-4048113893-1000 -> DefaultScope {9B0DF573-F9ED-440B-9A62-49DCDEF15264} URL = https://ph.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=407453&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2864508046-1840752021-4048113893-1000 -> {492CBCC4-502D-4C79-99C4-9BC09FD8FEE6} URL = http://ph.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=407453&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2864508046-1840752021-4048113893-1000 -> {9B0DF573-F9ED-440B-9A62-49DCDEF15264} URL = https://ph.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=407453&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2864508046-1840752021-4048113893-1000 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://search.yahoo.com/search?p={searchTerms}&fr=mkg028
SearchScopes: HKU\S-1-5-21-2864508046-1840752021-4048113893-1000 -> {E85D6642-6EE8-465F-9ED6-8098FB498B4C} URL = https://isearch.avg.com/search?cid=...61a18b5d161&lang=en&ds=AVG&pr=fr&d=2012-09-27 12:05:31&v=12.2.5.34&sap=dsp&q={searchTerms}
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll No File
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKU\S-1-5-21-2864508046-1840752021-4048113893-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2E03FDE5-6C32-4085-A19F-F1A01CDE27A0}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{52235E54-F1A5-48F9-8386-7D46220F77A1}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{57BD95B5-B59F-42ED-BA98-50E075A5568D}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{F25ABC70-30A0-4EAB-90F8-502E7806697B}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
FireFox:
========
FF ProfilePath: C:\Users\olive\AppData\Roaming\Mozilla\Firefox\Profiles\1a3szy42.default
FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Keyword.URL: https://ph.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=407453&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.1.18 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.1.18 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @t.garena.com/garenatalk -> C:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2864508046-1840752021-4048113893-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\olive\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-2864508046-1840752021-4048113893-1000: @tools.google.com/Google Update;version=3 -> C:\Users\olive\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2864508046-1840752021-4048113893-1000: @tools.google.com/Google Update;version=9 -> C:\Users\olive\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2864508046-1840752021-4048113893-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\olive\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-03-26]
FF HKLM\...\Firefox\Extensions: [{DAC3F861-B30D-40dd-9166-F4E75327FAC7}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: No Name - C:\Users\olive\AppData\Roaming\Mozilla\Firefox\Profiles\1a3szy42.default\extensions\ffxtlbr@alnaddyToolbar.com [Not Found]
FF Extension: No Name - C:\Users\olive\AppData\Roaming\Mozilla\Firefox\Profiles\1a3szy42.default\extensions\{A88AA718-8AA6-F9FC-95E3-C4CC78077993} [Not Found]
Chrome:
=======
CHR Profile: C:\Users\olive\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\olive\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-14]
CHR Extension: (YouTube) - C:\Users\olive\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-14]
CHR Extension: (Google Search) - C:\Users\olive\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-14]
CHR Extension: (Google Wallet) - C:\Users\olive\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-14]
CHR Extension: (Battlefield Play4Free) - C:\Users\olive\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh [2014-12-13]
CHR Extension: (Gmail) - C:\Users\olive\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-26]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-03-06]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3432976 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [298080 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [271712 2011-03-14] ()
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 npggsvc; C:\Windows\system32\GameMon.des [5132656 2013-10-22] (INCA Internet Co., Ltd.)
S4 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75136 2014-12-14] ()
R2 Razer Game Scanner Service; C:\Program Files\Razer\Razer Services\GSS\GameScannerService.exe [183488 2014-11-01] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-03-06] ()
R2 RzKLService; C:\Program Files\Razer\Razer Cortex\RzKLService.exe [105448 2014-09-11] (Razer Inc.)
S4 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3289208 2013-05-14] (Skype Technologies S.A.)
S4 Sun_Philippines Wave Modem Device Helper; C:\Program Files\Sun Broadband Wireless\BackgroundService\ServiceManager.exe [49752 2011-06-20] () [File not signed]
R2 UI Assistant Service; C:\Program Files\ZTE Connection Manager\AssistantServices.exe [252784 2010-07-23] ()
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [208152 2014-12-08] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [154904 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [192792 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [230680 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [200984 2014-10-10] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-05-09] (AVG Technologies)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [35560 2012-08-02] (AnchorFree Inc.)
S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [96000 2012-08-20] (Huawei Technologies Co., Ltd.)
S3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [27520 2012-08-20] (Huawei Technologies Co., Ltd.)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [205312 2012-12-03] (Huawei Technologies Co., Ltd.)
S3 jrdusbser; C:\Windows\System32\DRIVERS\jrdusbser.sys [106112 2011-06-20] (TCT International Mobile Ltd)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-01-04] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-11-21] (Malwarebytes Corporation)
R3 mcdbus; C:\Windows\System32\DRIVERS\mcdbus.sys [116736 2009-02-24] (MagicISO, Inc.) [File not signed]
S3 NPPTNT2; C:\Windows\system32\npptNT2.sys [4682 2004-12-31] (INCA Internet Co., Ltd.) [File not signed]
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [20416 2014-11-01] (Razer, Inc.)
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [60156 2011-06-15] (PowerISO Computing, Inc.) [File not signed]
R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
R3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [33512 2012-08-02] (AnchorFree Inc)
R3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [165376 2009-07-23] (Microsoft Corporation)
R1 vpcnfltr; C:\Windows\System32\DRIVERS\vpcnfltr.sys [55040 2009-07-23] (Microsoft Corporation)
R3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [78336 2009-07-23] (Microsoft Corporation)
R1 vpcvmm; C:\Windows\System32\drivers\vpcvmm.sys [293904 2009-07-23] (Microsoft Corporation)
S3 ZSMC303; C:\Windows\System32\Drivers\usbVM303.sys [391300 2006-02-23] (Vimicro Corporation)
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files\Garena Plus\Room\safedrv.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-04 23:19 - 2015-01-04 23:20 - 00021810 _____ () C:\Users\olive\Downloads\FRST.txt
2015-01-04 23:18 - 2015-01-04 23:18 - 00006425 _____ () C:\Users\olive\Downloads\fixlist.txt
2015-01-04 23:17 - 2015-01-04 23:17 - 01115136 _____ (Farbar) C:\Users\olive\Downloads\FRST.exe
2015-01-04 22:57 - 2015-01-04 23:19 - 00000000 ____D () C:\FRST
2015-01-04 22:52 - 2015-01-04 22:52 - 00000076 _____ () C:\Users\olive\Desktop\virus help.txt
2015-01-04 22:10 - 2015-01-04 23:02 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-01-04 22:07 - 2015-01-04 22:47 - 00000000 ____D () C:\Users\olive\Desktop\mbar
2015-01-04 22:04 - 2015-01-04 22:07 - 16448208 _____ (Malwarebytes Corp.) C:\Users\olive\Downloads\mbar-1.08.2.1001.exe
2015-01-04 21:59 - 2015-01-04 21:59 - 00001122 _____ () C:\Users\olive\Desktop\attach.txt
2015-01-04 21:57 - 2015-01-04 21:57 - 00688992 ____R (Swearware) C:\Users\olive\Downloads\dds.com
2015-01-04 21:50 - 2015-01-04 23:02 - 00007376 _____ () C:\Windows\PFRO.log
2015-01-04 21:07 - 2015-01-04 23:09 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-04 21:06 - 2015-01-04 22:08 - 00079576 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-04 21:06 - 2015-01-04 21:06 - 00001024 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-04 21:06 - 2015-01-04 21:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-04 21:06 - 2015-01-04 21:06 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-01-04 21:06 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-04 21:06 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-04 21:03 - 2015-01-04 22:54 - 00000000 ____D () C:\Users\olive\Desktop\logss
2015-01-04 20:51 - 2015-01-04 21:05 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\olive\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-04 20:16 - 2015-01-04 20:16 - 00144944 _____ () C:\Windows\Minidump\010415-45614-01.dmp
2015-01-04 19:56 - 2015-01-04 22:02 - 00035064 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-01-04 19:56 - 2015-01-04 19:56 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-01-04 19:49 - 2015-01-04 19:55 - 15298136 _____ () C:\Users\olive\Downloads\RogueKiller.exe
2015-01-03 16:44 - 2015-01-03 17:10 - 606244774 _____ () C:\Users\olive\Downloads\Halo.rar
2015-01-03 03:25 - 2015-01-03 03:26 - 21273772 _____ () C:\Users\olive\Downloads\AttackOnTitanTributeGame v11212014b [juupzz-creation].rar
2015-01-03 00:08 - 2015-01-04 23:07 - 00000616 _____ () C:\Windows\setupact.log
2015-01-02 19:19 - 2015-01-02 19:19 - 00000000 ____D () C:\Users\olive\AppData\Roaming\AVG2015
2015-01-02 19:18 - 2015-01-02 19:18 - 00000895 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2015-01-02 19:18 - 2015-01-02 19:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-01-02 19:17 - 2015-01-04 19:07 - 00000000 ____D () C:\ProgramData\AVG2015
2015-01-02 19:09 - 2015-01-02 19:10 - 04578040 _____ (AVG Technologies) C:\Users\olive\Downloads\avg_free_stb_all_2015_5315_ppc12 (1).exe
2015-01-02 18:58 - 2015-01-02 19:36 - 00000000 ____D () C:\Users\olive\AppData\Roaming\Otbiwag
2015-01-02 09:56 - 2015-01-02 09:56 - 00000000 ____D () C:\Users\olive\Downloads\Modern Combat 3 Fallen Nation v1.1.4g apkmania.com
2015-01-02 09:23 - 2015-01-02 09:31 - 90248213 _____ () C:\Users\olive\Downloads\Modern Combat 3 Fallen Nation v1.1.4g apkmania.com.rar
2015-01-02 09:20 - 2015-01-02 09:22 - 00000000 ____D () C:\Users\olive\Downloads\com.gameloft.android.ANMP.GloftM3HM build.1120 apkmania.com
2015-01-02 07:09 - 2015-01-02 07:09 - 00000000 ____D () C:\Users\olive\Downloads\MC5-110k-Data-Obb
2015-01-02 06:39 - 2015-01-02 06:39 - 00000000 ____D () C:\Users\olive\Downloads\Odin3-v1.85
2015-01-02 06:38 - 2015-01-02 06:38 - 00000000 ____D () C:\Users\olive\Downloads\Samsung Galaxy Tab2 7.0 GT- P3100_CF-Auto-Root-espressor_
2015-01-02 06:35 - 2015-01-02 06:37 - 11131427 _____ () C:\Users\olive\Downloads\Samsung Galaxy Tab2 7.0 GT- P3100_CF-Auto-Root-espressor_.rar
2015-01-02 06:34 - 2015-01-02 06:34 - 00121176 _____ (Company V) C:\Users\olive\Downloads\download
2015-01-02 06:22 - 2015-01-02 06:22 - 00000953 _____ () C:\Users\Public\Desktop\Kingo ROOT.lnk
2015-01-02 06:22 - 2015-01-02 06:22 - 00000000 ____D () C:\Users\olive\AppData\Roaming\Kingosoft
2015-01-02 06:22 - 2015-01-02 06:22 - 00000000 ____D () C:\Users\olive\AppData\Local\Kingosoft
2015-01-02 06:22 - 2015-01-02 06:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kingo ROOT
2015-01-02 06:22 - 2015-01-02 06:22 - 00000000 ____D () C:\Program Files\Kingo ROOT
2015-01-02 01:43 - 2015-01-02 01:43 - 00001474 _____ () C:\Users\olive\Downloads\up09253.zip
2015-01-01 11:12 - 2015-01-01 11:30 - 00000000 ____D () C:\Users\olive\Downloads\War Of Ages
2015-01-01 11:10 - 2015-01-01 11:10 - 00054568 _____ () C:\Users\olive\Downloads\[kat.sitescrack.com]war.of.ages.discography.2005.2012.torrent
2015-01-01 11:08 - 2015-01-01 11:08 - 00017811 _____ () C:\Users\olive\Downloads\[kat.sitescrack.com]war.of.ages.discography.includes.2010.release.jonnybeans.torrent
2015-01-01 06:08 - 2015-01-01 06:08 - 00002688 _____ () C:\Users\olive\Downloads\[kickass.so]modern.combat.5.blackout.mc5.1.0.2f.update.cracked.patched.apk.data.obb.android.download.free.torrent
2015-01-01 05:58 - 2015-01-01 06:13 - 00000000 ____D () C:\Users\olive\Downloads\Exiles v2.18 apkmania.com
2015-01-01 05:50 - 2015-01-02 07:09 - 00000000 ____D () C:\Users\olive\Downloads\Modern Combat 5 - Blackout v1.0.2f apkmania.com
2014-12-31 18:55 - 2015-01-02 19:36 - 00000000 ____D () C:\Users\olive\AppData\Roaming\Woqoasri
2014-12-29 19:52 - 2014-12-29 19:52 - 00001211 _____ () C:\Users\Public\Desktop\YTD Video Downloader.lnk
2014-12-29 19:52 - 2014-12-29 19:52 - 00000000 ____D () C:\Program Files\GreenTree Applications
2014-12-29 18:49 - 2015-01-02 19:36 - 00000000 ____D () C:\Users\olive\AppData\Roaming\Cokuveim
2014-12-29 18:06 - 2014-12-29 18:06 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini
2014-12-29 18:06 - 2014-12-29 18:06 - 00000000 ____D () C:\Users\Administrator
2014-12-29 18:06 - 2009-07-14 12:42 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-29 18:06 - 2009-07-14 12:37 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-12-29 02:17 - 2014-12-29 02:17 - 00020681 _____ () C:\Users\olive\Downloads\[ZenSub] Mangaka-san to Assistant-san - OVA (BDRip 1280x720 x264 FLAC).mkv.torrent
2014-12-28 04:39 - 2014-12-28 06:49 - 00000000 ____D () C:\Program Files\Steam
2014-12-28 04:39 - 2014-12-28 05:04 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-12-28 04:39 - 2014-12-28 04:39 - 01142392 _____ () C:\Users\olive\Downloads\SteamSetup.exe
2014-12-28 04:39 - 2014-12-28 04:39 - 01142392 _____ () C:\Users\olive\Downloads\SteamSetup (1).exe
2014-12-28 04:39 - 2014-12-28 04:39 - 00000885 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-12-28 04:39 - 2014-12-28 04:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-12-27 20:33 - 2014-12-27 20:33 - 00000009 _____ () C:\Users\olive\Desktop\stalk.txt
2014-12-27 19:33 - 2015-01-02 19:27 - 00000000 ____D () C:\Users\olive\AppData\Roaming\Aksolai
2014-12-27 18:40 - 2015-01-02 19:36 - 00000000 ____D () C:\Users\olive\AppData\Roaming\Oqtaovi
2014-12-27 03:27 - 2014-12-27 03:27 - 00000000 ____D () C:\Users\olive\Downloads\Halo 2 Activation
2014-12-27 03:26 - 2014-12-27 03:26 - 00168211 _____ () C:\Users\olive\Downloads\Halo 2 Activation.rar
2014-12-27 03:20 - 2014-12-27 03:20 - 00000000 ____D () C:\Users\olive\Downloads\rzr-hal2
2014-12-27 03:19 - 2014-12-27 03:19 - 00003773 ____R () C:\Users\olive\Downloads\rzr-hal2.rar
2014-12-27 03:18 - 2014-12-27 03:18 - 00000559 _____ () C:\Users\olive\Downloads\[kickass.so]halo.2.crack.only.torrent
2014-12-27 03:12 - 2014-12-27 03:12 - 00000000 ____D () C:\Users\olive\AppData\Roaming\Microsoft Game Studios
2014-12-27 02:19 - 2014-12-27 02:19 - 00000000 ____D () C:\Windows\system32\original
2014-12-27 01:47 - 2014-12-27 01:47 - 00000000 ____D () C:\Users\olive\Downloads\[PC] Halo 2 XP + VISTA [RIP] [dopeman]
2014-12-25 11:00 - 2014-12-25 11:00 - 00013554 _____ () C:\Users\olive\Downloads\[kickass.so]pc.halo.2.xp.vista.rip.dopeman.zip.torrent
2014-12-24 04:36 - 2014-12-24 04:44 - 00000000 ____D () C:\Users\olive\Downloads\Cabin Fever (2002)
2014-12-24 04:35 - 2014-12-24 04:35 - 00015852 _____ () C:\Users\olive\Downloads\Cabin_Fever_2002_720p.torrent
2014-12-24 04:31 - 2014-12-24 04:31 - 00015403 _____ () C:\Users\olive\Downloads\The_Signal_2014_1080p_1080p.torrent
2014-12-23 18:34 - 2015-01-04 21:34 - 00000000 ____D () C:\Users\olive\AppData\Local\Owpics
2014-12-23 14:21 - 2014-12-23 14:21 - 00000106 _____ () C:\Users\olive\Desktop\galleon shop location.txt
2014-12-21 17:55 - 2015-01-04 21:33 - 00000000 ____D () C:\Users\olive\AppData\Local\Awrdworks
2014-12-21 14:33 - 2014-12-21 14:33 - 00004286 _____ () C:\Windows\system32\jupdate-1.7.0_71-b14.log
2014-12-21 14:33 - 2014-12-21 14:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-21 14:33 - 2014-09-26 18:42 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-12-21 14:33 - 2014-09-26 18:36 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-12-21 14:33 - 2014-09-26 18:36 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-12-21 14:33 - 2014-09-26 18:35 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-12-17 20:23 - 2014-12-17 20:23 - 00000000 ____D () C:\Users\olive\AppData\Local\Razer_Inc
2014-12-17 20:22 - 2014-12-17 20:22 - 00000000 ____D () C:\Users\olive\Documents\Razer
2014-12-17 20:18 - 2014-12-17 20:18 - 00001956 _____ () C:\Users\Public\Desktop\Razer Cortex.lnk
2014-12-17 20:18 - 2014-12-17 20:18 - 00000000 ____D () C:\Users\olive\AppData\Local\Razer
2014-12-17 20:18 - 2014-12-17 20:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2014-12-17 20:17 - 2014-12-17 20:18 - 00000000 ____D () C:\ProgramData\Razer
2014-12-17 20:17 - 2014-12-17 20:18 - 00000000 ____D () C:\Program Files\Razer
2014-12-17 20:17 - 2014-12-17 20:17 - 00000000 ____D () C:\Users\olive\AppData\Roaming\AVG
2014-12-17 20:17 - 2014-11-01 06:27 - 00020416 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpmgrk.sys
2014-12-17 20:09 - 2009-11-25 11:47 - 01130824 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-12-17 20:09 - 2009-11-25 11:47 - 00297808 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2014-12-17 20:09 - 2009-11-25 11:47 - 00295264 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2014-12-17 20:09 - 2009-11-25 11:47 - 00099176 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2014-12-17 20:09 - 2009-11-25 11:47 - 00049472 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2014-12-17 19:56 - 2015-01-04 19:35 - 00000000 ____D () C:\Users\olive\AppData\Local\Avg2015
2014-12-17 19:56 - 2014-12-17 19:56 - 04578040 _____ (AVG Technologies) C:\Users\olive\Downloads\avg_free_stb_all_2015_5315_ppc12.exe
2014-12-15 18:09 - 2014-12-15 18:09 - 00101072 _____ (GreenTree Applications SRL) C:\Users\olive\Downloads\YTDSetup (1).exe
2014-12-15 17:43 - 2014-12-15 17:43 - 00101072 _____ (GreenTree Applications SRL) C:\Users\olive\Downloads\YTDSetup.exe
2014-12-15 06:11 - 2014-12-15 06:11 - 00000000 ____D () C:\ProgramData\IHProtectUpDate
2014-12-14 05:55 - 2014-12-14 05:56 - 00000000 ____D () C:\Users\olive\Downloads\Big Hero 6 2014 HDCAM NEW SOURCE XviD AC3 ACAB
2014-12-14 05:54 - 2015-01-01 22:38 - 00000761 _____ () C:\Windows\system32\Drivers\etc\hosts.txt
2014-12-14 05:50 - 2014-12-25 10:53 - 00000000 ____D () C:\Program Files\GarenaPBPH
2014-12-14 02:48 - 2014-12-14 05:46 - 1249654704 _____ () C:\PointBlank_GarenaPlus_Install_1034.exe
2014-12-14 02:34 - 2014-12-14 02:40 - 00234768 _____ () C:\Windows\system32\PnkBstrB.xtr
2014-12-14 02:34 - 2014-12-14 02:34 - 00000000 ____D () C:\Users\olive\AppData\Local\PunkBuster
2014-12-14 01:50 - 2014-12-14 02:35 - 00138264 _____ () C:\Windows\system32\Drivers\PnkBstrK.sys
2014-12-14 01:50 - 2014-12-14 02:33 - 00000000 ____D () C:\Users\olive\Documents\Battlefield Play4Free
2014-12-14 01:50 - 2014-12-14 01:50 - 00138056 _____ () C:\Users\olive\AppData\Roaming\PnkBstrK.sys
2014-12-14 01:49 - 2014-12-14 02:40 - 00234768 _____ () C:\Windows\system32\PnkBstrB.exe
2014-12-14 01:49 - 2014-12-14 01:49 - 00075136 _____ () C:\Windows\system32\PnkBstrA.exe
2014-12-14 01:49 - 2014-12-14 01:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games
2014-12-14 00:19 - 2014-12-14 00:40 - 137678830 _____ () C:\Users\olive\Downloads\Big Hero 6.rar
2014-12-08 21:25 - 2014-12-08 21:25 - 00208152 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdriverx.sys
2014-12-05 18:15 - 2014-12-05 18:29 - 18409608 _____ () C:\Users\olive\Downloads\TouchPal X Keyboard apk 5.5.0.3 apkdock.com.zip
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-04 23:20 - 2012-08-15 18:01 - 00000000 ____D () C:\ProgramData\TEMP
2015-01-04 23:19 - 2013-11-18 22:10 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2864508046-1840752021-4048113893-1000UA.job
2015-01-04 23:13 - 2009-07-14 12:34 - 00017136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-04 23:13 - 2009-07-14 12:34 - 00017136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-04 23:11 - 2013-12-27 04:58 - 00000000 ____D () C:\Users\olive\AppData\Roaming\GarenaPlus
2015-01-04 23:11 - 2013-12-27 04:46 - 00000000 ____D () C:\ProgramData\GarenaMessenger
2015-01-04 23:11 - 2012-05-03 00:33 - 02060227 _____ () C:\Windows\WindowsUpdate.log
2015-01-04 23:07 - 2013-08-24 18:28 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-04 23:07 - 2009-07-14 12:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-04 22:54 - 2012-08-15 17:08 - 00000000 ____D () C:\ProgramData\MFAData
2015-01-04 22:49 - 2009-07-14 12:52 - 00000000 ____D () C:\Windows\addins
2015-01-04 22:47 - 2013-08-19 12:02 - 00000000 ____D () C:\Users\olive\Desktop\games
2015-01-04 22:35 - 2013-08-24 18:28 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-04 22:31 - 2012-06-14 01:54 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-04 22:24 - 2012-06-14 02:11 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2864508046-1840752021-4048113893-1000UA.job
2015-01-04 22:24 - 2012-06-14 02:11 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2864508046-1840752021-4048113893-1000Core.job
2015-01-04 21:43 - 2012-08-15 23:06 - 00000000 ____D () C:\Users\olive\AppData\Local\CRE
2015-01-04 21:43 - 2012-05-03 01:33 - 00000000 ____D () C:\Users\olive\AppData\Roaming\vlc
2015-01-04 21:06 - 2012-10-04 19:18 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-04 20:32 - 2013-09-21 02:02 - 00007594 _____ () C:\Users\olive\AppData\Local\resmon.resmoncfg
2015-01-04 20:21 - 2012-06-16 19:56 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-01-04 20:16 - 2014-01-27 06:40 - 00000000 ____D () C:\Windows\Minidump
2015-01-04 19:42 - 2014-05-04 23:58 - 00000000 ____D () C:\AdwCleaner
2015-01-04 19:26 - 2013-12-27 06:42 - 00000000 ____D () C:\Users\olive\Desktop\melancholy
2015-01-04 11:19 - 2013-11-18 22:10 - 00000906 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2864508046-1840752021-4048113893-1000Core.job
2015-01-03 16:16 - 2014-04-17 14:21 - 00000000 ____D () C:\Users\olive\Desktop\d
2015-01-03 16:04 - 2012-05-03 00:45 - 00800548 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-03 06:28 - 2014-06-03 13:54 - 00000000 ____D () C:\Users\olive\AppData\Roaming\uTorrent
2015-01-02 19:52 - 2014-10-06 20:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo II
2015-01-02 19:52 - 2014-08-13 20:02 - 00000000 ____D () C:\Users\olive\Desktop\misc
2015-01-02 19:52 - 2014-04-10 02:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sigma Team
2015-01-02 19:52 - 2013-09-09 00:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Bro
2015-01-02 19:52 - 2013-08-21 12:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Master of Defense
2015-01-02 19:52 - 2012-05-03 01:20 - 00000000 ____D () C:\Users\olive\Desktop\PALARO
2015-01-02 19:52 - 2009-07-14 12:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-02 19:17 - 2012-08-15 17:13 - 00000000 ___HD () C:\$AVG
2015-01-02 19:16 - 2012-08-15 17:12 - 00000000 ____D () C:\Program Files\AVG
2015-01-02 07:16 - 2014-09-09 04:13 - 00000000 ____D () C:\Users\olive\Desktop\com.gameloft.android.ANMP.GloftM5HM apkmania.com
2015-01-01 18:15 - 2014-02-17 11:26 - 00000000 ____D () C:\Users\olive\Desktop\Gravity 2013 1080p WEBDL x264 Pimp4003
2014-12-30 18:17 - 2013-12-27 04:47 - 00000000 ____D () C:\Program Files\Garena Plus
2014-12-30 05:18 - 2013-11-19 21:17 - 00000000 ____D () C:\Users\olive\AppData\Roaming\.minecraft
2014-12-29 19:42 - 2009-07-14 12:53 - 00032612 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-27 02:27 - 2013-08-19 05:00 - 00000000 ____D () C:\Users\olive\Documents\My Games
2014-12-25 10:53 - 2013-12-27 04:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garena
2014-12-24 21:21 - 2009-07-14 10:37 - 00000000 ____D () C:\Windows\rescache
2014-12-21 14:33 - 2013-06-22 15:38 - 00000000 ____D () C:\Program Files\Java
2014-12-18 22:02 - 2009-07-14 10:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-12-17 20:09 - 2012-05-03 01:27 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-12-17 17:29 - 2009-07-14 12:33 - 00412432 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-17 06:06 - 2012-05-03 01:00 - 00108824 _____ () C:\Users\olive\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-15 18:21 - 2013-12-24 21:41 - 00000000 ____D () C:\ProgramData\YTD Video Downloader
2014-12-15 15:17 - 2012-12-20 19:00 - 00000000 ____D () C:\ProgramData\InstallMate
2014-12-15 06:22 - 2009-07-14 10:04 - 00000580 _____ () C:\Windows\win.ini
2014-12-15 06:17 - 2013-12-26 17:47 - 00000983 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-14 06:42 - 2014-08-08 19:10 - 00000000 ____D () C:\Users\olive\AppData\Roaming\CDisplayEx
2014-12-14 02:45 - 2014-05-13 00:32 - 00000000 ____D () C:\Program Files\EA Games
2014-12-14 01:49 - 2009-07-14 10:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-12-13 19:44 - 2014-06-08 22:54 - 00000000 ____D () C:\Dev-Cpp
Some content of TEMP:
====================
C:\Users\olive\AppData\Local\Temp\dllnt_dump.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-04 12:51
==================== End Of Log ============================
- Status
Similar threads
Latest posts
-
Adobe Firefly and Photoshop receive new AI enhancements, hilarity ensues- Daniel Sims replied
-
Microsoft is rolling out new Start menu ads to all Windows 11 users despite backlash- scavengerspc replied