Active Bad image error

[Broni]

Restart computer and re-run Combofix.

 

[jarrow]

I get an error loading iernonce.Dll as soon as it boots up

 

[jarrow]

this comes up

 

[Broni]

Don't worry about any errors at this very moment.
We have a long way to go to bring your computer back to normal.
It's been badly infected.

 

[jarrow]

Combofix says rebooting Windows then appears to crash again. Same thing happens with the combofix window flashing open and closed in starting at the upper left screen then opening and closing down and to the right it's a bblank blue window

 

[Broni]

Leave it alone and update me in 15 minutes if it's still doing it.

 

[jarrow]

It is still doing it

 

[Broni]

Re-read my Combofix instructions starting with:

If, for some reason, Combofix refuses to run, try the following...

Restart in safe mode, run rKill first and then Combofix right away.

 

[jarrow]

leRkill 2.6.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 02/06/2014 10:01:14 PM in x86 mode. (Safe Mode)
Windows Version: Windows Vista (TM) Home Premium Service Pack 2

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* Base Filtering Engine (BFE) is not Running.
Startup Type set to: Automatic

* DHCP Client (Dhcp) is not Running.
Startup Type set to: Automatic

* DNS Client (Dnscache) is not Running.
Startup Type set to: Automatic

* COM+ Event System (EventSystem) is not Running.
Startup Type set to: Automatic

* Windows Firewall (MpsSvc) is not Running.
Startup Type set to: Automatic

* Network Connections (Netman) is not Running.
Startup Type set to: Manual

* Network Store Interface Service (nsi) is not Running.
Startup Type set to: Automatic

* Security Center (wscsvc) is not Running.
Startup Type set to: Automatic (Delayed Start)

* Windows Update (wuauserv) is not Running.
Startup Type set to: Automatic (Delayed Start)

* Windows Update (AFD) is not Running.
Startup Type set to: Automatic (Delayed Start)

* Windows Firewall Authorization Driver (mpsdrv) is not Running.
Startup Type set to: Manual

* NETBT (NetBT) is not Running.
Startup Type set to: System

* NSI proxy service (nsiproxy) is not Running.
Startup Type set to: System

* NetIO Legacy TDI Support Driver (tdx) is not Running.
Startup Type set to: System

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 02/06/2014 10:03:25 PM
Execution time: 0 hours(s), 2 minute(s), and 11 seconds(s)

 

[jarrow]

Combofix still did not run proberly after this . it crashed during reboot nd did not make a report

 

[Broni]

Download TDSSKiller and save it to your desktop.

• Doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
• If an infected file is detected, the default action will be Cure, click on Continue.
• If a suspicious file is detected, the default action will be Skip, click on Continue.
• It may ask you to reboot the computer to complete the process. Click on Reboot Now.
• If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
• If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

 

[jarrow]

23:00:49.0879 0x16e0 TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
23:00:55.0742 0x16e0 ============================================================
23:00:55.0743 0x16e0 Current date / time: 2014/02/06 23:00:55.0742
23:00:55.0743 0x16e0 SystemInfo:
23:00:55.0743 0x16e0
23:00:55.0743 0x16e0 OS Version: 6.0.6002 ServicePack: 2.0
23:00:55.0743 0x16e0 Product type: Workstation
23:00:55.0743 0x16e0 ComputerName: OWNER-PC
23:00:55.0744 0x16e0 UserName: Owner
23:00:55.0744 0x16e0 Windows directory: C:\Windows
23:00:55.0744 0x16e0 System windows directory: C:\Windows
23:00:55.0744 0x16e0 Processor architecture: Intel x86
23:00:55.0744 0x16e0 Number of processors: 2
23:00:55.0744 0x16e0 Page size: 0x1000
23:00:55.0744 0x16e0 Boot type: Normal boot
23:00:55.0744 0x16e0 ============================================================
23:00:56.0158 0x16e0 KLMD registered as C:\Windows\system32\drivers\10062052.sys
23:00:56.0379 0x16e0 System UUID: {D059BAE2-C5B2-D162-2445-62E36CB2D8C2}
23:00:57.0259 0x16e0 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:00:57.0296 0x16e0 ============================================================
23:00:57.0296 0x16e0 \Device\Harddisk0\DR0:
23:00:57.0296 0x16e0 MBR partitions:
23:00:57.0296 0x16e0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
23:00:57.0296 0x16e0 ============================================================
23:00:57.0330 0x16e0 C: <-> \Device\Harddisk0\DR0\Partition1
23:00:57.0331 0x16e0 ============================================================
23:00:57.0331 0x16e0 Initialize success
23:00:57.0331 0x16e0 ============================================================
23:01:11.0677 0x0e98 ============================================================
23:01:11.0677 0x0e98 Scan started
23:01:11.0677 0x0e98 Mode: Manual;
23:01:11.0677 0x0e98 ============================================================
23:01:11.0677 0x0e98 KSN ping started
23:01:13.0202 0x0e98 KSN ping finished: true
23:01:13.0808 0x0e98 ================ Scan system memory ========================
23:01:13.0808 0x0e98 System memory - ok
23:01:13.0810 0x0e98 ================ Scan services =============================
23:01:13.0936 0x0e98 [ 585E64BB6DFBC0A2F1F0B554DED012DF, D1AB49DA951583E8E8154D977A47F4D20911BD4F77A0D5AD1293570426F3F6FA ] 61883 C:\Windows\system32\DRIVERS\61883.sys
23:01:13.0940 0x0e98 61883 - ok
23:01:14.0023 0x0e98 [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI C:\Windows\system32\drivers\acpi.sys
23:01:14.0033 0x0e98 ACPI - ok
23:01:14.0105 0x0e98 [ C8C6C0D659734FDBF63F6F421A5416BC, 11C452D77D0A8A5E430D0D0C9949797FFC03D2E3DADB8FBB9B63EDA868AFF83C ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
23:01:14.0114 0x0e98 AdobeFlashPlayerUpdateSvc - ok
23:01:14.0177 0x0e98 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
23:01:14.0193 0x0e98 adp94xx - ok
23:01:14.0230 0x0e98 [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci C:\Windows\system32\drivers\adpahci.sys
23:01:14.0241 0x0e98 adpahci - ok
23:01:14.0268 0x0e98 [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
23:01:14.0274 0x0e98 adpu160m - ok
23:01:14.0293 0x0e98 [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
23:01:14.0301 0x0e98 adpu320 - ok
23:01:14.0333 0x0e98 [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:01:14.0336 0x0e98 AeLookupSvc - ok
23:01:14.0390 0x0e98 [ 3911B972B55FEA0478476B2E777B29FA, 62545B90C7DD3F73777E62CD8264E611A4D71B6956CABFD2D820D25F41F471FD ] AFD C:\Windows\system32\drivers\afd.sys
23:01:14.0399 0x0e98 AFD - ok
23:01:14.0415 0x0e98 [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440 C:\Windows\system32\drivers\agp440.sys
23:01:14.0419 0x0e98 agp440 - ok
23:01:14.0431 0x0e98 [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
23:01:14.0434 0x0e98 aic78xx - ok
23:01:14.0452 0x0e98 [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG C:\Windows\System32\alg.exe
23:01:14.0461 0x0e98 ALG - ok
23:01:14.0480 0x0e98 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91, 0EADB6AE21FEDAB55D41F41B638198B556CC2BE2EE57F6C8B40EB044A318319F ] aliide C:\Windows\system32\drivers\aliide.sys
23:01:14.0482 0x0e98 aliide - ok
23:01:14.0496 0x0e98 [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp C:\Windows\system32\drivers\amdagp.sys
23:01:14.0500 0x0e98 amdagp - ok
23:01:14.0512 0x0e98 [ 9B78A39A4C173FDBC1321E0DD659B34C, 2CA66EB68AD7A317D91C13B8CFD4E8CA985926A610D19595B613F5553B145C7B ] amdide C:\Windows\system32\drivers\amdide.sys
23:01:14.0515 0x0e98 amdide - ok
23:01:14.0529 0x0e98 [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
23:01:14.0532 0x0e98 AmdK7 - ok
23:01:14.0555 0x0e98 [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
23:01:14.0556 0x0e98 AmdK8 - ok
23:01:14.0607 0x0e98 [ AD8FA28D8ED0D0A689A0559085CE0F18, 75A35973D0CAED504147FC4A78F6EFA755E74EC4A169689F279150769196744A ] AmdLLD C:\Windows\system32\DRIVERS\AmdLLD.sys
23:01:14.0611 0x0e98 AmdLLD - ok
23:01:14.0634 0x0e98 [ C6D704C7F0434DC791AAC37CAC4B6E14, 35CF7D1895F97637E0C678A39F3049B871BCA9526D379C7793ED33B87D2EAC4C ] Appinfo C:\Windows\System32\appinfo.dll
23:01:14.0637 0x0e98 Appinfo - ok
23:01:14.0658 0x0e98 [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc C:\Windows\system32\drivers\arc.sys
23:01:14.0666 0x0e98 arc - ok
23:01:14.0692 0x0e98 [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas C:\Windows\system32\drivers\arcsas.sys
23:01:14.0697 0x0e98 arcsas - ok
23:01:14.0792 0x0e98 [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
23:01:14.0795 0x0e98 aspnet_state - ok
23:01:14.0836 0x0e98 [ 0C0B08847F2F24BAA7BD43D8F2C6C8B0, C13C9B86502F6E1F6C20810A344A9024A915BF5C8B12676FC7EC8E299C8CCC91 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
23:01:14.0838 0x0e98 aswFsBlk - ok
23:01:14.0872 0x0e98 [ EFFC39A1EDF04E83A42279D9DAA696A7, 19BCF4C583AEFD4263411168191E80512C5F554159DAEA0E58EE88F16CE608F7 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
23:01:14.0875 0x0e98 aswMonFlt - ok
23:01:14.0895 0x0e98 [ F385FFD39165453FDA96736AA3EDFD9D, 98AF208B5E688D5A9C4C8B39682A547F2C10B1B271A011DA28851B13AB175D57 ] aswRdr C:\Windows\system32\drivers\aswRdr.sys
23:01:14.0897 0x0e98 aswRdr - ok
23:01:14.0943 0x0e98 [ 45ADEA26BF613A54FED64ECDD12E58A7, B16A2BBC41C07C8A37993AF15BAAF43AB283AC5ED2B508FE1166D6D40CD80807 ] aswSP C:\Windows\system32\drivers\aswSP.sys
23:01:14.0954 0x0e98 aswSP - ok
23:01:14.0990 0x0e98 [ C4EE975C87176F1900662D2874233C7F, 1C25CFB3D4FAFDEB405B6860395E901E2554AE46319A35150D75A855FE8488A2 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
23:01:14.0993 0x0e98 aswTdi - ok
23:01:15.0011 0x0e98 [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:01:15.0014 0x0e98 AsyncMac - ok
23:01:15.0033 0x0e98 [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi C:\Windows\system32\drivers\atapi.sys
23:01:15.0036 0x0e98 atapi - ok
23:01:15.0074 0x0e98 [ F9C24D25D9FF29F894995A64812B4D85, 3430E4EE1F7D185E269AF220C96BCA55143BA7C3A28262240F4D30DD1810A38C ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
23:01:15.0083 0x0e98 atksgt - ok
23:01:15.0123 0x0e98 [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:01:15.0133 0x0e98 AudioEndpointBuilder - ok
23:01:15.0151 0x0e98 [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv C:\Windows\System32\Audiosrv.dll
23:01:15.0164 0x0e98 Audiosrv - ok
23:01:15.0258 0x0e98 [ B2386A8E66891F7CFEC9F5A03F0F1210, 946A7471D1A9A3526F26B8099486CA3307C774D7CC691B7109C4FD09DD46D473 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
23:01:15.0260 0x0e98 avast! Antivirus - ok
23:01:15.0267 0x0e98 [ B2386A8E66891F7CFEC9F5A03F0F1210, 946A7471D1A9A3526F26B8099486CA3307C774D7CC691B7109C4FD09DD46D473 ] avast! Mail Scanner C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
23:01:15.0269 0x0e98 avast! Mail Scanner - ok
23:01:15.0279 0x0e98 [ B2386A8E66891F7CFEC9F5A03F0F1210, 946A7471D1A9A3526F26B8099486CA3307C774D7CC691B7109C4FD09DD46D473 ] avast! Web Scanner C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
23:01:15.0281 0x0e98 avast! Web Scanner - ok
23:01:15.0319 0x0e98 [ F4B56425A00BEB32F5FA6603FF7B0EA2, E91E401053AC9363DE4675879D01B4E0D4054B7AEBBFEE656861170820F53278 ] Avc C:\Windows\system32\DRIVERS\avc.sys
23:01:15.0322 0x0e98 Avc - ok
23:01:15.0351 0x0e98 [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep C:\Windows\system32\drivers\Beep.sys
23:01:15.0353 0x0e98 Beep - ok
23:01:15.0380 0x0e98 [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE C:\Windows\System32\bfe.dll
23:01:15.0392 0x0e98 BFE - ok
23:01:15.0448 0x0e98 [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS C:\Windows\system32\qmgr.dll
23:01:15.0477 0x0e98 BITS - ok
23:01:15.0496 0x0e98 [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
23:01:15.0503 0x0e98 blbdrive - ok
23:01:15.0615 0x0e98 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:01:15.0634 0x0e98 Bonjour Service - ok
23:01:15.0682 0x0e98 [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:01:15.0687 0x0e98 bowser - ok
23:01:15.0735 0x0e98 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
23:01:15.0739 0x0e98 BrFiltLo - ok
23:01:15.0758 0x0e98 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
23:01:15.0761 0x0e98 BrFiltUp - ok
23:01:15.0786 0x0e98 [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser C:\Windows\System32\browser.dll
23:01:15.0792 0x0e98 Browser - ok
23:01:15.0820 0x0e98 [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid C:\Windows\system32\drivers\brserid.sys
23:01:15.0826 0x0e98 Brserid - ok
23:01:15.0860 0x0e98 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
23:01:15.0865 0x0e98 BrSerWdm - ok
23:01:15.0888 0x0e98 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
23:01:15.0892 0x0e98 BrUsbMdm - ok
23:01:15.0914 0x0e98 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
23:01:15.0918 0x0e98 BrUsbSer - ok
23:01:15.0935 0x0e98 [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
23:01:15.0940 0x0e98 BTHMODEM - ok
23:01:15.0966 0x0e98 [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:01:15.0969 0x0e98 cdfs - ok
23:01:16.0015 0x0e98 [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:01:16.0018 0x0e98 cdrom - ok
23:01:16.0027 0x0e98 [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc C:\Windows\System32\certprop.dll
23:01:16.0030 0x0e98 CertPropSvc - ok
23:01:16.0062 0x0e98 [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass C:\Windows\system32\drivers\circlass.sys
23:01:16.0065 0x0e98 circlass - ok
23:01:16.0099 0x0e98 [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS C:\Windows\system32\CLFS.sys
23:01:16.0108 0x0e98 CLFS - ok
23:01:16.0148 0x0e98 [ 8EE772032E2FE80A924F3B8DD5082194, B743DF91563A22CC15D9B44105804B5866A29D3DFC156DBE88DFAFEF903B94C0 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:01:16.0153 0x0e98 clr_optimization_v2.0.50727_32 - ok
23:01:16.0200 0x0e98 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:01:16.0217 0x0e98 clr_optimization_v4.0.30319_32 - ok
23:01:16.0239 0x0e98 [ 0CA25E686A4928484E9FDABD168AB629, C2CB2333CAB40CDF93219870E66700F957188C86A1B1A004BC4652953091E5C5 ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:01:16.0241 0x0e98 cmdide - ok
23:01:16.0256 0x0e98 [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
23:01:16.0259 0x0e98 Compbatt - ok
23:01:16.0277 0x0e98 COMSysApp - ok
23:01:16.0296 0x0e98 [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
23:01:16.0298 0x0e98 crcdisk - ok
23:01:16.0339 0x0e98 [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe C:\Windows\system32\drivers\crusoe.sys
23:01:16.0342 0x0e98 Crusoe - ok
23:01:16.0402 0x0e98 [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:01:16.0407 0x0e98 CryptSvc - ok
23:01:16.0457 0x0e98 [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch C:\Windows\system32\rpcss.dll
23:01:16.0476 0x0e98 DcomLaunch - ok
23:01:16.0524 0x0e98 [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:01:16.0528 0x0e98 DfsC - ok
23:01:16.0643 0x0e98 [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR C:\Windows\system32\DFSR.exe
23:01:16.0739 0x0e98 DFSR - ok
23:01:16.0782 0x0e98 [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp C:\Windows\System32\dhcpcsvc.dll
23:01:16.0789 0x0e98 Dhcp - ok
23:01:16.0803 0x0e98 [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk C:\Windows\system32\drivers\disk.sys
23:01:16.0807 0x0e98 disk - ok
23:01:16.0862 0x0e98 [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:01:16.0866 0x0e98 Dnscache - ok
23:01:16.0921 0x0e98 [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc C:\Windows\System32\dot3svc.dll
23:01:16.0927 0x0e98 dot3svc - ok
23:01:16.0965 0x0e98 [ 4F59C172C094E1A1D46463A8DC061CBD, CE09A4ED1F8BA6242E152C384AFF5C3C95FBB8556DAE23765272F13BF158D8F9 ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
23:01:16.0971 0x0e98 Dot4 - ok
23:01:16.0984 0x0e98 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5, 69BB5B07D03FA9F28591012F2AA4A583D3F086644C136D63A56D1A827121CC19 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
23:01:16.0986 0x0e98 Dot4Print - ok
23:01:17.0009 0x0e98 [ C55004CA6B419B6695970DFE849B122F, 6E0C4A9E24DD09E9389E097AF63E7F5040A0658DDCEBBE963968B7118CFE9AB8 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
23:01:17.0014 0x0e98 dot4usb - ok
23:01:17.0032 0x0e98 [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS C:\Windows\system32\dps.dll
23:01:17.0038 0x0e98 DPS - ok
23:01:17.0069 0x0e98 [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:01:17.0071 0x0e98 drmkaud - ok
23:01:17.0135 0x0e98 [ 687AF6BB383885FF6A64071B189A7F3E, 1C751B8DD27F63E88D0223A8434CED7589AC00EC6275938C59D1B954F0354F78 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
23:01:17.0144 0x0e98 dtsoftbus01 - ok
23:01:17.0232 0x0e98 [ 988670D8343EF9835FB3659DB71B2EFA, 5F5370FDD08C4BFF0828341952E98E95F722CB779EEC08C9DD6212C4DF3CD33B ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:01:17.0256 0x0e98 DXGKrnl - ok
23:01:17.0287 0x0e98 [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
23:01:17.0293 0x0e98 E1G60 - ok
23:01:17.0323 0x0e98 [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost C:\Windows\System32\eapsvc.dll
23:01:17.0327 0x0e98 EapHost - ok
23:01:17.0343 0x0e98 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache C:\Windows\system32\drivers\ecache.sys
23:01:17.0349 0x0e98 Ecache - ok
23:01:17.0490 0x0e98 [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:01:17.0547 0x0e98 ehRecvr - ok
23:01:17.0587 0x0e98 [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched C:\Windows\ehome\ehsched.exe
23:01:17.0599 0x0e98 ehSched - ok
23:01:17.0628 0x0e98 [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart C:\Windows\ehome\ehstart.dll
23:01:17.0630 0x0e98 ehstart - ok
23:01:17.0676 0x0e98 [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor C:\Windows\system32\drivers\elxstor.sys
23:01:17.0687 0x0e98 elxstor - ok
23:01:17.0738 0x0e98 [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
23:01:17.0762 0x0e98 EMDMgmt - ok
23:01:17.0794 0x0e98 [ A81AB23EDDB4693612014D87367D014C, 6AF1B0D3C3A61710A31B11C531E090C363C34A3D7C6365FDFA2B425F03E9EBAB ] ErrDev C:\Windows\system32\drivers\errdev.sys
23:01:17.0796 0x0e98 ErrDev - ok
23:01:17.0844 0x0e98 [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem C:\Windows\system32\es.dll
23:01:17.0854 0x0e98 EventSystem - ok
23:01:17.0916 0x0e98 [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat C:\Windows\system32\drivers\exfat.sys
23:01:17.0924 0x0e98 exfat - ok
23:01:17.0945 0x0e98 [ 1E9B9A70D332103C52995E957DC09EF8, 7E709D545D4025A2E9F3489CF2A231040904CB53E3E4EEAC15A22468FAB2A5B3 ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:01:17.0951 0x0e98 fastfat - ok
23:01:17.0971 0x0e98 [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc C:\Windows\system32\DRIVERS\fdc.sys
23:01:17.0974 0x0e98 fdc - ok
23:01:17.0992 0x0e98 [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost C:\Windows\system32\fdPHost.dll
23:01:17.0996 0x0e98 fdPHost - ok
23:01:18.0018 0x0e98 [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub C:\Windows\system32\fdrespub.dll
23:01:18.0022 0x0e98 FDResPub - ok
23:01:18.0045 0x0e98 [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:01:18.0048 0x0e98 FileInfo - ok
23:01:18.0067 0x0e98 [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:01:18.0070 0x0e98 Filetrace - ok
23:01:18.0089 0x0e98 [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
23:01:18.0092 0x0e98 flpydisk - ok
23:01:18.0112 0x0e98 [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:01:18.0123 0x0e98 FltMgr - ok
23:01:18.0251 0x0e98 [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache C:\Windows\system32\FntCache.dll
23:01:18.0287 0x0e98 FontCache - ok
23:01:18.0378 0x0e98 [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
23:01:18.0402 0x0e98 FontCache3.0.0.0 - ok
23:01:18.0471 0x0e98 [ B0082808A6856A252F7CDD939892CE50, 3A069239629C4F54049A2CFC6642AC5102ECEAA74470BAA9DDB1AB108D1060EE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
23:01:18.0493 0x0e98 fssfltr - ok
23:01:18.0775 0x0e98 [ 28DDEEEC44E988657B732CF404D504CB, 47F83018E5449CDCED3DD447991788EBAAC92C418D4513FBA9408C45E9AB8E7E ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
23:01:18.0824 0x0e98 fsssvc - ok
23:01:18.0858 0x0e98 [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:01:18.0861 0x0e98 Fs_Rec - ok
23:01:18.0892 0x0e98 [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
23:01:18.0895 0x0e98 gagp30kx - ok
23:01:18.0944 0x0e98 [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:01:18.0948 0x0e98 GEARAspiWDM - ok
23:01:18.0997 0x0e98 [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc C:\Windows\System32\gpsvc.dll
23:01:19.0018 0x0e98 gpsvc - ok
23:01:19.0143 0x0e98 [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
23:01:19.0159 0x0e98 gupdate - ok
23:01:19.0168 0x0e98 [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
23:01:19.0176 0x0e98 gupdatem - ok
23:01:19.0287 0x0e98 [ 3F90E001369A07243763BD5A523D8722, 25907F85787D879E75C3FE74C93567382AFB2D528BEEC61D71E3A6BE2D71DFBE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:01:19.0306 0x0e98 HdAudAddService - ok
23:01:19.0450 0x0e98 [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
23:01:19.0472 0x0e98 HDAudBus - ok
23:01:19.0504 0x0e98 [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth C:\Windows\system32\drivers\hidbth.sys
23:01:19.0522 0x0e98 HidBth - ok
23:01:19.0559 0x0e98 [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr C:\Windows\system32\drivers\hidir.sys
23:01:19.0562 0x0e98 HidIr - ok
23:01:19.0584 0x0e98 [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv C:\Windows\System32\hidserv.dll
23:01:19.0588 0x0e98 hidserv - ok
23:01:19.0608 0x0e98 [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
23:01:19.0610 0x0e98 HidUsb - ok
23:01:19.0640 0x0e98 [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc C:\Windows\system32\kmsvc.dll
23:01:19.0644 0x0e98 hkmsvc - ok
23:01:19.0658 0x0e98 [ 7EBEC5EB56B90ED65A8BBD91464E5CFB, 1CBDF532EFFFD564F79A45B2204BF02D9E6AC390796928DBE6DE9AF73E20C4B3 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
23:01:19.0662 0x0e98 HpCISSs - ok
23:01:19.0716 0x0e98 [ 58D4765AB87347DB835D5693ADF652C1, C82C844C29AC9041BEE7D02FB846AA9BC17D7DF0D8295AE31A485CC44B0CC7D7 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
23:01:19.0725 0x0e98 hpqcxs08 - ok
23:01:19.0746 0x0e98 [ 99ED733F614660EB32199BF889DFB7E2, E96CD3DB09639DB9685AF20915BE9097E270D331A2516FA2929B4E2251B2FA61 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
23:01:19.0757 0x0e98 hpqddsvc - ok
23:01:19.0886 0x0e98 [ 88749FBF8BEB18C90E7D6626C8C1910B, 8CCCCF75EE8D7C8F052DE48DCE7099BFA9D29E9D94E9EEB8C84F0EEE73CC2EDD ] HSF_DP C:\Windows\system32\DRIVERS\HSX_DP.sys
23:01:19.0924 0x0e98 HSF_DP - ok
23:01:19.0991 0x0e98 [ FE440536BD98AF772130DC3A6FE1915F, F890A4336E6BC11A5D0A7D49CFD0626FFC2131E81260AE3E2501BCD29434C131 ] HSXHWBS2 C:\Windows\system32\DRIVERS\HSXHWBS2.sys
23:01:20.0008 0x0e98 HSXHWBS2 - ok
23:01:20.0053 0x0e98 [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:01:20.0069 0x0e98 HTTP - ok
23:01:20.0102 0x0e98 [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
23:01:20.0105 0x0e98 i2omp - ok
23:01:20.0126 0x0e98 [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
23:01:20.0132 0x0e98 i8042prt - ok
23:01:20.0161 0x0e98 [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
23:01:20.0174 0x0e98 iaStorV - ok
23:01:20.0250 0x0e98 [ 98477B08E61945F974ED9FDC4CB6BDAB, C7E8F661F6FBF6AB493E950D2E70363496E155B1838CE7B490B981BD840B04FC ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:01:20.0295 0x0e98 idsvc - ok
23:01:20.0335 0x0e98 [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp C:\Windows\system32\drivers\iirsp.sys
23:01:20.0339 0x0e98 iirsp - ok
23:01:20.0428 0x0e98 [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT C:\Windows\System32\ikeext.dll
23:01:20.0446 0x0e98 IKEEXT - ok
23:01:20.0592 0x0e98 [ 84ED2154239F9D013BBD3220755ADA8B, 36A1B03DCFD8BFC7905425DF54EAAC9E6B2ACF3A5A0EF1A3EF608938DA63D42C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
23:01:20.0706 0x0e98 IntcAzAudAddService - ok
23:01:20.0744 0x0e98 [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide C:\Windows\system32\drivers\intelide.sys
23:01:20.0747 0x0e98 intelide - ok
23:01:20.0764 0x0e98 [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:01:20.0767 0x0e98 intelppm - ok
23:01:20.0800 0x0e98 [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:01:20.0806 0x0e98 IPBusEnum - ok
23:01:20.0820 0x0e98 [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:01:20.0824 0x0e98 IpFilterDriver - ok
23:01:20.0862 0x0e98 [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
23:01:20.0871 0x0e98 iphlpsvc - ok
23:01:20.0884 0x0e98 IpInIp - ok
23:01:20.0906 0x0e98 [ 4B9C0F4D4A3ACC535F9771039ECD6365, C150DB53288BFC30B9CE8C061A5FF3AFCB4D6FFCB76CB4E6966191BB7B2E99EE ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
23:01:20.0910 0x0e98 IPMIDRV - ok
23:01:20.0926 0x0e98 [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
23:01:20.0932 0x0e98 IPNAT - ok
23:01:20.0952 0x0e98 [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:01:20.0955 0x0e98 IRENUM - ok
23:01:20.0987 0x0e98 [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:01:20.0990 0x0e98 isapnp - ok
23:01:21.0013 0x0e98 [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
23:01:21.0021 0x0e98 iScsiPrt - ok
23:01:21.0064 0x0e98 [ 96F2F5884D02535E2D4DFC849836F4A6, 115FE0D6C3492CA92E774FC255747701526DFE8BE9FAC01266241CE5053274DB ] ISODisk C:\Windows\system32\drivers\ISODisk.sys
23:01:21.0067 0x0e98 ISODisk - ok
23:01:21.0084 0x0e98 [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
23:01:21.0088 0x0e98 iteatapi - ok
23:01:21.0099 0x0e98 [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid C:\Windows\system32\drivers\iteraid.sys
23:01:21.0103 0x0e98 iteraid - ok
23:01:21.0122 0x0e98 [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
23:01:21.0125 0x0e98 kbdclass - ok
23:01:21.0143 0x0e98 [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
23:01:21.0146 0x0e98 kbdhid - ok
23:01:21.0175 0x0e98 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso C:\Windows\system32\lsass.exe
23:01:21.0179 0x0e98 KeyIso - ok
23:01:21.0253 0x0e98 [ 4A1445EFA932A3BAF5BDB02D7131EE20, 9DD262ED72DF268FE024063788F54124E320D0775D8DC0C5CAD099CD5F655DA2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:01:21.0270 0x0e98 KSecDD - ok
23:01:21.0317 0x0e98 [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm C:\Windows\system32\msdtckrm.dll
23:01:21.0335 0x0e98 KtmRm - ok
23:01:21.0399 0x0e98 [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer C:\Windows\System32\srvsvc.dll
23:01:21.0406 0x0e98 LanmanServer - ok
23:01:21.0433 0x0e98 [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:01:21.0441 0x0e98 LanmanWorkstation - ok
23:01:21.0477 0x0e98 [ 83D8BE94E1CBCBE2EA8372DB1A95A159, 28D18C7B93EFB6C83023D39A54489DDE98DE578AFCC06DD0712D00DE7CD48968 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
23:01:21.0479 0x0e98 LightScribeService - ok
23:01:21.0500 0x0e98 [ 8CCF9ED46D52AF1375875F74A91FFACF, 43A38AE17D054C88176C7F1527CAA0D45AB0AC429C1C0440D9F2DECE0F90C058 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
23:01:21.0503 0x0e98 lirsgt - ok
23:01:21.0526 0x0e98 [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:01:21.0529 0x0e98 lltdio - ok
23:01:21.0565 0x0e98 [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:01:21.0572 0x0e98 lltdsvc - ok
23:01:21.0593 0x0e98 [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts C:\Windows\System32\lmhsvc.dll
23:01:21.0596 0x0e98 lmhosts - ok
23:01:21.0613 0x0e98 [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
23:01:21.0617 0x0e98 LSI_FC - ok
23:01:21.0635 0x0e98 [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
23:01:21.0641 0x0e98 LSI_SAS - ok
23:01:21.0653 0x0e98 [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
23:01:21.0658 0x0e98 LSI_SCSI - ok
23:01:21.0671 0x0e98 [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv C:\Windows\system32\drivers\luafv.sys
23:01:21.0675 0x0e98 luafv - ok
23:01:21.0694 0x0e98 [ 1A7DB7A00A4B0D8DA24CD691A4547291, 604E29E827841EA06313172D9063FD946CE592BF844CEA8D10173CAA397704F8 ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2Mon.sys
23:01:21.0696 0x0e98 LVPr2Mon - ok
23:01:21.0732 0x0e98 [ 0DDFDCAA92C7F553328DB06BA599BEA9, DB779E38B1CF1CAD69193857043F8ED8BBEB603E97363CD798F6699431D94A41 ] LVPrcSrv C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
23:01:21.0735 0x0e98 LVPrcSrv - ok
23:01:21.0767 0x0e98 [ 4470E3C1E0C3378E4CAB137893C12C3A, CA8E66356F0E671D5454E561E7EAD74DE25DCF53BE452369F96ECACFA8709489 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
23:01:21.0769 0x0e98 MBAMProtector - ok
23:01:21.0820 0x0e98 [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
23:01:21.0838 0x0e98 MBAMScheduler - ok
23:01:21.0895 0x0e98 [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
23:01:21.0913 0x0e98 MBAMService - ok
23:01:21.0957 0x0e98 [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:01:21.0966 0x0e98 Mcx2Svc - ok
23:01:22.0003 0x0e98 [ 0CEA2D0D3FA284B85ED5B68365114F76, E6FF0EC98FDC3F628438B613C356C237E68686E3B5B17A58A60C16F4B9A2B968 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
23:01:22.0007 0x0e98 mdmxsdk - ok
23:01:22.0034 0x0e98 [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas C:\Windows\system32\drivers\megasas.sys
23:01:22.0037 0x0e98 megasas - ok
23:01:22.0066 0x0e98 [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR C:\Windows\system32\drivers\megasr.sys
23:01:22.0078 0x0e98 MegaSR - ok
23:01:22.0108 0x0e98 [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS C:\Windows\system32\mmcss.dll
23:01:22.0111 0x0e98 MMCSS - ok
23:01:22.0124 0x0e98 [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem C:\Windows\system32\drivers\modem.sys
23:01:22.0125 0x0e98 Modem - ok
23:01:22.0146 0x0e98 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:01:22.0148 0x0e98 monitor - ok
23:01:22.0166 0x0e98 [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:01:22.0175 0x0e98 mouclass - ok
23:01:22.0187 0x0e98 [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:01:22.0190 0x0e98 mouhid - ok
23:01:22.0208 0x0e98 [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
23:01:22.0214 0x0e98 MountMgr - ok
23:01:22.0255 0x0e98 [ 7EDBBB9351A38C6BB0FE98CFD44DB430, FF77429D7FF3429AD15FD29B4F0F1CF1DA66F69651BCA9525889EDD47AB0306D ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
23:01:22.0261 0x0e98 MozillaMaintenance - ok
23:01:22.0325 0x0e98 [ E77DC03DD3C8E5A388BF9EED2A28F3D1, ED0DAA975D1EC35CE036F02596218E15CC6A054167628D12A0A5AD91B841F422 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
23:01:22.0332 0x0e98 MpFilter - ok
23:01:22.0355 0x0e98 [ 5DA347912FD3AF24D7BFB3DE519D4BD0, 4115406BAD580D9B4BF9589711D76B61CF516959E467BFA4456CE78017F89FCB ] mpio C:\Windows\system32\drivers\mpio.sys
23:01:22.0361 0x0e98 mpio - ok
23:01:22.0378 0x0e98 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:01:22.0384 0x0e98 mpsdrv - ok
23:01:22.0435 0x0e98 [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc C:\Windows\system32\mpssvc.dll
23:01:22.0451 0x0e98 MpsSvc - ok
23:01:22.0502 0x0e98 [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
23:01:22.0505 0x0e98 Mraid35x - ok
23:01:22.0524 0x0e98 [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:01:22.0529 0x0e98 MRxDAV - ok
23:01:22.0562 0x0e98 [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:01:22.0567 0x0e98 mrxsmb - ok
23:01:22.0610 0x0e98 [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:01:22.0618 0x0e98 mrxsmb10 - ok
23:01:22.0639 0x0e98 [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:01:22.0643 0x0e98 mrxsmb20 - ok
23:01:22.0662 0x0e98 [ 5457DCFA7C0DA43522F4D9D4049C1472, C8B0FD8F96E4FC5CB4B74D5968E808F44B4371F0A797B1D368E6A6080CB862FD ] msahci C:\Windows\system32\drivers\msahci.sys
23:01:22.0664 0x0e98 msahci - ok
23:01:22.0695 0x0e98 [ 2C563AEF15B8D0014C36C5F27742AC7B, 378BA92A1C7E3B0DEBD7B4C28EDF9E5461313D66985B40EFB075DD6169936494 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:01:22.0702 0x0e98 msdsm - ok
23:01:22.0732 0x0e98 [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC C:\Windows\System32\msdtc.exe
23:01:22.0741 0x0e98 MSDTC - ok
23:01:22.0818 0x0e98 [ 343291A4DFD7C923C3F71F550830EC1C, E62DEEE0ECA76DD276FA27B02F91EA1A5314BDE1EA0F919FA89238A7662B8CA5 ] MSDV C:\Windows\system32\DRIVERS\msdv.sys
23:01:22.0822 0x0e98 MSDV - ok
23:01:22.0842 0x0e98 [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:01:22.0846 0x0e98 Msfs - ok
23:01:22.0875 0x0e98 [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:01:22.0879 0x0e98 msisadrv - ok
23:01:22.0925 0x0e98 [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:01:22.0932 0x0e98 MSiSCSI - ok
23:01:22.0950 0x0e98 msiserver - ok
23:01:22.0983 0x0e98 [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:01:22.0986 0x0e98 MSKSSRV - ok
23:01:23.0051 0x0e98 [ B0F49DA36F30922F5DDC3B623B778FCE, EE025AEFA4A2095AFEABFB3A49639DA77D78068A3F5EEDA6C15D34853AFD5609 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
23:01:23.0052 0x0e98 MsMpSvc - ok
23:01:23.0093 0x0e98 [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:01:23.0095 0x0e98 MSPCLOCK - ok
23:01:23.0109 0x0e98 [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:01:23.0111 0x0e98 MSPQM - ok
23:01:23.0136 0x0e98 [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:01:23.0143 0x0e98 MsRPC - ok
23:01:23.0160 0x0e98 [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
23:01:23.0162 0x0e98 mssmbios - ok
23:01:23.0185 0x0e98 [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:01:23.0187 0x0e98 MSTEE - ok
23:01:23.0198 0x0e98 [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup C:\Windows\system32\Drivers\mup.sys
23:01:23.0202 0x0e98 Mup - ok
23:01:23.0244 0x0e98 [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent C:\Windows\system32\qagentRT.dll
23:01:23.0261 0x0e98 napagent - ok
23:01:23.0281 0x0e98 [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:01:23.0287 0x0e98 NativeWifiP - ok
23:01:23.0313 0x0e98 [ 1357274D1883F68300AEADD15D7BBB42,

 

[jarrow]

EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS C:\Windows\system32\drivers\ndis.sys
23:01:23.0346 0x0e98 NDIS - ok
23:01:23.0358 0x0e98 [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:01:23.0360 0x0e98 NdisTapi - ok
23:01:23.0371 0x0e98 [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:01:23.0374 0x0e98 Ndisuio - ok
23:01:23.0391 0x0e98 [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:01:23.0396 0x0e98 NdisWan - ok
23:01:23.0407 0x0e98 [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:01:23.0411 0x0e98 NDProxy - ok
23:01:23.0427 0x0e98 [ A081CB6FB9A12668F233EB5414BE3A0E, EE2A1311B51D1FEBAF79F45E568A927D8EA7704AFC8495AED2D26927566F61E3 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
23:01:23.0429 0x0e98 Net Driver HPZ12 - ok
23:01:23.0448 0x0e98 [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:01:23.0451 0x0e98 NetBIOS - ok
23:01:23.0476 0x0e98 [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt C:\Windows\system32\DRIVERS\netbt.sys
23:01:23.0482 0x0e98 netbt - ok
23:01:23.0491 0x0e98 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon C:\Windows\system32\lsass.exe
23:01:23.0494 0x0e98 Netlogon - ok
23:01:23.0549 0x0e98 [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman C:\Windows\System32\netman.dll
23:01:23.0562 0x0e98 Netman - ok
23:01:23.0616 0x0e98 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:01:23.0648 0x0e98 NetMsmqActivator - ok
23:01:23.0658 0x0e98 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:01:23.0662 0x0e98 NetPipeActivator - ok
23:01:23.0716 0x0e98 [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm C:\Windows\System32\netprofm.dll
23:01:23.0726 0x0e98 netprofm - ok
23:01:23.0739 0x0e98 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:01:23.0743 0x0e98 NetTcpActivator - ok
23:01:23.0760 0x0e98 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:01:23.0764 0x0e98 NetTcpPortSharing - ok
23:01:23.0796 0x0e98 [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
23:01:23.0799 0x0e98 nfrd960 - ok
23:01:23.0854 0x0e98 [ 32FF06EC6D946EF791D98D6C838A3090, 319BDD491CB22D0CCCCE76A2854CF469D7AF046289F9C56CD03AE3D3CBC0275E ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
23:01:23.0859 0x0e98 NisDrv - ok
23:01:23.0885 0x0e98 [ 42D33042371BFB1A7D40834590CAFD30, 53DA3618EC10293B2DF686E291A4EF6ACBBD41D116EC762D54106D201A784E87 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
23:01:23.0897 0x0e98 NisSrv - ok
23:01:23.0925 0x0e98 [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc C:\Windows\System32\nlasvc.dll
23:01:23.0934 0x0e98 NlaSvc - ok
23:01:23.0975 0x0e98 [ FD306FBCCE7ADB1077B709742E7148E9, B1D4704F27B09F8EBF2DF55EDDC003E6480643CBB1806B0487DF1535BE374CF1 ] NMSAccessU C:\Program Files\CDBurnerXP\NMSAccessU.exe
23:01:23.0977 0x0e98 NMSAccessU - ok
23:01:24.0006 0x0e98 Norton PC Checkup Application Launcher - ok
23:01:24.0031 0x0e98 [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:01:24.0034 0x0e98 Npfs - ok
23:01:24.0053 0x0e98 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi C:\Windows\system32\nsisvc.dll
23:01:24.0057 0x0e98 nsi - ok
23:01:24.0074 0x0e98 [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:01:24.0076 0x0e98 nsiproxy - ok
23:01:24.0162 0x0e98 [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:01:24.0196 0x0e98 Ntfs - ok
23:01:24.0220 0x0e98 [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
23:01:24.0222 0x0e98 ntrigdigi - ok
23:01:24.0233 0x0e98 [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null C:\Windows\system32\drivers\Null.sys
23:01:24.0235 0x0e98 Null - ok
23:01:24.0289 0x0e98 [ D958A2B5F6AD5C3B8CCDC4D7DA62466C, 574DC2C4C1C46E3B6F53E0A14E0595493E73EEE03EA1FF9DD1D3266B414B9941 ] NVENETFD C:\Windows\system32\DRIVERS\nvmfdx32.sys
23:01:24.0331 0x0e98 NVENETFD - ok
23:01:24.0721 0x0e98 [ 0A1B502CBC8230DA74BEFBAADDB58916, 14BDE0A5829D1CC7E93B60676243DD0641D5FA08CE46936450CD3A67F94EA560 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:01:25.0069 0x0e98 nvlddmkm - ok
23:01:25.0143 0x0e98 [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:01:25.0147 0x0e98 nvraid - ok
23:01:25.0165 0x0e98 [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:01:25.0172 0x0e98 nvstor - ok
23:01:25.0200 0x0e98 [ 7EBA6C9A0A295B1559EFB9062E701218, AB890B1CE155ABA6E633B9A4D422BFF42322D1CB067C237A926F36C8A5ADC8A2 ] nvstor32 C:\Windows\system32\DRIVERS\nvstor32.sys
23:01:25.0203 0x0e98 nvstor32 - ok
23:01:25.0276 0x0e98 [ E4284FCF99FEA13A7E1836F87AE356F6, 541C40DD3483810632320E8F23427BB52593D156E876C6023BE7F7A8589383E8 ] nvsvc C:\Windows\system32\nvvsvc.exe
23:01:25.0301 0x0e98 nvsvc - ok
23:01:25.0406 0x0e98 [ 03E60E0BFA53ED15DC984FA34B44BB0F, 50ABF2E303B9A2B6DDD0DB411C24C3CD6CC30AFA664B5682CF9189F96548CC10 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
23:01:25.0489 0x0e98 nvUpdatusService - ok
23:01:25.0515 0x0e98 [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
23:01:25.0519 0x0e98 nv_agp - ok
23:01:25.0528 0x0e98 NwlnkFlt - ok
23:01:25.0536 0x0e98 NwlnkFwd - ok
23:01:25.0609 0x0e98 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:01:25.0622 0x0e98 odserv - ok
23:01:25.0648 0x0e98 [ 6F310E890D46E246E0E261A63D9B36B4, 7050B0C43CC0DF2DDAD3EB8D2FF9EEE425A627C68654CBB154D55A4B1A47AA08 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
23:01:25.0650 0x0e98 ohci1394 - ok
23:01:25.0682 0x0e98 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:01:25.0691 0x0e98 ose - ok
23:01:25.0746 0x0e98 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc C:\Windows\system32\p2psvc.dll
23:01:25.0767 0x0e98 p2pimsvc - ok
23:01:25.0792 0x0e98 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc C:\Windows\system32\p2psvc.dll
23:01:25.0813 0x0e98 p2psvc - ok
23:01:25.0847 0x0e98 [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport C:\Windows\system32\drivers\parport.sys
23:01:25.0850 0x0e98 Parport - ok
23:01:25.0899 0x0e98 [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:01:25.0902 0x0e98 partmgr - ok
23:01:25.0921 0x0e98 [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
23:01:25.0924 0x0e98 Parvdm - ok
23:01:25.0946 0x0e98 [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc C:\Windows\System32\pcasvc.dll
23:01:25.0951 0x0e98 PcaSvc - ok
23:01:26.0012 0x0e98 [ 2F86BE1818C2D7AC90478E3323EE7FCB, CE721FCFFDC9D24483DEB6BB77DAFEBE79BA143CA2EE68BF28E2A9297AADB2D4 ] PCCUJobMgr C:\Program Files\Norton PC Checkup\Engine\2.0.18.5\ccSvcHst.exe
23:01:26.0017 0x0e98 PCCUJobMgr - ok
23:01:26.0038 0x0e98 [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci C:\Windows\system32\drivers\pci.sys
23:01:26.0043 0x0e98 pci - ok
23:01:26.0059 0x0e98 [ 1636D43F10416AEB483BC6001097B26C, 36E61A993693A46538FE0F726D67BB28886F61D53384AD600D1282296A27662E ] pciide C:\Windows\system32\drivers\pciide.sys
23:01:26.0062 0x0e98 pciide - ok
23:01:26.0091 0x0e98 [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
23:01:26.0099 0x0e98 pcmcia - ok
23:01:26.0128 0x0e98 [ 5B6C11DE7E839C05248CED8825470FEF, DB57DFD02C18461B1B383DF759730FFEE9C7FA8577E1679FD4740A590303EE79 ] pcouffin C:\Windows\system32\Drivers\pcouffin.sys
23:01:26.0132 0x0e98 pcouffin - ok
23:01:26.0184 0x0e98 [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:01:26.0211 0x0e98 PEAUTH - ok
23:01:26.0422 0x0e98 [ F042EE4C8D66248D9B86DCF52ABAE416, AE0F5CC54E4B133DF66A54572A7CE52FAFF11F8FD0CAEAB088AAD3699D6EC924 ] PEVSystemStart C:\jarrow_seymour557j\pev.3XE
23:01:26.0455 0x0e98 PEVSystemStart - ok
23:01:26.0595 0x0e98 [ DD184D9ADFE2A8A21741DBDFE9E22F5C, 0C22966973246248FD15A6C192AA1B731D018B4FDF1BD97FE9AA67A746C9440C ] PID_PEPI C:\Windows\system32\DRIVERS\LV302V32.SYS
23:01:26.0716 0x0e98 PID_PEPI - ok
23:01:26.0842 0x0e98 [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla C:\Windows\system32\pla.dll
23:01:26.0906 0x0e98 pla - ok
23:01:26.0929 0x0e98 [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:01:26.0939 0x0e98 PlugPlay - ok
23:01:26.0958 0x0e98 [ 65BC271F337637731D3C71455AE1F476, DAD32B61FE0147F8D2DA4C8F016920CD6BB2098F16E3CC2768009763E71DEFBC ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
23:01:26.0962 0x0e98 Pml Driver HPZ12 - ok
23:01:27.0013 0x0e98 [ 3A2BDD76E7D2A5F40A7174793D1BA794, 029EE2C2F71AEC7906600EEC4F855DC5648C1ECF53F11426079B04591F24D067 ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
23:01:27.0018 0x0e98 PnkBstrA - ok
23:01:27.0058 0x0e98 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
23:01:27.0075 0x0e98 PNRPAutoReg - ok
23:01:27.0101 0x0e98 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc C:\Windows\system32\p2psvc.dll
23:01:27.0118 0x0e98 PNRPsvc - ok
23:01:27.0153 0x0e98 [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:01:27.0165 0x0e98 PolicyAgent - ok
23:01:27.0205 0x0e98 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:01:27.0208 0x0e98 PptpMiniport - ok
23:01:27.0242 0x0e98 [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor C:\Windows\system32\drivers\processr.sys
23:01:27.0245 0x0e98 Processor - ok
23:01:27.0283 0x0e98 [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc C:\Windows\system32\profsvc.dll
23:01:27.0292 0x0e98 ProfSvc - ok
23:01:27.0306 0x0e98 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
23:01:27.0309 0x0e98 ProtectedStorage - ok
23:01:27.0323 0x0e98 [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
23:01:27.0326 0x0e98 PSched - ok
23:01:27.0396 0x0e98 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300 C:\Windows\system32\drivers\ql2300.sys
23:01:27.0442 0x0e98 ql2300 - ok
23:01:27.0468 0x0e98 [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
23:01:27.0474 0x0e98 ql40xx - ok
23:01:27.0521 0x0e98 [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE C:\Windows\system32\qwave.dll
23:01:27.0533 0x0e98 QWAVE - ok
23:01:27.0588 0x0e98 [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:01:27.0590 0x0e98 QWAVEdrv - ok
23:01:27.0624 0x0e98 [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:01:27.0626 0x0e98 RasAcd - ok
23:01:27.0680 0x0e98 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto C:\Windows\System32\rasauto.dll
23:01:27.0690 0x0e98 RasAuto - ok
23:01:27.0725 0x0e98 [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:01:27.0732 0x0e98 Rasl2tp - ok
23:01:27.0757 0x0e98 [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan C:\Windows\System32\rasmans.dll
23:01:27.0771 0x0e98 RasMan - ok
23:01:27.0788 0x0e98 [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:01:27.0791 0x0e98 RasPppoe - ok
23:01:27.0805 0x0e98 [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:01:27.0809 0x0e98 RasSstp - ok
23:01:27.0840 0x0e98 [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:01:27.0848 0x0e98 rdbss - ok
23:01:27.0872 0x0e98 [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:01:27.0874 0x0e98 RDPCDD - ok
23:01:27.0919 0x0e98 [ 943B18305EAE3935598A9B4A3D560B4C, E083FA4B9CA1A24031FF23A54942372D7FB3F02F62EE3580F01BEC3229DB2101 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
23:01:27.0929 0x0e98 rdpdr - ok
23:01:27.0953 0x0e98 [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:01:27.0955 0x0e98 RDPENCDD - ok
23:01:28.0020 0x0e98 [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:01:28.0027 0x0e98 RDPWD - ok
23:01:28.0114 0x0e98 [ 89525CC2DBAD44F7199B9CC188B3F9C5, 09708EFA65BC1CCF92E6F2E143FCF88C645B1633AFE0DED833CDF945CB077D8C ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
23:01:28.0116 0x0e98 RealNetworks Downloader Resolver Service - ok
23:01:28.0143 0x0e98 [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess C:\Windows\System32\mprdim.dll
23:01:28.0149 0x0e98 RemoteAccess - ok
23:01:28.0176 0x0e98 [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:01:28.0186 0x0e98 RemoteRegistry - ok
23:01:28.0213 0x0e98 [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator C:\Windows\system32\locator.exe
23:01:28.0217 0x0e98 RpcLocator - ok
23:01:28.0289 0x0e98 [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs C:\Windows\system32\rpcss.dll
23:01:28.0310 0x0e98 RpcSs - ok
23:01:28.0370 0x0e98 [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:01:28.0374 0x0e98 rspndr - ok
23:01:28.0387 0x0e98 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs C:\Windows\system32\lsass.exe
23:01:28.0390 0x0e98 SamSs - ok
23:01:28.0442 0x0e98 [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
23:01:28.0448 0x0e98 sbp2port - ok
23:01:28.0488 0x0e98 [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:01:28.0495 0x0e98 SCardSvr - ok
23:01:28.0743 0x0e98 [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule C:\Windows\system32\schedsvc.dll
23:01:28.0792 0x0e98 Schedule - ok
23:01:28.0843 0x0e98 [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc C:\Windows\System32\certprop.dll
23:01:28.0846 0x0e98 SCPolicySvc - ok
23:01:28.0869 0x0e98 [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:01:28.0877 0x0e98 SDRSVC - ok
23:01:28.0956 0x0e98 [ 16A252022535B680046F6E34E136D378, 31BCDAA742FDEC9E062C61E78D9E72A7ACBF77D5FEEE76933D0D378787F88E53 ] SeaPort C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
23:01:28.0967 0x0e98 SeaPort - ok
23:01:29.0002 0x0e98 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:01:29.0005 0x0e98 secdrv - ok
23:01:29.0025 0x0e98 [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon C:\Windows\system32\seclogon.dll
23:01:29.0030 0x0e98 seclogon - ok
23:01:29.0057 0x0e98 [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS C:\Windows\system32\sens.dll
23:01:29.0063 0x0e98 SENS - ok
23:01:29.0081 0x0e98 [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum C:\Windows\system32\drivers\serenum.sys
23:01:29.0084 0x0e98 Serenum - ok
23:01:29.0107 0x0e98 [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial C:\Windows\system32\drivers\serial.sys
23:01:29.0112 0x0e98 Serial - ok
23:01:29.0133 0x0e98 [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse C:\Windows\system32\drivers\sermouse.sys
23:01:29.0136 0x0e98 sermouse - ok
23:01:29.0184 0x0e98 [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv C:\Windows\system32\sessenv.dll
23:01:29.0192 0x0e98 SessionEnv - ok
23:01:29.0212 0x0e98 [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
23:01:29.0215 0x0e98 sffdisk - ok
23:01:29.0243 0x0e98 [ E5EAFE85815BD89095FEF3144A09AB68, 625A3D73380AA3C1BAACA1ED7382B30DA4E435418DF5AEF911C473ADB220789B ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
23:01:29.0245 0x0e98 sffp_mmc - ok
23:01:29.0259 0x0e98 [ 9F66A46C55D6F1CCABC79BB7AFCCC545, 029115C69315D2298F7FC944A53EF7F120FF74919208EB5ABC190022176D9B16 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
23:01:29.0261 0x0e98 sffp_sd - ok
23:01:29.0279 0x0e98 [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
23:01:29.0282 0x0e98 sfloppy - ok
23:01:29.0313 0x0e98 [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess C:\Windows\System32\ipnathlp.dll
23:01:29.0322 0x0e98 SharedAccess - ok
23:01:29.0373 0x0e98 [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:01:29.0387 0x0e98 ShellHWDetection - ok
23:01:29.0436 0x0e98 [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp C:\Windows\system32\drivers\sisagp.sys
23:01:29.0439 0x0e98 sisagp - ok
23:01:29.0483 0x0e98 [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
23:01:29.0486 0x0e98 SiSRaid2 - ok
23:01:29.0506 0x0e98 [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
23:01:29.0515 0x0e98 SiSRaid4 - ok
23:01:29.0581 0x0e98 [ 7C15061CD0372487903B07B9BB03AFAD, FB96CDA29C7C1E8A315BA89E8B150918E59F32CE749D3EF43FCBEB3FB57BF1C6 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
23:01:29.0591 0x0e98 SkypeUpdate - ok
23:01:29.0732 0x0e98 [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc C:\Windows\system32\SLsvc.exe
23:01:29.0867 0x0e98 slsvc - ok
23:01:29.0903 0x0e98 [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify C:\Windows\system32\SLUINotify.dll
23:01:29.0909 0x0e98 SLUINotify - ok
23:01:29.0943 0x0e98 [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:01:29.0947 0x0e98 Smb - ok
23:01:29.0969 0x0e98 [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:01:29.0974 0x0e98 SNMPTRAP - ok
23:01:29.0994 0x0e98 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr C:\Windows\system32\drivers\spldr.sys
23:01:29.0997 0x0e98 spldr - ok
23:01:30.0050 0x0e98 [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler C:\Windows\System32\spoolsv.exe
23:01:30.0058 0x0e98 Spooler - ok
23:01:30.0108 0x0e98 [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv C:\Windows\system32\DRIVERS\srv.sys
23:01:30.0119 0x0e98 srv - ok
23:01:30.0167 0x0e98 [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:01:30.0172 0x0e98 srv2 - ok
23:01:30.0197 0x0e98 [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:01:30.0204 0x0e98 srvnet - ok
23:01:30.0227 0x0e98 [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:01:30.0235 0x0e98 SSDPSRV - ok
23:01:30.0249 0x0e98 [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:01:30.0258 0x0e98 SstpSvc - ok
23:01:30.0313 0x0e98 [ F92254B0BCFCD10CAAC7BCCC7CB7F467, A44B569F658BED53502C9155947759EE67FABEE306DA2A9ABE87141F99B251A3 ] StarOpen C:\Windows\system32\drivers\StarOpen.sys
23:01:30.0315 0x0e98 StarOpen - ok
23:01:30.0379 0x0e98 [ C3D855CC0A8E5E373FDFCF4F743C5C9D, 8DFDD2470DCCC63FCF1621B6B3A996285C75EE330BE8AC905B2176E5DE52C150 ] Steam Client Service C:\Program Files\Common Files\Steam\SteamService.exe
23:01:30.0397 0x0e98 Steam Client Service - ok
23:01:30.0438 0x0e98 [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc C:\Windows\System32\wiaservc.dll
23:01:30.0454 0x0e98 stisvc - ok
23:01:30.0472 0x0e98 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum C:\Windows\system32\DRIVERS\swenum.sys
23:01:30.0475 0x0e98 swenum - ok
23:01:30.0498 0x0e98 [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv C:\Windows\System32\swprv.dll
23:01:30.0512 0x0e98 swprv - ok
23:01:30.0535 0x0e98 [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
23:01:30.0537 0x0e98 Symc8xx - ok
23:01:30.0556 0x0e98 [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
23:01:30.0559 0x0e98 Sym_hi - ok
23:01:30.0575 0x0e98 [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
23:01:30.0579 0x0e98 Sym_u3 - ok
23:01:30.0623 0x0e98 [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain C:\Windows\system32\sysmain.dll
23:01:30.0645 0x0e98 SysMain - ok
23:01:30.0665 0x0e98 [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:01:30.0671 0x0e98 TabletInputService - ok
23:01:30.0693 0x0e98 [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv C:\Windows\System32\tapisrv.dll
23:01:30.0703 0x0e98 TapiSrv - ok
23:01:30.0753 0x0e98 [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS C:\Windows\System32\tbssvc.dll
23:01:30.0762 0x0e98 TBS - ok
23:01:30.0838 0x0e98 [ 6D0D344F643E28B31262AC2682109A3C, 276736661876CE69A30CEED117AFCF26677221F278E234B9C7D03B85869B2C92 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:01:30.0876 0x0e98 Tcpip - ok
23:01:30.0926 0x0e98 [ 6D0D344F643E28B31262AC2682109A3C, 276736661876CE69A30CEED117AFCF26677221F278E234B9C7D03B85869B2C92 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
23:01:30.0955 0x0e98 Tcpip6 - ok
23:01:30.0977 0x0e98 [ 5877A786EF27E42C4E84D1356F922302, 1CDCC7D91086DC0FE80057EE8E1AE609A38DD9D241BC17145E7811C916E662C3 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:01:30.0980 0x0e98 tcpipreg - ok
23:01:31.0021 0x0e98 [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:01:31.0024 0x0e98 TDPIPE - ok
23:01:31.0039 0x0e98 [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:01:31.0041 0x0e98 TDTCP - ok
23:01:31.0068 0x0e98 [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:01:31.0072 0x0e98 tdx - ok
23:01:31.0092 0x0e98 [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
23:01:31.0095 0x0e98 TermDD - ok
23:01:31.0131 0x0e98 [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService C:\Windows\System32\termsrv.dll
23:01:31.0147 0x0e98 TermService - ok
23:01:31.0171 0x0e98 [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes C:\Windows\system32\shsvcs.dll
23:01:31.0185 0x0e98 Themes - ok
23:01:31.0199 0x0e98 [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER C:\Windows\system32\mmcss.dll
23:01:31.0202 0x0e98 THREADORDER - ok
23:01:31.0223 0x0e98 [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks C:\Windows\System32\trkwks.dll
23:01:31.0230 0x0e98 TrkWks - ok
23:01:31.0262 0x0e98 [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:01:31.0264 0x0e98 TrustedInstaller - ok
23:01:31.0314 0x0e98 [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:01:31.0317 0x0e98 tssecsrv - ok
23:01:31.0345 0x0e98 [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
23:01:31.0348 0x0e98 tunmp - ok
23:01:31.0375 0x0e98 [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:01:31.0378 0x0e98 tunnel - ok
23:01:31.0405 0x0e98 [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
23:01:31.0408 0x0e98 uagp35 - ok
23:01:31.0438 0x0e98 [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:01:31.0446 0x0e98 udfs - ok
23:01:31.0487 0x0e98 [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:01:31.0493 0x0e98 UI0Detect - ok
23:01:31.0534 0x0e98 [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
23:01:31.0537 0x0e98 uliagpkx - ok
23:01:31.0567 0x0e98 [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci C:\Windows\system32\drivers\uliahci.sys
23:01:31.0575 0x0e98 uliahci - ok
23:01:31.0594 0x0e98 [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata C:\Windows\system32\drivers\ulsata.sys
23:01:31.0599 0x0e98 UlSata - ok
23:01:31.0651 0x0e98 [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
23:01:31.0659 0x0e98 ulsata2 - ok
23:01:31.0699 0x0e98 [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
23:01:31.0705 0x0e98 umbus - ok
23:01:31.0736 0x0e98 [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost C:\Windows\System32\upnphost.dll
23:01:31.0746 0x0e98 upnphost - ok
23:01:31.0756 0x0e98 USBAAPL - ok
23:01:31.0807 0x0e98 [ 1114579556DB85E9FAF9590DBC64CD62, 10479A3C12BBBB9B5759082358FE11AC20BAEFA6B4977C8AE6E60AA17BE6C7FA ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
23:01:31.0811 0x0e98 usbaudio - ok
23:01:31.0852 0x0e98 [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:01:31.0857 0x0e98 usbccgp - ok
23:01:31.0876 0x0e98 [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir C:\Windows\system32\drivers\usbcir.sys
23:01:31.0880 0x0e98 usbcir - ok
23:01:31.0906 0x0e98 [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
23:01:31.0908 0x0e98 usbehci - ok
23:01:31.0925 0x0e98 [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:01:31.0932 0x0e98 usbhub - ok
23:01:31.0955 0x0e98 [ D457EBD0C3A8B3A3A144355B5EE91CBC, 6AD52BDBB1607A48F0B02E663B97C3A00E3345B1B12C259608A5AE728C1C06B2 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
23:01:31.0957 0x0e98 usbohci - ok
23:01:31.0986 0x0e98 [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
23:01:31.0988 0x0e98 usbprint - ok
23:01:32.0039 0x0e98 [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
23:01:32.0042 0x0e98 usbscan - ok
23:01:32.0073 0x0e98 [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:01:32.0077 0x0e98 USBSTOR - ok
23:01:32.0104 0x0e98 [ 814D653EFC4D48BE3B04A307ECEFF56F, D73D62F51AEFE2F8F2B938B20107C246F2AC2F62ED49112DBD092A5D2E4024B3 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
23:01:32.0107 0x0e98 usbuhci - ok
23:01:32.0135 0x0e98 [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms C:\Windows\System32\uxsms.dll
23:01:32.0142 0x0e98 UxSms - ok
23:01:32.0171 0x0e98 [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds C:\Windows\System32\vds.exe
23:01:32.0189 0x0e98 vds - ok
23:01:32.0212 0x0e98 [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:01:32.0215 0x0e98 vga - ok
23:01:32.0233 0x0e98 [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave C:\Windows\System32\drivers\vga.sys
23:01:32.0236 0x0e98 VgaSave - ok
23:01:32.0260 0x0e98 [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp C:\Windows\system32\drivers\viaagp.sys
23:01:32.0266 0x0e98 viaagp - ok
23:01:32.0288 0x0e98 [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
23:01:32.0292 0x0e98 ViaC7 - ok
23:01:32.0310 0x0e98 [ AADF5587A4063F52C2C3FED7887426FC, 0A74791A236FDAFCD045CFB79A159245B94F7C2033E0CD830C1B76F0F994E06D ] viaide C:\Windows\system32\drivers\viaide.sys
23:01:32.0313 0x0e98 viaide - ok
23:01:32.0323 0x0e98 [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:01:32.0326 0x0e98 volmgr - ok
23:01:32.0343 0x0e98 [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:01:32.0356 0x0e98 volmgrx - ok
23:01:32.0417 0x0e98 [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:01:32.0424 0x0e98 volsnap - ok
23:01:32.0452 0x0e98 [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
23:01:32.0457 0x0e98 vsmraid - ok
23:01:32.0513 0x0e98 [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS C:\Windows\system32\vssvc.exe
23:01:32.0558 0x0e98 VSS - ok
23:01:32.0582 0x0e98 [ C466021D31FF6C0A6069D12299D80C0B, E7CDC85191543CD44AB15C516FAD99A2705FD6EDB4DE29F54A2EEE22A455C100 ] VSTHWBS2 C:\Windows\system32\DRIVERS\VSTBS23.SYS
23:01:32.0590 0x0e98 VSTHWBS2 - ok
23:01:32.0655 0x0e98 [ EC36F1D542ED4252390D446BF6D4DFD0, DB55D73726E96D3653C37EEBE628D48466D766A9EC1219ED735D5D8FF2822BE2 ] VST_DPV C:\Windows\system32\DRIVERS\VSTDPV3.SYS
23:01:32.0687 0x0e98 VST_DPV - ok
23:01:32.0732 0x0e98 [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time C:\Windows\system32\w32time.dll
23:01:32.0745 0x0e98 W32Time - ok
23:01:32.0779 0x0e98 [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
23:01:32.0781 0x0e98 WacomPen - ok
23:01:32.0799 0x0e98 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
23:01:32.0804 0x0e98 Wanarp - ok
23:01:32.0817 0x0e98 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:01:32.0821 0x0e98 Wanarpv6 - ok
23:01:32.0851 0x0e98 [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:01:32.0868 0x0e98 wcncsvc - ok
23:01:32.0886 0x0e98 [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:01:32.0895 0x0e98 WcsPlugInService - ok
23:01:32.0912 0x0e98 [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd C:\Windows\system32\drivers\wd.sys
23:01:32.0914 0x0e98 Wd - ok
23:01:32.0985 0x0e98 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:01:33.0013 0x0e98 Wdf01000 - ok
23:01:33.0035 0x0e98 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:01:33.0042 0x0e98 WdiServiceHost - ok
23:01:33.0049 0x0e98 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:01:33.0059 0x0e98 WdiSystemHost - ok
23:01:33.0076 0x0e98 [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient C:\Windows\System32\webclnt.dll
23:01:33.0086 0x0e98 WebClient - ok
23:01:33.0116 0x0e98 [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:01:33.0143 0x0e98 Wecsvc - ok
23:01:33.0173 0x0e98 [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:01:33.0178 0x0e98 wercplsupport - ok
23:01:33.0198 0x0e98 [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc C:\Windows\System32\WerSvc.dll
23:01:33.0206 0x0e98 WerSvc - ok
23:01:33.0268 0x0e98 [ 72CC6A8CA7891031D6380DB5025C773C, 33D5021C3A2FE8E9F6E2C22F4777E1D82A6B3998EB857B618A3C8838D3C8B03E ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
23:01:33.0288 0x0e98 winachsf - ok
23:01:33.0324 0x0e98 [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
23:01:33.0333 0x0e98 WinDefend - ok
23:01:33.0348 0x0e98 WinHttpAutoProxySvc - ok
23:01:33.0416 0x0e98 [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:01:33.0423 0x0e98 Winmgmt - ok
23:01:33.0487 0x0e98 [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM C:\Windows\system32\WsmSvc.dll
23:01:33.0565 0x0e98 WinRM - ok
23:01:33.0630 0x0e98 [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc C:\Windows\System32\wlansvc.dll
23:01:33.0653 0x0e98 Wlansvc - ok
23:01:33.0918 0x0e98 [ 6067ACEF367E79914AF628FA1E9B5330, 491A705267B48C103E00B26BBD21FA8829DB03A88343CBC27264CEE5DE8C8DEF ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
23:01:33.0931 0x0e98 wlcrasvc - ok
23:01:34.0122 0x0e98 [ FB01D4AE207B9EFDBABFC55DC95C7E31, E0EFDBBE0BAC275230C8C1A053948C21BCF20B99B92E50939E95FFB9DC87F6BA ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:01:34.0187 0x0e98 wlidsvc - ok
23:01:34.0212 0x0e98 [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
23:01:34.0224 0x0e98 WmiAcpi - ok
23:01:34.0249 0x0e98 [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:01:34.0254 0x0e98 wmiApSrv - ok
23:01:34.0319 0x0e98 [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
23:01:34.0342 0x0e98 WMPNetworkSvc - ok
23:01:34.0374 0x0e98 [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:01:34.0381 0x0e98 WPCSvc - ok
23:01:34.0411 0x0e98 [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:01:34.0417 0x0e98 WPDBusEnum - ok
23:01:34.0445 0x0e98 [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
23:01:34.0448 0x0e98 WpdUsb - ok
23:01:34.0605 0x0e98 [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
23:01:34.0630 0x0e98 WPFFontCache_v0400 - ok
23:01:34.0685 0x0e98 [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:01:34.0696 0x0e98 ws2ifsl - ok
23:01:34.0732 0x0e98 [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc C:\Windows\system32\wscsvc.dll
23:01:34.0738 0x0e98 wscsvc - ok
23:01:34.0748 0x0e98 WSearch - ok
23:01:35.0031 0x0e98 [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv C:\Windows\system32\wuaueng.dll
23:01:35.0134 0x0e98 wuauserv - ok
23:01:35.0215 0x0e98 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:01:35.0218 0x0e98 WudfPf - ok
23:01:35.0316 0x0e98 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:01:35.0345 0x0e98 WUDFRd - ok
23:01:35.0359 0x0e98 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:01:35.0365 0x0e98 wudfsvc - ok
23:01:35.0402 0x0e98 [ DAB33CFA9DD24251AAA389FF36B64D4B, 1C5D7C3D6C3552BDD52EB7E76031746D7DAAF64CA2432CC23329DA72BE7252D0 ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
23:01:35.0404 0x0e98 XAudio - ok
23:01:35.0425 0x0e98 [ CD5F291A1161F15896D1A4D63DAFF5DF, 4F30DC454F255249431FCD14DE17858A79A088A4084F2CEDD0CF25382D427285 ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
23:01:35.0439 0x0e98 XAudioService - ok
23:01:35.0449 0x0e98 ================ Scan global ===============================
23:01:35.0493 0x0e98 [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
23:01:35.0639 0x0e98 [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
23:01:35.0684 0x0e98 [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
23:01:35.0767 0x0e98 [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
23:01:35.0791 0x0e98 [ Global ] - ok
23:01:35.0792 0x0e98 ================ Scan MBR ==================================
23:01:35.0829 0x0e98 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
23:01:36.0875 0x0e98 \Device\Harddisk0\DR0 - ok
23:01:36.0876 0x0e98 ================ Scan VBR ==================================
23:01:36.0893 0x0e98 [ 3C81F31FD636CD8543476DF5BC337930 ] \Device\Harddisk0\DR0\Partition1
23:01:36.0900 0x0e98 \Device\Harddisk0\DR0\Partition1 - ok
23:01:36.0901 0x0e98 Waiting for KSN requests completion. In queue: 68
23:01:37.0953 0x0e98 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.4.304.0 ), 0x60000 ( disabled : updated )
23:01:37.0977 0x0e98 AV detected via SS2: avast! Antivirus, C:\Program Files\Alwil Software\Avast5\VisthAux.exe ( 5.0.121.0 ), 0x41010 ( enabled : outofdate )
23:01:38.0028 0x0e98 Win FW state via NFP2: enabled
23:01:38.0416 0x0e98 ============================================================
23:01:38.0417 0x0e98 Scan finished
23:01:38.0417 0x0e98 ============================================================
23:01:38.0461 0x093c Detected object count: 0
23:01:38.0461 0x093c Actual detected object count: 0

 

[Broni]

You didn't follow one of my previous instructions:

You're running two AV programs, MSE and Avast.
You must uninstall one of them.

Why?

 

[jarrow]

Avast will not let me unistall or turn it off or reinstall so it will work properly I will then unistall mse

 

[jarrow]

I get the bad image error anytime I try to do anything with avast

 

[jarrow]

Avast is corrupted but I have removed mse

 

[Broni]

In the future you have to let me know instead of ignoring the issue.

Use this utility to uninstall Avast: http://www.avast.com/uninstall-utility
Install fresh copy and see if it works.

When done give me fresh FRST log.

 

[jarrow]

It did unistall but when I tried a new one it did the same bad image error on it again, so I will just keep it unistalled and get mse back?

 

[Broni]

Go ahead and give me fresh FRST log.

 

[jarrow]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-02-2014
Ran by Owner (administrator) on OWNER-PC on 07-02-2014 18:53:11
Running from C:\Users\Owner\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: https://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html
Download link for 64-Bit Version: https://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST:

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
() C:\Program Files\CDBurnerXP\NMSAccessU.exe
(Symantec Corporation) C:\Program Files\Norton PC Checkup\Engine\2.0.18.5\ccSvcHst.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Symantec Corporation) C:\Program Files\Norton PC Checkup\Engine\2.0.18.5\ccSvcHst.exe
() C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTAgent.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
(Symantec Corporation) C:\Program Files\Norton PC Checkup\Engine\2.0.18.5\SymcPCCULaunchSvc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [LogitechQuickCamRibbon] - C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152 2007-03-11] (Hewlett-Packard Co.)
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-28] ()
HKLM\...\Run: [amd_dc_opt] - C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM\...\Run: [TkBellExe] - c:\program files\real\realplayer\Update\realsched.exe [295512 2013-03-22] (RealNetworks, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKU\S-1-5-21-54904198-83528272-1936735752-1000\...\Run: [LightScribe Control Panel] - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-06-17] (Hewlett-Packard Company)
HKU\S-1-5-21-54904198-83528272-1936735752-1000\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-54904198-83528272-1936735752-1000\...\Run: [HPADVISOR] - C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1644088 2009-08-05] (Hewlett-Packard)
HKU\S-1-5-21-54904198-83528272-1936735752-1000\...\Run: [Steam] - C:\Program Files\Steam\Steam.exe [1815464 2014-01-07] (Valve Corporation)
HKU\S-1-5-21-54904198-83528272-1936735752-1000\...\Run: [RGSC] - C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
HKU\S-1-5-21-54904198-83528272-1936735752-1000\...\Run: [Xvid] - C:\Program Files\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-54904198-83528272-1936735752-1000\...\Run: [MediaGet2] - C:\Users\Owner\AppData\Local\MediaGet2\mediaget.exe --minimized
HKU\S-1-5-21-54904198-83528272-1936735752-1000\...\Run: [DAEMON Tools Pro Agent] - C:\Program Files\DAEMON Tools Pro\DTAgent.exe [3035968 2012-02-02] (DT Soft Ltd)
HKU\S-1-5-21-54904198-83528272-1936735752-1000\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [18642024 2013-02-28] (Skype Technologies S.A.)
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://go.microsoft.com/fwlink/?LinkId=69157
URLSearchHook: HKCU - (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File
SearchScopes: HKLM - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678
SearchScopes: HKLM - {8A96AF9E-4074-43b7-BEA3-87217BDA74C8} URL = http://www.searchqu.com/web?src=ieb&q={searchTerms}
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678
SearchScopes: HKCU - DefaultScope {1FB0FC6A-5601-44F0-92BC-163CB906969E} URL = http://search.findwide.com/serp?gui...ction=default_search&serpv=22&k={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/web/{sear...00762&mntrId=d444a63f000000000000001bb9a64b02
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/redirect?c...pn_sauid=D33BBA30-0D2C-458D-ADDF-6B10AE2E51E5
SearchScopes: HKCU - {1FB0FC6A-5601-44F0-92BC-163CB906969E} URL = http://search.findwide.com/serp?gui...ction=default_search&serpv=22&k={searchTerms}
SearchScopes: HKCU - {258C3385-2D9F-4341-ACC2-8C0B91CD0EEE} URL = http://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=10803
SearchScopes: HKCU - {8A96AF9E-4074-43b7-BEA3-87217BDA74C8} URL = http://www.searchqu.com/web?src=ieb&q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: ZenSearch - {EC740D8D-BAA6-4BAF-9183-2406AB943D3A} - C:\Program Files\ZenSearch\IeZenSearch.dll (ZenSearch ApS)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.254 142.161.130.155

FireFox:
========
FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\0qflzo3p.default
FF user.js: detected! => C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\0qflzo3p.default\user.js
FF SelectedSearchEngine: ZenSearch
FF NewTab: about:blank
FF DefaultSearchEngine: FindWide
FF SearchEngineOrder.1: Ask.com
FF Homepage: hxxp://search.findwide.com/?guid={E095C8E1-DDCA-4CB1-99C8-522712811234}&serpv=22
FF Keyword.URL: hxxp://search.findwide.com/serp?guid={E095C8E1-DDCA-4CB1-99C8-522712811234}&action=default_search&serpv=22&k=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll No File
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll No File
FF Plugin: @real.com/nppl3260;version=16.0.1.18 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.1.18 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @yahoo.com/BrowserPlus,version=2.9.8 - C:\Users\Owner\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF Plugin ProgramFiles/Appdata: C:\Users\Owner\AppData\Roaming\mozilla\plugins\np-mswmp.dll (Microsoft Corporation)
FF SearchPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\0qflzo3p.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\0qflzo3p.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\0qflzo3p.default\searchplugins\ZenSearch.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\answers.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
FF Extension: Babylon - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\0qflzo3p.default\Extensions\ffxtlbr@babylon.com [2011-10-31]
FF Extension: ZenSearch - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\0qflzo3p.default\Extensions\ZenSearch@ZenSearch.com [2014-01-18]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\0qflzo3p.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-06-14]
FF Extension: Yahoo! Toolbar - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\0qflzo3p.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2013-05-14]
FF Extension: uTorrentBar Community Toolbar - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\0qflzo3p.default\Extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} [2013-02-17]
FF Extension: FindWide Toolbar - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\0qflzo3p.default\Extensions\toolbar10803@findwide.com.xpi [2014-01-11]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-04-24]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2013-04-24]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-04-16]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-06-16]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-03-22]
FF HKLM\...\Firefox\Extensions: [{DAC3F861-B30D-40dd-9166-F4E75327FAC7}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-04-16]

Chrome:
=======
CHR HomePage: chrome://newtab/
CHR DefaultSearchKeyword: zensearch
CHR DefaultSearchProvider: ZenSearch
CHR DefaultSearchURL: http://www.zensearch.com/?q={searchTerms}
CHR DefaultNewTabURL:
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_257.dll No File
CHR Plugin: (Skype Toolbars) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.7.0.8773_0\npSkypeChromePlugin.dll (Skype Technologies S.A.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll No File
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll No File
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Users\Owner\AppData\Roaming\Mozilla\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Fun Web Products Plugin Stub) - C:\Program Files\FunWebProducts\Installr\2.bin\NPFunWeb.dll No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (BrowserPlus (from Yahoo!) v2.9.8) - C:\Users\Owner\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Google Drive) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-22]
CHR Extension: (RealDownloader) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-01-20]
CHR Extension: (Skype Click to Call) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-06-15]
CHR Extension: (ZenSearch) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lificnbhpecdikcjmcpdinkjbigomafg [2014-01-18]
CHR Extension: (Google Wallet) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-20]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2012-06-16]
CHR HKLM\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\Users\Owner\AppData\Local\Temp\crxB457.tmp [2012-06-16]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-03-06]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-11-14]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]

========================== Services (Whitelisted) =================

R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096 2009-07-13] ()
R2 Norton PC Checkup Application Launcher; C:\Program Files\Norton PC Checkup\Engine\2.0.18.5\SymcPCCULaunchSvc.exe [123320 2012-03-09] (Symantec Corporation)
R2 PCCUJobMgr; C:\Program Files\Norton PC Checkup\Engine\2.0.18.5\ccSvcHst.exe [126392 2012-03-09] (Symantec Corporation)
S2 PEVSystemStart; C:\jarrow_seymour557j\CregB.dat [2446 2014-02-06] ()
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75136 2011-02-05] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-03-06] ()

==================== Drivers (Whitelisted) ====================

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [45696 2008-01-20] (Microsoft Corporation)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [279712 2013-01-19] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-03-31] (DT Soft Ltd)
R1 ISODisk; C:\Windows\system32\Drivers\ISODisk.sys [9600 2006-04-26] ()
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2013-01-19] ()
R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2687512 2009-04-30] (Logitech Inc.)
S3 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [7168 2009-11-12] ()
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-20] (Microsoft Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]

==================== NetSvcs (Whitelisted) ===================

 

[jarrow]

==================== One Month Created Files and Folders ========

2014-02-07 18:49 - 2014-02-07 18:49 - 11125072 _____ (Microsoft Corporation) C:\Users\Owner\Downloads\mseinstall.exe
2014-02-07 12:36 - 2014-02-07 12:37 - 01136640 _____ (Farbar) C:\Users\Owner\Desktop\FRST.exe
2014-02-07 12:29 - 2014-02-07 18:40 - 00000000 ____D () C:\Program Files\AVAST Software
2014-02-06 22:59 - 2014-02-06 22:59 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\Owner\Desktop\tdsskiller.exe
2014-02-06 22:04 - 2014-02-06 22:13 - 00000000 ___SD () C:\jarrow_seymour557j
2014-02-06 21:48 - 2014-02-06 21:57 - 00000000 ___SD () C:\jarrow_seymour3768j
2014-02-06 21:14 - 2014-02-06 21:14 - 00000000 ____D () C:\jarrow_seymour27688j
2014-02-06 21:10 - 2014-02-06 21:10 - 00000000 ____D () C:\jarrow_seymour
2014-02-06 21:05 - 2014-02-06 22:03 - 00004568 _____ () C:\Users\Owner\Desktop\Rkill.txt
2014-02-06 20:49 - 2014-02-06 20:49 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Owner\Desktop\rkill.exe
2014-02-06 20:41 - 2014-02-06 21:18 - 05180173 ____R (Swearware) C:\Users\Owner\Desktop\jarrow_seymour.exe
2014-02-03 08:35 - 2014-02-07 18:40 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-02-02 20:43 - 2014-02-02 20:43 - 00154424 _____ () C:\Windows\Minidump\Mini020214-01.dmp
2014-02-02 19:43 - 2014-02-02 19:44 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Owner\Downloads\mbar-1.07.0.1009.exe
2014-02-02 19:37 - 2014-02-02 19:37 - 00001939 _____ () C:\Users\Owner\Desktop\rogue.txt
2014-02-02 19:35 - 2014-02-02 19:35 - 00002020 _____ () C:\Users\Owner\Desktop\RKreport[0]_D_02022014_193544.txt
2014-02-02 19:34 - 2014-02-02 19:34 - 00001967 _____ () C:\Users\Owner\Desktop\RKreport[0]_S_02022014_193421.txt
2014-02-02 19:30 - 2014-02-02 19:30 - 03792384 _____ () C:\Users\Owner\Downloads\RogueKiller (1).exe
2014-02-02 19:27 - 2014-02-07 18:53 - 00000000 ____D () C:\Users\Owner\AppData\Local\CrashDumps
2014-02-02 19:24 - 2014-02-02 19:35 - 00000000 ____D () C:\Users\Owner\Desktop\RK_Quarantine
2014-02-02 19:23 - 2014-02-02 19:23 - 03792384 _____ () C:\Users\Owner\Downloads\RogueKiller.exe
2014-02-02 19:00 - 2014-02-07 18:53 - 00026013 _____ () C:\Users\Owner\Desktop\FRST.txt
2014-02-02 18:59 - 2014-02-02 18:59 - 00001242 _____ () C:\Users\Owner\Desktop\fixlist.txt
2014-02-02 18:58 - 2014-02-02 18:58 - 00001242 _____ () C:\Users\Owner\Downloads\fixlist (1).txt
2014-02-02 18:41 - 2014-02-02 18:41 - 00022410 _____ () C:\Users\Owner\Desktop\dds.txt
2014-02-02 18:41 - 2014-02-02 18:41 - 00014833 _____ () C:\Users\Owner\Desktop\attach.txt
2014-02-02 18:38 - 2014-02-02 18:38 - 00688992 ____R (Swearware) C:\Users\Owner\Downloads\dds.com
2014-02-02 18:33 - 2014-02-02 18:33 - 00000000 ____D () C:\Users\Owner\AppData\Local\{7064A2DD-AC8F-46D8-956E-A7EA3179F680}
2014-01-31 18:47 - 2014-01-31 18:49 - 00000000 ____D () C:\Users\Owner\Downloads\Enders Game (2013) DVDRip XviD-MAXSPEED
2014-01-31 13:01 - 2014-02-01 13:02 - 00000000 ____D () C:\Users\Owner\AppData\Local\{E3A6C736-70EA-45A8-BD5E-A1F088907FE9}
2014-01-31 12:57 - 2014-01-31 12:57 - 00000000 _____ () C:\Windows\setuperr.log
2014-01-31 12:57 - 2014-01-31 12:57 - 00000000 _____ () C:\Windows\setupact.log
2014-01-30 20:05 - 2014-01-30 20:20 - 196717239 _____ () C:\Users\Owner\Downloads\Raising.Hope.S04E12.HDTV.x264-KILLERS.mp4
2014-01-30 20:04 - 2014-01-30 20:24 - 173993947 _____ () C:\Users\Owner\Downloads\Raising.Hope.S04E13.HDTV.x264-KILLERS.mp4
2014-01-30 19:25 - 2014-01-30 20:03 - 171356531 _____ () C:\Users\Owner\Downloads\Raising.Hope.S04E11.HDTV.x264-2HD.mp4
2014-01-30 19:24 - 2014-01-30 20:05 - 160227728 _____ () C:\Users\Owner\Downloads\Raising.Hope.S04E10.HDTV.x264-LOL.mp4
2014-01-30 19:23 - 2014-01-30 20:08 - 121952291 _____ () C:\Users\Owner\Downloads\Raising.Hope.S04E07.HDTV.x264-LOL.mp4
2014-01-30 19:23 - 2014-01-30 20:07 - 183545748 _____ () C:\Users\Owner\Downloads\Raising.Hope.S04E09.HDTV.x264-LOL.mp4
2014-01-30 19:23 - 2014-01-30 20:05 - 153540870 _____ () C:\Users\Owner\Downloads\Raising.Hope.S04E08.HDTV.x264-LOL.mp4
2014-01-30 12:52 - 2014-01-30 13:13 - 159089405 _____ () C:\Users\Owner\Downloads\Raising.Hope.S04E06.HDTV.x264-LOL.mp4
2014-01-30 12:51 - 2014-01-30 13:14 - 156854754 _____ () C:\Users\Owner\Downloads\Raising.Hope.S04E04.HDTV.x264-LOL.mp4
2014-01-30 12:51 - 2014-01-30 13:13 - 208112520 _____ () C:\Users\Owner\Downloads\Raising.Hope.S04E03.HDTV.x264-LOL.mp4
2014-01-30 12:51 - 2014-01-30 13:04 - 146217387 _____ () C:\Users\Owner\Downloads\Raising.Hope.S04E05.HDTV.x264-LOL.mp4
2014-01-29 20:25 - 2014-01-29 20:36 - 202691352 _____ () C:\Users\Owner\Downloads\Raising.Hope.S04E02.HDTV.x264-LOL.mp4
2014-01-29 13:02 - 2014-01-29 13:16 - 00000000 ____D () C:\Users\Owner\Downloads\Percy Jackson Sea of Monsters (2013)
2014-01-28 23:15 - 2014-02-02 10:13 - 00000000 ____D () C:\Users\Owner\Downloads\L E N S M A N
2014-01-28 20:24 - 2014-01-28 22:36 - 00000000 ____D () C:\Users\Owner\Downloads\Black Dynamite Season 1 10 Episodes
2014-01-28 20:23 - 2014-01-28 20:45 - 00000000 ____D () C:\Users\Owner\Downloads\Black.Dynamite.2009.DVDRip.XviD-Emery1337x
2014-01-28 18:39 - 2014-01-28 19:02 - 189806747 _____ () C:\Users\Owner\Downloads\Raising.Hope.S04E01.HDTV.x264-LOL.mp4
2014-01-28 18:39 - 2014-01-28 18:50 - 00000000 ____D () C:\Users\Owner\Downloads\[ www.Torrenting.com ] - I'm Gonna Git You Sucka (1988)-DVDRIp Xvid-THC
2014-01-28 18:29 - 2014-01-28 19:01 - 00000000 ____D () C:\Users\Owner\Downloads\The Hunger Games Catching Fire (2013)
2014-01-27 20:44 - 2014-01-27 20:47 - 00000000 ____D () C:\Users\Owner\Downloads\The.Lesser.Blessed.2012 WEBRip XViD j****
2014-01-24 19:24 - 2014-01-24 19:24 - 00000000 ____D () C:\Users\Owner\AppData\Local\{CF3A6353-DFA9-4BC0-93EA-C764ED2F4E83}
2014-01-24 06:18 - 2014-01-24 06:18 - 00000000 ____D () C:\Users\Owner\AppData\Local\{33FC1982-1F4E-4C64-B163-F3665F9FDDE8}
2014-01-23 19:11 - 2014-01-23 19:12 - 18005296 _____ (Microsoft Corporation) C:\Users\Owner\Downloads\IE9-WindowsVista-x86-enu.exe
2014-01-23 19:08 - 2014-01-23 19:09 - 00179272 _____ () C:\Windows\Minidump\Mini012314-04.dmp
2014-01-23 18:48 - 2014-01-23 18:49 - 00252576 _____ () C:\Windows\Minidump\Mini012314-03.dmp
2014-01-23 18:27 - 2014-01-23 18:28 - 00035853 _____ () C:\Users\Owner\Downloads\Addition.txt
2014-01-23 18:24 - 2014-02-07 18:53 - 00000000 ____D () C:\FRST
2014-01-23 18:24 - 2014-02-02 18:14 - 00057988 _____ () C:\Users\Owner\Downloads\FRST.txt
2014-01-23 18:23 - 2014-02-02 19:06 - 01137152 _____ (Farbar) C:\Users\Owner\Downloads\FRST.exe
2014-01-23 18:18 - 2014-01-23 18:18 - 00000000 ____D () C:\Users\Owner\AppData\Local\{47C59368-A926-4306-9FF9-CB052FAD7F96}
2014-01-23 18:15 - 2014-01-23 18:15 - 00208416 _____ () C:\Windows\Minidump\Mini012314-02.dmp
2014-01-23 13:27 - 2014-02-02 20:41 - 289132790 _____ () C:\Windows\MEMORY.DMP
2014-01-23 13:27 - 2014-01-23 13:28 - 00191928 _____ () C:\Windows\Minidump\Mini012314-01.dmp
2014-01-23 13:04 - 2014-01-23 18:20 - 00000000 ____D () C:\Users\Owner\Downloads\Vikingdom (2013)
2014-01-23 13:02 - 2014-01-23 13:03 - 00000000 ____D () C:\Users\Owner\Downloads\Valhalla Rising (2009)
2014-01-23 12:58 - 2014-02-02 18:44 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\uTorrent
2014-01-23 12:58 - 2014-01-23 12:58 - 01307736 _____ (BitTorrent Inc.) C:\Users\Owner\Downloads\utorrent.exe
2014-01-22 12:37 - 2014-01-22 12:38 - 00993600 _____ (DivX, LLC) C:\Users\Owner\Downloads\DivXInstaller.exe
2014-01-20 17:58 - 2014-01-20 17:58 - 00000000 ____D () C:\Program Files\ESET
2014-01-20 17:57 - 2014-01-20 17:57 - 02347384 _____ (ESET) C:\Users\Owner\Downloads\esetsmartinstaller_enu.exe
2014-01-20 12:42 - 2014-01-20 12:42 - 00246852 _____ () C:\Users\Owner\Downloads\cwshredder.zip
2014-01-20 12:21 - 2014-01-20 12:22 - 05938328 _____ (ParetoLogic, Inc.) C:\Users\Owner\Downloads\RegCureProSetup.exe
2014-01-19 22:45 - 2014-01-20 10:45 - 00000000 ____D () C:\Users\Owner\AppData\Local\{36289C9B-B283-42FB-860D-65488FA092D4}
2014-01-19 10:45 - 2014-01-19 10:45 - 00000000 ____D () C:\Users\Owner\AppData\Local\{F9B47CAF-FB61-4B5F-AE15-31206B1E2066}
2014-01-19 07:50 - 2014-01-19 07:50 - 00000000 ____D () C:\ProgramData\Doctor Web
2014-01-19 00:47 - 2014-01-19 01:00 - 140590504 _____ () C:\Users\Owner\Downloads\qt91vjwt.exe
2014-01-19 00:05 - 2014-01-19 00:05 - 00000000 ____D () C:\Windows\erdnt
2014-01-18 23:38 - 2014-02-06 22:15 - 00000000 ____D () C:\Program Files\ZenSearch
2014-01-18 23:38 - 2014-01-18 23:38 - 00000000 ____D () C:\Program Files\ZenSearch Updater
2014-01-18 23:17 - 2011-06-26 00:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-01-18 23:17 - 2010-11-07 11:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-01-18 23:17 - 2009-04-19 22:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-18 23:17 - 2000-08-30 18:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-18 23:17 - 2000-08-30 18:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-18 23:17 - 2000-08-30 18:00 - 00098816 _____ () C:\Windows\sed.exe
2014-01-18 23:17 - 2000-08-30 18:00 - 00080412 _____ () C:\Windows\grep.exe
2014-01-18 23:17 - 2000-08-30 18:00 - 00068096 _____ () C:\Windows\zip.exe
2014-01-18 23:15 - 2014-01-18 23:17 - 00000000 ____D () C:\Qoobox
2014-01-18 22:03 - 2014-01-18 22:03 - 00000000 ____D () C:\Users\Owner\AppData\Local\{B6A81868-696A-4C7C-B0E7-B0F35CB2A1CE}
2014-01-18 14:07 - 2014-01-18 14:07 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Malwarebytes
2014-01-18 14:06 - 2014-01-18 14:06 - 00000906 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-18 14:06 - 2014-01-18 14:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-01-18 14:06 - 2014-01-18 14:06 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-01-18 14:06 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-18 14:04 - 2014-01-18 14:05 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Owner\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-18 09:08 - 2014-01-18 09:08 - 00000000 ____D () C:\ProgramData\Alwil Software
2014-01-18 09:08 - 2014-01-18 09:08 - 00000000 ____D () C:\Program Files\Alwil Software
2014-01-17 23:27 - 2014-01-17 23:27 - 00402696 _____ () C:\Users\Owner\Downloads\setup.exe
2014-01-17 23:04 - 2014-01-17 23:04 - 00000000 ____D () C:\Users\Owner\AppData\Local\{3A6E7400-24B4-4B5C-96CD-C2BA71080508}
2014-01-16 22:00 - 2014-01-17 00:40 - 00000000 ____D () C:\Users\Owner\Downloads\American Hustle 2013 DVDScr XViD AC3-FiNGERBLaST
2014-01-16 21:55 - 2014-01-16 23:16 - 732186624 _____ () C:\Users\Owner\Downloads\Iros.Sky.2012.XviD.700MB.avi
2014-01-16 21:49 - 2014-01-16 21:54 - 00000000 ____D () C:\Users\Owner\Downloads\Dallas.Buyers.Club.2013.DVDScr.XVID.AC3.HQ.Hive-CM8
2014-01-16 21:48 - 2014-01-17 00:30 - 00000000 ____D () C:\Users\Owner\Downloads\The.Wolf.of.Wall.Street.2013.DVDSCR.XviD-BiDA
2014-01-16 19:22 - 2014-01-17 23:19 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-01-16 19:18 - 2014-01-16 19:18 - 00000000 ____D () C:\Users\Owner\AppData\Local\{4BBE17B8-B4C8-40C9-B634-687ED21AF0E4}
2014-01-16 18:20 - 2014-01-16 18:56 - 00000000 ____D () C:\Users\Owner\Downloads\Frozen 2013 DVDScr XViD AC3-FiNGERBLaST
2014-01-16 12:57 - 2014-01-16 13:03 - 00000000 ____D () C:\Users\Owner\Downloads\12.Years.a.Slave.2013.DVDScr.XVID.AC3.HQ.Hive-CM8
2014-01-15 12:27 - 2014-01-15 12:27 - 00000000 ____D () C:\Users\Owner\AppData\Local\{6DC1AB7F-8A8D-411D-88C3-564C460CAE49}
2014-01-14 09:01 - 2014-01-14 09:01 - 00000000 ____D () C:\Users\Owner\AppData\Local\{FCF885CF-C670-4042-ADD9-05665C91791D}
2014-01-14 08:41 - 2014-01-14 08:43 - 00000000 ____D () C:\Users\Owner\Downloads\Riddick (2013) DVDRip XviD-MAXSPEED
2014-01-13 21:01 - 2014-01-13 21:01 - 00000000 ____D () C:\Users\Owner\AppData\Local\{9CBB5B70-0FDC-48E1-82ED-2FEC4226FC2C}
2014-01-13 18:53 - 2014-01-13 21:04 - 00000000 ____D () C:\Users\Owner\Downloads\Rush (2013) [1080p]
2014-01-13 18:50 - 2014-01-13 18:51 - 00000000 ____D () C:\Users\Owner\Downloads\Gravity 2013 DVDSCR XVID AC3-MiLLENiUM
2014-01-12 20:14 - 2014-01-12 20:14 - 00000000 ____D () C:\Users\Owner\AppData\Local\{FA4B3C26-C510-4F4C-825B-3E7D7621F8F3}
2014-01-11 18:41 - 2014-01-11 18:41 - 00000859 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-01-11 18:38 - 2014-01-11 18:38 - 79450248 _____ () C:\Users\Owner\Downloads\vlcmediaplayer-setup.exe
2014-01-11 18:35 - 2014-01-11 18:35 - 00000000 ____D () C:\Users\Owner\Desktop\no kata
2014-01-11 18:34 - 2014-01-11 18:34 - 00040681 _____ () C:\Users\Owner\Downloads\captain-phillips-2013-english-yify-4417.zip
2014-01-11 17:30 - 2014-01-11 18:49 - 00000000 ____D () C:\Users\Owner\Downloads\Man of Steel (2013)
2014-01-11 17:27 - 2014-01-11 18:25 - 00000000 ____D () C:\Users\Owner\Downloads\Insidious Chapter 2 (2013)
2014-01-11 17:24 - 2014-01-11 17:24 - 00000000 ____D () C:\Users\Owner\AppData\Local\{6E2903FF-5477-47B7-9C1C-42195072BCAF}
2014-01-11 10:43 - 2014-01-11 10:43 - 00000000 ____D () C:\Users\Joey\Documents\TikGames
2014-01-11 10:42 - 2014-01-11 10:42 - 00000000 ____D () C:\Users\Joey\AppData\Roaming\RealNetworks
2014-01-10 22:08 - 2014-01-10 22:08 - 00000000 ____D () C:\Users\Owner\AppData\Local\{3FDBD797-7DFA-4CDC-95D9-F6C83A0AC5FE}
2014-01-08 19:03 - 2014-01-11 18:36 - 00000000 ____D () C:\Users\Owner\Downloads\Captain.Phillips.2013.DVDRip.X264-SPARKS[rarbg]
2014-01-08 19:03 - 2014-01-09 03:49 - 1353078630 _____ () C:\Users\Owner\Downloads\Cloudy.With.a.Chance.Of.Meatballs.2.2013.HDTV.AC3.XViD-MEATYBALLS.avi

==================== One Month Modified Files and Folders =======

2014-02-07 18:53 - 2014-02-02 19:27 - 00000000 ____D () C:\Users\Owner\AppData\Local\CrashDumps
2014-02-07 18:53 - 2014-02-02 19:00 - 00026013 _____ () C:\Users\Owner\Desktop\FRST.txt
2014-02-07 18:53 - 2014-01-23 18:24 - 00000000 ____D () C:\FRST
2014-02-07 18:49 - 2014-02-07 18:49 - 11125072 _____ (Microsoft Corporation) C:\Users\Owner\Downloads\mseinstall.exe
2014-02-07 18:45 - 2009-04-11 06:37 - 01746004 _____ () C:\Windows\WindowsUpdate.log
2014-02-07 18:44 - 2010-07-10 17:25 - 00000386 _____ () C:\Windows\Tasks\Final Media Player Update Checker.job
2014-02-07 18:42 - 2010-04-14 13:07 - 00000000 ____D () C:\Program Files\Steam
2014-02-07 18:41 - 2011-04-29 21:22 - 00000880 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-07 18:41 - 2006-11-02 07:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-07 18:41 - 2006-11-02 06:47 - 00004240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-07 18:41 - 2006-11-02 06:47 - 00004240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-07 18:40 - 2014-02-07 12:29 - 00000000 ____D () C:\Program Files\AVAST Software
2014-02-07 18:40 - 2014-02-03 08:35 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-02-07 18:39 - 2006-11-02 04:23 - 00002577 _____ () C:\Windows\system32\config.nt
2014-02-07 18:37 - 2006-11-02 07:01 - 00032602 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-07 18:32 - 2010-11-23 14:01 - 00000474 ____H () C:\Windows\Tasks\Norton Security Scan for Owner.job
2014-02-07 18:18 - 2012-03-31 12:31 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-07 17:57 - 2011-04-29 21:22 - 00000884 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-07 12:46 - 2013-04-23 23:09 - 00000378 _____ () C:\Windows\Tasks\FreeFileViewerUpdateChecker.job
2014-02-07 12:37 - 2014-02-07 12:36 - 01136640 _____ (Farbar) C:\Users\Owner\Desktop\FRST.exe
2014-02-07 12:12 - 2011-04-28 23:40 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\vlc
2014-02-07 01:30 - 2011-01-26 18:04 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-02-06 22:59 - 2014-02-06 22:59 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\Owner\Desktop\tdsskiller.exe
2014-02-06 22:16 - 2010-06-09 20:50 - 00000000 ____D () C:\Users\Owner\AppData\Local\Apps\2.0
2014-02-06 22:15 - 2014-01-18 23:38 - 00000000 ____D () C:\Program Files\ZenSearch
2014-02-06 22:15 - 2008-01-20 20:47 - 00258768 _____ () C:\Windows\PFRO.log
2014-02-06 22:13 - 2014-02-06 22:04 - 00000000 ___SD () C:\jarrow_seymour557j
2014-02-06 22:03 - 2014-02-06 21:05 - 00004568 _____ () C:\Users\Owner\Desktop\Rkill.txt
2014-02-06 21:57 - 2014-02-06 21:48 - 00000000 ___SD () C:\jarrow_seymour3768j
2014-02-06 21:18 - 2014-02-06 20:41 - 05180173 ____R (Swearware) C:\Users\Owner\Desktop\jarrow_seymour.exe
2014-02-06 21:14 - 2014-02-06 21:14 - 00000000 ____D () C:\jarrow_seymour27688j
2014-02-06 21:10 - 2014-02-06 21:10 - 00000000 ____D () C:\jarrow_seymour
2014-02-06 20:49 - 2014-02-06 20:49 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Owner\Desktop\rkill.exe
2014-02-05 10:18 - 2012-03-31 12:31 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-02-05 10:18 - 2011-05-17 20:37 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-02-04 17:41 - 2013-10-04 17:51 - 00000000 ____D () C:\Users\Owner\Downloads\DISNEYS-TINKERBELL AND THE LOST TREASURE 2009-MULTI AUDIO AAC MP4 BY KIDZCORNER
2014-02-03 19:56 - 2011-09-05 20:54 - 00000000 ____D () C:\v2d
2014-02-03 10:22 - 2011-11-15 19:23 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Skype
2014-02-02 20:43 - 2014-02-02 20:43 - 00154424 _____ () C:\Windows\Minidump\Mini020214-01.dmp
2014-02-02 20:43 - 2012-05-30 22:08 - 00000000 ____D () C:\Windows\Minidump
2014-02-02 20:41 - 2014-01-23 13:27 - 289132790 _____ () C:\Windows\MEMORY.DMP
2014-02-02 19:44 - 2014-02-02 19:43 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Owner\Downloads\mbar-1.07.0.1009.exe
2014-02-02 19:37 - 2014-02-02 19:37 - 00001939 _____ () C:\Users\Owner\Desktop\rogue.txt
2014-02-02 19:35 - 2014-02-02 19:35 - 00002020 _____ () C:\Users\Owner\Desktop\RKreport[0]_D_02022014_193544.txt
2014-02-02 19:35 - 2014-02-02 19:24 - 00000000 ____D () C:\Users\Owner\Desktop\RK_Quarantine
2014-02-02 19:34 - 2014-02-02 19:34 - 00001967 _____ () C:\Users\Owner\Desktop\RKreport[0]_S_02022014_193421.txt
2014-02-02 19:30 - 2014-02-02 19:30 - 03792384 _____ () C:\Users\Owner\Downloads\RogueKiller (1).exe
2014-02-02 19:30 - 2012-12-27 17:27 - 00000000 ____D () C:\Users\Owner\AppData\Local\FileTypeAssistant
2014-02-02 19:23 - 2014-02-02 19:23 - 03792384 _____ () C:\Users\Owner\Downloads\RogueKiller.exe
2014-02-02 19:06 - 2014-01-23 18:23 - 01137152 _____ (Farbar) C:\Users\Owner\Downloads\FRST.exe
2014-02-02 18:59 - 2014-02-02 18:59 - 00001242 _____ () C:\Users\Owner\Desktop\fixlist.txt
2014-02-02 18:58 - 2014-02-02 18:58 - 00001242 _____ () C:\Users\Owner\Downloads\fixlist (1).txt
2014-02-02 18:48 - 2011-08-03 22:28 - 00000000 ____D () C:\Users\Owner\AppData\Local\Conduit
2014-02-02 18:45 - 2011-10-31 19:47 - 00000000 ____D () C:\Program Files\File Type Assistant
2014-02-02 18:44 - 2014-01-23 12:58 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\uTorrent
2014-02-02 18:41 - 2014-02-02 18:41 - 00022410 _____ () C:\Users\Owner\Desktop\dds.txt
2014-02-02 18:41 - 2014-02-02 18:41 - 00014833 _____ () C:\Users\Owner\Desktop\attach.txt
2014-02-02 18:38 - 2014-02-02 18:38 - 00688992 ____R (Swearware) C:\Users\Owner\Downloads\dds.com
2014-02-02 18:33 - 2014-02-02 18:33 - 00000000 ____D () C:\Users\Owner\AppData\Local\{7064A2DD-AC8F-46D8-956E-A7EA3179F680}
2014-02-02 18:33 - 2010-04-14 09:21 - 00000000 ____D () C:\Users\Owner\Tracing
2014-02-02 18:29 - 2010-04-15 09:17 - 00000000 ____D () C:\Windows\PCHEALTH
2014-02-02 18:14 - 2014-01-23 18:24 - 00057988 _____ () C:\Users\Owner\Downloads\FRST.txt
2014-02-02 17:50 - 2011-09-06 20:07 - 00000028 _____ () C:\Windows\v2d.INI
2014-02-02 16:53 - 2013-04-24 01:20 - 00000000 ____D () C:\Program Files\mozilla firefox
2014-02-02 10:13 - 2014-01-28 23:15 - 00000000 ____D () C:\Users\Owner\Downloads\L E N S M A N
2014-02-01 13:02 - 2014-01-31 13:01 - 00000000 ____D () C:\Users\Owner\AppData\Local\{E3A6C736-70EA-45A8-BD5E-A1F088907FE9}
2014-01-31 18:49 - 2014-01-31 18:47 - 00000000 ____D () C:\Users\Owner\Downloads\Enders Game (2013) DVDRip XviD-MAXSPEED
2014-01-31 12:58 - 2010-04-14 13:24 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-01-31 12:57 - 2014-01-31 12:57 - 00000000 _____ () C:\Windows\setuperr.log
2014-01-31 12:57 - 2014-01-31 12:57 - 00000000 _____ () C:\Windows\setupact.log
2014-01-31 12:56 - 2012-12-13 07:48 - 00001356 _____ () C:\Users\Owner\AppData\Local\d3d9caps.dat
2014-01-30 20:24 - 2014-01-30 20:04 - 173993947 _____ () C:\Users\Owner\Downloads\Raising.Hope.S04E13.HDTV.x264-KILLERS.mp4
2014-01-30 20:20 - 2014-01-30 20:05 - 196717239 _____ () C:\Users\Owner\Downloads\Raising.Hope.S04E12.HDTV.x264-KILLERS.mp4
2014-01-30 20:08 - 2014-01-30 19:23 - 121952291 _____ () C:\Users\Owner\Downloads\Raising.Hope.S04E07.HDTV.x264-LOL.mp4
2014-01-30 20:07 - 2014-01-30 19:23 - 183545748 _____ () C:\Users\Owner\Downloads\Raising.Hope.S04E09.HDTV.x264-LOL.mp4
2014-01-30 20:05 - 2014-01-30 19:24 - 160227728 _____ () C:\Users\Owner\Downloads\Raising.Hope.S04E10.HDTV.x264-LOL.mp4
2014-01-30 20:05 - 2014-01-30 19:23 - 153540870 _____ () C:\Users\Owner\Downloads\Raising.Hope.S04E08.HDTV.x264-LOL.mp4
2014-01-30 20:03 - 2014-01-30 19:25 - 171356531 _____ () C:\Users\Owner\Downloads\Raising.Hope.S04E11.HDTV.x264-2HD.mp4
2014-01-30 13:14 - 2014-01-30 12:51 - 156854754 _____ () C:\Users\Owner\Downloads\Raising.Hope.S04E04.HDTV.x264-LOL.mp4
2014-01-30 13:13 - 2014-01-30 12:52 - 159089405 _____ () C:\Users\Owner\Downloads\Raising.Hope.S04E06.HDTV.x264-LOL.mp4
2014-01-30 13:13 - 2014-01-30 12:51 - 208112520 _____ () C:\Users\Owner\Downloads\Raising.Hope.S04E03.HDTV.x264-LOL.mp4
2014-01-30 13:04 - 2014-01-30 12:51 - 146217387 _____ () C:\Users\Owner\Downloads\Raising.Hope.S04E05.HDTV.x264-LOL.mp4
2014-01-29 20:36 - 2014-01-29 20:25 - 202691352 _____ () C:\Users\Owner\Downloads\Raising.Hope.S04E02.HDTV.x264-LOL.mp4
2014-01-29 13:16 - 2014-01-29 13:02 - 00000000 ____D () C:\Users\Owner\Downloads\Percy Jackson Sea of Monsters (2013)
2014-01-28 22:36 - 2014-01-28 20:24 - 00000000 ____D () C:\Users\Owner\Downloads\Black Dynamite Season 1 10 Episodes
2014-01-28 20:45 - 2014-01-28 20:23 - 00000000 ____D () C:\Users\Owner\Downloads\Black.Dynamite.2009.DVDRip.XviD-Emery1337x
2014-01-28 19:02 - 2014-01-28 18:39 - 189806747 _____ () C:\Users\Owner\Downloads\Raising.Hope.S04E01.HDTV.x264-LOL.mp4
2014-01-28 19:01 - 2014-01-28 18:29 - 00000000 ____D () C:\Users\Owner\Downloads\The Hunger Games Catching Fire (2013)
2014-01-28 18:50 - 2014-01-28 18:39 - 00000000 ____D () C:\Users\Owner\Downloads\[ www.Torrenting.com ] - I'm Gonna Git You Sucka (1988)-DVDRIp Xvid-THC
2014-01-27 20:47 - 2014-01-27 20:44 - 00000000 ____D () C:\Users\Owner\Downloads\The.Lesser.Blessed.2012 WEBRip XViD j****
2014-01-24 19:24 - 2014-01-24 19:24 - 00000000 ____D () C:\Users\Owner\AppData\Local\{CF3A6353-DFA9-4BC0-93EA-C764ED2F4E83}
2014-01-24 06:18 - 2014-01-24 06:18 - 00000000 ____D () C:\Users\Owner\AppData\Local\{33FC1982-1F4E-4C64-B163-F3665F9FDDE8}
2014-01-23 19:12 - 2014-01-23 19:11 - 18005296 _____ (Microsoft Corporation) C:\Users\Owner\Downloads\IE9-WindowsVista-x86-enu.exe
2014-01-23 19:09 - 2014-01-23 19:08 - 00179272 _____ () C:\Windows\Minidump\Mini012314-04.dmp
2014-01-23 18:49 - 2014-01-23 18:48 - 00252576 _____ () C:\Windows\Minidump\Mini012314-03.dmp
2014-01-23 18:28 - 2014-01-23 18:27 - 00035853 _____ () C:\Users\Owner\Downloads\Addition.txt
2014-01-23 18:20 - 2014-01-23 13:04 - 00000000 ____D () C:\Users\Owner\Downloads\Vikingdom (2013)
2014-01-23 18:18 - 2014-01-23 18:18 - 00000000 ____D () C:\Users\Owner\AppData\Local\{47C59368-A926-4306-9FF9-CB052FAD7F96}
2014-01-23 18:18 - 2010-06-09 20:50 - 00000000 ____D () C:\Users\Owner\AppData\Local\Deployment
2014-01-23 18:15 - 2014-01-23 18:15 - 00208416 _____ () C:\Windows\Minidump\Mini012314-02.dmp
2014-01-23 13:28 - 2014-01-23 13:27 - 00191928 _____ () C:\Windows\Minidump\Mini012314-01.dmp
2014-01-23 13:03 - 2014-01-23 13:02 - 00000000 ____D () C:\Users\Owner\Downloads\Valhalla Rising (2009)
2014-01-23 12:58 - 2014-01-23 12:58 - 01307736 _____ (BitTorrent Inc.) C:\Users\Owner\Downloads\utorrent.exe
2014-01-22 12:38 - 2014-01-22 12:37 - 00993600 _____ (DivX, LLC) C:\Users\Owner\Downloads\DivXInstaller.exe
2014-01-20 19:33 - 2006-11-02 04:33 - 00756378 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-01-20 17:58 - 2014-01-20 17:58 - 00000000 ____D () C:\Program Files\ESET
2014-01-20 17:57 - 2014-01-20 17:57 - 02347384 _____ (ESET) C:\Users\Owner\Downloads\esetsmartinstaller_enu.exe
2014-01-20 12:42 - 2014-01-20 12:42 - 00246852 _____ () C:\Users\Owner\Downloads\cwshredder.zip
2014-01-20 12:22 - 2014-01-20 12:21 - 05938328 _____ (ParetoLogic, Inc.) C:\Users\Owner\Downloads\RegCureProSetup.exe
2014-01-20 10:45 - 2014-01-19 22:45 - 00000000 ____D () C:\Users\Owner\AppData\Local\{36289C9B-B283-42FB-860D-65488FA092D4}
2014-01-19 10:45 - 2014-01-19 10:45 - 00000000 ____D () C:\Users\Owner\AppData\Local\{F9B47CAF-FB61-4B5F-AE15-31206B1E2066}
2014-01-19 07:50 - 2014-01-19 07:50 - 00000000 ____D () C:\ProgramData\Doctor Web
2014-01-19 01:00 - 2014-01-19 00:47 - 140590504 _____ () C:\Users\Owner\Downloads\qt91vjwt.exe
2014-01-19 00:05 - 2014-01-19 00:05 - 00000000 ____D () C:\Windows\erdnt
2014-01-18 23:38 - 2014-01-18 23:38 - 00000000 ____D () C:\Program Files\ZenSearch Updater
2014-01-18 23:17 - 2014-01-18 23:15 - 00000000 ____D () C:\Qoobox
2014-01-18 22:03 - 2014-01-18 22:03 - 00000000 ____D () C:\Users\Owner\AppData\Local\{B6A81868-696A-4C7C-B0E7-B0F35CB2A1CE}
2014-01-18 21:59 - 2006-11-02 05:18 - 00000000 ____D () C:\Windows\Resources
2014-01-18 21:35 - 2012-04-01 12:04 - 00000000 ____D () C:\Program Files\Supreme Commander 2
2014-01-18 14:07 - 2014-01-18 14:07 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Malwarebytes
2014-01-18 14:06 - 2014-01-18 14:06 - 00000906 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-18 14:06 - 2014-01-18 14:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-01-18 14:06 - 2014-01-18 14:06 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-01-18 14:05 - 2014-01-18 14:04 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Owner\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-18 09:08 - 2014-01-18 09:08 - 00000000 ____D () C:\ProgramData\Alwil Software
2014-01-18 09:08 - 2014-01-18 09:08 - 00000000 ____D () C:\Program Files\Alwil Software
2014-01-17 23:27 - 2014-01-17 23:27 - 00402696 _____ () C:\Users\Owner\Downloads\setup.exe
2014-01-17 23:19 - 2014-01-16 19:22 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-01-17 23:19 - 2012-12-15 20:09 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-01-17 23:04 - 2014-01-17 23:04 - 00000000 ____D () C:\Users\Owner\AppData\Local\{3A6E7400-24B4-4B5C-96CD-C2BA71080508}
2014-01-17 00:40 - 2014-01-16 22:00 - 00000000 ____D () C:\Users\Owner\Downloads\American Hustle 2013 DVDScr XViD AC3-FiNGERBLaST
2014-01-17 00:30 - 2014-01-16 21:48 - 00000000 ____D () C:\Users\Owner\Downloads\The.Wolf.of.Wall.Street.2013.DVDSCR.XviD-BiDA
2014-01-16 23:16 - 2014-01-16 21:55 - 732186624 _____ () C:\Users\Owner\Downloads\Iros.Sky.2012.XviD.700MB.avi
2014-01-16 21:54 - 2014-01-16 21:49 - 00000000 ____D () C:\Users\Owner\Downloads\Dallas.Buyers.Club.2013.DVDScr.XVID.AC3.HQ.Hive-CM8
2014-01-16 19:18 - 2014-01-16 19:18 - 00000000 ____D () C:\Users\Owner\AppData\Local\{4BBE17B8-B4C8-40C9-B634-687ED21AF0E4}
2014-01-16 18:56 - 2014-01-16 18:20 - 00000000 ____D () C:\Users\Owner\Downloads\Frozen 2013 DVDScr XViD AC3-FiNGERBLaST
2014-01-16 13:03 - 2014-01-16 12:57 - 00000000 ____D () C:\Users\Owner\Downloads\12.Years.a.Slave.2013.DVDScr.XVID.AC3.HQ.Hive-CM8
2014-01-16 09:59 - 2010-04-13 16:54 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-16 03:01 - 2010-04-15 09:15 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-15 12:27 - 2014-01-15 12:27 - 00000000 ____D () C:\Users\Owner\AppData\Local\{6DC1AB7F-8A8D-411D-88C3-564C460CAE49}
2014-01-14 23:48 - 2012-10-21 18:36 - 00091136 _____ () C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-14 09:01 - 2014-01-14 09:01 - 00000000 ____D () C:\Users\Owner\AppData\Local\{FCF885CF-C670-4042-ADD9-05665C91791D}
2014-01-14 08:43 - 2014-01-14 08:41 - 00000000 ____D () C:\Users\Owner\Downloads\Riddick (2013) DVDRip XviD-MAXSPEED
2014-01-13 21:04 - 2014-01-13 18:53 - 00000000 ____D () C:\Users\Owner\Downloads\Rush (2013) [1080p]
2014-01-13 21:01 - 2014-01-13 21:01 - 00000000 ____D () C:\Users\Owner\AppData\Local\{9CBB5B70-0FDC-48E1-82ED-2FEC4226FC2C}
2014-01-13 20:06 - 2010-04-13 14:38 - 00000000 ____D () C:\Users\Owner
2014-01-13 18:51 - 2014-01-13 18:50 - 00000000 ____D () C:\Users\Owner\Downloads\Gravity 2013 DVDSCR XVID AC3-MiLLENiUM
2014-01-12 20:14 - 2014-01-12 20:14 - 00000000 ____D () C:\Users\Owner\AppData\Local\{FA4B3C26-C510-4F4C-825B-3E7D7621F8F3}
2014-01-11 18:49 - 2014-01-11 17:30 - 00000000 ____D () C:\Users\Owner\Downloads\Man of Steel (2013)
2014-01-11 18:41 - 2014-01-11 18:41 - 00000859 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-01-11 18:38 - 2014-01-11 18:38 - 79450248 _____ () C:\Users\Owner\Downloads\vlcmediaplayer-setup.exe
2014-01-11 18:36 - 2014-01-08 19:03 - 00000000 ____D () C:\Users\Owner\Downloads\Captain.Phillips.2013.DVDRip.X264-SPARKS[rarbg]
2014-01-11 18:35 - 2014-01-11 18:35 - 00000000 ____D () C:\Users\Owner\Desktop\no kata
2014-01-11 18:34 - 2014-01-11 18:34 - 00040681 _____ () C:\Users\Owner\Downloads\captain-phillips-2013-english-yify-4417.zip
2014-01-11 18:25 - 2014-01-11 17:27 - 00000000 ____D () C:\Users\Owner\Downloads\Insidious Chapter 2 (2013)
2014-01-11 17:24 - 2014-01-11 17:24 - 00000000 ____D () C:\Users\Owner\AppData\Local\{6E2903FF-5477-47B7-9C1C-42195072BCAF}
2014-01-11 10:43 - 2014-01-11 10:43 - 00000000 ____D () C:\Users\Joey\Documents\TikGames
2014-01-11 10:42 - 2014-01-11 10:42 - 00000000 ____D () C:\Users\Joey\AppData\Roaming\RealNetworks
2014-01-11 10:40 - 2011-06-22 00:12 - 00061816 _____ () C:\Users\Joey\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-11 01:01 - 2010-05-07 15:41 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-01-10 22:08 - 2014-01-10 22:08 - 00000000 ____D () C:\Users\Owner\AppData\Local\{3FDBD797-7DFA-4CDC-95D9-F6C83A0AC5FE}
2014-01-09 03:49 - 2014-01-08 19:03 - 1353078630 _____ () C:\Users\Owner\Downloads\Cloudy.With.a.Chance.Of.Meatballs.2.2013.HDTV.AC3.XViD-MEATYBALLS.avi

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-07 18:47

==================== End Of Log ============================

 

[Broni]

Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

[jarrow]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 07-02-2014
Ran by Owner at 2014-02-09 13:18:56 Run:2
Running from C:\Users\Owner\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
URLSearchHook: HKCU - (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File
SearchScopes: HKLM - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678
SearchScopes: HKLM - {8A96AF9E-4074-43b7-BEA3-87217BDA74C8} URL = http://www.searchqu.com/web?src=ieb&q={searchTerms}
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678
SearchScopes: HKCU - DefaultScope {1FB0FC6A-5601-44F0-92BC-163CB906969E} URL = http://search.findwide.com/serp?gui...ction=default_search&serpv=22&k={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/web/{sear...00762&mntrId=d444a63f000000000000001bb9a64b02
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/redirect?c...pn_sauid=D33BBA30-0D2C-458D-ADDF-6B10AE2E51E5
SearchScopes: HKCU - {1FB0FC6A-5601-44F0-92BC-163CB906969E} URL = http://search.findwide.com/serp?gui...ction=default_search&serpv=22&k={searchTerms}
SearchScopes: HKCU - {8A96AF9E-4074-43b7-BEA3-87217BDA74C8} URL = http://www.searchqu.com/web?src=ieb&q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678
BHO: ZenSearch - {EC740D8D-BAA6-4BAF-9183-2406AB943D3A} - C:\Program Files\ZenSearch\IeZenSearch.dll (ZenSearch ApS)
C:\Program Files\ZenSearch
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File
FF SelectedSearchEngine: ZenSearch
FF DefaultSearchEngine: FindWide
FF SearchEngineOrder.1: Ask.com
FF Homepage: hxxp://search.findwide.com/?guid={E095C8E1-DDCA-4CB1-99C8-522712811234}&serpv=22
FF Keyword.URL: hxxp://search.findwide.com/serp?guid={E095C8E1-DDCA-4CB1-99C8-522712811234}&action=default_search&serpv=22&k=
FF SearchPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\0qflzo3p.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\0qflzo3p.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\0qflzo3p.default\searchplugins\ZenSearch.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml
FF Extension: Babylon - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\0qflzo3p.default\Extensions\ffxtlbr@babylon.com [2011-10-31]
FF Extension: ZenSearch - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\0qflzo3p.default\Extensions\ZenSearch@ZenSearch.com [2014-01-18]
FF Extension: uTorrentBar Community Toolbar - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\0qflzo3p.default\Extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} [2013-02-17]
FF Extension: FindWide Toolbar - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\0qflzo3p.default\Extensions\toolbar10803@findwide.com.xpi [2014-01-11]
CHR HomePage: chrome://newtab/
CHR DefaultSearchKeyword: zensearch
CHR DefaultSearchProvider: ZenSearch
CHR DefaultSearchURL: http://www.zensearch.com/?q={searchTerms}
CHR Extension: (ZenSearch) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lificnbhpecdikcjmcpdinkjbigomafg [2014-01-18]
2014-01-18 23:38 - 2014-02-06 22:15 - 00000000 ____D () C:\Program Files\ZenSearch
2014-01-18 23:38 - 2014-01-18 23:38 - 00000000 ____D () C:\Program Files\ZenSearch Updater

*****************

HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1FB0FC6A-5601-44F0-92BC-163CB906969E} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{1FB0FC6A-5601-44F0-92BC-163CB906969E} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EC740D8D-BAA6-4BAF-9183-2406AB943D3A} => Key deleted successfully.
HKCR\CLSID\{EC740D8D-BAA6-4BAF-9183-2406AB943D3A} => Key deleted successfully.
C:\Program Files\ZenSearch => Moved successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Value deleted successfully.
HKCR\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} => Value deleted successfully.
HKCR\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} => Key not found.
Firefox SelectedSearchEngine deleted successfully.
Firefox DefaultSearchEngine deleted successfully.
Firefox SearchEngineOrder.1 deleted successfully.
Firefox homepage deleted successfully.
Firefox Keyword.URL deleted successfully.
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\0qflzo3p.default\searchplugins\askcom.xml => Moved successfully.
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\0qflzo3p.default\searchplugins\conduit.xml => Moved successfully.
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\0qflzo3p.default\searchplugins\ZenSearch.xml => Moved successfully.
C:\Program Files\mozilla firefox\searchplugins\babylon.xml => Moved successfully.
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\0qflzo3p.default\Extensions\ffxtlbr@babylon.com => Moved successfully.
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\0qflzo3p.default\Extensions\ZenSearch@ZenSearch.com => Moved successfully.
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\0qflzo3p.default\Extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} => Moved successfully.
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\0qflzo3p.default\Extensions\toolbar10803@findwide.com.xpi => Moved successfully.
CHR HomePage: chrome://newtab/ ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchKeyword: zensearch ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchProvider: ZenSearch ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchURL: http://www.zensearch.com/?q={searchTerms} ==> The Chrome "Settings" can be used to fix the entry.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lificnbhpecdikcjmcpdinkjbigomafg => Moved successfully.
"C:\Program Files\ZenSearch" => File/Directory not found.
C:\Program Files\ZenSearch Updater => Moved successfully.

==== End of Fixlog ====

 

[Broni]

Please download AdwCleaner by Xplode onto your desktop.

• Close all open programs and internet browsers.
• Double click on adwcleaner.exe to run the tool.
• Click on Scan button.
• When the scan has finished click on Clean button.
• Your computer will be rebooted automatically. A text file will open after the restart.
• Please post the contents of that logfile with your next reply.
• You can find the logfile at C:\AdwCleaner[S1].txt as well.

Please download Junkware Removal Tool to your desktop.

• Shut down your protection software now to avoid potential conflicts.
• Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Post the contents of JRT.txt into your next message.

Download OTL to your Desktop.
Alternate download: http://www.itxassociates.com/OT-Tools/OTL.exe

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• Click the Scan All Users checkbox.
• Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
• When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.