slamz
-
Posts
13 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by slamz
-
Cheers, thanks for the help.
-
Computer's running fine, it's not been flagged up any more by ESET. Updates in progress.
-
Results of screen317's Security Check version 0.99.74 Windows 7 x64 (UAC is disabled!) Out of date service pack!! ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Disabled! ESET Smart Security 4.2 Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Adobe Flash Player 10 Flash Player out of Date! Adobe Flash Player 11.9.900.117 Adobe Reader 10.1.3 Adobe Reader out of Date! Mozilla Firefox (24.0) ````````Process Check: objlist.exe by Laurent```````` ESET NOD32 Antivirus egui.exe ESET NOD32 Antivirus ekrn.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 8% ````````````````````End of Log``````````````````````
-
All done, can't find it anymore.
-
Scanning now, taking a while due to size. Over half way done and nothing as yet though!
-
Hi Only issue was ESET flagging it and being unable to remove it. Pc seems to be running ok currently
-
Lol I've run them as I'm not the sort of mindless fool that will just leave something like this, I've run them to try and detect it, as they were the tools run in another thread I searched for about this. But these are the other bits: DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 8.0.7600.16385 Run by Sam at 22:07:48 on 2013-10-07 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.44.1033.18.8092.5389 [GMT 1:00] . AV: ESET Smart Security 4.2 *Enabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5} SP: ESET Smart Security 4.2 *Enabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: ESET Personal firewall *Enabled* {F3340042-195E-BB41-42D1-CDB495BB46DE} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\atieclxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.19\AsusFanControlService.exe C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k secsvcs D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe C:\Windows\system32\WUDFHost.exe C:\Program Files\ESET\ESET Smart Security\egui.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe C:\Users\Sam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HWMonitor.exe C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFile\WiFileTransfer.exe C:\Windows\SysWOW64\rundll32.exe C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelp.exe C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetiCtrlTray.exe C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AsDLNAServerReal.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll uRun: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun mRun: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe mRun: [ASUS WiFi GO! FileTransfer Execute] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFile\WiFileTransfer.exe mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.11.125\AsusWSPanel.exe /S mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun mRun: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry mRun: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe" StartupFolder: C:\Users\Sam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HWMonitor.exe uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 TCP: NameServer = 192.168.1.1 TCP: Interfaces\{22679F42-921B-4199-A402-5158F8AE03B5} : DHCPNameServer = 192.168.1.1 SSODL: WebCheck - <orphaned> x64-Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Sam\AppData\Roaming\Mozilla\Firefox\Profiles\ubby32zk.default\ FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll . ============= SERVICES / DRIVERS =============== . R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2013-10-4 82560] R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2013-10-4 42624] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-10-4 283200] R1 ndisrd;WinpkFilter LightWeight Filter;C:\Windows\System32\drivers\ndisrd.sys [2013-10-4 32400] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-8-30 239616] R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-8-30 344064] R2 AODDriver4.2;AODDriver4.2;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-11-20 57512] R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [2012-6-1 920736] R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2012-6-1 951936] R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [2013-10-4 149120] R2 AsusFanControlService;AsusFanControlService;C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.19\AsusFanControlService.exe [2013-10-4 408960] R2 eamonm;eamonm;C:\Windows\System32\drivers\eamonm.sys [2010-3-24 163888] R2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2010-3-24 810120] R2 epfwwfp;epfwwfp;C:\Windows\System32\drivers\epfwwfp.sys [2010-3-24 50600] R2 MBAMScheduler;MBAMScheduler;D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-10-7 418376] R2 MBAMService;MBAMService;D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-10-7 701512] R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-11-3 130536] R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-11-3 395752] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-7-5 96256] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-10-7 25928] R3 RTCore64;RTCore64;C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2010-5-27 14648] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-10-4 726160] R3 rzdaendpt;Razer DeathAdder end point;C:\Windows\System32\drivers\rzdaendpt.sys [2013-9-13 33464] R3 rzp1endpt;Razer platform 1 end point;C:\Windows\System32\drivers\rzp1endpt.sys [2013-9-13 39096] R3 rzudd;Razer Mouse Driver;C:\Windows\System32\drivers\rzudd.sys [2013-9-13 142008] R3 rzvkeyboard;Razer Virtual Keyboard Driver;C:\Windows\System32\drivers\rzvkeyboard.sys [2013-9-13 30904] R3 rzvmouse;Razer Virtual Mouse;C:\Windows\System32\drivers\rzvmouse.sys [2013-9-13 30904] R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2013-10-4 58536] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856] S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2013-10-4 79360] S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;E:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [2013-9-5 166112] . =============== Created Last 30 ================ . 2013-10-07 20:24:16 -------- d-sh--w- C:\$RECYCLE.BIN 2013-10-07 20:17:03 98816 ----a-w- C:\Windows\sed.exe 2013-10-07 20:17:03 256000 ----a-w- C:\Windows\PEV.exe 2013-10-07 20:17:03 208896 ----a-w- C:\Windows\MBR.exe 2013-10-07 19:14:50 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2013-10-07 17:37:23 -------- d-----w- C:\ProgramData\Kaspersky Lab 2013-10-07 17:16:23 -------- d-----w- C:\Users\Sam\AppData\Roaming\Malwarebytes 2013-10-07 17:15:45 -------- d-----w- C:\ProgramData\Malwarebytes 2013-10-07 17:15:43 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-10-07 17:13:21 -------- d-----w- C:\Program Files (x86)\ESET 2013-10-07 12:44:25 -------- d-----w- C:\Users\Sam\AppData\Roaming\uTorrent 2013-10-07 10:06:54 -------- d-----w- C:\Program Files (x86)\MSI Afterburner 2013-10-06 19:26:14 53488 ------w- C:\Windows\System32\drivers\PxHlpa64.sys 2013-10-06 19:26:14 10224 ------w- C:\Windows\System32\drivers\cdralw2k.sys 2013-10-06 19:26:14 10224 ------w- C:\Windows\System32\drivers\cdr4_xp.sys 2013-10-06 19:26:14 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine 2013-10-06 18:35:42 -------- d-----w- C:\Users\Sam\AppData\Roaming\avidemux 2013-10-06 18:31:47 -------- d-----w- C:\Users\Sam\AppData\Local\PunkBuster 2013-10-06 18:20:29 -------- d-----w- C:\ProgramData\Electronic Arts 2013-10-06 18:20:29 -------- d-----w- C:\Program Files (x86)\Origin Games 2013-10-06 18:16:55 -------- d-----w- C:\Users\Sam\AppData\Local\ESN 2013-10-06 16:08:17 -------- d--h--w- C:\Program Files (x86)\Common Files\EAInstaller 2013-10-06 16:08:13 -------- d-----w- C:\Program Files (x86)\Battlelog Web Plugins 2013-10-06 16:06:21 215416 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe 2013-10-06 16:06:21 215416 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0 2013-10-06 16:06:20 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe 2013-10-05 20:21:15 -------- d-----w- C:\Users\Sam\AppData\Local\Razer 2013-10-05 17:32:30 -------- d-----w- C:\Users\Sam\AppData\Roaming\Xfire 2013-10-05 17:32:30 -------- d-----w- C:\ProgramData\Xfire 2013-10-05 07:58:09 -------- d-----w- C:\Users\Sam\AppData\Roaming\Origin 2013-10-05 07:58:08 -------- d-----w- C:\Users\Sam\AppData\Local\Origin 2013-10-05 07:51:58 -------- d-----w- C:\ProgramData\Origin 2013-10-04 22:02:53 -------- d-----w- C:\Users\Sam\AppData\Local\Programs 2013-10-04 21:45:01 -------- d-----w- C:\Users\Sam\AppData\Local\IsolatedStorage 2013-10-04 21:45:01 -------- d-----w- C:\Users\Sam\AppData\Local\Futuremark 2013-10-04 21:44:25 -------- d-----w- C:\Users\Sam\AppData\Roaming\ts3overlay 2013-10-04 21:25:57 -------- d-----w- C:\Users\Sam\AppData\Local\Macromedia 2013-10-04 21:24:51 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-10-04 21:24:51 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-10-04 21:24:22 -------- d-----w- C:\Users\Sam\AppData\Local\Adobe 2013-10-04 21:20:49 3972 ----a-w- C:\Windows\SysWow64\drivers\PciBus.sys 2013-10-04 21:20:49 12744 ----a-w- C:\Windows\SysWow64\drivers\Entech64.sys 2013-10-04 21:20:48 27672 ----a-w- C:\Windows\SysWow64\drivers\Entech.sys 2013-10-04 21:20:48 -------- d-----w- C:\Windows\SysWow64\Futuremark 2013-10-04 21:15:30 110592 ----a-w- C:\Windows\System32\rtvcvfw32.dll 2013-10-04 21:13:23 -------- d-----w- C:\Users\Sam\AppData\Local\AMD 2013-10-04 21:13:21 -------- d-----w- C:\Users\Sam\AppData\Local\ATI 2013-10-04 21:13:11 0 ----a-w- C:\Windows\ativpsrm.bin 2013-10-04 21:12:09 7062 ----a-w- C:\Windows\SysWow64\audiopid.vxd 2013-10-04 21:11:30 -------- d-----w- C:\Program Files (x86)\Common Files\Creative 2013-10-04 21:11:25 -------- d--h--w- C:\Program Files (x86)\Creative Installation Information 2013-10-04 21:11:24 419840 ----a-w- C:\Windows\System32\wrap_oal.dll 2013-10-04 21:11:24 413696 ----a-w- C:\Windows\SysWow64\wrap_oal.dll 2013-10-04 21:11:24 133632 ----a-w- C:\Windows\System32\OpenAL32.dll 2013-10-04 21:11:23 2873820 ------w- C:\Windows\SysWow64\Sens_oal.dll 2013-10-04 21:11:23 1908736 ------w- C:\Windows\System32\Sens_oal.dll 2013-10-04 21:11:16 -------- d-----w- C:\Program Files (x86)\Common Files\Creative Labs Shared 2013-10-04 21:11:09 -------- d-----w- C:\Program Files\Creative 2013-10-04 21:10:40 89088 ----a-w- C:\Windows\System32\CmdRtr64.DLL 2013-10-04 21:10:40 73728 ----a-w- C:\Windows\SysWow64\CmdRtr.DLL 2013-10-04 21:10:40 190976 ----a-w- C:\Windows\System32\APOMgr64.DLL 2013-10-04 21:10:40 148480 ----a-w- C:\Windows\SysWow64\APOMngr.DLL 2013-10-04 20:52:07 -------- d-----w- C:\Program Files (x86)\AMD AVT 2013-10-04 20:52:06 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies 2013-10-04 20:51:46 -------- d-----w- C:\ProgramData\AMD 2013-10-04 20:51:40 -------- d-----w- C:\Program Files\Common Files\ATI Technologies 2013-10-04 20:51:17 -------- d-----w- C:\Program Files (x86)\ATI Technologies 2013-10-04 20:47:42 -------- d-----w- C:\ProgramData\Package Cache 2013-10-04 20:47:37 11264 ----a-w- C:\Windows\SysWow64\INRES.DLL 2013-10-04 20:47:37 10752 ----a-w- C:\Windows\System32\INRES.DLL 2013-10-04 20:47:37 -------- d-----w- C:\Program Files (x86)\Creative 2013-10-04 20:47:28 729088 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll 2013-10-04 20:47:28 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll 2013-10-04 20:47:28 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe 2013-10-04 20:47:28 266240 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll 2013-10-04 20:47:28 192512 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll 2013-10-04 20:47:24 311428 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll 2013-10-04 20:47:24 188548 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll 2013-10-04 20:46:39 -------- d-----w- C:\AMD 2013-10-04 20:37:30 -------- d-----w- C:\Program Files (x86)\Common Files\Steam 2013-10-04 20:32:39 9694160 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{950C9650-F23D-4610-B9E5-7472C6AD96B5}\mpengine.dll 2013-10-04 20:32:39 278800 ------w- C:\Windows\System32\MpSigStub.exe 2013-10-04 20:24:47 -------- d-----w- C:\Users\Sam\AppData\Roaming\ESET 2013-10-04 20:24:47 -------- d-----w- C:\Users\Sam\AppData\Local\ESET 2013-10-04 20:24:30 -------- d-----w- C:\Program Files\ESET 2013-10-04 20:17:20 283200 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys 2013-10-04 20:17:17 -------- d-----w- C:\Users\Sam\AppData\Roaming\DAEMON Tools Pro 2013-10-04 20:17:16 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Pro 2013-10-04 20:17:15 -------- d-----w- C:\ProgramData\DAEMON Tools Pro 2013-10-04 20:15:48 -------- d-----w- C:\Program Files\CPUID 2013-10-04 20:15:47 1048576 ----a-w- C:\Windows\PE_Rom.dll 2013-10-04 20:15:42 -------- d-----w- C:\Users\Sam\AppData\Roaming\ASUS WebStorage 2013-10-04 20:15:40 -------- d-----w- C:\ProgramData\ASUS WebStorage 2013-10-04 20:15:29 -------- d-----w- C:\ProgramData\ASUS OC Profiles 2013-10-04 20:15:27 -------- d-----w- C:\ProgramData\ASUS PowerControl Profiles 2013-10-04 20:13:56 -------- d-----w- C:\Windows\AsusInstAll 2013-10-04 20:13:46 -------- d-----w- C:\Program Files\ASUS 2013-10-04 20:12:43 32400 ----a-r- C:\Windows\System32\drivers\ndisrd.sys 2013-10-04 20:11:51 14848 ----a-w- C:\Windows\SysWow64\drivers\AiChargerPlus.sys 2013-10-04 20:11:25 184320 ----a-w- C:\Windows\SysWow64\drivers\UpdateHelper.dll 2013-10-04 20:11:15 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll 2013-10-04 20:11:15 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll 2013-10-04 20:11:15 225280 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll 2013-10-04 20:11:15 176128 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll 2013-10-04 20:10:21 -------- d-----w- C:\ProgramData\ASUS 2013-10-04 20:10:06 28672 ----a-r- C:\Windows\SysWow64\AsIO.dll 2013-10-04 20:10:06 15232 ----a-r- C:\Windows\SysWow64\drivers\AsIO.sys 2013-10-04 20:10:06 -------- d-----w- C:\Program Files (x86)\ASUS 2013-10-04 20:10:02 929844 ------w- C:\Windows\SysWow64\drivers\MFDLL\MFC42D.DLL 2013-10-04 20:10:02 385100 ------w- C:\Windows\SysWow64\drivers\MFDLL\MSVCRTD.DLL 2013-10-04 20:10:02 343040 ------w- C:\Windows\SysWow64\drivers\MFDLL\msvcrt.dll 2013-10-04 20:10:02 11832 ------w- C:\Windows\SysWow64\drivers\AsInsHelp64.sys 2013-10-04 20:10:02 1028096 ------w- C:\Windows\SysWow64\drivers\MFDLL\MFC42.DLL 2013-10-04 20:10:02 -------- d-----w- C:\Windows\SysWow64\drivers\MFDLL 2013-10-04 20:09:37 -------- d-----w- C:\Program Files (x86)\ASM104xUSB3 2013-10-04 20:08:13 -------- d--h--w- C:\Program Files (x86)\Temp 2013-10-04 20:08:11 757760 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iKernel.dll 2013-10-04 20:08:11 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ctor.dll 2013-10-04 20:08:11 65024 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ISBEW64.exe 2013-10-04 20:08:11 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe 2013-10-04 20:08:11 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll 2013-10-04 20:08:11 274432 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iscript.dll 2013-10-04 20:08:11 204800 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iuser.dll 2013-10-04 20:08:10 331908 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\setup.dll 2013-10-04 20:08:10 200836 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iGdi.dll 2013-10-04 20:07:08 74344 ----a-w- C:\Windows\System32\RtNicProp64.dll 2013-10-04 20:07:08 726160 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys 2013-10-04 20:07:08 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll 2013-10-04 20:07:04 -------- d-----w- C:\Program Files (x86)\Realtek 2013-10-04 20:06:34 -------- d-----w- C:\Windows\AsDmiHtm 2013-10-04 20:06:17 -------- d-----w- C:\Program Files (x86)\AMD APP 2013-10-04 20:06:08 58536 ----a-r- C:\Windows\System32\drivers\usbfilter.sys 2013-10-04 20:04:53 -------- d-sh--w- C:\Windows\Installer 2013-10-04 20:04:33 -------- d-----w- C:\Program Files\ATI Technologies 2013-10-04 20:04:33 -------- d-----w- C:\Program Files\ATI 2013-10-04 20:04:11 16896 ----a-w- C:\Windows\AsTaskSched.dll 2013-10-04 20:03:59 295296 ----a-w- C:\Windows\System32\drivers\volsnap.sys 2013-10-04 19:59:45 -------- d-----w- C:\Recovery 2013-10-04 11:51:57 -------- d-----w- C:\Windows\Panther 2013-09-27 11:25:06 799744 ----a-w- C:\Windows\SysWow64\rzdevicedll.dll 2013-09-19 02:09:42 57344 ----a-w- C:\Windows\SysWow64\rzdevinfo.dll 2013-09-19 02:09:42 154112 ----a-w- C:\Windows\SysWow64\rztouchdll.dll 2013-09-19 02:09:38 117248 ----a-w- C:\Windows\SysWow64\rzdisplaydll.dll 2013-09-19 02:09:36 296448 ----a-w- C:\Windows\SysWow64\rzaudiodll.dll 2013-09-13 05:50:10 39096 ----a-w- C:\Windows\System32\drivers\rzp1endpt.sys 2013-09-13 05:50:04 33464 ----a-w- C:\Windows\System32\drivers\rzdaendpt.sys 2013-09-13 05:50:02 30904 ----a-w- C:\Windows\System32\drivers\rzvmouse.sys 2013-09-13 05:50:00 30904 ----a-w- C:\Windows\System32\drivers\rzvkeyboard.sys 2013-09-13 05:49:50 142008 ----a-w- C:\Windows\System32\drivers\rzudd.sys . ==================== Find3M ==================== . 2013-08-31 00:14:08 78432 ----a-w- C:\Windows\System32\atimpc64.dll 2013-08-31 00:14:08 78432 ----a-w- C:\Windows\System32\amdpcom64.dll 2013-08-31 00:14:06 71704 ----a-w- C:\Windows\SysWow64\atimpc32.dll 2013-08-31 00:14:06 71704 ----a-w- C:\Windows\SysWow64\amdpcom32.dll 2013-08-31 00:14:00 142792 ----a-w- C:\Windows\System32\atiuxp64.dll 2013-08-31 00:14:00 125824 ----a-w- C:\Windows\SysWow64\atiuxpag.dll 2013-08-31 00:13:58 97984 ----a-w- C:\Windows\SysWow64\atiu9pag.dll 2013-08-31 00:13:58 114488 ----a-w- C:\Windows\System32\atiu9p64.dll 2013-08-31 00:13:56 1233080 ----a-w- C:\Windows\System32\aticfx64.dll 2013-08-31 00:13:54 1027544 ----a-w- C:\Windows\SysWow64\aticfx32.dll 2013-08-31 00:13:50 9464840 ----a-w- C:\Windows\System32\atidxx64.dll 2013-08-31 00:13:46 8215992 ----a-w- C:\Windows\SysWow64\atidxx32.dll 2013-08-31 00:13:42 6176008 ----a-w- C:\Windows\SysWow64\atiumdva.dll 2013-08-31 00:13:38 6189416 ----a-w- C:\Windows\SysWow64\atiumdag.dll 2013-08-31 00:13:32 6767240 ----a-w- C:\Windows\System32\atiumd6a.dll 2013-08-31 00:13:30 7256496 ----a-w- C:\Windows\System32\atiumd64.dll 2013-08-31 00:11:28 12528640 ----a-w- C:\Windows\System32\drivers\atikmdag.sys 2013-08-30 23:48:44 127488 ----a-w- C:\Windows\System32\coinst_13.152.dll 2013-08-30 23:48:04 229376 ----a-w- C:\Windows\System32\clinfo.exe 2013-08-30 23:47:50 995342 ----a-w- C:\Windows\SysWow64\amdocl_as32.exe 2013-08-30 23:47:50 798734 ----a-w- C:\Windows\SysWow64\amdocl_ld32.exe 2013-08-30 23:47:50 1187342 ----a-w- C:\Windows\System32\amdocl_as64.exe 2013-08-30 23:47:50 1061902 ----a-w- C:\Windows\System32\amdocl_ld64.exe 2013-08-30 23:47:46 98816 ----a-w- C:\Windows\System32\OpenVideo64.dll 2013-08-30 23:47:40 83456 ----a-w- C:\Windows\SysWow64\OpenVideo.dll 2013-08-30 23:47:36 86528 ----a-w- C:\Windows\System32\OVDecode64.dll 2013-08-30 23:47:30 73216 ----a-w- C:\Windows\SysWow64\OVDecode.dll 2013-08-30 23:47:14 28192256 ----a-w- C:\Windows\System32\amdocl64.dll 2013-08-30 23:45:04 23760896 ----a-w- C:\Windows\SysWow64\amdocl.dll 2013-08-30 23:43:12 63488 ----a-w- C:\Windows\System32\OpenCL.dll 2013-08-30 23:43:08 57344 ----a-w- C:\Windows\SysWow64\OpenCL.dll 2013-08-30 23:35:00 25387520 ----a-w- C:\Windows\System32\atio6axx.dll 2013-08-30 23:18:20 368640 ----a-w- C:\Windows\System32\atiapfxx.exe 2013-08-30 23:18:12 62464 ----a-w- C:\Windows\System32\aticalrt64.dll 2013-08-30 23:18:10 52224 ----a-w- C:\Windows\SysWow64\aticalrt.dll 2013-08-30 23:18:02 55808 ----a-w- C:\Windows\System32\aticalcl64.dll 2013-08-30 23:18:00 49152 ----a-w- C:\Windows\SysWow64\aticalcl.dll 2013-08-30 23:17:46 15716352 ----a-w- C:\Windows\System32\aticaldd64.dll 2013-08-30 23:14:36 14302208 ----a-w- C:\Windows\SysWow64\aticaldd.dll 2013-08-30 23:13:58 21400064 ----a-w- C:\Windows\SysWow64\atioglxx.dll 2013-08-30 22:59:02 442368 ----a-w- C:\Windows\System32\atidemgy.dll 2013-08-30 22:58:50 26112 ----a-w- C:\Windows\System32\atimuixx.dll 2013-08-30 22:58:44 571904 ----a-w- C:\Windows\System32\atieclxx.exe 2013-08-30 22:57:54 239616 ----a-w- C:\Windows\System32\atiesrxx.exe 2013-08-30 22:56:30 190976 ----a-w- C:\Windows\System32\atitmm64.dll 2013-08-30 22:33:22 784384 ----a-w- C:\Windows\System32\atiadlxx.dll 2013-08-30 22:33:12 594944 ----a-w- C:\Windows\SysWow64\atiadlxy.dll 2013-08-30 22:33:08 43520 ----a-w- C:\Windows\System32\drivers\ati2erec.dll 2013-08-30 22:32:58 75264 ----a-w- C:\Windows\System32\atig6pxx.dll 2013-08-30 22:32:54 69632 ----a-w- C:\Windows\SysWow64\atiglpxx.dll 2013-08-30 22:32:54 69632 ----a-w- C:\Windows\System32\atiglpxx.dll 2013-08-30 22:32:50 100352 ----a-w- C:\Windows\System32\atig6txx.dll 2013-08-30 22:32:42 96768 ----a-w- C:\Windows\SysWow64\atigktxx.dll 2013-08-30 22:32:32 618496 ----a-w- C:\Windows\System32\drivers\atikmpag.sys 2013-08-30 18:58:50 51200 ----a-w- C:\Windows\System32\kdbsdk64.dll 2013-08-30 18:53:48 38912 ----a-w- C:\Windows\SysWow64\kdbsdk32.dll . ============= FINISH: 22:08:00.15 =============== DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume1 Install Date: 04/10/2013 03:55:10 System Uptime: 07/10/2013 21:31:07 (1 hours ago) . Motherboard: ASUSTeK COMPUTER INC. | | SABERTOOTH 990FX R2.0 Processor: AMD FX-8320 Eight-Core Processor | Socket 942 | 4021/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 56 GiB total, 18.759 GiB free. D: is FIXED (NTFS) - 1863 GiB total, 1574.167 GiB free. E: is FIXED (NTFS) - 233 GiB total, 113.091 GiB free. F: is FIXED (NTFS) - 466 GiB total, 37.268 GiB free. G: is FIXED (NTFS) - 298 GiB total, 5.726 GiB free. H: is CDROM () I: is Removable J: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . . ==== Installed Programs ====================== . 3DMark 11 Adobe Flash Player 10 ActiveX Adobe Flash Player 11 Plugin Adobe Photoshop Lightroom 2.4 64-bit Adobe Reader X (10.1.3) MUI AI Suite II AMD Accelerated Video Transcoding AMD APP SDK Runtime AMD Catalyst Control Center AMD Catalyst Install Manager AMD Drag and Drop Transcoding AMD Fuel AMD Media Foundation Decoders Asmedia ASM104x USB 3.0 Host Controller Driver ASUS Boot Setting ASUS WebStorage Sync Agent µTorrent Avidemux 2.6 (32-bit) Battlefield 4™ Beta Battlelog Web Plugins Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CPUID ASUS CPU-Z 1.61.3 Creative Audio Control Panel Creative Software AutoUpdate Creative Sound Blaster Properties x64 Edition DAEMON Tools Pro ESET Online Scanner v3 ESET Smart Security ESN Sonar FileZilla Client 3.6.0.2 Futuremark SystemInfo Geeks3D FurMark 1.11.0 Malwarebytes Anti-Malware version 1.75.0.1300 Microsoft .NET Framework 4.5 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 Mozilla Firefox 24.0 (x86 en-US) Mozilla Maintenance Service MSI Afterburner 2.1.0 Origin PunkBuster Services Razer Synapse 2.0 Realtek Ethernet Controller Driver VLC media player 2.0.5 WinZip 16.5 . ==== End Of File ===========================
-
Security check: Results of screen317's Security Check version 0.99.74 Windows 7 x64 (UAC is disabled!) Out of date service pack!! ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Disabled! ESET Smart Security 4.2 Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.75.0.1300 Adobe Flash Player 10 Flash Player out of Date! Adobe Flash Player 11.8.800.168 Adobe Reader 10.1.3 Adobe Reader out of Date! Mozilla Firefox (24.0) ````````Process Check: objlist.exe by Laurent```````` ESET NOD32 Antivirus ekrn.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 11% Defragment your hard drive soon! (Do NOT defrag if SSD!) ````````````````````End of Log``````````````````````
-
ComboFix 13-10-04.02 - Sam 07/10/2013 21:18:32.1.8 - x64 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.44.1033.18.8092.3584 [GMT 1:00] Running from: c:\users\Sam\Downloads\ComboFix.exe AV: ESET Smart Security 4.2 *Enabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5} FW: ESET Personal firewall *Enabled* {F3340042-195E-BB41-42D1-CDB495BB46DE} SP: ESET Smart Security 4.2 *Enabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Resident AV is active . . . ((((((((((((((((((((((((( Files Created from 2013-09-07 to 2013-10-07 ))))))))))))))))))))))))))))))) . . 2013-10-07 20:22 . 2013-10-07 20:22 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-10-07 19:14 . 2013-10-07 20:04 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable) 2013-10-07 17:37 . 2013-10-07 17:37 -------- d-----w- c:\programdata\Kaspersky Lab 2013-10-07 17:15 . 2013-10-07 17:15 -------- d-----w- c:\programdata\Malwarebytes 2013-10-07 17:15 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-10-07 17:13 . 2013-10-07 17:13 -------- d-----w- c:\program files (x86)\ESET 2013-10-07 10:06 . 2013-10-06 17:42 -------- d-----w- c:\program files (x86)\MSI Afterburner 2013-10-06 19:26 . 2013-10-06 19:26 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine 2013-10-06 19:26 . 2009-06-04 08:40 53488 ------w- c:\windows\system32\drivers\PxHlpa64.sys 2013-10-06 19:26 . 2009-06-04 08:40 10224 ------w- c:\windows\system32\drivers\cdralw2k.sys 2013-10-06 19:26 . 2009-06-04 08:40 10224 ------w- c:\windows\system32\drivers\cdr4_xp.sys 2013-10-06 18:20 . 2013-10-06 18:30 -------- d-----w- c:\programdata\Electronic Arts 2013-10-06 18:20 . 2013-10-06 18:20 -------- d-----w- c:\program files (x86)\Origin Games 2013-10-06 16:08 . 2013-10-06 16:08 -------- d--h--w- c:\program files (x86)\Common Files\EAInstaller 2013-10-06 16:08 . 2013-10-06 16:08 -------- d-----w- c:\program files (x86)\Battlelog Web Plugins 2013-10-06 16:06 . 2013-10-06 18:36 215416 ----a-w- c:\windows\SysWow64\PnkBstrB.exe 2013-10-06 16:06 . 2013-10-06 18:35 215416 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0 2013-10-06 16:06 . 2013-10-06 16:06 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe 2013-10-05 20:21 . 2013-10-05 20:23 -------- d-----w- c:\program files (x86)\Razer 2013-10-05 20:21 . 2013-10-05 20:21 -------- d-----w- c:\programdata\Razer 2013-10-05 20:12 . 2006-03-31 11:41 3927248 ----a-w- c:\windows\system32\d3dx9_30.dll 2013-10-05 17:32 . 2013-10-05 17:33 -------- d-----w- c:\programdata\Xfire 2013-10-05 07:51 . 2013-10-06 18:30 -------- d-----w- c:\programdata\Origin 2013-10-04 21:24 . 2013-10-04 21:24 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-10-04 21:24 . 2013-10-04 21:24 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-10-04 21:24 . 2013-10-04 21:24 -------- d-----w- c:\windows\system32\Macromed 2013-10-04 21:24 . 2005-12-05 17:09 3815120 ----a-w- c:\windows\system32\d3dx9_28.dll 2013-10-04 21:20 . 2007-09-07 13:55 12744 ----a-w- c:\windows\SysWow64\drivers\Entech64.sys 2013-10-04 21:20 . 2001-11-19 19:05 3972 ----a-w- c:\windows\SysWow64\drivers\PciBus.sys 2013-10-04 21:20 . 2013-10-04 21:20 -------- d-----w- c:\windows\SysWow64\Futuremark 2013-10-04 21:20 . 2007-09-07 13:55 27672 ----a-w- c:\windows\SysWow64\drivers\Entech.sys 2013-10-04 21:17 . 2013-10-04 21:17 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service 2013-10-04 21:15 . 2010-10-27 01:43 110592 ----a-w- c:\windows\system32\rtvcvfw32.dll 2013-10-04 21:10 . 2009-03-26 13:48 190976 ----a-w- c:\windows\system32\APOMgr64.DLL 2013-10-04 21:10 . 2009-03-26 13:46 148480 ----a-w- c:\windows\SysWow64\APOMngr.DLL 2013-10-04 21:10 . 2009-02-06 17:53 89088 ----a-w- c:\windows\system32\CmdRtr64.DLL 2013-10-04 21:10 . 2009-02-06 17:52 73728 ----a-w- c:\windows\SysWow64\CmdRtr.DLL 2013-10-04 20:52 . 2013-10-04 20:52 -------- d-----w- c:\program files (x86)\AMD AVT 2013-10-04 20:52 . 2013-10-04 20:52 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies 2013-10-04 20:51 . 2013-10-04 20:52 -------- d-----w- c:\programdata\AMD 2013-10-04 20:51 . 2013-10-04 20:51 -------- d-----w- c:\program files\Common Files\ATI Technologies 2013-10-04 20:51 . 2013-10-04 20:51 -------- d-----w- c:\program files (x86)\ATI Technologies 2013-10-04 20:47 . 2013-10-06 16:06 -------- d-----w- c:\programdata\Package Cache 2013-10-04 20:47 . 2013-10-04 21:11 -------- d-----w- c:\program files (x86)\Creative 2013-10-04 20:47 . 2005-06-15 10:09 10752 ----a-w- c:\windows\system32\INRES.DLL 2013-10-04 20:47 . 2005-06-15 10:07 11264 ----a-w- c:\windows\SysWow64\INRES.DLL 2013-10-04 20:46 . 2013-10-04 20:46 -------- d-----w- C:\AMD 2013-10-04 20:37 . 2013-10-04 20:37 -------- d-----w- c:\program files (x86)\Common Files\Steam 2013-10-04 20:32 . 2013-09-15 23:50 9694160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{950C9650-F23D-4610-B9E5-7472C6AD96B5}\mpengine.dll 2013-10-04 20:32 . 2013-08-07 03:22 278800 ------w- c:\windows\system32\MpSigStub.exe 2013-10-04 20:24 . 2013-10-04 20:24 -------- d-----w- c:\program files\ESET 2013-10-04 20:17 . 2013-10-04 20:17 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys 2013-10-04 20:17 . 2013-10-04 20:17 -------- d-----w- c:\program files (x86)\DAEMON Tools Pro 2013-10-04 20:17 . 2013-10-04 20:17 -------- d-----w- c:\programdata\DAEMON Tools Pro 2013-10-04 20:17 . 2013-10-04 20:17 -------- d-----w- c:\programdata\WinZip 2013-10-04 20:17 . 2013-10-04 20:17 -------- d-----w- c:\program files\WinZip 2013-10-04 20:16 . 2013-10-04 20:16 -------- d-----w- c:\program files (x86)\Common Files\Adobe 2013-10-04 20:10 . 2012-08-22 09:54 15232 ----a-r- c:\windows\SysWow64\drivers\AsIO.sys 2013-10-04 20:10 . 2010-06-29 07:41 28672 ----a-r- c:\windows\SysWow64\AsIO.dll 2013-10-04 20:10 . 2013-10-04 20:10 -------- d-----w- c:\windows\SysWow64\drivers\MFDLL 2013-10-04 20:10 . 2008-01-04 05:34 11832 ------w- c:\windows\SysWow64\drivers\AsInsHelp64.sys 2013-10-04 20:09 . 2013-10-04 20:09 -------- d-----w- c:\program files (x86)\ASM104xUSB3 2013-10-04 20:08 . 2013-10-06 14:58 -------- d--h--w- c:\program files (x86)\Temp 2013-10-04 20:08 . 2013-10-04 20:11 -------- d-----w- c:\program files (x86)\Common Files\InstallShield 2013-10-04 20:07 . 2012-06-12 14:00 74344 ----a-w- c:\windows\system32\RtNicProp64.dll 2013-10-04 20:07 . 2012-06-12 14:00 726160 ----a-w- c:\windows\system32\drivers\Rt64win7.sys 2013-10-04 20:07 . 2012-06-12 14:00 107552 ----a-w- c:\windows\system32\RTNUninst64.dll 2013-10-04 20:07 . 2013-10-06 14:58 -------- d-----w- c:\program files (x86)\Realtek 2013-10-04 20:07 . 2013-10-06 14:58 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information 2013-10-04 20:06 . 2013-10-04 20:06 -------- d-----w- c:\windows\AsDmiHtm 2013-10-04 20:06 . 2013-10-04 20:06 -------- d-----w- c:\program files (x86)\AMD APP 2013-10-04 20:06 . 2013-10-04 20:06 -------- dc----w- c:\windows\system32\DRVSTORE 2013-10-04 20:06 . 2012-08-28 12:27 58536 ----a-r- c:\windows\system32\drivers\usbfilter.sys 2013-10-04 20:04 . 2013-10-06 19:26 -------- d-sh--w- c:\windows\Installer 2013-10-04 20:04 . 2013-10-04 20:51 -------- d-----w- c:\program files\ATI Technologies 2013-10-04 20:04 . 2013-10-04 20:04 -------- d-----w- c:\program files\ATI 2013-10-04 20:04 . 2013-10-04 20:04 16896 ----a-w- c:\windows\AsTaskSched.dll 2013-10-04 20:03 . 2011-02-25 06:36 295296 ----a-w- c:\windows\system32\drivers\volsnap.sys 2013-10-04 20:01 . 2013-10-04 20:35 -------- d-----w- c:\users\Sam 2013-10-04 19:59 . 2013-10-04 19:59 -------- d-----w- C:\Recovery 2013-10-04 11:51 . 2013-10-04 02:55 -------- d-----w- c:\windows\Panther 2013-09-27 11:25 . 2013-09-27 11:25 799744 ----a-w- c:\windows\SysWow64\rzdevicedll.dll 2013-09-19 02:09 . 2013-09-19 02:09 57344 ----a-w- c:\windows\SysWow64\rzdevinfo.dll 2013-09-19 02:09 . 2013-09-19 02:09 154112 ----a-w- c:\windows\SysWow64\rztouchdll.dll 2013-09-19 02:09 . 2013-09-19 02:09 117248 ----a-w- c:\windows\SysWow64\rzdisplaydll.dll 2013-09-19 02:09 . 2013-09-19 02:09 296448 ----a-w- c:\windows\SysWow64\rzaudiodll.dll 2013-09-13 05:50 . 2013-09-13 05:50 39096 ----a-w- c:\windows\system32\drivers\rzp1endpt.sys 2013-09-13 05:50 . 2013-09-13 05:50 33464 ----a-w- c:\windows\system32\drivers\rzdaendpt.sys 2013-09-13 05:50 . 2013-09-13 05:50 30904 ----a-w- c:\windows\system32\drivers\rzvmouse.sys 2013-09-13 05:50 . 2013-09-13 05:50 30904 ----a-w- c:\windows\system32\drivers\rzvkeyboard.sys 2013-09-13 05:49 . 2013-09-13 05:49 142008 ----a-w- c:\windows\system32\drivers\rzudd.sys . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-08-31 00:14 . 2013-08-31 00:14 78432 ----a-w- c:\windows\system32\atimpc64.dll 2013-08-31 00:14 . 2013-08-31 00:14 78432 ----a-w- c:\windows\system32\amdpcom64.dll 2013-08-31 00:14 . 2013-08-31 00:14 71704 ----a-w- c:\windows\SysWow64\atimpc32.dll 2013-08-31 00:14 . 2013-08-31 00:14 71704 ----a-w- c:\windows\SysWow64\amdpcom32.dll 2013-08-31 00:14 . 2013-08-31 00:14 142792 ----a-w- c:\windows\system32\atiuxp64.dll 2013-08-31 00:14 . 2013-08-31 00:14 125824 ----a-w- c:\windows\SysWow64\atiuxpag.dll 2013-08-31 00:13 . 2013-08-31 00:13 97984 ----a-w- c:\windows\SysWow64\atiu9pag.dll 2013-08-31 00:13 . 2013-08-31 00:13 114488 ----a-w- c:\windows\system32\atiu9p64.dll 2013-08-31 00:13 . 2013-08-31 00:13 1233080 ----a-w- c:\windows\system32\aticfx64.dll 2013-08-31 00:13 . 2013-08-31 00:13 1027544 ----a-w- c:\windows\SysWow64\aticfx32.dll 2013-08-31 00:13 . 2013-08-31 00:13 9464840 ----a-w- c:\windows\system32\atidxx64.dll 2013-08-31 00:13 . 2013-08-31 00:13 8215992 ----a-w- c:\windows\SysWow64\atidxx32.dll 2013-08-31 00:13 . 2013-08-31 00:13 6176008 ----a-w- c:\windows\SysWow64\atiumdva.dll 2013-08-31 00:13 . 2013-08-31 00:13 6189416 ----a-w- c:\windows\SysWow64\atiumdag.dll 2013-08-31 00:13 . 2013-08-31 00:13 6767240 ----a-w- c:\windows\system32\atiumd6a.dll 2013-08-31 00:13 . 2013-08-31 00:13 7256496 ----a-w- c:\windows\system32\atiumd64.dll 2013-08-31 00:11 . 2013-08-31 00:11 12528640 ----a-w- c:\windows\system32\drivers\atikmdag.sys 2013-08-30 23:48 . 2013-08-30 23:48 127488 ----a-w- c:\windows\system32\coinst_13.152.dll 2013-08-30 23:48 . 2013-08-30 23:48 229376 ----a-w- c:\windows\system32\clinfo.exe 2013-08-30 23:47 . 2013-08-30 23:47 995342 ----a-w- c:\windows\SysWow64\amdocl_as32.exe 2013-08-30 23:47 . 2013-08-30 23:47 798734 ----a-w- c:\windows\SysWow64\amdocl_ld32.exe 2013-08-30 23:47 . 2013-08-30 23:47 1187342 ----a-w- c:\windows\system32\amdocl_as64.exe 2013-08-30 23:47 . 2013-08-30 23:47 1061902 ----a-w- c:\windows\system32\amdocl_ld64.exe 2013-08-30 23:47 . 2013-08-30 23:47 98816 ----a-w- c:\windows\system32\OpenVideo64.dll 2013-08-30 23:47 . 2013-08-30 23:47 83456 ----a-w- c:\windows\SysWow64\OpenVideo.dll 2013-08-30 23:47 . 2013-08-30 23:47 86528 ----a-w- c:\windows\system32\OVDecode64.dll 2013-08-30 23:47 . 2013-08-30 23:47 73216 ----a-w- c:\windows\SysWow64\OVDecode.dll 2013-08-30 23:47 . 2013-08-30 23:47 28192256 ----a-w- c:\windows\system32\amdocl64.dll 2013-08-30 23:45 . 2013-08-30 23:45 23760896 ----a-w- c:\windows\SysWow64\amdocl.dll 2013-08-30 23:43 . 2013-08-30 23:43 63488 ----a-w- c:\windows\system32\OpenCL.dll 2013-08-30 23:43 . 2013-08-30 23:43 57344 ----a-w- c:\windows\SysWow64\OpenCL.dll 2013-08-30 23:35 . 2013-08-30 23:35 25387520 ----a-w- c:\windows\system32\atio6axx.dll 2013-08-30 23:18 . 2013-08-30 23:18 368640 ----a-w- c:\windows\system32\atiapfxx.exe 2013-08-30 23:18 . 2013-08-30 23:18 62464 ----a-w- c:\windows\system32\aticalrt64.dll 2013-08-30 23:18 . 2013-08-30 23:18 52224 ----a-w- c:\windows\SysWow64\aticalrt.dll 2013-08-30 23:18 . 2013-08-30 23:18 55808 ----a-w- c:\windows\system32\aticalcl64.dll 2013-08-30 23:18 . 2013-08-30 23:18 49152 ----a-w- c:\windows\SysWow64\aticalcl.dll 2013-08-30 23:17 . 2013-08-30 23:17 15716352 ----a-w- c:\windows\system32\aticaldd64.dll 2013-08-30 23:14 . 2013-08-30 23:14 14302208 ----a-w- c:\windows\SysWow64\aticaldd.dll 2013-08-30 23:13 . 2013-08-30 23:13 21400064 ----a-w- c:\windows\SysWow64\atioglxx.dll 2013-08-30 22:59 . 2013-08-30 22:59 442368 ----a-w- c:\windows\system32\atidemgy.dll 2013-08-30 22:58 . 2013-08-30 22:58 26112 ----a-w- c:\windows\system32\atimuixx.dll 2013-08-30 22:58 . 2013-08-30 22:58 571904 ----a-w- c:\windows\system32\atieclxx.exe 2013-08-30 22:57 . 2013-08-30 22:57 239616 ----a-w- c:\windows\system32\atiesrxx.exe 2013-08-30 22:56 . 2013-08-30 22:56 190976 ----a-w- c:\windows\system32\atitmm64.dll 2013-08-30 22:33 . 2013-08-30 22:33 784384 ----a-w- c:\windows\system32\atiadlxx.dll 2013-08-30 22:33 . 2013-08-30 22:33 594944 ----a-w- c:\windows\SysWow64\atiadlxy.dll 2013-08-30 22:33 . 2013-08-30 22:33 43520 ----a-w- c:\windows\system32\drivers\ati2erec.dll 2013-08-30 22:32 . 2013-08-30 22:32 75264 ----a-w- c:\windows\system32\atig6pxx.dll 2013-08-30 22:32 . 2013-08-30 22:32 69632 ----a-w- c:\windows\SysWow64\atiglpxx.dll 2013-08-30 22:32 . 2013-08-30 22:32 69632 ----a-w- c:\windows\system32\atiglpxx.dll 2013-08-30 22:32 . 2013-08-30 22:32 100352 ----a-w- c:\windows\system32\atig6txx.dll 2013-08-30 22:32 . 2013-08-30 22:32 96768 ----a-w- c:\windows\SysWow64\atigktxx.dll 2013-08-30 22:32 . 2013-08-30 22:32 618496 ----a-w- c:\windows\system32\drivers\atikmpag.sys 2013-08-30 18:58 . 2013-08-30 18:58 51200 ----a-w- c:\windows\system32\kdbsdk64.dll 2013-08-30 18:53 . 2013-08-30 18:53 38912 ----a-w- c:\windows\SysWow64\kdbsdk32.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTAgent.exe" [2012-10-03 3111264] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "ASUS AiChargerPlus Execute"="c:\program files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe" [2012-08-20 550272] "ASUS WiFi GO! FileTransfer Execute"="c:\program files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFile\WiFileTransfer.exe" [2012-07-12 1384608] "ASUSWebStorage"="c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.11.125\AsusWSPanel.exe" [2012-09-17 3353472] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-04-04 843712] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2013-08-30 766208] "P17RunE"="P17RunE.dll" [2008-03-28 14848] "Razer Synapse"="c:\program files (x86)\Razer\Synapse\RzSynapse.exe" [2013-09-28 442200] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce] "GrpConv"="grpconv -o" [X] "Malwarebytes Anti-Malware"="d:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2013-04-04 532040] "Malwarebytes Anti-Malware (cleanup)"="c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll" [2013-04-04 1127496] . c:\users\Sam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ HWMonitor.exe [2008-9-8 1175552] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 MBAMScheduler;MBAMScheduler;d:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;d:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x] R2 MBAMService;MBAMService;d:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;d:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x] R3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x] R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x] R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;e:\program files (x86)\Futuremark\SystemInfo\FMSISvc.exe;e:\program files (x86)\Futuremark\SystemInfo\FMSISvc.exe [x] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x] S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x] S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x] S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x] S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x] S1 ndisrd;WinpkFilter LightWeight Filter;c:\windows\system32\DRIVERS\ndisrd.sys;c:\windows\SYSNATIVE\DRIVERS\ndisrd.sys [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x] S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x] S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x] S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [x] S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [x] S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [x] S2 AsusFanControlService;AsusFanControlService;c:\program files (x86)\ASUS\AsusFanControlService\1.01.19\AsusFanControlService.exe;c:\program files (x86)\ASUS\AsusFanControlService\1.01.19\AsusFanControlService.exe [x] S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x] S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x] S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x] S3 AiChargerPlus;AiChargerPlus;SysWow64\drivers\AiChargerPlus.sys;SysWow64\drivers\AiChargerPlus.sys [x] S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x] S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x] S3 ASUSFILTER;ASUSFILTER;SysWow64\drivers\ASUSFILTER.sys;SysWow64\drivers\ASUSFILTER.sys [x] S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x] S3 cpuz129;cpuz129;c:\users\Sam\AppData\Local\Temp\cpuz_x64.sys;c:\users\Sam\AppData\Local\Temp\cpuz_x64.sys [x] S3 RTCore64;RTCore64;c:\program files (x86)\MSI Afterburner\RTCore64.sys;c:\program files (x86)\MSI Afterburner\RTCore64.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x] S3 rzdaendpt;Razer DeathAdder end point;c:\windows\system32\DRIVERS\rzdaendpt.sys;c:\windows\SYSNATIVE\DRIVERS\rzdaendpt.sys [x] S3 rzp1endpt;Razer platform 1 end point;c:\windows\system32\DRIVERS\rzp1endpt.sys;c:\windows\SYSNATIVE\DRIVERS\rzp1endpt.sys [x] S3 rzudd;Razer Mouse Driver;c:\windows\system32\DRIVERS\rzudd.sys;c:\windows\SYSNATIVE\DRIVERS\rzudd.sys [x] S3 rzvkeyboard;Razer Virtual Keyboard Driver;c:\windows\system32\DRIVERS\rzvkeyboard.sys;c:\windows\SYSNATIVE\DRIVERS\rzvkeyboard.sys [x] S3 rzvmouse;Razer Virtual Mouse;c:\windows\system32\DRIVERS\rzvmouse.sys;c:\windows\SYSNATIVE\DRIVERS\rzvmouse.sys [x] S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - 2971408DRV *NewlyCreated* - 33290050 *NewlyCreated* - 45137706 *NewlyCreated* - MBAMPROTECTOR *Deregistered* - 45137706 . Contents of the 'Scheduled Tasks' folder . 2013-10-07 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-04 21:24] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B] @="{6D4133E5-0742-4ADC-8A8C-9303440F7190}" [HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}] 2012-03-13 09:23 1500672 ----a-w- c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.11.125\AsusWSShellExt64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O] @="{64174815-8D98-4CE6-8646-4C039977D808}" [HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}] 2012-03-13 09:23 1500672 ----a-w- c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.11.125\AsusWSShellExt64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_U] @="{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}" [HKEY_CLASSES_ROOT\CLSID\{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}] 2012-03-13 09:23 1500672 ----a-w- c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.11.125\AsusWSShellExt64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2010-03-24 2839840] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\Sam\AppData\Roaming\Mozilla\Firefox\Profiles\ubby32zk.default\ . - - - - ORPHANS REMOVED - - - - . Wow6432Node-HKLM-Run-<NO NAME> - (no file) . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}] @Denied: (A 2) (Everyone) @="IFlashBroker3" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip] "SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\ . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2013-10-07 21:24:11 ComboFix-quarantined-files.txt 2013-10-07 20:24 . Pre-Run: 20,322,463,744 bytes free Post-Run: 20,238,909,440 bytes free . - - End Of File - - 5B615A764E3FDBBEBFAB4915C6D68D45 A36C5E4F47E84449FF07ED3517B43A31
-
Malwarebytes Anti-Rootkit BETA 1.07.0.1005 www.malwarebytes.org Database version: v2013.10.07.11 Windows 7 x64 NTFS Internet Explorer 8.0.7600.16385 Sam :: SAM-PC [administrator] 07/10/2013 20:14:56 mbar-log-2013-10-07 (20-14-56).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 210927 Time elapsed: 7 minute(s), 43 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.07.0.1005 © Malwarebytes Corporation 2011-2012 OS version: 6.1.7600 Windows 7 x64 Account is Administrative Internet Explorer version: 8.0.7600.16385 File system is: NTFS Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED, F:\ DRIVE_FIXED, G:\ DRIVE_FIXED CPU speed: 4.021000 GHz Memory total: 8484671488, free: 4851212288 Downloaded database version: v2013.10.07.11 Downloaded database version: v2013.09.30.01 ======================================= Initializing... ------------ Kernel report ------------ 10/07/2013 20:14:50 ------------ Loaded modules ----------- \SystemRoot\system32\ntoskrnl.exe \SystemRoot\system32\hal.dll \SystemRoot\system32\kdcom.dll \SystemRoot\system32\mcupdate_AuthenticAMD.dll \SystemRoot\system32\PSHED.dll \SystemRoot\system32\CLFS.SYS \SystemRoot\system32\CI.dll \SystemRoot\system32\drivers\Wdf01000.sys \SystemRoot\system32\drivers\WDFLDR.SYS \SystemRoot\system32\DRIVERS\ACPI.sys \SystemRoot\system32\DRIVERS\WMILIB.SYS \SystemRoot\system32\DRIVERS\msisadrv.sys \SystemRoot\system32\DRIVERS\pci.sys \SystemRoot\system32\DRIVERS\vdrvroot.sys \SystemRoot\System32\drivers\partmgr.sys \SystemRoot\system32\DRIVERS\volmgr.sys \SystemRoot\System32\drivers\volmgrx.sys \SystemRoot\System32\drivers\mountmgr.sys \SystemRoot\system32\DRIVERS\atapi.sys \SystemRoot\system32\DRIVERS\ataport.SYS \SystemRoot\system32\DRIVERS\msahci.sys \SystemRoot\system32\DRIVERS\PCIIDEX.SYS \SystemRoot\system32\DRIVERS\amd_sata.sys \SystemRoot\system32\DRIVERS\storport.sys \SystemRoot\system32\DRIVERS\amd_xata.sys \SystemRoot\system32\DRIVERS\amdxata.sys \SystemRoot\system32\drivers\fltmgr.sys \SystemRoot\system32\drivers\fileinfo.sys \SystemRoot\System32\Drivers\Ntfs.sys \SystemRoot\System32\Drivers\msrpc.sys \SystemRoot\System32\Drivers\ksecdd.sys \SystemRoot\System32\Drivers\cng.sys \SystemRoot\System32\drivers\pcw.sys \SystemRoot\System32\Drivers\Fs_Rec.sys \SystemRoot\system32\drivers\ndis.sys \SystemRoot\system32\drivers\NETIO.SYS \SystemRoot\System32\Drivers\ksecpkg.sys \SystemRoot\System32\drivers\tcpip.sys \SystemRoot\System32\drivers\fwpkclnt.sys \SystemRoot\system32\DRIVERS\vmstorfl.sys \SystemRoot\system32\DRIVERS\volsnap.sys \SystemRoot\System32\Drivers\spldr.sys \SystemRoot\System32\drivers\rdyboost.sys \SystemRoot\System32\Drivers\mup.sys \SystemRoot\System32\drivers\hwpolicy.sys \SystemRoot\System32\DRIVERS\fvevol.sys \SystemRoot\system32\DRIVERS\disk.sys \SystemRoot\system32\DRIVERS\CLASSPNP.SYS \SystemRoot\system32\DRIVERS\dtsoftbus01.sys \SystemRoot\system32\DRIVERS\cdrom.sys \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \SystemRoot\system32\DRIVERS\ehdrv.sys \SystemRoot\System32\drivers\vga.sys \SystemRoot\System32\drivers\VIDEOPRT.SYS \SystemRoot\System32\drivers\watchdog.sys \SystemRoot\System32\DRIVERS\RDPCDD.sys \SystemRoot\system32\drivers\rdpencdd.sys \SystemRoot\system32\drivers\rdprefmp.sys \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\system32\DRIVERS\tdx.sys \SystemRoot\system32\DRIVERS\TDI.SYS \SystemRoot\system32\drivers\afd.sys \SystemRoot\System32\DRIVERS\netbt.sys \SystemRoot\system32\DRIVERS\wfplwf.sys \SystemRoot\system32\DRIVERS\pacer.sys \SystemRoot\system32\DRIVERS\ndisrd.sys \SystemRoot\system32\DRIVERS\netbios.sys \SystemRoot\system32\DRIVERS\serial.sys \SystemRoot\system32\DRIVERS\wanarp.sys \SystemRoot\system32\DRIVERS\termdd.sys \SystemRoot\system32\DRIVERS\rdbss.sys \SystemRoot\system32\drivers\nsiproxy.sys \SystemRoot\system32\DRIVERS\mssmbios.sys \SystemRoot\System32\drivers\discache.sys \SystemRoot\system32\drivers\csc.sys \SystemRoot\System32\Drivers\dfsc.sys \SystemRoot\system32\DRIVERS\blbdrive.sys \SystemRoot\SysWow64\drivers\AsUpIO.sys \SystemRoot\SysWow64\drivers\AsIO.sys \SystemRoot\system32\DRIVERS\tunnel.sys \SystemRoot\system32\DRIVERS\atikmpag.sys \SystemRoot\system32\DRIVERS\atikmdag.sys \SystemRoot\System32\drivers\dxgkrnl.sys \SystemRoot\System32\drivers\dxgmms1.sys \SystemRoot\system32\DRIVERS\HDAudBus.sys \SystemRoot\SysWow64\drivers\AiChargerPlus.sys \SystemRoot\system32\DRIVERS\asmtxhci.sys \SystemRoot\system32\DRIVERS\usbfilter.sys \SystemRoot\system32\DRIVERS\usbohci.sys \SystemRoot\system32\DRIVERS\USBPORT.SYS \SystemRoot\system32\DRIVERS\usbehci.sys \SystemRoot\system32\DRIVERS\serenum.sys \SystemRoot\system32\drivers\P17.sys \SystemRoot\system32\drivers\portcls.sys \SystemRoot\system32\drivers\drmk.sys \SystemRoot\system32\drivers\ks.sys \SystemRoot\system32\drivers\ksthunk.sys \SystemRoot\system32\DRIVERS\Rt64win7.sys \SystemRoot\system32\DRIVERS\wmiacpi.sys \SystemRoot\system32\DRIVERS\amdppm.sys \SystemRoot\system32\DRIVERS\CompositeBus.sys \SystemRoot\system32\DRIVERS\Epfwndis.sys \SystemRoot\system32\DRIVERS\AgileVpn.sys \SystemRoot\system32\DRIVERS\rasl2tp.sys \SystemRoot\system32\DRIVERS\ndistapi.sys \SystemRoot\system32\DRIVERS\ndiswan.sys \SystemRoot\system32\DRIVERS\raspppoe.sys \SystemRoot\system32\DRIVERS\raspptp.sys \SystemRoot\system32\DRIVERS\rassstp.sys \SystemRoot\system32\DRIVERS\rdpbus.sys \SystemRoot\system32\DRIVERS\kbdclass.sys \SystemRoot\system32\DRIVERS\mouclass.sys \SystemRoot\system32\DRIVERS\swenum.sys \SystemRoot\system32\DRIVERS\umbus.sys \SystemRoot\system32\DRIVERS\usbhub.sys \SystemRoot\System32\Drivers\NDProxy.SYS \SystemRoot\system32\drivers\AtihdW76.sys \SystemRoot\system32\drivers\HdAudio.sys \SystemRoot\system32\DRIVERS\asmthub3.sys \SystemRoot\SysWow64\drivers\ASUSFILTER.sys \SystemRoot\System32\win32k.sys \SystemRoot\System32\drivers\Dxapi.sys \SystemRoot\System32\Drivers\crashdmp.sys \SystemRoot\System32\Drivers\dump_dumpata.sys \SystemRoot\System32\Drivers\dump_msahci.sys \SystemRoot\System32\Drivers\dump_dumpfve.sys \SystemRoot\system32\DRIVERS\USBSTOR.SYS \SystemRoot\system32\DRIVERS\USBD.SYS \SystemRoot\system32\DRIVERS\monitor.sys \SystemRoot\system32\DRIVERS\usbccgp.sys \SystemRoot\system32\DRIVERS\hidusb.sys \SystemRoot\system32\DRIVERS\HIDCLASS.SYS \SystemRoot\system32\DRIVERS\HIDPARSE.SYS \SystemRoot\system32\DRIVERS\rzp1endpt.sys \SystemRoot\system32\DRIVERS\kbdhid.sys \SystemRoot\system32\DRIVERS\rzudd.sys \SystemRoot\system32\DRIVERS\rzvmouse.sys \SystemRoot\System32\drivers\mshidkmdf.sys \SystemRoot\system32\DRIVERS\mouhid.sys \SystemRoot\System32\TSDDD.dll \SystemRoot\system32\DRIVERS\rzdaendpt.sys \SystemRoot\system32\DRIVERS\rzvkeyboard.sys \SystemRoot\System32\cdd.dll \SystemRoot\System32\ATMFD.DLL \SystemRoot\system32\drivers\luafv.sys \SystemRoot\system32\DRIVERS\eamonm.sys \SystemRoot\system32\drivers\WudfPf.sys \SystemRoot\system32\DRIVERS\epfw.sys \SystemRoot\system32\DRIVERS\lltdio.sys \SystemRoot\system32\DRIVERS\rspndr.sys \SystemRoot\system32\drivers\HTTP.sys \SystemRoot\system32\DRIVERS\bowser.sys \SystemRoot\System32\drivers\mpsdrv.sys \SystemRoot\system32\DRIVERS\mrxsmb.sys \SystemRoot\system32\DRIVERS\mrxsmb10.sys \SystemRoot\system32\DRIVERS\mrxsmb20.sys \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys \SystemRoot\system32\DRIVERS\epfwwfp.sys \SystemRoot\system32\drivers\peauth.sys \SystemRoot\System32\Drivers\secdrv.SYS \SystemRoot\System32\DRIVERS\srvnet.sys \SystemRoot\System32\drivers\tcpipreg.sys \SystemRoot\System32\DRIVERS\srv2.sys \SystemRoot\System32\DRIVERS\srv.sys \??\C:\Users\Sam\AppData\Local\Temp\cpuz_x64.sys \SystemRoot\system32\DRIVERS\nwifi.sys \SystemRoot\system32\DRIVERS\ndisuio.sys \SystemRoot\system32\DRIVERS\WUDFRd.sys \??\C:\Program Files (x86)\MSI Afterburner\RTCore64.sys C:\Program Files\ESET\ESET Smart Security\em006_64.dat \??\C:\Windows\system32\drivers\mbam.sys \SystemRoot\system32\DRIVERS\2971408drv.sys \SystemRoot\system32\DRIVERS\33290050.sys \SystemRoot\system32\drivers\08646693.sys \??\C:\Windows\system32\drivers\mbamchameleon.sys \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys \Windows\System32\ntdll.dll \Windows\System32\smss.exe \Windows\System32\apisetschema.dll \Windows\System32\autochk.exe \Windows\System32\advapi32.dll \Windows\System32\imagehlp.dll \Windows\System32\usp10.dll \Windows\System32\normaliz.dll \Windows\System32\clbcatq.dll \Windows\System32\gdi32.dll \Windows\System32\ws2_32.dll \Windows\System32\comdlg32.dll \Windows\System32\imm32.dll \Windows\System32\shell32.dll \Windows\System32\kernel32.dll \Windows\System32\oleaut32.dll \Windows\System32\rpcrt4.dll \Windows\System32\wininet.dll \Windows\System32\msvcrt.dll \Windows\System32\nsi.dll \Windows\System32\msctf.dll \Windows\System32\user32.dll \Windows\System32\urlmon.dll \Windows\System32\ole32.dll \Windows\System32\sechost.dll \Windows\System32\iertutil.dll \Windows\System32\psapi.dll \Windows\System32\setupapi.dll \Windows\System32\Wldap32.dll \Windows\System32\difxapi.dll \Windows\System32\shlwapi.dll \Windows\System32\lpk.dll \Windows\System32\wintrust.dll \Windows\System32\comctl32.dll \Windows\System32\KernelBase.dll \Windows\System32\devobj.dll \Windows\System32\cfgmgr32.dll \Windows\System32\crypt32.dll \Windows\System32\msasn1.dll \Windows\SysWOW64\normaliz.dll ----------- End ----------- Done! <<<1>>> Upper Device Name: \Device\Harddisk5\DR5 Upper Device Object: 0xfffffa8009a0f060 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\000000a4\ Lower Device Object: 0xfffffa8009712b70 Lower Device Driver Name: \Driver\USBSTOR\ <<<1>>> Upper Device Name: \Device\Harddisk4\DR4 Upper Device Object: 0xfffffa8007e6f060 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\00000075\ Lower Device Object: 0xfffffa8007b359d0 Lower Device Driver Name: \Driver\amd_sata\ <<<1>>> Upper Device Name: \Device\Harddisk3\DR3 Upper Device Object: 0xfffffa8007e6e060 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\00000073\ Lower Device Object: 0xfffffa8007b29060 Lower Device Driver Name: \Driver\amd_sata\ <<<1>>> Upper Device Name: \Device\Harddisk2\DR2 Upper Device Object: 0xfffffa8007e6d060 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\00000072\ Lower Device Object: 0xfffffa8007b27060 Lower Device Driver Name: \Driver\amd_sata\ <<<1>>> Upper Device Name: \Device\Harddisk1\DR1 Upper Device Object: 0xfffffa8007e6c060 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\Ide\IdeDeviceP3T0L0-3\ Lower Device Object: 0xfffffa8007b41680 Lower Device Driver Name: \Driver\atapi\ <<<1>>> Upper Device Name: \Device\Harddisk0\DR0 Upper Device Object: 0xfffffa8007e6b060 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\Ide\IdeDeviceP2T0L0-2\ Lower Device Object: 0xfffffa8007b34550 Lower Device Driver Name: \Driver\atapi\ <<<2>>> Physical Sector Size: 512 Drive: 0, DevicePointer: 0xfffffa8007e6b060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa8007e6bb20, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa8007e6b060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa8007b34550, DeviceName: \Device\Ide\IdeDeviceP2T0L0-2\, DriverName: \Driver\atapi\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes <<<2>>> <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers... <<<2>>> <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Done! Drive 0 Scanning MBR on drive 0... Inspecting partition table: MBR Signature: 55AA Disk Signature: 34FB5EE0 Partition information: Partition 0 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 2048 Numsec = 204800 Partition file system is NTFS Partition is bootable Partition 1 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 206848 Numsec = 117018624 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 60022480896 bytes Sector size: 512 bytes Scanning physical sectors of unpartitioned space on drive 0 (1-2047-117211408-117231408)... Done! Physical Sector Size: 512 Drive: 1, DevicePointer: 0xfffffa8007e6c060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa8007e6cab0, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa8007e6c060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa8007b41680, DeviceName: \Device\Ide\IdeDeviceP3T0L0-3\, DriverName: \Driver\atapi\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 Drive 1 Scanning MBR on drive 1... Inspecting partition table: MBR Signature: 55AA Disk Signature: 1C727AA4 Partition information: Partition 0 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 2048 Numsec = 3907024896 Partition file system is NTFS Partition is not bootable Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 2000397852160 bytes Sector size: 512 bytes Done! Physical Sector Size: 512 Drive: 2, DevicePointer: 0xfffffa8007e6d060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa8007c8f9a0, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa8007e6d060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa8007b425f0, DeviceName: Unknown, DriverName: \Driver\amd_xata\ DevicePointer: 0xfffffa8007b27060, DeviceName: \Device\00000072\, DriverName: \Driver\amd_sata\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 Drive 2 Scanning MBR on drive 2... Inspecting partition table: MBR Signature: 55AA Disk Signature: 56EFAA2 Partition information: Partition 0 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 2048 Numsec = 625135616 Partition file system is NTFS Partition is bootable Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 320071851520 bytes Sector size: 512 bytes Done! Physical Sector Size: 512 Drive: 3, DevicePointer: 0xfffffa8007e6e060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa8007e6dab0, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa8007e6e060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa8007b56040, DeviceName: Unknown, DriverName: \Driver\amd_xata\ DevicePointer: 0xfffffa8007b29060, DeviceName: \Device\00000073\, DriverName: \Driver\amd_sata\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 Drive 3 Scanning MBR on drive 3... Inspecting partition table: MBR Signature: 55AA Disk Signature: 331AAED6 Partition information: Partition 0 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 2048 Numsec = 976766976 Partition file system is NTFS Partition is bootable Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 500107862016 bytes Sector size: 512 bytes Done! Physical Sector Size: 512 Drive: 4, DevicePointer: 0xfffffa8007e6f060, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa8007e6e990, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa8007e6f060, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa8007b57040, DeviceName: Unknown, DriverName: \Driver\amd_xata\ DevicePointer: 0xfffffa8007b359d0, DeviceName: \Device\00000075\, DriverName: \Driver\amd_sata\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 Drive 4 Scanning MBR on drive 4... Inspecting partition table: MBR Signature: 55AA Disk Signature: 48850B18 Partition information: Partition 0 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 2048 Numsec = 488392704 Partition file system is NTFS Partition is not bootable Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 250058268160 bytes Sector size: 512 bytes Done! Physical Sector Size: 512 Drive: 5, DevicePointer: 0xfffffa8009a0f060, DeviceName: \Device\Harddisk5\DR5\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa800972db90, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa8009a0f060, DeviceName: \Device\Harddisk5\DR5\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa8009712b70, DeviceName: \Device\000000a4\, DriverName: \Driver\USBSTOR\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk5\DR5\, DriverName: \Driver\Disk\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 Drive 5 Scanning MBR on drive 5... Inspecting partition table: MBR Signature: 55AA Disk Signature: 0 Partition information: Partition 0 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 128 Numsec = 7806848 Partition file system is NTFS Partition is bootable Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 3997171712 bytes Sector size: 512 bytes Done! Scan finished ======================================= Removal queue found; removal started Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\Bootstrap_0_0_2048_i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_r.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_1_i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\Bootstrap_1_0_2048_i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_1_r.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_2_i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\Bootstrap_2_0_2048_i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_2_r.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_3_i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\Bootstrap_3_0_2048_i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_3_r.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_4_i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\Bootstrap_4_0_2048_i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_4_r.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_5_i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\Bootstrap_5_0_128_i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_5_r.mbam... Removal finished
-
20:13:47.0627 0x0ba0 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys 20:13:47.0707 0x0ba0 IPNAT - ok 20:13:47.0711 0x0ba0 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys 20:13:47.0820 0x0ba0 IRENUM - ok 20:13:47.0823 0x0ba0 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys 20:13:47.0856 0x0ba0 isapnp - ok 20:13:47.0864 0x0ba0 [ FA4D2557DE56D45B0A346F93564BE6E1, 2827EC3582FF59FFD55BBD4A4F0DDFFEAD4F2537FA043B3A69904FE920B1619C ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys 20:13:47.0911 0x0ba0 iScsiPrt - ok 20:13:47.0915 0x0ba0 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 20:13:47.0983 0x0ba0 kbdclass - ok 20:13:47.0987 0x0ba0 [ 6DEF98F8541E1B5DCEB2C822A11F7323, F6EE4A7A6A7A1F243D32CA9241CA4816C92EB7BF2AADDD09234968C2CAAE6C0D ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 20:13:48.0103 0x0ba0 kbdhid - ok 20:13:48.0106 0x0ba0 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] KeyIso C:\Windows\system32\lsass.exe 20:13:48.0107 0x0ba0 KeyIso - ok 20:13:48.0112 0x0ba0 [ E8B6FCC9C83535C67F835D407620BD27, 74B63F3BFB756FF0B0AD6A6C1535C0A1A0630295ECCBC078B00F2449718B0870 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 20:13:48.0165 0x0ba0 KSecDD - ok 20:13:48.0171 0x0ba0 [ BBE1BF6D9B661C354D4857D5FADB943B, D2F6E52CCD0DF07B3D92669B941CEB9A59E16D3518226F11028A70DBDEFABBCF ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 20:13:48.0301 0x0ba0 KSecPkg - ok 20:13:48.0305 0x0ba0 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 20:13:48.0356 0x0ba0 ksthunk - ok 20:13:48.0366 0x0ba0 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll 20:13:48.0490 0x0ba0 KtmRm - ok 20:13:48.0499 0x0ba0 [ C926920B8978DE6ACFE9E15C709E9B57, 33B8002ABC30372B1CA8B6EC046757794CD7C9DA3CA4715B515B6894DC7E45CA ] LanmanServer C:\Windows\system32\srvsvc.dll 20:13:48.0553 0x0ba0 LanmanServer - ok 20:13:48.0559 0x0ba0 [ 27026EAC8818E8A6C00A1CAD2F11D29A, A12858CCB3B2419D66C667A46B106DA7A7BA97FFFA9634BFAE95DDF193C430D5 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 20:13:48.0587 0x0ba0 LanmanWorkstation - ok 20:13:48.0593 0x0ba0 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 20:13:48.0694 0x0ba0 lltdio - ok 20:13:48.0704 0x0ba0 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll 20:13:48.0757 0x0ba0 lltdsvc - ok 20:13:48.0761 0x0ba0 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll 20:13:48.0877 0x0ba0 lmhosts - ok 20:13:48.0884 0x0ba0 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 20:13:48.0954 0x0ba0 LSI_FC - ok 20:13:48.0959 0x0ba0 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 20:13:49.0084 0x0ba0 LSI_SAS - ok 20:13:49.0088 0x0ba0 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 20:13:49.0176 0x0ba0 LSI_SAS2 - ok 20:13:49.0181 0x0ba0 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 20:13:49.0288 0x0ba0 LSI_SCSI - ok 20:13:49.0294 0x0ba0 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys 20:13:49.0316 0x0ba0 luafv - ok 20:13:49.0320 0x0ba0 [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 20:13:49.0321 0x0ba0 MBAMProtector - ok 20:13:49.0418 0x0ba0 [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe 20:13:49.0480 0x0ba0 MBAMScheduler - ok 20:13:49.0515 0x0ba0 [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 20:13:49.0532 0x0ba0 MBAMService - ok 20:13:49.0538 0x0ba0 [ F84C8F1000BC11E3B7B23CBD3BAFF111, BB4C4FFE3F6C9E5C16C06F6F666F177B94E1CF878397BCC0BDAF6EB3341AAED8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 20:13:49.0551 0x0ba0 Mcx2Svc - ok 20:13:49.0555 0x0ba0 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 20:13:49.0644 0x0ba0 megasas - ok 20:13:49.0653 0x0ba0 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 20:13:49.0680 0x0ba0 MegaSR - ok 20:13:49.0692 0x0ba0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll 20:13:49.0803 0x0ba0 MMCSS - ok 20:13:49.0806 0x0ba0 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys 20:13:49.0874 0x0ba0 Modem - ok 20:13:49.0878 0x0ba0 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 20:13:50.0016 0x0ba0 monitor - ok 20:13:50.0020 0x0ba0 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 20:13:50.0076 0x0ba0 mouclass - ok 20:13:50.0080 0x0ba0 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 20:13:50.0239 0x0ba0 mouhid - ok 20:13:50.0243 0x0ba0 [ 791AF66C4D0E7C90A3646066386FB571, BF67643099494AEADDDC85E4D97AFF1017806A1DF554F9BE6C864FFECC9EAF42 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 20:13:50.0313 0x0ba0 mountmgr - ok 20:13:50.0318 0x0ba0 [ 0329A45C849C9D77901094B8FFE8BBB9, 2151C15A4185FABBC3367B8213017B45E08C43E26E1D8942E707E217C6A5EDA7 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 20:13:50.0422 0x0ba0 MozillaMaintenance - ok 20:13:50.0429 0x0ba0 [ 609D1D87649ECC19796F4D76D4C15CEA, 5369F4C83FBAE9C4CFB9ACD36F07479E3F3FD784D79B82AE8D95B818B9F9CE00 ] mpio C:\Windows\system32\DRIVERS\mpio.sys 20:13:50.0471 0x0ba0 mpio - ok 20:13:50.0476 0x0ba0 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 20:13:50.0529 0x0ba0 mpsdrv - ok 20:13:50.0550 0x0ba0 [ AECAB449567D1846DAD63ECE49E893E3, 7A67A16A3E04574B7CAD097632ABA9B361BBEFDD6B36B7B8E3A1996EC529C2DC ] MpsSvc C:\Windows\system32\mpssvc.dll 20:13:50.0658 0x0ba0 MpsSvc - ok 20:13:50.0666 0x0ba0 [ 30524261BB51D96D6FCBAC20C810183C, 19598A9CD0EAAE4ACBF1069E721AB2853452F33FCFB3B5113F023A88A90BF42D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 20:13:50.0728 0x0ba0 MRxDAV - ok 20:13:50.0734 0x0ba0 [ CFDCD8CA87C2A657DEBC150AC35B5E08, 8870DCC8CF4E452E25BFE38113ADBDBC4014036B25E567FC262178DAA808049A ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 20:13:50.0840 0x0ba0 mrxsmb - ok 20:13:50.0849 0x0ba0 [ 1BEE517B220B7F024F411AEC1571DD5A, 6DC7638D056DFDE36803BCD691BF73A4AAFD59DE63C0ACD7EA860997FFA3C6E7 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 20:13:50.0900 0x0ba0 mrxsmb10 - ok 20:13:50.0906 0x0ba0 [ 6B2D5FEF385828B6E485C1C90AFB8195, A960CC0351F200FA56FAC0534C0F9D7F79AAC9CF18A4390CDCA7EA4EE22ED6B6 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 20:13:50.0948 0x0ba0 mrxsmb20 - ok 20:13:50.0951 0x0ba0 [ 5C37497276E3B3A5488B23A326A754B7, 9982FCDAFB963868EB93A4DEF811A3167488EB5246BAC3F4AE960506FDF63967 ] msahci C:\Windows\system32\DRIVERS\msahci.sys 20:13:51.0065 0x0ba0 msahci - ok 20:13:51.0071 0x0ba0 [ 8D27B597229AED79430FB9DB3BCBFBD0, 3D58E08B47E8AE419D405BF263929DFA6F2F5F0C2D79FD8D6F2CED6452F6F248 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys 20:13:51.0197 0x0ba0 msdsm - ok 20:13:51.0203 0x0ba0 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe 20:13:51.0270 0x0ba0 MSDTC - ok 20:13:51.0276 0x0ba0 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys 20:13:51.0343 0x0ba0 Msfs - ok 20:13:51.0346 0x0ba0 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 20:13:51.0368 0x0ba0 mshidkmdf - ok 20:13:51.0371 0x0ba0 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys 20:13:51.0402 0x0ba0 msisadrv - ok 20:13:51.0409 0x0ba0 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 20:13:51.0507 0x0ba0 MSiSCSI - ok 20:13:51.0510 0x0ba0 msiserver - ok 20:13:51.0514 0x0ba0 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 20:13:51.0535 0x0ba0 MSKSSRV - ok 20:13:51.0538 0x0ba0 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 20:13:51.0550 0x0ba0 MSPCLOCK - ok 20:13:51.0554 0x0ba0 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 20:13:51.0587 0x0ba0 MSPQM - ok 20:13:51.0598 0x0ba0 [ 89CB141AA8616D8C6A4610FA26C60964, 76E72F6A0348EDC58A8E6F88C7F024B8B077670400BD5A833811DAFCF9F517CC ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 20:13:51.0718 0x0ba0 MsRPC - ok 20:13:51.0724 0x0ba0 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 20:13:51.0792 0x0ba0 mssmbios - ok 20:13:51.0795 0x0ba0 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 20:13:51.0860 0x0ba0 MSTEE - ok 20:13:51.0863 0x0ba0 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 20:13:51.0893 0x0ba0 MTConfig - ok 20:13:51.0898 0x0ba0 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys 20:13:51.0921 0x0ba0 Mup - ok 20:13:51.0934 0x0ba0 [ 4987E079A4530FA737A128BE54B63B12, 27E51CC7D4D90DC4397575491DE7EFE15808709F097E2828E46AA73C771A47A4 ] napagent C:\Windows\system32\qagentRT.dll 20:13:52.0005 0x0ba0 napagent - ok 20:13:52.0016 0x0ba0 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 20:13:52.0044 0x0ba0 NativeWifiP - ok 20:13:52.0070 0x0ba0 [ CAD515DBD07D082BB317D9928CE8962C, 7AFA6D6154AC68F9FCC37B7B3324F7A170AE91035805026445F24F6EB4FB7F2E ] NDIS C:\Windows\system32\drivers\ndis.sys 20:13:52.0106 0x0ba0 NDIS - ok 20:13:52.0111 0x0ba0 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 20:13:52.0175 0x0ba0 NdisCap - ok 20:13:52.0179 0x0ba0 [ 270B10B8BD822DD4673781E0A1935DFB, 63D644B2E9AA14E0DA7660C00343C3597385EE2ACCCC61EFC3CD9A765CD35EFF ] ndisrd C:\Windows\system32\DRIVERS\ndisrd.sys 20:13:52.0269 0x0ba0 ndisrd - ok 20:13:52.0273 0x0ba0 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 20:13:52.0295 0x0ba0 NdisTapi - ok 20:13:52.0299 0x0ba0 [ F105BA1E22BF1F2EE8F005D4305E4BEC, 723DA09E13D0F50634D9F114590B837D16F7B36AA0DA2AB8F8C2D9991624EA8F ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 20:13:52.0320 0x0ba0 Ndisuio - ok 20:13:52.0326 0x0ba0 [ 557DFAB9CA1FCB036AC77564C010DAD3, 8A21B342AFE5B498FB62EDDC81A3ADA9570677B7A382666090E0ABB1F85FEF29 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 20:13:52.0413 0x0ba0 NdisWan - ok 20:13:52.0418 0x0ba0 [ 659B74FB74B86228D6338D643CD3E3CF, 83D741B7A2A204A661A80C226212749F514800060D05E217FA6DC14D62F38F80 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 20:13:52.0439 0x0ba0 NDProxy - ok 20:13:52.0443 0x0ba0 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 20:13:52.0474 0x0ba0 NetBIOS - ok 20:13:52.0482 0x0ba0 [ 9162B273A44AB9DCE5B44362731D062A, 5A1BA6DBFEBB2618DC9D4CC55FA071C170A5D22FFB24CE62DD5B3210D8B45F39 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 20:13:52.0495 0x0ba0 NetBT - ok 20:13:52.0499 0x0ba0 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] Netlogon C:\Windows\system32\lsass.exe 20:13:52.0500 0x0ba0 Netlogon - ok 20:13:52.0510 0x0ba0 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll 20:13:52.0528 0x0ba0 Netman - ok 20:13:52.0534 0x0ba0 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 20:13:52.0550 0x0ba0 NetMsmqActivator - ok 20:13:52.0556 0x0ba0 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 20:13:52.0558 0x0ba0 NetPipeActivator - ok 20:13:52.0572 0x0ba0 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll 20:13:52.0598 0x0ba0 netprofm - ok 20:13:52.0604 0x0ba0 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 20:13:52.0606 0x0ba0 NetTcpActivator - ok 20:13:52.0612 0x0ba0 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 20:13:52.0615 0x0ba0 NetTcpPortSharing - ok 20:13:52.0619 0x0ba0 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 20:13:52.0637 0x0ba0 nfrd960 - ok 20:13:52.0647 0x0ba0 [ D9A0CE66046D6EFA0C61BAA885CBA0A8, 06C3331C7F3EE0E0B95E8302CB80315E965587C4D6231785B8ACF3FAE4731FAF ] NlaSvc C:\Windows\System32\nlasvc.dll 20:13:52.0731 0x0ba0 NlaSvc - ok 20:13:52.0735 0x0ba0 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys 20:13:52.0824 0x0ba0 Npfs - ok 20:13:52.0827 0x0ba0 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll 20:13:52.0917 0x0ba0 nsi - ok 20:13:52.0921 0x0ba0 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 20:13:52.0985 0x0ba0 nsiproxy - ok 20:13:53.0025 0x0ba0 [ 356698A13C4630D5B31C37378D469196, BF5704AADE5C3DA370501747F12ED6E9C3349E342CCF89005AAE132B570BB42B ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 20:13:53.0097 0x0ba0 Ntfs - ok 20:13:53.0103 0x0ba0 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys 20:13:53.0137 0x0ba0 Null - ok 20:13:53.0143 0x0ba0 [ 3E38712941E9BB4DDBEE00AFFE3FED3D, 03F27CC0EF0A86D0B2DAAB6F72838CB2AB57FE5D40074828D5B7F118CD5CBEE7 ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys 20:13:53.0159 0x0ba0 nvraid - ok 20:13:53.0166 0x0ba0 [ 477DC4D6DEB99BE37084C9AC6D013DA1, E58C4D621CAAB1C68FB4A056576F48BC87913A5EBF0B511EFFB8F38C7D3E516E ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys 20:13:53.0178 0x0ba0 nvstor - ok 20:13:53.0184 0x0ba0 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys 20:13:53.0213 0x0ba0 nv_agp - ok 20:13:53.0217 0x0ba0 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys 20:13:53.0313 0x0ba0 ohci1394 - ok 20:13:53.0344 0x0ba0 [ 66A2C70DA35E8559982EE9D205329E1A, 0DE7971D0618ED1AD9EB42C13AA9348F5BA96EA6B3EF2BFF70D2522D748AD7E0 ] P17 C:\Windows\system32\drivers\P17.sys 20:13:53.0428 0x0ba0 P17 - ok 20:13:53.0440 0x0ba0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 20:13:53.0513 0x0ba0 p2pimsvc - ok 20:13:53.0525 0x0ba0 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll 20:13:53.0626 0x0ba0 p2psvc - ok 20:13:53.0632 0x0ba0 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys 20:13:53.0728 0x0ba0 Parport - ok 20:13:53.0733 0x0ba0 [ 7DAA117143316C4A1537E074A5A9EAF0, D4F31F67BE09B6904C1B9702DC042BC0DAB628055B956C79FF760A9027679E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys 20:13:53.0854 0x0ba0 partmgr - ok 20:13:53.0861 0x0ba0 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll 20:13:53.0976 0x0ba0 PcaSvc - ok 20:13:53.0982 0x0ba0 [ F36F6504009F2FB0DFD1B17A116AD74B, 33A4C217F7DC5E5B7E1B6CF335327C8FE6CC5D6D048D420252965574CAD83918 ] pci C:\Windows\system32\DRIVERS\pci.sys 20:13:54.0017 0x0ba0 pci - ok 20:13:54.0022 0x0ba0 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\DRIVERS\pciide.sys 20:13:54.0064 0x0ba0 pciide - ok 20:13:54.0071 0x0ba0 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 20:13:54.0195 0x0ba0 pcmcia - ok 20:13:54.0200 0x0ba0 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys 20:13:54.0302 0x0ba0 pcw - ok 20:13:54.0317 0x0ba0 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys 20:13:54.0451 0x0ba0 PEAUTH - ok 20:13:54.0486 0x0ba0 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll 20:13:54.0517 0x0ba0 PeerDistSvc - ok 20:13:54.0540 0x0ba0 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe 20:13:54.0655 0x0ba0 PerfHost - ok 20:13:54.0691 0x0ba0 [ 557E9A86F65F0DE18C9B6751DFE9D3F1, 630EE5A80335929517A22D130C75CBCE882B92978372A6F36C30B9D353C7BB07 ] pla C:\Windows\system32\pla.dll 20:13:54.0805 0x0ba0 pla - ok 20:13:54.0819 0x0ba0 [ 23157D583244400E1D7FBAEE2E4B31B7, 4E8D93F746C727CE1A89B53FEFFCFB080AC3CC8F3CF2F8613E692E989794C52F ] PlugPlay C:\Windows\system32\umpnpmgr.dll 20:13:54.0915 0x0ba0 PlugPlay - ok 20:13:54.0919 0x0ba0 PnkBstrA - ok 20:13:54.0923 0x0ba0 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 20:13:55.0011 0x0ba0 PNRPAutoReg - ok 20:13:55.0021 0x0ba0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 20:13:55.0027 0x0ba0 PNRPsvc - ok 20:13:55.0041 0x0ba0 [ 166EB40D1F5B47E615DE3D0FFFE5F243, E32BCCA0D25CD631C221986EBE9F6C54BF2F12DE1672D69CCC4E22AD07D0525A ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 20:13:55.0110 0x0ba0 PolicyAgent - ok 20:13:55.0118 0x0ba0 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll 20:13:55.0232 0x0ba0 Power - ok 20:13:55.0238 0x0ba0 [ 27CC19E81BA5E3403C48302127BDA717, C580FC552DDF9C163FC325B38B05C06FFD696495E4C01514BCD6346CFE4F0B40 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 20:13:55.0313 0x0ba0 PptpMiniport - ok 20:13:55.0321 0x0ba0 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys 20:13:55.0444 0x0ba0 Processor - ok 20:13:55.0452 0x0ba0 [ F381975E1F4346DE875CB07339CE8D3A, 867BFC2E9A08E026289794019B8DE651A8604D06DD6A9BF166C29AFC24B6D26E ] ProfSvc C:\Windows\system32\profsvc.dll 20:13:55.0510 0x0ba0 ProfSvc - ok 20:13:55.0514 0x0ba0 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] ProtectedStorage C:\Windows\system32\lsass.exe 20:13:55.0516 0x0ba0 ProtectedStorage - ok 20:13:55.0522 0x0ba0 [ EE992183BD8EAEFD9973F352E587A299, 6B28930FAA0A54FAADDAF2231553D7F5D45C7227454C6D49A86DFC9EF6BC9043 ] Psched C:\Windows\system32\DRIVERS\pacer.sys 20:13:55.0597 0x0ba0 Psched - ok 20:13:55.0633 0x0ba0 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 20:13:55.0677 0x0ba0 ql2300 - ok 20:13:55.0687 0x0ba0 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 20:13:55.0801 0x0ba0 ql40xx - ok 20:13:55.0810 0x0ba0 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll 20:13:55.0870 0x0ba0 QWAVE - ok 20:13:55.0874 0x0ba0 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 20:13:55.0984 0x0ba0 QWAVEdrv - ok 20:13:55.0988 0x0ba0 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 20:13:56.0022 0x0ba0 RasAcd - ok 20:13:56.0027 0x0ba0 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 20:13:56.0043 0x0ba0 RasAgileVpn - ok 20:13:56.0049 0x0ba0 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll 20:13:56.0068 0x0ba0 RasAuto - ok 20:13:56.0074 0x0ba0 [ 87A6E852A22991580D6D39ADC4790463, 0F757C6E5B57DFC239CE1BEC88EF16C07E7F1A40D629A9A6DF3CB6B88FB9E642 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 20:13:56.0141 0x0ba0 Rasl2tp - ok 20:13:56.0161 0x0ba0 [ 47394ED3D16D053F5906EFE5AB51CC83, FE5D1249788DB6D85C55769251B0AED738D3BBA04DF57124E03397D3C0599286 ] RasMan C:\Windows\System32\rasmans.dll 20:13:56.0178 0x0ba0 RasMan - ok 20:13:56.0183 0x0ba0 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 20:13:56.0311 0x0ba0 RasPppoe - ok 20:13:56.0316 0x0ba0 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 20:13:56.0386 0x0ba0 RasSstp - ok 20:13:56.0398 0x0ba0 [ 3BAC8142102C15D59A87757C1D41DCE5, C0C2C6887EA5A439E69221196348382ACE3E1942C9C6E0A970E153890F71724C ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 20:13:56.0491 0x0ba0 rdbss - ok 20:13:56.0496 0x0ba0 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 20:13:56.0555 0x0ba0 rdpbus - ok 20:13:56.0560 0x0ba0 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 20:13:56.0582 0x0ba0 RDPCDD - ok 20:13:56.0593 0x0ba0 [ 9706B84DBABFC4B4CA46C5A82B14DFA3, AFDC07C257BCB768861483A1842FFB647523946B16DA2812EFAE4FD3252BA303 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys 20:13:56.0633 0x0ba0 RDPDR - ok 20:13:56.0639 0x0ba0 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 20:13:56.0748 0x0ba0 RDPENCDD - ok 20:13:56.0753 0x0ba0 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 20:13:56.0806 0x0ba0 RDPREFMP - ok 20:13:56.0813 0x0ba0 [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7, 02179089E0816AD544F370A8A3557498D09981F60CC94E497DC4A5A2BBBE1E48 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 20:13:56.0929 0x0ba0 RDPWD - ok 20:13:56.0936 0x0ba0 [ 634B9A2181D98F15941236886164EC8B, 15C55F05FD3CD751F619F18E2ADF91552AE82146501CD031402277F496A5B7D8 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 20:13:56.0995 0x0ba0 rdyboost - ok 20:13:57.0000 0x0ba0 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll 20:13:57.0122 0x0ba0 RemoteAccess - ok 20:13:57.0128 0x0ba0 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll 20:13:57.0156 0x0ba0 RemoteRegistry - ok 20:13:57.0161 0x0ba0 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 20:13:57.0174 0x0ba0 RpcEptMapper - ok 20:13:57.0178 0x0ba0 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe 20:13:57.0187 0x0ba0 RpcLocator - ok 20:13:57.0202 0x0ba0 [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] RpcSs C:\Windows\system32\rpcss.dll 20:13:57.0211 0x0ba0 RpcSs - ok 20:13:57.0217 0x0ba0 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 20:13:57.0315 0x0ba0 rspndr - ok 20:13:57.0319 0x0ba0 [ 2E887E52E45BBA3C47CCD0E75FC5266F, D21ABA58222930CB75946A0FB72B4ADC96DE583D3F7D8DC13829B804EB877257 ] RTCore64 C:\Program Files (x86)\MSI Afterburner\RTCore64.sys 20:13:57.0382 0x0ba0 RTCore64 - ok 20:13:57.0400 0x0ba0 [ 3713DACCA1025B05A6343104112708D9, 77830F361775166ED2408CFF9F0DBEDFF225895DD0FAC93F3DC5FFD8DBE0ED2B ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 20:13:57.0470 0x0ba0 RTL8167 - ok 20:13:57.0476 0x0ba0 [ 7A93B6DD3BE83CC12B4AC2E94AF6288A, 8FED03733239920A8D4940B8CD32EA3B472579A192F441B4C422B9CD4D706726 ] rzdaendpt C:\Windows\system32\DRIVERS\rzdaendpt.sys 20:13:57.0603 0x0ba0 rzdaendpt - ok 20:13:57.0608 0x0ba0 [ 2EF2E63F41BEFE2ED8B11F0D32BBCD01, 60B1879A05376B2A0F4F872DF32FA2B17F9C08EB0E3B10B7D7DD9F68D775D77F ] rzp1endpt C:\Windows\system32\DRIVERS\rzp1endpt.sys 20:13:57.0665 0x0ba0 rzp1endpt - ok 20:13:57.0672 0x0ba0 [ 28556FF1ADEF121C23D343A7361A358F, CBC751CC09782982142B2B076EB49798F734BED6F35CD9A2F52B76294B435D06 ] rzudd C:\Windows\system32\DRIVERS\rzudd.sys 20:13:57.0780 0x0ba0 rzudd - ok 20:13:57.0785 0x0ba0 [ 1E5C37DA5D3B48ABA9F3BE5BA5D2D858, 8A7DF855E18BCE84690FDCBD78C9E8893682E5213605F843D4A9B48F9824FA5A ] rzvkeyboard C:\Windows\system32\DRIVERS\rzvkeyboard.sys 20:13:57.0816 0x0ba0 rzvkeyboard - ok 20:13:57.0821 0x0ba0 [ CCDA988BD30C5DB7E94B7CE04BFC1FE7, 738A1BE9B09B5C42C7041202819E6F4D8D75ED6557AC650C261B53B39CD6C270 ] rzvmouse C:\Windows\system32\DRIVERS\rzvmouse.sys 20:13:57.0956 0x0ba0 rzvmouse - ok 20:13:57.0959 0x0ba0 [ 88AF6E02AB19DF7FD07ECDF9C91E9AF6, C890DCCC875F957CAAD4655EBFF384E3C5998040CA2BA360E92C96A647D1C399 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys 20:13:58.0013 0x0ba0 s3cap - ok 20:13:58.0018 0x0ba0 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] SamSs C:\Windows\system32\lsass.exe 20:13:58.0019 0x0ba0 SamSs - ok 20:13:58.0025 0x0ba0 [ E3BBB89983DAF5622C1D50CF49F28227, 49370DC142D577D657BF5755AA9B8625C35D3DDAF1F9466B4888507FB8E6FF07 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys 20:13:58.0164 0x0ba0 sbp2port - ok 20:13:58.0172 0x0ba0 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll 20:13:58.0201 0x0ba0 SCardSvr - ok 20:13:58.0205 0x0ba0 [ C94DA20C7E3BA1DCA269BC8460D98387, E1A5629728A79233B62BA87B4354BC3A332A853CC36A60E77B34923F4BCA8A61 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 20:13:58.0245 0x0ba0 scfilter - ok 20:13:58.0271 0x0ba0 [ EC56B171F85C7E855E7B0588AC503EEA, EDBC0E52DF00D73356F4B886D6CA2397B571A9D2245FEDC347A6D52A5467EA5D ] Schedule C:\Windows\system32\schedsvc.dll 20:13:58.0401 0x0ba0 Schedule - ok 20:13:58.0408 0x0ba0 [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] SCPolicySvc C:\Windows\System32\certprop.dll 20:13:58.0410 0x0ba0 SCPolicySvc - ok 20:13:58.0417 0x0ba0 [ 765A27C3279CE11D14CB9E4F5869FCA5, B6C2EFFBA938828FEF7FE992A4C88B3154D053763C38762DCE13252FE9571FA1 ] SDRSVC C:\Windows\System32\SDRSVC.dll 20:13:58.0486 0x0ba0 SDRSVC - ok 20:13:58.0490 0x0ba0 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys 20:13:58.0586 0x0ba0 secdrv - ok 20:13:58.0590 0x0ba0 [ 463B386EBC70F98DA5DFF85F7E654346, 8E27B18B04AF587719D1DAE75A042DB998E06CAE112BD68626EF046036D2DCDC ] seclogon C:\Windows\system32\seclogon.dll 20:13:58.0638 0x0ba0 seclogon - ok 20:13:58.0643 0x0ba0 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll 20:13:58.0664 0x0ba0 SENS - ok 20:13:58.0669 0x0ba0 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll 20:13:58.0689 0x0ba0 SensrSvc - ok 20:13:58.0694 0x0ba0 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 20:13:58.0721 0x0ba0 Serenum - ok 20:13:58.0726 0x0ba0 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys 20:13:58.0811 0x0ba0 Serial - ok 20:13:58.0816 0x0ba0 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 20:13:58.0846 0x0ba0 sermouse - ok 20:13:58.0856 0x0ba0 [ C3BC61CE47FF6F4E88AB8A3B429A36AF, 6CA53AD0CB7215BAE3467EC1FD490E3A18504BD6CD4F0FABF9BD37516AB9DFE0 ] SessionEnv C:\Windows\system32\sessenv.dll 20:13:58.0925 0x0ba0 SessionEnv - ok 20:13:58.0929 0x0ba0 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys 20:13:58.0939 0x0ba0 sffdisk - ok 20:13:58.0942 0x0ba0 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys 20:13:58.0984 0x0ba0 sffp_mmc - ok 20:13:58.0988 0x0ba0 [ 5588B8C6193EB1522490C122EB94DFFA, 53AE3597D3305F2839130A2F3567F1690564B922035503EB418B9DE1586AEA43 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys 20:13:59.0024 0x0ba0 sffp_sd - ok 20:13:59.0028 0x0ba0 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 20:13:59.0065 0x0ba0 sfloppy - ok 20:13:59.0076 0x0ba0 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll 20:13:59.0111 0x0ba0 SharedAccess - ok 20:13:59.0123 0x0ba0 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF, 1C1D17301A4D37DBF906955CCABD2A3FDA47AFB24CBA978CF851123762249848 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 20:13:59.0150 0x0ba0 ShellHWDetection - ok 20:13:59.0155 0x0ba0 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 20:13:59.0287 0x0ba0 SiSRaid2 - ok 20:13:59.0293 0x0ba0 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 20:13:59.0330 0x0ba0 SiSRaid4 - ok 20:13:59.0337 0x0ba0 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys 20:13:59.0373 0x0ba0 Smb - ok 20:13:59.0381 0x0ba0 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 20:13:59.0472 0x0ba0 SNMPTRAP - ok 20:13:59.0476 0x0ba0 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys 20:13:59.0521 0x0ba0 spldr - ok 20:13:59.0537 0x0ba0 [ 89E8550C5862999FCF482EA562B0E98E, 11BC94FD879DCD22E80DB8FA73CEBD0F072917C546AD9C8B92CCFBF4E0B83056 ] Spooler C:\Windows\System32\spoolsv.exe 20:13:59.0699 0x0ba0 Spooler - ok 20:13:59.0783 0x0ba0 [ 913D843498553A1BC8F8DBAD6358E49F, F8B931FDABF669D642CBDCD2FF31E07F8A5E2D5F72E11D4A8FF219CCFB5825E9 ] sppsvc C:\Windows\system32\sppsvc.exe 20:13:59.0898 0x0ba0 sppsvc - ok 20:13:59.0911 0x0ba0 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll 20:13:59.0964 0x0ba0 sppuinotify - ok 20:13:59.0976 0x0ba0 [ EC8F67289105BF270498095F14963464, 454031C8AE06511DD13DBAA613B983516AF937590FB2B8C6ADC273D018D30858 ] srv C:\Windows\system32\DRIVERS\srv.sys 20:14:00.0042 0x0ba0 srv - ok 20:14:00.0055 0x0ba0 [ F773D2ED090B7BAA1C1A034F3CA476C8, C8DD8BE37CFEA0DB1B7FC94946381B60553848002E6170E0BEC3FEE40295DF1F ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 20:14:00.0123 0x0ba0 srv2 - ok 20:14:00.0131 0x0ba0 [ 26E84D3649019C3244622E654DFCD75B, 49BD7345AF744298698629E0D7C0C373AB2F75F542281268BCF91A6D2B278AA8 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 20:14:00.0273 0x0ba0 srvnet - ok 20:14:00.0281 0x0ba0 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 20:14:00.0317 0x0ba0 SSDPSRV - ok 20:14:00.0323 0x0ba0 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll 20:14:00.0425 0x0ba0 SstpSvc - ok 20:14:00.0440 0x0ba0 [ 792C6BB1F02C528095EC349DAAF4C880, 8BB32B0AD7048B4667ACF2D11F63E37D63DFB508AC515FFE825AECADA0F8FD7A ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe 20:14:00.0475 0x0ba0 Steam Client Service - ok 20:14:00.0480 0x0ba0 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 20:14:00.0565 0x0ba0 stexstor - ok 20:14:00.0581 0x0ba0 [ 52D0E33B681BD0F33FDC08812FEE4F7D, BBEBC0773402F6697D2F14F63E5E4FDC2180466E7FDBD306E408535B10160249 ] stisvc C:\Windows\System32\wiaservc.dll 20:14:00.0607 0x0ba0 stisvc - ok 20:14:00.0612 0x0ba0 [ FFD7A6F15B14234B5B0E5D49E7961895, 9553BDB65D021DA621BDFF1C180B9F4C6355FC748BAE854CE114D4B3EFF307B7 ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys 20:14:00.0738 0x0ba0 storflt - ok 20:14:00.0742 0x0ba0 [ 8FCCBEFC5C440B3C23454656E551B09A, 392A38D0B18B7FD08ACBE3E56ADCB235FA49BDB99F81E0820434D57332FA8FF7 ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys 20:14:00.0792 0x0ba0 storvsc - ok 20:14:00.0795 0x0ba0 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 20:14:00.0991 0x0ba0 swenum - ok 20:14:01.0005 0x0ba0 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll 20:14:01.0168 0x0ba0 swprv - ok 20:14:01.0216 0x0ba0 [ 3C1284516A62078FB68F768DE4F1A7BE, 67ECD462335EF88773E4BAEAB230A68EC92A25F8CD8F115873F669205AE6A1A9 ] SysMain C:\Windows\system32\sysmain.dll 20:14:01.0337 0x0ba0 SysMain - ok 20:14:01.0344 0x0ba0 [ 238935C3CF2854886DC7CBB2A0E2CC66, BBF7A70BF218A544CC1A6FB81F75EAD29D418794162936BE197D6D61FE0DB1C4 ] TabletInputService C:\Windows\System32\TabSvc.dll 20:14:01.0481 0x0ba0 TabletInputService - ok 20:14:01.0491 0x0ba0 [ 884264AC597B690C5707C89723BB8E7B, 9BF209A4128019421F7EC4AFF71103C5F411DB6CFB32AAC1633E789AD7A30708 ] TapiSrv C:\Windows\System32\tapisrv.dll 20:14:01.0607 0x0ba0 TapiSrv - ok 20:14:01.0612 0x0ba0 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll 20:14:01.0700 0x0ba0 TBS - ok 20:14:01.0742 0x0ba0 [ 912107716BAB424C7870E8E6AF5E07E1, BE6B1C9468B882347A908A753DC7185C3371A78E81DEE5BEC3DD6E2B81FD4FB9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 20:14:01.0865 0x0ba0 Tcpip - ok 20:14:01.0911 0x0ba0 [ 912107716BAB424C7870E8E6AF5E07E1, BE6B1C9468B882347A908A753DC7185C3371A78E81DEE5BEC3DD6E2B81FD4FB9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 20:14:01.0941 0x0ba0 TCPIP6 - ok 20:14:01.0952 0x0ba0 [ 76D078AF6F587B162D50210F761EB9ED, 3813171036B4036306CADC29F877ADAE44B241DDF65B3699C352B7CDA9EC68C9 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 20:14:02.0083 0x0ba0 tcpipreg - ok 20:14:02.0090 0x0ba0 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 20:14:02.0257 0x0ba0 TDPIPE - ok 20:14:02.0261 0x0ba0 [ E4245BDA3190A582D55ED09E137401A9, F59C983882997D68CC7B1B2080AEE9EBE2AE90D478F877559BD2AAA97158A116 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 20:14:02.0303 0x0ba0 TDTCP - ok 20:14:02.0308 0x0ba0 [ 079125C4B17B01FCAEEBCE0BCB290C0F, B2DF1F2317EF5DCF0A89327332E9F2770ED604005B3138C095FF01AA63B91437 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 20:14:02.0416 0x0ba0 tdx - ok 20:14:02.0420 0x0ba0 [ C448651339196C0E869A355171875522, C12441CF21D7D47804952B968689D78E3BA0323A90C4C811B54A6B2E6260BAD4 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 20:14:02.0447 0x0ba0 TermDD - ok 20:14:02.0466 0x0ba0 [ 0F05EC2887BFE197AD82A13287D2F404, 78C8A8FE9B1101430CA79875DA34413C35B6D7A5EE1932E454C50731335437A6 ] TermService C:\Windows\System32\termsrv.dll 20:14:02.0501 0x0ba0 TermService - ok 20:14:02.0507 0x0ba0 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll 20:14:02.0518 0x0ba0 Themes - ok 20:14:02.0522 0x0ba0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll 20:14:02.0525 0x0ba0 THREADORDER - ok 20:14:02.0531 0x0ba0 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll 20:14:02.0558 0x0ba0 TrkWks - ok 20:14:02.0565 0x0ba0 [ 840F7FB849F5887A49BA18C13B2DA920, A59C40A090E03C0136A865FC54508BA938E7B467C8198BC009FE263E6C275781 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 20:14:02.0602 0x0ba0 TrustedInstaller - ok 20:14:02.0608 0x0ba0 [ 61B96C26131E37B24E93327A0BD1FB95, 7C551B6FD0447258BC3FDED72D8D41A0E8B731562170C264295592D45F85D9FF ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 20:14:02.0802 0x0ba0 tssecsrv - ok 20:14:02.0809 0x0ba0 [ 3836171A2CDF3AF8EF10856DB9835A70, 74CD0A21B4E5B47E8D762CC28282CA8D512D424EC591D90099B9F8D034AA2FC2 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 20:14:03.0009 0x0ba0 tunnel - ok 20:14:03.0013 0x0ba0 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 20:14:03.0058 0x0ba0 uagp35 - ok 20:14:03.0068 0x0ba0 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB, DBAEA010F11A5EFD961B1841308EA3F220A9FFB01F364BA9B8F72200DA2BBCD8 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 20:14:03.0208 0x0ba0 udfs - ok 20:14:03.0216 0x0ba0 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe 20:14:03.0335 0x0ba0 UI0Detect - ok 20:14:03.0340 0x0ba0 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys 20:14:03.0397 0x0ba0 uliagpkx - ok 20:14:03.0402 0x0ba0 [ EAB6C35E62B1B0DB0D1B48B671D3A117, E65034BF757AE4D21F69D7A91A7990E326A29A0CE9F871FD704B5E6CCC821FF0 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 20:14:03.0585 0x0ba0 umbus - ok 20:14:03.0589 0x0ba0 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 20:14:03.0681 0x0ba0 UmPass - ok 20:14:03.0689 0x0ba0 [ AF0AC98EE5077EB844413EB54287FDE3, 1586326510DE94E2735EFAD94A68D06DB5B7347B68055A9EA8B95E19D91A2E69 ] UmRdpService C:\Windows\System32\umrdp.dll 20:14:03.0803 0x0ba0 UmRdpService - ok 20:14:03.0814 0x0ba0 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll 20:14:03.0826 0x0ba0 upnphost - ok 20:14:03.0832 0x0ba0 [ B26AFB54A534D634523C4FB66765B026, A219C9AE32D040BEA4DD69C2C826B1C52BACE26BEBFEE799BD56DFD442C5E0D8 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 20:14:03.0855 0x0ba0 usbccgp - ok 20:14:03.0861 0x0ba0 [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
-
Kaspersky TDSSkiller log: 20:13:21.0521 0x143c TDSS rootkit removing tool 3.0.0.11 Sep 30 2013 09:17:03 20:13:22.0393 0x143c ============================================================ 20:13:22.0393 0x143c Current date / time: 2013/10/07 20:13:22.0393 20:13:22.0393 0x143c SystemInfo: 20:13:22.0394 0x143c 20:13:22.0394 0x143c OS Version: 6.1.7600 ServicePack: 0.0 20:13:22.0394 0x143c Product type: Workstation 20:13:22.0394 0x143c ComputerName: SAM-PC 20:13:22.0394 0x143c UserName: Sam 20:13:22.0394 0x143c Windows directory: C:\Windows 20:13:22.0394 0x143c System windows directory: C:\Windows 20:13:22.0394 0x143c Running under WOW64 20:13:22.0394 0x143c Processor architecture: Intel x64 20:13:22.0394 0x143c Number of processors: 8 20:13:22.0394 0x143c Page size: 0x1000 20:13:22.0394 0x143c Boot type: Normal boot 20:13:22.0394 0x143c ============================================================ 20:13:23.0571 0x143c System UUID: {E4EA4B4A-5C52-C296-882F-6A69E18BAD2E} 20:13:24.0661 0x143c Drive \Device\Harddisk0\DR0 - Size: 0xDF99E6000 (55.90 Gb), SectorSize: 0x200, Cylinders: 0x1C81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 20:13:24.0681 0x143c Drive \Device\Harddisk1\DR1 - Size: 0x1D1C100DE00 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 20:13:24.0682 0x143c Drive \Device\Harddisk2\DR2 - Size: 0x4A85C4DE00 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 20:13:24.0695 0x143c Drive \Device\Harddisk3\DR3 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 20:13:24.0740 0x143c Drive \Device\Harddisk4\DR4 - Size: 0x3A38A25E00 (232.88 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 20:13:24.0785 0x143c Drive \Device\Harddisk5\DR5 - Size: 0xEE400000 (3.72 Gb), SectorSize: 0x200, Cylinders: 0x1E5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 20:13:24.0789 0x143c ============================================================ 20:13:24.0789 0x143c \Device\Harddisk0\DR0: 20:13:24.0791 0x143c MBR partitions: 20:13:24.0791 0x143c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 20:13:24.0791 0x143c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x6F99000 20:13:24.0791 0x143c \Device\Harddisk1\DR1: 20:13:24.0791 0x143c MBR partitions: 20:13:24.0791 0x143c \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800 20:13:24.0791 0x143c \Device\Harddisk2\DR2: 20:13:24.0791 0x143c MBR partitions: 20:13:24.0791 0x143c \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2542D000 20:13:24.0791 0x143c \Device\Harddisk3\DR3: 20:13:24.0791 0x143c MBR partitions: 20:13:24.0791 0x143c \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800 20:13:24.0791 0x143c \Device\Harddisk4\DR4: 20:13:24.0820 0x143c MBR partitions: 20:13:24.0820 0x143c \Device\Harddisk4\DR4\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1C4800 20:13:24.0820 0x143c \Device\Harddisk5\DR5: 20:13:24.0822 0x143c MBR partitions: 20:13:24.0822 0x143c \Device\Harddisk5\DR5\Partition1: MBR, Type 0x7, StartLBA 0x80, BlocksNum 0x771F80 20:13:24.0822 0x143c ============================================================ 20:13:24.0823 0x143c C: <-> \Device\Harddisk0\DR0\Partition2 20:13:24.0827 0x143c D: <-> \Device\Harddisk1\DR1\Partition1 20:13:25.0006 0x143c E: <-> \Device\Harddisk4\DR4\Partition1 20:13:25.0048 0x143c F: <-> \Device\Harddisk3\DR3\Partition1 20:13:25.0051 0x143c G: <-> \Device\Harddisk2\DR2\Partition1 20:13:25.0051 0x143c ============================================================ 20:13:25.0051 0x143c Initialize success 20:13:25.0051 0x143c ============================================================ 20:13:30.0077 0x0ba0 ============================================================ 20:13:30.0077 0x0ba0 Scan started 20:13:30.0077 0x0ba0 Mode: Manual; 20:13:30.0077 0x0ba0 ============================================================ 20:13:30.0077 0x0ba0 KSN ping started 20:13:33.0521 0x0ba0 KSN ping finished: true 20:13:34.0405 0x0ba0 ================ Scan system memory ======================== 20:13:34.0405 0x0ba0 System memory - ok 20:13:34.0405 0x0ba0 ================ Scan services ============================= 20:13:34.0443 0x0ba0 [ 1B00662092F9F9568B995902F0CC40D5, D345014CF146FA57B2682C189D5E7F27D4C78F321F2723D912D623E777C2BB70 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys 20:13:34.0481 0x0ba0 1394ohci - ok 20:13:34.0496 0x0ba0 [ 6F11E88748CDEFD2F76AA215F97DDFE5, BD0B3561EDCDE5EFD89372793CFD09DF879709BF469542F4A049705CBA9FD060 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys 20:13:34.0526 0x0ba0 ACPI - ok 20:13:34.0530 0x0ba0 [ 63B05A0420CE4BF0E4AF6DCC7CADA254, 56BCC219D6B886FD42B7D335B4A7BBA3C9BC148220CBD99F8583FB505DAE63BF ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys 20:13:34.0570 0x0ba0 AcpiPmi - ok 20:13:34.0575 0x0ba0 [ 62B7936F9036DD6ED36E6A7EFA805DC0, C58EA1B46CB3595386C9217A7785F2A436916FB1E0BDC0E4BE484292C55AA455 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 20:13:34.0591 0x0ba0 AdobeARMservice - ok 20:13:34.0617 0x0ba0 [ 3109B16A0939BA11696EEB04F345D099, 8863EFE3631F0F4D8F6BAE804DBB01564FF2969D53393B2887F682427C289B25 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 20:13:34.0647 0x0ba0 AdobeFlashPlayerUpdateSvc - ok 20:13:34.0660 0x0ba0 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys 20:13:34.0722 0x0ba0 adp94xx - ok 20:13:34.0732 0x0ba0 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys 20:13:34.0852 0x0ba0 adpahci - ok 20:13:34.0859 0x0ba0 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys 20:13:34.0993 0x0ba0 adpu320 - ok 20:13:34.0999 0x0ba0 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 20:13:35.0001 0x0ba0 AeLookupSvc - ok 20:13:35.0014 0x0ba0 [ B9384E03479D2506BC924C16A3DB87BC, AB5FD2BC1F005E7D664F5DE3D5CB54499024A83B716DD52C56582DB7EFB4F01B ] AFD C:\Windows\system32\drivers\afd.sys 20:13:35.0126 0x0ba0 AFD - ok 20:13:35.0132 0x0ba0 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\DRIVERS\agp440.sys 20:13:35.0211 0x0ba0 agp440 - ok 20:13:35.0216 0x0ba0 [ 4BFB41025FA1C37205EDEEFDE36F7771, EA171520C0C8DAFA3D656EC4815393F77096C1E22EC9F39756B52D1565483102 ] AiChargerPlus C:\Windows\syswow64\drivers\AiChargerPlus.sys 20:13:35.0304 0x0ba0 AiChargerPlus - ok 20:13:35.0309 0x0ba0 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe 20:13:35.0358 0x0ba0 ALG - ok 20:13:35.0361 0x0ba0 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\DRIVERS\aliide.sys 20:13:35.0444 0x0ba0 aliide - ok 20:13:35.0453 0x0ba0 [ 13AE8D986A8D61FBAFAF5CD3F8B3B89C, 2FE02A9E974EAC0D7E7E4E454A56EAA2CFE9B6E78CA97716F5BB725AAF5E5594 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe 20:13:35.0605 0x0ba0 AMD External Events Utility - ok 20:13:35.0608 0x0ba0 AMD FUEL Service - ok 20:13:35.0611 0x0ba0 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\DRIVERS\amdide.sys 20:13:35.0641 0x0ba0 amdide - ok 20:13:35.0645 0x0ba0 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 20:13:35.0756 0x0ba0 AmdK8 - ok 20:13:36.0030 0x0ba0 [ 1BF58E56CA271FEF678DC3A9996FAB0A, E4D93759E5D1022AF2A85DEDED79A1EAAE40403F671DE0307BB7F060813EE88D ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys 20:13:36.0463 0x0ba0 amdkmdag - ok 20:13:36.0502 0x0ba0 [ 4DD3339D3818356145A4945C1B4CB4C5, 46DA51ACC72CEFAA7F5C8B9626FC6BA916D139BBC1D6B0C7B7E24822D5B4A02F ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys 20:13:36.0703 0x0ba0 amdkmdap - ok 20:13:36.0709 0x0ba0 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 20:13:36.0729 0x0ba0 AmdPPM - ok 20:13:36.0734 0x0ba0 [ 7A4B413614C055935567CF88A9734D38, A3BB7CDF3EE0EEF67F89263E81145E73C7142EF5F0AF265375C2ECCE74F932C4 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys 20:13:36.0838 0x0ba0 amdsata - ok 20:13:36.0846 0x0ba0 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys 20:13:36.0960 0x0ba0 amdsbs - ok 20:13:36.0964 0x0ba0 [ B4AD0CACBAB298671DD6F6EF7E20679D, FB566C892D0A3DC0A523AE20F35011996958D670937DD5C1A1FCCD36AAC714D7 ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys 20:13:37.0008 0x0ba0 amdxata - ok 20:13:37.0013 0x0ba0 [ EE4797DFEBBE8ACDB548DD8E80BE0A88, 9D56F835A5A9C045829EDFB546379E3448C9E539E5C2608B559DE4D052FEC769 ] amd_sata C:\Windows\system32\DRIVERS\amd_sata.sys 20:13:37.0014 0x0ba0 amd_sata - ok 20:13:37.0018 0x0ba0 [ D56EAD71A86FD2ACAE2DB47D0A6A3A41, 2E5E6D0E00D25765CC8B9997B26DE43F305966BFA518CB72EA7CA77152001726 ] amd_xata C:\Windows\system32\DRIVERS\amd_xata.sys 20:13:37.0067 0x0ba0 amd_xata - ok 20:13:37.0071 0x0ba0 [ F2154A205F4B784B61A72AEBC72BDC5F, A1D962BCF952FAD8016D9210327E7C1044BF4D3D035C7443F8671DDA16E0A390 ] AODDriver4.2 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys 20:13:37.0094 0x0ba0 AODDriver4.2 - ok 20:13:37.0098 0x0ba0 [ 42FD751B27FA0E9C69BB39F39E409594, DE349CAA570957868CA1CB0BE0FAF551CD4D44FD53EBC4391B9C1C7B9CF295D2 ] AppID C:\Windows\system32\drivers\appid.sys 20:13:37.0225 0x0ba0 AppID - ok 20:13:37.0229 0x0ba0 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll 20:13:37.0276 0x0ba0 AppIDSvc - ok 20:13:37.0280 0x0ba0 [ D065BE66822847B7F127D1F90158376E, 20F911F390FF23C2C42361A449C4344DB59F1DC21EDD1E7EBC4E80914DEF7824 ] Appinfo C:\Windows\System32\appinfo.dll 20:13:37.0307 0x0ba0 Appinfo - ok 20:13:37.0314 0x0ba0 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll 20:13:37.0330 0x0ba0 AppMgmt - ok 20:13:37.0334 0x0ba0 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys 20:13:37.0364 0x0ba0 arc - ok 20:13:37.0369 0x0ba0 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 20:13:37.0406 0x0ba0 arcsas - ok 20:13:37.0428 0x0ba0 [ 31E2470E61D5A390405BA41C279D8446, ADA2518DCB78529F716622E45775283CBBB8CA61A4E90B99C2D799C23C8AFCAA ] asComSvc C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe 20:13:37.0460 0x0ba0 asComSvc - ok 20:13:37.0483 0x0ba0 [ 0466B91EE5767A769E9F8EDB8EF94DDB, 04A529E57D6F617688B072B3BD281538B6B02BB985EE0AE2E355E685E52BE0C8 ] asHmComSvc C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe 20:13:37.0501 0x0ba0 asHmComSvc - ok 20:13:37.0506 0x0ba0 [ 798DE15F187C1F013095BBBEB6FB6197, 436CCAB6F62FA2D29827916E054ADE7ACAE485B3DE1D3E5C6C62D3DEBF1480E7 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys 20:13:37.0531 0x0ba0 AsIO - ok 20:13:37.0538 0x0ba0 [ 22842362DF890F5492F85AA60916A697, EC01380B1C9BF4CFBA018FC314563F0785280172A2A9B51D50F088E7101951EF ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys 20:13:37.0564 0x0ba0 asmthub3 - ok 20:13:37.0576 0x0ba0 [ 08E2D77766CC05E75A0707207D9FC684, 6CF3B12B2B3375B715A3EBC66EF148CEA2248D448A3A37875B7B1BC7CDA40FDD ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys 20:13:37.0634 0x0ba0 asmtxhci - ok 20:13:37.0645 0x0ba0 [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 20:13:37.0710 0x0ba0 aspnet_state - ok 20:13:37.0716 0x0ba0 [ AD8947D621FDCA48F1F39F4624B60AA1, D685CD1A378FA411EA11C18615A1EC5D66CEC2F990DB0D4181EE3140B9DF3E8B ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe 20:13:37.0736 0x0ba0 AsSysCtrlService - ok 20:13:37.0740 0x0ba0 [ 1392B92179B07B672720763D9B1028A5, B4D47EA790920A4531E3DF5A4B4B0721B7FEA6B49A35679F0652F1E590422602 ] AsUpIO C:\Windows\syswow64\drivers\AsUpIO.sys 20:13:37.0768 0x0ba0 AsUpIO - ok 20:13:37.0779 0x0ba0 [ 96760A3494B1F95A25A83A3A3FFA6436, 4B0A6712233DACB7CBE6D929909147A2296BA96096EE73346827016E31DC215B ] AsusFanControlService C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.19\AsusFanControlService.exe 20:13:37.0901 0x0ba0 AsusFanControlService - ok 20:13:37.0906 0x0ba0 [ A5E4CDB420540095D1293C874B5F89AA, EBC082FF94872537649F00D91AF22E0AFB4D538ACDB4731C9A95D209C7B144FD ] ASUSFILTER C:\Windows\syswow64\drivers\ASUSFILTER.sys 20:13:37.0991 0x0ba0 ASUSFILTER - ok 20:13:37.0995 0x0ba0 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 20:13:38.0103 0x0ba0 AsyncMac - ok 20:13:38.0106 0x0ba0 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\DRIVERS\atapi.sys 20:13:38.0107 0x0ba0 atapi - ok 20:13:38.0113 0x0ba0 [ 37CB595C0AB20ECBFA5170D3185690DB, 23CA3DC63C35649021AAFF0721BA8A7DF546B5CD1530A35AAAC3E742A787A7D2 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys 20:13:38.0201 0x0ba0 AtiHDAudioService - ok 20:13:38.0219 0x0ba0 [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 20:13:38.0241 0x0ba0 AudioEndpointBuilder - ok 20:13:38.0258 0x0ba0 [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioSrv C:\Windows\System32\Audiosrv.dll 20:13:38.0268 0x0ba0 AudioSrv - ok 20:13:38.0274 0x0ba0 [ B20B5FA5CA050E9926E4D1DB81501B32, 91B9038349BA07E32DE809E6798167EE44087809EB1174B84EC16580040F1BE0 ] AxInstSV C:\Windows\System32\AxInstSV.dll 20:13:38.0337 0x0ba0 AxInstSV - ok 20:13:38.0350 0x0ba0 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys 20:13:38.0525 0x0ba0 b06bdrv - ok 20:13:38.0535 0x0ba0 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 20:13:38.0562 0x0ba0 b57nd60a - ok 20:13:38.0570 0x0ba0 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll 20:13:38.0599 0x0ba0 BDESVC - ok 20:13:38.0602 0x0ba0 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys 20:13:38.0659 0x0ba0 Beep - ok 20:13:38.0678 0x0ba0 [ 4992C609A6315671463E30F6512BC022, 3020034556EAC25CD90F41D3BFFDD0BB2C3D1C5BAC4359F4B71B84A9FC404495 ] BFE C:\Windows\System32\bfe.dll 20:13:38.0844 0x0ba0 BFE - ok 20:13:38.0866 0x0ba0 [ 7F0C323FE3DA28AA4AA1BDA3F575707F, 7FF09CBC16A9E5F357A76FF79A3F0DD047957D474031F51A6BB4916C7911F005 ] BITS C:\Windows\System32\qmgr.dll 20:13:38.0936 0x0ba0 BITS - ok 20:13:38.0941 0x0ba0 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 20:13:38.0963 0x0ba0 blbdrive - ok 20:13:38.0968 0x0ba0 [ 91CE0D3DC57DD377E690A2D324022B08, 61874463956C0BCA5139522F34E974E5F638A092E0FD5C59DD30DE61D9AB8B0E ] bowser C:\Windows\system32\DRIVERS\bowser.sys 20:13:39.0139 0x0ba0 bowser - ok 20:13:39.0155 0x0ba0 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 20:13:39.0212 0x0ba0 BrFiltLo - ok 20:13:39.0215 0x0ba0 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 20:13:39.0339 0x0ba0 BrFiltUp - ok 20:13:39.0345 0x0ba0 [ 94FBC06F294D58D02361918418F996E3, 62C7CC2AF8F5A0BB0C262DACDE3F72C6AC318C3840CE60E46EE2064B32BDA5EF ] Browser C:\Windows\System32\browser.dll 20:13:39.0382 0x0ba0 Browser - ok 20:13:39.0392 0x0ba0 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys 20:13:39.0496 0x0ba0 Brserid - ok 20:13:39.0501 0x0ba0 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 20:13:39.0533 0x0ba0 BrSerWdm - ok 20:13:39.0536 0x0ba0 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 20:13:39.0665 0x0ba0 BrUsbMdm - ok 20:13:39.0669 0x0ba0 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 20:13:39.0799 0x0ba0 BrUsbSer - ok 20:13:39.0803 0x0ba0 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 20:13:39.0873 0x0ba0 BTHMODEM - ok 20:13:39.0879 0x0ba0 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll 20:13:39.0944 0x0ba0 bthserv - ok 20:13:39.0949 0x0ba0 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 20:13:40.0064 0x0ba0 cdfs - ok 20:13:40.0070 0x0ba0 [ 83D2D75E1EFB81B3450C18131443F7DB, F2C686C980D818E797818E75B808E1E0B51B2045840A4BFC32D860B7DB4DFA22 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 20:13:40.0113 0x0ba0 cdrom - ok 20:13:40.0118 0x0ba0 [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] CertPropSvc C:\Windows\System32\certprop.dll 20:13:40.0126 0x0ba0 CertPropSvc - ok 20:13:40.0130 0x0ba0 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys 20:13:40.0183 0x0ba0 circlass - ok 20:13:40.0193 0x0ba0 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys 20:13:40.0225 0x0ba0 CLFS - ok 20:13:40.0231 0x0ba0 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 20:13:40.0355 0x0ba0 clr_optimization_v2.0.50727_32 - ok 20:13:40.0361 0x0ba0 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 20:13:40.0406 0x0ba0 clr_optimization_v2.0.50727_64 - ok 20:13:40.0427 0x0ba0 [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 20:13:40.0459 0x0ba0 clr_optimization_v4.0.30319_32 - ok 20:13:40.0464 0x0ba0 [ 86329C35FF23CFEF0FB6C0023BA06BCE, D915CE7AD564F97A1C3B047D5248B7EF67ADDC59687FBC90F1776C21DAA0D3FD ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 20:13:40.0591 0x0ba0 clr_optimization_v4.0.30319_64 - ok 20:13:40.0595 0x0ba0 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 20:13:40.0649 0x0ba0 CmBatt - ok 20:13:40.0652 0x0ba0 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys 20:13:40.0691 0x0ba0 cmdide - ok 20:13:40.0704 0x0ba0 [ F95FD4CB7DA00BA2A63CE9F6B5C053E1, D1FBCA0416D38B9CA510FB01CF251E60B244D38080E6668948ED927D2350ED49 ] CNG C:\Windows\system32\Drivers\cng.sys 20:13:40.0824 0x0ba0 CNG - ok 20:13:40.0829 0x0ba0 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 20:13:40.0943 0x0ba0 Compbatt - ok 20:13:40.0947 0x0ba0 [ F26B3A86F6FA87CA360B879581AB4123, 723904362614FE47F6CC0EA0656BA1B47EA32D73BAFB61688A5E5CAE4340B1BF ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys 20:13:41.0024 0x0ba0 CompositeBus - ok 20:13:41.0027 0x0ba0 COMSysApp - ok 20:13:41.0034 0x0ba0 cpuz129 - ok 20:13:41.0036 0x0ba0 cpuz136 - ok 20:13:41.0040 0x0ba0 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 20:13:41.0159 0x0ba0 crcdisk - ok 20:13:41.0164 0x0ba0 [ C0EAD9F8AB83D41FF07303C75589C2B8, C89CAC39BCD2FA2DCC56D7EE84FF66127BCECCAE400E119FE41BF4C4D769504B ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe 20:13:41.0277 0x0ba0 Creative Audio Engine Licensing Service - ok 20:13:41.0285 0x0ba0 [ 8C57411B66282C01533CB776F98AD384, 65BCF1B0BA521CBE39E974C7ACAEA9C9E3F89D86754275C6B2616E7691876AEE ] CryptSvc C:\Windows\system32\cryptsvc.dll 20:13:41.0386 0x0ba0 CryptSvc - ok 20:13:41.0400 0x0ba0 [ 4A6173C2279B498CD8F57CAE504564CB, FF3CD404FD91EDE38C21780362CE892BFBBC2526B146BEBD139C7413EB29A216 ] CSC C:\Windows\system32\drivers\csc.sys 20:13:41.0484 0x0ba0 CSC - ok 20:13:41.0502 0x0ba0 [ 873FBF927C06E5CEE04DEC617502F8FD, 8B452ED5D003337E66634EEC3D5C9FBA4D05FF5AE776239F3B769FAA505E729C ] CscService C:\Windows\System32\cscsvc.dll 20:13:41.0515 0x0ba0 CscService - ok 20:13:41.0525 0x0ba0 [ 69CDBA2B9C397E349A04FA70DD9170A2, 7879E58CB221063EF17A8A7677E81B47BFD600C3FC3353378690E4A2131327ED ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe 20:13:41.0661 0x0ba0 CTAudSvcService - ok 20:13:41.0677 0x0ba0 [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] DcomLaunch C:\Windows\system32\rpcss.dll 20:13:41.0689 0x0ba0 DcomLaunch - ok 20:13:41.0699 0x0ba0 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll 20:13:41.0828 0x0ba0 defragsvc - ok 20:13:41.0845 0x0ba0 [ 3F1DC527070ACB87E40AFE46EF6DA749, 5CB9CB94854AF06BEA02AF3E0562B8ECF72B2B23ED657A3F5E17CD3552F3EF84 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 20:13:42.0005 0x0ba0 DfsC - ok 20:13:42.0015 0x0ba0 [ CE3B9562D997F69B330D181A8875960F, 6FEE6622859198C5C13545867EF7CFE8EDC991360E976F792313DAA9C82CC5C8 ] Dhcp C:\Windows\system32\dhcpcore.dll 20:13:42.0122 0x0ba0 Dhcp - ok 20:13:42.0126 0x0ba0 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys 20:13:42.0218 0x0ba0 discache - ok 20:13:42.0223 0x0ba0 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys 20:13:42.0240 0x0ba0 Disk - ok 20:13:42.0248 0x0ba0 [ 676108C4E3AA6F6B34633748BD0BEBD9, 953286126E482EF3A9A1833680EFF86D657BD6C5411B9AEC2D7828ADE63D25AD ] Dnscache C:\Windows\System32\dnsrslvr.dll 20:13:42.0266 0x0ba0 Dnscache - ok 20:13:42.0275 0x0ba0 [ 14452ACDB09B70964C8C21BF80A13ACB, DA0AAAC04626EFF4256D7095FF1DDA1F1B17676E26990C418BDF5090476F2AB4 ] dot3svc C:\Windows\System32\dot3svc.dll 20:13:42.0284 0x0ba0 dot3svc - ok 20:13:42.0290 0x0ba0 [ 8C2BA6BEA949EE6E68385F5692BAFB94, 1047F473DCE0FB56BEA5C1B7929752C1FBAB5983C8202ABB4EEA48FCD60A353A ] DPS C:\Windows\system32\dps.dll 20:13:42.0294 0x0ba0 DPS - ok 20:13:42.0297 0x0ba0 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 20:13:42.0328 0x0ba0 drmkaud - ok 20:13:42.0336 0x0ba0 [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys 20:13:42.0361 0x0ba0 dtsoftbus01 - ok 20:13:42.0385 0x0ba0 [ 7CB7D2B73813CE05C7BC0F5F95D27CEC, F80AD7E946B8C8C27A0EB8A99B3A61C3F09E5442372D64EB4886D86B8D0AFCFD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 20:13:42.0487 0x0ba0 DXGKrnl - ok 20:13:42.0495 0x0ba0 [ 55E3DE49EEC3640E8E174021591B171A, 23F7AE8ECC9E835B6B64918C979B42060E333E65FB798927E2F4C05FC7BCFC82 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys 20:13:42.0548 0x0ba0 eamonm - ok 20:13:42.0554 0x0ba0 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll 20:13:42.0645 0x0ba0 EapHost - ok 20:13:42.0716 0x0ba0 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys 20:13:42.0891 0x0ba0 ebdrv - ok 20:13:42.0903 0x0ba0 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] EFS C:\Windows\System32\lsass.exe 20:13:42.0967 0x0ba0 EFS - ok 20:13:42.0974 0x0ba0 [ 31BF254A77400BAEFFBC420DB348A6B5, 1079F3055A8810C1B242D23E138FD535BFA45A2289455B27FA6A7652E0342202 ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys 20:13:43.0067 0x0ba0 ehdrv - ok 20:13:43.0084 0x0ba0 [ B91D81B3B54A54CCAFC03733DBC2E29E, B08CFD3136F678CF902722B32CA55C4983EEE5AEBDCEE036BEB746914742141C ] ehRecvr C:\Windows\ehome\ehRecvr.exe 20:13:43.0112 0x0ba0 ehRecvr - ok 20:13:43.0118 0x0ba0 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe 20:13:43.0161 0x0ba0 ehSched - ok 20:13:43.0166 0x0ba0 [ 53CE26C6585CD9AE03667707B9F39EC9, 8FE0ACA07DF08867C73C9A744FFB646A954319C95FB92D57CA39EE579734B4B0 ] EhttpSrv C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe 20:13:43.0262 0x0ba0 EhttpSrv - ok 20:13:43.0282 0x0ba0 [ 7F69964274272C4DF172AD2D79014732, 5899A5C05FFF920239F2AC99FDB07D8EBC6899DABD9D80ACD1CEA3AAC43FA204 ] ekrn C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe 20:13:43.0413 0x0ba0 ekrn - ok 20:13:43.0428 0x0ba0 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 20:13:43.0471 0x0ba0 elxstor - ok 20:13:43.0479 0x0ba0 [ 05236C081A3ED3D250A8BFCB92283254, F327B77CA358CC3B4DD5F83A2CE86B59D8CA4DBD2C644FA103756C5D56BD90A2 ] epfw C:\Windows\system32\DRIVERS\epfw.sys 20:13:43.0587 0x0ba0 epfw - ok 20:13:43.0591 0x0ba0 [ 7283BE70B137A5011E1D5278711D3D85, 4D1A9B0A0F83B75B7F767908D503234AFE9AD123D7C4C3202704A51CB54EE250 ] Epfwndis C:\Windows\system32\DRIVERS\Epfwndis.sys 20:13:43.0631 0x0ba0 Epfwndis - ok 20:13:43.0635 0x0ba0 [ D9E2B09661D3B07DFE2275BF66EB89E4, 47CECDFB136E5E54B6D7512372321442E800AD60485184B66CE7D267FB5BD621 ] epfwwfp C:\Windows\system32\DRIVERS\epfwwfp.sys 20:13:43.0734 0x0ba0 epfwwfp - ok 20:13:43.0738 0x0ba0 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys 20:13:43.0772 0x0ba0 ErrDev - ok 20:13:43.0786 0x0ba0 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll 20:13:44.0185 0x0ba0 EventSystem - ok 20:13:44.0194 0x0ba0 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys 20:13:44.0239 0x0ba0 exfat - ok 20:13:44.0246 0x0ba0 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys 20:13:44.0283 0x0ba0 fastfat - ok 20:13:44.0300 0x0ba0 [ D607B2F1BEE3992AA6C2C92C0A2F0855, E22301C8F01DBF0A38A85165959BB070647C996CB1BCD50FDFE3DDDCA427DF2A ] Fax C:\Windows\system32\fxssvc.exe 20:13:44.0317 0x0ba0 Fax - ok 20:13:44.0321 0x0ba0 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys 20:13:44.0378 0x0ba0 fdc - ok 20:13:44.0382 0x0ba0 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll 20:13:44.0410 0x0ba0 fdPHost - ok 20:13:44.0414 0x0ba0 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll 20:13:44.0434 0x0ba0 FDResPub - ok 20:13:44.0439 0x0ba0 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 20:13:44.0467 0x0ba0 FileInfo - ok 20:13:44.0471 0x0ba0 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 20:13:44.0500 0x0ba0 Filetrace - ok 20:13:44.0503 0x0ba0 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 20:13:44.0527 0x0ba0 flpydisk - ok 20:13:44.0536 0x0ba0 [ F7866AF72ABBAF84B1FA5AA195378C59, 9D522044FE9C18FB3EC327E675737C01F2A8231DDE900421D3A431596946A7F8 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 20:13:44.0659 0x0ba0 FltMgr - ok 20:13:44.0688 0x0ba0 [ 8AC4CB4EA61E41009FAE9AE7B2B5DA3A, 6587B22ED91F98D3E3614967F62D7A58F42C12F45F8E1D47835D195CD350BC54 ] FontCache C:\Windows\system32\FntCache.dll 20:13:44.0760 0x0ba0 FontCache - ok 20:13:44.0766 0x0ba0 [ 8D89E3131C27FDD6932189CB785E1B7A, AC7DA4C5E6D2E41D1A1DE146E46F034FAF0FB11AD801F070F2D5CD08166E9EB7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 20:13:44.0774 0x0ba0 FontCache3.0.0.0 - ok 20:13:44.0777 0x0ba0 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 20:13:44.0787 0x0ba0 FsDepends - ok 20:13:44.0790 0x0ba0 [ E95EF8547DE20CF0603557C0CF7A9462, 55540B06B7B380CA2DA6EEE2D76C6CD6131ADB02B2D0B172A36536863A0C57B6 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 20:13:44.0813 0x0ba0 Fs_Rec - ok 20:13:45.0241 0x0ba0 [ A532181954A5CF2BA60353EE8E14A70A, 0894C56421F70E6053D6F0738554AC6780E5DDF732ADFC19DB500F0DF4462A01 ] Futuremark SystemInfo Service E:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe 20:13:45.0339 0x0ba0 Futuremark SystemInfo Service - ok 20:13:45.0347 0x0ba0 [ B8B2A6E1558F8F5DE5CE431C5B2C7B09, 24A9F04A0622681A4E4B6BCC47C45016787C6036EAD828920812D9FAD49A71E3 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 20:13:45.0388 0x0ba0 fvevol - ok 20:13:45.0393 0x0ba0 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 20:13:45.0511 0x0ba0 gagp30kx - ok 20:13:45.0531 0x0ba0 [ FE5AB4525BC2EC68B9119A6E5D40128B, 088DE37982CEE78A0C1181389A3BFF1E352DF504074B3E8F3EA244DB271BF216 ] gpsvc C:\Windows\System32\gpsvc.dll 20:13:45.0546 0x0ba0 gpsvc - ok 20:13:45.0551 0x0ba0 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 20:13:45.0571 0x0ba0 hcw85cir - ok 20:13:45.0582 0x0ba0 [ 6410F6F415B2A5A9037224C41DA8BF12, 5B8452BC49FDA2215281D27B22FA9BE46B0460F51C4DC70E58B687CFB541F3A5 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 20:13:45.0630 0x0ba0 HdAudAddService - ok 20:13:45.0636 0x0ba0 [ 0A49913402747A0B67DE940FB42CBDBB, 61A45DBDCEB4A2D5C3C28F6BC8C5ADC51D0240A7553DF44BCC4355FC06F72B83 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 20:13:45.0657 0x0ba0 HDAudBus - ok 20:13:45.0660 0x0ba0 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 20:13:45.0697 0x0ba0 HidBatt - ok 20:13:45.0702 0x0ba0 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 20:13:45.0832 0x0ba0 HidBth - ok 20:13:45.0836 0x0ba0 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 20:13:45.0957 0x0ba0 HidIr - ok 20:13:45.0961 0x0ba0 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll 20:13:45.0984 0x0ba0 hidserv - ok 20:13:45.0987 0x0ba0 [ B3BF6B5B50006DEF50B66306D99FCF6F, D39A1DEBE7C464922919826D15199ED25E263BF58633593DD412D78F98921417 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 20:13:46.0064 0x0ba0 HidUsb - ok 20:13:46.0069 0x0ba0 [ EFA58EDE58DD74388FFD04CB32681518, 76D81F9BC1A4D85A779B79DEC23B79F1568AA236CD49247414093CDC1FCC150F ] hkmsvc C:\Windows\system32\kmsvc.dll 20:13:46.0158 0x0ba0 hkmsvc - ok 20:13:46.0166 0x0ba0 [ 046B2673767CA626E2CFB7FDF735E9E8, 9C932DCC5DE9B1919AB38C01D76AD7BBAF491DE6D158662407974748BC0B4C6C ] HomeGroupListener C:\Windows\system32\ListSvc.dll 20:13:46.0228 0x0ba0 HomeGroupListener - ok 20:13:46.0236 0x0ba0 [ 06A7422224D9865A5613710A089987DF, EF604B4B6918D3FDC8E90ED9004E6E7340E0F399C214C65CCE3A7C8C576FA1C0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 20:13:46.0359 0x0ba0 HomeGroupProvider - ok 20:13:46.0364 0x0ba0 [ 0886D440058F203EBA0E1825E4355914, BC49C4CEFE324A08C864A4BF4FEA9A70151FAB7CC30BDC28344F3FFD2F500070 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys 20:13:46.0391 0x0ba0 HpSAMD - ok 20:13:46.0410 0x0ba0 [ CEE049CAC4EFA7F4E1E4AD014414A5D4, 433AE2D845850F1D7A48275BBD87B3F0E7DD48F2282C727C4B777ECD92CC331D ] HTTP C:\Windows\system32\drivers\HTTP.sys 20:13:46.0474 0x0ba0 HTTP - ok 20:13:46.0479 0x0ba0 [ F17766A19145F111856378DF337A5D79, FC1633FB865A5324EBCBE5F97D297B899FABBDD965D862C2EFC743CD36F47E62 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 20:13:46.0594 0x0ba0 hwpolicy - ok 20:13:46.0599 0x0ba0 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 20:13:46.0651 0x0ba0 i8042prt - ok 20:13:46.0662 0x0ba0 [ D83EFB6FD45DF9D55E9A1AFC63640D50, 0494F8F7CB3ED11FD8D0B838CB71271AF7A3CBFCB7F2CB043A9392B5106A3C7B ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys 20:13:46.0772 0x0ba0 iaStorV - ok 20:13:46.0793 0x0ba0 [ 2F2BE70D3E02B6FA877921AB9516D43C, E04255EE4BD95FC1539EB1EB9F702B039F65993D31A4531DA487274543EF5226 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 20:13:46.0912 0x0ba0 idsvc - ok 20:13:46.0917 0x0ba0 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 20:13:46.0962 0x0ba0 iirsp - ok 20:13:46.0983 0x0ba0 [ C5B4683680DF085B57BC53E5EF34861F, 9C06517DFCB3ED7BB1166F7EB6CCC8713E6B68283C75420C0EDC182094AA1B8F ] IKEEXT C:\Windows\System32\ikeext.dll 20:13:47.0094 0x0ba0 IKEEXT - ok 20:13:47.0099 0x0ba0 IntcAzAudAddService - ok 20:13:47.0102 0x0ba0 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\DRIVERS\intelide.sys 20:13:47.0143 0x0ba0 intelide - ok 20:13:47.0147 0x0ba0 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 20:13:47.0292 0x0ba0 intelppm - ok 20:13:47.0298 0x0ba0 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll 20:13:47.0345 0x0ba0 IPBusEnum - ok 20:13:47.0349 0x0ba0 [ 722DD294DF62483CECAAE6E094B4D695, 41ABB42EF969EA8A84B546908EBBDC2411D964DE101CE6DD3D7ECF109085E0C0 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 20:13:47.0477 0x0ba0 IpFilterDriver - ok 20:13:47.0492 0x0ba0 [ F8E058D17363EC580E4B7232778B6CB5, 02352919F349C57930A0B032FBDC45327FB473D310DE7AC721F4694FDE7D21FB ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 20:13:47.0526 0x0ba0 iphlpsvc - ok 20:13:47.0531 0x0ba0 [ E2B4A4494DB7CB9B89B55CA268C337C5, C59BC4AA03D10647641EC7533F78BC7E2EA6FC48B8B2CF1A49B5148EF40A90FB ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys 20:13:47.0622 0x0ba0 IPMIDRV - ok
-
Hi I've got ESET Smart Security, and have run it for many years with no problem. Today, if flagged up the following and I need help: "MBR sector of the 6. physical disk - probably unknown TSR.BOOT virus - unable to clean" I've run an ESET scan, and it flags it, and nothing else, but cannot remove it. I've run Kaspersky online and it found nothing, and ESET online scanner found nothing too. Kaspersky TDSSkiller found nothing and Malwarebytes anti-rootkit didn't either (I'll post the log in the next reply) I only built this HDD on Friday, as I reinstalled due to a new mobo/CPU, the other hard drives have been in this pc for years, and I've never had any trouble. I've not been on any dodgy sites since Friday either. Could this be a false positive on ESET's part or am I being too optimistic lol? Any help is greatly appreciated! Thanks