Jump to content

Resilient malware.

Hunter2222
 Share

Recommended Posts

Hunter2222

Hunter2222

Posted
Posted

Hello, I am having severe issues with malware on my pc. I've tried running Malwarebytes several times, and every time it detects the same issues and says it corrects them. Afterwards, I find that the same detected malware is still there. I've run multiple different programs including AVG, Adwcleaner, Chameleon, and Rogue killer among other things. they all seem to detect the same problems, but the threats are never removed successfully (even though the programs always say they were). I'm at my wits end on this.

Link to post
Share on other sites
Psychotic

Psychotic

Posted
Posted

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 
 
 
 
 
HijackThis is not the preferred initial scanning tool in this forum. With today's malware, a more comprehensive set of logs is required to determine the presence of malware.
 
 
 
 
Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)
 
  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.


 
 
 
 
 
Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt




Please attach this file to your next reply.

Link to post
Share on other sites
Hunter2222

Hunter2222

Posted
  • Author
Posted

I did not see an Addition.txt

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-06-2014
Ran by Twins (administrator) on TWINS-PC on 10-06-2014 14:28:37
Running from C:\Users\Twins\Downloads
Platform: Windows Vista Home Premium Service Pack 2 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
() C:\Users\Twins\AppData\Roaming\MRS\SystemUpdatekb70007\WindowsUpdater.exe
() C:\Users\Twins\AppData\Local\MRS\svcsystem.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
() C:\Users\Twins\AppData\Local\fst_us_83\upfst_us_83.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(BitTorrent Inc.) C:\Users\Twins\AppData\Roaming\BitTorrent\BitTorrent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-20] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5181456 2014-05-13] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\RunOnce: [upfst_us_83.exe] - C:\Users\Twins\AppData\Local\fst_us_83\upfst_us_83.exe -runonce [3268048 2014-05-29] ()
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-3149640501-3797806197-2921890984-1000\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-3149640501-3797806197-2921890984-1000\...\Run: [MobileAppSync] => "C:\Program Files (x86)\Mobile App Sync\D2MClient.exe"
HKU\S-1-5-21-3149640501-3797806197-2921890984-1000\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3149640501-3797806197-2921890984-1000\...\Run: [bitTorrent] => C:\Users\Twins\AppData\Roaming\BitTorrent\BitTorrent.exe [1643344 2014-06-07] (BitTorrent Inc.)
HKU\S-1-5-21-3149640501-3797806197-2921890984-1000\...\Policies\Explorer: [HideSCAHealth] 1
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\PROGRA~2\SupTab\SEARCH~2.DLL File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => C:\Program Files (x86)\SupTab\SearchProtect32.dll [91248 2014-05-08] (Skytech Co., Ltd.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyServer: http=127.0.0.1:8118;https=127.0.0.1:8118
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - (No Name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2790392
SearchScopes: HKCU - DefaultScope {92A9831E-49D0-48FE-8092-0507586674D7} URL = http://start.funmoods.com/results.php?f=4&a=ironto&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {92A9831E-49D0-48FE-8092-0507586674D7} URL = http://start.funmoods.com/results.php?f=4&a=ironto&q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2790392
BHO: CostMin - {006846C3-6F78-DB49-910E-F4DAF29997DF} - C:\Program Files (x86)\CostMin\mJtw9vw0_g.x64.dll No File
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\Parameters: [NameServer] 75.126.206.18,184.173.169.186
Tcpip\..\Interfaces\{0560C90F-70CA-4D87-BB38-5DBF008C45B2}: [NameServer]75.126.206.18,184.173.169.186
Tcpip\..\Interfaces\{1396EA25-2475-4A19-A2C6-A1E0B3255BA3}: [NameServer]75.126.206.18,184.173.169.186
Tcpip\..\Interfaces\{c328fed4-6a85-11db-9fbd-806e6f6e6963}: [NameServer]75.126.206.18,184.173.169.186

FireFox:
========
FF ProfilePath: C:\Users\Twins\AppData\Roaming\Mozilla\Firefox\Profiles\soy9rh8d.default-1402368840332
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKCU\...\Firefox\Extensions: [sp2@sp.com] - C:\Program Files (x86)\Social Privacy\FF\

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (Media Player) - C:\Users\Twins\AppData\Local\Google\Chrome\User Data\Default\Extensions\agdkcahignpnpnffmhchioblaeehimpm [2014-02-18]
CHR Extension: (Social Privacy) - C:\Users\Twins\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfaifkapfifnanhhiidacmhldddojchn [2014-01-22]
CHR Extension: (Media View) - C:\Users\Twins\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjpcgbjoinhnojhpapcjckeooahpcleb [2014-03-15]
CHR Extension: (Media Viewer) - C:\Users\Twins\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbcknkbofkmhgcemmndopfhfpcmcjpkg [2014-02-24]
CHR Extension: (Media Watch) - C:\Users\Twins\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfedpadljnihlijmjdebmegbbhilhihk [2014-03-22]
CHR Extension: (Google Wallet) - C:\Users\Twins\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (No Name) - C:\Users\Twins\AppData\Local\Google\Chrome\User Data\Default\Extensions\okfmepelgpppdgpfifejkcdnimlipaoo [2014-03-08]
CHR Extension: (No Name) - C:\Users\Twins\AppData\Local\Google\Chrome\User Data\Default\Extensions\omabcafepeafkcjmjemondiocfgfieoj [2014-06-07]
CHR Extension: (Media View) - C:\Users\Twins\AppData\Local\Google\Chrome\User Data\Default\Extensions\pknkgbegokklcebhknklnjhhelcjobjc [2014-02-27]
CHR HKLM-x32\...\Chrome\Extension: [gjpcgbjoinhnojhpapcjckeooahpcleb] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3838\ch\MediaViewV1alpha3838.crx [2014-02-27]
CHR HKLM-x32\...\Chrome\Extension: [kbcknkbofkmhgcemmndopfhfpcmcjpkg] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha7191\ch\MediaViewerV1alpha7191.crx [2014-02-27]
CHR HKLM-x32\...\Chrome\Extension: [kfedpadljnihlijmjdebmegbbhilhihk] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home3385\ch\MediaWatchV1home3385.crx [2014-02-27]
CHR HKLM-x32\...\Chrome\Extension: [mhfdcmehmjcclgopdodkjdicohagipid] - C:\Users\Twins\AppData\Local\Temp\crx8863.tmp [2014-02-27]
CHR HKLM-x32\...\Chrome\Extension: [pknkgbegokklcebhknklnjhhelcjobjc] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3401\ch\MediaViewV1alpha3401.crx [2014-02-27]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3644432 2014-05-13] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [292424 2014-05-13] (AVG Technologies CZ, s.r.o.)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2014-05-11] (BitRaider, LLC)
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-02-28] (Hi-Rez Studios) [File not signed]
R2 SystemUpdatekb70007; C:\Users\Twins\AppData\Roaming\MRS\SystemUpdatekb70007\WindowsUpdater.exe [29184 2014-05-29] () [File not signed]
S2 vosr; C:\Users\Twins\AppData\Roaming\VOPackage\VOsrv.exe [X]

==================== Drivers (Whitelisted) ====================

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [236312 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [191768 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [323352 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130328 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [273176 2014-05-13] (AVG Technologies CZ, s.r.o.)
S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2014-05-11] (BitRaider)
R3 NVENETFD; C:\Windows\System32\DRIVERS\nvm60x64.sys [742696 2006-10-09] (NVIDIA Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-10 14:28 - 2014-06-10 14:28 - 02080768 _____ (Farbar) C:\Users\Twins\Downloads\FRST64.exe
2014-06-10 14:17 - 2014-06-10 14:24 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Twins\Downloads\spybot-2.3.exe
2014-06-09 22:50 - 2014-06-09 22:51 - 00000000 ____D () C:\Program Files (x86)\GetPrivate
2014-06-09 20:45 - 2014-06-09 20:46 - 00028420 _____ () C:\Users\Twins\Downloads\Addition.txt
2014-06-09 20:44 - 2014-06-10 14:28 - 00014559 _____ () C:\Users\Twins\Downloads\FRST.txt
2014-06-09 20:44 - 2014-06-10 14:28 - 00000000 ____D () C:\FRST
2014-06-09 17:33 - 2014-06-09 17:33 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-06-09 17:23 - 2014-06-09 23:13 - 00000000 ____D () C:\AdwCleaner
2014-06-09 17:20 - 2014-06-09 22:32 - 00000000 ____D () C:\Users\Twins\AppData\Local\Temp(475)
2014-06-09 17:20 - 2014-06-09 17:20 - 00023721 _____ () C:\ComboFix.txt
2014-06-09 17:20 - 2014-06-09 17:20 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\temp
2014-06-09 17:20 - 2014-06-09 17:20 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-06-09 17:20 - 2014-06-09 17:20 - 00000000 ____D () C:\Users\hedev\AppData\Local\Temp(145)
2014-06-09 17:20 - 2014-06-09 17:20 - 00000000 ____D () C:\Users\Guest\AppData\Local\temp
2014-06-09 17:20 - 2014-06-09 17:20 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-06-09 17:20 - 2014-06-09 17:20 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-06-09 17:20 - 2014-06-09 17:20 - 00000000 ____D () C:\Users\AppData\AppData\Local\temp
2014-06-09 17:20 - 2014-06-09 17:20 - 00000000 ____D () C:\Users\Administrator\AppData\Local\temp
2014-06-09 17:20 - 2014-06-09 17:20 - 00000000 ____D () C:\$RECYCLE(0).BIN
2014-06-09 16:57 - 2014-06-09 17:20 - 00000000 ____D () C:\Qoobox
2014-06-09 16:55 - 2014-06-09 16:55 - 00019116 _____ () C:\Users\Twins\Rogue killer report.txt
2014-06-09 16:42 - 2014-06-09 16:42 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-06-09 16:24 - 2014-06-09 23:13 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-06-09 16:22 - 2014-06-09 16:24 - 00001684 _____ () C:\Users\Twins\Desktop\Rkill.txt
2014-06-09 00:43 - 2014-06-09 00:43 - 00000000 ____D () C:\Users\Twins\AppData\Roaming\Oracle
2014-06-09 00:40 - 2014-06-09 00:42 - 00004312 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-08 22:17 - 2014-06-09 23:13 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-08 22:15 - 2014-06-03 16:08 - 00000000 ____D () C:\Users\Twins\Desktop\Chameleon
2014-06-08 20:27 - 2014-06-08 20:27 - 00355932 _____ () C:\Users\Twins\AppData\Local\dd_vcredistMSI17A1.txt
2014-06-08 20:27 - 2014-06-08 20:27 - 00012686 _____ () C:\Users\Twins\AppData\Local\dd_vcredistUI17A1.txt
2014-06-08 20:27 - 2014-06-08 20:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks(143)
2014-06-08 13:16 - 2014-06-08 13:16 - 00000000 ____D () C:\Users\Twins\Downloads\World of Warcraft - Cataclysm 4.3.4 (15595)
2014-06-07 03:29 - 2014-06-09 23:13 - 00000000 ____D () C:\Users\Twins\Downloads\World of Warcraft 3.3.5a (no install)
2014-06-07 03:28 - 2014-06-07 03:28 - 02271768 _____ () C:\Users\Twins\Downloads\World_of_Warcraft__Wrath_of_the_Lich_King_3.3.5a_(12340)(2).exe
2014-06-07 03:18 - 2014-06-09 22:54 - 00000000 ____D () C:\Users\Twins\Desktop\Old Firefox Data
2014-06-07 03:10 - 2014-06-07 03:10 - 00000966 _____ () C:\Users\Twins\Desktop\Malwarebytes Anti-Malware (3).lnk
2014-06-07 03:07 - 2014-06-07 03:07 - 00003062 _____ () C:\Windows\System32\Tasks\{AD25DF9B-4329-446D-8C2B-242460392057}
2014-06-07 03:03 - 2014-06-07 03:08 - 00000888 _____ () C:\Users\Twins\Desktop\firefox - Shortcut.lnk
2014-06-07 02:43 - 2014-06-07 02:43 - 00000779 _____ () C:\Users\Twins\Desktop\BitTorrent.lnk
2014-06-07 02:43 - 2014-06-07 02:43 - 00000759 _____ () C:\Users\Twins\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2014-06-07 02:42 - 2014-06-07 02:42 - 01643344 _____ (BitTorrent Inc.) C:\Users\Twins\Downloads\BitTorrent(1).exe
2014-06-07 02:40 - 2014-06-07 02:40 - 01643344 _____ (BitTorrent Inc.) C:\Users\Twins\Downloads\BitTorrent.exe
2014-06-07 02:39 - 2014-06-07 02:39 - 02271768 _____ () C:\Users\Twins\Downloads\StartDownload.exe
2014-06-07 02:38 - 2014-06-09 22:43 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-06-07 02:38 - 2014-06-09 22:43 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-06-07 02:37 - 2014-06-09 23:13 - 00000000 ____D () C:\Users\Twins\AppData\Local\MRS
2014-06-07 02:37 - 2014-06-09 22:44 - 00000000 ____D () C:\Users\Twins\AppData\Roaming\v9
2014-06-07 02:37 - 2014-06-09 22:44 - 00000000 ____D () C:\Users\Twins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-06-07 02:37 - 2014-06-09 22:43 - 00000000 ____D () C:\Program Files (x86)\Supporter
2014-06-07 02:37 - 2014-06-07 02:37 - 00000000 ____D () C:\Users\Twins\AppData\Roaming\MRS
2014-06-07 02:36 - 2014-06-09 23:13 - 00000000 ____D () C:\Users\Twins\AppData\Local\IdleCrawler
2014-06-07 02:36 - 2014-06-09 22:44 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Torch
2014-06-07 02:36 - 2014-06-09 22:44 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Chromatic Browser
2014-06-07 02:36 - 2014-06-09 22:44 - 00000000 ____D () C:\Users\Twins\AppData\Local\Torch
2014-06-07 02:36 - 2014-06-09 22:43 - 00000000 ____D () C:\Users\Twins\AppData\Local\Chromatic Browser
2014-06-07 02:36 - 2014-06-09 22:43 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
2014-06-07 02:36 - 2014-06-09 22:43 - 00000000 ____D () C:\Users\Guest\AppData\Local\Chromatic Browser
2014-06-07 02:36 - 2014-06-09 22:43 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-06-07 02:36 - 2014-06-09 22:43 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-06-07 02:36 - 2014-06-07 02:37 - 00000000 ____D () C:\Program Files (x86)\MRS
2014-06-07 02:36 - 2014-06-07 02:36 - 00004574 _____ () C:\Windows\System32\Tasks\IdleCrawler Runner
2014-06-07 02:36 - 2014-06-07 02:36 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google
2014-06-07 02:36 - 2014-06-07 02:36 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo
2014-06-07 02:36 - 2014-06-07 02:36 - 00000000 ____D () C:\Users\Twins\AppData\Local\Comodo
2014-06-07 02:36 - 2014-06-07 02:36 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-06-07 02:36 - 2014-06-07 02:36 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-06-07 02:36 - 2014-06-07 02:36 - 00000000 ____D () C:\Users\Guest
2014-06-07 02:36 - 2014-06-07 02:36 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-06-07 02:36 - 2014-06-07 02:36 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-06-07 02:36 - 2014-06-07 02:36 - 00000000 ____D () C:\Users\Administrator
2014-06-07 02:34 - 2014-06-07 02:35 - 02271768 _____ () C:\Users\Twins\Downloads\World_of_Warcraft__Wrath_of_the_Lich_King_3.3.5a_(12340)(1).exe
2014-06-06 01:55 - 2014-06-10 14:02 - 00000000 ____D () C:\Users\Twins\AppData\Local\fst_us_83
2014-06-06 01:55 - 2014-06-09 22:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\fst
2014-06-06 01:53 - 2014-06-10 06:51 - 00003476 _____ () C:\Windows\System32\Tasks\GPUpdateCheck
2014-06-06 01:53 - 2014-06-09 23:13 - 00000000 ____D () C:\Users\Twins\AppData\Roaming\wi_upd
2014-06-06 01:53 - 2014-06-09 22:51 - 00003218 _____ () C:\Windows\System32\Tasks\GPUpdate
2014-06-06 01:53 - 2014-06-09 22:44 - 00000000 ____D () C:\Users\Twins\AppData\Roaming\GetPrivate
2014-06-06 01:52 - 2014-06-06 01:52 - 02271768 _____ () C:\Users\Twins\Downloads\World_of_Warcraft__Wrath_of_the_Lich_King_3.3.5a_(12340).exe
2014-06-04 19:45 - 2014-02-08 21:59 - 00000000 ____D () C:\Users\Twins\Desktop\res_mods
2014-06-04 19:45 - 2014-02-08 21:57 - 00000000 ____D () C:\Users\Twins\Desktop\res
2014-06-04 17:39 - 2014-06-09 22:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks
2014-06-04 17:39 - 2014-06-04 17:39 - 00354396 _____ () C:\Users\Twins\AppData\Local\dd_vcredistMSI5E87.txt
2014-06-04 17:39 - 2014-06-04 17:39 - 00011910 _____ () C:\Users\Twins\AppData\Local\dd_vcredistUI5E87.txt
2014-06-04 17:39 - 2014-06-04 17:39 - 00000717 _____ () C:\Users\Public\Desktop\World of Tanks.lnk
2014-06-04 17:39 - 2014-06-04 17:39 - 00000000 ____D () C:\Games
2014-06-04 17:38 - 2014-06-04 17:38 - 09237816 _____ (Wargaming.net ) C:\Users\Twins\Downloads\WoT_internet_install_na(1).exe
2014-06-02 18:57 - 2014-06-07 03:22 - 00000000 ____D () C:\temp
2014-06-01 00:15 - 2014-06-01 00:15 - 00000744 _____ () C:\Users\Public\Desktop\Speccy.lnk
2014-06-01 00:15 - 2014-06-01 00:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2014-06-01 00:15 - 2014-06-01 00:15 - 00000000 ____D () C:\Program Files\Speccy
2014-06-01 00:14 - 2014-06-01 00:15 - 04890736 _____ (Piriform Ltd) C:\Users\Twins\Downloads\spsetup126.exe
2014-06-01 00:11 - 2014-06-10 06:51 - 00000270 _____ () C:\Windows\Tasks\pcreg.job
2014-06-01 00:11 - 2014-06-03 10:54 - 00000000 ____D () C:\Program Files\pcmax
2014-06-01 00:11 - 2014-06-01 00:11 - 00002898 _____ () C:\Windows\System32\Tasks\pcreg
2014-05-25 18:29 - 2014-05-25 18:30 - 00557470 _____ () C:\Users\Twins\Documents\TheMiniMaus.wotreplay
2014-05-21 23:09 - 2014-05-21 23:09 - 00003002 _____ () C:\Windows\System32\Tasks\{7E0B3D46-A349-4B5C-8D3A-B29D13704B6A}
2014-05-21 23:09 - 2014-05-21 23:09 - 00003002 _____ () C:\Windows\System32\Tasks\{14FE9E67-2288-43B8-A8D7-B08AA0B53B96}
2014-05-20 11:18 - 2014-05-20 11:18 - 00000000 ____D () C:\ProgramData\Curse Client
2014-05-20 11:15 - 2014-05-20 11:18 - 00000000 ____D () C:\Users\Twins\AppData\Roaming\Curse Advertising
2014-05-20 11:15 - 2014-05-20 11:15 - 00000000 ____D () C:\Users\Twins\Documents\My Curse
2014-05-20 11:13 - 2014-06-07 03:06 - 00000000 ____D () C:\Users\Twins\AppData\Local\Deployment
2014-05-20 11:13 - 2014-05-20 11:13 - 00000000 ____D () C:\Users\Twins\AppData\Local\Apps\2.0
2014-05-20 11:12 - 2014-05-20 11:12 - 00402696 _____ () C:\Users\Twins\Downloads\setup.exe
2014-05-20 02:32 - 2014-06-09 21:59 - 00000000 ____D () C:\Users\Twins\AppData\Roaming\TS3Client
2014-05-20 02:32 - 2014-05-20 02:32 - 00001001 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-05-20 02:32 - 2014-05-20 02:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-05-20 02:32 - 2014-05-20 02:32 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2014-05-20 02:30 - 2014-05-20 02:31 - 27601296 _____ (TeamSpeak Systems GmbH) C:\Users\Twins\Downloads\TeamSpeak3-Client-win32-3.0.14(1).exe
2014-05-20 02:29 - 2014-05-20 02:30 - 27601296 _____ (TeamSpeak Systems GmbH) C:\Users\Twins\Downloads\TeamSpeak3-Client-win32-3.0.14.exe
2014-05-19 21:56 - 2014-05-19 21:56 - 00000382 _____ () C:\Users\Twins\Desktop\Local Area Connection - Shortcut.lnk
2014-05-19 08:37 - 2014-05-19 08:37 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
2014-05-19 08:37 - 2014-05-19 08:37 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
2014-05-18 22:13 - 2014-05-18 22:13 - 00000000 ____D () C:\Users\Twins\AppData\Roaming\Wargaming.net
2014-05-18 02:15 - 2014-06-08 20:27 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-05-18 02:15 - 2014-06-08 20:27 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-05-18 02:15 - 2014-05-18 02:15 - 00354442 _____ () C:\Users\Twins\AppData\Local\dd_vcredistMSI6B14.txt
2014-05-18 02:15 - 2014-05-18 02:15 - 00011142 _____ () C:\Users\Twins\AppData\Local\dd_vcredistUI6B14.txt
2014-05-18 02:13 - 2014-05-18 02:13 - 09237816 _____ (Wargaming.net ) C:\Users\Twins\Downloads\WoT_internet_install_na.exe
2014-05-15 21:08 - 2014-05-15 21:09 - 00000000 ____D () C:\Users\Twins\AppData\Local\TERA-Diagnostic
2014-05-15 20:52 - 2014-06-06 22:38 - 00000000 ____D () C:\Users\Twins\AppData\Roaming\Tera_Awesomium
2014-05-14 11:38 - 2014-06-06 20:14 - 00000000 ____D () C:\Program Files (x86)\TERA
2014-05-14 11:38 - 2014-05-14 11:38 - 00001505 _____ () C:\Users\Public\Desktop\TERA-Launcher.lnk
2014-05-14 11:38 - 2014-05-14 11:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TERA
2014-05-14 11:38 - 2014-05-14 11:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\En Masse Entertainment
2014-05-14 11:36 - 2014-05-14 11:37 - 29265824 _____ (En Masse Entertainment) C:\Users\Twins\Downloads\TERA-Setup.exe
2014-05-14 11:33 - 2014-05-14 11:34 - 10458976 _____ () C:\Users\Twins\Downloads\TERA-Setup-HC.exe
2014-05-13 20:24 - 2014-05-05 20:21 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-13 20:24 - 2014-05-05 19:32 - 12347392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-13 20:24 - 2014-05-05 19:14 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-13 20:24 - 2014-05-05 19:14 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-13 20:23 - 2014-05-05 20:46 - 17847808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-13 20:23 - 2014-05-05 20:21 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-13 20:14 - 2014-03-25 12:30 - 12900864 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-13 20:14 - 2014-03-25 09:26 - 11587584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-13 14:20 - 2014-05-13 14:20 - 00273176 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys
2014-05-13 14:20 - 2014-05-13 14:20 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys
2014-05-13 14:06 - 2014-05-13 14:06 - 00323352 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00191768 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00152344 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiska.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00130328 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00236312 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys
2014-05-12 10:01 - 2014-05-16 22:09 - 00000000 ____D () C:\Users\Twins\Documents\My Games
2014-05-12 08:59 - 2014-05-12 08:59 - 00000000 ____D () C:\Users\Twins\AppData\Roaming\Awesomium
2014-05-12 08:53 - 2014-05-12 08:53 - 00001872 _____ () C:\Users\Public\Desktop\Hi-Rez Diagnostics and Support.lnk
2014-05-12 08:53 - 2014-05-12 08:53 - 00001863 _____ () C:\Users\Public\Desktop\Smite.lnk
2014-05-12 08:53 - 2014-05-12 08:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
2014-05-12 08:53 - 2014-05-12 08:53 - 00000000 ____D () C:\ProgramData\Hi-Rez Studios
2014-05-12 08:52 - 2014-05-12 08:53 - 00000000 ____D () C:\Program Files (x86)\Hi-Rez Studios
2014-05-12 08:50 - 2014-05-12 08:50 - 39967251 _____ (Hi-Rez Studios) C:\Users\Twins\Downloads\InstallHiRezGamesEnglish.exe
2014-05-12 05:49 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-05-12 05:49 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-05-12 05:49 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-05-12 05:49 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-05-12 05:48 - 2014-05-12 05:49 - 00004100 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-05-11 15:18 - 2014-05-11 15:18 - 00000000 ____D () C:\Users\Twins\AppData\Roaming\AVG2014
2014-05-11 15:16 - 2014-05-19 08:37 - 00000872 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-05-11 15:16 - 2014-05-19 08:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-05-11 15:16 - 2014-05-11 15:16 - 00000000 ____D () C:\Users\Twins\AppData\Roaming\TuneUp Software
2014-05-11 15:14 - 2014-06-03 10:54 - 00000000 ____D () C:\ProgramData\AVG2014
2014-05-11 15:14 - 2014-05-11 15:14 - 00000000 ____D () C:\$AVG
2014-05-11 15:12 - 2014-05-11 15:12 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-05-11 15:09 - 2014-06-07 02:57 - 00000000 ____D () C:\Users\Twins\AppData\Local\Avg2014
2014-05-11 15:09 - 2014-06-05 18:32 - 00000000 ____D () C:\ProgramData\MFAData
2014-05-11 15:09 - 2014-05-11 15:09 - 04485528 _____ (AVG Technologies) C:\Users\Twins\Downloads\avg_free_stb_all_2014_4577_cnet.exe
2014-05-11 15:09 - 2014-05-11 15:09 - 00000000 ____D () C:\Users\Twins\AppData\Local\MFAData
2014-05-11 04:13 - 2014-05-11 04:13 - 00000000 ____D () C:\Users\Twins\AppData\Local\SWTOR
2014-05-11 03:23 - 2014-06-09 00:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-11 03:10 - 2014-06-09 23:12 - 00000000 ____D () C:\ProgramData\BitRaider
2014-05-11 03:10 - 2014-05-11 03:10 - 00000000 ____D () C:\Users\Public\Documents\BitRaider
2014-05-11 03:07 - 2014-05-11 03:07 - 00001280 _____ () C:\Users\Public\Desktop\Star Wars - The Old Republic.lnk
2014-05-11 03:07 - 2014-05-11 03:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
2014-05-11 03:06 - 2014-05-11 03:07 - 00013992 _____ () C:\Users\Twins\Documents\Install STAR WARS The Old Republic.log
2014-05-11 03:05 - 2014-05-11 15:01 - 29720272 _____ () C:\Users\Twins\Downloads\SWTOR_setup.exe
2014-05-11 01:07 - 2014-06-09 17:28 - 00051850 _____ () C:\Windows\PFRO.log

==================== One Month Modified Files and Folders =======

2014-06-10 14:28 - 2014-06-10 14:28 - 02080768 _____ (Farbar) C:\Users\Twins\Downloads\FRST64.exe
2014-06-10 14:28 - 2014-06-09 20:44 - 00014559 _____ () C:\Users\Twins\Downloads\FRST.txt
2014-06-10 14:28 - 2014-06-09 20:44 - 00000000 ____D () C:\FRST
2014-06-10 14:28 - 2011-09-15 12:36 - 00000000 ____D () C:\Users\Twins\AppData\Local\Temp
2014-06-10 14:27 - 2006-11-02 11:22 - 00004112 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-10 14:27 - 2006-11-02 11:22 - 00004112 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-10 14:26 - 2011-11-23 15:52 - 00000000 ____D () C:\Users\Twins\AppData\Roaming\BitTorrent
2014-06-10 14:25 - 2012-01-06 16:30 - 00000000 ____D () C:\Users\Twins\AppData\Roaming\Skype
2014-06-10 14:24 - 2014-06-10 14:17 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Twins\Downloads\spybot-2.3.exe
2014-06-10 14:09 - 2014-05-02 22:14 - 00000748 _____ () C:\Windows\wininit.ini
2014-06-10 14:09 - 2013-12-15 03:22 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-06-10 14:08 - 2013-12-15 03:22 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-10 14:02 - 2014-06-06 01:55 - 00000000 ____D () C:\Users\Twins\AppData\Local\fst_us_83
2014-06-10 13:56 - 2008-01-20 21:53 - 01489137 _____ () C:\Windows\WindowsUpdate.log
2014-06-10 13:51 - 2012-04-16 14:38 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-10 13:44 - 2012-03-09 21:29 - 00002471 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
2014-06-10 06:51 - 2014-06-06 01:53 - 00003476 _____ () C:\Windows\System32\Tasks\GPUpdateCheck
2014-06-10 06:51 - 2014-06-01 00:11 - 00000270 _____ () C:\Windows\Tasks\pcreg.job
2014-06-10 06:51 - 2014-01-22 23:49 - 00000414 _____ () C:\Windows\Tasks\PC Optimizer Pro64 startups.job
2014-06-10 06:50 - 2011-09-15 12:56 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-10 06:50 - 2006-11-02 11:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-09 23:13 - 2014-06-09 17:23 - 00000000 ____D () C:\AdwCleaner
2014-06-09 23:13 - 2014-06-09 16:24 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-06-09 23:13 - 2014-06-08 22:17 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-09 23:13 - 2014-06-07 03:29 - 00000000 ____D () C:\Users\Twins\Downloads\World of Warcraft 3.3.5a (no install)
2014-06-09 23:13 - 2014-06-07 02:37 - 00000000 ____D () C:\Users\Twins\AppData\Local\MRS
2014-06-09 23:13 - 2014-06-07 02:36 - 00000000 ____D () C:\Users\Twins\AppData\Local\IdleCrawler
2014-06-09 23:13 - 2014-06-06 01:53 - 00000000 ____D () C:\Users\Twins\AppData\Roaming\wi_upd
2014-06-09 23:13 - 2014-01-29 12:14 - 00000000 ____D () C:\Users\Twins\AppData\Local\TeamSpeak 3 Client
2014-06-09 23:13 - 2013-12-25 00:18 - 00000000 ____D () C:\Users\Twins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-06-09 23:13 - 2013-10-10 17:29 - 00000000 ____D () C:\Users\Twins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-06-09 23:13 - 2013-06-17 19:24 - 00000000 ____D () C:\Users\Twins\AppData\Local\SWTORPerf
2014-06-09 23:13 - 2013-05-15 18:42 - 00000000 ____D () C:\Users\Twins\AppData\Roaming\SystemRequirementsLab
2014-06-09 23:13 - 2013-02-21 17:02 - 00000000 ____D () C:\Users\Twins\AppData\Local\TERA
2014-06-09 23:13 - 2012-05-14 21:06 - 00000000 ____D () C:\Users\Twins\AppData\Roaming\PFStaticIP
2014-06-09 23:13 - 2012-04-12 23:20 - 00000000 ____D () C:\Users\Twins\AppData\Roaming\.minecraft
2014-06-09 23:13 - 2012-03-09 21:08 - 00000000 ____D () C:\Users\Twins\AppData\Roaming\Azureus
2014-06-09 23:13 - 2012-01-03 22:48 - 00000000 ____D () C:\Users\Twins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\project64 1.6
2014-06-09 23:13 - 2011-09-15 12:37 - 00000000 ___RD () C:\Users\Twins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-09 23:13 - 2011-09-15 12:37 - 00000000 ___RD () C:\Users\Twins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-06-09 23:13 - 2011-09-15 12:36 - 00000000 ___RD () C:\Users\Twins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-06-09 23:13 - 2011-09-15 12:36 - 00000000 ___RD () C:\Users\Twins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-09 23:13 - 2011-09-15 12:36 - 00000000 ____D () C:\Users\Twins
2014-06-09 23:13 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\system32\spool
2014-06-09 23:12 - 2014-05-11 03:10 - 00000000 ____D () C:\ProgramData\BitRaider
2014-06-09 23:12 - 2014-01-14 19:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-09 23:12 - 2006-11-02 09:33 - 00000000 ____D () C:\Windows\registration
2014-06-09 23:07 - 2006-11-02 11:42 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-09 22:54 - 2014-06-07 03:18 - 00000000 ____D () C:\Users\Twins\Desktop\Old Firefox Data
2014-06-09 22:51 - 2014-06-09 22:50 - 00000000 ____D () C:\Program Files (x86)\GetPrivate
2014-06-09 22:51 - 2014-06-06 01:53 - 00003218 _____ () C:\Windows\System32\Tasks\GPUpdate
2014-06-09 22:46 - 2013-12-15 03:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
2014-06-09 22:46 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\system32\Msdtc
2014-06-09 22:44 - 2014-06-07 02:37 - 00000000 ____D () C:\Users\Twins\AppData\Roaming\v9
2014-06-09 22:44 - 2014-06-07 02:37 - 00000000 ____D () C:\Users\Twins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-06-09 22:44 - 2014-06-07 02:36 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Torch
2014-06-09 22:44 - 2014-06-07 02:36 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Chromatic Browser
2014-06-09 22:44 - 2014-06-07 02:36 - 00000000 ____D () C:\Users\Twins\AppData\Local\Torch
2014-06-09 22:44 - 2014-06-06 01:53 - 00000000 ____D () C:\Users\Twins\AppData\Roaming\GetPrivate
2014-06-09 22:44 - 2014-01-29 12:14 - 00000000 ____D () C:\Users\Twins\AppData\Local\SwvUpdater
2014-06-09 22:44 - 2013-03-28 00:45 - 00000000 ____D () C:\Users\Twins\AppData\Roaming\Conduit
2014-06-09 22:44 - 2006-11-02 08:33 - 68157440 _____ () C:\Windows\system32\config\software_previous
2014-06-09 22:44 - 2006-11-02 08:33 - 59244544 _____ () C:\Windows\system32\config\components_previous
2014-06-09 22:44 - 2006-11-02 08:33 - 27000832 _____ () C:\Windows\system32\config\system_previous
2014-06-09 22:44 - 2006-11-02 08:33 - 04980736 _____ () C:\Windows\system32\config\default_previous
2014-06-09 22:44 - 2006-11-02 08:33 - 00262144 _____ () C:\Windows\system32\config\security_previous
2014-06-09 22:44 - 2006-11-02 08:33 - 00262144 _____ () C:\Windows\system32\config\sam_previous
2014-06-09 22:43 - 2014-06-07 02:38 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-06-09 22:43 - 2014-06-07 02:38 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-06-09 22:43 - 2014-06-07 02:37 - 00000000 ____D () C:\Program Files (x86)\Supporter
2014-06-09 22:43 - 2014-06-07 02:36 - 00000000 ____D () C:\Users\Twins\AppData\Local\Chromatic Browser
2014-06-09 22:43 - 2014-06-07 02:36 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
2014-06-09 22:43 - 2014-06-07 02:36 - 00000000 ____D () C:\Users\Guest\AppData\Local\Chromatic Browser
2014-06-09 22:43 - 2014-06-07 02:36 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-06-09 22:43 - 2014-06-07 02:36 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-06-09 22:43 - 2014-06-06 01:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\fst
2014-06-09 22:43 - 2014-06-04 17:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks
2014-06-09 22:43 - 2014-01-29 12:14 - 00000000 ____D () C:\Users\Twins\AppData\Local\Mobogenie
2014-06-09 22:43 - 2013-12-15 03:28 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-09 22:43 - 2013-12-15 03:28 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-06-09 22:43 - 2013-06-17 19:17 - 00000000 ____D () C:\Users\hedev\AppData\Local\Temp
2014-06-09 22:43 - 2012-06-09 21:12 - 00000000 ____D () C:\Program Files (x86)\Uncompressor
2014-06-09 22:43 - 2012-04-14 19:27 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-09 22:43 - 2012-04-13 21:54 - 00000000 ____D () C:\Program Files\Java
2014-06-09 22:43 - 2006-11-02 09:33 - 00000000 __RHD () C:\Users\Default
2014-06-09 22:32 - 2014-06-09 17:20 - 00000000 ____D () C:\Users\Twins\AppData\Local\Temp(475)
2014-06-09 21:59 - 2014-05-20 02:32 - 00000000 ____D () C:\Users\Twins\AppData\Roaming\TS3Client
2014-06-09 20:46 - 2014-06-09 20:45 - 00028420 _____ () C:\Users\Twins\Downloads\Addition.txt
2014-06-09 17:33 - 2014-06-09 17:33 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-06-09 17:28 - 2014-05-11 01:07 - 00051850 _____ () C:\Windows\PFRO.log
2014-06-09 17:27 - 2006-11-02 09:33 - 00000000 ____D () C:\Windows\schemas
2014-06-09 17:20 - 2014-06-09 17:20 - 00023721 _____ () C:\ComboFix.txt
2014-06-09 17:20 - 2014-06-09 17:20 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\temp
2014-06-09 17:20 - 2014-06-09 17:20 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-06-09 17:20 - 2014-06-09 17:20 - 00000000 ____D () C:\Users\hedev\AppData\Local\Temp(145)
2014-06-09 17:20 - 2014-06-09 17:20 - 00000000 ____D () C:\Users\Guest\AppData\Local\temp
2014-06-09 17:20 - 2014-06-09 17:20 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-06-09 17:20 - 2014-06-09 17:20 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-06-09 17:20 - 2014-06-09 17:20 - 00000000 ____D () C:\Users\AppData\AppData\Local\temp
2014-06-09 17:20 - 2014-06-09 17:20 - 00000000 ____D () C:\Users\Administrator\AppData\Local\temp
2014-06-09 17:20 - 2014-06-09 17:20 - 00000000 ____D () C:\$RECYCLE(0).BIN
2014-06-09 17:20 - 2014-06-09 16:57 - 00000000 ____D () C:\Qoobox
2014-06-09 16:55 - 2014-06-09 16:55 - 00019116 _____ () C:\Users\Twins\Rogue killer report.txt
2014-06-09 16:42 - 2014-06-09 16:42 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-06-09 16:24 - 2014-06-09 16:22 - 00001684 _____ () C:\Users\Twins\Desktop\Rkill.txt
2014-06-09 00:44 - 2014-05-11 03:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-09 00:43 - 2014-06-09 00:43 - 00000000 ____D () C:\Users\Twins\AppData\Roaming\Oracle
2014-06-09 00:42 - 2014-06-09 00:40 - 00004312 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-09 00:42 - 2014-01-14 21:39 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-08 22:48 - 2006-11-02 09:33 - 00000000 ___RD () C:\Windows\Offline Web Pages
2014-06-08 20:27 - 2014-06-08 20:27 - 00355932 _____ () C:\Users\Twins\AppData\Local\dd_vcredistMSI17A1.txt
2014-06-08 20:27 - 2014-06-08 20:27 - 00012686 _____ () C:\Users\Twins\AppData\Local\dd_vcredistUI17A1.txt
2014-06-08 20:27 - 2014-06-08 20:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks(143)
2014-06-08 20:27 - 2014-05-18 02:15 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-06-08 20:27 - 2014-05-18 02:15 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-06-08 13:16 - 2014-06-08 13:16 - 00000000 ____D () C:\Users\Twins\Downloads\World of Warcraft - Cataclysm 4.3.4 (15595)
2014-06-07 03:28 - 2014-06-07 03:28 - 02271768 _____ () C:\Users\Twins\Downloads\World_of_Warcraft__Wrath_of_the_Lich_King_3.3.5a_(12340)(2).exe
2014-06-07 03:22 - 2014-06-02 18:57 - 00000000 ____D () C:\temp
2014-06-07 03:10 - 2014-06-07 03:10 - 00000966 _____ () C:\Users\Twins\Desktop\Malwarebytes Anti-Malware (3).lnk
2014-06-07 03:08 - 2014-06-07 03:03 - 00000888 _____ () C:\Users\Twins\Desktop\firefox - Shortcut.lnk
2014-06-07 03:07 - 2014-06-07 03:07 - 00003062 _____ () C:\Windows\System32\Tasks\{AD25DF9B-4329-446D-8C2B-242460392057}
2014-06-07 03:07 - 2014-05-03 20:20 - 00000900 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-07 03:07 - 2011-09-15 12:37 - 00000979 _____ () C:\Users\Twins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-07 03:07 - 2011-09-15 12:37 - 00000973 _____ () C:\Users\Twins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-06-07 03:06 - 2014-05-20 11:13 - 00000000 ____D () C:\Users\Twins\AppData\Local\Deployment
2014-06-07 02:57 - 2014-05-11 15:09 - 00000000 ____D () C:\Users\Twins\AppData\Local\Avg2014
2014-06-07 02:43 - 2014-06-07 02:43 - 00000779 _____ () C:\Users\Twins\Desktop\BitTorrent.lnk
2014-06-07 02:43 - 2014-06-07 02:43 - 00000759 _____ () C:\Users\Twins\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2014-06-07 02:42 - 2014-06-07 02:42 - 01643344 _____ (BitTorrent Inc.) C:\Users\Twins\Downloads\BitTorrent(1).exe
2014-06-07 02:40 - 2014-06-07 02:40 - 01643344 _____ (BitTorrent Inc.) C:\Users\Twins\Downloads\BitTorrent.exe
2014-06-07 02:39 - 2014-06-07 02:39 - 02271768 _____ () C:\Users\Twins\Downloads\StartDownload.exe
2014-06-07 02:37 - 2014-06-07 02:37 - 00000000 ____D () C:\Users\Twins\AppData\Roaming\MRS
2014-06-07 02:37 - 2014-06-07 02:36 - 00000000 ____D () C:\Program Files (x86)\MRS
2014-06-07 02:36 - 2014-06-07 02:36 - 00004574 _____ () C:\Windows\System32\Tasks\IdleCrawler Runner
2014-06-07 02:36 - 2014-06-07 02:36 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google
2014-06-07 02:36 - 2014-06-07 02:36 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo
2014-06-07 02:36 - 2014-06-07 02:36 - 00000000 ____D () C:\Users\Twins\AppData\Local\Comodo
2014-06-07 02:36 - 2014-06-07 02:36 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-06-07 02:36 - 2014-06-07 02:36 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-06-07 02:36 - 2014-06-07 02:36 - 00000000 ____D () C:\Users\Guest
2014-06-07 02:36 - 2014-06-07 02:36 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-06-07 02:36 - 2014-06-07 02:36 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-06-07 02:36 - 2014-06-07 02:36 - 00000000 ____D () C:\Users\Administrator
2014-06-07 02:36 - 2014-03-08 22:24 - 00000000 ____D () C:\ProgramData\41c75174d4b9f261
2014-06-07 02:36 - 2014-02-13 22:57 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-06-07 02:36 - 2011-11-23 15:53 - 00000000 ____D () C:\Users\Twins\AppData\Local\Google
2014-06-07 02:35 - 2014-06-07 02:34 - 02271768 _____ () C:\Users\Twins\Downloads\World_of_Warcraft__Wrath_of_the_Lich_King_3.3.5a_(12340)(1).exe
2014-06-06 22:38 - 2014-05-15 20:52 - 00000000 ____D () C:\Users\Twins\AppData\Roaming\Tera_Awesomium
2014-06-06 20:14 - 2014-05-14 11:38 - 00000000 ____D () C:\Program Files (x86)\TERA
2014-06-06 01:52 - 2014-06-06 01:52 - 02271768 _____ () C:\Users\Twins\Downloads\World_of_Warcraft__Wrath_of_the_Lich_King_3.3.5a_(12340).exe
2014-06-05 18:32 - 2014-05-11 15:09 - 00000000 ____D () C:\ProgramData\MFAData
2014-06-04 17:39 - 2014-06-04 17:39 - 00354396 _____ () C:\Users\Twins\AppData\Local\dd_vcredistMSI5E87.txt
2014-06-04 17:39 - 2014-06-04 17:39 - 00011910 _____ () C:\Users\Twins\AppData\Local\dd_vcredistUI5E87.txt
2014-06-04 17:39 - 2014-06-04 17:39 - 00000717 _____ () C:\Users\Public\Desktop\World of Tanks.lnk
2014-06-04 17:39 - 2014-06-04 17:39 - 00000000 ____D () C:\Games
2014-06-04 17:38 - 2014-06-04 17:38 - 09237816 _____ (Wargaming.net ) C:\Users\Twins\Downloads\WoT_internet_install_na(1).exe
2014-06-04 01:26 - 2011-09-15 12:50 - 00001356 _____ () C:\Users\Twins\AppData\Local\d3d9caps.dat
2014-06-03 16:08 - 2014-06-08 22:15 - 00000000 ____D () C:\Users\Twins\Desktop\Chameleon
2014-06-03 10:54 - 2014-06-01 00:11 - 00000000 ____D () C:\Program Files\pcmax
2014-06-03 10:54 - 2014-05-11 15:14 - 00000000 ____D () C:\ProgramData\AVG2014
2014-06-01 00:15 - 2014-06-01 00:15 - 00000744 _____ () C:\Users\Public\Desktop\Speccy.lnk
2014-06-01 00:15 - 2014-06-01 00:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2014-06-01 00:15 - 2014-06-01 00:15 - 00000000 ____D () C:\Program Files\Speccy
2014-06-01 00:15 - 2014-06-01 00:14 - 04890736 _____ (Piriform Ltd) C:\Users\Twins\Downloads\spsetup126.exe
2014-06-01 00:11 - 2014-06-01 00:11 - 00002898 _____ () C:\Windows\System32\Tasks\pcreg
2014-05-26 23:40 - 2013-12-25 00:05 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-25 18:30 - 2014-05-25 18:29 - 00557470 _____ () C:\Users\Twins\Documents\TheMiniMaus.wotreplay
2014-05-23 21:52 - 2014-05-09 00:58 - 00000000 ____D () C:\Users\Twins\AppData\Roaming\NCSOFT
2014-05-23 21:52 - 2014-05-09 00:58 - 00000000 ____D () C:\Users\Twins\AppData\Local\NCSOFT
2014-05-23 21:52 - 2014-05-09 00:58 - 00000000 ____D () C:\Program Files (x86)\NCSOFT
2014-05-21 23:12 - 2012-01-06 16:30 - 00000000 ____D () C:\ProgramData\Skype
2014-05-21 23:09 - 2014-05-21 23:09 - 00003002 _____ () C:\Windows\System32\Tasks\{7E0B3D46-A349-4B5C-8D3A-B29D13704B6A}
2014-05-21 23:09 - 2014-05-21 23:09 - 00003002 _____ () C:\Windows\System32\Tasks\{14FE9E67-2288-43B8-A8D7-B08AA0B53B96}
2014-05-21 23:09 - 2014-03-13 22:30 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-05-20 11:18 - 2014-05-20 11:18 - 00000000 ____D () C:\ProgramData\Curse Client
2014-05-20 11:18 - 2014-05-20 11:15 - 00000000 ____D () C:\Users\Twins\AppData\Roaming\Curse Advertising
2014-05-20 11:15 - 2014-05-20 11:15 - 00000000 ____D () C:\Users\Twins\Documents\My Curse
2014-05-20 11:13 - 2014-05-20 11:13 - 00000000 ____D () C:\Users\Twins\AppData\Local\Apps\2.0
2014-05-20 11:12 - 2014-05-20 11:12 - 00402696 _____ () C:\Users\Twins\Downloads\setup.exe
2014-05-20 02:32 - 2014-05-20 02:32 - 00001001 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-05-20 02:32 - 2014-05-20 02:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-05-20 02:32 - 2014-05-20 02:32 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2014-05-20 02:31 - 2014-05-20 02:30 - 27601296 _____ (TeamSpeak Systems GmbH) C:\Users\Twins\Downloads\TeamSpeak3-Client-win32-3.0.14(1).exe
2014-05-20 02:30 - 2014-05-20 02:29 - 27601296 _____ (TeamSpeak Systems GmbH) C:\Users\Twins\Downloads\TeamSpeak3-Client-win32-3.0.14.exe
2014-05-19 21:56 - 2014-05-19 21:56 - 00000382 _____ () C:\Users\Twins\Desktop\Local Area Connection - Shortcut.lnk
2014-05-19 08:37 - 2014-05-19 08:37 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
2014-05-19 08:37 - 2014-05-19 08:37 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
2014-05-19 08:37 - 2014-05-11 15:16 - 00000872 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-05-19 08:37 - 2014-05-11 15:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-05-18 22:13 - 2014-05-18 22:13 - 00000000 ____D () C:\Users\Twins\AppData\Roaming\Wargaming.net
2014-05-18 02:15 - 2014-05-18 02:15 - 00354442 _____ () C:\Users\Twins\AppData\Local\dd_vcredistMSI6B14.txt
2014-05-18 02:15 - 2014-05-18 02:15 - 00011142 _____ () C:\Users\Twins\AppData\Local\dd_vcredistUI6B14.txt
2014-05-18 02:13 - 2014-05-18 02:13 - 09237816 _____ (Wargaming.net ) C:\Users\Twins\Downloads\WoT_internet_install_na.exe
2014-05-16 22:09 - 2014-05-12 10:01 - 00000000 ____D () C:\Users\Twins\Documents\My Games
2014-05-15 21:09 - 2014-05-15 21:08 - 00000000 ____D () C:\Users\Twins\AppData\Local\TERA-Diagnostic
2014-05-14 11:38 - 2014-05-14 11:38 - 00001505 _____ () C:\Users\Public\Desktop\TERA-Launcher.lnk
2014-05-14 11:38 - 2014-05-14 11:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TERA
2014-05-14 11:38 - 2014-05-14 11:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\En Masse Entertainment
2014-05-14 11:37 - 2014-05-14 11:36 - 29265824 _____ (En Masse Entertainment) C:\Users\Twins\Downloads\TERA-Setup.exe
2014-05-14 11:34 - 2014-05-14 11:33 - 10458976 _____ () C:\Users\Twins\Downloads\TERA-Setup-HC.exe
2014-05-13 20:37 - 2013-08-07 03:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-13 20:34 - 2006-11-02 08:35 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-05-13 14:20 - 2014-05-13 14:20 - 00273176 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys
2014-05-13 14:20 - 2014-05-13 14:20 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys
2014-05-13 14:06 - 2014-05-13 14:06 - 00323352 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00191768 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00152344 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiska.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00130328 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00236312 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys
2014-05-13 05:52 - 2012-04-16 14:38 - 00003682 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-13 05:51 - 2012-04-16 14:38 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-13 05:51 - 2011-09-15 12:45 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-12 09:56 - 2014-05-09 01:19 - 00133073 _____ () C:\Windows\DirectX.log
2014-05-12 08:59 - 2014-05-12 08:59 - 00000000 ____D () C:\Users\Twins\AppData\Roaming\Awesomium
2014-05-12 08:53 - 2014-05-12 08:53 - 00001872 _____ () C:\Users\Public\Desktop\Hi-Rez Diagnostics and Support.lnk
2014-05-12 08:53 - 2014-05-12 08:53 - 00001863 _____ () C:\Users\Public\Desktop\Smite.lnk
2014-05-12 08:53 - 2014-05-12 08:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
2014-05-12 08:53 - 2014-05-12 08:53 - 00000000 ____D () C:\ProgramData\Hi-Rez Studios
2014-05-12 08:53 - 2014-05-12 08:52 - 00000000 ____D () C:\Program Files (x86)\Hi-Rez Studios
2014-05-12 08:52 - 2011-09-15 13:05 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-12 08:50 - 2014-05-12 08:50 - 39967251 _____ (Hi-Rez Studios) C:\Users\Twins\Downloads\InstallHiRezGamesEnglish.exe
2014-05-12 05:49 - 2014-05-12 05:48 - 00004100 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-05-12 05:39 - 2014-05-03 20:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-11 16:31 - 2006-11-02 11:36 - 00001802 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Collaboration.lnk
2014-05-11 16:31 - 2006-11-02 11:36 - 00001753 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2014-05-11 16:31 - 2006-11-02 11:35 - 00001707 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Defender.lnk
2014-05-11 16:31 - 2006-11-02 11:34 - 00001718 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker.lnk
2014-05-11 15:18 - 2014-05-11 15:18 - 00000000 ____D () C:\Users\Twins\AppData\Roaming\AVG2014
2014-05-11 15:16 - 2014-05-11 15:16 - 00000000 ____D () C:\Users\Twins\AppData\Roaming\TuneUp Software
2014-05-11 15:14 - 2014-05-11 15:14 - 00000000 ____D () C:\$AVG
2014-05-11 15:12 - 2014-05-11 15:12 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-05-11 15:09 - 2014-05-11 15:09 - 04485528 _____ (AVG Technologies) C:\Users\Twins\Downloads\avg_free_stb_all_2014_4577_cnet.exe
2014-05-11 15:09 - 2014-05-11 15:09 - 00000000 ____D () C:\Users\Twins\AppData\Local\MFAData
2014-05-11 15:01 - 2014-05-11 03:05 - 29720272 _____ () C:\Users\Twins\Downloads\SWTOR_setup.exe
2014-05-11 13:16 - 2014-05-03 20:42 - 00000719 _____ () C:\Windows\setupact.log
2014-05-11 11:39 - 2011-09-15 12:36 - 00001460 _____ () C:\Users\Twins\AppData\Local\d3d9caps64.dat
2014-05-11 04:13 - 2014-05-11 04:13 - 00000000 ____D () C:\Users\Twins\AppData\Local\SWTOR
2014-05-11 03:10 - 2014-05-11 03:10 - 00000000 ____D () C:\Users\Public\Documents\BitRaider
2014-05-11 03:07 - 2014-05-11 03:07 - 00001280 _____ () C:\Users\Public\Desktop\Star Wars - The Old Republic.lnk
2014-05-11 03:07 - 2014-05-11 03:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
2014-05-11 03:07 - 2014-05-11 03:06 - 00013992 _____ () C:\Users\Twins\Documents\Install STAR WARS The Old Republic.log

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-10 06:57

==================== End Of Log =========================

Link to post
Share on other sites
Hunter2222

Hunter2222

Posted
  • Author
Posted

14:35:42.0327 0x1614  TDSS rootkit removing tool 3.0.0.39 Jun  5 2014 20:35:54
14:35:49.0492 0x1614  ============================================================
14:35:49.0492 0x1614  Current date / time: 2014/06/10 14:35:49.0492
14:35:49.0493 0x1614  SystemInfo:
14:35:49.0493 0x1614  
14:35:49.0493 0x1614  OS Version: 6.0.6002 ServicePack: 2.0
14:35:49.0493 0x1614  Product type: Workstation
14:35:49.0493 0x1614  ComputerName: TWINS-PC
14:35:49.0493 0x1614  UserName: Twins
14:35:49.0493 0x1614  Windows directory: C:\Windows
14:35:49.0493 0x1614  System windows directory: C:\Windows
14:35:49.0494 0x1614  Running under WOW64
14:35:49.0494 0x1614  Processor architecture: Intel x64
14:35:49.0494 0x1614  Number of processors: 2
14:35:49.0494 0x1614  Page size: 0x1000
14:35:49.0494 0x1614  Boot type: Normal boot
14:35:49.0494 0x1614  ============================================================
14:35:53.0022 0x1614  KLMD registered as C:\Windows\system32\drivers\82414363.sys
14:35:53.0602 0x1614  System UUID: {F170379C-ED9D-9AF4-1CC6-AB12B7E4BE80}
14:35:54.0836 0x1614  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0xA181, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
14:35:54.0836 0x1614  Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0xA181, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
14:35:54.0853 0x1614  ============================================================
14:35:54.0853 0x1614  \Device\Harddisk0\DR0:
14:35:54.0860 0x1614  MBR partitions:
14:35:54.0860 0x1614  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x24245FC1
14:35:54.0860 0x1614  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x24246000, BlocksNum 0x11E7800
14:35:54.0860 0x1614  \Device\Harddisk1\DR1:
14:35:54.0860 0x1614  MBR partitions:
14:35:54.0860 0x1614  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x24244731
14:35:54.0860 0x1614  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x24244770, BlocksNum 0x11E8BA0
14:35:54.0860 0x1614  ============================================================
14:35:54.0937 0x1614  C: <-> \Device\Harddisk0\DR0\Partition1
14:35:54.0967 0x1614  D: <-> \Device\Harddisk1\DR1\Partition2
14:35:55.0108 0x1614  E: <-> \Device\Harddisk0\DR0\Partition2
14:35:55.0126 0x1614  F: <-> \Device\Harddisk1\DR1\Partition1
14:35:55.0126 0x1614  ============================================================
14:35:55.0126 0x1614  Initialize success
14:35:55.0126 0x1614  ============================================================
14:36:00.0758 0x127c  ============================================================
14:36:00.0758 0x127c  Scan started
14:36:00.0758 0x127c  Mode: Manual;
14:36:00.0758 0x127c  ============================================================
14:36:00.0758 0x127c  KSN ping started
14:36:14.0278 0x127c  KSN ping finished: true
14:36:16.0324 0x127c  ================ Scan system memory ========================
14:36:16.0324 0x127c  System memory - ok
14:36:16.0324 0x127c  ================ Scan services =============================
14:36:16.0761 0x127c  [ 1965AAFFAB07E3FB03C77F81BEBA3547, 351A1EBB1B95C8E03ED125C8F997DEE810B4DF36AD290E7685FC01963B522BFC ] ACPI            C:\Windows\system32\drivers\acpi.sys
14:36:16.0768 0x127c  ACPI - ok
14:36:16.0955 0x127c  [ 09E7C37DF4A911C8A9AA8BF88ACD10AA, E881E0BBDCED58F28E0BA8DC27372EDFFFF2C57EE31CD13A032FDC9F7C831B5A ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:36:16.0962 0x127c  AdobeFlashPlayerUpdateSvc - ok
14:36:17.0023 0x127c  [ F14215E37CF124104575073F782111D2, 7F624F7F0FE9909C07AB2E4C74727686FDA9DF33778A9CBBE35027D6579E4F71 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
14:36:17.0037 0x127c  adp94xx - ok
14:36:17.0093 0x127c  [ 7D05A75E3066861A6610F7EE04FF085C, 406F2CE539C306BA60C233FBCDB029153588F0499BBE91E66FC915E5C5D7D2A5 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
14:36:17.0138 0x127c  adpahci - ok
14:36:17.0172 0x127c  [ 820A201FE08A0C345B3BEDBC30E1A77C, 3170B308724CAA0AD50B74D045C837C48BD6A3A11ABA222670BEA82192A861BF ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
14:36:17.0176 0x127c  adpu160m - ok
14:36:17.0200 0x127c  [ 9B4AB6854559DC168FBB4C24FC52E794, 83CD75DE0A16AE66586837565ECA8B98BA9309519139C4C2032474B8DDF5A1AD ] adpu320         C:\Windows\system32\drivers\adpu320.sys
14:36:17.0205 0x127c  adpu320 - ok
14:36:17.0299 0x127c  [ 0F421175574BFE0BF2F4D8E910A253BB, CEABE3A4F546EB6ACA079931AB532DC88FF757DEEF6F434991802220328A9CD6 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:36:17.0301 0x127c  AeLookupSvc - ok
14:36:17.0377 0x127c  [ 2BA159E1F9FD75F6A496742B20F1D9CF, 50094F6E8415ACDBC0DA9C24EDAB3F9B192D2F0D6A820C18E8DBC6D72849D612 ] AFD             C:\Windows\system32\drivers\afd.sys
14:36:17.0388 0x127c  AFD - ok
14:36:17.0415 0x127c  [ F6F6793B7F17B550ECFDBD3B229173F7, 7EB12A9372B7966440E39F1B567A43C21231D67DDFAA9C1DECC7E68627F82346 ] agp440          C:\Windows\system32\drivers\agp440.sys
14:36:17.0418 0x127c  agp440 - ok
14:36:17.0522 0x127c  [ 222CB641B4B8A1D1126F8033F9FD6A00, 8C7FD4BF87DC00893B99E64344C0E6A3F321DAD9BE60A99763629260E7C6312C ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
14:36:17.0531 0x127c  aic78xx - ok
14:36:17.0579 0x127c  [ 5922F4F59B7868F3D74BBBBEB7B825A3, 71504BC8B596F540BF059059670BC0C138D8759C1DD9F99F1EC368FD5C53F573 ] ALG             C:\Windows\System32\alg.exe
14:36:17.0583 0x127c  ALG - ok
14:36:17.0600 0x127c  [ 157D0898D4B73F075CE9FA26B482DF98, 84C3E163D7393FD306842F155C88A50B7D8AE88B59586F9014DB76B749CC33D5 ] aliide          C:\Windows\system32\drivers\aliide.sys
14:36:17.0601 0x127c  aliide - ok
14:36:17.0635 0x127c  [ 970FA5059E61E30D25307B99903E991E, CFB241803A63EA3469B2596462A42DDCA813B3ACF96E56BB34F5979BB34DDC32 ] amdide          C:\Windows\system32\drivers\amdide.sys
14:36:17.0636 0x127c  amdide - ok
14:36:17.0688 0x127c  [ CDC3632A3A5EA4DBB83E46076A3165A1, 40BE3451A3F29CD3352360FF72165C54237E44D01006390805D493B0D06F51DB ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
14:36:17.0719 0x127c  AmdK8 - ok
14:36:17.0766 0x127c  [ 9C37B3FD5615477CB9A0CD116CF43F5C, BD3F85A29931072F2B0C7283761E224E4621FE0D9D34D6D668A4516B28388484 ] Appinfo         C:\Windows\System32\appinfo.dll
14:36:17.0768 0x127c  Appinfo - ok
14:36:17.0886 0x127c  [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:36:17.0888 0x127c  Apple Mobile Device - ok
14:36:17.0979 0x127c  [ BA8417D4765F3988FF921F30F630E303, 876A8F34E578020DD9EDD64F7F77A0A3B4592EC568830B500D7EA844D3159C72 ] arc             C:\Windows\system32\drivers\arc.sys
14:36:18.0010 0x127c  arc - ok
14:36:18.0078 0x127c  [ 9D41C435619733B34CC16A511E644B11, DEFFBBB5ECE33B7DF949DF979188AF3B6674E7580FC069397AB756EA84E24822 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
14:36:18.0081 0x127c  arcsas - ok
14:36:18.0414 0x127c  [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:36:18.0416 0x127c  aspnet_state - ok
14:36:18.0470 0x127c  [ 22D13FF3DAFEC2A80634752B1EAA2DE6, 503F7E5F1B14D3F7AEAB0982E812B19DABE38FD4104D93922F50F0B2D19BECFB ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:36:18.0471 0x127c  AsyncMac - ok
14:36:18.0501 0x127c  [ E68D9B3A3905619732F7FE039466A623, 74C0B29E54EF064660B9C756E03D5A7EB78F261EFF768EB6E74D261FBD34340D ] atapi           C:\Windows\system32\drivers\atapi.sys
14:36:18.0503 0x127c  atapi - ok
14:36:18.0607 0x127c  [ 79318C744693EC983D20E9337A2F8196, 94226786EF8A101C2E805C6BA3C1CF46628BAF1AFCECBC1FAB7A7E7E5E642608 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:36:18.0622 0x127c  AudioEndpointBuilder - ok
14:36:18.0641 0x127c  [ 79318C744693EC983D20E9337A2F8196, 94226786EF8A101C2E805C6BA3C1CF46628BAF1AFCECBC1FAB7A7E7E5E642608 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
14:36:18.0652 0x127c  AudioSrv - ok
14:36:18.0714 0x127c  [ D89F8E4E025DAA0C39FF61AC0199E101, 0A80A572D93DBDE14CD5494EF3F866B44E9BC259D43EE23185E4FC227D08DE69 ] Avgdiska        C:\Windows\system32\DRIVERS\avgdiska.sys
14:36:18.0717 0x127c  Avgdiska - ok
14:36:19.0212 0x127c  [ 561CE09C52F6E945ED4CE7E173D1F542, 25FB1B55E22D4DF3B03B6D395B6C4749C03B950139767FA095C24234BD962782 ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
14:36:19.0287 0x127c  AVGIDSAgent - ok
14:36:19.0376 0x127c  [ F9984B8432204D000E15DE0A40D6F9AD, EBF0AAAFC9793F1EDCF3502CAE265CC012A60FA2B5DAD35A66DAD19ACFE206FC ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
14:36:19.0382 0x127c  AVGIDSDriver - ok
14:36:19.0467 0x127c  [ 73B684F26AD82BABC2A1B3E539ED027A, B164C0C395FF285ED31615E7DB5F43B31A2F1CB6156A68BB5F3802AFCA7B8887 ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
14:36:19.0472 0x127c  AVGIDSHA - ok
14:36:19.0535 0x127c  [ 18A542A22A31DFFEA51666E75393E7A5, 7EFA508ECE7266446B2A5E12DB7461D328F2B47E2A70A8AA2C9D0E42898C71AC ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
14:36:19.0543 0x127c  Avgldx64 - ok
14:36:19.0645 0x127c  [ EC0E347F6C95541504CCF1B85D74F91F, F0819BF489C8776696D9DD89AC9673717BAF957DFAA071DA3911560172C6D952 ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
14:36:19.0652 0x127c  Avgloga - ok
14:36:19.0732 0x127c  [ ADC65C6074A994D91CA9C6339C3DC978, A736BF94E41B9B06E826E3F2BBA7B305990DF68CF17DA8F661AE952FB240DDE1 ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
14:36:19.0735 0x127c  Avgmfx64 - ok
14:36:19.0790 0x127c  [ 7D206FA06603E95984EFF9822C9FC958, 11863D7A5A14C852594F90FD3A54E55CBE8C27075E640C9B222102AD9DA91F35 ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
14:36:19.0792 0x127c  Avgrkx64 - ok
14:36:19.0857 0x127c  [ 6FB25E61AC5885F5BD8BC5202D129BDF, 2644612402A8F7EDF8EB98537D10BCF0284B89797EC17A426DE94CE6922C1F4A ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
14:36:19.0863 0x127c  Avgtdia - ok
14:36:20.0012 0x127c  [ E5C581D358B62CF65776B8E4E17B9E5C, 955E4ECFD036330B139476CCCC7564B082C197D5E7577853E0C3D7B707EDB090 ] avgwd           C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
14:36:20.0021 0x127c  avgwd - ok
14:36:20.0224 0x127c  [ FFB96C2589FFA60473EAD78B39FBDE29, 6A2792753E2CB580672B3107C0DBB9D26B6DAA14B37D5EC314BD0E304197E03E ] BFE             C:\Windows\System32\bfe.dll
14:36:20.0237 0x127c  BFE - ok
14:36:20.0323 0x127c  [ 6D316F4859634071CC25C4FD4589AD2C, 73F69AC9E505F3B11A3CCFF8571930229A9058E672CD008A4BF26C0189564EAE ] BITS            C:\Windows\System32\qmgr.dll
14:36:20.0395 0x127c  BITS - ok
14:36:20.0427 0x127c  [ 79FEEB40056683F8F61398D81DDA65D2, 5EA3016194F71A2A2177C2B5129E82738EC621ACAD269809F4C131B72CFEB6C6 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
14:36:20.0436 0x127c  blbdrive - ok
14:36:20.0628 0x127c  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:36:20.0641 0x127c  Bonjour Service - ok
14:36:20.0704 0x127c  [ 2348447A80920B2493A9B582A23E81E1, 50F9242B7104607E633ABAF4E0A213C1C1226BF81F7FB4E216A9E878247B868C ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:36:20.0707 0x127c  bowser - ok
14:36:20.0917 0x127c  [ D4F84730BE7FEB435D119792F84EA934, AE66026CEF3E3F71A210C903E55C327955872B22F01E80FC3410B0AA1355062C ] BRDriver64      C:\ProgramData\BitRaider\BRDriver64.sys
14:36:20.0920 0x127c  BRDriver64 - ok
14:36:20.0969 0x127c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
14:36:20.0984 0x127c  BrFiltLo - ok
14:36:21.0039 0x127c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
14:36:21.0077 0x127c  BrFiltUp - ok
14:36:21.0117 0x127c  [ A1B39DE453433B115B4EA69EE0343816, 61441E7E9D5259A5987DBD3FC8D4E3221A57F42C7CC0F94DB48E80EEF96CA5D4 ] Browser         C:\Windows\System32\browser.dll
14:36:21.0121 0x127c  Browser - ok
14:36:21.0218 0x127c  [ F0F0BA4D815BE446AA6A4583CA3BCA9B, E0A5DB5A0C7D6AF93ED45F34D2597F77982DFF41E4FDAC827FE5D80323ADED60 ] Brserid         C:\Windows\system32\drivers\brserid.sys
14:36:21.0261 0x127c  Brserid - ok
14:36:21.0344 0x127c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
14:36:21.0386 0x127c  BrSerWdm - ok
14:36:21.0468 0x127c  [ 78561B78811A147B99CB47EBBD2D2847, 4EF1ED64CAF0549B43A660FF70D5035DFD59CCD22E7353150E8A13944C936520 ] BRSptSvc        C:\ProgramData\BitRaider\BRSptSvc.exe
14:36:21.0482 0x127c  BRSptSvc - ok
14:36:21.0515 0x127c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
14:36:21.0524 0x127c  BrUsbMdm - ok
14:36:21.0563 0x127c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
14:36:21.0576 0x127c  BrUsbSer - ok
14:36:21.0635 0x127c  [ E0777B34E05F8A82A21856EFC900C29F, A7ACE3C65D1773C50ACD98A13B3ADBDD2A6052D7F5D124CB6EE6E7C22151A424 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
14:36:21.0667 0x127c  BTHMODEM - ok
14:36:21.0761 0x127c  [ B4D787DB8D30793A4D4DF9FEED18F136, 2A956F7DCFE61E556F30BDA6D45592A05533541D6ED321C251C1C05F6CEA6DDC ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:36:21.0770 0x127c  cdfs - ok
14:36:21.0838 0x127c  [ C025AA69BE3D0D25C7A2E746EF6F94FC, F4754B23CC256ADF92FDD42A9BA80F1ACB74834A58FCBEA2C52650FAFC7F9483 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
14:36:21.0895 0x127c  cdrom - ok
14:36:21.0951 0x127c  [ 5A268127633C7EE2A7FB87F39D748D56, 45C530A0EE0108543A75B9427F77EBB5E8350AE16C235763B6F32E72CE15C449 ] CertPropSvc     C:\Windows\System32\certprop.dll
14:36:21.0953 0x127c  CertPropSvc - ok
14:36:22.0004 0x127c  [ 02EA568D498BBDD4BA55BF3FCE34D456, 5A418B156CBB48D14E0F6B6AE6E03B8CD97AABE838F260757014479566C63F17 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
14:36:22.0084 0x127c  circlass - ok
14:36:22.0237 0x127c  [ 3DCA9A18B204939CFB24BEA53E31EB48, 73CEDE020A6C8269EE8847A4E43071FD231179DA9430DE2983263B8345AD92B7 ] CLFS            C:\Windows\system32\CLFS.sys
14:36:22.0247 0x127c  CLFS - ok
14:36:22.0451 0x127c  [ 8EE772032E2FE80A924F3B8DD5082194, B743DF91563A22CC15D9B44105804B5866A29D3DFC156DBE88DFAFEF903B94C0 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:36:22.0453 0x127c  clr_optimization_v2.0.50727_32 - ok
14:36:22.0663 0x127c  [ CE07A466201096F021CD09D631B21540, 1A11DDAB7000569A89F3FA26BDEE4D527FA6D57D3F91CDABAA9C02CACDDE5F6D ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:36:22.0667 0x127c  clr_optimization_v2.0.50727_64 - ok
14:36:22.0993 0x127c  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:36:23.0075 0x127c  clr_optimization_v4.0.30319_32 - ok
14:36:23.0211 0x127c  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:36:23.0265 0x127c  clr_optimization_v4.0.30319_64 - ok
14:36:23.0387 0x127c  [ E5D5499A1C50A54B5161296B6AFE6192, 20A8A0478918063A9EE81565F21F4ACCAA7B6A8B2E9E084099879D85574BAB3E ] cmdide          C:\Windows\system32\drivers\cmdide.sys
14:36:23.0409 0x127c  cmdide - ok
14:36:23.0448 0x127c  [ 7FB8AD01DB0EABE60C8A861531A8F431, E19353C686B07A0DBBA92CFCC88AB9B6BEBAF389416B78F4470BA673E7CD73C3 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
14:36:23.0451 0x127c  Compbatt - ok
14:36:23.0458 0x127c  COMSysApp - ok
14:36:23.0493 0x127c  [ A8585B6412253803CE8EFCBD6D6DC15C, C3906B080D3BB06CB976FD98C62CBA97DAE74970A5559D51EF5111D773949322 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
14:36:23.0495 0x127c  crcdisk - ok
14:36:23.0652 0x127c  [ 5AAC48EAF8EACF247DB44FB61B900D89, D20FCD5C71CA18F284D3DFD0CED37F6888A296E76B7B0563F2F4668CF90FE752 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:36:23.0657 0x127c  CryptSvc - ok
14:36:23.0917 0x127c  [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
14:36:23.0939 0x127c  cvhsvc - ok
14:36:24.0156 0x127c  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF, 3BE4B8EE22FA55D3A17D3718781C8BCA631C78F7928092561F6B79BB60E7D7FE ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:36:24.0177 0x127c  DcomLaunch - ok
14:36:24.0271 0x127c  [ 8B722BA35205C71E7951CDC4CDBADE19, 39720A60DFD0532F7E1A1976240E9828559BF9E0C6D1CFBF4D911965BFD94158 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
14:36:24.0332 0x127c  DfsC - ok
14:36:24.0651 0x127c  [ C647F468F7DE343DF8C143655C5557D4, E2D35FE49C408B952D8FE0C7EF70D42798229D30B89CEF9858BAC9F4F9E98EF2 ] DFSR            C:\Windows\system32\DFSR.exe
14:36:24.0778 0x127c  DFSR - ok
14:36:24.0863 0x127c  [ 3ED0321127CE70ACDAABBF77E157C2A7, 10973BD0AEF9597A4EA0A4947BDE922F9168F33D6ED97BFFEE6176AADAD78980 ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
14:36:24.0872 0x127c  Dhcp - ok
14:36:25.0023 0x127c  [ B0107E40ECDB5FA692EBF832F295D905, 76466BB9E4F12436ECCCB9D89EB20762B4785F82F02591B51A735A590E248264 ] disk            C:\Windows\system32\drivers\disk.sys
14:36:25.0029 0x127c  disk - ok
14:36:25.0195 0x127c  [ 06230F1B721494A6DF8D47FD395BB1B0, F6CA8270740E01D9CE2FE8E34BC067C7EDC15BA610F461860E1D17D135C8A379 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:36:25.0199 0x127c  Dnscache - ok
14:36:25.0236 0x127c  [ 1A7156DD1E850E9914E5E991E3225B94, 99FF0C7125B01FCB0B92DC44756AE8FAA486F2E7F38DC6204F7EFE5918F8480A ] dot3svc         C:\Windows\System32\dot3svc.dll
14:36:25.0241 0x127c  dot3svc - ok
14:36:25.0388 0x127c  [ 1583B39790DB3EAEC7EDB0CB0140C708, F94F9AE7054A38602CD25D4E10FE7C7B574BD9ED8440C3FDAA7275A1D1E663E7 ] DPS             C:\Windows\system32\dps.dll
14:36:25.0393 0x127c  DPS - ok
14:36:25.0462 0x127c  [ F1A78A98CFC2EE02144C6BEC945447E6, D2E2AA13BE6319F967002476A5D3CF09B1B44350576DD8E1C1C531854F53B488 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:36:25.0464 0x127c  drmkaud - ok
14:36:25.0676 0x127c  [ 0A3C78677FF62E9E0AE7CC25C790A968, 6A2D81BC3715FD4960D2C853870C056C5BFE581B25C4592CBF65EAC044DFEAB3 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:36:25.0702 0x127c  DXGKrnl - ok
14:36:25.0794 0x127c  [ 264CEE7B031A9D6C827F3D0CB031F2FE, 50CAD28A73D29E7E04A45330146CF713BA17101215955009121E36D43CD5C536 ] E1G60           C:\Windows\system32\DRIVERS\E1G6032E.sys
14:36:25.0801 0x127c  E1G60 - ok
14:36:25.0807 0x127c  EagleX64 - ok
14:36:25.0887 0x127c  [ C2303883FD9BE49DC36A6400643002EA, F062D1D6D503CF5195BDE8C1DC75B541F559CB8175ADABCDB7690E9F1CA3EA4E ] EapHost         C:\Windows\System32\eapsvc.dll
14:36:25.0890 0x127c  EapHost - ok
14:36:25.0941 0x127c  [ 5F94962BE5A62DB6E447FF6470C4F48A, D00F9B3315DE8610BBE93FFD3CA3E2CF5B10697C518FC25FA4274CC6894D022B ] Ecache          C:\Windows\system32\drivers\ecache.sys
14:36:25.0955 0x127c  Ecache - ok
14:36:26.0309 0x127c  [ 14CE384D2E27B64C256BDA4DC39C312D, D5FA9C2BB162F1C22E419D33671B8202AAC245A87F6B183B97F83F5BFA165B41 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
14:36:26.0321 0x127c  ehRecvr - ok
14:36:26.0455 0x127c  [ B93159C1313D66FDFBBE876F5189CD52, 51E39160EA56F6B08449267EDF2A0F604612663768D2348DE23554AB07BDBB62 ] ehSched         C:\Windows\ehome\ehsched.exe
14:36:26.0461 0x127c  ehSched - ok
14:36:26.0523 0x127c  [ F5EE2527D74449868E3C3227A59BCD28, 11640E97EE9D8F9A5DC3FEA6BA7A737AA796A7235C7F5C7EF1ABFB51C9D730D3 ] ehstart         C:\Windows\ehome\ehstart.dll
14:36:26.0566 0x127c  ehstart - ok
14:36:26.0630 0x127c  [ C4636D6E10469404AB5308D9FD45ED07, 367D958D19F672395462206F27C1E138386C2F37B0FA77546F4217CF16D05C84 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
14:36:26.0643 0x127c  elxstor - ok
14:36:26.0715 0x127c  [ A9B18B63A4FD6BAAB83326706D857FAB, 7721CC67C0F8CE3060D0EB35A10E4ADC1E3CB470C0797B17D606060C270F96D7 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
14:36:26.0730 0x127c  EMDMgmt - ok
14:36:26.0771 0x127c  [ BC3A58E938BB277E46BF4B3003B01ABD, 2BB054E632A96951DAB25B3BE8541AEC1B97A7739FC8D0E34BE8B9295600C8FC ] ErrDev          C:\Windows\system32\drivers\errdev.sys
14:36:26.0779 0x127c  ErrDev - ok
14:36:26.0873 0x127c  [ E12F22B73F153DECE721CD45EC05B4AF, 41887EEF4BB024329B4079AD50FC5FB705F0EB8BAF6C93A8242DC2A73D3AFD86 ] EventSystem     C:\Windows\system32\es.dll
14:36:26.0884 0x127c  EventSystem - ok
14:36:27.0065 0x127c  [ 486844F47B6636044A42454614ED4523, 3E24E78584B199C0FAA59613EEB7DF67B3B878B277A0130C7A3FF608C130BA2F ] exfat           C:\Windows\system32\drivers\exfat.sys
14:36:27.0073 0x127c  exfat - ok
14:36:27.0274 0x127c  [ 1A4BEE34277784619DDAF0422C0C6E23, 3223E1B5DD4866D8E09F1B465FF82C911DDEE5B01B084543086E47B11D2AEA77 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:36:27.0328 0x127c  fastfat - ok
14:36:27.0374 0x127c  [ 81B79B6DF71FA1D2C6D688D830616E39, 62F8BC0DB918A49B10A5BE1724A2E2F17FA7D8208D5D86822FACB2DCD97B3591 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
14:36:27.0383 0x127c  fdc - ok
14:36:27.0451 0x127c  [ BB9267ACACD8B7533DD936C34A0CBA5E, 32DE6E10ABA540D62F0D8AE30DE8769D7BF29E547838BEBE67C04183CC0B32C7 ] fdPHost         C:\Windows\system32\fdPHost.dll
14:36:27.0453 0x127c  fdPHost - ok
14:36:27.0476 0x127c  [ 300C80931EABBE1DB7591C516EFE8D0F, F031DA96B06B6FA8E0AD56D5E10E5A5882765C3FF258A4DE06A47EC34829FF04 ] FDResPub        C:\Windows\system32\fdrespub.dll
14:36:27.0477 0x127c  FDResPub - ok
14:36:27.0539 0x127c  [ 457B7D1D533E4BD62A99AED9C7BB4C59, 3933907DE163F8D3A81ED25169B693D723296C437C7C990BFE9DEFD60F7635FD ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:36:27.0547 0x127c  FileInfo - ok
14:36:27.0592 0x127c  [ D421327FD6EFCCAF884A54C58E1B0D7F, C2F3B72EA36BA8B74A30E128C088307CA768FDBE232BFA216CD78B0F9B7AF18A ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:36:27.0594 0x127c  Filetrace - ok
14:36:27.0637 0x127c  [ 230923EA2B80F79B0F88D90F87B87EBD, 1F3287970FEC73011F3B675C447BF0CA35416490D4740C6960595B091181059C ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
14:36:27.0639 0x127c  flpydisk - ok
14:36:27.0678 0x127c  [ E3041BC26D6930D61F42AEDB79C91720, 3556C033BB78445EC8B2F98A82455914764AFC70CBFF634DDBD3539885A1E457 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:36:27.0687 0x127c  FltMgr - ok
14:36:28.0082 0x127c  [ F937F278E44138C0386FA1DE69B1F72B, 49180522CCCB5377B5B3A7EF8B9697FBE19A1E5D84BC282D24C39B3D52698851 ] FontCache       C:\Windows\system32\FntCache.dll
14:36:28.0114 0x127c  FontCache - ok
14:36:28.0265 0x127c  [ BC5B0BE5AF3510B0FD8C140EE42C6D3E, B21CA5F14BDB6CFD97A24C28BB2AD0D704C46058F13B01FF4203514FE8B92591 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:36:28.0267 0x127c  FontCache3.0.0.0 - ok
14:36:28.0367 0x127c  [ 5779B86CD8B32519FBECB136394D946A, 68A395CD2287D22CB5C8CFE5A3006A61AC0C3FDAADF166C93240FF83C0315DCF ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:36:28.0385 0x127c  Fs_Rec - ok
14:36:28.0473 0x127c  [ C8E416668D3DC2BE3D4FE4C79224997F, 7DBC8E7687179A649638F606C9584F2E8EC2065762997CDF151F9BB99FA8D535 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
14:36:28.0476 0x127c  gagp30kx - ok
14:36:28.0514 0x127c  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:36:28.0526 0x127c  GEARAspiWDM - ok
14:36:28.0708 0x127c  [ A0E1B575BA8F504968CD40C0FAEB2384, F64A24A5A93F4E757882E97C65DA612F07A87F4DDD2E10C1AB0250AFA03BCEF1 ] gpsvc           C:\Windows\System32\gpsvc.dll
14:36:28.0730 0x127c  gpsvc - ok
14:36:29.0025 0x127c  [ 68E732382B32417FF61FD663259B4B09, 10C5365AEAC46DF4F5F6A8F96D15141B4709851D4752613233E57EB20CE16446 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:36:29.0076 0x127c  HdAudAddService - ok
14:36:29.0273 0x127c  [ F942C5820205F2FB453243EDFEC82A3D, 17A6A3DCF884FB524C93F2477D97E9F2B8E547709F8F2AEA93BEEA322B62E914 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
14:36:29.0299 0x127c  HDAudBus - ok
14:36:29.0342 0x127c  [ B4881C84A180E75B8C25DC1D726C375F, C0BEDBF43EFB0DD442A1D7985EA4A7493671648954B7D1840E30FB2FC46589A4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
14:36:29.0344 0x127c  HidBth - ok
14:36:29.0371 0x127c  [ 5F47839455D01FF6403B008D481A6F5B, 0CC1E8EE4C3E46937DEA39EAC2498C1A89667D6828430162FDFAE845C37D7079 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
14:36:29.0373 0x127c  HidIr - ok
14:36:29.0395 0x127c  [ 59361D38A297755D46A540E450202B2A, ED97800A3FF9B90EC58BC5122C42B53F46D9C157EFE488481E8677ED7058E33D ] hidserv         C:\Windows\system32\hidserv.dll
14:36:29.0397 0x127c  hidserv - ok
14:36:29.0426 0x127c  [ 443BDD2D30BB4F00795C797E2CF99EDF, BCE1A241AE5CCE3E1C65CCF07ECB4305C7106F2EFFD51F2C519EB00026B474C4 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
14:36:29.0427 0x127c  HidUsb - ok
14:36:29.0498 0x127c  [ DFD1D30D8B68D883B5858748F7E35AD2, 051C9940054558DCB96746C0425A52F5294194163946B4A2A9CAEA64CFA855A1 ] HiPatchService  C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
14:36:29.0499 0x127c  HiPatchService - ok
14:36:29.0570 0x127c  [ B12F367EA39C0795FD57E31242CE1A5A, 498439FE4D1217211EB6C1AC35CDA5D59F3AE8F06AF5E41EE9FDB0DC559FBE27 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:36:29.0573 0x127c  hkmsvc - ok
14:36:29.0622 0x127c  [ D7109A1E6BD2DFDBCBA72A6BC626A13B, 6141B6645F4152A326ECA8AD0DD04CB38C9EDA395BDF6FF260AB17CB86FC4C87 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
14:36:29.0624 0x127c  HpCISSs - ok
14:36:29.0678 0x127c  [ 098F1E4E5C9CB5B0063A959063631610, 36B02A738413E4745978E3E90D9CE8ABC08376BEE411008A4312A752CB4A2E13 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:36:29.0695 0x127c  HTTP - ok
14:36:29.0743 0x127c  [ DA94C854CEA5FAC549D4E1F6E88349E8, 10BEB47DB90F55BD1792C2041E49ED13E4E52BCC11BE6599F6DA8D91B79CC8D1 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
14:36:29.0745 0x127c  i2omp - ok
14:36:29.0783 0x127c  [ CBB597659A2713CE0C9CC20C88C7591F, A2BAC75F7247D871842A32EAA7594D338E728D1BFEAEA3C1FCDBF65F007BC06A ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
14:36:29.0819 0x127c  i8042prt - ok
14:36:29.0876 0x127c  [ 3E3BF3627D886736D0B4E90054F929F6, 95A138B65DC9133E92F53A529C7AD897D8823EFAED343756549FDF6C8C749CD0 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
14:36:29.0885 0x127c  iaStorV - ok
14:36:30.0037 0x127c  [ 749F5F8CEDCA70F2A512945325FC489D, 443B4F779F27CD69C1F072823FCD9E5BA7590B6F48BE759DC6A1F898C467E58F ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:36:30.0108 0x127c  idsvc - ok
14:36:30.0230 0x127c  [ 8C3951AD2FE886EF76C7B5027C3125D3, 85CF7231756E02BD9E5F4378F3FC794394A072B8028F27827F83ACE9EE554499 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
14:36:30.0232 0x127c  iirsp - ok
14:36:30.0303 0x127c  [ 0401A380C88754B2399F8043AC9B2BF9, BFF3B53FAFAE6622AA9F74BAA4A3D522C06E2D732B88916766603B9FE8D0D77F ] IKEEXT          C:\Windows\System32\ikeext.dll
14:36:30.0319 0x127c  IKEEXT - ok
14:36:30.0344 0x127c  [ DF797A12176F11B2D301C5B234BB200E, 384343636B21CA7EDF28EFD1B6728EAB1508CA49CE48FF3DC0D91DB843C0C73E ] intelide        C:\Windows\system32\drivers\intelide.sys
14:36:30.0345 0x127c  intelide - ok
14:36:30.0370 0x127c  [ BFD84AF32FA1BAD6231C4585CB469630, 33E0842F2D0879B02C115301174FCB19ED3AAF7B1B8E6284839CE16DE56476EA ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
14:36:30.0373 0x127c  intelppm - ok
14:36:30.0412 0x127c  [ 5624BC1BC5EEB49C0AB76A8114F05EA3, BD5AA534D8A923AF4D205EEC6DA55A3DC5F915E5F3223BF23F24C09824FA90B6 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
14:36:30.0451 0x127c  IPBusEnum - ok
14:36:30.0522 0x127c  [ D8AABC341311E4780D6FCE8C73C0AD81, 141E8032A934777567E6DAC35FB1C77C40D9B6EE477F17F872F35833A8F57F72 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:36:30.0525 0x127c  IpFilterDriver - ok
14:36:30.0572 0x127c  [ BF0DBFA9792C5C14FA00F61C75116C1B, 24C14DCAF57013F1C238E3C123279737420A714EB29CB69239C9838C9A269A59 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
14:36:30.0580 0x127c  iphlpsvc - ok
14:36:30.0588 0x127c  IpInIp - ok
14:36:30.0656 0x127c  [ 9C2EE2E6E5A7203BFAE15C299475EC67, E51628ECAB9CCCBCE02801C5E71406487A280765FEE318D14B0C227141B87658 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
14:36:30.0659 0x127c  IPMIDRV - ok
14:36:30.0713 0x127c  [ B7E6212F581EA5F6AB0C3A6CEEEB89BE, C29D7F392116BB09F7047A90702331F200DACFB3C94E7F912932971E0B7F0413 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
14:36:30.0716 0x127c  IPNAT - ok
14:36:30.0975 0x127c  [ 71F993192EB04B2C4C80F2DEE9119229, 881B7042724364C9D667DF6109E15DE78D9431DF5708CB16736AD723F4A38578 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
14:36:30.0989 0x127c  iPod Service - ok
14:36:31.0049 0x127c  [ 8C42CA155343A2F11D29FECA67FAA88D, 699F06D25C5F270CE1194F4D350CB0BE22C6AB609EECF35D066C034AC380BEE3 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:36:31.0051 0x127c  IRENUM - ok
14:36:31.0108 0x127c  [ 0672BFCEDC6FC468A2B0500D81437F4F, A0322B569C309F258684AFECCD52924A33F363186261730469245B7FA357C645 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:36:31.0109 0x127c  isapnp - ok
14:36:31.0142 0x127c  [ E4FDF99599F27EC25D2CF6D754243520, 9139E708EE30F10652C9A458BD58B0343A3C05E84CD3E71FA0B0E4123503CF7B ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
14:36:31.0148 0x127c  iScsiPrt - ok
14:36:31.0173 0x127c  [ 63C766CDC609FF8206CB447A65ABBA4A, D9CA006FA852C95E90E8A0837E296FCBFD76246DA8AFDE563863D5F95BDFEC52 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
14:36:31.0175 0x127c  iteatapi - ok
14:36:31.0215 0x127c  [ 1281FE73B17664631D12F643CBEA3F59, B27571A0348CDF81DC102A61712CBA9A4AF7AC0015A7702B0DE73AD4E4646853 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
14:36:31.0217 0x127c  iteraid - ok
14:36:31.0243 0x127c  [ 423696F3BA6472DD17699209B933BC26, 00C2EAA1A8E9D422D178B7678598743234930C1858D76C632F079EF789BB56C3 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
14:36:31.0245 0x127c  kbdclass - ok
14:36:31.0276 0x127c  [ DBDF75D51464FBC47D0104EC3D572C05, E392EE961E734620245874C7700D56621A1A990C45DF5CE0B7D270BA708F255E ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
14:36:31.0311 0x127c  kbdhid - ok
14:36:31.0358 0x127c  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] KeyIso          C:\Windows\system32\lsass.exe
14:36:31.0369 0x127c  KeyIso - ok
14:36:31.0465 0x127c  [ 88956AD9FA510848AD176777A6C6C1F5, 8F2FBF7E70F836C2C11EE5ABCAFE3E51DC26E953DDFBEE3C1B4AA8E58EBDCF5E ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:36:31.0484 0x127c  KSecDD - ok
14:36:31.0574 0x127c  [ 1D419CF43DB29396ECD7113D129D94EB, 21ECCE9D17F055C7B5066110864E10C99291CE50B389C545371333904CE2DBB5 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
14:36:31.0582 0x127c  ksthunk - ok
14:36:31.0734 0x127c  [ 1FAF6926F3416D3DA05C5B265491BDAE, 3989E18522691CC3820092033E00ED39D08861DFB369AA0DFFF4B379E48EA1F0 ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:36:31.0750 0x127c  KtmRm - ok
14:36:31.0808 0x127c  [ 50C7A3CB427E9BB5ED0708A669956AB5, 3DAD1C01AE58FE2C6134283B19118E2F3C884DDFFBAE4A46B7B5E4FB1A2567A1 ] LanmanServer    C:\Windows\system32\srvsvc.dll
14:36:31.0814 0x127c  LanmanServer - ok
14:36:31.0948 0x127c  [ CAF86FC1388BE1E470F1A7B43E348ADB, 9E9AE0B617D1031E8462524802A2D997AE7C944A7D00D403FF903145A7FEB761 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:36:31.0957 0x127c  LanmanWorkstation - ok
14:36:32.0005 0x127c  [ 96ECE2659B6654C10A0C310AE3A6D02C, 3322E87B9F64C3ACBCB634F2390AAB212FA7695383BF01F0092A803871BF19B2 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:36:32.0007 0x127c  lltdio - ok
14:36:32.0053 0x127c  [ 961CCBD0B1CCB5675D64976FAE37D092, 258378BE76A13E4368C9587E6A22727721E4B267B0D26D3D3E333B3B2A5A0611 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:36:32.0062 0x127c  lltdsvc - ok
14:36:32.0079 0x127c  [ A47F8080CACC23C91FE823AD19AA5612, 161575406D158D6D5C9220F1E82C0CC19108C74ADC35C509BAF9B0C414EFD8EE ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:36:32.0083 0x127c  lmhosts - ok
14:36:32.0116 0x127c  [ ACBE1AF32D3123E330A07BFBC5EC4A9B, 0E17E4DD30B5AF8F269EF8EA003836C9E16273262A050B9BE3ED802DD3AC9319 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
14:36:32.0121 0x127c  LSI_FC - ok
14:36:32.0144 0x127c  [ 799FFB2FC4729FA46D2157C0065B3525, AB462A34D061C113DA12641C45159A58D0AEA1C440233D061A20DF99586CFA93 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
14:36:32.0182 0x127c  LSI_SAS - ok
14:36:32.0234 0x127c  [ F445FF1DAAD8A226366BFAF42551226B, 92B63E15363F1EAE8A54D4E74ED21669D0A9FE99C654671556C58456228278B1 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
14:36:32.0241 0x127c  LSI_SCSI - ok
14:36:32.0286 0x127c  [ 52F87B9CC8932C2A7375C3B2A9BE5E3E, 2EB22DD418D4934BDD22C5DB49D5D06178EC0419AB5CC28DD544CA91823987B0 ] luafv           C:\Windows\system32\drivers\luafv.sys
14:36:32.0292 0x127c  luafv - ok
14:36:32.0354 0x127c  [ 76A58DF02BD4EA29F189B82D0BEF17F8, B3A96AABE050BB332ECD9AF7C35D08B468AC459D30FF4D49B609BA3F95ECEEDA ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
14:36:32.0361 0x127c  Mcx2Svc - ok
14:36:32.0422 0x127c  [ 5C5CD6AACED32FB26C3FB34B3DCF972F, 34A66C21FA79800D3CDE933CFA71343218F94D67AAE763EA0B53AC49060CB6D0 ] megasas         C:\Windows\system32\drivers\megasas.sys
14:36:32.0424 0x127c  megasas - ok
14:36:32.0462 0x127c  [ 859BC2436B076C77C159ED694ACFE8F8, 4AEA57A8B9EACEC1B8DED3ECC95621C56E6D65CFE2DA9F07DAF7C7BAD132B624 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
14:36:32.0478 0x127c  MegaSR - ok
14:36:32.0509 0x127c  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A, 18B0E3E83E41C80809E8140F4C90AB051566C84DD891EA411746EA74E6EAF053 ] MMCSS           C:\Windows\system32\mmcss.dll
14:36:32.0512 0x127c  MMCSS - ok
14:36:32.0572 0x127c  [ 59848D5CC74606F0EE7557983BB73C2E, EA6ACF0619DE1E4272AEDC69F2E66E29DA499E8E8094243C9EF735FD8369229D ] Modem           C:\Windows\system32\drivers\modem.sys
14:36:32.0582 0x127c  Modem - ok
14:36:32.0646 0x127c  [ C247CC2A57E0A0C8C6DCCF7807B3E9E5, 357811D1B8F70828F6432879F59DAB916FBB55673B3473D879382DE33CFB3FAF ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
14:36:32.0672 0x127c  monitor - ok
14:36:32.0743 0x127c  [ 9367304E5E412B120CF5F4EA14E4E4F1, F87EBACEE27A50E6610FDCB4BD3001C35A99FEE6D63D643FF2CBF0D484CD082C ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
14:36:32.0745 0x127c  mouclass - ok
14:36:32.0786 0x127c  [ C2C2BD5C5CE5AAF786DDD74B75D2AC69, B77E4A7511923E7BD35A177A40B4E461AC9CB050D6F0575D4799DEF85DA6DA38 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
14:36:32.0824 0x127c  mouhid - ok
14:36:32.0837 0x127c  [ 11BC9B1E8801B01F7F6ADB9EAD30019B, 1BAF820C0AB1B70A114E767B2155A58BF86CD0D9CF582813C1635A86BE3A7A05 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
14:36:32.0844 0x127c  MountMgr - ok
14:36:32.0926 0x127c  [ E1B6FCAE82474FC071155263E2841D54, 341E2CEB1A86586730130311C4FAF86851151D5F08EF915A5F89B6C4094AE1F4 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:36:32.0930 0x127c  MozillaMaintenance - ok
14:36:32.0979 0x127c  [ F8276EB8698142884498A528DFEA8478, C0FF504F721F1D00F42CFE783D4F32C6728518F64646F5C5C11BA3A4824815BB ] mpio            C:\Windows\system32\drivers\mpio.sys
14:36:32.0985 0x127c  mpio - ok
14:36:33.0037 0x127c  [ C92B9ABDB65A5991E00C28F13491DBA2, D1233381A9E4262F0AB396BBDB7DE402D4370805E11EB8A118C846F6E9474098 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:36:33.0043 0x127c  mpsdrv - ok
14:36:33.0148 0x127c  [ 897E3BAF68BA406A61682AE39C83900C, 13F61D5C22BED061BE7C2669CCCAA2BAD4A0CE83800DF57A50306DE0A476FC27 ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:36:33.0183 0x127c  MpsSvc - ok
14:36:33.0282 0x127c  [ 3C200630A89EF2C0864D515B7A75802E, AA4A312E7A28FCE7A944747BADB809CAAD3D67899EBBE663D473621DB25B140A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
14:36:33.0284 0x127c  Mraid35x - ok
14:36:33.0353 0x127c  [ 7C1DE4AA96DC0C071611F9E7DE02A68D, 8B248A82324FB23C64D41FA91BCC22093DE44C48D688E5995C484A7072A6EC08 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:36:33.0358 0x127c  MRxDAV - ok
14:36:33.0422 0x127c  [ 1485811B320FF8C7EDAD1CAEBB1C6C2B, 9F157AAA1A793EF7E52817E4126B774C17FFA0036DADCF10A024FDC068F94F67 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:36:33.0428 0x127c  mrxsmb - ok
14:36:33.0544 0x127c  [ 3B929A60C833FC615FD97FBA82BC7632, 40EEBEB43F42A1A37FAA529E0C21984426F90C1EEFE1EF9BB2F696164595F91D ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:36:33.0552 0x127c  mrxsmb10 - ok
14:36:33.0627 0x127c  [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3, 197F70E24D2BBDEC35C2D5BC442267ACC4C5AE3FD5BB30A0928976BE9758C942 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:36:33.0637 0x127c  mrxsmb20 - ok
14:36:33.0719 0x127c  [ 1AC860612B85D8E85EE257D372E39F4D, 74682CCE44BCEE31BCA286D4F4E53B64CAAE244155F2B4C8FEB6AE7C391CA89D ] msahci          C:\Windows\system32\drivers\msahci.sys
14:36:33.0721 0x127c  msahci - ok
14:36:33.0768 0x127c  [ 264BBB4AAF312A485F0E44B65A6B7202, 1DF36540C77D5D885B6C2EE91F0446864D8E6D6CFED87A9ED0765E76FE05E102 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
14:36:33.0773 0x127c  msdsm - ok
14:36:33.0890 0x127c  [ 7EC02CE772F068ED0BEAFA3DA341A9BC, 3B5B4EA0BF1D1E57F4DF74A569304A5EE41821F5E2F352760B8C9CA82C6D8292 ] MSDTC           C:\Windows\System32\msdtc.exe
14:36:33.0895 0x127c  MSDTC - ok
14:36:33.0968 0x127c  [ 704F59BFC4512D2BB0146AEC31B10A7C, F7712944DDC192C47953D577BE31B79B4D11217305B1C3D0DCA31B1518CB8DCB ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:36:33.0971 0x127c  Msfs - ok
14:36:34.0016 0x127c  [ 00EBC952961664780D43DCA157E79B27, 4F8F5718D8574A128E0F6CD54C9BE59A93A7638A5689A8FF68D0C81D3E67808F ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:36:34.0018 0x127c  msisadrv - ok
14:36:34.0049 0x127c  [ 366B0C1F4478B519C181E37D43DCDA32, A98E2BC397FAD7D90653F55AC283CACAE7465D7F10A198D715046B1D896AF246 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:36:34.0055 0x127c  MSiSCSI - ok

Link to post
Share on other sites
Hunter2222

Hunter2222

Posted
  • Author
Posted

14:36:34.0063 0x127c  msiserver - ok
14:36:34.0082 0x127c  [ 0EA73E498F53B96D83DBFCA074AD4CF8, E3DDE34FCFF272E06CD8DA836F8D79E2515885715D4A7CD7BF8D97D7A4E0E781 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:36:34.0083 0x127c  MSKSSRV - ok
14:36:34.0111 0x127c  [ 52E59B7E992A58E740AA63F57EDBAE8B, A89F607B330BA1F42CA9FF01EF289BBD088350CF376568E58CB9865F1DA6CD72 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:36:34.0112 0x127c  MSPCLOCK - ok
14:36:34.0130 0x127c  [ 49084A75BAE043AE02D5B44D02991BB2, 4CD2692D191035CE9D18F4D21F054FF8C3F9CF2734464EA33EAB480A28AD447F ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:36:34.0132 0x127c  MSPQM - ok
14:36:34.0167 0x127c  [ DC6CCF440CDEDE4293DB41C37A5060A5, 768D08A67508E1CE69B67642A5E5A639C0DD1E93C956C56ECC5A56B0E502C953 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:36:34.0224 0x127c  MsRPC - ok
14:36:34.0257 0x127c  [ 855796E59DF77EA93AF46F20155BF55B, 75DFCEE16A9D94EDF74295B9686D92552817E8A00958917CB0E17089EDCF6A97 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
14:36:34.0259 0x127c  mssmbios - ok
14:36:34.0282 0x127c  [ 86D632D75D05D5B7C7C043FA3564AE86, 96911FBC106B91E76598EE110B5147D4C55E42C9194E857F866B6B395E78D2CB ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:36:34.0283 0x127c  MSTEE - ok
14:36:34.0320 0x127c  [ 0CC49F78D8ACA0877D885F149084E543, 984DDCB52F0DFC1B26C6504FE500E8D9C2CA7F79ED34608AE9866A0915B8BA67 ] Mup             C:\Windows\system32\Drivers\mup.sys
14:36:34.0329 0x127c  Mup - ok
14:36:34.0407 0x127c  [ A5B10C845E7538C60C0F5D87A57CB3F5, 2B4E16702591C59BC2CA2B99DBB504BAB4F4EF0835B0D9C7453D340CBF0BDF16 ] napagent        C:\Windows\system32\qagentRT.dll
14:36:34.0422 0x127c  napagent - ok
14:36:34.0468 0x127c  [ 2007B826C4ACD94AE32232B41F0842B9, 6267D165C3C8C5F83194890A6DBF71226D4B891AECD1D06F7AEB5D738C3DC9CA ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:36:34.0492 0x127c  NativeWifiP - ok
14:36:34.0628 0x127c  [ 65950E07329FCEE8E6516B17C8D0ABB6, 4429D9FF9B6E376D28D8FA4906B7554DF566EC23E455E3166C496B579622F204 ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:36:34.0644 0x127c  NDIS - ok
14:36:34.0732 0x127c  [ 64DF698A425478E321981431AC171334, C43177CB60F5D58E1FF7A31E9BE5DA7D92C4B25235867DD65BADC069EDF023F3 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:36:34.0733 0x127c  NdisTapi - ok
14:36:34.0781 0x127c  [ 8BAA43196D7B5BB972C9A6B2BBF61A19, 8AFFB26F6E8CF67F562818BBFE12FB448E4FCDF9B68858B625681565DE30DDC1 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:36:34.0788 0x127c  Ndisuio - ok
14:36:34.0829 0x127c  [ F8158771905260982CE724076419EF19, B86FFA790A30ED614A11C87F4D738C913EFC0924DC14750D544001D4E9556071 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:36:34.0834 0x127c  NdisWan - ok
14:36:34.0881 0x127c  [ 9CB77ED7CB72850253E973A2D6AFDF49, C3C15B317A7F7AE68B7BC62343962C47F075240F252727811DB4BEE443F9103F ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:36:34.0928 0x127c  NDProxy - ok
14:36:34.0991 0x127c  [ A499294F5029A7862ADC115BDA7371CE, 6BE0AAFE4EB59E056A929D6C1A009D8DFD547025481108CEFB12E5D6F86DBE14 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:36:35.0011 0x127c  NetBIOS - ok
14:36:35.0054 0x127c  [ FC2C792EBDDC8E28DF939D6A92C83D61, 9EDF8B56E2B47C31457074DA371B604E5F7EB2B3B5CD4688CBEEDD5B266D119B ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
14:36:35.0063 0x127c  netbt - ok
14:36:35.0108 0x127c  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] Netlogon        C:\Windows\system32\lsass.exe
14:36:35.0111 0x127c  Netlogon - ok
14:36:35.0194 0x127c  [ 9B63B29DEFC0F3115A559D2597BF5D75, 297319D3F2E97CB34464EA59D8FD96AC2B8B1A4F2AEE666937F16A041128021F ] Netman          C:\Windows\System32\netman.dll
14:36:35.0207 0x127c  Netman - ok
14:36:35.0255 0x127c  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:36:35.0261 0x127c  NetMsmqActivator - ok
14:36:35.0275 0x127c  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:36:35.0278 0x127c  NetPipeActivator - ok
14:36:35.0378 0x127c  [ 7846D0136CC2B264926A73047BA7688A, 6F56CC1B17095C378D98B58A92F9EDA2D009529DDB6F60E815D85C7606C8EDC0 ] netprofm        C:\Windows\System32\netprofm.dll
14:36:35.0390 0x127c  netprofm - ok
14:36:35.0492 0x127c  [ B69D6BB680C85243AF0263B3E01D5E77, 526B5C0CCAE6BE2EFFF532930FF8198864EA032B6D9EFC680ABC55E10B6984B6 ] netr7364        C:\Windows\system32\DRIVERS\netr7364.sys
14:36:35.0510 0x127c  netr7364 - ok
14:36:35.0547 0x127c  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:36:35.0582 0x127c  NetTcpActivator - ok
14:36:35.0591 0x127c  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:36:35.0596 0x127c  NetTcpPortSharing - ok
14:36:35.0705 0x127c  [ 4AC08BD6AF2DF42E0C3196D826C8AEA7, 8D7DE921E14BAF09D7E2704CFB2FB1C8A78A46DAF86CDF7A347C5D113A8C110B ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
14:36:35.0707 0x127c  nfrd960 - ok
14:36:35.0755 0x127c  [ F145BF4C4668E7E312069F81EF847CFC, C4926EFB41FE2813E90D83456C6CB8F3157D835391B443C7E26168F4E1D67DC7 ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:36:35.0761 0x127c  NlaSvc - ok
14:36:35.0833 0x127c  [ B298874F8E0EA93F06EC40AA8D146478, 275D769E5EFD3153985DAF84C5B22B9D65428E09AB41099901ABDD03B3A2625D ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:36:35.0835 0x127c  Npfs - ok
14:36:35.0861 0x127c  [ ACB62BAA1C319B17752553DF3026EEEB, 5A309DF390A097245250BB64AD5F8575BECA601E0A122DDCB494C67D3D9EA089 ] nsi             C:\Windows\system32\nsisvc.dll
14:36:35.0864 0x127c  nsi - ok
14:36:35.0879 0x127c  [ 1523AF19EE8B030BA682F7A53537EAEB, B000630CE4B562D39B5EE4148409B2E01D8924D33D27607B24ADC901357E7AA5 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:36:35.0881 0x127c  nsiproxy - ok
14:36:36.0064 0x127c  [ 2ACCAA3C3C55370A32F17B3595E1A217, 8539A293A5E1EBA2CC0FA9E999099D3B6B035D41069398AE17D737BBE4D9FEA8 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:36:36.0110 0x127c  Ntfs - ok
14:36:36.0153 0x127c  [ DD5D684975352B85B52E3FD5347C20CB, BB03C50D5178643550C024130E20FD9A023AE110B3C85A2D6E18FB8DBB3A12E4 ] Null            C:\Windows\system32\drivers\Null.sys
14:36:36.0154 0x127c  Null - ok
14:36:36.0203 0x127c  [ 9733F305FA84AAF84E7FB09C0B345ADB, 466629CC22224B2D4FA2098EB277BBDF9D2A0CD3D27D29638225207A76A08281 ] NVENETFD        C:\Windows\system32\DRIVERS\nvm60x64.sys
14:36:36.0245 0x127c  NVENETFD - ok
14:36:36.0887 0x127c  [ FCBA1C22727939E7CFF9EB08FE9692AB, 081FBF38EA17746C5CF2260AD32B62385D4A075476E30CBB9A2AA080F8AA0CA4 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:36:37.0272 0x127c  nvlddmkm - ok
14:36:37.0354 0x127c  [ 2C040B7ADA5B06F6FACADAC8514AA034, EF32F7C411090230ED1D95B2D01E8464DCC89D72EFD94BBC8DF6856D00B1A783 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:36:37.0358 0x127c  nvraid - ok
14:36:37.0379 0x127c  [ F7EA0FE82842D05EDA3EFDD376DBFDBA, 0ED0543A5331C0D8BBFD1BE3174482ED1B3EE70CA41CE8CE5C81977C37B3D129 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:36:37.0381 0x127c  nvstor - ok
14:36:37.0555 0x127c  [ 10C232F6CFFD51D2332898AE7AE0FF23, 92E5452D8467852C22D702ACAFB5DBFD312A8F72A4353B8D0A9C18AEFCE4B2B2 ] nvsvc           C:\Windows\system32\nvvsvc.exe
14:36:37.0582 0x127c  nvsvc - ok
14:36:37.0708 0x127c  [ 4789E020D2617046862D1790FC235FF6, FCFD56DF2CADA830E7B2D4B91D5A9D2FE783B1396CBA124000765168FA5B6574 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:36:37.0746 0x127c  nvUpdatusService - ok
14:36:37.0849 0x127c  [ 19067CA93075EF4823E3938A686F532F, 81339372E90CE9E2594461146A82B62452CF9DB3FF53381D30F6922059EDCF99 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:36:37.0925 0x127c  nv_agp - ok
14:36:37.0932 0x127c  NwlnkFlt - ok
14:36:37.0941 0x127c  NwlnkFwd - ok
14:36:38.0003 0x127c  [ B5B1CE65AC15BBD11C0619E3EF7CFC28, E9AA27724A7576D1869FF861A498DB8AF79A7B297F10272F1D63E6CB88CD455B ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
14:36:38.0005 0x127c  ohci1394 - ok
14:36:38.0228 0x127c  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:36:38.0263 0x127c  ose - ok
14:36:38.0576 0x127c  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:36:38.0699 0x127c  osppsvc - ok
14:36:38.0850 0x127c  [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
14:36:38.0941 0x127c  p2pimsvc - ok
14:36:38.0975 0x127c  [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] p2psvc          C:\Windows\system32\p2psvc.dll
14:36:38.0996 0x127c  p2psvc - ok
14:36:39.0099 0x127c  [ AECD57F94C887F58919F307C35498EA0, CD8E8B54A445EF0DC485D5F221588875C98328596F64EE03B2D8BD0B860504FB ] Parport         C:\Windows\system32\drivers\parport.sys
14:36:39.0129 0x127c  Parport - ok
14:36:39.0173 0x127c  [ B43751085E2ABE389DA466BC62A4B987, 167CB6B18B6B7B74A229A976833E1FBE6D51C9C0EB8A23C92FC2465B692DF383 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:36:39.0204 0x127c  partmgr - ok
14:36:39.0248 0x127c  [ 9AB157B374192FF276C1628FBDBA2B0E, E63E2EE1ABEEC5234F4F1318757EDB4A7567057B1DF1A2414C8698D47062B6AC ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:36:39.0252 0x127c  PcaSvc - ok
14:36:39.0291 0x127c  [ 47AB1E0FC9D0E12BB53BA246E3A0906D, 82B452D614B535FAD3AFEEA06DFBBF8F7C5031563A2558CFA04F9B94C76E45DF ] pci             C:\Windows\system32\drivers\pci.sys
14:36:39.0296 0x127c  pci - ok
14:36:39.0349 0x127c  [ 2657F6C0B78C36D95034BE109336E382, C85CFDA57A64B7CC1BB09225C2F81629CEF21C5F25735B098F214397D6DE0D2C ] pciide          C:\Windows\system32\drivers\pciide.sys
14:36:39.0351 0x127c  pciide - ok
14:36:39.0411 0x127c  [ 037661F3D7C507C9993B7010CEEE6288, A7B415675B14FD755D0167BBA458A902AA9ABFC4343A1B887289D31DE8A55285 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
14:36:39.0417 0x127c  pcmcia - ok
14:36:39.0456 0x127c  [ 58865916F53592A61549B04941BFD80D, 3511AF2EFD06636E144C36ECA8C7AA1A33C269EDB10A6D879AA25D9E11359AA9 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:36:39.0478 0x127c  PEAUTH - ok
14:36:39.0719 0x127c  [ 0ED8727EA0172860F47258456C06CAEA, 3CDAA1044E412EC4303CEABD36A8C7BADA2D6C6692E09B8FE440709E3F4F0166 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
14:36:39.0722 0x127c  PerfHost - ok
14:36:39.0894 0x127c  [ E9E68C1A0F25CF4A7AC966EEA74EE89E, 6C6903A856C29AD690FDA1B74ADB2222C3453FBE2B364245FA61D53C77C586C0 ] pla             C:\Windows\system32\pla.dll
14:36:39.0932 0x127c  pla - ok
14:36:39.0984 0x127c  [ FE6B0F59215C9FD9F9D26539C58C8B82, 52CF8BE31A28430226D117EB80974AEAE5EA07F39DE881164232D44BF67FF752 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:36:40.0025 0x127c  PlugPlay - ok
14:36:40.0092 0x127c  [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
14:36:40.0119 0x127c  PNRPAutoReg - ok
14:36:40.0153 0x127c  [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
14:36:40.0172 0x127c  PNRPsvc - ok
14:36:40.0308 0x127c  [ 89A5560671C2D8B4A4B51F3E1AA069D8, 07DEE5D73DDE09F954E2E13BB5603F0033829B6199C81A7C1709D94AB92B351E ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:36:40.0324 0x127c  PolicyAgent - ok
14:36:40.0371 0x127c  [ 23386E9952025F5F21C368971E2E7301, F7241C1799A8AA0E9106B101B841670304DC695FD8D290C690CE0ED5C13BC514 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:36:40.0374 0x127c  PptpMiniport - ok
14:36:40.0394 0x127c  [ 5080E59ECEE0BC923F14018803AA7A01, 2E201511821AECCF056962399AFA3533ED765A3E7FD30E7B38A6D13837367E69 ] Processor       C:\Windows\system32\drivers\processr.sys
14:36:40.0396 0x127c  Processor - ok
14:36:40.0429 0x127c  [ E058CE4FC2449D8BFA14739C83B7FF2A, 6ACA086D5E0EF3C3EAEBD78010E50739BBA7CA05E937FFF3A4F2AD22FD57B54A ] ProfSvc         C:\Windows\system32\profsvc.dll
14:36:40.0434 0x127c  ProfSvc - ok
14:36:40.0449 0x127c  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:36:40.0490 0x127c  ProtectedStorage - ok
14:36:40.0538 0x127c  [ C5AB7F0809392D0DA027F4A2A81BFA31, B5BC9712AD93661A77AF4D67DB5F05C58A93CF7CDD6F7BA20568C0A9F4630321 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
14:36:40.0541 0x127c  PSched - ok
14:36:40.0627 0x127c  [ 0B83F4E681062F3839BE2EC1D98FD94A, 47E1B8014C59981693F5544872AF00383528AAEF0C6FE9AE8C45A6359EFB067D ] ql2300          C:\Windows\system32\drivers\ql2300.sys
14:36:40.0663 0x127c  ql2300 - ok
14:36:40.0709 0x127c  [ E1C80F8D4D1E39EF9595809C1369BF2A, 5C18F8366049C690FC8AA4A992AA0765A6607F72E0EF889A5F3757E59FB1C143 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
14:36:40.0715 0x127c  ql40xx - ok
14:36:40.0828 0x127c  [ 90574842C3DA781E279061A3EFF91F07, F87DE7355DAA4FACF2126A0427C08BAAD9E647E0B02EE5447746BE969B28DA8D ] QWAVE           C:\Windows\system32\qwave.dll
14:36:40.0843 0x127c  QWAVE - ok
14:36:40.0892 0x127c  [ E8D76EDAB77EC9C634C27B8EAC33ADC5, 171A3C5D5C3C5845C3BF9A4BCD88E744B025C910AC2F528D0E7D66F173FF0BED ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:36:40.0894 0x127c  QWAVEdrv - ok
14:36:40.0908 0x127c  [ 1013B3B663A56D3DDD784F581C1BD005, 36B83F234C2D6A6112BC8B5EF0AB5075EE98AC0BED702C37E4C1C3D17EB49956 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:36:40.0909 0x127c  RasAcd - ok
14:36:40.0925 0x127c  [ B2AE18F847D07F0044404DDF7CB04497, 24B1D5E1D0621160640264656E3D447C611DEE1B0EE308971EF85F0AC3D9F7DD ] RasAuto         C:\Windows\System32\rasauto.dll
14:36:40.0929 0x127c  RasAuto - ok
14:36:40.0965 0x127c  [ AC7BC4D42A7E558718DFDEC599BBFC2C, E059EB9472FDDB73AF09FFEBA58D8284AFCDAB1516E0C5759980E60C892F8126 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:36:40.0970 0x127c  Rasl2tp - ok
14:36:40.0990 0x127c  [ 3AD83E4046C43BE510DE681588ACB8AF, C5445A23F35395B3EA3974C0D5E314E23D900C694D31F7B7A83FE9027D95A91C ] RasMan          C:\Windows\System32\rasmans.dll
14:36:41.0001 0x127c  RasMan - ok
14:36:41.0020 0x127c  [ 4517FBF8B42524AFE4EDE1DE102AAE3E, F01C8A773A637B66192BD16DDE467CAECC6E62853DBDB507FF3FC67B4B388988 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:36:41.0023 0x127c  RasPppoe - ok
14:36:41.0041 0x127c  [ C6A593B51F34C33E5474539544072527, 8182C1D15CDC164363D3DD355197160167A00BA9FA833AA444317D06344EF7CE ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:36:41.0044 0x127c  RasSstp - ok
14:36:41.0067 0x127c  [ 322DB5C6B55E8D8EE8D6F358B2AAABB1, 07B89F701594F680F50A885B923521763A6131104CEE63D422E1C359C23AE2F6 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:36:41.0075 0x127c  rdbss - ok
14:36:41.0103 0x127c  [ 603900CC05F6BE65CCBF373800AF3716, 83B010D51D1087673CF15FD0A992FD91CC910A073FEA9A8F20F6124B6E5489F2 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
14:36:41.0144 0x127c  RDPCDD - ok
14:36:41.0190 0x127c  [ C045D1FB111C28DF0D1BE8D4BDA22C06, 572986C93B982387EE94797A1EDE1C6C444B0F1078AC8201099452BFA021458F ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
14:36:41.0200 0x127c  rdpdr - ok
14:36:41.0207 0x127c  [ CAB9421DAF3D97B33D0D055858E2C3AB, 66C353CD310A91FAB0D0871ACCE71110595B63536560D0331DA70B1E33AC45BE ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
14:36:41.0209 0x127c  RDPENCDD - ok
14:36:41.0245 0x127c  [ AE4BD9E1C33D351D8E607FC81F15160C, AD785CA72B7C6EB9F94B2E797C758C0F804DB26EE056DDC6D4F85BB562A02EA4 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:36:41.0256 0x127c  RDPWD - ok
14:36:41.0334 0x127c  [ C612B9557DA73F70D41F8A6FBC8E5344, D7D11F202066F848FBD3F26D9FF915C7F3D68F30631393B2049F3AC5A40FD108 ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:36:41.0338 0x127c  RemoteAccess - ok
14:36:41.0401 0x127c  [ 44B9D8EC2F3EF3A0EFB00857AF70D861, A45D8024A242456A73337C91663A3E1633BF163234CDFD5DF86840F31FFFE84D ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:36:41.0406 0x127c  RemoteRegistry - ok
14:36:41.0529 0x127c  [ F46C457840D4B7A4DAAFEE739CE04102, 94E946036240B3BAFF17C4A49745E29E492ABBC7BE5110741B212DF4D7F45B84 ] RpcLocator      C:\Windows\system32\locator.exe
14:36:41.0531 0x127c  RpcLocator - ok
14:36:41.0596 0x127c  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF, 3BE4B8EE22FA55D3A17D3718781C8BCA631C78F7928092561F6B79BB60E7D7FE ] RpcSs           C:\Windows\system32\rpcss.dll
14:36:41.0612 0x127c  RpcSs - ok
14:36:41.0696 0x127c  [ 22A9CB08B1A6707C1550C6BF099AAE73, 46A9D40A03DC0B6C93274C0C1CDB132B2339E76E77CAB0F12AEDAD4C31822B91 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:36:41.0698 0x127c  rspndr - ok
14:36:41.0717 0x127c  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] SamSs           C:\Windows\system32\lsass.exe
14:36:41.0719 0x127c  SamSs - ok
14:36:41.0751 0x127c  [ CD9C693589C60AD59BBBCFB0E524E01B, F9EBD4FF4C712A563B1120D123012E41105D31402BE45D6F8C8DA71155D64ECB ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:36:41.0754 0x127c  sbp2port - ok
14:36:41.0816 0x127c  [ FD1CDCF108D5EF3366F00D18B70FB89B, 5BCE3A9D5DC0B6937A734264C5B8DE0E6B8F77A869A118F94D57E662AAB28FE2 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:36:41.0823 0x127c  SCardSvr - ok
14:36:42.0061 0x127c  [ 0F838C811AD295D2A4489B9993096C63, 3DF2F973359249735810CB5AD52E05126A93A1C7D9F6274ACB018A0A125846BD ] Schedule        C:\Windows\system32\schedsvc.dll
14:36:42.0087 0x127c  Schedule - ok
14:36:42.0215 0x127c  [ 5A268127633C7EE2A7FB87F39D748D56, 45C530A0EE0108543A75B9427F77EBB5E8350AE16C235763B6F32E72CE15C449 ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:36:42.0218 0x127c  SCPolicySvc - ok
14:36:42.0279 0x127c  [ 4FF71B076A7760FE75EA5AE2D0EE0018, DDDBC9530120F8C1AB449076F6F06F74354149B4C458E6682F957628EE795DE8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:36:42.0285 0x127c  SDRSVC - ok
14:36:42.0344 0x127c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:36:42.0345 0x127c  secdrv - ok
14:36:42.0413 0x127c  [ 5ACDCBC67FCF894A1815B9F96D704490, FE0247A8BEDB860EBD46A9D49C641D0B9AA24EE34132CDDADC9F5A605238FDA7 ] seclogon        C:\Windows\system32\seclogon.dll
14:36:42.0463 0x127c  seclogon - ok
14:36:42.0517 0x127c  [ 90973A64B96CD647FF81C79443618EED, 1D3CB7F724B7EADA6443DF07B258EE7FB7FEC92C2A7A9D3C57F6A220EF0DDDC4 ] SENS            C:\Windows\System32\sens.dll
14:36:42.0520 0x127c  SENS - ok
14:36:42.0546 0x127c  [ F71BFE7AC6C52273B7C82CBF1BB2A222, 8C7F0E426B266DBBFE4BBE3333A33C338209BD8BE0E434A98D0D2CFD78D3F758 ] Serenum         C:\Windows\system32\drivers\serenum.sys
14:36:42.0547 0x127c  Serenum - ok
14:36:42.0577 0x127c  [ E62FAC91EE288DB29A9696A9D279929C, 9B6A420556532F7F8D55FB6580A592A43BEA579A068B970C741A23DB079ECAD1 ] Serial          C:\Windows\system32\drivers\serial.sys
14:36:42.0581 0x127c  Serial - ok
14:36:42.0614 0x127c  [ A842F04833684BCEEA7336211BE478DF, 9D964AEA237C44898098AC9C2D043F00C66EDA7D73C381D616737C01A9D0FF45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
14:36:42.0623 0x127c  sermouse - ok
14:36:42.0665 0x127c  [ A8E4A4407A09F35DCCC3771AF590B0C4, F56ECE42CE81098FCCBCDFBBF006C3FB9EDD29C62F03C4EAE012EE690669481B ] SessionEnv      C:\Windows\system32\sessenv.dll
14:36:42.0670 0x127c  SessionEnv - ok
14:36:42.0693 0x127c  [ 14D4B4465193A87C127933978E8C4106, A5C3F2F09E9A0715529B05AC1020EF0F432121E129447795257087E0D6A812FC ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
14:36:42.0694 0x127c  sffdisk - ok
14:36:42.0717 0x127c  [ 7073AEE3F82F3D598E3825962AA98AB2, 82A959A0970CBA8CC16D44736ED12158E59E138484F3F53EBDD3A4C02DA3700D ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
14:36:42.0718 0x127c  sffp_mmc - ok
14:36:42.0773 0x127c  [ 35E59EBE4A01A0532ED67975161C7B82, 4F4296B8903FCD06439CC8BF93C703852E523834F09CF9121FDA729A988AF11B ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
14:36:42.0775 0x127c  sffp_sd - ok
14:36:42.0838 0x127c  [ 6B7838C94135768BD455CBDC23E39E5F, 868E054ED546479DEAD7C2834C7AB080820522C16F5B4BEF0F3B279A33ABA9C8 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
14:36:42.0877 0x127c  sfloppy - ok
14:36:43.0012 0x127c  [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
14:36:43.0033 0x127c  Sftfs - ok
14:36:43.0145 0x127c  [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
14:36:43.0184 0x127c  sftlist - ok
14:36:43.0256 0x127c  [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
14:36:43.0264 0x127c  Sftplay - ok
14:36:43.0305 0x127c  [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
14:36:43.0306 0x127c  Sftredir - ok
14:36:43.0361 0x127c  [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
14:36:43.0362 0x127c  Sftvol - ok
14:36:43.0493 0x127c  [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
14:36:43.0501 0x127c  sftvsa - ok
14:36:43.0627 0x127c  [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34, 9659C7B5046DE2C0416A74FDE6F798C3E78D38327CB71BAE49D57A8347A9097D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
14:36:43.0640 0x127c  SharedAccess - ok
14:36:43.0761 0x127c  [ 56793271ECDEDD350C5ADD305603E963, 7A29407C1C550FF3A6A3544811ABD971E9C760B984A7E64D5A1440C69D6AF483 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:36:43.0771 0x127c  ShellHWDetection - ok
14:36:43.0809 0x127c  [ 7A5DE502AEB719D4594C6471060A78B3, E8E16DF8AFFC230FBB1A5938925D464A1BA776184B8C020B37669EE2105DB9F2 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
14:36:43.0811 0x127c  SiSRaid2 - ok
14:36:43.0845 0x127c  [ 3A2F769FAB9582BC720E11EA1DFB184D, 83EEBCE37E8709FCE15FB44F546C727C56064ED49B73A471EA33480573558419 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
14:36:43.0847 0x127c  SiSRaid4 - ok
14:36:43.0889 0x127c  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
14:36:43.0893 0x127c  SkypeUpdate - ok
14:36:44.0402 0x127c  [ A9A27A8E257B45A604FDAD4F26FE7241, C5A1056522EE2BA7B70D34E391477A0E9351569CEF28B875172F4B363F6D4177 ] slsvc           C:\Windows\system32\SLsvc.exe
14:36:44.0455 0x127c  slsvc - ok
14:36:44.0524 0x127c  [ FD74B4B7C2088E390A30C85A896FC3AF, 897F1F89A4DDB356CF6E59EFBC32A2081C0CADE283793DB6879D263F7B2E313F ] SLUINotify      C:\Windows\system32\SLUINotify.dll
14:36:44.0527 0x127c  SLUINotify - ok
14:36:44.0617 0x127c  [ 290B6F6A0EC4FCDFC90F5CB6D7020473, 971888FE760641FF86165B9876E6FC12DBC309C0FED2734C60B9E0EBC078AAE0 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
14:36:44.0621 0x127c  Smb - ok
14:36:44.0657 0x127c  [ F8F47F38909823B1AF28D60B96340CFF, EFD948EE09F22F9F373A98BA6D9BC519FD9244986E4BE7B2BACD92D3C145AD1D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:36:44.0660 0x127c  SNMPTRAP - ok
14:36:44.0695 0x127c  [ 386C3C63F00A7040C7EC5E384217E89D, DD8766BCBD77EC6F67979A8B37B943A3A0E5478CE3FB129BF8FCA29B66529721 ] spldr           C:\Windows\system32\drivers\spldr.sys
14:36:44.0696 0x127c  spldr - ok
14:36:44.0737 0x127c  [ F66FF751E7EFC816D266977939EF5DC3, 689BDD0B442830E162F2F9A8EFBD0E137F518C7F0CD92EDF4A43EFBA188B69F4 ] Spooler         C:\Windows\System32\spoolsv.exe
14:36:44.0746 0x127c  Spooler - ok
14:36:44.0829 0x127c  [ 880A57FCCB571EBD063D4DD50E93E46D, D46BA584D1C33F17C4156127742FA470AA044C4BCE9E6A209E5B1F3A44C73350 ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:36:44.0842 0x127c  srv - ok
14:36:44.0972 0x127c  [ A1AD14A6D7A37891FFFECA35EBBB0730, AE00950D330EE4C05F5AA9BC7E63E974766D8E93B607CB3E683C727E8A65049D ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:36:44.0978 0x127c  srv2 - ok
14:36:45.0043 0x127c  [ 4BED62F4FA4D8300973F1151F4C4D8A7, 1835895B3E837F8862F7F669DFBDF5EAB627E5656377624474C17E92CF440D2A ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:36:45.0048 0x127c  srvnet - ok
14:36:45.0115 0x127c  [ 192C74646EC5725AEF3F80D19FF75F6A, 8F24FF139A46B1F837356B9D682526107D7BADCFA510842FEACB6F06C02D93D9 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:36:45.0123 0x127c  SSDPSRV - ok
14:36:45.0168 0x127c  [ 2EE3FA0308E6185BA64A9A7F2E74332B, EC6A15281685E6CDEADABDFD08C4AF980AD3B404C945EB121D7F90AFCA3D6849 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:36:45.0174 0x127c  SstpSvc - ok
14:36:45.0224 0x127c  [ 706080AD43599D4AB04F1676A3A62CC1, BD9A645163501E2234CAB2B99DB297A634526786D2CDC55FE1C18F5019623E34 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
14:36:45.0236 0x127c  Steam Client Service - ok
14:36:45.0424 0x127c  [ 5A19667A580B1CE886EAF968B9743F45, 0A9EBE4057A0A6EF4732623794C2416A6BD8B87356DA46652BD92762505F57C7 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
14:36:45.0432 0x127c  Stereo Service - ok
14:36:45.0505 0x127c  [ 15825C1FBFB8779992CB65087F316AF5, E9431C016D209A7322C0586F11EEF0AB461AB5822960287BB1D0FBC30183614D ] stisvc          C:\Windows\System32\wiaservc.dll
14:36:45.0524 0x127c  stisvc - ok
14:36:45.0622 0x127c  [ 8A851CA908B8B974F89C50D2E18D4F0C, 27EA13E50B5B72ABF6C5B7B7D34A7154A12BB27B1C1B2EEFCAA36A96010DB4DC ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
14:36:45.0631 0x127c  swenum - ok
14:36:45.0687 0x127c  [ 6DE37F4DE19D4EFD9C48C43ADDBC949A, 9C3714238571704CEE2AD4F1E15029243E00B494345C41F74EFDF3F0328CC9EA ] swprv           C:\Windows\System32\swprv.dll
14:36:45.0703 0x127c  swprv - ok
14:36:45.0753 0x127c  [ 2F26A2C6FC96B29BEFF5D8ED74E6625B, 0227EAF144BC35AA4FF2535E8C9974C0609B7634EE45F4166B9F88F79B17BBF1 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
14:36:45.0755 0x127c  Symc8xx - ok
14:36:45.0798 0x127c  [ A909667976D3BCCD1DF813FED517D837, 0874DD4C1CA7AE2E519EBB45433BC9F11A574408F5D2F9E23A340CA76512F5CE ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
14:36:45.0832 0x127c  Sym_hi - ok
14:36:45.0938 0x127c  [ 36887B56EC2D98B9C362F6AE4DE5B7B0, 7349FABACB633A9EEE3D4E241A5F443C28D23CC87F21EAAB3F1711644AA21D7C ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
14:36:45.0940 0x127c  Sym_u3 - ok
14:36:46.0186 0x127c  [ 92D7A8B0F87B036F17D25885937897A6, 6759BAB11E5FBB143BE13DF1611AE5D41D379DF423D881E92E910DF6A37CBA85 ] SysMain         C:\Windows\system32\sysmain.dll
14:36:46.0211 0x127c  SysMain - ok
14:36:46.0436 0x127c  [ 5697DA626175096815169A1D53829F53, F881142B2FC1543E64C238A05F63DF966B7960353F53A3AEADF84DBFF48DBDB2 ] SystemUpdatekb70007 C:\Users\Twins\AppData\Roaming\MRS\SystemUpdatekb70007\WindowsUpdater.exe
14:36:46.0437 0x127c  SystemUpdatekb70007 - ok
14:36:46.0500 0x127c  [ 005CE42567F9113A3BCCB3B20073B029, B1831D71410AD6E7DEB59D26BF6D2D07D2F6112936D6A6FDA57E9296ADA4076D ] TabletInputService C:\Windows\System32\TabSvc.dll
14:36:46.0504 0x127c  TabletInputService - ok
14:36:46.0715 0x127c  [ CC2562B4D55E0B6A4758C65407F63B79, C6AD05B345C699A715EC13830D8EA6EE9822F4B713D15B1F29AC044674A0F498 ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:36:46.0759 0x127c  TapiSrv - ok
14:36:46.0803 0x127c  [ CDBE8D7C1E201B911CDC346D06617FB5, 16D5965E32A109DA38D77F4B6281081569D78371B2F522DE51100967F8776C7A ] TBS             C:\Windows\System32\tbssvc.dll
14:36:46.0818 0x127c  TBS - ok
14:36:46.0958 0x127c  [ C2CB949645C299E23FBFD26CAD3FC96E, D2DB2F3F1013EA1E6E04D0AD74B8CDC3AD4BF6653F1092408629DD3492BE8968 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:36:46.0998 0x127c  Tcpip - ok
14:36:47.0077 0x127c  [ C2CB949645C299E23FBFD26CAD3FC96E, D2DB2F3F1013EA1E6E04D0AD74B8CDC3AD4BF6653F1092408629DD3492BE8968 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
14:36:47.0113 0x127c  Tcpip6 - ok
14:36:47.0205 0x127c  [ C7E72A4071EE0200E3C075DACFB2B334, 925A68FD021C7957792F31E9D69A31C180BEB878CD93D2C3E2BE463F58011A6C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:36:47.0213 0x127c  tcpipreg - ok
14:36:47.0335 0x127c  [ 1D8BF4AAA5FB7A2761475781DC1195BC, A28E972E9331BAD685D4C786FDE221565E0AD3E222B24B9182B7FA916BFCD9C8 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
14:36:47.0337 0x127c  TDPIPE - ok
14:36:47.0360 0x127c  [ 7F7E00CDF609DF657F4CDA02DD1C9BB1, 42A408E82D4017D27D3B0BBBA02BF4B21DEC060C89849785ED65962D18029B65 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
14:36:47.0362 0x127c  TDTCP - ok
14:36:47.0392 0x127c  [ 458919C8C42E398DC4802178D5FFEE27, E38828411DCE0AE2E2BF0D270FD80E47B46EDE4B44DAFD1DF11F54D427EACEB5 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:36:47.0394 0x127c  tdx - ok
14:36:47.0459 0x127c  [ 8C19678D22649EC002EF2282EAE92F98, 551E7EBA54C2345F2B7FD7AAA7ADA4C852C94F1B35E6E4BBEF883BAFA34F6262 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
14:36:47.0468 0x127c  TermDD - ok
14:36:47.0552 0x127c  [ 5CDD30BC217082DAC71A9878D9BFD566, 260D40973F9EEAE9A1890B813D8DCC01A9434D17DCE5DA1D16B72A57DCF59194 ] TermService     C:\Windows\System32\termsrv.dll
14:36:47.0569 0x127c  TermService - ok
14:36:47.0688 0x127c  [ 56793271ECDEDD350C5ADD305603E963, 7A29407C1C550FF3A6A3544811ABD971E9C760B984A7E64D5A1440C69D6AF483 ] Themes          C:\Windows\system32\shsvcs.dll
14:36:47.0698 0x127c  Themes - ok
14:36:47.0764 0x127c  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A, 18B0E3E83E41C80809E8140F4C90AB051566C84DD891EA411746EA74E6EAF053 ] THREADORDER     C:\Windows\system32\mmcss.dll
14:36:47.0771 0x127c  THREADORDER - ok
14:36:47.0842 0x127c  [ F4689F05AF472A651A7B1B7B02D200E7, 3D34B8879DBC69013D1A87A3F47B8A622A60B57F2E962E9F5925C5A01F44640F ] TrkWks          C:\Windows\System32\trkwks.dll
14:36:47.0847 0x127c  TrkWks - ok
14:36:48.0025 0x127c  [ 66328B08EF5A9305D8EDE36B93930369, FD8136BF15AB8D2DB15D011C4F813737D68EED1178462DB8CE40606C16185A30 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:36:48.0027 0x127c  TrustedInstaller - ok
14:36:48.0114 0x127c  [ B2388462329ACD17AF50D8701E0C1B18, 959D7B7CCB526367645BAA11C56C88C9AD741EE338BAD6513C54FC7ED43F3AC0 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
14:36:48.0115 0x127c  tssecsrv - ok
14:36:48.0172 0x127c  [ 89EC74A9E602D16A75A4170511029B3C, AACD82A6F5FE31FF1315F5CA69E5EB6BD172DD86610F0641177CCC131B542034 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
14:36:48.0173 0x127c  tunmp - ok
14:36:48.0204 0x127c  [ 30A9B3F45AD081BFFC3BCAA9C812B609, 57204F1F72FEFA086FF1D8A14487D56F4DEDD3C50FBB6903E0C4AC749EA720DE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:36:48.0242 0x127c  tunnel - ok
14:36:48.0279 0x127c  [ FEC266EF401966311744BD0F359F7F56, 6EE0223AEFA7A81BEB155FC0CD4421C2BEBCDCBC9663C23064B0445101114BF8 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
14:36:48.0283 0x127c  uagp35 - ok
14:36:48.0327 0x127c  [ FAF2640A2A76ED03D449E443194C4C34, CC2517DCFE6962EB2EDEB93E44CB53B113974C9C69A050E3F36385C8D78E810B ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:36:48.0336 0x127c  udfs - ok
14:36:48.0424 0x127c  [ 060507C4113391394478F6953A79EEDC, 5D0AE5F1184165289DC8E8CD493607FCB68512CF90F748E3BFD2250655D784D4 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:36:48.0475 0x127c  UI0Detect - ok
14:36:48.0523 0x127c  [ 4EC9447AC3AB462647F60E547208CA00, F304125321B1ECA915EDDBDB6A71EAEF3123DCB5604C9497D72F12E0C1BD5315 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:36:48.0537 0x127c  uliagpkx - ok
14:36:48.0579 0x127c  [ 697F0446134CDC8F99E69306184FBBB4, A741882B8FE403E3A5DECED5D4A2254B14AF40ACECD4DAA3D00D71C2205C2C5F ] uliahci         C:\Windows\system32\drivers\uliahci.sys
14:36:48.0587 0x127c  uliahci - ok
14:36:48.0612 0x127c  [ 31707F09846056651EA2C37858F5DDB0, A619AC4B32EA77AC29458894614870086C4DDB81525ADBCFF1AB8970FC5C257A ] UlSata          C:\Windows\system32\drivers\ulsata.sys
14:36:48.0650 0x127c  UlSata - ok
14:36:48.0682 0x127c  [ 85E5E43ED5B48C8376281BAB519271B7, DBDA4216553F7C5EA0C579346D0A638E62766D5B8FCB1BFF3149BB37BBF978D3 ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
14:36:48.0687 0x127c  ulsata2 - ok
14:36:48.0705 0x127c  [ 46E9A994C4FED537DD951F60B86AD3F4, 256F93ED3BD43B50F0D4489164D959F95AB070CC25A80A46355D2B387D336224 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
14:36:48.0706 0x127c  umbus - ok
14:36:48.0744 0x127c  [ 7093799FF80E9DECA0680D2E3535BE60, 1CBFCCA84CB9212176BF5A1D32334BD54E58A2668A4746252738800468AD4AD4 ] upnphost        C:\Windows\System32\upnphost.dll
14:36:48.0756 0x127c  upnphost - ok
14:36:48.0793 0x127c  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
14:36:48.0796 0x127c  USBAAPL64 - ok
14:36:48.0891 0x127c  [ A565B509000BD3E42A9B93B9FFD40D3D, A22734F2DDAAD743D479D40EA91024F1A16A18D9D6C9FC4F90F3930AD040BFA3 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
14:36:48.0894 0x127c  usbaudio - ok
14:36:48.0953 0x127c  [ 858CC93477F9A9383E07861892600FF9, C72B25E7F6AF46AC22F8D2A1FA0345B290AAE642442C8A388EA75944334BB289 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
14:36:48.0956 0x127c  usbccgp - ok
14:36:48.0984 0x127c  [ 3F4BE4D7C5C4F64101F252263E588856, 279B05BF84E5C2DC7A24ED8FC7BCBE8A9D308F80D9EFF59DE37B4B53BD0A653C ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
14:36:48.0988 0x127c  usbcir - ok
14:36:49.0019 0x127c  [ 82C3790E4E6F35087EF00994C7A72988, 95FA022BDAC65DCD2DA52C8FCC1F2C186B321F4599F40CB90262E24FD10AE16C ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
14:36:49.0022 0x127c  usbehci - ok
14:36:49.0049 0x127c  [ BE2EB33AF6EE2E5DA07EB987E0A321F5, 0FCFABA080C553451AE4FAFB54DFE57639251D97DA204C07EC66F469826F3B46 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
14:36:49.0057 0x127c  usbhub - ok
14:36:49.0071 0x127c  [ 396041C6EA61202991221AA6A3B16190, 42B2372CF3496F53710C1DEBE49E18B1DAD38F7474A72B0F744DD98EBD3E21E5 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
14:36:49.0073 0x127c  usbohci - ok
14:36:49.0099 0x127c  [ ACFEE697AF477021BB3EC78C5431FED2, DE529549074E7CA1601D889D62CFF45F00741EB584F9F2091D61527944334C2A ] usbprint        C:\Windows\system32\drivers\usbprint.sys
14:36:49.0101 0x127c  usbprint - ok
14:36:49.0123 0x127c  [ B854C1558FCA0C269A38663E8B59B581, 08CC36B33FA2281FC88671BE051863AA8CA911446D24596049DB77FB4CB09EA6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:36:49.0126 0x127c  USBSTOR - ok
14:36:49.0150 0x127c  [ B2872CBF9F47316ABD0E0C74A1ABA507, E9FB3EEA1D834A035675E22A3224E4E278C4D304F6511822D83250409D62BD3A ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
14:36:49.0152 0x127c  usbuhci - ok
14:36:49.0189 0x127c  [ D76E231E4850BB3F88A3D9A78DF191E3, 98CAD31C41AD155EA853DF850D94FA29543C3A7D26262D1B6881281D033CEBAF ] UxSms           C:\Windows\System32\uxsms.dll
14:36:49.0192 0x127c  UxSms - ok
14:36:49.0305 0x127c  [ 294945381DFA7CE58CECF0A9896AF327, 67414C6D79D2826BC86BB37349C9D74DB4B667310CBC1ABFD103E26332AE4A00 ] vds             C:\Windows\System32\vds.exe
14:36:49.0321 0x127c  vds - ok
14:36:49.0389 0x127c  [ 916B94BCF1E09873FFF2D5FB11767BBC, 072007FED4EF30C4D7AF8628CBEB2AC99EEAD99D7AB533E90E3748E3D4F11C28 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
14:36:49.0422 0x127c  vga - ok
14:36:49.0457 0x127c  [ B83AB16B51FEDA65DD81B8C59D114D63, 97D39AA763037752D87216B83896AFD2AD6DFEBB3BCDCED7A9ABFE5706B804C5 ] VgaSave         C:\Windows\System32\drivers\vga.sys
14:36:49.0463 0x127c  VgaSave - ok
14:36:49.0498 0x127c  [ 8294B6C3FDB6C33F24E150DE647ECDAA, FEBD9536EF61F700DFD5D9CB815808C8415D5B23590B3CE17B12D84F4670EA4D ] viaide          C:\Windows\system32\drivers\viaide.sys
14:36:49.0506 0x127c  viaide - ok
14:36:49.0547 0x127c  [ 2B7E885ED951519A12C450D24535DFCA, 249009EBC1D306D51FDFA4A89588462AA2D8B6DF0A20BE250B60DD73200CB7F3 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:36:49.0551 0x127c  volmgr - ok
14:36:49.0602 0x127c  [ CEC5AC15277D75D9E5DEC2E1C6EAF877, EA989E257C4409F9AF3B35C4D7ED9134D930FE3733B077C4F3AA5497796F2CB0 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:36:49.0614 0x127c  volmgrx - ok
14:36:49.0742 0x127c  [ 582F710097B46140F5A89A19A6573D4B, 6F695B17BF476D027D3012352F3D4DFD0E0815823DA51A136767ECEF6D64A1CA ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:36:49.0749 0x127c  volsnap - ok
14:36:49.0757 0x127c  vosr - ok
14:36:49.0913 0x127c  [ A68F455ED2673835209318DD61BFBB0E, 8B2B255E8E2F8B415F7AC0F7F4C423F639DD47737F7CEE0F7C816D9A6893C5F7 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
14:36:49.0919 0x127c  vsmraid - ok
14:36:50.0017 0x127c  [ B75232DAD33BFD95BF6F0A3E6BFF51E1, A8120040F144AD42A39347A615F31BF752634994D4D134E2FAD23FEA9C1D71DF ] VSS             C:\Windows\system32\vssvc.exe
14:36:50.0065 0x127c  VSS - ok
14:36:50.0190 0x127c  [ F14A7DE2EA41883E250892E1E5230A9A, EBCB74BE26437F6FE84A3B41AD034F451D4BD12CA77D4C7A433DB912E7D31593 ] W32Time         C:\Windows\system32\w32time.dll
14:36:50.0204 0x127c  W32Time - ok
14:36:50.0259 0x127c  [ FEF8FE5923FEAD2CEE4DFABFCE3393A7, D682FBF78CF987609AF35A019E7C90CBE02800D7DFC272FFDD71D82AA362FA7A ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
14:36:50.0270 0x127c  WacomPen - ok
14:36:50.0304 0x127c  [ B8E7049622300D20BA6D8BE0C47C0CFD, 57CF218D1F7D505E354A15C552D94E3C5A68C2B07D7A76EBB0C87A0BFF5772D9 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
14:36:50.0308 0x127c  Wanarp - ok
14:36:50.0315 0x127c  [ B8E7049622300D20BA6D8BE0C47C0CFD, 57CF218D1F7D505E354A15C552D94E3C5A68C2B07D7A76EBB0C87A0BFF5772D9 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:36:50.0317 0x127c  Wanarpv6 - ok
14:36:50.0454 0x127c  [ B4E4C37D0AA6100090A53213EE2BF1C1, 67107F542F3C937FA5D9B28BA2EBFE994FFE287F16C0BFCF79AD20B95C13F78B ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:36:50.0526 0x127c  wcncsvc - ok
14:36:50.0622 0x127c  [ EA4B369560E986F19D93F45A881484AC, B61411D64901C9CB8C80402CD1E8808F5A0FACA38206C8D584C7C1019F5ADF5A ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:36:50.0626 0x127c  WcsPlugInService - ok
14:36:50.0682 0x127c  [ 0C17A0816F65B89E362E682AD5E7266E, 6233213D07B234056A1EC6FE1166A65371645269132B428FF3A29DDC0000301A ] Wd              C:\Windows\system32\drivers\wd.sys
14:36:50.0685 0x127c  Wd - ok
14:36:50.0770 0x127c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:36:50.0857 0x127c  Wdf01000 - ok
14:36:50.0923 0x127c  [ C5EFDA73EBFCA8B02A094898DE0A9276, DE54E06CBE20EB27D88B29C3AE19CDFA0AE4933D6DCD640912C74A1065C9391C ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:36:50.0927 0x127c  WdiServiceHost - ok
14:36:50.0933 0x127c  [ C5EFDA73EBFCA8B02A094898DE0A9276, DE54E06CBE20EB27D88B29C3AE19CDFA0AE4933D6DCD640912C74A1065C9391C ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:36:50.0937 0x127c  WdiSystemHost - ok
14:36:51.0001 0x127c  [ 3E6D05381CF35F75EBB055544A8ED9AC, BEC43932BD6C34406B8850E28178B937BFD9512E49FD9F8C54DA7EE272B478A9 ] WebClient       C:\Windows\System32\webclnt.dll
14:36:51.0008 0x127c  WebClient - ok
14:36:51.0151 0x127c  [ 8D40BC587993F876658BF9FB0F7D3462, 23748E11F5CCE3D4978D748780283FA5A1154F53FF70D924CB2128FF8A4705F7 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:36:51.0218 0x127c  Wecsvc - ok
14:36:51.0272 0x127c  [ 9C980351D7E96288EA0C23AE232BD065, BA627B04C4259716B451F421F5310A69D8DE9407DE496AA0489139125E9DC16A ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:36:51.0276 0x127c  wercplsupport - ok
14:36:51.0359 0x127c  [ 66B9ECEBC46683F47EDC06333C075FEF, 35C33596D97DB65DE0A687644E9AD924AD5FCBAFD83FE4D23E7E58EF4BC4CC87 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:36:51.0408 0x127c  WerSvc - ok
14:36:51.0590 0x127c  WinDefend - ok
14:36:51.0730 0x127c  WinHttpAutoProxySvc - ok
14:36:52.0124 0x127c  [ D2E7296ED1BD26D8DB2799770C077A02, B494719C2DEB7B9D2505866868143C4E4F59B88461920AA49BD9F1251B6571B8 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:36:52.0134 0x127c  Winmgmt - ok
14:36:52.0322 0x127c  [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869, 22D53818F4A4ACE441E121151CFD7CB1EDF5E8303DF9E113C9BB304B418A96EF ] WinRM           C:\Windows\system32\WsmSvc.dll
14:36:52.0388 0x127c  WinRM - ok
14:36:52.0512 0x127c  [ EC339C8115E91BAED835957E9A677F16, 3BBE6D4F1731198E8F0CFEE67C4CCA5C31E6968F8E02EF9E029C1847A26F513B ] Wlansvc         C:\Windows\System32\wlansvc.dll
14:36:52.0543 0x127c  Wlansvc - ok
14:36:52.0619 0x127c  [ E18AEBAAA5A773FE11AA2C70F65320F5, 9E2F6FC0F46D0EEEBF4BC1E3D8800B3D268079ABF8EDDD70CD21B789883D7390 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
14:36:52.0623 0x127c  WmiAcpi - ok
14:36:52.0707 0x127c  [ 21FA389E65A852698B6A1341F36EE02D, 2D60911EAAE26C4CE3DEF4FAD1EDE093F912209AA90741AAA8B93F06B37DF605 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:36:52.0714 0x127c  wmiApSrv - ok
14:36:52.0807 0x127c  WMPNetworkSvc - ok
14:36:52.0901 0x127c  [ CBC156C913F099E6680D1DF9307DB7A8, FD8B227F445679E31048CA41442A978A98F267FED96E22C235F63C72AEEE2AB0 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:36:52.0906 0x127c  WPCSvc - ok
14:36:53.0060 0x127c  [ 490A18B4E4D53DC10879DEAA8E8B70D9, D069D8C22CF78A0970E85C0B9879E08FF19458FAA75AE447BCF9236731F64252 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:36:53.0065 0x127c  WPDBusEnum - ok
14:36:53.0119 0x127c  [ 5E2401B3FC1089C90E081291357371A9, 224D378EEBFB721CBC24896CAE01B31DC54B6ED82C19C5B954E96D5E98B83C59 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
14:36:53.0123 0x127c  WpdUsb - ok
14:36:53.0515 0x127c  [ B42B9D8ABC18DFBCD6044BC10B3A9B99, FD00756DADD3BFC382FC80D7D1D25592385E647C7EAC318C154E949A51D9DC27 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
14:36:53.0544 0x127c  WPFFontCache_v0400 - ok
14:36:53.0695 0x127c  [ 8A900348370E359B6BFF6A550E4649E1, 3EAD0B951EAF8E940ED6A79FAAAB7D22ACCF3985795F80206A3A07161D319B39 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:36:53.0696 0x127c  ws2ifsl - ok
14:36:53.0786 0x127c  [ 9EA3E6D0EF7A5C2B9181961052A4B01A, F39BAF1FC7DD1600C0052C2A6AA3BCBC8CA3DA96D1AC7B42B0F2810D051EE1B0 ] wscsvc          C:\Windows\System32\wscsvc.dll
14:36:53.0792 0x127c  wscsvc - ok
14:36:53.0801 0x127c  WSearch - ok
14:36:54.0003 0x127c  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
14:36:54.0078 0x127c  wuauserv - ok
14:36:54.0154 0x127c  [ 501A65252617B495C0F1832F908D54D8, CB18A80EAB2F23579D1D38B12CD04CF579C6D0B73127A1E88305CC0488D40B2C ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
14:36:54.0164 0x127c  WUDFRd - ok
14:36:54.0227 0x127c  [ 6CBD51FF913C851D56ED9DC7F2A27DDE, 736C66A944F3D37464052211B2728AD53D31CB631CD33B9E094C00D76BF17399 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:36:54.0231 0x127c  wudfsvc - ok
14:36:54.0293 0x127c  ================ Scan global ===============================
14:36:54.0347 0x127c  [ 060DC3A7A9A2626031EB23D90151428D, 4AADA06E83603E9D4894D6CFC8DADB018307B384F438C809D4BC8E22BD937C3B ] C:\Windows\system32\basesrv.dll
14:36:54.0386 0x127c  [ D665D594B7E11133D29D726BDDC7A5B0, 8EE45E719ACB23F388F2BE7E4311588E90DE7CF50988927CF0FED36DE380FACB ] C:\Windows\system32\winsrv.dll
14:36:54.0423 0x127c  [ D665D594B7E11133D29D726BDDC7A5B0, 8EE45E719ACB23F388F2BE7E4311588E90DE7CF50988927CF0FED36DE380FACB ] C:\Windows\system32\winsrv.dll
14:36:54.0544 0x127c  [ 934E0B7D77FF78C18D9F8891221B6DE3, BB1ACD3CD6482D8B7C5931E8733B8094D2CE59C4FBC4012BD0799C8DC367FB74 ] C:\Windows\system32\services.exe
14:36:54.0559 0x127c  [ Global ] - ok
14:36:54.0564 0x127c  ================ Scan MBR ==================================
14:36:54.0596 0x127c  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
14:36:55.0050 0x127c  \Device\Harddisk0\DR0 - ok
14:36:55.0055 0x127c  [ 8913823FF508CCF109DB74B636C301DA ] \Device\Harddisk1\DR1
14:36:55.0288 0x127c  \Device\Harddisk1\DR1 - ok
14:36:55.0294 0x127c  ================ Scan VBR ==================================
14:36:55.0321 0x127c  [ 2B243CB14BA4A62FB5CDC2E5AE394FC2 ] \Device\Harddisk0\DR0\Partition1
14:36:55.0464 0x127c  \Device\Harddisk0\DR0\Partition1 - ok
14:36:55.0502 0x127c  [ 6C781204E31E168D82FA711C0D60F6C3 ] \Device\Harddisk0\DR0\Partition2
14:36:55.0517 0x127c  \Device\Harddisk0\DR0\Partition2 - ok
14:36:55.0525 0x127c  [ 4D981D76AE3173C1B43365B8EA5F7D4A ] \Device\Harddisk1\DR1\Partition1
14:36:55.0562 0x127c  \Device\Harddisk1\DR1\Partition1 - ok
14:36:55.0583 0x127c  [ 76BA5CB30ADAB7E4BF9D9BAB0F97B49D ] \Device\Harddisk1\DR1\Partition2
14:36:55.0593 0x127c  \Device\Harddisk1\DR1\Partition2 - ok
14:36:55.0593 0x127c  ================ Scan generic autorun ======================
14:36:55.0772 0x127c  Windows Defender - ok
14:36:55.0817 0x127c  [ 69B16C7B7746BA5C642FC05B3561FC73, 0DECEB6B1B7A2DD1F13133AC7328FF420DAD4610CEE1FA7466E8E0F6BAA39116 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
14:36:55.0819 0x127c  Adobe Reader Speed Launcher - ok
14:36:55.0875 0x127c  [ B2387FD351A3D4780A917E4C00A83310, D23AADD424B1FC3D2C3A388252EEDA05F9B05922472A74E0CF4EEE7E005EADE1 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
14:36:55.0913 0x127c  iTunesHelper - ok
14:36:56.0042 0x127c  [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
14:36:56.0047 0x127c  SunJavaUpdateSched - ok
14:36:56.0634 0x127c  [ C8F0DCA0E032881B6C4422B502194629, 32996D4C0578FA9A12F3BD205F69E5357A31FBD2C9AC47DA2AB8D77196E587B1 ] C:\Program Files (x86)\AVG\AVG2014\avgui.exe
14:36:56.0805 0x127c  AVG_UI - ok
14:36:58.0211 0x127c  [ C5B588624FBF72ACA41E2EE0590843E0, 7B97C5D5F94C811BFA554B10CD6E644D7C2C27B953EE1FE00748DEFD0E0BE9CF ] C:\Users\Twins\AppData\Local\fst_us_83\upfst_us_83.exe
14:36:58.0330 0x127c  upfst_us_83.exe - ok
14:36:58.0545 0x127c  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:36:58.0587 0x127c  Sidebar - ok
14:36:58.0594 0x127c  WindowsWelcomeCenter - ok
14:36:58.0678 0x127c  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:36:58.0701 0x127c  Sidebar - ok
14:36:58.0708 0x127c  WindowsWelcomeCenter - ok
14:36:58.0713 0x127c  WindowsWelcomeCenter - ok
14:36:58.0715 0x127c  MobileAppSync - ok
14:36:58.0745 0x127c  Skype - ok
14:36:58.0995 0x127c  [ 2DBE29364339131BC03AAC549CB1BDF6, 002B41E53E542312EF33FD9E93156C717E75C14406EC1E9757B7F8B9844CF8BE ] C:\Users\Twins\AppData\Roaming\BitTorrent\BitTorrent.exe
14:36:59.0034 0x127c  BitTorrent - ok
14:36:59.0254 0x127c  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:36:59.0276 0x127c  Sidebar - ok
14:36:59.0284 0x127c  WindowsWelcomeCenter - ok
14:36:59.0285 0x127c  Waiting for KSN requests completion. In queue: 39
14:37:00.0285 0x127c  Waiting for KSN requests completion. In queue: 39
14:37:01.0285 0x127c  Waiting for KSN requests completion. In queue: 39
14:37:02.0333 0x127c  AV detected via SS2: AVG AntiVirus Free Edition 2014, C:\Program Files (x86)\AVG\AVG2014\avgwsc.exe ( 14.0.0.4592 ), 0x41000 ( enabled : updated )
14:37:02.0365 0x127c  Win FW state via NFP2: enabled
14:37:04.0912 0x127c  ============================================================
14:37:04.0912 0x127c  Scan finished
14:37:04.0912 0x127c  ============================================================
14:37:04.0928 0x0514  Detected object count: 0
14:37:04.0928 0x0514  Actual detected object count: 0
 

Link to post
Share on other sites
Hunter2222

Hunter2222

Posted
  • Author
Posted

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-06-2014 01
Ran by Twins at 2014-06-11 23:44:13
Running from C:\Users\Twins\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A90000000001}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.4.634 - Adobe Systems, Inc.)
APB Reloaded (HKLM-x32\...\Steam App 113400) (Version:  - Reloaded Productions)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4592 - AVG Technologies)
AVG 2014 (Version: 14.0.3955 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4592 - AVG Technologies) Hidden
BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.9.9 - BitRaider, LLC)
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.2.31638 - BitTorrent Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.08 - Piriform)
Empire Earth (HKLM-x32\...\{2447500B-22D7-47BD-9B13-1A927F43A267}) (Version:  - )
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
IdleCrawler (HKLM-x32\...\IdleCrawler) (Version: 35.0.0.84 - Internet Deep Research Foundation) <==== ATTENTION
iTunes (HKLM\...\{F73A118B-8271-47E2-8790-0C636B2539C5}) (Version: 11.1.0.126 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java 6 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416031FF}) (Version: 6.0.310 - Oracle)
Java 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 - English (HKLM-x32\...\{90140011-0061-0409-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version:  - )
NVIDIA 3D Vision Controller Driver (x32 Version: 280.19 - NVIDIA Corporation) Hidden
NVIDIA 3D Vision Controller Driver 280.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 280.19 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Control Panel 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.108.688 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.10.0514 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
Portforward Static IP Address 1.0.47 (HKLM-x32\...\Portforward Static IP Address) (Version: 1.0.47 - Portforward.com)
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2151.6 - Hi-Rez Studios)
Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 7.0.0.40 - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Supporter 1.80 (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{be0fb33b}) (Version:  - Costmin) <==== ATTENTION
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab CYRI (HKLM-x32\...\{E5F05232-96B6-4552-A480-785A60A94B21}) (Version: 5.0.6.0 - Husdawg, LLC)
System Update kb70007 (x32 Version: 1.0.0 - MRS) Hidden
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TERA (HKLM-x32\...\{0FCDA0F8-F3E5-402E-B9B6-13CB2B01182B}) (Version: 1.6 - En Masse Entertainment)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM-x32\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812NA}_is1) (Version:  - Wargaming.net)

==================== Restore Points  =========================

09-06-2014 23:41:59 Scheduled Checkpoint
10-06-2014 02:32:22 Restore Operation
10-06-2014 03:06:46 Restore Operation
10-06-2014 18:12:12 Removed Adobe Reader 9.
11-06-2014 10:01:03 Scheduled Checkpoint

==================== Hosts content: ==========================

2006-11-02 08:34 - 2014-05-02 22:22 - 00450628 ___RA C:\Windows\system32\Drivers\etc\hosts
127.0.0.1    localhost
127.0.0.1    www.007guard.com
127.0.0.1    007guard.com
127.0.0.1    008i.com
127.0.0.1    www.008k.com
127.0.0.1    008k.com
127.0.0.1    www.00hq.com
127.0.0.1    00hq.com
127.0.0.1    010402.com
127.0.0.1    www.032439.com
127.0.0.1    032439.com
127.0.0.1    www.0scan.com
127.0.0.1    0scan.com
127.0.0.1    1000gratisproben.com
127.0.0.1    www.1000gratisproben.com
127.0.0.1    1001namen.com
127.0.0.1    www.1001namen.com
127.0.0.1    100888290cs.com
127.0.0.1    www.100888290cs.com
127.0.0.1    www.100sexlinks.com
127.0.0.1    100sexlinks.com
127.0.0.1    10sek.com
127.0.0.1    www.10sek.com
127.0.0.1    www.1-2005-search.com
127.0.0.1    1-2005-search.com
127.0.0.1    123fporn.info
127.0.0.1    www.123fporn.info
127.0.0.1    123haustiereundmehr.com
127.0.0.1    www.123haustiereundmehr.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {0AEAFAF6-F116-4A60-AFB4-C8B755A6E975} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {0CBC4A36-353C-425E-B730-4FA308499E31} - System32\Tasks\GPUpdateCheck => C:\Program Files (x86)\GetPrivate\gpup.exe [2014-06-09] ()
Task: {192DDA2D-5815-47B8-983F-65744FEEC03A} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {19C4767B-414A-4AD4-B365-4E594F31924D} - System32\Tasks\Microsoft\Windows\Maintenance\IdleCrawler Update => %LOCALAPPDATA%\IdleCrawler\IdleCrawler.exe <==== ATTENTION
Task: {254095AE-FB97-48EA-94A5-D8BF2AB79714} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-20] (Microsoft Corporation)
Task: {4D1EBDA2-D0E5-4D4A-830C-DF23C166703E} - System32\Tasks\DTReg => C:\Users\Twins\AppData\Roaming\defaulttab\defaulttab\DTReg.exe <==== ATTENTION
Task: {6AC0B13B-77EA-43BD-B1B6-5AFFB0989889} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {6B16E210-B65C-457B-824C-DF99624E7248} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)
Task: {740E6305-CED7-4A98-9527-3CA32D28A572} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)
Task: {753B2E53-FA29-4D82-93AB-1DDA03F64C37} - System32\Tasks\{7E0B3D46-A349-4B5C-8D3A-B29D13704B6A} => Firefox.exe http://ui.skype.com/ui/0/6.16.0.105/en/abandoninstall?page=tsProgressBar
Task: {7ACC5419-445E-4429-A491-CE1D5FCA3340} - System32\Tasks\IdleCrawler Runner => %LOCALAPPDATA%\IdleCrawler\IdleCrawler.exe <==== ATTENTION
Task: {7C638E5B-ECE5-4424-A7E5-2C913CA682E9} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {975B871F-AC59-4C02-883B-DD7646B3119D} - System32\Tasks\DTChk => C:\Users\Public\Util\DTChk.exe
Task: {A4DEEB13-31A0-4086-A495-16A90C46A76A} - System32\Tasks\pcreg => C:\Program Files\pcmax\service.exe <==== ATTENTION
Task: {AA1777E9-EF04-450C-841A-F32E05CEDA16} - System32\Tasks\GPUpdate => C:\Program Files (x86)\GetPrivate\gpup.exe [2014-06-09] ()
Task: {ABEEC1AF-8C00-4F62-8D2A-2E194DDE411D} - System32\Tasks\{14FE9E67-2288-43B8-A8D7-B08AA0B53B96} => Firefox.exe http://ui.skype.com/ui/0/6.16.0.105/en/abandoninstall?page=tsProgressBar
Task: {D82CFB5D-BDD1-455A-A596-6F55EFC5BDA8} - System32\Tasks\PC Optimizer Pro64 startups => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION
Task: {E91D6474-70CC-42BE-80FF-8BED8AF557ED} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-20] ()
Task: {FF7C57F2-D48F-4F4A-915A-CDE2732808E0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\PC Optimizer Pro64 startups.job => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION
Task: C:\Windows\Tasks\pcreg.job => C:\Program Files\pcmax\service.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2014-06-07 02:37 - 2014-05-29 17:59 - 00029184 _____ () C:\Users\Twins\AppData\Roaming\MRS\SystemUpdatekb70007\WindowsUpdater.exe
2014-06-07 02:37 - 2014-05-29 17:59 - 02322944 _____ () C:\Users\Twins\AppData\Local\MRS\svcsystem.exe
2014-06-06 01:55 - 2014-05-29 10:19 - 03268048 _____ () C:\Users\Twins\AppData\Local\fst_us_83\upfst_us_83.exe
2014-06-07 02:37 - 2014-05-29 17:59 - 00017920 _____ () C:\Users\Twins\AppData\Roaming\MRS\SystemUpdatekb70007\ConfigurationData.dll
2014-06-07 02:37 - 2014-05-29 17:59 - 00013824 _____ () C:\Users\Twins\AppData\Roaming\MRS\SystemUpdatekb70007\BaseLibrary.dll
2014-06-07 02:37 - 2014-05-29 17:59 - 00015360 _____ () C:\Users\Twins\AppData\Roaming\MRS\SystemUpdatekb70007\Installer.dll
2014-06-07 02:37 - 2014-05-29 17:59 - 00054784 _____ () C:\Users\Twins\AppData\Roaming\MRS\SystemUpdatekb70007\InstallerLibrary.dll
2014-06-07 02:37 - 2014-05-29 17:59 - 00017920 _____ () C:\Users\Twins\AppData\Local\MRS\ConfigurationData.dll
2014-06-07 02:37 - 2014-05-29 17:59 - 00013824 _____ () C:\Users\Twins\AppData\Local\MRS\BaseLibrary.dll
2014-06-10 15:14 - 2014-06-10 15:15 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-05-13 05:51 - 2014-05-13 05:51 - 16361136 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:373E1720

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============

Name: USB Wireless 802.11 b/g Adaptor
Description: USB Wireless 802.11 b/g Adaptor
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Lite-On
Service: netr7364
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/11/2014 05:36:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application Wow.exe, version 3.3.5.12340, time stamp 0x4c2452fe, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x00000000,
process id 0x10bc, application start time 0xWow.exe0.

Error: (06/11/2014 02:40:20 PM) (Source: Software Licensing Service) (EventID: 8198) (User: )
Description: License Activation (SLUI.exe) failed with the following error code:
0x80070057

Error: (06/10/2014 06:45:50 PM) (Source: Software Licensing Service) (EventID: 8198) (User: )
Description: License Activation (SLUI.exe) failed with the following error code:
0x80070057

Error: (06/09/2014 11:19:15 PM) (Source: Software Licensing Service) (EventID: 8198) (User: )
Description: License Activation (SLUI.exe) failed with the following error code:
0x80070057

Error: (06/09/2014 11:17:37 PM) (Source: System Restore) (EventID: 8209) (User: )
Description: An unspecified error occurred during System Restore: (Restore Operation). Additional information: .

Error: (06/09/2014 10:50:44 PM) (Source: Software Licensing Service) (EventID: 8198) (User: )
Description: License Activation (SLUI.exe) failed with the following error code:
0x80070057

Error: (06/09/2014 08:29:16 PM) (Source: Software Licensing Service) (EventID: 8198) (User: )
Description: License Activation (SLUI.exe) failed with the following error code:
0x80070057

Error: (06/09/2014 05:16:21 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\GUEST\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\OMABCAFEPEAFKCJMJEMONDIOCFGFIEOJ\2.2> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (06/09/2014 05:16:21 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\OMABCAFEPEAFKCJMJEMONDIOCFGFIEOJ\2.2> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (06/09/2014 01:25:19 AM) (Source: Software Licensing Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (SLUINotify.dll) failed with the following error code:
0x80080005


System errors:
=============
Error: (06/11/2014 05:15:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: NVIDIA Update Service Daemon%%1069

Error: (06/11/2014 05:15:21 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: nvUpdatusService.\UpdatusUser%%1330

Error: (06/11/2014 05:13:14 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: cdrom

Error: (06/11/2014 05:12:58 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Client Virtualization HandlerApplication Virtualization Client%%1053

Error: (06/11/2014 05:12:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Application Virtualization Client%%1053

Error: (06/11/2014 05:12:58 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Application Virtualization Client

Error: (06/11/2014 05:12:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Service Component of VO%%3

Error: (06/11/2014 05:12:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Apple Mobile Device%%1053

Error: (06/11/2014 05:12:58 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Apple Mobile Device

Error: (06/11/2014 05:11:42 AM) (Source: Ntfs) (EventID: 137) (User: )
Description: The default transaction resource manager on volume D: encountered a non-retryable error and could not start.  The data contains the error code.


Microsoft Office Sessions:
=========================
Error: (06/11/2014 05:36:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Wow.exe3.3.5.123404c2452feunknown0.0.0.000000000c00000050000000010bc01cf85afd57469e9

Error: (06/11/2014 02:40:20 PM) (Source: Software Licensing Service) (EventID: 8198) (User: )
Description: 0x80070057

Error: (06/10/2014 06:45:50 PM) (Source: Software Licensing Service) (EventID: 8198) (User: )
Description: 0x80070057

Error: (06/09/2014 11:19:15 PM) (Source: Software Licensing Service) (EventID: 8198) (User: )
Description: 0x80070057

Error: (06/09/2014 11:17:37 PM) (Source: System Restore) (EventID: 8209) (User: )
Description: Restore Operation

Error: (06/09/2014 10:50:44 PM) (Source: Software Licensing Service) (EventID: 8198) (User: )
Description: 0x80070057

Error: (06/09/2014 08:29:16 PM) (Source: Software Licensing Service) (EventID: 8198) (User: )
Description: 0x80070057

Error: (06/09/2014 05:16:21 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\GUEST\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\OMABCAFEPEAFKCJMJEMONDIOCFGFIEOJ\2.2

Error: (06/09/2014 05:16:21 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\OMABCAFEPEAFKCJMJEMONDIOCFGFIEOJ\2.2

Error: (06/09/2014 01:25:19 AM) (Source: Software Licensing Service) (EventID: 8193) (User: )
Description: 0x80080005


CodeIntegrity Errors:
===================================
  Date: 2014-06-11 23:44:03.698
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidsha.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-06-11 23:44:03.521
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidsha.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-06-11 23:44:03.341
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidsha.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-06-11 23:44:03.160
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidsha.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-06-11 23:44:02.978
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidsha.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-06-11 23:44:02.798
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidsha.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-06-11 23:44:02.617
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidsha.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-06-11 23:44:02.437
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidsha.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-06-11 23:44:02.235
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidsdrivera.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-06-11 23:44:02.055
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidsdrivera.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 56%
Total physical RAM: 3069.76 MB
Available physical RAM: 1334.91 MB
Total Pagefile: 6369.55 MB
Available Pagefile: 3959.02 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:289.14 GB) (Free:79.65 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:8.95 GB) (Free:8.85 GB) NTFS
Drive e: () (Fixed) (Total:8.95 GB) (Free:8.85 GB) NTFS
Drive f: () (Fixed) (Total:289.13 GB) (Free:289 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 5CC239DD)
Partition 1: (Active) - (Size=289 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 298 GB) (Disk ID: 6983D6E7)
Partition 1: (Not Active) - (Size=289 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=9 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Link to post
Share on other sites
Psychotic

Psychotic

Posted
Posted

Going over your logs I noticed that you have BitTorrent installed.

  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.

It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall BitTorrent, however that choice is up to you. If you choose to remove these programs, you can do so via Start > Control Panel > Add/Remove Programs.
If you wish to keep it, please do not use it until your computer is cleaned.

 

 

 

 

Add-/remove programms

Click on start-->control panel.

Vista/7: Open Programs and Features
XP: Open add/remove programs

Search for and remove the following programs
 

IdleCrawler
Supporter 1.80
 


Close the window.

 

 

 

 

Fix with FRST (normal mode)

WARNING: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
 

  • Download the attached fixlist.txt and save it to the location where FRST is saved to.
  • Run FRST.exe (on 64bit, run FRST64.exe) and press the Fix button just once and wait.
  • The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply.

 

 

 

 

Full System Scan with Malwarebytes Antimalware
 

  • If not existing, please download Malwarebytes Anti-Malware to your desktop.
  • Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.

If the program is already installed:

  • Run Malwarebytes Antimalware
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

 

 

 

 

fixlist.txt

Link to post
Share on other sites
Hunter2222

Hunter2222

Posted
  • Author
Posted

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-06-2014
Ran by Twins at 2014-06-17 12:38:30 Run:1
Running from C:\Users\Twins\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM-x32\...\RunOnce: [upfst_us_83.exe] - C:\Users\Twins\AppData\Local\fst_us_83\upfst_us_83.exe -runonce [3268048 2014-05-29] ()
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\PROGRA~2\SupTab\SEARCH~2.DLL File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => C:\Program Files (x86)\SupTab\SearchProtect32.dll [91248 2014-05-08] (Skytech Co., Ltd.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
ProxyServer: http=127.0.0.1:8118;https=127.0.0.1:8118
URLSearchHook: HKCU - (No Name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No File
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.condui...&ctid=CT2790392
SearchScopes: HKCU - DefaultScope {92A9831E-49D0-48FE-8092-0507586674D7} URL = http://start.funmood...q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {92A9831E-49D0-48FE-8092-0507586674D7} URL = http://start.funmood...q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.condui...&ctid=CT2790392
BHO: CostMin - {006846C3-6F78-DB49-910E-F4DAF29997DF} - C:\Program Files (x86)\CostMin\mJtw9vw0_g.x64.dll No File
Toolbar: HKCU - No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} -  No File
FF HKCU\...\Firefox\Extensions: [sp2@sp.com] - C:\Program Files (x86)\Social Privacy\FF\
Task: {0CBC4A36-353C-425E-B730-4FA308499E31} - System32\Tasks\GPUpdateCheck => C:\Program Files (x86)\GetPrivate\gpup.exe [2014-06-09] ()
Task: {19C4767B-414A-4AD4-B365-4E594F31924D} - System32\Tasks\Microsoft\Windows\Maintenance\IdleCrawler Update => %LOCALAPPDATA%\IdleCrawler\IdleCrawler.exe <==== ATTENTION
Task: {4D1EBDA2-D0E5-4D4A-830C-DF23C166703E} - System32\Tasks\DTReg => C:\Users\Twins\AppData\Roaming\defaulttab\defaulttab\DTReg.exe <==== ATTENTION
Task: {7ACC5419-445E-4429-A491-CE1D5FCA3340} - System32\Tasks\IdleCrawler Runner => %LOCALAPPDATA%\IdleCrawler\IdleCrawler.exe <==== ATTENTION
Task: {A4DEEB13-31A0-4086-A495-16A90C46A76A} - System32\Tasks\pcreg => C:\Program Files\pcmax\service.exe <==== ATTENTION
Task: {D82CFB5D-BDD1-455A-A596-6F55EFC5BDA8} - System32\Tasks\PC Optimizer Pro64 startups => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION
Task: {AA1777E9-EF04-450C-841A-F32E05CEDA16} - System32\Tasks\GPUpdate => C:\Program Files (x86)\GetPrivate\gpup.exe [2014-06-09] ()
Task: C:\Windows\Tasks\PC Optimizer Pro64 startups.job => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION
Task: C:\Windows\Tasks\pcreg.job => C:\Program Files\pcmax\service.exe <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:373E1720

CHR HKLM-x32\...\Chrome\Extension: [gjpcgbjoinhnojhpapcjckeooahpcleb] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3838\ch\MediaViewV1alpha3838.crx [2014-02-27]
CHR HKLM-x32\...\Chrome\Extension: [kbcknkbofkmhgcemmndopfhfpcmcjpkg] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha7191\ch\MediaViewerV1alpha7191.crx [2014-02-27]
CHR HKLM-x32\...\Chrome\Extension: [kfedpadljnihlijmjdebmegbbhilhihk] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home3385\ch\MediaWatchV1home3385.crx [2014-02-27]
CHR HKLM-x32\...\Chrome\Extension: [mhfdcmehmjcclgopdodkjdicohagipid] - C:\Users\Twins\AppData\Local\Temp\crx8863.tmp [2014-02-27]
CHR HKLM-x32\...\Chrome\Extension: [pknkgbegokklcebhknklnjhhelcjobjc] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3401\ch\MediaViewV1alpha3401.crx [2014-02-27]

R2 SystemUpdatekb70007; C:\Users\Twins\AppData\Roaming\MRS\SystemUpdatekb70007\WindowsUpdater.exe [29184 2014-05-29] () [File not signed]
S2 vosr; C:\Users\Twins\AppData\Roaming\VOPackage\VOsrv.exe [X]

C:\Users\Twins\AppData\Local\Temp(475)
C:\Program Files (x86)\GetPrivate
C:\Users\Twins\AppData\Roaming\VOPackage
C:\Users\Twins\AppData\Local\Temp
C:\Program Files (x86)\MediaWatchV1
C:\Program Files (x86)\MediaViewerV1
C:\Program Files (x86)\MediaViewV1
C:\Program Files (x86)\Social Privacy
C:\Program Files (x86)\CostMin
C:\Users\Twins\AppData\Local\fst_us_83
2014-06-07 02:38 - 2014-06-09 22:43 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-06-07 02:38 - 2014-06-09 22:43 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-06-07 02:37 - 2014-06-09 23:13 - 00000000 ____D () C:\Users\Twins\AppData\Local\MRS
2014-06-07 02:37 - 2014-06-09 22:44 - 00000000 ____D () C:\Users\Twins\AppData\Roaming\v9
2014-06-07 02:37 - 2014-06-09 22:44 - 00000000 ____D () C:\Users\Twins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-06-07 02:37 - 2014-06-09 22:43 - 00000000 ____D () C:\Program Files (x86)\Supporter
2014-06-07 02:37 - 2014-06-07 02:37 - 00000000 ____D () C:\Users\Twins\AppData\Roaming\MRS
2014-06-07 02:36 - 2014-06-09 23:13 - 00000000 ____D () C:\Users\Twins\AppData\Local\IdleCrawler
2014-06-07 02:36 - 2014-06-09 22:44 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Torch
2014-06-07 02:36 - 2014-06-09 22:44 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Chromatic Browser
2014-06-07 02:36 - 2014-06-09 22:44 - 00000000 ____D () C:\Users\Twins\AppData\Local\Torch
2014-06-07 02:36 - 2014-06-09 22:43 - 00000000 ____D () C:\Users\Twins\AppData\Local\Chromatic Browser
2014-06-07 02:36 - 2014-06-09 22:43 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
2014-06-07 02:36 - 2014-06-09 22:43 - 00000000 ____D () C:\Users\Guest\AppData\Local\Chromatic Browser
2014-06-07 02:36 - 2014-06-09 22:43 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-06-07 02:36 - 2014-06-09 22:43 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-06-07 02:36 - 2014-06-07 02:37 - 00000000 ____D () C:\Program Files (x86)\MRS
2014-06-07 02:36 - 2014-06-07 02:36 - 00004574 _____ () C:\Windows\System32\Tasks\IdleCrawler Runner
2014-06-06 01:55 - 2014-06-10 14:02 - 00000000 ____D () C:\Users\Twins\AppData\Local\fst_us_83
2014-06-06 01:55 - 2014-06-09 22:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\fst
2014-06-06 01:53 - 2014-06-10 06:51 - 00003476 _____ () C:\Windows\System32\Tasks\GPUpdateCheck
2014-06-06 01:53 - 2014-06-09 23:13 - 00000000 ____D () C:\Users\Twins\AppData\Roaming\wi_upd
2014-06-06 01:53 - 2014-06-09 22:51 - 00003218 _____ () C:\Windows\System32\Tasks\GPUpdate
2014-06-06 01:53 - 2014-06-09 22:44 - 00000000 ____D () C:\Users\Twins\AppData\Roaming\GetPrivate
2014-06-01 00:11 - 2014-06-10 06:51 - 00000270 _____ () C:\Windows\Tasks\pcreg.job
2014-06-01 00:11 - 2014-06-03 10:54 - 00000000 ____D () C:\Program Files\pcmax
2014-06-01 00:11 - 2014-06-01 00:11 - 00002898 _____ () C:\Windows\System32\Tasks\pcreg


*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\upfst_us_83.exe => value deleted successfully.
"C:\PROGRA~2\SupTab\SEARCH~2.DLL" => Value Data removed successfully.
"C:\PROGRA~2\SupTab\SEARCH~1.DLL" => Value Data removed successfully.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} => value deleted successfully.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}'=> Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}' => Key deleted successfully.
'HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}'=> Key not found.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{92A9831E-49D0-48FE-8092-0507586674D7}' => Key deleted successfully.
'HKCR\CLSID\{92A9831E-49D0-48FE-8092-0507586674D7}'=> Key not found.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}' => Key deleted successfully.
'HKCR\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}'=> Key not found.
'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{006846C3-6F78-DB49-910E-F4DAF29997DF}' => Key deleted successfully.
'HKCR\CLSID\{006846C3-6F78-DB49-910E-F4DAF29997DF}' => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{88C7F2AA-F93F-432C-8F0E-B7D85967A527} => value deleted successfully.
'HKCR\CLSID\{88C7F2AA-F93F-432C-8F0E-B7D85967A527}'=> Key not found.
HKCU\Software\Mozilla\Firefox\Extensions\\sp2@sp.com => value deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0CBC4A36-353C-425E-B730-4FA308499E31}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0CBC4A36-353C-425E-B730-4FA308499E31}' => Key deleted successfully.
C:\Windows\System32\Tasks\GPUpdateCheck => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GPUpdateCheck' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{19C4767B-414A-4AD4-B365-4E594F31924D}'=> Key not found.
C:\Windows\System32\Tasks\Microsoft\Windows\Maintenance\IdleCrawler Update not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Maintenance\IdleCrawler Update'=> Key not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4D1EBDA2-D0E5-4D4A-830C-DF23C166703E}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D1EBDA2-D0E5-4D4A-830C-DF23C166703E}' => Key deleted successfully.
C:\Windows\System32\Tasks\DTReg => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DTReg' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7ACC5419-445E-4429-A491-CE1D5FCA3340}'=> Key not found.
C:\Windows\System32\Tasks\IdleCrawler Runner not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IdleCrawler Runner'=> Key not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A4DEEB13-31A0-4086-A495-16A90C46A76A}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A4DEEB13-31A0-4086-A495-16A90C46A76A}' => Key deleted successfully.
C:\Windows\System32\Tasks\pcreg => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\pcreg' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D82CFB5D-BDD1-455A-A596-6F55EFC5BDA8}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D82CFB5D-BDD1-455A-A596-6F55EFC5BDA8}' => Key deleted successfully.
C:\Windows\System32\Tasks\PC Optimizer Pro64 startups => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC Optimizer Pro64 startups' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AA1777E9-EF04-450C-841A-F32E05CEDA16}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AA1777E9-EF04-450C-841A-F32E05CEDA16}' => Key deleted successfully.
C:\Windows\System32\Tasks\GPUpdate => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GPUpdate' => Key deleted successfully.
C:\Windows\Tasks\PC Optimizer Pro64 startups.job => Moved successfully.
C:\Windows\Tasks\pcreg.job => Moved successfully.
C:\ProgramData\TEMP => ":373E1720" ADS removed successfully.
'HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gjpcgbjoinhnojhpapcjckeooahpcleb' => Key deleted successfully.
"C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3838\ch\MediaViewV1alpha3838.crx" => File/Directory not found.
'HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kbcknkbofkmhgcemmndopfhfpcmcjpkg' => Key deleted successfully.
"C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha7191\ch\MediaViewerV1alpha7191.crx" => File/Directory not found.
'HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kfedpadljnihlijmjdebmegbbhilhihk' => Key deleted successfully.
"C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home3385\ch\MediaWatchV1home3385.crx" => File/Directory not found.
'HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mhfdcmehmjcclgopdodkjdicohagipid' => Key deleted successfully.
"C:\Users\Twins\AppData\Local\Temp\crx8863.tmp" => File/Directory not found.
'HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pknkgbegokklcebhknklnjhhelcjobjc' => Key deleted successfully.
"C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3401\ch\MediaViewV1alpha3401.crx" => File/Directory not found.
SystemUpdatekb70007 => Unable to stop service
SystemUpdatekb70007 => Service deleted successfully.
vosr => Service deleted successfully.
C:\Users\Twins\AppData\Local\Temp(475) => Moved successfully.
C:\Program Files (x86)\GetPrivate => Moved successfully.
"C:\Users\Twins\AppData\Roaming\VOPackage" => File/Directory not found.

"C:\Users\Twins\AppData\Local\Temp" directory move:

C:\Users\Twins\AppData\Local\Temp\CVHLauncher(201406101444091168).log => Moved successfully.
Could not move "C:\Users\Twins\AppData\Local\Temp\etilqs_73YD4iKAeYHMIZd" => Scheduled to move on reboot.
Could not move "C:\Users\Twins\AppData\Local\Temp\etilqs_NpLbhC1y6PpZ0Qb" => Scheduled to move on reboot.
C:\Users\Twins\AppData\Local\Temp\GPUpd53978C4D0.exe => Moved successfully.
C:\Users\Twins\AppData\Local\Temp\GPUpd5398C69C0.exe => Moved successfully.
C:\Users\Twins\AppData\Local\Temp\JavaDeployReg.log => Moved successfully.
C:\Users\Twins\AppData\Local\Temp\jusched.log => Moved successfully.
C:\Users\Twins\AppData\Local\Temp\Twins.bmp => Moved successfully.
C:\Users\Twins\AppData\Local\Temp\ws => Moved successfully.
C:\Users\Twins\AppData\Local\Temp\~nsu.tmp\Au_.exe => Moved successfully.
C:\Users\Twins\AppData\Local\Temp\{9BB410CE-CEF9-4F96-A450-5664FD03A1DF}\{60BB6A24-C313-4752-BF21-8C31F932C751}\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\4.2014.411.0_0\native-src\bit\ext\core\components\campaign-attribution\ubp-feature-campaign-attribution.js not found.
C:\Users\Twins\AppData\Local\Temp\{9BB410CE-CEF9-4F96-A450-5664FD03A1DF}\{0A89BA2D-8896-4A75-A3D6-AF3637FE3AC4}\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\4.2014.411.0_0\native-src\bit\ext\core\components\campaign-attribution\ubp-feature-campaign-attribution.js not found.
C:\Users\Twins\AppData\Local\Temp\Skype\gilasterr.log => Moved successfully.
Could not move "C:\Users\Twins\AppData\Local\Temp\Skype\DbTemp\temp-1ItQpMIjaXMU8b9X0WIr1hZb" => Scheduled to move on reboot.
Could not move "C:\Users\Twins\AppData\Local\Temp\Skype\DbTemp\temp-xe0eH0owaXLLhfViqxnCcPsn" => Scheduled to move on reboot.
Could not move "C:\Users\Twins\AppData\Local\Temp\Skype\DbTemp\temp-Ze8X6KCLrcc6Yt08Y3e8misO" => Scheduled to move on reboot.
Could not move "C:\Users\Twins\AppData\Local\Temp\Skype\DbTemp\temp-zKanTE50lDqpJIljl3InjNhI" => Scheduled to move on reboot.
Could not move "C:\Users\Twins\AppData\Local\Temp\mozilla-temp-files\mozilla-temp-31850" => Scheduled to move on reboot.
Could not move "C:\Users\Twins\AppData\Local\Temp" directory. => Scheduled to move on reboot.

"C:\Program Files (x86)\MediaWatchV1" => File/Directory not found.
"C:\Program Files (x86)\MediaViewerV1" => File/Directory not found.
"C:\Program Files (x86)\MediaViewV1" => File/Directory not found.
"C:\Program Files (x86)\Social Privacy" => File/Directory not found.
"C:\Program Files (x86)\CostMin" => File/Directory not found.
C:\Users\Twins\AppData\Local\fst_us_83 => Moved successfully.
C:\ProgramData\IePluginServices => Moved successfully.
C:\Program Files (x86)\SupTab => Moved successfully.

"C:\Users\Twins\AppData\Local\MRS" directory move:

C:\Users\Twins\AppData\Local\MRS\BaseLibrary.dll => Moved successfully.
C:\Users\Twins\AppData\Local\MRS\ConfigurationData.dll => Moved successfully.
C:\Users\Twins\AppData\Local\MRS\Interop.SHDocVw.dll => Moved successfully.
C:\Users\Twins\AppData\Local\MRS\NDde.DLL => Moved successfully.
C:\Users\Twins\AppData\Local\MRS\SQLite.Interop.dll => Moved successfully.
C:\Users\Twins\AppData\Local\MRS\svcsystem.exe => Moved successfully.
C:\Users\Twins\AppData\Local\MRS\System.Data.SQLite.dll => Moved successfully.
C:\Users\Twins\AppData\Local\MRS\winsystem.exe => Moved successfully.
Could not move "C:\Users\Twins\AppData\Local\MRS" directory. => Scheduled to move on reboot.

C:\Users\Twins\AppData\Roaming\v9 => Moved successfully.
C:\Users\Twins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage => Moved successfully.
C:\Program Files (x86)\Supporter => Moved successfully.

"C:\Users\Twins\AppData\Roaming\MRS" directory move:

C:\Users\Twins\AppData\Roaming\MRS\SystemUpdatekb70007\BaseLibrary.dll => Moved successfully.
C:\Users\Twins\AppData\Roaming\MRS\SystemUpdatekb70007\ConfigurationData.dll => Moved successfully.
C:\Users\Twins\AppData\Roaming\MRS\SystemUpdatekb70007\Installer.dll => Moved successfully.
C:\Users\Twins\AppData\Roaming\MRS\SystemUpdatekb70007\InstallerLibrary.dll => Moved successfully.
C:\Users\Twins\AppData\Roaming\MRS\SystemUpdatekb70007\Newtonsoft.Json.dll => Moved successfully.
C:\Users\Twins\AppData\Roaming\MRS\SystemUpdatekb70007\SQLite.Interop.dll => Moved successfully.
C:\Users\Twins\AppData\Roaming\MRS\SystemUpdatekb70007\System.Data.SQLite.dll => Moved successfully.
C:\Users\Twins\AppData\Roaming\MRS\SystemUpdatekb70007\win32.reg => Moved successfully.
C:\Users\Twins\AppData\Roaming\MRS\SystemUpdatekb70007\WindowsUpdater.exe => Moved successfully.
Could not move "C:\Users\Twins\AppData\Roaming\MRS" directory. => Scheduled to move on reboot.

"C:\Users\Twins\AppData\Local\IdleCrawler" => File/Directory not found.
C:\Users\UpdatusUser\AppData\Local\Torch => Moved successfully.
C:\Users\UpdatusUser\AppData\Local\Chromatic Browser => Moved successfully.
C:\Users\Twins\AppData\Local\Torch => Moved successfully.
C:\Users\Twins\AppData\Local\Chromatic Browser => Moved successfully.
C:\Users\Guest\AppData\Local\Torch => Moved successfully.
C:\Users\Guest\AppData\Local\Chromatic Browser => Moved successfully.
C:\Users\Administrator\AppData\Local\Torch => Moved successfully.
C:\Users\Administrator\AppData\Local\Chromatic Browser => Moved successfully.
C:\Program Files (x86)\MRS => Moved successfully.
"C:\Windows\System32\Tasks\IdleCrawler Runner" => File/Directory not found.
"C:\Users\Twins\AppData\Local\fst_us_83" => File/Directory not found.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\fst => Moved successfully.
"C:\Windows\System32\Tasks\GPUpdateCheck" => File/Directory not found.
C:\Users\Twins\AppData\Roaming\wi_upd => Moved successfully.
"C:\Windows\System32\Tasks\GPUpdate" => File/Directory not found.
C:\Users\Twins\AppData\Roaming\GetPrivate => Moved successfully.
"C:\Windows\Tasks\pcreg.job" => File/Directory not found.
C:\Program Files\pcmax => Moved successfully.
"C:\Windows\System32\Tasks\pcreg" => File/Directory not found.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-06-17 12:47:20)<=

C:\Users\Twins\AppData\Local\Temp\etilqs_73YD4iKAeYHMIZd => Is moved successfully.
C:\Users\Twins\AppData\Local\Temp\etilqs_NpLbhC1y6PpZ0Qb => Is moved successfully.
C:\Users\Twins\AppData\Local\Temp\Skype\DbTemp\temp-1ItQpMIjaXMU8b9X0WIr1hZb => Is moved successfully.
C:\Users\Twins\AppData\Local\Temp\Skype\DbTemp\temp-xe0eH0owaXLLhfViqxnCcPsn => Is moved successfully.
C:\Users\Twins\AppData\Local\Temp\Skype\DbTemp\temp-Ze8X6KCLrcc6Yt08Y3e8misO => Is moved successfully.
C:\Users\Twins\AppData\Local\Temp\Skype\DbTemp\temp-zKanTE50lDqpJIljl3InjNhI => Is moved successfully.
C:\Users\Twins\AppData\Local\Temp\mozilla-temp-files\mozilla-temp-31850 => Is moved successfully.
C:\Users\Twins\AppData\Local\Temp => Moved successfully.
C:\Users\Twins\AppData\Local\MRS => Is moved successfully.
C:\Users\Twins\AppData\Roaming\MRS => Is moved successfully.

==== End of Fixlog ====

Link to post
Share on other sites
Hunter2222

Hunter2222

Posted
  • Author
Posted

I had Malwarebytes previously installed. However, it was somehow corrupted and the program would no longer run. Upon trying to completely uninstall it an error message the appears that read :Messages file "C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.msg" is missing. Please correct the problem or obtain a new copy of the program.
I also tried reinstalling the application, but another message appears that reads : Malwarebytes' Anti-Malware 1.x is currently installed and could not be uninstalled properly. Please uninstall Malwarebytes 'Anti-Malware 1.x manually, reboot, and then try to installation again."

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept