Can not remove PUM.bad.proxy

Lorgeo · June 7, 2014

I did rename ComboFix, the PUM.BAD.PROXY hasn't shown up again (since the 3rd) and here's the RogueKiller log:

Thanks.

RogueKiller V9.0.2.0 (x64) [Jun 3 2014] by Adlice Software

mail : http://www.adlice.com/contact/

Feedback : http://forum.adlice.com

Website : http://www.adlice.com/softwares/roguekiller/

Blog : http://www.adlice.com

Operating System : Windows Vista (6.0.6002 Service Pack 2) 64 bits version

Started in : Normal mode

User : Sharon [Admin rights]

Mode : Scan -- Date : 06/06/2014 22:19:39

¤¤¤ Bad processes : 3 ¤¤¤

[ZeroAccess] mcshield.exe -- [x] -> ERROR [12]

[suspicious.Path] OEM05Mon.exe -- C:\Windows\OEM05Mon.exe[7] -> KILLED [TermProc]

[suspicious.Path] (SVC) M4-Service -- C:\Users\Sharon\AppData\Local\Mikogo4\Viewer\Service\M4-Service.exe[7] -> STOPPED

¤¤¤ Registry Entries : 63 ¤¤¤

[suspicious.Path] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | OEM05Mon.exe : C:\Windows\OEM05Mon.exe -> FOUND

[shell.HJ] (X64) HKEY_LOCAL_MACHINE\RK_Software_ON_D_98D1\Microsoft\Windows NT\CurrentVersion\Winlogon | Shell : cmd.exe /k start cmd.exe -> FOUND

[shell.HJ] (X86) HKEY_LOCAL_MACHINE\RK_Software_ON_D_98D1\Microsoft\Windows NT\CurrentVersion\Winlogon | Shell : cmd.exe /k start cmd.exe -> FOUND

[suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\M4-Service -> FOUND

[suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Net CLR -> FOUND

[suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\M4-Service -> FOUND

[suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Net CLR -> FOUND

[suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet003\Services\M4-Service -> FOUND

[suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet003\Services\Net CLR -> FOUND

[PUM.Proxy] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:57273 -> FOUND

[PUM.Proxy] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:57273 -> FOUND

[PUM.Proxy] (X64) HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:57273 -> FOUND

[PUM.Proxy] (X86) HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:57273 -> FOUND

[PUM.Proxy] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:57273 -> FOUND

[PUM.Proxy] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:57273 -> FOUND

[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> FOUND

[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> FOUND

[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | EnableLUA : 0 -> FOUND

[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | EnableLUA : 0 -> FOUND

[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_TrackProgs : 0 -> FOUND

[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_TrackProgs : 0 -> FOUND

[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_TrackProgs : 0 -> FOUND

[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_TrackProgs : 0 -> FOUND

[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> FOUND

[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND

[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> FOUND

[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> FOUND

[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND

[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> FOUND

[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> FOUND

[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND

[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> FOUND

[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> FOUND

[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND

[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> FOUND

[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> FOUND

[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> FOUND

[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\RK_Software_ON_D_98D1\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND

[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\RK_Software_ON_D_98D1\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> FOUND

[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND

[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> FOUND

[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\RK_Software_ON_D_98D1\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND

[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\RK_Software_ON_D_98D1\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> FOUND

[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND

[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> FOUND

[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> FOUND

[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND

[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> FOUND

[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> FOUND

[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND

[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> FOUND

[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> FOUND

[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND

[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> FOUND

[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> FOUND

[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND

[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> FOUND

[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> FOUND

[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> FOUND

[PUM.WallPaper] (X64) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Control Panel\Desktop | WallPaper : C:\Users\Sharon\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg -> FOUND

[PUM.WallPaper] (X86) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Control Panel\Desktop | WallPaper : C:\Users\Sharon\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg -> FOUND

[PUM.WallPaper] (X64) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop | WallPaper : C:\Users\Sharon\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg -> FOUND

[PUM.WallPaper] (X86) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop | WallPaper : C:\Users\Sharon\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg -> FOUND

¤¤¤ Scheduled tasks : 4 ¤¤¤

[suspicious.Path] \\{7177BA2D-4E13-44A7-888F-81244710D84E} -- C:\Windows\system32\pcalua.exe (-a "C:\Users\Sharon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XCFZW1AR\WebPostUserServlet[2].exe" -d C:\Users\Sharon) -> FOUND

[suspicious.Path] \\{82E896D3-C842-4280-BE42-BF6BE919E9D7} -- C:\Windows\system32\pcalua.exe (-a "C:\Users\Sharon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IZN2MSN0\WebPostUserServlet[1].exe" -d C:\Users\Sharon) -> FOUND

[suspicious.Path] \\{8C551938-308A-482A-98E2-1F461FD69A86} -- C:\Windows\system32\pcalua.exe (-a "C:\Users\Sharon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BAD3V92T\install[1].exe" -d C:\Users\Sharon) -> FOUND

[suspicious.Path] \\{E503796F-154E-4CF3-8ED2-EE69F0DC3748} -- C:\Windows\system32\pcalua.exe (-a "C:\Users\Sharon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YY2SZKZN\CT-Rate[1].exe" -d C:\Users\Sharon\Desktop) -> FOUND

¤¤¤ Files : 2 ¤¤¤

[ZeroAccess][Folder] L -- C:\Users\Sharon\AppData\Local\{b0b2e9a6-e8ff-c1b2-3fb9-797ec509843a}\L -> FOUND

[ZeroAccess][Folder] U -- C:\Users\Sharon\AppData\Local\{b0b2e9a6-e8ff-c1b2-3fb9-797ec509843a}\U -> FOUND

¤¤¤ HOSTS File : 1 ¤¤¤

[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost

¤¤¤ Antirootkit : 2 ¤¤¤

[EAT:Addr] (explorer.exe) WINTRUST.dll - DllCanUnloadNow : C:\Windows\system32\authui.dll @ 0x7fefbec6650

[EAT:Addr] (explorer.exe) WINTRUST.dll - DllGetClassObject : C:\Windows\system32\authui.dll @ 0x7fefbec6664

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤

+++++ PhysicalDrive0: SAMSUNG HD642JJ +++++

--- User ---

[MBR] 5af93102361f06a4bb241bee2fa71e6c

[bSP] e223061d7b1f736c4877938e9af93bcf : Unknown MBR Code

Partition table:

0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 62 MB

1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 129024 | Size: 15360 MB

2 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 31586304 | Size: 595056 MB

User = LL1 ... OK

User = LL2 ... OK

TheJoker · June 7, 2014

You have a rootkit that needs to be removed.

Please download Malwarebytes Anti-Rootkit here.

Unzip the contents to a folder on the Desktop.
Open the folder where the contents were unzipped and run mbar.exe ( right-click and select Run as administrator for Vista and Windows 7).
Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
Click on the Cleanup button to remove any threats and reboot if prompted to do so.
Wait while the system shuts down and the cleanup process is performed.
Please post the two logs produced.
Please note: This tool is still in BETA mode, so please ensure you have backed up any important files.

Re-run RogueKiller

Quit all programs that you may have started.
Please disconnect any USB or external drives from the computer before you run this scan!
For Vista or Windows 7, right-click and select "Run as Administrator to start"
For Windows XP, double-click to start.
Wait until Prescan has finished ...
Then Click on "Scan" button
Wait until the Status box shows "Scan Finished"
click on "delete"
Wait until the Status box shows "Deleting Finished"
Click on "Report" and copy/paste the content of the Notepad into your next reply.
The log should be found on your Desktop
Exit/Close RogueKiller

Please post the contents of the two logs from MBAR, each in their own reply as they can be long, the new log from RogueKiller, and note any errors encountered.

Lorgeo · June 7, 2014

Just ran the mbar. Result was Congratulations! No malware found! I could not find any reports. Wil re-run Rogue killer and post the log.

Lorgeo · June 7, 2014

RogueKiller report: RogueKiller V9.0.2.0 (x64) [Jun 3 2014] by Adlice Software

mail : http://www.adlice.com/contact/

Feedback : http://forum.adlice.com

Website : http://www.adlice.com/softwares/roguekiller/

Blog : http://www.adlice.com

Operating System : Windows Vista (6.0.6002 Service Pack 2) 64 bits version

Started in : Normal mode

User : Sharon [Admin rights]

Mode : Remove -- Date : 06/07/2014 19:58:18

¤¤¤ Bad processes : 3 ¤¤¤

[ZeroAccess] mcshield.exe -- [x] -> ERROR [12]

[suspicious.Path] OEM05Mon.exe -- C:\Windows\OEM05Mon.exe[7] -> KILLED [TermProc]

[suspicious.Path] (SVC) M4-Service -- C:\Users\Sharon\AppData\Local\Mikogo4\Viewer\Service\M4-Service.exe[7] -> STOPPED

¤¤¤ Registry Entries : 41 ¤¤¤

[suspicious.Path] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | OEM05Mon.exe : C:\Windows\OEM05Mon.exe [x] -> DELETED

[shell.HJ] (X64) HKEY_LOCAL_MACHINE\RK_Software_ON_D_A7E2\Microsoft\Windows NT\CurrentVersion\Winlogon | Shell : cmd.exe /k start cmd.exe -> REPLACED (explorer.exe)

[shell.HJ] (X86) HKEY_LOCAL_MACHINE\RK_Software_ON_D_A7E2\Microsoft\Windows NT\CurrentVersion\Winlogon | Shell : cmd.exe /k start cmd.exe -> REPLACED (explorer.exe)

[suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\M4-Service -> NOT SELECTED

[suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Net CLR -> NOT SELECTED

[suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\M4-Service -> NOT SELECTED

[suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Net CLR -> NOT SELECTED

[suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet003\Services\M4-Service -> NOT SELECTED

[suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet003\Services\Net CLR -> NOT SELECTED

[PUM.Proxy] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:57273 -> NOT SELECTED

[PUM.Proxy] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:57273 -> NOT SELECTED

[PUM.Proxy] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:57273 -> NOT SELECTED

[PUM.Proxy] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:57273 -> NOT SELECTED

[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> NOT SELECTED

[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> NOT SELECTED

[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | EnableLUA : 0 -> NOT SELECTED

[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | EnableLUA : 0 -> NOT SELECTED

[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_TrackProgs : 0 -> NOT SELECTED

[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_TrackProgs : 0 -> NOT SELECTED

[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> NOT SELECTED

[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NOT SELECTED

[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NOT SELECTED

[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> NOT SELECTED

[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NOT SELECTED

[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NOT SELECTED

[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\RK_Software_ON_D_A7E2\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NOT SELECTED

[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\RK_Software_ON_D_A7E2\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NOT SELECTED

[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NOT SELECTED

[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NOT SELECTED

[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\RK_Software_ON_D_A7E2\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NOT SELECTED

[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\RK_Software_ON_D_A7E2\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NOT SELECTED

[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NOT SELECTED

[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NOT SELECTED

[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> NOT SELECTED

[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NOT SELECTED

[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NOT SELECTED

[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> NOT SELECTED

[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NOT SELECTED

[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NOT SELECTED

[PUM.WallPaper] (X64) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Control Panel\Desktop | WallPaper : C:\Users\Sharon\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg -> NOT SELECTED

[PUM.WallPaper] (X86) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Control Panel\Desktop | WallPaper : C:\Users\Sharon\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg -> NOT SELECTED

¤¤¤ Scheduled tasks : 4 ¤¤¤

[suspicious.Path] \\{7177BA2D-4E13-44A7-888F-81244710D84E} -- C:\Windows\system32\pcalua.exe (-a "C:\Users\Sharon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XCFZW1AR\WebPostUserServlet[2].exe" -d C:\Users\Sharon) -> DELETED

[suspicious.Path] \\{82E896D3-C842-4280-BE42-BF6BE919E9D7} -- C:\Windows\system32\pcalua.exe (-a "C:\Users\Sharon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IZN2MSN0\WebPostUserServlet[1].exe" -d C:\Users\Sharon) -> DELETED

[suspicious.Path] \\{8C551938-308A-482A-98E2-1F461FD69A86} -- C:\Windows\system32\pcalua.exe (-a "C:\Users\Sharon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BAD3V92T\install[1].exe" -d C:\Users\Sharon) -> DELETED

[suspicious.Path] \\{E503796F-154E-4CF3-8ED2-EE69F0DC3748} -- C:\Windows\system32\pcalua.exe (-a "C:\Users\Sharon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YY2SZKZN\CT-Rate[1].exe" -d C:\Users\Sharon\Desktop) -> DELETED

¤¤¤ Files : 2 ¤¤¤

[ZeroAccess][Folder] L -- C:\Users\Sharon\AppData\Local\{b0b2e9a6-e8ff-c1b2-3fb9-797ec509843a}\L -> DELETED

[ZeroAccess][Folder] U -- C:\Users\Sharon\AppData\Local\{b0b2e9a6-e8ff-c1b2-3fb9-797ec509843a}\U -> DELETED

¤¤¤ HOSTS File : 1 ¤¤¤

[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost

¤¤¤ Antirootkit : 173 ¤¤¤

[EAT:Addr] (explorer.exe) WINMM.dll - AddGadgetMessageHandler : C:\Windows\system32\DUser.dll @ 0x7fefbd3bde8

[EAT:Addr] (explorer.exe) WINMM.dll - AttachWndProcA : C:\Windows\system32\DUser.dll @ 0x7fefbd50968

[EAT:Addr] (explorer.exe) WINMM.dll - AttachWndProcW : C:\Windows\system32\DUser.dll @ 0x7fefbd3a558

[EAT:Addr] (explorer.exe) WINMM.dll - AutoTrace : C:\Windows\system32\DUser.dll @ 0x7fefbd49360

[EAT:Addr] (explorer.exe) WINMM.dll - BeginTransition : C:\Windows\system32\DUser.dll @ 0x7fefbd50bdc

[EAT:Addr] (explorer.exe) WINMM.dll - BuildAnimation : C:\Windows\system32\DUser.dll @ 0x7fefbd3b9b8

[EAT:Addr] (explorer.exe) WINMM.dll - BuildDropTarget : C:\Windows\system32\DUser.dll @ 0x7fefbd49780

[EAT:Addr] (explorer.exe) WINMM.dll - BuildInterpolation : C:\Windows\system32\DUser.dll @ 0x7fefbd3b8d8

[EAT:Addr] (explorer.exe) WINMM.dll - CreateAction : C:\Windows\system32\DUser.dll @ 0x7fefbd3adf4

[EAT:Addr] (explorer.exe) WINMM.dll - CreateGadget : C:\Windows\system32\DUser.dll @ 0x7fefbd34840

[EAT:Addr] (explorer.exe) WINMM.dll - CreateTransition : C:\Windows\system32\DUser.dll @ 0x7fefbd50998

[EAT:Addr] (explorer.exe) WINMM.dll - DUserBuildGadget : C:\Windows\system32\DUser.dll @ 0x7fefbd50738

[EAT:Addr] (explorer.exe) WINMM.dll - DUserCastClass : C:\Windows\system32\DUser.dll @ 0x7fefbd50824

[EAT:Addr] (explorer.exe) WINMM.dll - DUserCastDirect : C:\Windows\system32\DUser.dll @ 0x7fefbd5089c

[EAT:Addr] (explorer.exe) WINMM.dll - DUserCastHandle : C:\Windows\system32\DUser.dll @ 0x7fefbd508dc

[EAT:Addr] (explorer.exe) WINMM.dll - DUserDeleteGadget : C:\Windows\system32\DUser.dll @ 0x7fefbd4ed30

[EAT:Addr] (explorer.exe) WINMM.dll - DUserFindClass : C:\Windows\system32\DUser.dll @ 0x7fefbd506c0

[EAT:Addr] (explorer.exe) WINMM.dll - DUserFlushDeferredMessages : C:\Windows\system32\DUser.dll @ 0x7fefbd3c844

[EAT:Addr] (explorer.exe) WINMM.dll - DUserFlushMessages : C:\Windows\system32\DUser.dll @ 0x7fefbd3c8b0

[EAT:Addr] (explorer.exe) WINMM.dll - DUserGetAlphaPRID : C:\Windows\system32\DUser.dll @ 0x7fefbd49cd0

[EAT:Addr] (explorer.exe) WINMM.dll - DUserGetGutsData : C:\Windows\system32\DUser.dll @ 0x7fefbd508f0

[EAT:Addr] (explorer.exe) WINMM.dll - DUserGetRectPRID : C:\Windows\system32\DUser.dll @ 0x7fefbd49ce0

[EAT:Addr] (explorer.exe) WINMM.dll - DUserGetRotatePRID : C:\Windows\system32\DUser.dll @ 0x7fefbd49cf0

[EAT:Addr] (explorer.exe) WINMM.dll - DUserGetScalePRID : C:\Windows\system32\DUser.dll @ 0x7fefbd49d00

[EAT:Addr] (explorer.exe) WINMM.dll - DUserInstanceOf : C:\Windows\system32\DUser.dll @ 0x7fefbd507a0

[EAT:Addr] (explorer.exe) WINMM.dll - DUserPostEvent : C:\Windows\system32\DUser.dll @ 0x7fefbd35fe0

[EAT:Addr] (explorer.exe) WINMM.dll - DUserPostMethod : C:\Windows\system32\DUser.dll @ 0x7fefbd4f8e0

[EAT:Addr] (explorer.exe) WINMM.dll - DUserRegisterGuts : C:\Windows\system32\DUser.dll @ 0x7fefbd3fb3c

[EAT:Addr] (explorer.exe) WINMM.dll - DUserRegisterStub : C:\Windows\system32\DUser.dll @ 0x7fefbd40660

[EAT:Addr] (explorer.exe) WINMM.dll - DUserRegisterSuper : C:\Windows\system32\DUser.dll @ 0x7fefbd41040

[EAT:Addr] (explorer.exe) WINMM.dll - DUserSendEvent : C:\Windows\system32\DUser.dll @ 0x7fefbd32370

[EAT:Addr] (explorer.exe) WINMM.dll - DUserSendMethod : C:\Windows\system32\DUser.dll @ 0x7fefbd4f804

[EAT:Addr] (explorer.exe) WINMM.dll - DUserStopAnimation : C:\Windows\system32\DUser.dll @ 0x7fefbd4a9f4

[EAT:Addr] (explorer.exe) WINMM.dll - DeleteHandle : C:\Windows\system32\DUser.dll @ 0x7fefbd33070

[EAT:Addr] (explorer.exe) WINMM.dll - DetachWndProc : C:\Windows\system32\DUser.dll @ 0x7fefbd31948

[EAT:Addr] (explorer.exe) WINMM.dll - DllMain : C:\Windows\system32\DUser.dll @ 0x7fefbd3ddf8

[EAT:Addr] (explorer.exe) WINMM.dll - DrawGadgetTree : C:\Windows\system32\DUser.dll @ 0x7fefbd505b4

[EAT:Addr] (explorer.exe) WINMM.dll - EndTransition : C:\Windows\system32\DUser.dll @ 0x7fefbd50d60

[EAT:Addr] (explorer.exe) WINMM.dll - EnumGadgets : C:\Windows\system32\DUser.dll @ 0x7fefbd50094

[EAT:Addr] (explorer.exe) WINMM.dll - FindGadgetFromPoint : C:\Windows\system32\DUser.dll @ 0x7fefbd36d80

[EAT:Addr] (explorer.exe) WINMM.dll - FindGadgetMessages : C:\Windows\system32\DUser.dll @ 0x7fefbd4fdb8

[EAT:Addr] (explorer.exe) WINMM.dll - FindStdColor : C:\Windows\system32\DUser.dll @ 0x7fefbd3a4a4

[EAT:Addr] (explorer.exe) WINMM.dll - FireGadgetMessages : C:\Windows\system32\DUser.dll @ 0x7fefbd4f9a0

[EAT:Addr] (explorer.exe) WINMM.dll - ForwardGadgetMessage : C:\Windows\system32\DUser.dll @ 0x7fefbd3d628

[EAT:Addr] (explorer.exe) WINMM.dll - GetActionTimeslice : C:\Windows\system32\DUser.dll @ 0x7fefbd50e24

[EAT:Addr] (explorer.exe) WINMM.dll - GetDebug : C:\Windows\system32\DUser.dll @ 0x7fefbd493a0

[EAT:Addr] (explorer.exe) WINMM.dll - GetGadget : C:\Windows\system32\DUser.dll @ 0x7fefbd503f8

[EAT:Addr] (explorer.exe) WINMM.dll - GetGadgetAnimation : C:\Windows\system32\DUser.dll @ 0x7fefbd37154

[EAT:Addr] (explorer.exe) WINMM.dll - GetGadgetBufferInfo : C:\Windows\system32\DUser.dll @ 0x7fefbd42f40

[EAT:Addr] (explorer.exe) WINMM.dll - GetGadgetCenterPoint : C:\Windows\system32\DUser.dll @ 0x7fefbd4f4e0

[EAT:Addr] (explorer.exe) WINMM.dll - GetGadgetFocus : C:\Windows\system32\DUser.dll @ 0x7fefbd38d14

[EAT:Addr] (explorer.exe) WINMM.dll - GetGadgetMessageFilter : C:\Windows\system32\DUser.dll @ 0x7fefbd504e0

[EAT:Addr] (explorer.exe) WINMM.dll - GetGadgetProperty : C:\Windows\system32\DUser.dll @ 0x7fefbd371ec

[EAT:Addr] (explorer.exe) WINMM.dll - GetGadgetRect : C:\Windows\system32\DUser.dll @ 0x7fefbd31dd0

[EAT:Addr] (explorer.exe) WINMM.dll - GetGadgetRgn : C:\Windows\system32\DUser.dll @ 0x7fefbd34af0

[EAT:Addr] (explorer.exe) WINMM.dll - GetGadgetRootInfo : C:\Windows\system32\DUser.dll @ 0x7fefbd4f6dc

[EAT:Addr] (explorer.exe) WINMM.dll - GetGadgetRotation : C:\Windows\system32\DUser.dll @ 0x7fefbd4f2e4

[EAT:Addr] (explorer.exe) WINMM.dll - GetGadgetScale : C:\Windows\system32\DUser.dll @ 0x7fefbd4f0e8

[EAT:Addr] (explorer.exe) WINMM.dll - GetGadgetSize : C:\Windows\system32\DUser.dll @ 0x7fefbd501b4

[EAT:Addr] (explorer.exe) WINMM.dll - GetGadgetStyle : C:\Windows\system32\DUser.dll @ 0x7fefbd42c6c

[EAT:Addr] (explorer.exe) WINMM.dll - GetGadgetTicket : C:\Windows\system32\DUser.dll @ 0x7fefbd354dc

[EAT:Addr] (explorer.exe) WINMM.dll - GetMessageExA : C:\Windows\system32\DUser.dll @ 0x7fefbd433d0

[EAT:Addr] (explorer.exe) WINMM.dll - GetMessageExW : C:\Windows\system32\DUser.dll @ 0x7fefbd4fae0

[EAT:Addr] (explorer.exe) WINMM.dll - GetStdColorBrushF : C:\Windows\system32\DUser.dll @ 0x7fefbd50ff0

[EAT:Addr] (explorer.exe) WINMM.dll - GetStdColorBrushI : C:\Windows\system32\DUser.dll @ 0x7fefbd31d10

[EAT:Addr] (explorer.exe) WINMM.dll - GetStdColorF : C:\Windows\system32\DUser.dll @ 0x7fefbd50f7c

[EAT:Addr] (explorer.exe) WINMM.dll - GetStdColorI : C:\Windows\system32\DUser.dll @ 0x7fefbd3daa4

[EAT:Addr] (explorer.exe) WINMM.dll - GetStdColorName : C:\Windows\system32\DUser.dll @ 0x7fefbd512dc

[EAT:Addr] (explorer.exe) WINMM.dll - GetStdColorPenF : C:\Windows\system32\DUser.dll @ 0x7fefbd5118c

[EAT:Addr] (explorer.exe) WINMM.dll - GetStdColorPenI : C:\Windows\system32\DUser.dll @ 0x7fefbd510a4

[EAT:Addr] (explorer.exe) WINMM.dll - GetStdPalette : C:\Windows\system32\DUser.dll @ 0x7fefbd51318

[EAT:Addr] (explorer.exe) WINMM.dll - GetTransitionInterface : C:\Windows\system32\DUser.dll @ 0x7fefbd50b18

[EAT:Addr] (explorer.exe) WINMM.dll - InitGadgetComponent : C:\Windows\system32\DUser.dll @ 0x7fefbd4ebc4

[EAT:Addr] (explorer.exe) WINMM.dll - InitGadgets : C:\Windows\system32\DUser.dll @ 0x7fefbd391d0

[EAT:Addr] (explorer.exe) WINMM.dll - InvalidateGadget : C:\Windows\system32\DUser.dll @ 0x7fefbd32bb8

[EAT:Addr] (explorer.exe) WINMM.dll - IsGadgetParentChainStyle : C:\Windows\system32\DUser.dll @ 0x7fefbd4eec0

[EAT:Addr] (explorer.exe) WINMM.dll - IsInsideContext : C:\Windows\system32\DUser.dll @ 0x7fefbd4ee40

[EAT:Addr] (explorer.exe) WINMM.dll - IsStartDelete : C:\Windows\system32\DUser.dll @ 0x7fefbd3ba20

[EAT:Addr] (explorer.exe) WINMM.dll - LookupGadgetTicket : C:\Windows\system32\DUser.dll @ 0x7fefbd51610

[EAT:Addr] (explorer.exe) WINMM.dll - MapGadgetPoints : C:\Windows\system32\DUser.dll @ 0x7fefbd4426c

[EAT:Addr] (explorer.exe) WINMM.dll - PeekMessageExA : C:\Windows\system32\DUser.dll @ 0x7fefbd4fb78

[EAT:Addr] (explorer.exe) WINMM.dll - PeekMessageExW : C:\Windows\system32\DUser.dll @ 0x7fefbd4fc14

[EAT:Addr] (explorer.exe) WINMM.dll - PlayTransition : C:\Windows\system32\DUser.dll @ 0x7fefbd50a44

[EAT:Addr] (explorer.exe) WINMM.dll - PrintTransition : C:\Windows\system32\DUser.dll @ 0x7fefbd50ca0

[EAT:Addr] (explorer.exe) WINMM.dll - RegisterGadgetMessage : C:\Windows\system32\DUser.dll @ 0x7fefbd3e49c

[EAT:Addr] (explorer.exe) WINMM.dll - RegisterGadgetMessageString : C:\Windows\system32\DUser.dll @ 0x7fefbd4fd90

[EAT:Addr] (explorer.exe) WINMM.dll - RegisterGadgetProperty : C:\Windows\system32\DUser.dll @ 0x7fefbd3e654

[EAT:Addr] (explorer.exe) WINMM.dll - RemoveGadgetMessageHandler : C:\Windows\system32\DUser.dll @ 0x7fefbd4fecc

[EAT:Addr] (explorer.exe) WINMM.dll - RemoveGadgetProperty : C:\Windows\system32\DUser.dll @ 0x7fefbd3b5b0

[EAT:Addr] (explorer.exe) WINMM.dll - SetActionTimeslice : C:\Windows\system32\DUser.dll @ 0x7fefbd50ed4

[EAT:Addr] (explorer.exe) WINMM.dll - SetGadgetBufferInfo : C:\Windows\system32\DUser.dll @ 0x7fefbd4264c

[EAT:Addr] (explorer.exe) WINMM.dll - SetGadgetCenterPoint : C:\Windows\system32\DUser.dll @ 0x7fefbd4f5d8

[EAT:Addr] (explorer.exe) WINMM.dll - SetGadgetFillF : C:\Windows\system32\DUser.dll @ 0x7fefbd4eff4

[EAT:Addr] (explorer.exe) WINMM.dll - SetGadgetFillI : C:\Windows\system32\DUser.dll @ 0x7fefbd41f50

[EAT:Addr] (explorer.exe) WINMM.dll - SetGadgetFocus : C:\Windows\system32\DUser.dll @ 0x7fefbd38dec

[EAT:Addr] (explorer.exe) WINMM.dll - SetGadgetFocusEx : C:\Windows\system32\DUser.dll @ 0x7fefbd3d784

[EAT:Addr] (explorer.exe) WINMM.dll - SetGadgetMessageFilter : C:\Windows\system32\DUser.dll @ 0x7fefbd35348

[EAT:Addr] (explorer.exe) WINMM.dll - SetGadgetOrder : C:\Windows\system32\DUser.dll @ 0x7fefbd502a4

[EAT:Addr] (explorer.exe) WINMM.dll - SetGadgetParent : C:\Windows\system32\DUser.dll @ 0x7fefbd34d20

[EAT:Addr] (explorer.exe) WINMM.dll - SetGadgetProperty : C:\Windows\system32\DUser.dll @ 0x7fefbd3bad0

[EAT:Addr] (explorer.exe) WINMM.dll - SetGadgetRect : C:\Windows\system32\DUser.dll @ 0x7fefbd34980

[EAT:Addr] (explorer.exe) WINMM.dll - SetGadgetRootInfo : C:\Windows\system32\DUser.dll @ 0x7fefbd399d8

[EAT:Addr] (explorer.exe) WINMM.dll - SetGadgetRotation : C:\Windows\system32\DUser.dll @ 0x7fefbd4f3ec

[EAT:Addr] (explorer.exe) WINMM.dll - SetGadgetScale : C:\Windows\system32\DUser.dll @ 0x7fefbd4f1e0

[EAT:Addr] (explorer.exe) WINMM.dll - SetGadgetStyle : C:\Windows\system32\DUser.dll @ 0x7fefbd34390

[EAT:Addr] (explorer.exe) WINMM.dll - UninitGadgetComponent : C:\Windows\system32\DUser.dll @ 0x7fefbd4ec78

[EAT:Addr] (explorer.exe) WINMM.dll - UnregisterGadgetMessage : C:\Windows\system32\DUser.dll @ 0x7fefbd4fcfc

[EAT:Addr] (explorer.exe) WINMM.dll - UnregisterGadgetMessageString : C:\Windows\system32\DUser.dll @ 0x7fefbd4fd90

[EAT:Addr] (explorer.exe) WINMM.dll - UnregisterGadgetProperty : C:\Windows\system32\DUser.dll @ 0x7fefbd5000c

[EAT:Addr] (explorer.exe) WINMM.dll - UtilBuildFont : C:\Windows\system32\DUser.dll @ 0x7fefbd51380

[EAT:Addr] (explorer.exe) WINMM.dll - UtilDrawBlendRect : C:\Windows\system32\DUser.dll @ 0x7fefbd51528

[EAT:Addr] (explorer.exe) WINMM.dll - UtilDrawOutlineRect : C:\Windows\system32\DUser.dll @ 0x7fefbd5154c

[EAT:Addr] (explorer.exe) WINMM.dll - UtilGetColor : C:\Windows\system32\DUser.dll @ 0x7fefbd51558

[EAT:Addr] (explorer.exe) WINMM.dll - UtilSetBackground : C:\Windows\system32\DUser.dll @ 0x7fefbd51324

[EAT:Addr] (explorer.exe) WINMM.dll - WaitMessageEx : C:\Windows\system32\DUser.dll @ 0x7fefbd4fcac

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptAddContextFunction : C:\Windows\system32\bcrypt.dll @ 0x7fefced594c

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptAddContextFunctionProvider : C:\Windows\system32\bcrypt.dll @ 0x7fefced6340

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptCloseAlgorithmProvider : C:\Windows\system32\bcrypt.dll @ 0x7fefcec24fc

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptConfigureContext : C:\Windows\system32\bcrypt.dll @ 0x7fefced55b8

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptConfigureContextFunction : C:\Windows\system32\bcrypt.dll @ 0x7fefced5f14

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptCreateContext : C:\Windows\system32\bcrypt.dll @ 0x7fefced5128

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptCreateHash : C:\Windows\system32\bcrypt.dll @ 0x7fefcec44bc

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptDecrypt : C:\Windows\system32\bcrypt.dll @ 0x7fefcec3484

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptDeleteContext : C:\Windows\system32\bcrypt.dll @ 0x7fefced52c8

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptDeriveKey : C:\Windows\system32\bcrypt.dll @ 0x7fefcec4124

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptDestroyHash : C:\Windows\system32\bcrypt.dll @ 0x7fefcec4904

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptDestroyKey : C:\Windows\system32\bcrypt.dll @ 0x7fefcec4338

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptDestroySecret : C:\Windows\system32\bcrypt.dll @ 0x7fefcec4420

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptDuplicateHash : C:\Windows\system32\bcrypt.dll @ 0x7fefcec4998

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptDuplicateKey : C:\Windows\system32\bcrypt.dll @ 0x7fefcec4270

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptEncrypt : C:\Windows\system32\bcrypt.dll @ 0x7fefcec3168

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptEnumAlgorithms : C:\Windows\system32\bcrypt.dll @ 0x7fefcec2564

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptEnumContextFunctionProviders : C:\Windows\system32\bcrypt.dll @ 0x7fefced6718

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptEnumContextFunctions : C:\Windows\system32\bcrypt.dll @ 0x7fefced5cdc

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptEnumContexts : C:\Windows\system32\bcrypt.dll @ 0x7fefced5454

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptEnumProviders : C:\Windows\system32\bcrypt.dll @ 0x7fefcec2970

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptEnumRegisteredProviders : C:\Windows\system32\bcrypt.dll @ 0x7fefced5050

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptExportKey : C:\Windows\system32\bcrypt.dll @ 0x7fefcec3770

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptFinalizeKeyPair : C:\Windows\system32\bcrypt.dll @ 0x7fefcec30f8

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptFinishHash : C:\Windows\system32\bcrypt.dll @ 0x7fefcec4860

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptFreeBuffer : C:\Windows\system32\bcrypt.dll @ 0x7fefcec2c44

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptGenRandom : C:\Windows\system32\bcrypt.dll @ 0x7fefcec5034

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptGenerateKeyPair : C:\Windows\system32\bcrypt.dll @ 0x7fefcec2fe0

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptGenerateSymmetricKey : C:\Windows\system32\bcrypt.dll @ 0x7fefcec2eec

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptGetFipsAlgorithmMode : C:\Windows\system32\bcrypt.dll @ 0x7fefced7250

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptGetProperty : C:\Windows\system32\bcrypt.dll @ 0x7fefcec2c70

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptHashData : C:\Windows\system32\bcrypt.dll @ 0x7fefcec481c

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptImportKey : C:\Windows\system32\bcrypt.dll @ 0x7fefcec39bc

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptImportKeyPair : C:\Windows\system32\bcrypt.dll @ 0x7fefcec3adc

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptOpenAlgorithmProvider : C:\Windows\system32\bcrypt.dll @ 0x7fefcec20f0

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptQueryContextConfiguration : C:\Windows\system32\bcrypt.dll @ 0x7fefced574c

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptQueryContextFunctionConfiguration : C:\Windows\system32\bcrypt.dll @ 0x7fefced60e0

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptQueryContextFunctionProperty : C:\Windows\system32\bcrypt.dll @ 0x7fefced6bb0

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptQueryProviderRegistration : C:\Windows\system32\bcrypt.dll @ 0x7fefced4e00

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptRegisterConfigChangeNotify : C:\Windows\system32\bcrypt.dll @ 0x7fefced6e38

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptRegisterProvider : C:\Windows\system32\bcrypt.dll @ 0x7fefced4a74

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptRemoveContextFunction : C:\Windows\system32\bcrypt.dll @ 0x7fefced5b20

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptRemoveContextFunctionProvider : C:\Windows\system32\bcrypt.dll @ 0x7fefced653c

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptResolveProviders : C:\Windows\system32\bcrypt.dll @ 0x7fefced7030

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptSecretAgreement : C:\Windows\system32\bcrypt.dll @ 0x7fefcec4000

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptSetAuditingInterface : C:\Windows\system32\bcrypt.dll @ 0x7fefcec5510

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptSetContextFunctionProperty : C:\Windows\system32\bcrypt.dll @ 0x7fefced699c

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptSetProperty : C:\Windows\system32\bcrypt.dll @ 0x7fefcec2e2c

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptSignHash : C:\Windows\system32\bcrypt.dll @ 0x7fefcec4af0

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptUnregisterConfigChangeNotify : C:\Windows\system32\bcrypt.dll @ 0x7fefced6f50

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptUnregisterProvider : C:\Windows\system32\bcrypt.dll @ 0x7fefced4cbc

[EAT:Addr] (explorer.exe) ncrypt.dll - BCryptVerifySignature : C:\Windows\system32\bcrypt.dll @ 0x7fefcec4de4

[EAT:Addr] (explorer.exe) ncrypt.dll - GetAsymmetricEncryptionInterface : C:\Windows\system32\bcrypt.dll @ 0x7fefcec5400

[EAT:Addr] (explorer.exe) ncrypt.dll - GetCipherInterface : C:\Windows\system32\bcrypt.dll @ 0x7fefcec5364

[EAT:Addr] (explorer.exe) ncrypt.dll - GetHashInterface : C:\Windows\system32\bcrypt.dll @ 0x7fefcec53d0

[EAT:Addr] (explorer.exe) ncrypt.dll - GetRngInterface : C:\Windows\system32\bcrypt.dll @ 0x7fefcec55e8

[EAT:Addr] (explorer.exe) ncrypt.dll - GetSecretAgreementInterface : C:\Windows\system32\bcrypt.dll @ 0x7fefcec5490

[EAT:Addr] (explorer.exe) ncrypt.dll - GetSignatureInterface : C:\Windows\system32\bcrypt.dll @ 0x7fefcec5410

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤

+++++ PhysicalDrive0: SAMSUNG HD642JJ +++++

--- User ---

[MBR] 5af93102361f06a4bb241bee2fa71e6c

[bSP] e223061d7b1f736c4877938e9af93bcf : Unknown MBR Code

Partition table:

0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 62 MB

1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 129024 | Size: 15360 MB

2 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 31586304 | Size: 595056 MB

User = LL1 ... OK

User = LL2 ... OK

============================================

RKreport_SCN_06062014_221939.log - RKreport_SCN_06072014_195735.log

TheJoker · June 8, 2014

Is there a reason you chose to not remove most of the items that RogueKiller detected?

Please download tdsskiller.exe and save it to your Desktop. Go here for information.

Double-click on TDSSKiller.exe to run the application.
Click on the Start Scan button and wait for the scan and disinfection process to be over.
If an infected file is detected, the default action will be Cure, click on Continue
If a suspicious file is detected, the default action will be Skip, click on Continue
If you are asked to reboot the computer to complete the process, click on the Reboot Now button.
- A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt).
Please copy and paste the contents of that file in your next reply.
If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.

Lorgeo · June 8, 2014

I thought I had followed the instructions:

Then Click on "Scan" button
Wait until the Status box shows "Scan Finished"
click on "delete"
Wait until the Status box shows "Deleting Finished"
Click on "Report" and copy/paste the content of the Notepad into your next reply.
The log should be found on your Desktop
Exit/Close RogueKiller

Should I try to run that again? I'll run the TDSSkiller and post that in the mean time, Thank you.

Lorgeo · June 8, 2014

Here is the first 1/2 of the report. (post was too long)No threats were found.

06:29:21.0559 0x2668 TDSS rootkit removing tool 3.0.0.39 Jun 5 2014 20:35:54

06:29:40.0519 0x2668 ============================================================

06:29:40.0519 0x2668 Current date / time: 2014/06/08 06:29:40.0519

06:29:40.0519 0x2668 SystemInfo:

06:29:40.0519 0x2668

06:29:40.0519 0x2668 OS Version: 6.0.6002 ServicePack: 2.0

06:29:40.0519 0x2668 Product type: Workstation

06:29:40.0520 0x2668 ComputerName: SHARON-PC

06:29:40.0520 0x2668 UserName: Sharon

06:29:40.0520 0x2668 Windows directory: C:\Windows

06:29:40.0520 0x2668 System windows directory: C:\Windows

06:29:40.0520 0x2668 Running under WOW64

06:29:40.0520 0x2668 Processor architecture: Intel x64

06:29:40.0520 0x2668 Number of processors: 4

06:29:40.0520 0x2668 Page size: 0x1000

06:29:40.0520 0x2668 Boot type: Normal boot

06:29:40.0520 0x2668 ============================================================

06:29:40.0822 0x2668 KLMD registered as C:\Windows\system32\drivers\20314002.sys

06:29:41.0416 0x2668 System UUID: {0D6D4161-6539-CD1D-1ED9-C70EB82C9E8F}

06:29:43.0826 0x2668 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 ( 596.17 Gb ), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

06:29:43.0834 0x2668 ============================================================

06:29:43.0834 0x2668 \Device\Harddisk0\DR0:

06:29:43.0834 0x2668 MBR partitions:

06:29:43.0834 0x2668 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1F800, BlocksNum 0x1E00000

06:29:43.0834 0x2668 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E1F800, BlocksNum 0x48A38000

06:29:43.0834 0x2668 ============================================================

06:29:43.0840 0x2668 C: <-> \Device\Harddisk0\DR0\Partition2

06:29:43.0870 0x2668 D: <-> \Device\Harddisk0\DR0\Partition1

06:29:43.0870 0x2668 ============================================================

06:29:43.0870 0x2668 Initialize success

06:29:43.0870 0x2668 ============================================================

06:29:54.0180 0x2acc ============================================================

06:29:54.0180 0x2acc Scan started

06:29:54.0180 0x2acc Mode: Manual;

06:29:54.0181 0x2acc ============================================================

06:29:54.0181 0x2acc KSN ping started

06:30:02.0571 0x2acc KSN ping finished: true

06:30:03.0500 0x2acc ================ Scan system memory ========================

06:30:03.0500 0x2acc System memory - ok

06:30:03.0500 0x2acc ================ Scan services =============================

06:30:03.0686 0x2acc [ 1965AAFFAB07E3FB03C77F81BEBA3547, 351A1EBB1B95C8E03ED125C8F997DEE810B4DF36AD290E7685FC01963B522BFC ] ACPI C:\Windows\system32\drivers\acpi.sys

06:30:03.0695 0x2acc ACPI - ok

06:30:03.0821 0x2acc [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

06:30:03.0823 0x2acc AdobeARMservice - ok

06:30:03.0978 0x2acc [ 09E7C37DF4A911C8A9AA8BF88ACD10AA, E881E0BBDCED58F28E0BA8DC27372EDFFFF2C57EE31CD13A032FDC9F7C831B5A ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

06:30:03.0985 0x2acc AdobeFlashPlayerUpdateSvc - ok

06:30:04.0136 0x2acc [ F14215E37CF124104575073F782111D2, 7F624F7F0FE9909C07AB2E4C74727686FDA9DF33778A9CBBE35027D6579E4F71 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys

06:30:04.0149 0x2acc adp94xx - ok

06:30:04.0178 0x2acc [ 7D05A75E3066861A6610F7EE04FF085C, 406F2CE539C306BA60C233FBCDB029153588F0499BBE91E66FC915E5C5D7D2A5 ] adpahci C:\Windows\system32\drivers\adpahci.sys

06:30:04.0216 0x2acc adpahci - ok

06:30:04.0238 0x2acc [ 820A201FE08A0C345B3BEDBC30E1A77C, 3170B308724CAA0AD50B74D045C837C48BD6A3A11ABA222670BEA82192A861BF ] adpu160m C:\Windows\system32\drivers\adpu160m.sys

06:30:04.0242 0x2acc adpu160m - ok

06:30:04.0263 0x2acc [ 9B4AB6854559DC168FBB4C24FC52E794, 83CD75DE0A16AE66586837565ECA8B98BA9309519139C4C2032474B8DDF5A1AD ] adpu320 C:\Windows\system32\drivers\adpu320.sys

06:30:04.0268 0x2acc adpu320 - ok

06:30:04.0319 0x2acc [ 0F421175574BFE0BF2F4D8E910A253BB, CEABE3A4F546EB6ACA079931AB532DC88FF757DEEF6F434991802220328A9CD6 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

06:30:04.0321 0x2acc AeLookupSvc - ok

06:30:04.0359 0x2acc [ 2BA159E1F9FD75F6A496742B20F1D9CF, 50094F6E8415ACDBC0DA9C24EDAB3F9B192D2F0D6A820C18E8DBC6D72849D612 ] AFD C:\Windows\system32\drivers\afd.sys

06:30:04.0371 0x2acc AFD - ok

06:30:04.0410 0x2acc [ F6F6793B7F17B550ECFDBD3B229173F7, 7EB12A9372B7966440E39F1B567A43C21231D67DDFAA9C1DECC7E68627F82346 ] agp440 C:\Windows\system32\drivers\agp440.sys

06:30:04.0412 0x2acc agp440 - ok

06:30:04.0472 0x2acc [ 222CB641B4B8A1D1126F8033F9FD6A00, 8C7FD4BF87DC00893B99E64344C0E6A3F321DAD9BE60A99763629260E7C6312C ] aic78xx C:\Windows\system32\drivers\djsvs.sys

06:30:04.0475 0x2acc aic78xx - ok

06:30:04.0492 0x2acc [ 5922F4F59B7868F3D74BBBBEB7B825A3, 71504BC8B596F540BF059059670BC0C138D8759C1DD9F99F1EC368FD5C53F573 ] ALG C:\Windows\System32\alg.exe

06:30:04.0496 0x2acc ALG - ok

06:30:04.0511 0x2acc [ 9544C2C55541C0C6BFD7B489D0E7D430, E242A7632BB51C965A7D2E2B0112C75018C0BB4B9A574920E44756E3AC1D8E77 ] aliide C:\Windows\system32\drivers\aliide.sys

06:30:04.0512 0x2acc aliide - ok

06:30:04.0568 0x2acc [ 5EBA5E837D6635AEA999BAE47E186C6F, F185EAB171B8298ABCAE61B8265F57580AE8A2F424D5BD51E56C6AB482D26FCE ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe

06:30:04.0574 0x2acc AMD External Events Utility - ok

06:30:04.0593 0x2acc [ 970FA5059E61E30D25307B99903E991E, CFB241803A63EA3469B2596462A42DDCA813B3ACF96E56BB34F5979BB34DDC32 ] amdide C:\Windows\system32\drivers\amdide.sys

06:30:04.0595 0x2acc amdide - ok

06:30:04.0608 0x2acc [ CDC3632A3A5EA4DBB83E46076A3165A1, 40BE3451A3F29CD3352360FF72165C54237E44D01006390805D493B0D06F51DB ] AmdK8 C:\Windows\system32\drivers\amdk8.sys

06:30:04.0611 0x2acc AmdK8 - ok

06:30:04.0914 0x2acc [ DCC8177244FE79C61C4E73C65E63922A, 1AF6FB52FD7499F1E1C0530C9A75BDC62A2D2EEBC138496DA28E941454708E1E ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys

06:30:05.0136 0x2acc amdkmdag - ok

06:30:05.0186 0x2acc [ 7FE67D107329DC2CF89136A8E19BCEB7, B8048BF857E52CB5CACC1503F6246F12302DC43FA7B814EE169D2EAD3294C8D1 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys

06:30:05.0202 0x2acc amdkmdap - ok

06:30:05.0336 0x2acc [ F518545E5B7623AD49ABE7F8776EFA46, CD39B6EC0D80C6DB857F34D4AC5C31085271B51B8851A56FEFC052B20B7CC40C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

06:30:05.0338 0x2acc Apple Mobile Device - ok

06:30:05.0382 0x2acc [ BA8417D4765F3988FF921F30F630E303, 876A8F34E578020DD9EDD64F7F77A0A3B4592EC568830B500D7EA844D3159C72 ] arc C:\Windows\system32\drivers\arc.sys

06:30:05.0385 0x2acc arc - ok

06:30:05.0425 0x2acc [ 9D41C435619733B34CC16A511E644B11, DEFFBBB5ECE33B7DF949DF979188AF3B6674E7580FC069397AB756EA84E24822 ] arcsas C:\Windows\system32\drivers\arcsas.sys

06:30:05.0436 0x2acc arcsas - ok

06:30:05.0482 0x2acc [ 22D13FF3DAFEC2A80634752B1EAA2DE6, 503F7E5F1B14D3F7AEAB0982E812B19DABE38FD4104D93922F50F0B2D19BECFB ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

06:30:05.0483 0x2acc AsyncMac - ok

06:30:05.0534 0x2acc [ F988BB0690CD660318037908E9B8DBF7, E536F371AB31B69FB0AA619C0C04B031A17C89064E90D3C57ED45E280A117C65 ] atapi C:\Windows\system32\drivers\atapi.sys

06:30:05.0536 0x2acc atapi - ok

06:30:05.0834 0x2acc [ DCC8177244FE79C61C4E73C65E63922A, 1AF6FB52FD7499F1E1C0530C9A75BDC62A2D2EEBC138496DA28E941454708E1E ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys

06:30:06.0002 0x2acc atikmdag - ok

06:30:06.0086 0x2acc [ 79318C744693EC983D20E9337A2F8196, 94226786EF8A101C2E805C6BA3C1CF46628BAF1AFCECBC1FAB7A7E7E5E642608 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

06:30:06.0098 0x2acc AudioEndpointBuilder - ok

06:30:06.0112 0x2acc [ 79318C744693EC983D20E9337A2F8196, 94226786EF8A101C2E805C6BA3C1CF46628BAF1AFCECBC1FAB7A7E7E5E642608 ] AudioSrv C:\Windows\System32\Audiosrv.dll

06:30:06.0121 0x2acc AudioSrv - ok

06:30:06.0143 0x2acc Beep - ok

06:30:06.0173 0x2acc [ FFB96C2589FFA60473EAD78B39FBDE29, 6A2792753E2CB580672B3107C0DBB9D26B6DAA14B37D5EC314BD0E304197E03E ] BFE C:\Windows\System32\bfe.dll

06:30:06.0186 0x2acc BFE - ok

06:30:06.0281 0x2acc [ 6D316F4859634071CC25C4FD4589AD2C, 73F69AC9E505F3B11A3CCFF8571930229A9058E672CD008A4BF26C0189564EAE ] BITS C:\Windows\system32\qmgr.dll

06:30:06.0354 0x2acc BITS - ok

06:30:06.0385 0x2acc [ 79FEEB40056683F8F61398D81DDA65D2, 5EA3016194F71A2A2177C2B5129E82738EC621ACAD269809F4C131B72CFEB6C6 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys

06:30:06.0387 0x2acc blbdrive - ok

06:30:06.0491 0x2acc [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

06:30:06.0513 0x2acc Bonjour Service - ok

06:30:06.0540 0x2acc [ 2348447A80920B2493A9B582A23E81E1, 50F9242B7104607E633ABAF4E0A213C1C1226BF81F7FB4E216A9E878247B868C ] bowser C:\Windows\system32\DRIVERS\bowser.sys

06:30:06.0543 0x2acc bowser - ok

06:30:06.0583 0x2acc [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys

06:30:06.0585 0x2acc BrFiltLo - ok

06:30:06.0597 0x2acc [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys

06:30:06.0598 0x2acc BrFiltUp - ok

06:30:06.0627 0x2acc [ A1B39DE453433B115B4EA69EE0343816, 61441E7E9D5259A5987DBD3FC8D4E3221A57F42C7CC0F94DB48E80EEF96CA5D4 ] Browser C:\Windows\System32\browser.dll

06:30:06.0631 0x2acc Browser - ok

06:30:06.0649 0x2acc [ F0F0BA4D815BE446AA6A4583CA3BCA9B, E0A5DB5A0C7D6AF93ED45F34D2597F77982DFF41E4FDAC827FE5D80323ADED60 ] Brserid C:\Windows\system32\drivers\brserid.sys

06:30:06.0652 0x2acc Brserid - ok

06:30:06.0673 0x2acc [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys

06:30:06.0675 0x2acc BrSerWdm - ok

06:30:06.0690 0x2acc [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys

06:30:06.0692 0x2acc BrUsbMdm - ok

06:30:06.0704 0x2acc [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys

06:30:06.0706 0x2acc BrUsbSer - ok

06:30:06.0718 0x2acc [ E0777B34E05F8A82A21856EFC900C29F, A7ACE3C65D1773C50ACD98A13B3ADBDD2A6052D7F5D124CB6EE6E7C22151A424 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys

06:30:06.0721 0x2acc BTHMODEM - ok

06:30:06.0747 0x2acc catchme - ok

06:30:06.0755 0x2acc [ B4D787DB8D30793A4D4DF9FEED18F136, 2A956F7DCFE61E556F30BDA6D45592A05533541D6ED321C251C1C05F6CEA6DDC ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

06:30:06.0759 0x2acc cdfs - ok

06:30:06.0775 0x2acc [ C025AA69BE3D0D25C7A2E746EF6F94FC, F4754B23CC256ADF92FDD42A9BA80F1ACB74834A58FCBEA2C52650FAFC7F9483 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

06:30:06.0777 0x2acc cdrom - ok

06:30:06.0804 0x2acc [ 5A268127633C7EE2A7FB87F39D748D56, 45C530A0EE0108543A75B9427F77EBB5E8350AE16C235763B6F32E72CE15C449 ] CertPropSvc C:\Windows\System32\certprop.dll

06:30:06.0806 0x2acc CertPropSvc - ok

06:30:06.0876 0x2acc [ 0C48BDA498B0109F21729A556F1B21FF, 81392C6D585D5BA048E4D9616CAE316B334687456394BEF847FBD04D3F5E3F88 ] cfwids C:\Windows\system32\drivers\cfwids.sys

06:30:06.0879 0x2acc cfwids - ok

06:30:06.0907 0x2acc [ 02EA568D498BBDD4BA55BF3FCE34D456, 5A418B156CBB48D14E0F6B6AE6E03B8CD97AABE838F260757014479566C63F17 ] circlass C:\Windows\system32\drivers\circlass.sys

06:30:06.0909 0x2acc circlass - ok

06:30:06.0943 0x2acc [ 3DCA9A18B204939CFB24BEA53E31EB48, 73CEDE020A6C8269EE8847A4E43071FD231179DA9430DE2983263B8345AD92B7 ] CLFS C:\Windows\system32\CLFS.sys

06:30:06.0966 0x2acc CLFS - ok

06:30:07.0053 0x2acc [ 8EE772032E2FE80A924F3B8DD5082194, B743DF91563A22CC15D9B44105804B5866A29D3DFC156DBE88DFAFEF903B94C0 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

06:30:07.0056 0x2acc clr_optimization_v2.0.50727_32 - ok

06:30:07.0128 0x2acc [ CE07A466201096F021CD09D631B21540, 1A11DDAB7000569A89F3FA26BDEE4D527FA6D57D3F91CDABAA9C02CACDDE5F6D ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

06:30:07.0131 0x2acc clr_optimization_v2.0.50727_64 - ok

06:30:07.0149 0x2acc [ E5D5499A1C50A54B5161296B6AFE6192, 20A8A0478918063A9EE81565F21F4ACCAA7B6A8B2E9E084099879D85574BAB3E ] cmdide C:\Windows\system32\drivers\cmdide.sys

06:30:07.0151 0x2acc cmdide - ok

06:30:07.0156 0x2acc [ 7FB8AD01DB0EABE60C8A861531A8F431, E19353C686B07A0DBBA92CFCC88AB9B6BEBAF389416B78F4470BA673E7CD73C3 ] Compbatt C:\Windows\system32\drivers\compbatt.sys

06:30:07.0158 0x2acc Compbatt - ok

06:30:07.0163 0x2acc COMSysApp - ok

06:30:07.0233 0x2acc [ 7150E3708FB489E7941F7A6A7A0DB282, 2D521FCF3CC75C86FF74B885490000A94468FC68113785B700FF62C912511843 ] CouponPrinterService C:\Program Files (x86)\Coupons\CouponPrinterService.exe

06:30:07.0242 0x2acc CouponPrinterService - ok

06:30:07.0254 0x2acc [ A8585B6412253803CE8EFCBD6D6DC15C, C3906B080D3BB06CB976FD98C62CBA97DAE74970A5559D51EF5111D773949322 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys

06:30:07.0256 0x2acc crcdisk - ok

06:30:07.0314 0x2acc [ 5AAC48EAF8EACF247DB44FB61B900D89, D20FCD5C71CA18F284D3DFD0CED37F6888A296E76B7B0563F2F4668CF90FE752 ] CryptSvc C:\Windows\system32\cryptsvc.dll

06:30:07.0319 0x2acc CryptSvc - ok

06:30:07.0370 0x2acc [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF, 3BE4B8EE22FA55D3A17D3718781C8BCA631C78F7928092561F6B79BB60E7D7FE ] DcomLaunch C:\Windows\system32\rpcss.dll

06:30:07.0385 0x2acc DcomLaunch - ok

06:30:07.0431 0x2acc [ 8B722BA35205C71E7951CDC4CDBADE19, 39720A60DFD0532F7E1A1976240E9828559BF9E0C6D1CFBF4D911965BFD94158 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

06:30:07.0435 0x2acc DfsC - ok

06:30:07.0604 0x2acc [ C647F468F7DE343DF8C143655C5557D4, E2D35FE49C408B952D8FE0C7EF70D42798229D30B89CEF9858BAC9F4F9E98EF2 ] DFSR C:\Windows\system32\DFSR.exe

06:30:07.0689 0x2acc DFSR - ok

06:30:07.0741 0x2acc [ 3ED0321127CE70ACDAABBF77E157C2A7, 10973BD0AEF9597A4EA0A4947BDE922F9168F33D6ED97BFFEE6176AADAD78980 ] Dhcp C:\Windows\System32\dhcpcsvc.dll

06:30:07.0746 0x2acc Dhcp - ok

06:30:07.0754 0x2acc [ B0107E40ECDB5FA692EBF832F295D905, 76466BB9E4F12436ECCCB9D89EB20762B4785F82F02591B51A735A590E248264 ] disk C:\Windows\system32\drivers\disk.sys

06:30:07.0756 0x2acc disk - ok

06:30:07.0808 0x2acc [ 06230F1B721494A6DF8D47FD395BB1B0, F6CA8270740E01D9CE2FE8E34BC067C7EDC15BA610F461860E1D17D135C8A379 ] Dnscache C:\Windows\System32\dnsrslvr.dll

06:30:07.0812 0x2acc Dnscache - ok

06:30:07.0893 0x2acc [ DB29915209770D8B59654345EC2D943A, 3D55C5F86E8FC46A82ECA4CBE30DE1C53AB9F6CD79D1597571667774DD86ABD2 ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe

06:30:07.0898 0x2acc DockLoginService - ok

06:30:07.0923 0x2acc [ 1A7156DD1E850E9914E5E991E3225B94, 99FF0C7125B01FCB0B92DC44756AE8FAA486F2E7F38DC6204F7EFE5918F8480A ] dot3svc C:\Windows\System32\dot3svc.dll

06:30:07.0930 0x2acc dot3svc - ok

06:30:07.0943 0x2acc [ 1583B39790DB3EAEC7EDB0CB0140C708, F94F9AE7054A38602CD25D4E10FE7C7B574BD9ED8440C3FDAA7275A1D1E663E7 ] DPS C:\Windows\system32\dps.dll

06:30:07.0947 0x2acc DPS - ok

06:30:07.0991 0x2acc [ F1A78A98CFC2EE02144C6BEC945447E6, D2E2AA13BE6319F967002476A5D3CF09B1B44350576DD8E1C1C531854F53B488 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

06:30:07.0992 0x2acc drmkaud - ok

06:30:08.0051 0x2acc [ 0A3C78677FF62E9E0AE7CC25C790A968, 6A2D81BC3715FD4960D2C853870C056C5BFE581B25C4592CBF65EAC044DFEAB3 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

06:30:08.0074 0x2acc DXGKrnl - ok

06:30:08.0108 0x2acc [ 090C52161E62D06CC7DF831F4BFF7644, 6ACB77D0E90F24D71022BFD1056F20590E90F768A3495B18328A87AD5495AE3D ] e1express C:\Windows\system32\DRIVERS\e1e6032e.sys

06:30:08.0117 0x2acc e1express - ok

06:30:08.0149 0x2acc [ 264CEE7B031A9D6C827F3D0CB031F2FE, 50CAD28A73D29E7E04A45330146CF713BA17101215955009121E36D43CD5C536 ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys

06:30:08.0154 0x2acc E1G60 - ok

06:30:08.0214 0x2acc [ C2303883FD9BE49DC36A6400643002EA, F062D1D6D503CF5195BDE8C1DC75B541F559CB8175ADABCDB7690E9F1CA3EA4E ] EapHost C:\Windows\System32\eapsvc.dll

06:30:08.0217 0x2acc EapHost - ok

06:30:08.0255 0x2acc [ 5F94962BE5A62DB6E447FF6470C4F48A, D00F9B3315DE8610BBE93FFD3CA3E2CF5B10697C518FC25FA4274CC6894D022B ] Ecache C:\Windows\system32\drivers\ecache.sys

06:30:08.0260 0x2acc Ecache - ok

06:30:08.0326 0x2acc [ 14CE384D2E27B64C256BDA4DC39C312D, D5FA9C2BB162F1C22E419D33671B8202AAC245A87F6B183B97F83F5BFA165B41 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

06:30:08.0350 0x2acc ehRecvr - ok

06:30:08.0371 0x2acc [ B93159C1313D66FDFBBE876F5189CD52, 51E39160EA56F6B08449267EDF2A0F604612663768D2348DE23554AB07BDBB62 ] ehSched C:\Windows\ehome\ehsched.exe

06:30:08.0375 0x2acc ehSched - ok

06:30:08.0406 0x2acc [ F5EE2527D74449868E3C3227A59BCD28, 11640E97EE9D8F9A5DC3FEA6BA7A737AA796A7235C7F5C7EF1ABFB51C9D730D3 ] ehstart C:\Windows\ehome\ehstart.dll

06:30:08.0408 0x2acc ehstart - ok

06:30:08.0423 0x2acc [ C4636D6E10469404AB5308D9FD45ED07, 367D958D19F672395462206F27C1E138386C2F37B0FA77546F4217CF16D05C84 ] elxstor C:\Windows\system32\drivers\elxstor.sys

06:30:08.0441 0x2acc elxstor - ok

06:30:08.0471 0x2acc [ A9B18B63A4FD6BAAB83326706D857FAB, 7721CC67C0F8CE3060D0EB35A10E4ADC1E3CB470C0797B17D606060C270F96D7 ] EMDMgmt C:\Windows\system32\emdmgmt.dll

06:30:08.0482 0x2acc EMDMgmt - ok

06:30:08.0512 0x2acc [ BC3A58E938BB277E46BF4B3003B01ABD, 2BB054E632A96951DAB25B3BE8541AEC1B97A7739FC8D0E34BE8B9295600C8FC ] ErrDev C:\Windows\system32\drivers\errdev.sys

06:30:08.0514 0x2acc ErrDev - ok

06:30:08.0586 0x2acc [ E12F22B73F153DECE721CD45EC05B4AF, 41887EEF4BB024329B4079AD50FC5FB705F0EB8BAF6C93A8242DC2A73D3AFD86 ] EventSystem C:\Windows\system32\es.dll

06:30:08.0596 0x2acc EventSystem - ok

06:30:08.0606 0x2acc [ 486844F47B6636044A42454614ED4523, 3E24E78584B199C0FAA59613EEB7DF67B3B878B277A0130C7A3FF608C130BA2F ] exfat C:\Windows\system32\drivers\exfat.sys

06:30:08.0610 0x2acc exfat - ok

06:30:08.0627 0x2acc [ 1A4BEE34277784619DDAF0422C0C6E23, 3223E1B5DD4866D8E09F1B465FF82C911DDEE5B01B084543086E47B11D2AEA77 ] fastfat C:\Windows\system32\drivers\fastfat.sys

06:30:08.0631 0x2acc fastfat - ok

06:30:08.0650 0x2acc [ 81B79B6DF71FA1D2C6D688D830616E39, 62F8BC0DB918A49B10A5BE1724A2E2F17FA7D8208D5D86822FACB2DCD97B3591 ] fdc C:\Windows\system32\DRIVERS\fdc.sys

06:30:08.0651 0x2acc fdc - ok

06:30:08.0662 0x2acc [ BB9267ACACD8B7533DD936C34A0CBA5E, 32DE6E10ABA540D62F0D8AE30DE8769D7BF29E547838BEBE67C04183CC0B32C7 ] fdPHost C:\Windows\system32\fdPHost.dll

06:30:08.0664 0x2acc fdPHost - ok

06:30:08.0679 0x2acc [ 300C80931EABBE1DB7591C516EFE8D0F, F031DA96B06B6FA8E0AD56D5E10E5A5882765C3FF258A4DE06A47EC34829FF04 ] FDResPub C:\Windows\system32\fdrespub.dll

06:30:08.0682 0x2acc FDResPub - ok

06:30:08.0696 0x2acc [ 457B7D1D533E4BD62A99AED9C7BB4C59, 3933907DE163F8D3A81ED25169B693D723296C437C7C990BFE9DEFD60F7635FD ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

06:30:08.0698 0x2acc FileInfo - ok

06:30:08.0713 0x2acc [ D421327FD6EFCCAF884A54C58E1B0D7F, C2F3B72EA36BA8B74A30E128C088307CA768FDBE232BFA216CD78B0F9B7AF18A ] Filetrace C:\Windows\system32\drivers\filetrace.sys

06:30:08.0715 0x2acc Filetrace - ok

06:30:08.0728 0x2acc [ 230923EA2B80F79B0F88D90F87B87EBD, 1F3287970FEC73011F3B675C447BF0CA35416490D4740C6960595B091181059C ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

06:30:08.0730 0x2acc flpydisk - ok

06:30:08.0760 0x2acc [ E3041BC26D6930D61F42AEDB79C91720, 3556C033BB78445EC8B2F98A82455914764AFC70CBFF634DDBD3539885A1E457 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

06:30:08.0768 0x2acc FltMgr - ok

06:30:08.0838 0x2acc [ BC5B0BE5AF3510B0FD8C140EE42C6D3E, B21CA5F14BDB6CFD97A24C28BB2AD0D704C46058F13B01FF4203514FE8B92591 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

06:30:08.0840 0x2acc FontCache3.0.0.0 - ok

06:30:08.0853 0x2acc [ 5779B86CD8B32519FBECB136394D946A, 68A395CD2287D22CB5C8CFE5A3006A61AC0C3FDAADF166C93240FF83C0315DCF ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

06:30:08.0854 0x2acc Fs_Rec - ok

06:30:08.0861 0x2acc [ C8E416668D3DC2BE3D4FE4C79224997F, 7DBC8E7687179A649638F606C9584F2E8EC2065762997CDF151F9BB99FA8D535 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys

06:30:08.0863 0x2acc gagp30kx - ok

06:30:08.0879 0x2acc [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

06:30:08.0881 0x2acc GEARAspiWDM - ok

06:30:08.0929 0x2acc [ A0E1B575BA8F504968CD40C0FAEB2384, F64A24A5A93F4E757882E97C65DA612F07A87F4DDD2E10C1AB0250AFA03BCEF1 ] gpsvc C:\Windows\System32\gpsvc.dll

06:30:08.0949 0x2acc gpsvc - ok

06:30:09.0027 0x2acc [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

06:30:09.0032 0x2acc gupdate - ok

06:30:09.0055 0x2acc [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

06:30:09.0058 0x2acc gupdatem - ok

06:30:09.0135 0x2acc [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

06:30:09.0141 0x2acc gusvc - ok

06:30:09.0167 0x2acc [ 68E732382B32417FF61FD663259B4B09, 10C5365AEAC46DF4F5F6A8F96D15141B4709851D4752613233E57EB20CE16446 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

06:30:09.0175 0x2acc HdAudAddService - ok

06:30:09.0221 0x2acc [ F942C5820205F2FB453243EDFEC82A3D, 17A6A3DCF884FB524C93F2477D97E9F2B8E547709F8F2AEA93BEEA322B62E914 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys

06:30:09.0266 0x2acc HDAudBus - ok

06:30:09.0289 0x2acc [ B4881C84A180E75B8C25DC1D726C375F, C0BEDBF43EFB0DD442A1D7985EA4A7493671648954B7D1840E30FB2FC46589A4 ] HidBth C:\Windows\system32\drivers\hidbth.sys

06:30:09.0290 0x2acc HidBth - ok

06:30:09.0309 0x2acc [ 4E77A77E2C986E8F88F996BB3E1AD829, 1748676EB038A145405080B829DF4156C2596691BE5C67FD8269BE8D9351B400 ] HidIr C:\Windows\system32\drivers\hidir.sys

06:30:09.0310 0x2acc HidIr - ok

06:30:09.0321 0x2acc [ 59361D38A297755D46A540E450202B2A, ED97800A3FF9B90EC58BC5122C42B53F46D9C157EFE488481E8677ED7058E33D ] hidserv C:\Windows\System32\hidserv.dll

06:30:09.0324 0x2acc hidserv - ok

06:30:09.0347 0x2acc [ 443BDD2D30BB4F00795C797E2CF99EDF, BCE1A241AE5CCE3E1C65CCF07ECB4305C7106F2EFFD51F2C519EB00026B474C4 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

06:30:09.0348 0x2acc HidUsb - ok

06:30:09.0377 0x2acc [ 29F981739E50305128022CBE10B3659C, 25060937145B0DCA8CD088E78993BFEF1430CDDFF433E606AFC93993CBBF4B3E ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys

06:30:09.0383 0x2acc HipShieldK - ok

06:30:09.0420 0x2acc [ B12F367EA39C0795FD57E31242CE1A5A, 498439FE4D1217211EB6C1AC35CDA5D59F3AE8F06AF5E41EE9FDB0DC559FBE27 ] hkmsvc C:\Windows\system32\kmsvc.dll

06:30:09.0424 0x2acc hkmsvc - ok

06:30:09.0542 0x2acc [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] HomeNetSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

06:30:09.0551 0x2acc HomeNetSvc - ok

06:30:09.0591 0x2acc [ D7109A1E6BD2DFDBCBA72A6BC626A13B, 6141B6645F4152A326ECA8AD0DD04CB38C9EDA395BDF6FF260AB17CB86FC4C87 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys

06:30:09.0593 0x2acc HpCISSs - ok

06:30:09.0604 0x2acc [ DBD2BB97A574FC565B1EB5C0A03F917A, 3946F8F95C3A7371E168BC82F068E7F830A07FD545A16F47336902E174E0370A ] HPFXBULK C:\Windows\system32\drivers\hpfx64bulk.sys

06:30:09.0606 0x2acc HPFXBULK - ok

06:30:09.0661 0x2acc [ 098F1E4E5C9CB5B0063A959063631610, 36B02A738413E4745978E3E90D9CE8ABC08376BEE411008A4312A752CB4A2E13 ] HTTP C:\Windows\system32\drivers\HTTP.sys

06:30:09.0677 0x2acc HTTP - ok

06:30:09.0713 0x2acc [ DA94C854CEA5FAC549D4E1F6E88349E8, 10BEB47DB90F55BD1792C2041E49ED13E4E52BCC11BE6599F6DA8D91B79CC8D1 ] i2omp C:\Windows\system32\drivers\i2omp.sys

06:30:09.0715 0x2acc i2omp - ok

06:30:09.0756 0x2acc [ CBB597659A2713CE0C9CC20C88C7591F, A2BAC75F7247D871842A32EAA7594D338E728D1BFEAEA3C1FCDBF65F007BC06A ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys

06:30:09.0758 0x2acc i8042prt - ok

06:30:09.0857 0x2acc [ CB686F44BF955EA02520710A56874FA4, D898E897171B07136FCB94726AB16738C923A170B166EB5D758E404C8A6EFD0F ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

06:30:09.0866 0x2acc IAANTMON - ok

06:30:09.0888 0x2acc [ 8D58627FEF3F8767665D9F4DC91CBD97, 1E0C1701220A73633C53766F3BD469468135D4B97827F1659A719FCCCA34E26E ] iaStor C:\Windows\system32\drivers\iastor.sys

06:30:09.0896 0x2acc iaStor - ok

06:30:09.0908 0x2acc [ 3E3BF3627D886736D0B4E90054F929F6, 95A138B65DC9133E92F53A529C7AD897D8823EFAED343756549FDF6C8C749CD0 ] iaStorV C:\Windows\system32\drivers\iastorv.sys

06:30:09.0916 0x2acc iaStorV - ok

06:30:09.0993 0x2acc [ 749F5F8CEDCA70F2A512945325FC489D, 443B4F779F27CD69C1F072823FCD9E5BA7590B6F48BE759DC6A1F898C467E58F ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

06:30:10.0040 0x2acc idsvc - ok

06:30:10.0062 0x2acc [ 8C3951AD2FE886EF76C7B5027C3125D3, 85CF7231756E02BD9E5F4378F3FC794394A072B8028F27827F83ACE9EE554499 ] iirsp C:\Windows\system32\drivers\iirsp.sys

06:30:10.0064 0x2acc iirsp - ok

06:30:10.0107 0x2acc [ 0401A380C88754B2399F8043AC9B2BF9, BFF3B53FAFAE6622AA9F74BAA4A3D522C06E2D732B88916766603B9FE8D0D77F ] IKEEXT C:\Windows\System32\ikeext.dll

06:30:10.0119 0x2acc IKEEXT - ok

06:30:10.0153 0x2acc [ DF797A12176F11B2D301C5B234BB200E, 384343636B21CA7EDF28EFD1B6728EAB1508CA49CE48FF3DC0D91DB843C0C73E ] intelide C:\Windows\system32\drivers\intelide.sys

06:30:10.0154 0x2acc intelide - ok

06:30:10.0170 0x2acc [ BFD84AF32FA1BAD6231C4585CB469630, 33E0842F2D0879B02C115301174FCB19ED3AAF7B1B8E6284839CE16DE56476EA ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

06:30:10.0172 0x2acc intelppm - ok

06:30:10.0231 0x2acc [ D8AABC341311E4780D6FCE8C73C0AD81, 141E8032A934777567E6DAC35FB1C77C40D9B6EE477F17F872F35833A8F57F72 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

06:30:10.0233 0x2acc IpFilterDriver - ok

06:30:10.0261 0x2acc [ BF0DBFA9792C5C14FA00F61C75116C1B, 24C14DCAF57013F1C238E3C123279737420A714EB29CB69239C9838C9A269A59 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

06:30:10.0268 0x2acc iphlpsvc - ok

06:30:10.0275 0x2acc [ 9C2EE2E6E5A7203BFAE15C299475EC67, E51628ECAB9CCCBCE02801C5E71406487A280765FEE318D14B0C227141B87658 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys

06:30:10.0278 0x2acc IPMIDRV - ok

06:30:10.0286 0x2acc [ B7E6212F581EA5F6AB0C3A6CEEEB89BE, C29D7F392116BB09F7047A90702331F200DACFB3C94E7F912932971E0B7F0413 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys

06:30:10.0290 0x2acc IPNAT - ok

06:30:10.0367 0x2acc [ F7ED08D4BC89D7AC6135C1556A89157F, 8F15F1E528F6513FCEF5D966880CBA8A2C7A4816393393F4B201CDD6227F36A3 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

06:30:10.0383 0x2acc iPod Service - ok

06:30:10.0398 0x2acc [ 8C42CA155343A2F11D29FECA67FAA88D, 699F06D25C5F270CE1194F4D350CB0BE22C6AB609EECF35D066C034AC380BEE3 ] IRENUM C:\Windows\system32\drivers\irenum.sys

06:30:10.0408 0x2acc IRENUM - ok

06:30:10.0470 0x2acc [ 0672BFCEDC6FC468A2B0500D81437F4F, A0322B569C309F258684AFECCD52924A33F363186261730469245B7FA357C645 ] isapnp C:\Windows\system32\drivers\isapnp.sys

06:30:10.0472 0x2acc isapnp - ok

06:30:10.0528 0x2acc [ E4FDF99599F27EC25D2CF6D754243520, 9139E708EE30F10652C9A458BD58B0343A3C05E84CD3E71FA0B0E4123503CF7B ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys

06:30:10.0535 0x2acc iScsiPrt - ok

06:30:10.0555 0x2acc [ 63C766CDC609FF8206CB447A65ABBA4A, D9CA006FA852C95E90E8A0837E296FCBFD76246DA8AFDE563863D5F95BDFEC52 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys

06:30:10.0557 0x2acc iteatapi - ok

06:30:10.0572 0x2acc [ 1281FE73B17664631D12F643CBEA3F59, B27571A0348CDF81DC102A61712CBA9A4AF7AC0015A7702B0DE73AD4E4646853 ] iteraid C:\Windows\system32\drivers\iteraid.sys

06:30:10.0574 0x2acc iteraid - ok

06:30:10.0585 0x2acc [ 423696F3BA6472DD17699209B933BC26, 00C2EAA1A8E9D422D178B7678598743234930C1858D76C632F079EF789BB56C3 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

06:30:10.0587 0x2acc kbdclass - ok

06:30:10.0593 0x2acc [ DBDF75D51464FBC47D0104EC3D572C05, E392EE961E734620245874C7700D56621A1A990C45DF5CE0B7D270BA708F255E ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys

06:30:10.0594 0x2acc kbdhid - ok

06:30:10.0623 0x2acc [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] KeyIso C:\Windows\system32\lsass.exe

06:30:10.0625 0x2acc KeyIso - ok

06:30:10.0663 0x2acc [ 88956AD9FA510848AD176777A6C6C1F5, 8F2FBF7E70F836C2C11EE5ABCAFE3E51DC26E953DDFBEE3C1B4AA8E58EBDCF5E ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

06:30:10.0677 0x2acc KSecDD - ok

06:30:10.0699 0x2acc [ 1D419CF43DB29396ECD7113D129D94EB, 21ECCE9D17F055C7B5066110864E10C99291CE50B389C545371333904CE2DBB5 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

06:30:10.0701 0x2acc ksthunk - ok

06:30:10.0766 0x2acc [ 1FAF6926F3416D3DA05C5B265491BDAE, 3989E18522691CC3820092033E00ED39D08861DFB369AA0DFFF4B379E48EA1F0 ] KtmRm C:\Windows\system32\msdtckrm.dll

06:30:10.0777 0x2acc KtmRm - ok

06:30:10.0832 0x2acc [ 50C7A3CB427E9BB5ED0708A669956AB5, 3DAD1C01AE58FE2C6134283B19118E2F3C884DDFFBAE4A46B7B5E4FB1A2567A1 ] LanmanServer C:\Windows\System32\srvsvc.dll

06:30:10.0838 0x2acc LanmanServer - ok

06:30:10.0887 0x2acc [ CAF86FC1388BE1E470F1A7B43E348ADB, 9E9AE0B617D1031E8462524802A2D997AE7C944A7D00D403FF903145A7FEB761 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

06:30:10.0894 0x2acc LanmanWorkstation - ok

06:30:10.0920 0x2acc [ 96ECE2659B6654C10A0C310AE3A6D02C, 3322E87B9F64C3ACBCB634F2390AAB212FA7695383BF01F0092A803871BF19B2 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

06:30:10.0922 0x2acc lltdio - ok

06:30:10.0950 0x2acc [ 961CCBD0B1CCB5675D64976FAE37D092, 258378BE76A13E4368C9587E6A22727721E4B267B0D26D3D3E333B3B2A5A0611 ] lltdsvc C:\Windows\System32\lltdsvc.dll

06:30:10.0959 0x2acc lltdsvc - ok

06:30:10.0981 0x2acc [ A47F8080CACC23C91FE823AD19AA5612, 161575406D158D6D5C9220F1E82C0CC19108C74ADC35C509BAF9B0C414EFD8EE ] lmhosts C:\Windows\System32\lmhsvc.dll

06:30:10.0983 0x2acc lmhosts - ok

06:30:11.0006 0x2acc [ ACBE1AF32D3123E330A07BFBC5EC4A9B, 0E17E4DD30B5AF8F269EF8EA003836C9E16273262A050B9BE3ED802DD3AC9319 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys

06:30:11.0010 0x2acc LSI_FC - ok

06:30:11.0018 0x2acc [ 799FFB2FC4729FA46D2157C0065B3525, AB462A34D061C113DA12641C45159A58D0AEA1C440233D061A20DF99586CFA93 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys

06:30:11.0021 0x2acc LSI_SAS - ok

06:30:11.0029 0x2acc [ F445FF1DAAD8A226366BFAF42551226B, 92B63E15363F1EAE8A54D4E74ED21669D0A9FE99C654671556C58456228278B1 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys

06:30:11.0033 0x2acc LSI_SCSI - ok

06:30:11.0040 0x2acc [ 52F87B9CC8932C2A7375C3B2A9BE5E3E, 2EB22DD418D4934BDD22C5DB49D5D06178EC0419AB5CC28DD544CA91823987B0 ] luafv C:\Windows\system32\drivers\luafv.sys

06:30:11.0044 0x2acc luafv - ok

06:30:11.0228 0x2acc [ 2D46DC95709F2967D401326CA67D4111, E3D0ABD776AC769799033C23B00BCAEDB53339BB1B262224F39F93C6895DDAAF ] M4-Service C:\Users\Sharon\AppData\Local\Mikogo4\Viewer\Service\M4-Service.exe

06:30:11.0270 0x2acc M4-Service - ok

06:30:11.0296 0x2acc [ F92B0E478C0FAA6D6661E6E977247E60, 8B26B57C2C60C98CD6273ACA126B2CD0356ADB13A59FEC12882357A6B973123C ] MBAMProtector C:\Windows\system32\drivers\mbam.sys

06:30:11.0298 0x2acc MBAMProtector - ok

06:30:11.0386 0x2acc [ D84AEA3F3329D622DFC1297DDDF6163B, 316FE56CC30ED1473A917253F46B79EAA12F4ABD5B4B1ADB03929DFEE940F577 ] MBAMScheduler C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

06:30:11.0430 0x2acc MBAMScheduler - ok

06:30:11.0470 0x2acc [ 4F45ED469906494F9BF754E476390DBD, D8FF6AFD73D8C191F5732DF9737E6F83B2B52B06A3A6CD4CC6EAC9464CBB2772 ] MBAMService C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

06:30:11.0492 0x2acc MBAMService - ok

06:30:11.0558 0x2acc [ 8A50D5304E6AE48664CF5838EC32F647, C76943FABEE1B5E1B641AA610668CCD4227E2C4B191DD30B79D3AB31A9E8B5BE ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys

06:30:11.0561 0x2acc MBAMSwissArmy - ok

06:30:11.0603 0x2acc [ 3C88AB26DEDCD50396240CA37D5085AF, 2513CBD3CA303CB9B424659F2F5E89B22CA4E724DCEB31B4A0DA1A5B731A9A39 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys

06:30:11.0605 0x2acc MBAMWebAccessControl - ok

06:30:11.0701 0x2acc [ F928E5E72BBA15DD0CE9A26E0413D236, D63EFA1408084F524464729C2F3BE16550E07ACE2BF8A00699A8438079AD381B ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

06:30:11.0707 0x2acc McAfee SiteAdvisor Service - ok

06:30:11.0782 0x2acc [ 96E7AA538AB0EDECCAB3862BA4B66232, 8AF460093B4DC1FD81C4508A57B6A80A7FB2E1818A3405506B8DB5B521615FB6 ] McAPExe C:\Program Files\McAfee\MSC\McAPExe.exe

06:30:11.0787 0x2acc McAPExe - ok

06:30:11.0848 0x2acc [ F8B823414A22DBF3BEC10DCAA5F93CD8, 651C7521033439C0AA9006F1AC2CF376B1588CE781BEE4D10B7622FA3D055F6C ] McciCMService C:\Program Files (x86)\Common Files\Motive\McciCMService.exe

06:30:11.0857 0x2acc McciCMService - ok

06:30:11.0943 0x2acc [ 859E5A32485178DAECA06B52E2BB44B2, 10402A9E290821A2F353CB58DA3362FB38D8BCC0E5F174F6CFEE9BE022CE0FD8 ] McciCMService64 C:\Program Files\Common Files\Motive\McciCMService.exe

06:30:11.0969 0x2acc McciCMService64 - ok

06:30:12.0029 0x2acc [ 49F5B235EDC9C6AC0ABA44737B190317, 096D8D583ED024F1B3AD30DD5EBA38B1FEE518166E157C0E3890D80687181F60 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe

06:30:12.0050 0x2acc McComponentHostService - ok

06:30:12.0088 0x2acc [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McMPFSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

06:30:12.0095 0x2acc McMPFSvc - ok

06:30:12.0128 0x2acc [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McNaiAnn C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

06:30:12.0135 0x2acc McNaiAnn - ok

06:30:12.0193 0x2acc [ 63D93A440E7AC015D85B9A3DA0C1BBAF, 849A13E91B041DEC2A47F5BE65ADBA6CAC8AF01675D0D8E13730724B54B4DD15 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe

06:30:12.0210 0x2acc McODS - ok

06:30:12.0223 0x2acc [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] mcpltsvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

06:30:12.0229 0x2acc mcpltsvc - ok

06:30:12.0262 0x2acc [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McProxy C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

06:30:12.0268 0x2acc McProxy - ok

06:30:12.0305 0x2acc [ 76A58DF02BD4EA29F189B82D0BEF17F8, B3A96AABE050BB332ECD9AF7C35D08B468AC459D30FF4D49B609BA3F95ECEEDA ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

06:30:12.0308 0x2acc Mcx2Svc - ok

06:30:12.0365 0x2acc [ 5C5CD6AACED32FB26C3FB34B3DCF972F, 34A66C21FA79800D3CDE933CFA71343218F94D67AAE763EA0B53AC49060CB6D0 ] megasas C:\Windows\system32\drivers\megasas.sys

06:30:12.0366 0x2acc megasas - ok

06:30:12.0405 0x2acc [ 859BC2436B076C77C159ED694ACFE8F8, 4AEA57A8B9EACEC1B8DED3ECC95621C56E6D65CFE2DA9F07DAF7C7BAD132B624 ] MegaSR C:\Windows\system32\drivers\megasr.sys

06:30:12.0442 0x2acc MegaSR - ok

06:30:12.0476 0x2acc [ 4800829B6DA07ED8818EBC3AB4ECB2AF, B75BC9838B4A4CEB65AFE246B01FD545DC7AACA192AC0F7B4E7A0F5DF6A454E3 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys

06:30:12.0481 0x2acc mfeapfk - ok

06:30:12.0545 0x2acc [ 001EF965C2869723E5929255E7F4BDB0, E9F6DC7842DAE743881F7DC9AE9CDBF2DBD1DD48A387AF92E32AA13CAEFCBEF6 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys

06:30:12.0553 0x2acc mfeavfk - ok

06:30:12.0673 0x2acc [ E85AC33B3E5D81BF750AC8FFBE7FD46F, 5F62E2732B234176A94E8E3F34A125935FC8D52F608CB4F38FE0DE3E7B25E3D5 ] mfecore C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe

06:30:12.0699 0x2acc mfecore - ok

06:30:12.0755 0x2acc [ A769FABF6F9B5E72450F9E161C83D495, 3601A1242885B778B81AB2ABA95F6EAA026427A3F8072427A0A4DF7B93CF4CE1 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

06:30:12.0761 0x2acc mfefire - ok

06:30:12.0831 0x2acc [ F153129E35F2D1C893A099368B55E530, 08D5F93CF2A6994700D1F29239BF7F5B4EA48793211E24601B1FE4A8BC96F092 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys

06:30:12.0845 0x2acc mfefirek - ok

06:30:12.0889 0x2acc [ 63835C12B7B9E1B8EA1D195E9A2A786A, C25CFAE33178AE0CB84F078113F328308FB107D574A27653323F909B41B41C01 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys

06:30:12.0908 0x2acc mfehidk - ok

06:30:12.0980 0x2acc [ 9BBE68D37302E191788058ECA974B870, 9D1034097328A4E83479594DD2AFA857B58D758C227F952FDCED7DEEF23B8D5D ] mfencbdc C:\Windows\system32\DRIVERS\mfencbdc.sys

06:30:12.0991 0x2acc mfencbdc - ok

06:30:13.0031 0x2acc [ 5A0A092F04A83505799F857371E4A3FF, 1BD7726CB3CDFA7B5C225B695B07AC143B7BE2A3DBD596B30DB2816D407A6C9E ] mfencrk C:\Windows\system32\DRIVERS\mfencrk.sys

06:30:13.0035 0x2acc mfencrk - ok

06:30:13.0083 0x2acc [ FAB7B6D571B810B73F5BB286AB439687, D1898B16E9FCABFF1BC937427B18B1083018B4F5DED6A04A2967352FF5857218 ] mfevtp C:\Windows\system32\mfevtps.exe

06:30:13.0089 0x2acc mfevtp - ok

06:30:13.0109 0x2acc [ 57CC9413361359476B844339417F1CFF, 87093104871F8B6A6336404F0C497A6B5473AA0E770C54ABF233428FB151FD4C ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys

06:30:13.0119 0x2acc mfewfpk - ok

06:30:13.0150 0x2acc [ 3CBE4995E80E13CCFBC42E5DCF3AC81A, 18B0E3E83E41C80809E8140F4C90AB051566C84DD891EA411746EA74E6EAF053 ] MMCSS C:\Windows\system32\mmcss.dll

06:30:13.0152 0x2acc MMCSS - ok

06:30:13.0186 0x2acc [ 59848D5CC74606F0EE7557983BB73C2E, EA6ACF0619DE1E4272AEDC69F2E66E29DA499E8E8094243C9EF735FD8369229D ] Modem C:\Windows\system32\drivers\modem.sys

06:30:13.0187 0x2acc Modem - ok

06:30:13.0212 0x2acc [ C247CC2A57E0A0C8C6DCCF7807B3E9E5, 357811D1B8F70828F6432879F59DAB916FBB55673B3473D879382DE33CFB3FAF ] monitor C:\Windows\system32\DRIVERS\monitor.sys

06:30:13.0214 0x2acc monitor - ok

06:30:13.0230 0x2acc [ 9367304E5E412B120CF5F4EA14E4E4F1, F87EBACEE27A50E6610FDCB4BD3001C35A99FEE6D63D643FF2CBF0D484CD082C ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

06:30:13.0233 0x2acc mouclass - ok

06:30:13.0282 0x2acc [ C2C2BD5C5CE5AAF786DDD74B75D2AC69, B77E4A7511923E7BD35A177A40B4E461AC9CB050D6F0575D4799DEF85DA6DA38 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

06:30:13.0284 0x2acc mouhid - ok

06:30:13.0305 0x2acc [ 11BC9B1E8801B01F7F6ADB9EAD30019B, 1BAF820C0AB1B70A114E767B2155A58BF86CD0D9CF582813C1635A86BE3A7A05 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys

06:30:13.0308 0x2acc MountMgr - ok

06:30:13.0358 0x2acc [ E1B6FCAE82474FC071155263E2841D54, 341E2CEB1A86586730130311C4FAF86851151D5F08EF915A5F89B6C4094AE1F4 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

06:30:13.0361 0x2acc MozillaMaintenance - ok

06:30:13.0426 0x2acc [ 9EB89625A82AC961F25E7C865947BF9A, 91DB9530CDE883DC60BE621AC4210ACD069631D9466E37411D9D6AEE587098D9 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys

06:30:13.0441 0x2acc MpFilter - ok

06:30:13.0463 0x2acc [ F8276EB8698142884498A528DFEA8478, C0FF504F721F1D00F42CFE783D4F32C6728518F64646F5C5C11BA3A4824815BB ] mpio C:\Windows\system32\drivers\mpio.sys

06:30:13.0467 0x2acc mpio - ok

06:30:13.0491 0x2acc [ C92B9ABDB65A5991E00C28F13491DBA2, D1233381A9E4262F0AB396BBDB7DE402D4370805E11EB8A118C846F6E9474098 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

06:30:13.0495 0x2acc mpsdrv - ok

06:30:13.0542 0x2acc [ 897E3BAF68BA406A61682AE39C83900C, 13F61D5C22BED061BE7C2669CCCAA2BAD4A0CE83800DF57A50306DE0A476FC27 ] MpsSvc C:\Windows\system32\mpssvc.dll

06:30:13.0559 0x2acc MpsSvc - ok

06:30:13.0584 0x2acc [ 3C200630A89EF2C0864D515B7A75802E, AA4A312E7A28FCE7A944747BADB809CAAD3D67899EBBE663D473621DB25B140A ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys

06:30:13.0586 0x2acc Mraid35x - ok

06:30:13.0601 0x2acc [ 7C1DE4AA96DC0C071611F9E7DE02A68D, 8B248A82324FB23C64D41FA91BCC22093DE44C48D688E5995C484A7072A6EC08 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

06:30:13.0605 0x2acc MRxDAV - ok

06:30:13.0614 0x2acc [ 1485811B320FF8C7EDAD1CAEBB1C6C2B, 9F157AAA1A793EF7E52817E4126B774C17FFA0036DADCF10A024FDC068F94F67 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

06:30:13.0618 0x2acc mrxsmb - ok

06:30:13.0647 0x2acc [ 3B929A60C833FC615FD97FBA82BC7632, 40EEBEB43F42A1A37FAA529E0C21984426F90C1EEFE1EF9BB2F696164595F91D ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

06:30:13.0655 0x2acc mrxsmb10 - ok

06:30:13.0663 0x2acc [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3, 197F70E24D2BBDEC35C2D5BC442267ACC4C5AE3FD5BB30A0928976BE9758C942 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

06:30:13.0666 0x2acc mrxsmb20 - ok

06:30:13.0687 0x2acc [ 730B784962D22D2C6481EAE2370E7C8C, D797363808125247CFCE49E5E427193B95292260B70CDB882331CD9F58F8979B ] msahci C:\Windows\system32\drivers\msahci.sys

06:30:13.0689 0x2acc msahci - ok

06:30:13.0696 0x2acc [ 264BBB4AAF312A485F0E44B65A6B7202, 1DF36540C77D5D885B6C2EE91F0446864D8E6D6CFED87A9ED0765E76FE05E102 ] msdsm C:\Windows\system32\drivers\msdsm.sys

06:30:13.0700 0x2acc msdsm - ok

06:30:13.0738 0x2acc [ 7EC02CE772F068ED0BEAFA3DA341A9BC, 3B5B4EA0BF1D1E57F4DF74A569304A5EE41821F5E2F352760B8C9CA82C6D8292 ] MSDTC C:\Windows\System32\msdtc.exe

06:30:13.0743 0x2acc MSDTC - ok

06:30:13.0770 0x2acc [ 704F59BFC4512D2BB0146AEC31B10A7C, F7712944DDC192C47953D577BE31B79B4D11217305B1C3D0DCA31B1518CB8DCB ] Msfs C:\Windows\system32\drivers\Msfs.sys

06:30:13.0772 0x2acc Msfs - ok

06:30:13.0814 0x2acc [ 00EBC952961664780D43DCA157E79B27, 4F8F5718D8574A128E0F6CD54C9BE59A93A7638A5689A8FF68D0C81D3E67808F ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

06:30:13.0816 0x2acc msisadrv - ok

06:30:13.0845 0x2acc [ 366B0C1F4478B519C181E37D43DCDA32, A98E2BC397FAD7D90653F55AC283CACAE7465D7F10A198D715046B1D896AF246 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

06:30:13.0850 0x2acc MSiSCSI - ok

06:30:13.0855 0x2acc msiserver - ok

06:30:13.0905 0x2acc [ 0EA73E498F53B96D83DBFCA074AD4CF8, E3DDE34FCFF272E06CD8DA836F8D79E2515885715D4A7CD7BF8D97D7A4E0E781 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

06:30:13.0907 0x2acc MSKSSRV - ok

06:30:13.0980 0x2acc [ 89F2AEDC2788696702141AB82C3E7866, E166CBD8D3C708737C37172221945D8E56C25C2CC750889C3CE14AA2DE750F33 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe

06:30:13.0982 0x2acc MsMpSvc - ok

06:30:14.0000 0x2acc [ 52E59B7E992A58E740AA63F57EDBAE8B, A89F607B330BA1F42CA9FF01EF289BBD088350CF376568E58CB9865F1DA6CD72 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

06:30:14.0001 0x2acc MSPCLOCK - ok

06:30:14.0007 0x2acc [ 49084A75BAE043AE02D5B44D02991BB2, 4CD2692D191035CE9D18F4D21F054FF8C3F9CF2734464EA33EAB480A28AD447F ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

06:30:14.0008 0x2acc MSPQM - ok

06:30:14.0034 0x2acc [ DC6CCF440CDEDE4293DB41C37A5060A5, 768D08A67508E1CE69B67642A5E5A639C0DD1E93C956C56ECC5A56B0E502C953 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

06:30:14.0040 0x2acc MsRPC - ok

06:30:14.0069 0x2acc [ 855796E59DF77EA93AF46F20155BF55B, 75DFCEE16A9D94EDF74295B9686D92552817E8A00958917CB0E17089EDCF6A97 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys

06:30:14.0071 0x2acc mssmbios - ok

06:30:14.0076 0x2acc [ 86D632D75D05D5B7C7C043FA3564AE86, 96911FBC106B91E76598EE110B5147D4C55E42C9194E857F866B6B395E78D2CB ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

06:30:14.0078 0x2acc MSTEE - ok

06:30:14.0090 0x2acc [ 0CC49F78D8ACA0877D885F149084E543, 984DDCB52F0DFC1B26C6504FE500E8D9C2CA7F79ED34608AE9866A0915B8BA67 ] Mup C:\Windows\system32\Drivers\mup.sys

06:30:14.0093 0x2acc Mup - ok

06:30:14.0134 0x2acc [ A5B10C845E7538C60C0F5D87A57CB3F5, 2B4E16702591C59BC2CA2B99DBB504BAB4F4EF0835B0D9C7453D340CBF0BDF16 ] napagent C:\Windows\system32\qagentRT.dll

06:30:14.0144 0x2acc napagent - ok

06:30:14.0191 0x2acc [ 2007B826C4ACD94AE32232B41F0842B9, 6267D165C3C8C5F83194890A6DBF71226D4B891AECD1D06F7AEB5D738C3DC9CA ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

06:30:14.0204 0x2acc NativeWifiP - ok

06:30:14.0269 0x2acc [ 65950E07329FCEE8E6516B17C8D0ABB6, 4429D9FF9B6E376D28D8FA4906B7554DF566EC23E455E3166C496B579622F204 ] NDIS C:\Windows\system32\drivers\ndis.sys

06:30:14.0288 0x2acc NDIS - ok

06:30:14.0316 0x2acc [ 64DF698A425478E321981431AC171334, C43177CB60F5D58E1FF7A31E9BE5DA7D92C4B25235867DD65BADC069EDF023F3 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

06:30:14.0318 0x2acc NdisTapi - ok

06:30:14.0323 0x2acc [ 8BAA43196D7B5BB972C9A6B2BBF61A19, 8AFFB26F6E8CF67F562818BBFE12FB448E4FCDF9B68858B625681565DE30DDC1 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

06:30:14.0325 0x2acc Ndisuio - ok

06:30:14.0344 0x2acc [ F8158771905260982CE724076419EF19, B86FFA790A30ED614A11C87F4D738C913EFC0924DC14750D544001D4E9556071 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

06:30:14.0348 0x2acc NdisWan - ok

06:30:14.0367 0x2acc [ 9CB77ED7CB72850253E973A2D6AFDF49, C3C15B317A7F7AE68B7BC62343962C47F075240F252727811DB4BEE443F9103F ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

06:30:14.0369 0x2acc NDProxy - ok

06:30:14.0372 0x2acc Net CLR - ok

06:30:14.0387 0x2acc [ A499294F5029A7862ADC115BDA7371CE, 6BE0AAFE4EB59E056A929D6C1A009D8DFD547025481108CEFB12E5D6F86DBE14 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

06:30:14.0389 0x2acc NetBIOS - ok

06:30:14.0401 0x2acc [ FC2C792EBDDC8E28DF939D6A92C83D61, 9EDF8B56E2B47C31457074DA371B604E5F7EB2B3B5CD4688CBEEDD5B266D119B ] netbt C:\Windows\system32\DRIVERS\netbt.sys

06:30:14.0407 0x2acc netbt - ok

06:30:14.0421 0x2acc [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] Netlogon C:\Windows\system32\lsass.exe

06:30:14.0423 0x2acc Netlogon - ok

06:30:14.0491 0x2acc [ 9B63B29DEFC0F3115A559D2597BF5D75, 297319D3F2E97CB34464EA59D8FD96AC2B8B1A4F2AEE666937F16A041128021F ] Netman C:\Windows\System32\netman.dll

06:30:14.0514 0x2acc Netman - ok

06:30:14.0560 0x2acc [ 74751DDA198165947FD7454D83F49825, 24639B7E71D77999762BDDC65696E1EB868165C03C64278A6176B4505D0EEBB5 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

06:30:14.0564 0x2acc NetTcpPortSharing - ok

06:30:14.0584 0x2acc [ 4AC08BD6AF2DF42E0C3196D826C8AEA7, 8D7DE921E14BAF09D7E2704CFB2FB1C8A78A46DAF86CDF7A347C5D113A8C110B ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys

06:30:14.0586 0x2acc nfrd960 - ok

06:30:14.0605 0x2acc [ C3E0696C3B42F694C5822776AA6FFFDF, 80C3DEC2C48500F96C9E677450EFC1ADA9FE9FBB70F4CC2D7D9244B1A515418B ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys

06:30:14.0610 0x2acc NisDrv - ok

06:30:14.0642 0x2acc [ DCEE3592299B2229A0DB98CB415059A2, 709AAA095DF44DDCB6159CE1635AB05EC666D845445790E569F56B297DC64AC3 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe

06:30:14.0651 0x2acc NisSrv - ok

06:30:14.0672 0x2acc [ F145BF4C4668E7E312069F81EF847CFC, C4926EFB41FE2813E90D83456C6CB8F3157D835391B443C7E26168F4E1D67DC7 ] NlaSvc C:\Windows\System32\nlasvc.dll

06:30:14.0677 0x2acc NlaSvc - ok

06:30:14.0697 0x2acc [ B298874F8E0EA93F06EC40AA8D146478, 275D769E5EFD3153985DAF84C5B22B9D65428E09AB41099901ABDD03B3A2625D ] Npfs C:\Windows\system32\drivers\Npfs.sys

06:30:14.0698 0x2acc Npfs - ok

06:30:14.0755 0x2acc [ ACB62BAA1C319B17752553DF3026EEEB, 5A309DF390A097245250BB64AD5F8575BECA601E0A122DDCB494C67D3D9EA089 ] nsi C:\Windows\system32\nsisvc.dll

06:30:14.0757 0x2acc nsi - ok

06:30:14.0769 0x2acc [ 1523AF19EE8B030BA682F7A53537EAEB, B000630CE4B562D39B5EE4148409B2E01D8924D33D27607B24ADC901357E7AA5 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

06:30:14.0771 0x2acc nsiproxy - ok

06:30:14.0839 0x2acc [ 2ACCAA3C3C55370A32F17B3595E1A217, 8539A293A5E1EBA2CC0FA9E999099D3B6B035D41069398AE17D737BBE4D9FEA8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

06:30:14.0867 0x2acc Ntfs - ok

06:30:14.0891 0x2acc [ DD5D684975352B85B52E3FD5347C20CB, BB03C50D5178643550C024130E20FD9A023AE110B3C85A2D6E18FB8DBB3A12E4 ] Null C:\Windows\system32\drivers\Null.sys

06:30:14.0892 0x2acc Null - ok

06:30:14.0908 0x2acc [ 2C040B7ADA5B06F6FACADAC8514AA034, EF32F7C411090230ED1D95B2D01E8464DCC89D72EFD94BBC8DF6856D00B1A783 ] nvraid C:\Windows\system32\drivers\nvraid.sys

06:30:14.0913 0x2acc nvraid - ok

06:30:14.0932 0x2acc [ F7EA0FE82842D05EDA3EFDD376DBFDBA, 0ED0543A5331C0D8BBFD1BE3174482ED1B3EE70CA41CE8CE5C81977C37B3D129 ] nvstor C:\Windows\system32\drivers\nvstor.sys

06:30:14.0935 0x2acc nvstor - ok

06:30:14.0953 0x2acc [ 19067CA93075EF4823E3938A686F532F, 81339372E90CE9E2594461146A82B62452CF9DB3FF53381D30F6922059EDCF99 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

06:30:14.0957 0x2acc nv_agp - ok

06:30:15.0047 0x2acc [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

06:30:15.0058 0x2acc odserv - ok

06:30:15.0114 0x2acc [ E52479B03A57DC3D4BABD9C5536C94D6, 1F007C8396F9703D8B921E7A78FE5CFBAECD1396FD9C91FD726D6056F3235D24 ] OEM05Afx C:\Windows\system32\Drivers\OEM05Afx.sys

06:30:15.0120 0x2acc OEM05Afx - ok

06:30:15.0148 0x2acc [ 766F689564BC30E5A91F8621CE65AD68, CC98437AC8F6CF2F25331878075E1DEAF79526E82D89840BA86623F559528EDF ] OEM05Vfx C:\Windows\system32\DRIVERS\OEM05Vfx.sys

06:30:15.0149 0x2acc OEM05Vfx - ok

06:30:15.0174 0x2acc [ 859F850A4FD021A66493D18CBA847792, E519760DCE2D797C1B2CB1F00B9E7A409C07D57EEFBB98D4F90BE48791B10523 ] OEM05Vid C:\Windows\system32\DRIVERS\OEM05Vid.sys

06:30:15.0196 0x2acc OEM05Vid - ok

06:30:15.0222 0x2acc [ B5B1CE65AC15BBD11C0619E3EF7CFC28, E9AA27724A7576D1869FF861A498DB8AF79A7B297F10272F1D63E6CB88CD455B ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys

06:30:15.0225 0x2acc ohci1394 - ok

06:30:15.0260 0x2acc [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

06:30:15.0265 0x2acc ose - ok

06:30:15.0320 0x2acc [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] p2pimsvc C:\Windows\system32\p2psvc.dll

06:30:15.0343 0x2acc p2pimsvc - ok

06:30:15.0368 0x2acc [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] p2psvc C:\Windows\system32\p2psvc.dll

06:30:15.0384 0x2acc p2psvc - ok

06:30:15.0393 0x2acc [ AECD57F94C887F58919F307C35498EA0, CD8E8B54A445EF0DC485D5F221588875C98328596F64EE03B2D8BD0B860504FB ] Parport C:\Windows\system32\drivers\parport.sys

06:30:15.0397 0x2acc Parport - ok

06:30:15.0412 0x2acc [ B43751085E2ABE389DA466BC62A4B987, 167CB6B18B6B7B74A229A976833E1FBE6D51C9C0EB8A23C92FC2465B692DF383 ] partmgr C:\Windows\system32\drivers\partmgr.sys

06:30:15.0415 0x2acc partmgr - ok

06:30:15.0441 0x2acc [ 9AB157B374192FF276C1628FBDBA2B0E, E63E2EE1ABEEC5234F4F1318757EDB4A7567057B1DF1A2414C8698D47062B6AC ] PcaSvc C:\Windows\System32\pcasvc.dll

06:30:15.0445 0x2acc PcaSvc - ok

06:30:15.0454 0x2acc [ 47AB1E0FC9D0E12BB53BA246E3A0906D, 82B452D614B535FAD3AFEEA06DFBBF8F7C5031563A2558CFA04F9B94C76E45DF ] pci C:\Windows\system32\drivers\pci.sys

06:30:15.0458 0x2acc pci - ok

06:30:15.0478 0x2acc [ 8D618C829034479985A9ED56106CC732, 9F3773A5184064092920FA2C88CCF5BFE44C63573B443E67230C4F596B7884C2 ] pciide C:\Windows\system32\drivers\pciide.sys

06:30:15.0480 0x2acc pciide - ok

06:30:15.0490 0x2acc [ 037661F3D7C507C9993B7010CEEE6288, A7B415675B14FD755D0167BBA458A902AA9ABFC4343A1B887289D31DE8A55285 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys

06:30:15.0498 0x2acc pcmcia - ok

06:30:15.0545 0x2acc [ 58865916F53592A61549B04941BFD80D, 3511AF2EFD06636E144C36ECA8C7AA1A33C269EDB10A6D879AA25D9E11359AA9 ] PEAUTH C:\Windows\system32\drivers\peauth.sys

06:30:15.0564 0x2acc PEAUTH - ok

06:30:15.0669 0x2acc [ 0ED8727EA0172860F47258456C06CAEA, 3CDAA1044E412EC4303CEABD36A8C7BADA2D6C6692E09B8FE440709E3F4F0166 ] PerfHost C:\Windows\SysWow64\perfhost.exe

06:30:15.0672 0x2acc PerfHost - ok

06:30:15.0805 0x2acc [ E9E68C1A0F25CF4A7AC966EEA74EE89E, 6C6903A856C29AD690FDA1B74ADB2222C3453FBE2B364245FA61D53C77C586C0 ] pla C:\Windows\system32\pla.dll

06:30:15.0841 0x2acc pla - ok

06:30:15.0893 0x2acc [ FE6B0F59215C9FD9F9D26539C58C8B82, 52CF8BE31A28430226D117EB80974AEAE5EA07F39DE881164232D44BF67FF752 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

06:30:15.0903 0x2acc PlugPlay - ok

06:30:15.0967 0x2acc [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll

06:30:15.0984 0x2acc PNRPAutoReg - ok

06:30:16.0008 0x2acc [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] PNRPsvc C:\Windows\system32\p2psvc.dll

06:30:16.0025 0x2acc PNRPsvc - ok

06:30:16.0090 0x2acc [ 89A5560671C2D8B4A4B51F3E1AA069D8, 07DEE5D73DDE09F954E2E13BB5603F0033829B6199C81A7C1709D94AB92B351E ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

06:30:16.0104 0x2acc PolicyAgent - ok

06:30:16.0180 0x2acc [ 23386E9952025F5F21C368971E2E7301, F7241C1799A8AA0E9106B101B841670304DC695FD8D290C690CE0ED5C13BC514 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

06:30:16.0183 0x2acc PptpMiniport - ok

Lorgeo · June 8, 2014

Here's the rest:

06:30:16.0204 0x2acc [ 5080E59ECEE0BC923F14018803AA7A01, 2E201511821AECCF056962399AFA3533ED765A3E7FD30E7B38A6D13837367E69 ] Processor C:\Windows\system32\drivers\processr.sys

06:30:16.0207 0x2acc Processor - ok

06:30:16.0235 0x2acc [ E058CE4FC2449D8BFA14739C83B7FF2A, 6ACA086D5E0EF3C3EAEBD78010E50739BBA7CA05E937FFF3A4F2AD22FD57B54A ] ProfSvc C:\Windows\system32\profsvc.dll

06:30:16.0241 0x2acc ProfSvc - ok

06:30:16.0271 0x2acc [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] ProtectedStorage C:\Windows\system32\lsass.exe

06:30:16.0272 0x2acc ProtectedStorage - ok

06:30:16.0283 0x2acc [ C5AB7F0809392D0DA027F4A2A81BFA31, B5BC9712AD93661A77AF4D67DB5F05C58A93CF7CDD6F7BA20568C0A9F4630321 ] PSched C:\Windows\system32\DRIVERS\pacer.sys

06:30:16.0286 0x2acc PSched - ok

06:30:16.0298 0x2acc [ FBF4DB6D53585437E41A113300002A2B, A0145CE87A95DA3775B28A00E741660C26ADE34BBCC7FC502ED809931482C8F2 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys

06:30:16.0300 0x2acc PxHlpa64 - ok

06:30:16.0355 0x2acc [ 0B83F4E681062F3839BE2EC1D98FD94A, 47E1B8014C59981693F5544872AF00383528AAEF0C6FE9AE8C45A6359EFB067D ] ql2300 C:\Windows\system32\drivers\ql2300.sys

06:30:16.0385 0x2acc ql2300 - ok

06:30:16.0409 0x2acc [ E1C80F8D4D1E39EF9595809C1369BF2A, 5C18F8366049C690FC8AA4A992AA0765A6607F72E0EF889A5F3757E59FB1C143 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys

06:30:16.0417 0x2acc ql40xx - ok

06:30:16.0431 0x2acc [ E8D76EDAB77EC9C634C27B8EAC33ADC5, 171A3C5D5C3C5845C3BF9A4BCD88E744B025C910AC2F528D0E7D66F173FF0BED ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

06:30:16.0433 0x2acc QWAVEdrv - ok

06:30:16.0728 0x2acc [ DCC8177244FE79C61C4E73C65E63922A, 1AF6FB52FD7499F1E1C0530C9A75BDC62A2D2EEBC138496DA28E941454708E1E ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys

06:30:16.0896 0x2acc R300 - ok

06:30:16.0951 0x2acc [ 1013B3B663A56D3DDD784F581C1BD005, 36B83F234C2D6A6112BC8B5EF0AB5075EE98AC0BED702C37E4C1C3D17EB49956 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

06:30:16.0952 0x2acc RasAcd - ok

06:30:17.0022 0x2acc [ B2AE18F847D07F0044404DDF7CB04497, 24B1D5E1D0621160640264656E3D447C611DEE1B0EE308971EF85F0AC3D9F7DD ] RasAuto C:\Windows\System32\rasauto.dll

06:30:17.0040 0x2acc RasAuto - ok

06:30:17.0075 0x2acc [ AC7BC4D42A7E558718DFDEC599BBFC2C, E059EB9472FDDB73AF09FFEBA58D8284AFCDAB1516E0C5759980E60C892F8126 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

06:30:17.0079 0x2acc Rasl2tp - ok

06:30:17.0108 0x2acc [ 3AD83E4046C43BE510DE681588ACB8AF, C5445A23F35395B3EA3974C0D5E314E23D900C694D31F7B7A83FE9027D95A91C ] RasMan C:\Windows\System32\rasmans.dll

06:30:17.0118 0x2acc RasMan - ok

06:30:17.0145 0x2acc [ 4517FBF8B42524AFE4EDE1DE102AAE3E, F01C8A773A637B66192BD16DDE467CAECC6E62853DBDB507FF3FC67B4B388988 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

06:30:17.0147 0x2acc RasPppoe - ok

06:30:17.0154 0x2acc [ C6A593B51F34C33E5474539544072527, 8182C1D15CDC164363D3DD355197160167A00BA9FA833AA444317D06344EF7CE ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

06:30:17.0157 0x2acc RasSstp - ok

06:30:17.0192 0x2acc [ 322DB5C6B55E8D8EE8D6F358B2AAABB1, 07B89F701594F680F50A885B923521763A6131104CEE63D422E1C359C23AE2F6 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

06:30:17.0228 0x2acc rdbss - ok

06:30:17.0252 0x2acc [ 603900CC05F6BE65CCBF373800AF3716, 83B010D51D1087673CF15FD0A992FD91CC910A073FEA9A8F20F6124B6E5489F2 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

06:30:17.0254 0x2acc RDPCDD - ok

06:30:17.0287 0x2acc [ C045D1FB111C28DF0D1BE8D4BDA22C06, 572986C93B982387EE94797A1EDE1C6C444B0F1078AC8201099452BFA021458F ] rdpdr C:\Windows\system32\drivers\rdpdr.sys

06:30:17.0296 0x2acc rdpdr - ok

06:30:17.0301 0x2acc [ CAB9421DAF3D97B33D0D055858E2C3AB, 66C353CD310A91FAB0D0871ACCE71110595B63536560D0331DA70B1E33AC45BE ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

06:30:17.0303 0x2acc RDPENCDD - ok

06:30:17.0333 0x2acc [ AE4BD9E1C33D351D8E607FC81F15160C, AD785CA72B7C6EB9F94B2E797C758C0F804DB26EE056DDC6D4F85BB562A02EA4 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

06:30:17.0337 0x2acc RDPWD - ok

06:30:17.0427 0x2acc [ B2D01290C0E0465ACA54C2088E947823, 6FB6E6CFAF3F2F948B753A0CFF6F9058BF3ED0E421204EE58848F0DFD694A747 ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe

06:30:17.0429 0x2acc RealNetworks Downloader Resolver Service - ok

06:30:17.0464 0x2acc [ C612B9557DA73F70D41F8A6FBC8E5344, D7D11F202066F848FBD3F26D9FF915C7F3D68F30631393B2049F3AC5A40FD108 ] RemoteAccess C:\Windows\System32\mprdim.dll

06:30:17.0468 0x2acc RemoteAccess - ok

06:30:17.0499 0x2acc [ 44B9D8EC2F3EF3A0EFB00857AF70D861, A45D8024A242456A73337C91663A3E1633BF163234CDFD5DF86840F31FFFE84D ] RemoteRegistry C:\Windows\system32\regsvc.dll

06:30:17.0507 0x2acc RemoteRegistry - ok

06:30:17.0544 0x2acc [ CF1EEE81FD32238FC51ADCA9F2266B7D, A807593B83163B4EC1E5344A2A9C6E7B07353E765790C96753258B804FB58231 ] RLDesignVirtualAudioCableWdm C:\Windows\system32\DRIVERS\livecamv.sys

06:30:17.0546 0x2acc RLDesignVirtualAudioCableWdm - ok

06:30:17.0633 0x2acc [ FDED778DAF09235E4580F1B9046946B6, E6DCFF75617B1F23967CF19533AA554A45012AF9B6FD6AD9BD7AC29DCF3D7B6A ] RoxLiveShare10 C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe

06:30:17.0657 0x2acc RoxLiveShare10 - ok

06:30:17.0697 0x2acc [ E054A2CAF0E2A55C9AAC0BF1CCC558A5, F7C637DB45E834813E04DBAC2F918FD897CAC3C1DD20B8087BEE39C3BEEACA61 ] RoxMediaDB10 C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe

06:30:17.0725 0x2acc RoxMediaDB10 - ok

06:30:17.0745 0x2acc [ C75FDA9AB3314E555123673E08F9D86D, 97B8DB1AD3DFDDAACE14500EB2497B72C83702F6CA3C2A7E417AA9B0B45BBBF0 ] RoxWatch10 C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe

06:30:17.0751 0x2acc RoxWatch10 - ok

06:30:17.0779 0x2acc [ F46C457840D4B7A4DAAFEE739CE04102, 94E946036240B3BAFF17C4A49745E29E492ABBC7BE5110741B212DF4D7F45B84 ] RpcLocator C:\Windows\system32\locator.exe

06:30:17.0781 0x2acc RpcLocator - ok

06:30:17.0835 0x2acc [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF, 3BE4B8EE22FA55D3A17D3718781C8BCA631C78F7928092561F6B79BB60E7D7FE ] RpcSs C:\Windows\System32\rpcss.dll

06:30:17.0849 0x2acc RpcSs - ok

06:30:17.0872 0x2acc [ 22A9CB08B1A6707C1550C6BF099AAE73, 46A9D40A03DC0B6C93274C0C1CDB132B2339E76E77CAB0F12AEDAD4C31822B91 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

06:30:17.0875 0x2acc rspndr - ok

06:30:17.0896 0x2acc [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] SamSs C:\Windows\system32\lsass.exe

06:30:17.0897 0x2acc SamSs - ok

06:30:17.0905 0x2acc [ CD9C693589C60AD59BBBCFB0E524E01B, F9EBD4FF4C712A563B1120D123012E41105D31402BE45D6F8C8DA71155D64ECB ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

06:30:17.0908 0x2acc sbp2port - ok

06:30:17.0933 0x2acc [ FD1CDCF108D5EF3366F00D18B70FB89B, 5BCE3A9D5DC0B6937A734264C5B8DE0E6B8F77A869A118F94D57E662AAB28FE2 ] SCardSvr C:\Windows\System32\SCardSvr.dll

06:30:17.0938 0x2acc SCardSvr - ok

06:30:17.0979 0x2acc [ 0F838C811AD295D2A4489B9993096C63, 3DF2F973359249735810CB5AD52E05126A93A1C7D9F6274ACB018A0A125846BD ] Schedule C:\Windows\system32\schedsvc.dll

06:30:18.0001 0x2acc Schedule - ok

06:30:18.0040 0x2acc [ 5A268127633C7EE2A7FB87F39D748D56, 45C530A0EE0108543A75B9427F77EBB5E8350AE16C235763B6F32E72CE15C449 ] SCPolicySvc C:\Windows\System32\certprop.dll

06:30:18.0042 0x2acc SCPolicySvc - ok

06:30:18.0058 0x2acc [ 4FF71B076A7760FE75EA5AE2D0EE0018, DDDBC9530120F8C1AB449076F6F06F74354149B4C458E6682F957628EE795DE8 ] SDRSVC C:\Windows\System32\SDRSVC.dll

06:30:18.0063 0x2acc SDRSVC - ok

06:30:18.0077 0x2acc [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys

06:30:18.0079 0x2acc secdrv - ok

06:30:18.0090 0x2acc [ 5ACDCBC67FCF894A1815B9F96D704490, FE0247A8BEDB860EBD46A9D49C641D0B9AA24EE34132CDDADC9F5A605238FDA7 ] seclogon C:\Windows\system32\seclogon.dll

06:30:18.0093 0x2acc seclogon - ok

06:30:18.0101 0x2acc [ F71BFE7AC6C52273B7C82CBF1BB2A222, 8C7F0E426B266DBBFE4BBE3333A33C338209BD8BE0E434A98D0D2CFD78D3F758 ] Serenum C:\Windows\system32\drivers\serenum.sys

06:30:18.0102 0x2acc Serenum - ok

06:30:18.0110 0x2acc [ E62FAC91EE288DB29A9696A9D279929C, 9B6A420556532F7F8D55FB6580A592A43BEA579A068B970C741A23DB079ECAD1 ] Serial C:\Windows\system32\drivers\serial.sys

06:30:18.0113 0x2acc Serial - ok

06:30:18.0119 0x2acc [ A842F04833684BCEEA7336211BE478DF, 9D964AEA237C44898098AC9C2D043F00C66EDA7D73C381D616737C01A9D0FF45 ] sermouse C:\Windows\system32\drivers\sermouse.sys

06:30:18.0121 0x2acc sermouse - ok

06:30:18.0144 0x2acc [ 14D4B4465193A87C127933978E8C4106, A5C3F2F09E9A0715529B05AC1020EF0F432121E129447795257087E0D6A812FC ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

06:30:18.0146 0x2acc sffdisk - ok

06:30:18.0152 0x2acc [ 7073AEE3F82F3D598E3825962AA98AB2, 82A959A0970CBA8CC16D44736ED12158E59E138484F3F53EBDD3A4C02DA3700D ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

06:30:18.0153 0x2acc sffp_mmc - ok

06:30:18.0167 0x2acc [ 35E59EBE4A01A0532ED67975161C7B82, 4F4296B8903FCD06439CC8BF93C703852E523834F09CF9121FDA729A988AF11B ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

06:30:18.0169 0x2acc sffp_sd - ok

06:30:18.0175 0x2acc [ 6B7838C94135768BD455CBDC23E39E5F, 868E054ED546479DEAD7C2834C7AB080820522C16F5B4BEF0F3B279A33ABA9C8 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys

06:30:18.0176 0x2acc sfloppy - ok

06:30:18.0219 0x2acc [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34, 9659C7B5046DE2C0416A74FDE6F798C3E78D38327CB71BAE49D57A8347A9097D ] SharedAccess C:\Windows\System32\ipnathlp.dll

06:30:18.0230 0x2acc SharedAccess - ok

06:30:18.0286 0x2acc [ 56793271ECDEDD350C5ADD305603E963, 7A29407C1C550FF3A6A3544811ABD971E9C760B984A7E64D5A1440C69D6AF483 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

06:30:18.0308 0x2acc ShellHWDetection - ok

06:30:18.0339 0x2acc [ 7A5DE502AEB719D4594C6471060A78B3, E8E16DF8AFFC230FBB1A5938925D464A1BA776184B8C020B37669EE2105DB9F2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys

06:30:18.0341 0x2acc SiSRaid2 - ok

06:30:18.0348 0x2acc [ 3A2F769FAB9582BC720E11EA1DFB184D, 83EEBCE37E8709FCE15FB44F546C727C56064ED49B73A471EA33480573558419 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys

06:30:18.0351 0x2acc SiSRaid4 - ok

06:30:18.0448 0x2acc [ A9A27A8E257B45A604FDAD4F26FE7241, C5A1056522EE2BA7B70D34E391477A0E9351569CEF28B875172F4B363F6D4177 ] slsvc C:\Windows\system32\SLsvc.exe

06:30:18.0495 0x2acc slsvc - ok

06:30:18.0518 0x2acc [ 290B6F6A0EC4FCDFC90F5CB6D7020473, 971888FE760641FF86165B9876E6FC12DBC309C0FED2734C60B9E0EBC078AAE0 ] Smb C:\Windows\system32\DRIVERS\smb.sys

06:30:18.0522 0x2acc Smb - ok

06:30:18.0537 0x2acc [ F8F47F38909823B1AF28D60B96340CFF, EFD948EE09F22F9F373A98BA6D9BC519FD9244986E4BE7B2BACD92D3C145AD1D ] SNMPTRAP C:\Windows\System32\snmptrap.exe

06:30:18.0540 0x2acc SNMPTRAP - ok

06:30:18.0552 0x2acc [ 386C3C63F00A7040C7EC5E384217E89D, DD8766BCBD77EC6F67979A8B37B943A3A0E5478CE3FB129BF8FCA29B66529721 ] spldr C:\Windows\system32\drivers\spldr.sys

06:30:18.0553 0x2acc spldr - ok

06:30:18.0598 0x2acc [ F66FF751E7EFC816D266977939EF5DC3, 689BDD0B442830E162F2F9A8EFBD0E137F518C7F0CD92EDF4A43EFBA188B69F4 ] Spooler C:\Windows\System32\spoolsv.exe

06:30:18.0607 0x2acc Spooler - ok

06:30:18.0630 0x2acc [ 880A57FCCB571EBD063D4DD50E93E46D, D46BA584D1C33F17C4156127742FA470AA044C4BCE9E6A209E5B1F3A44C73350 ] srv C:\Windows\system32\DRIVERS\srv.sys

06:30:18.0642 0x2acc srv - ok

06:30:18.0673 0x2acc [ A1AD14A6D7A37891FFFECA35EBBB0730, AE00950D330EE4C05F5AA9BC7E63E974766D8E93B607CB3E683C727E8A65049D ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

06:30:18.0678 0x2acc srv2 - ok

06:30:18.0687 0x2acc [ 4BED62F4FA4D8300973F1151F4C4D8A7, 1835895B3E837F8862F7F669DFBDF5EAB627E5656377624474C17E92CF440D2A ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

06:30:18.0692 0x2acc srvnet - ok

06:30:18.0724 0x2acc [ 192C74646EC5725AEF3F80D19FF75F6A, 8F24FF139A46B1F837356B9D682526107D7BADCFA510842FEACB6F06C02D93D9 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

06:30:18.0730 0x2acc SSDPSRV - ok

06:30:18.0767 0x2acc [ 2EE3FA0308E6185BA64A9A7F2E74332B, EC6A15281685E6CDEADABDFD08C4AF980AD3B404C945EB121D7F90AFCA3D6849 ] SstpSvc C:\Windows\system32\sstpsvc.dll

06:30:18.0772 0x2acc SstpSvc - ok

06:30:18.0895 0x2acc [ DC4A7A067508470838D2D2336BFEB1E1, F9CFF8A1B60D4A94AA610E1E2CA130E765D640C4BB4B9A51580FF50E09354BE2 ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_4b8037c7\STacSV64.exe

06:30:18.0902 0x2acc STacSV - ok

06:30:18.0966 0x2acc [ 6299F206F17E34EAD0EF63DAD8CD4272, A37DD618F74F91CB1259A6B1602D9743AAED4C8468B074FF5B50698EFB674E20 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys

06:30:18.0978 0x2acc STHDA - ok

06:30:19.0040 0x2acc [ 15825C1FBFB8779992CB65087F316AF5, E9431C016D209A7322C0586F11EEF0AB461AB5822960287BB1D0FBC30183614D ] stisvc C:\Windows\System32\wiaservc.dll

06:30:19.0056 0x2acc stisvc - ok

06:30:19.0127 0x2acc [ 1D0063597C3666404FCF97698ABEB019, 352A63C97F930499BC598C2A398663377D7CCD4A42770E35635C90EDC4DA530A ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe

06:30:19.0131 0x2acc stllssvr - ok

06:30:19.0153 0x2acc [ 8A851CA908B8B974F89C50D2E18D4F0C, 27EA13E50B5B72ABF6C5B7B7D34A7154A12BB27B1C1B2EEFCAA36A96010DB4DC ] swenum C:\Windows\system32\DRIVERS\swenum.sys

06:30:19.0155 0x2acc swenum - ok

06:30:19.0201 0x2acc [ 6DE37F4DE19D4EFD9C48C43ADDBC949A, 9C3714238571704CEE2AD4F1E15029243E00B494345C41F74EFDF3F0328CC9EA ] swprv C:\Windows\System32\swprv.dll

06:30:19.0238 0x2acc swprv - ok

06:30:19.0255 0x2acc [ 2F26A2C6FC96B29BEFF5D8ED74E6625B, 0227EAF144BC35AA4FF2535E8C9974C0609B7634EE45F4166B9F88F79B17BBF1 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys

06:30:19.0258 0x2acc Symc8xx - ok

06:30:19.0272 0x2acc [ A909667976D3BCCD1DF813FED517D837, 0874DD4C1CA7AE2E519EBB45433BC9F11A574408F5D2F9E23A340CA76512F5CE ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys

06:30:19.0274 0x2acc Sym_hi - ok

06:30:19.0285 0x2acc [ 36887B56EC2D98B9C362F6AE4DE5B7B0, 7349FABACB633A9EEE3D4E241A5F443C28D23CC87F21EAAB3F1711644AA21D7C ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys

06:30:19.0287 0x2acc Sym_u3 - ok

06:30:19.0313 0x2acc [ 005CE42567F9113A3BCCB3B20073B029, B1831D71410AD6E7DEB59D26BF6D2D07D2F6112936D6A6FDA57E9296ADA4076D ] TabletInputService C:\Windows\System32\TabSvc.dll

06:30:19.0317 0x2acc TabletInputService - ok

06:30:19.0339 0x2acc [ CC2562B4D55E0B6A4758C65407F63B79, C6AD05B345C699A715EC13830D8EA6EE9822F4B713D15B1F29AC044674A0F498 ] TapiSrv C:\Windows\System32\tapisrv.dll

06:30:19.0349 0x2acc TapiSrv - ok

06:30:19.0397 0x2acc [ CDBE8D7C1E201B911CDC346D06617FB5, 16D5965E32A109DA38D77F4B6281081569D78371B2F522DE51100967F8776C7A ] TBS C:\Windows\System32\tbssvc.dll

06:30:19.0400 0x2acc TBS - ok

06:30:19.0464 0x2acc [ EA8623BDD511A1ACD18DA4883860ADDE, A3BE60B3DBFF783111B1AD5D070F376ABFA94D61378D32EDA714E4E90043DE4D ] Tcpip C:\Windows\system32\drivers\tcpip.sys

06:30:19.0499 0x2acc Tcpip - ok

06:30:19.0541 0x2acc [ EA8623BDD511A1ACD18DA4883860ADDE, A3BE60B3DBFF783111B1AD5D070F376ABFA94D61378D32EDA714E4E90043DE4D ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys

06:30:19.0567 0x2acc Tcpip6 - ok

06:30:19.0600 0x2acc [ 24D7686A4A0323FB987654BD228C1F39, 46F464BDA89944A4F1DFF61B80FE99819BD98BFF441BACCDDF0429EEB24C5E20 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

06:30:19.0602 0x2acc tcpipreg - ok

06:30:19.0638 0x2acc [ 1D8BF4AAA5FB7A2761475781DC1195BC, A28E972E9331BAD685D4C786FDE221565E0AD3E222B24B9182B7FA916BFCD9C8 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

06:30:19.0639 0x2acc TDPIPE - ok

06:30:19.0657 0x2acc [ 7F7E00CDF609DF657F4CDA02DD1C9BB1, 42A408E82D4017D27D3B0BBBA02BF4B21DEC060C89849785ED65962D18029B65 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

06:30:19.0659 0x2acc TDTCP - ok

06:30:19.0678 0x2acc [ 458919C8C42E398DC4802178D5FFEE27, E38828411DCE0AE2E2BF0D270FD80E47B46EDE4B44DAFD1DF11F54D427EACEB5 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

06:30:19.0681 0x2acc tdx - ok

06:30:19.0705 0x2acc [ 8C19678D22649EC002EF2282EAE92F98, 551E7EBA54C2345F2B7FD7AAA7ADA4C852C94F1B35E6E4BBEF883BAFA34F6262 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys

06:30:19.0708 0x2acc TermDD - ok

06:30:19.0736 0x2acc [ 5CDD30BC217082DAC71A9878D9BFD566, 260D40973F9EEAE9A1890B813D8DCC01A9434D17DCE5DA1D16B72A57DCF59194 ] TermService C:\Windows\System32\termsrv.dll

06:30:19.0747 0x2acc TermService - ok

06:30:19.0778 0x2acc [ 56793271ECDEDD350C5ADD305603E963, 7A29407C1C550FF3A6A3544811ABD971E9C760B984A7E64D5A1440C69D6AF483 ] Themes C:\Windows\system32\shsvcs.dll

06:30:19.0785 0x2acc Themes - ok

06:30:19.0817 0x2acc [ 3CBE4995E80E13CCFBC42E5DCF3AC81A, 18B0E3E83E41C80809E8140F4C90AB051566C84DD891EA411746EA74E6EAF053 ] THREADORDER C:\Windows\system32\mmcss.dll

06:30:19.0819 0x2acc THREADORDER - ok

06:30:19.0846 0x2acc [ F4689F05AF472A651A7B1B7B02D200E7, 3D34B8879DBC69013D1A87A3F47B8A622A60B57F2E962E9F5925C5A01F44640F ] TrkWks C:\Windows\System32\trkwks.dll

06:30:19.0851 0x2acc TrkWks - ok

06:30:19.0901 0x2acc [ 66328B08EF5A9305D8EDE36B93930369, FD8136BF15AB8D2DB15D011C4F813737D68EED1178462DB8CE40606C16185A30 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

06:30:19.0903 0x2acc TrustedInstaller - ok

06:30:19.0930 0x2acc [ B2388462329ACD17AF50D8701E0C1B18, 959D7B7CCB526367645BAA11C56C88C9AD741EE338BAD6513C54FC7ED43F3AC0 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

06:30:19.0931 0x2acc tssecsrv - ok

06:30:19.0943 0x2acc [ 89EC74A9E602D16A75A4170511029B3C, AACD82A6F5FE31FF1315F5CA69E5EB6BD172DD86610F0641177CCC131B542034 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys

06:30:19.0945 0x2acc tunmp - ok

06:30:19.0961 0x2acc [ 30A9B3F45AD081BFFC3BCAA9C812B609, 57204F1F72FEFA086FF1D8A14487D56F4DEDD3C50FBB6903E0C4AC749EA720DE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

06:30:19.0963 0x2acc tunnel - ok

06:30:19.0979 0x2acc [ FEC266EF401966311744BD0F359F7F56, 6EE0223AEFA7A81BEB155FC0CD4421C2BEBCDCBC9663C23064B0445101114BF8 ] uagp35 C:\Windows\system32\drivers\uagp35.sys

06:30:19.0982 0x2acc uagp35 - ok

06:30:20.0011 0x2acc [ FAF2640A2A76ED03D449E443194C4C34, CC2517DCFE6962EB2EDEB93E44CB53B113974C9C69A050E3F36385C8D78E810B ] udfs C:\Windows\system32\DRIVERS\udfs.sys

06:30:20.0020 0x2acc udfs - ok

06:30:20.0047 0x2acc [ 060507C4113391394478F6953A79EEDC, 5D0AE5F1184165289DC8E8CD493607FCB68512CF90F748E3BFD2250655D784D4 ] UI0Detect C:\Windows\system32\UI0Detect.exe

06:30:20.0050 0x2acc UI0Detect - ok

06:30:20.0076 0x2acc [ 4EC9447AC3AB462647F60E547208CA00, F304125321B1ECA915EDDBDB6A71EAEF3123DCB5604C9497D72F12E0C1BD5315 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

06:30:20.0079 0x2acc uliagpkx - ok

06:30:20.0108 0x2acc [ 697F0446134CDC8F99E69306184FBBB4, A741882B8FE403E3A5DECED5D4A2254B14AF40ACECD4DAA3D00D71C2205C2C5F ] uliahci C:\Windows\system32\drivers\uliahci.sys

06:30:20.0115 0x2acc uliahci - ok

06:30:20.0144 0x2acc [ 31707F09846056651EA2C37858F5DDB0, A619AC4B32EA77AC29458894614870086C4DDB81525ADBCFF1AB8970FC5C257A ] UlSata C:\Windows\system32\drivers\ulsata.sys

06:30:20.0149 0x2acc UlSata - ok

06:30:20.0158 0x2acc [ 85E5E43ED5B48C8376281BAB519271B7, DBDA4216553F7C5EA0C579346D0A638E62766D5B8FCB1BFF3149BB37BBF978D3 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys

06:30:20.0164 0x2acc ulsata2 - ok

06:30:20.0179 0x2acc [ 46E9A994C4FED537DD951F60B86AD3F4, 256F93ED3BD43B50F0D4489164D959F95AB070CC25A80A46355D2B387D336224 ] umbus C:\Windows\system32\DRIVERS\umbus.sys

06:30:20.0181 0x2acc umbus - ok

06:30:20.0241 0x2acc [ A565B509000BD3E42A9B93B9FFD40D3D, A22734F2DDAAD743D479D40EA91024F1A16A18D9D6C9FC4F90F3930AD040BFA3 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys

06:30:20.0244 0x2acc usbaudio - ok

06:30:20.0294 0x2acc [ 858CC93477F9A9383E07861892600FF9, C72B25E7F6AF46AC22F8D2A1FA0345B290AAE642442C8A388EA75944334BB289 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

06:30:20.0298 0x2acc usbccgp - ok

06:30:20.0315 0x2acc [ 9247F7E0B65852C1F6631480984D6ED2, E3360A0EE891B8BADEF5FF53F796C79D6AD218961087F866E451F3B6F278672A ] usbcir C:\Windows\system32\drivers\usbcir.sys

06:30:20.0318 0x2acc usbcir - ok

06:30:20.0337 0x2acc [ 82C3790E4E6F35087EF00994C7A72988, 95FA022BDAC65DCD2DA52C8FCC1F2C186B321F4599F40CB90262E24FD10AE16C ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

06:30:20.0339 0x2acc usbehci - ok

06:30:20.0364 0x2acc [ BE2EB33AF6EE2E5DA07EB987E0A321F5, 0FCFABA080C553451AE4FAFB54DFE57639251D97DA204C07EC66F469826F3B46 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

06:30:20.0372 0x2acc usbhub - ok

06:30:20.0385 0x2acc [ EBA14EF0C07CEC233F1529C698D0D154, FBA35D53A90FD6C3F91DA5ECE10EF29858CB4CB512AA20548225F83E9FE0A23D ] usbohci C:\Windows\system32\drivers\usbohci.sys

06:30:20.0387 0x2acc usbohci - ok

06:30:20.0399 0x2acc [ 28B693B6D31E7B9332C1BDCEFEF228C1, 6B756E6D7459F755C76BC3F497643F6818F107304B789952B233C6585434F3A8 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

06:30:20.0401 0x2acc usbprint - ok

06:30:20.0430 0x2acc [ C024814884CE9E6C2E6ED76A63AC3B9A, 39C9EB54998547B0B65EEE6391AA326B02C7CA52FAE9CEB98D538FEC8D9F1858 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys

06:30:20.0432 0x2acc usbscan - ok

06:30:20.0457 0x2acc [ B854C1558FCA0C269A38663E8B59B581, 08CC36B33FA2281FC88671BE051863AA8CA911446D24596049DB77FB4CB09EA6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

06:30:20.0461 0x2acc USBSTOR - ok

06:30:20.0480 0x2acc [ 308F6DDC052C970D679DA37D8A305279, E0F4C3C8F27E21C186289B115ECAB771777BC7E848F29D683C53C9F936F30848 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys

06:30:20.0482 0x2acc usbuhci - ok

06:30:20.0511 0x2acc [ D76E231E4850BB3F88A3D9A78DF191E3, 98CAD31C41AD155EA853DF850D94FA29543C3A7D26262D1B6881281D033CEBAF ] UxSms C:\Windows\System32\uxsms.dll

06:30:20.0514 0x2acc UxSms - ok

06:30:20.0549 0x2acc [ 294945381DFA7CE58CECF0A9896AF327, 67414C6D79D2826BC86BB37349C9D74DB4B667310CBC1ABFD103E26332AE4A00 ] vds C:\Windows\System32\vds.exe

06:30:20.0563 0x2acc vds - ok

06:30:20.0592 0x2acc [ 916B94BCF1E09873FFF2D5FB11767BBC, 072007FED4EF30C4D7AF8628CBEB2AC99EEAD99D7AB533E90E3748E3D4F11C28 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

06:30:20.0593 0x2acc vga - ok

06:30:20.0599 0x2acc [ B83AB16B51FEDA65DD81B8C59D114D63, 97D39AA763037752D87216B83896AFD2AD6DFEBB3BCDCED7A9ABFE5706B804C5 ] VgaSave C:\Windows\System32\drivers\vga.sys

06:30:20.0602 0x2acc VgaSave - ok

06:30:20.0620 0x2acc [ 8294B6C3FDB6C33F24E150DE647ECDAA, FEBD9536EF61F700DFD5D9CB815808C8415D5B23590B3CE17B12D84F4670EA4D ] viaide C:\Windows\system32\drivers\viaide.sys

06:30:20.0622 0x2acc viaide - ok

06:30:20.0639 0x2acc [ 2B7E885ED951519A12C450D24535DFCA, 249009EBC1D306D51FDFA4A89588462AA2D8B6DF0A20BE250B60DD73200CB7F3 ] volmgr C:\Windows\system32\drivers\volmgr.sys

06:30:20.0642 0x2acc volmgr - ok

06:30:20.0677 0x2acc [ CEC5AC15277D75D9E5DEC2E1C6EAF877, EA989E257C4409F9AF3B35C4D7ED9134D930FE3733B077C4F3AA5497796F2CB0 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

06:30:20.0688 0x2acc volmgrx - ok

06:30:20.0712 0x2acc [ 582F710097B46140F5A89A19A6573D4B, 6F695B17BF476D027D3012352F3D4DFD0E0815823DA51A136767ECEF6D64A1CA ] volsnap C:\Windows\system32\drivers\volsnap.sys

06:30:20.0720 0x2acc volsnap - ok

06:30:20.0745 0x2acc [ A68F455ED2673835209318DD61BFBB0E, 8B2B255E8E2F8B415F7AC0F7F4C423F639DD47737F7CEE0F7C816D9A6893C5F7 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys

06:30:20.0750 0x2acc vsmraid - ok

06:30:20.0819 0x2acc [ B75232DAD33BFD95BF6F0A3E6BFF51E1, A8120040F144AD42A39347A615F31BF752634994D4D134E2FAD23FEA9C1D71DF ] VSS C:\Windows\system32\vssvc.exe

06:30:20.0856 0x2acc VSS - ok

06:30:20.0880 0x2acc [ F14A7DE2EA41883E250892E1E5230A9A, EBCB74BE26437F6FE84A3B41AD034F451D4BD12CA77D4C7A433DB912E7D31593 ] W32Time C:\Windows\system32\w32time.dll

06:30:20.0891 0x2acc W32Time - ok

06:30:20.0922 0x2acc [ FEF8FE5923FEAD2CEE4DFABFCE3393A7, D682FBF78CF987609AF35A019E7C90CBE02800D7DFC272FFDD71D82AA362FA7A ] WacomPen C:\Windows\system32\drivers\wacompen.sys

06:30:20.0923 0x2acc WacomPen - ok

06:30:20.0943 0x2acc [ B8E7049622300D20BA6D8BE0C47C0CFD, 57CF218D1F7D505E354A15C552D94E3C5A68C2B07D7A76EBB0C87A0BFF5772D9 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys

06:30:20.0946 0x2acc Wanarp - ok

06:30:20.0952 0x2acc [ B8E7049622300D20BA6D8BE0C47C0CFD, 57CF218D1F7D505E354A15C552D94E3C5A68C2B07D7A76EBB0C87A0BFF5772D9 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

06:30:20.0954 0x2acc Wanarpv6 - ok

06:30:20.0960 0x2acc [ 0C17A0816F65B89E362E682AD5E7266E, 6233213D07B234056A1EC6FE1166A65371645269132B428FF3A29DDC0000301A ] Wd C:\Windows\system32\drivers\wd.sys

06:30:20.0962 0x2acc Wd - ok

06:30:21.0004 0x2acc [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

06:30:21.0024 0x2acc Wdf01000 - ok

06:30:21.0063 0x2acc [ C5EFDA73EBFCA8B02A094898DE0A9276, DE54E06CBE20EB27D88B29C3AE19CDFA0AE4933D6DCD640912C74A1065C9391C ] WdiServiceHost C:\Windows\system32\wdi.dll

06:30:21.0067 0x2acc WdiServiceHost - ok

06:30:21.0073 0x2acc [ C5EFDA73EBFCA8B02A094898DE0A9276, DE54E06CBE20EB27D88B29C3AE19CDFA0AE4933D6DCD640912C74A1065C9391C ] WdiSystemHost C:\Windows\system32\wdi.dll

06:30:21.0077 0x2acc WdiSystemHost - ok

06:30:21.0103 0x2acc [ BD9A749F36710FFA02E0E530F7451936, B57A80CA9D689C0122771205F16E1458BEAC7A68B9C2B492FE5EF329FD0DFAFE ] Wecsvc C:\Windows\system32\wecsvc.dll

06:30:21.0111 0x2acc Wecsvc - ok

06:30:21.0139 0x2acc [ 9C980351D7E96288EA0C23AE232BD065, BA627B04C4259716B451F421F5310A69D8DE9407DE496AA0489139125E9DC16A ] wercplsupport C:\Windows\System32\wercplsupport.dll

06:30:21.0144 0x2acc wercplsupport - ok

06:30:21.0169 0x2acc [ 66B9ECEBC46683F47EDC06333C075FEF, 35C33596D97DB65DE0A687644E9AD924AD5FCBAFD83FE4D23E7E58EF4BC4CC87 ] WerSvc C:\Windows\System32\WerSvc.dll

06:30:21.0174 0x2acc WerSvc - ok

06:30:21.0204 0x2acc WinDefend - ok

06:30:21.0210 0x2acc WinHttpAutoProxySvc - ok

06:30:21.0279 0x2acc [ D2E7296ED1BD26D8DB2799770C077A02, B494719C2DEB7B9D2505866868143C4E4F59B88461920AA49BD9F1251B6571B8 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

06:30:21.0286 0x2acc Winmgmt - ok

06:30:21.0378 0x2acc [ 42717DB2BE3A075D0F0CD5C927C27A43, 7CC116B2F6F2911E05A1E7AAE790D2D75F388438AF050B1A7E7C595ABF5F16A4 ] WinRM C:\Windows\system32\WsmSvc.dll

06:30:21.0421 0x2acc WinRM - ok

06:30:21.0482 0x2acc [ 7F2F9E48566B2087F2AAAD258CB2A8D4, E6A34DF879F6D9F24C8CE5F131B4A104BCDF8720B0F4C6211FF4C9BD567EFB77 ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.SYS

06:30:21.0484 0x2acc WinUsb - ok

06:30:21.0525 0x2acc [ EC339C8115E91BAED835957E9A677F16, 3BBE6D4F1731198E8F0CFEE67C4CCA5C31E6968F8E02EF9E029C1847A26F513B ] Wlansvc C:\Windows\System32\wlansvc.dll

06:30:21.0550 0x2acc Wlansvc - ok

06:30:21.0567 0x2acc [ E18AEBAAA5A773FE11AA2C70F65320F5, 9E2F6FC0F46D0EEEBF4BC1E3D8800B3D268079ABF8EDDD70CD21B789883D7390 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

06:30:21.0568 0x2acc WmiAcpi - ok

06:30:21.0598 0x2acc [ 21FA389E65A852698B6A1341F36EE02D, 2D60911EAAE26C4CE3DEF4FAD1EDE093F912209AA90741AAA8B93F06B37DF605 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

06:30:21.0605 0x2acc wmiApSrv - ok

06:30:21.0628 0x2acc WMPNetworkSvc - ok

06:30:21.0659 0x2acc [ CBC156C913F099E6680D1DF9307DB7A8, FD8B227F445679E31048CA41442A978A98F267FED96E22C235F63C72AEEE2AB0 ] WPCSvc C:\Windows\System32\wpcsvc.dll

06:30:21.0666 0x2acc WPCSvc - ok

06:30:21.0689 0x2acc [ 6329D1990DB931073B86AB5946D8E317, F33581D21659A274BF5C0762E24A7DBEEB6380AB6ED0FACD76F1BD2858C4DA49 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys

06:30:21.0692 0x2acc WpdUsb - ok

06:30:21.0707 0x2acc [ 8A900348370E359B6BFF6A550E4649E1, 3EAD0B951EAF8E940ED6A79FAAAB7D22ACCF3985795F80206A3A07161D319B39 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

06:30:21.0709 0x2acc ws2ifsl - ok

06:30:21.0735 0x2acc [ 9EA3E6D0EF7A5C2B9181961052A4B01A, F39BAF1FC7DD1600C0052C2A6AA3BCBC8CA3DA96D1AC7B42B0F2810D051EE1B0 ] wscsvc C:\Windows\system32\wscsvc.dll

06:30:21.0739 0x2acc wscsvc - ok

06:30:21.0744 0x2acc WSearch - ok

06:30:21.0830 0x2acc [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll

06:30:21.0893 0x2acc wuauserv - ok

06:30:21.0922 0x2acc [ 501A65252617B495C0F1832F908D54D8, CB18A80EAB2F23579D1D38B12CD04CF579C6D0B73127A1E88305CC0488D40B2C ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

06:30:21.0926 0x2acc WUDFRd - ok

06:30:21.0954 0x2acc [ 6CBD51FF913C851D56ED9DC7F2A27DDE, 736C66A944F3D37464052211B2728AD53D31CB631CD33B9E094C00D76BF17399 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

06:30:21.0958 0x2acc wudfsvc - ok

06:30:21.0963 0x2acc ================ Scan global ===============================

06:30:21.0997 0x2acc [ 060DC3A7A9A2626031EB23D90151428D, 4AADA06E83603E9D4894D6CFC8DADB018307B384F438C809D4BC8E22BD937C3B ] C:\Windows\system32\basesrv.dll

06:30:22.0032 0x2acc [ D665D594B7E11133D29D726BDDC7A5B0, 8EE45E719ACB23F388F2BE7E4311588E90DE7CF50988927CF0FED36DE380FACB ] C:\Windows\system32\winsrv.dll

06:30:22.0056 0x2acc [ D665D594B7E11133D29D726BDDC7A5B0, 8EE45E719ACB23F388F2BE7E4311588E90DE7CF50988927CF0FED36DE380FACB ] C:\Windows\system32\winsrv.dll

06:30:22.0110 0x2acc [ 934E0B7D77FF78C18D9F8891221B6DE3, BB1ACD3CD6482D8B7C5931E8733B8094D2CE59C4FBC4012BD0799C8DC367FB74 ] C:\Windows\system32\services.exe

06:30:22.0122 0x2acc [ Global ] - ok

06:30:22.0122 0x2acc ================ Scan MBR ==================================

06:30:22.0146 0x2acc [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0

06:30:22.0371 0x2acc \Device\Harddisk0\DR0 - ok

06:30:22.0371 0x2acc ================ Scan VBR ==================================

06:30:22.0374 0x2acc [ 3E312F46E1CE63EF6FA0360C4F3A6239 ] \Device\Harddisk0\DR0\Partition1

06:30:22.0405 0x2acc \Device\Harddisk0\DR0\Partition1 - ok

06:30:22.0408 0x2acc [ 485FF70FFCF07181594FB446573B4C20 ] \Device\Harddisk0\DR0\Partition2

06:30:22.0446 0x2acc \Device\Harddisk0\DR0\Partition2 - ok

06:30:22.0446 0x2acc ================ Scan generic autorun ======================

06:30:22.0473 0x2acc [ 64951155A608D063CC57716EB6918279, 9384A1F5E087AFD16D6AA5DAC7695FD1C03AD8F9958D25BFB474FAF12418ED93 ] C:\Windows\system32\WpcUmi.exe

06:30:22.0480 0x2acc WPCUMI - ok

06:30:22.0579 0x2acc [ 569AC1376B12D4083FC66CC7A304F234, DD209F09573F10A77D710E30EF3D0461D2E8F4E5F18106B18EFB587C88393460 ] C:\Program Files\Microsoft Security Client\msseces.exe

06:30:22.0609 0x2acc MSC - ok

06:30:22.0612 0x2acc SysTrayApp - ok

06:30:22.0673 0x2acc [ 04679E0DC30077EC1164BE82F2A2ADC9, E0193F0AE484DED0DD7F81407F0D98AC071F34358B9EA554DE3ADFC3BA1CBD60 ] C:\Program Files\McAfee.com\Agent\mcagent.exe

06:30:22.0687 0x2acc mcui_exe - ok

06:30:22.0772 0x2acc [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

06:30:22.0795 0x2acc Adobe ARM - ok

06:30:22.0872 0x2acc [ DAC9B43BBFA0359E252DDB0CB91DEA6D, 2A109ABECF757567735C439663ED618B49EF7749ABEE6AEF8A100B2028C31A38 ] C:\Program Files (x86)\Dell\Dell Webcam Manager\DellWMgr.exe

06:30:22.0875 0x2acc DELL Webcam Manager - ok

06:30:22.0930 0x2acc [ EE1111977B9995D5E8CBB72C0591EA0E, E96503B78041412EEBE639FFCFBEF81EF900EA5AA4D8D8744CF5711007CEDF56 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

06:30:22.0932 0x2acc APSDaemon - ok

06:30:23.0007 0x2acc [ 9ACCBC5891BA51B5B29C1A88F80D4CE3, 4EA3D9CB239874232AE0D7F824AF8CC7AD9BB4657CB9978B41067B4447FBE71B ] C:\Program Files (x86)\QuickTime\QTTask.exe

06:30:23.0018 0x2acc QuickTime Task - ok

06:30:23.0084 0x2acc [ 225518F190EDBC37CA32197A3E94B498, 9208BDEFCF6DC18291C74C147DC17061FC8C040E068D4D4020E8E2AE64CF99BB ] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe

06:30:23.0092 0x2acc TkBellExe - ok

06:30:23.0109 0x2acc [ 04679E0DC30077EC1164BE82F2A2ADC9, E0193F0AE484DED0DD7F81407F0D98AC071F34358B9EA554DE3ADFC3BA1CBD60 ] C:\Program Files\McAfee.com\Agent\mcagent.exe

06:30:23.0118 0x2acc mcpltui_exe - ok

06:30:23.0171 0x2acc [ 085BE68B52CE5A5FA4621507AD518CF3, A1761157760F68FE00F34B0182D1D8629EFE7753F4582C6F5ECD422627A8489E ] C:\Program Files (x86)\iTunes\iTunesHelper.exe

06:30:23.0176 0x2acc iTunesHelper - ok

06:30:23.0307 0x2acc [ 9C5A0F070196B601D629F5BA9AA921F8, BB77BAD24B44A3CB32CD1FACB758E347BE2F5C49C11E494797635D741867AF2B ] C:\Program Files\Windows Sidebar\sidebar.exe

06:30:23.0334 0x2acc Sidebar - ok

06:30:23.0397 0x2acc [ 3609A9830FB127EE1066EA7A744DC479, 78D4223937DC2E6FA28C32459F059A02D1BE0DCB7A49E3CF14FF350A9DC4AF0A ] C:\Program Files (x86)\Microsoft Money\System\Money Express.exe

06:30:23.0401 0x2acc MoneyAgent - ok

06:30:23.0466 0x2acc [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

06:30:23.0467 0x2acc swg - ok

06:30:23.0585 0x2acc [ C13B42E5692C98A2660135E4BEB26A1A, 13E5B4BEAE604BDCD514A6A960D9FBC5927A8AD1BB1BD0EA0049BA1B7165D939 ] C:\Users\Sharon\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe

06:30:23.0610 0x2acc SansaDispatch - ok

06:30:23.0669 0x2acc [ 65437DAD4F238EA9549408A783002222, 756C846C2DD8209E9161C2DD701E46DF73E1C757F2B66CAE7A579ADF8EF7E000 ] C:\Windows\ehome\ehTray.exe

06:30:23.0673 0x2acc ehTray.exe - ok

06:30:23.0740 0x2acc [ 2204A26AC363ABD5CE37461A36637807, 61B3F07CB7376872999871521B5B0E585FFCC100FF6515BF187AD676D1C3B621 ] C:\ProgramData\sysiwp\sysiwp.exe

06:30:23.0771 0x2acc sysiwp - ok

06:30:23.0838 0x2acc [ 9C5A0F070196B601D629F5BA9AA921F8, BB77BAD24B44A3CB32CD1FACB758E347BE2F5C49C11E494797635D741867AF2B ] C:\Program Files\Windows Sidebar\sidebar.exe

06:30:23.0865 0x2acc Sidebar - ok

06:30:23.0895 0x2acc [ 9ACCBC5891BA51B5B29C1A88F80D4CE3, 4EA3D9CB239874232AE0D7F824AF8CC7AD9BB4657CB9978B41067B4447FBE71B ] C:\Program Files (x86)\QuickTime\QTTask.exe

06:30:23.0902 0x2acc QuickTime Task - ok

06:30:23.0904 0x2acc Waiting for KSN requests completion. In queue: 313

06:30:24.0904 0x2acc Waiting for KSN requests completion. In queue: 313

06:30:25.0904 0x2acc Waiting for KSN requests completion. In queue: 313

06:30:26.0904 0x2acc Waiting for KSN requests completion. In queue: 313

06:30:28.0092 0x2acc AV detected via SS2: McAfee Anti-Virus and Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 12.8.0.0 ), 0x52010 ( disabled : outofdate )

06:30:28.0093 0x2acc AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.5.216.0 ), 0x61000 ( enabled : updated )

06:30:28.0095 0x2acc FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 12.8.0.0 ), 0x52010 ( disabled )

06:30:28.0188 0x2acc Win FW state via NFP2: enabled

06:30:30.0647 0x2acc ============================================================

06:30:30.0647 0x2acc Scan finished

06:30:30.0647 0x2acc ============================================================

06:30:30.0656 0x1774 Detected object count: 0

06:30:30.0657 0x1774 Actual detected object count: 0

TheJoker · June 8, 2014

Go to Start > Settings > Control Panel > Internet Options > Tools Menu -> Internet Options -> Connections Tab ->Lan Settings > uncheck "use a proxy server" or reconfigure the Proxy server again in case you have set it previously.
In Firefox go to Tools -> Options -> Advanced Tab -> Network Tab -> "Settings" under Connection, and select No Proxy.

I thought I had followed the instructions:
Then Click on "Scan" button
Wait until the Status box shows "Scan Finished"
click on "delete"
Wait until the Status box shows "Deleting Finished"
Click on "Report" and copy/paste the content of the Notepad into your next reply.
The log should be found on your Desktop
Exit/Close RogueKiller
Should I try to run that again? I'll run the TDSSkiller and post that in the mean time, Thank you.

After that, re-run RogueKiller and make sure you select everything except this item:

[suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\M4-Service

Then please post the new RogueKiller log.

Lorgeo · June 8, 2014

RogueKiller Report:

RogueKiller V9.0.2.0 (x64) [Jun 3 2014] by Adlice Software

mail : http://www.adlice.com/contact/

Feedback : http://forum.adlice.com

Website : http://www.adlice.com/softwares/roguekiller/

Blog : http://www.adlice.com

Operating System : Windows Vista (6.0.6002 Service Pack 2) 64 bits version

Started in : Normal mode

User : Sharon [Admin rights]

Mode : Remove -- Date : 06/08/2014 12:01:11

¤¤¤ Bad processes : 1 ¤¤¤

[ZeroAccess] mcshield.exe -- [x] -> ERROR [12]

¤¤¤ Registry Entries : 38 ¤¤¤

[suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\M4-Service -> NOT SELECTED

[suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Net CLR -> DELETED

[suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\M4-Service -> DELETED

[suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Net CLR -> DELETED

[suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet003\Services\M4-Service -> DELETED

[suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet003\Services\Net CLR -> DELETED

[PUM.Proxy] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:57273 -> DELETED

[PUM.Proxy] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:57273 -> ERROR [2]

[PUM.Proxy] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:57273 -> ERROR [2]

[PUM.Proxy] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:57273 -> ERROR [2]

[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> DELETED

[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> ERROR [2]

[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | EnableLUA : 0 -> REPLACED (1)

[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | EnableLUA : 0 -> REPLACED (1)

[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_TrackProgs : 0 -> REPLACED (1)

[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_TrackProgs : 0 -> REPLACED (1)

[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> REPLACED (0)

[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> REPLACED (0)

[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> REPLACED (0)

[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> REPLACED (0)

[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> REPLACED (0)

[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> REPLACED (0)

[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\RK_Software_ON_D_D502\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> REPLACED (0)

[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\RK_Software_ON_D_D502\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> REPLACED (0)

[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> REPLACED (0)

[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> REPLACED (0)

[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\RK_Software_ON_D_D502\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> REPLACED (0)

[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\RK_Software_ON_D_D502\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> REPLACED (0)

[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> REPLACED (0)

[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> REPLACED (0)

[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> REPLACED (0)

[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> REPLACED (0)

[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> REPLACED (0)

[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> REPLACED (0)

[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> REPLACED (0)

[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> REPLACED (0)

[PUM.WallPaper] (X64) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Control Panel\Desktop | WallPaper : C:\Users\Sharon\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg -> REPLACED (C:\Windows\Web\Wallpaper\img2.jpg)

[PUM.WallPaper] (X86) HKEY_USERS\S-1-5-21-1280911578-185664597-1390033846-1000\Control Panel\Desktop | WallPaper : C:\Users\Sharon\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg -> REPLACED (C:\Windows\Web\Wallpaper\img2.jpg)

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤