Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

plz help my computer


  • Please log in to reply
26 replies to this topic

#1 kcg421

kcg421

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wis/MN
  • Local time:06:50 AM

Posted 27 April 2012 - 09:25 PM

I belive I have the google bing yahoo redirect virus. I have tried to remove by my self via software with no success in removing the redirect virus itself . I can get rid of the nasty viruses the redirect virus seems to walk into my computer without my antivirus even noticing. But th redirect hangs in there. I am at the end of my rope I need expert help. Any advice/help would be awsome.

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 62,052 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:50 AM

Posted 27 April 2012 - 09:34 PM

Hello, what did you run?
Are you on a router? Are other machines on it,if so are they redirecting?

Do you use Firefox?


Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.





Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, go to Start > All Programs > Malwarebytes Anti-Malware folder > Tools > click on Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).


>>>
Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.


>>>>

Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.

How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#3 kcg421

kcg421
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wis/MN
  • Local time:06:50 AM

Posted 27 April 2012 - 11:32 PM

other then that i used avira ... superantivirus ... and malbytes ... which just crashed on me after my last system restor so i just reinstalled it. I am not on a router and only one computer dreactly contected threw wire via modem. I also switch off from a ps3 on the same wire just restart modem not that that probably matters.

i am using internet explorere. not fire fox

the

MiniToolBox by Farbar Version: 18-01-2012
Ran by Kayla (administrator) on 28-04-2012 at 00:05:13
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/27/2012 11:11:15 PM) (Source: Avira Antivirus) (User: SYSTEM)SYSTEM
Description: An unknown error occurred during init of the engine!
Returned error code: 0x35

Error: (04/27/2012 10:12:32 PM) (Source: Avira Antivirus) (User: SYSTEM)SYSTEM
Description: An unknown error occurred during init of the engine!
Returned error code: 0x35

Error: (04/23/2012 02:40:05 PM) (Source: Avira Antivirus) (User: SYSTEM)SYSTEM
Description: An unknown error occurred during init of the engine!
Returned error code: 0x35

Error: (04/22/2012 06:34:28 PM) (Source: Avira Antivirus) (User: SYSTEM)SYSTEM
Description: An unknown error occurred during init of the engine!
Returned error code: 0x35

Error: (04/22/2012 05:26:35 PM) (Source: Avira Antivirus) (User: SYSTEM)SYSTEM
Description: An unknown error occurred during init of the engine!
Returned error code: 0x35

Error: (04/22/2012 05:24:51 PM) (Source: Application Hang) (User: )
Description: The program HPSF.exe version 6.0.5.4 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 6c8

Start Time: 01cd20d0d861ac61

Termination Time: 10

Application Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe

Report Id: f335c95a-8cc9-11e1-8597-38607767f05f

Error: (04/22/2012 04:32:43 PM) (Source: Avira Antivirus) (User: SYSTEM)SYSTEM
Description: An unknown error occurred during init of the engine!
Returned error code: 0x35

Error: (04/22/2012 04:30:28 PM) (Source: Avira Antivirus) (User: SYSTEM)SYSTEM
Description: An unknown error occurred during init of the engine!
Returned error code: 0x35

Error: (04/22/2012 04:26:35 PM) (Source: Avira Antivirus) (User: SYSTEM)SYSTEM
Description: An unknown error occurred during init of the engine!
Returned error code: 0x35

Error: (04/22/2012 04:19:56 PM) (Source: Avira Antivirus) (User: SYSTEM)SYSTEM
Description: An unknown error occurred during init of the engine!
Returned error code: 0x35


System errors:
=============
Error: (04/27/2012 11:11:15 PM) (Source: Service Control Manager) (User: )
Description: The Avira Realtime Protection service terminated with service-specific error %%306.

Error: (04/27/2012 11:10:18 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (04/27/2012 11:10:18 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (04/27/2012 11:10:18 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (04/27/2012 11:08:12 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (04/27/2012 11:08:12 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (04/27/2012 11:08:12 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (04/27/2012 11:03:12 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (04/27/2012 11:03:12 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (04/27/2012 11:03:12 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (04/27/2012 11:11:15 PM) (Source: Avira Antivirus)(User: SYSTEM)SYSTEM
Description: 0x35

Error: (04/27/2012 10:12:32 PM) (Source: Avira Antivirus)(User: SYSTEM)SYSTEM
Description: 0x35

Error: (04/23/2012 02:40:05 PM) (Source: Avira Antivirus)(User: SYSTEM)SYSTEM
Description: 0x35

Error: (04/22/2012 06:34:28 PM) (Source: Avira Antivirus)(User: SYSTEM)SYSTEM
Description: 0x35

Error: (04/22/2012 05:26:35 PM) (Source: Avira Antivirus)(User: SYSTEM)SYSTEM
Description: 0x35

Error: (04/22/2012 05:24:51 PM) (Source: Application Hang)(User: )
Description: HPSF.exe6.0.5.46c801cd20d0d861ac6110C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exef335c95a-8cc9-11e1-8597-38607767f05f

Error: (04/22/2012 04:32:43 PM) (Source: Avira Antivirus)(User: SYSTEM)SYSTEM
Description: 0x35

Error: (04/22/2012 04:30:28 PM) (Source: Avira Antivirus)(User: SYSTEM)SYSTEM
Description: 0x35

Error: (04/22/2012 04:26:35 PM) (Source: Avira Antivirus)(User: SYSTEM)SYSTEM
Description: 0x35

Error: (04/22/2012 04:19:56 PM) (Source: Avira Antivirus)(User: SYSTEM)SYSTEM
Description: 0x35


=========================== Installed Programs ============================


========================= Memory info: ===================================

Percentage of memory in use: 45%
Total physical RAM: 3570.82 MB
Available physical RAM: 1930.73 MB
Total Pagefile: 7139.82 MB
Available Pagefile: 4906.29 MB
Total Virtual: 4095.88 MB
Available Virtual: 3965.29 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:919.67 GB) (Free:837.53 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:11.73 GB) (Free:1.43 GB) NTFS

========================= Users: ========================================

**** End of log ****


Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.04.28.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Kayla :: KAYLA-HP [administrator]

4/27/2012 11:18:55 PM
mbam-log-2012-04-27 (23-18-55).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 233236
Time elapsed: 7 minute(s), 2 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
.....


My aswMBR will not run...

also the TDSSkiller will not run either...

Edited by kcg421, 28 April 2012 - 12:11 AM.


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 62,052 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:50 AM

Posted 28 April 2012 - 10:18 AM

Ok, Lets try running
Download the FixTDSS.exe

Save the file to your Windows desktop.
Close all running programs.
If you are running Windows XP, turn off System Restore. How to turn off or turn on Windows XP System Restore
Double-click the FixTDSS.exe file to start the removal tool.
Click Start to begin the process, and then allow the tool to run.
Restart the computer when prompted by the tool.
After the computer has started, the tool will inform you of the state of infection (make sure to let me know what it said)
If you are running Windows XP, re-enable System Restore.
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#5 kcg421

kcg421
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wis/MN
  • Local time:06:50 AM

Posted 28 April 2012 - 10:47 AM

i got a suspicious use of kernel callback but MBR appears intact. Repair not done.
No infections were found.

#6 kcg421

kcg421
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wis/MN
  • Local time:06:50 AM

Posted 28 April 2012 - 10:52 AM

hey TDSSKiller works now runnin scan now :)

#7 kcg421

kcg421
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wis/MN
  • Local time:06:50 AM

Posted 28 April 2012 - 10:59 AM

YES! it worked.. or for now it seams >.< is there anything else i should do???? also is there any antivirus that you guys recamend gettting to prevent this from happaning again... ATI Catalyst control center is freeking out and pops up with a error window for a couple of seconds and goes away should i be concerd with this?

asw came up with this

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-28 10:59:30
-----------------------------
10:59:30.386 OS Version: Windows x64 6.1.7601 Service Pack 1
10:59:30.386 Number of processors: 2 586 0x100
10:59:30.387 ComputerName: KAYLA-HP UserName: Kayla
10:59:35.353 Initialize success
11:00:21.242 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000056
11:00:21.247 Disk 0 Vendor: ST310005 HP63 Size: 953869MB BusType: 11
11:00:21.259 Disk 0 MBR read successfully
11:00:21.265 Disk 0 MBR scan
11:00:21.269 Disk 0 Windows 7 default MBR code
11:00:21.274 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
11:00:21.281 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 941744 MB offset 206848
11:00:21.313 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 12014 MB offset 1928898560
11:00:21.355 Disk 0 scanning C:\Windows\system32\drivers
11:00:28.550 Service scanning
11:00:43.255 Modules scanning
11:00:43.273 Disk 0 trace - called modules:
11:00:43.311 ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys storport.sys hal.dll amd_sata.sys
11:00:43.317 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80045cc060]
11:00:43.326 3 CLASSPNP.SYS[fffff8800195843f] -> nt!IofCallDriver -> [0xfffffa80043659b0]
11:00:43.335 5 amd_xata.sys[fffff88000ef18f7] -> nt!IofCallDriver -> \Device\00000056[0xfffffa800434e060]
11:00:43.343 Scan finished successfully
11:01:05.523 Disk 0 MBR has been saved successfully to "C:\Users\Kayla\Desktop\MBR.dat"
11:01:05.551 The log file has been saved successfully to "C:\Users\Kayla\Desktop\aswMBR.txt"

from TDSS

10:51:57.0154 4812 TDSS rootkit removing tool 2.7.33.0 Apr 24 2012 18:43:43
10:51:57.0538 4812 ============================================================
10:51:57.0538 4812 Current date / time: 2012/04/28 10:51:57.0538
10:51:57.0538 4812 SystemInfo:
10:51:57.0538 4812
10:51:57.0538 4812 OS Version: 6.1.7601 ServicePack: 1.0
10:51:57.0538 4812 Product type: Workstation
10:51:57.0538 4812 ComputerName: KAYLA-HP
10:51:57.0538 4812 UserName: Kayla
10:51:57.0538 4812 Windows directory: C:\Windows
10:51:57.0538 4812 System windows directory: C:\Windows
10:51:57.0538 4812 Running under WOW64
10:51:57.0538 4812 Processor architecture: Intel x64
10:51:57.0538 4812 Number of processors: 2
10:51:57.0538 4812 Page size: 0x1000
10:51:57.0538 4812 Boot type: Normal boot
10:51:57.0538 4812 ============================================================
10:52:01.0539 4812 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:52:01.0546 4812 ============================================================
10:52:01.0546 4812 \Device\Harddisk0\DR0:
10:52:01.0558 4812 MBR partitions:
10:52:01.0558 4812 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
10:52:01.0558 4812 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x72F58000
10:52:01.0558 4812 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x72F8A800, BlocksNum 0x17775B0
10:52:01.0558 4812 ============================================================
10:52:01.0622 4812 C: <-> \Device\Harddisk0\DR0\Partition1
10:52:01.0739 4812 D: <-> \Device\Harddisk0\DR0\Partition2
10:52:01.0739 4812 ============================================================
10:52:01.0739 4812 Initialize success
10:52:01.0739 4812 ============================================================
10:52:53.0355 2876 ============================================================
10:52:53.0355 2876 Scan started
10:52:53.0356 2876 Mode: Manual;
10:52:53.0356 2876 ============================================================
10:52:54.0017 2876 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
10:52:54.0020 2876 !SASCORE - ok
10:52:54.0570 2876 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
10:52:54.0599 2876 1394ohci - ok
10:52:54.0656 2876 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
10:52:54.0661 2876 ACPI - ok
10:52:54.0686 2876 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
10:52:54.0691 2876 AcpiPmi - ok
10:52:54.0845 2876 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:52:54.0847 2876 AdobeARMservice - ok
10:52:54.0907 2876 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
10:52:54.0936 2876 adp94xx - ok
10:52:55.0111 2876 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
10:52:55.0134 2876 adpahci - ok
10:52:55.0160 2876 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
10:52:55.0171 2876 adpu320 - ok
10:52:55.0268 2876 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
10:52:55.0270 2876 AeLookupSvc - ok
10:52:55.0467 2876 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
10:52:55.0482 2876 AFD - ok
10:52:55.0527 2876 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
10:52:55.0543 2876 agp440 - ok
10:52:55.0576 2876 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
10:52:55.0584 2876 ALG - ok
10:52:55.0642 2876 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
10:52:55.0647 2876 aliide - ok
10:52:55.0694 2876 AMD External Events Utility (2fdcb3e855076ce97ccb58e2cf8f2a09) C:\Windows\system32\atiesrxx.exe
10:52:55.0697 2876 AMD External Events Utility - ok
10:52:55.0727 2876 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
10:52:55.0734 2876 amdide - ok
10:52:55.0893 2876 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
10:52:55.0918 2876 AmdK8 - ok
10:52:56.0862 2876 amdkmdag (9920704bf815a5b42da5264f013aaeb7) C:\Windows\system32\DRIVERS\atikmdag.sys
10:52:57.0081 2876 amdkmdag - ok
10:52:57.0340 2876 amdkmdap (0d1055a47a8f5dc1caa2701831293ebb) C:\Windows\system32\DRIVERS\atikmpag.sys
10:52:57.0355 2876 amdkmdap - ok
10:52:57.0397 2876 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
10:52:57.0397 2876 AmdPPM - ok
10:52:57.0483 2876 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
10:52:57.0497 2876 amdsata - ok
10:52:57.0541 2876 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
10:52:57.0552 2876 amdsbs - ok
10:52:57.0568 2876 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
10:52:57.0574 2876 amdxata - ok
10:52:57.0583 2876 amd_sata (2fbb00a7616106b95104574c6cd640c2) C:\Windows\system32\drivers\amd_sata.sys
10:52:57.0584 2876 amd_sata - ok
10:52:57.0597 2876 amd_xata (87d0d7645cb0d53220649bd5fe15d93e) C:\Windows\system32\drivers\amd_xata.sys
10:52:57.0602 2876 amd_xata - ok
10:52:57.0786 2876 AntiVirSchedulerService (72709089a54bdc1c5b16bc4a4b926567) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
10:52:57.0789 2876 AntiVirSchedulerService - ok
10:52:57.0808 2876 AntiVirService (42f88bfbb76f7a63e381829479b18518) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
10:52:57.0810 2876 AntiVirService - ok
10:52:57.0882 2876 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
10:52:57.0889 2876 AppID - ok
10:52:57.0933 2876 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
10:52:57.0940 2876 AppIDSvc - ok
10:52:57.0948 2876 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
10:52:57.0949 2876 Appinfo - ok
10:52:58.0041 2876 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:52:58.0044 2876 Apple Mobile Device - ok
10:52:58.0067 2876 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
10:52:58.0077 2876 arc - ok
10:52:58.0089 2876 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
10:52:58.0098 2876 arcsas - ok
10:52:58.0195 2876 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:52:58.0208 2876 aspnet_state - ok
10:52:58.0235 2876 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
10:52:58.0240 2876 AsyncMac - ok
10:52:58.0278 2876 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
10:52:58.0283 2876 atapi - ok
10:52:58.0322 2876 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
10:52:58.0329 2876 AudioEndpointBuilder - ok
10:52:58.0340 2876 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
10:52:58.0347 2876 AudioSrv - ok
10:52:58.0457 2876 avgntflt (aa8f79a1bdfc03b3bc70c44ab00589b4) C:\Windows\system32\DRIVERS\avgntflt.sys
10:52:58.0472 2876 avgntflt - ok
10:52:58.0549 2876 avipbb (852e3c0a60d368c487949e55ad52a47f) C:\Windows\system32\DRIVERS\avipbb.sys
10:52:58.0567 2876 avipbb - ok
10:52:58.0591 2876 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
10:52:58.0601 2876 avkmgr - ok
10:52:58.0669 2876 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
10:52:58.0694 2876 AxInstSV - ok
10:52:58.0818 2876 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
10:52:58.0840 2876 b06bdrv - ok
10:52:58.0868 2876 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
10:52:58.0880 2876 b57nd60a - ok
10:52:59.0598 2876 BBSvc (93ee7d9c35ae7e9ffda148d7805f1421) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
10:52:59.0624 2876 BBSvc - ok
10:52:59.0855 2876 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
10:52:59.0869 2876 BDESVC - ok
10:52:59.0972 2876 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
10:52:59.0977 2876 Beep - ok
10:53:00.0075 2876 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
10:53:00.0138 2876 BFE - ok
10:53:00.0235 2876 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
10:53:00.0255 2876 BITS - ok
10:53:00.0551 2876 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
10:53:00.0561 2876 blbdrive - ok
10:53:00.0671 2876 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
10:53:00.0676 2876 Bonjour Service - ok
10:53:00.0815 2876 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
10:53:00.0838 2876 bowser - ok
10:53:00.0862 2876 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
10:53:00.0869 2876 BrFiltLo - ok
10:53:00.0888 2876 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
10:53:00.0893 2876 BrFiltUp - ok
10:53:01.0083 2876 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
10:53:01.0086 2876 Browser - ok
10:53:01.0427 2876 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
10:53:01.0466 2876 Brserid - ok
10:53:01.0534 2876 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
10:53:01.0545 2876 BrSerWdm - ok
10:53:01.0601 2876 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
10:53:01.0607 2876 BrUsbMdm - ok
10:53:01.0637 2876 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
10:53:01.0641 2876 BrUsbSer - ok
10:53:01.0689 2876 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
10:53:01.0696 2876 BTHMODEM - ok
10:53:01.0769 2876 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
10:53:01.0779 2876 bthserv - ok
10:53:01.0833 2876 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
10:53:01.0846 2876 cdfs - ok
10:53:02.0031 2876 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
10:53:02.0049 2876 cdrom - ok
10:53:02.0082 2876 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
10:53:02.0090 2876 CertPropSvc - ok
10:53:02.0118 2876 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
10:53:02.0126 2876 circlass - ok
10:53:02.0182 2876 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
10:53:02.0188 2876 CLFS - ok
10:53:02.0443 2876 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:53:02.0455 2876 clr_optimization_v2.0.50727_32 - ok
10:53:02.0541 2876 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:53:02.0556 2876 clr_optimization_v2.0.50727_64 - ok
10:53:02.0604 2876 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:53:02.0607 2876 clr_optimization_v4.0.30319_32 - ok
10:53:02.0641 2876 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:53:02.0642 2876 clr_optimization_v4.0.30319_64 - ok
10:53:03.0045 2876 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
10:53:03.0053 2876 CmBatt - ok
10:53:03.0170 2876 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
10:53:03.0180 2876 cmdide - ok
10:53:03.0253 2876 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
10:53:03.0305 2876 CNG - ok
10:53:03.0367 2876 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
10:53:03.0376 2876 Compbatt - ok
10:53:03.0431 2876 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
10:53:03.0440 2876 CompositeBus - ok
10:53:03.0462 2876 COMSysApp - ok
10:53:03.0541 2876 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
10:53:03.0551 2876 crcdisk - ok
10:53:03.0697 2876 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
10:53:03.0701 2876 CryptSvc - ok
10:53:03.0836 2876 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
10:53:03.0849 2876 DcomLaunch - ok
10:53:03.0888 2876 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
10:53:03.0900 2876 defragsvc - ok
10:53:04.0004 2876 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
10:53:04.0018 2876 DfsC - ok
10:53:04.0142 2876 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
10:53:04.0149 2876 Dhcp - ok
10:53:04.0160 2876 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
10:53:04.0161 2876 discache - ok
10:53:04.0251 2876 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
10:53:04.0265 2876 Disk - ok
10:53:04.0289 2876 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
10:53:04.0292 2876 Dnscache - ok
10:53:04.0306 2876 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
10:53:04.0316 2876 dot3svc - ok
10:53:04.0329 2876 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
10:53:04.0331 2876 DPS - ok
10:53:04.0463 2876 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
10:53:04.0469 2876 drmkaud - ok
10:53:04.0648 2876 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
10:53:04.0678 2876 DXGKrnl - ok
10:53:04.0958 2876 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
10:53:04.0973 2876 EapHost - ok
10:53:05.0905 2876 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
10:53:06.0018 2876 ebdrv - ok
10:53:06.0382 2876 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
10:53:06.0392 2876 EFS - ok
10:53:06.0517 2876 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
10:53:06.0543 2876 ehRecvr - ok
10:53:06.0589 2876 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
10:53:06.0608 2876 ehSched - ok
10:53:06.0940 2876 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
10:53:06.0970 2876 elxstor - ok
10:53:07.0041 2876 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
10:53:07.0049 2876 ErrDev - ok
10:53:07.0250 2876 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
10:53:07.0262 2876 EventSystem - ok
10:53:07.0334 2876 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
10:53:07.0361 2876 exfat - ok
10:53:07.0396 2876 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
10:53:07.0406 2876 fastfat - ok
10:53:07.0488 2876 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
10:53:07.0500 2876 Fax - ok
10:53:07.0661 2876 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
10:53:07.0671 2876 fdc - ok
10:53:07.0751 2876 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
10:53:07.0753 2876 fdPHost - ok
10:53:07.0777 2876 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
10:53:07.0779 2876 FDResPub - ok
10:53:07.0800 2876 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
10:53:07.0810 2876 FileInfo - ok
10:53:07.0815 2876 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
10:53:07.0820 2876 Filetrace - ok
10:53:07.0869 2876 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
10:53:07.0874 2876 flpydisk - ok
10:53:07.0892 2876 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
10:53:07.0906 2876 FltMgr - ok
10:53:07.0972 2876 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
10:53:07.0992 2876 FontCache - ok
10:53:08.0151 2876 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:53:08.0162 2876 FontCache3.0.0.0 - ok
10:53:08.0521 2876 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
10:53:08.0527 2876 FsDepends - ok
10:53:08.0590 2876 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
10:53:08.0599 2876 Fs_Rec - ok
10:53:08.0647 2876 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
10:53:08.0666 2876 fvevol - ok
10:53:08.0741 2876 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
10:53:08.0750 2876 gagp30kx - ok
10:53:08.0847 2876 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
10:53:08.0866 2876 GamesAppService - ok
10:53:08.0893 2876 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:53:08.0898 2876 GEARAspiWDM - ok
10:53:09.0051 2876 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
10:53:09.0090 2876 gpsvc - ok
10:53:09.0147 2876 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:53:09.0149 2876 gupdate - ok
10:53:09.0180 2876 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:53:09.0181 2876 gupdatem - ok
10:53:09.0216 2876 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
10:53:09.0231 2876 gusvc - ok
10:53:09.0869 2876 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
10:53:09.0881 2876 hcw85cir - ok
10:53:10.0051 2876 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
10:53:10.0069 2876 HdAudAddService - ok
10:53:10.0096 2876 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
10:53:10.0098 2876 HDAudBus - ok
10:53:10.0182 2876 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
10:53:10.0191 2876 HidBatt - ok
10:53:10.0233 2876 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
10:53:10.0243 2876 HidBth - ok
10:53:10.0257 2876 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
10:53:10.0268 2876 HidIr - ok
10:53:10.0336 2876 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
10:53:10.0339 2876 hidserv - ok
10:53:10.0390 2876 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
10:53:10.0399 2876 HidUsb - ok
10:53:10.0428 2876 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
10:53:10.0435 2876 hkmsvc - ok
10:53:10.0453 2876 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
10:53:10.0456 2876 HomeGroupListener - ok
10:53:10.0586 2876 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
10:53:10.0593 2876 HomeGroupProvider - ok
10:53:10.0710 2876 HP Support Assistant Service (170233b8d743efe35f462a5d516b93e3) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
10:53:10.0712 2876 HP Support Assistant Service - ok
10:53:10.0804 2876 HPClientSvc (6a181452d4e240b8ecc7614b9a19bde9) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
10:53:10.0809 2876 HPClientSvc - ok
10:53:10.0843 2876 HPDrvMntSvc.exe (bcc4a8b2e2e902f52e7f2e7d8e125765) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
10:53:10.0846 2876 HPDrvMntSvc.exe - ok
10:53:10.0948 2876 hpqwmiex (ec9739a46f1f83c6e52a7a4697f44a65) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
10:53:10.0975 2876 hpqwmiex - ok
10:53:11.0407 2876 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
10:53:11.0422 2876 HpSAMD - ok
10:53:11.0612 2876 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
10:53:11.0623 2876 HTTP - ok
10:53:11.0901 2876 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
10:53:11.0945 2876 hwpolicy - ok
10:53:12.0014 2876 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
10:53:12.0031 2876 i8042prt - ok
10:53:12.0200 2876 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
10:53:12.0241 2876 iaStorV - ok
10:53:12.0487 2876 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:53:12.0513 2876 idsvc - ok
10:53:12.0767 2876 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
10:53:12.0904 2876 igfx - ok
10:53:13.0175 2876 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
10:53:13.0194 2876 iirsp - ok
10:53:13.0675 2876 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
10:53:13.0744 2876 IKEEXT - ok
10:53:14.0159 2876 IntcAzAudAddService (c7124da48e557d8f88d0d7f1254557f4) C:\Windows\system32\drivers\RTKVHD64.sys
10:53:14.0196 2876 IntcAzAudAddService - ok
10:53:14.0264 2876 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
10:53:14.0271 2876 intelide - ok
10:53:14.0307 2876 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
10:53:14.0316 2876 intelppm - ok
10:53:14.0358 2876 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
10:53:14.0368 2876 IPBusEnum - ok
10:53:14.0422 2876 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:53:14.0430 2876 IpFilterDriver - ok
10:53:14.0469 2876 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
10:53:14.0475 2876 iphlpsvc - ok
10:53:14.0494 2876 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
10:53:14.0503 2876 IPMIDRV - ok
10:53:14.0512 2876 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
10:53:14.0520 2876 IPNAT - ok
10:53:14.0671 2876 iPod Service (46d249f9db7844cc01050a9345f0f61b) C:\Program Files\iPod\bin\iPodService.exe
10:53:14.0683 2876 iPod Service - ok
10:53:14.0785 2876 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
10:53:14.0790 2876 IRENUM - ok
10:53:14.0860 2876 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
10:53:14.0868 2876 isapnp - ok
10:53:14.0934 2876 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
10:53:14.0950 2876 iScsiPrt - ok
10:53:15.0004 2876 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
10:53:15.0012 2876 kbdclass - ok
10:53:15.0024 2876 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
10:53:15.0031 2876 kbdhid - ok
10:53:15.0050 2876 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:53:15.0052 2876 KeyIso - ok
10:53:15.0062 2876 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
10:53:15.0070 2876 KSecDD - ok
10:53:15.0084 2876 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
10:53:15.0094 2876 KSecPkg - ok
10:53:15.0100 2876 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
10:53:15.0105 2876 ksthunk - ok
10:53:15.0149 2876 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
10:53:15.0164 2876 KtmRm - ok
10:53:15.0201 2876 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
10:53:15.0205 2876 LanmanServer - ok
10:53:15.0253 2876 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
10:53:15.0257 2876 LanmanWorkstation - ok
10:53:15.0343 2876 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
10:53:15.0352 2876 lltdio - ok
10:53:15.0378 2876 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
10:53:15.0389 2876 lltdsvc - ok
10:53:15.0394 2876 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
10:53:15.0395 2876 lmhosts - ok
10:53:15.0430 2876 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
10:53:15.0438 2876 LSI_FC - ok
10:53:15.0456 2876 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
10:53:15.0463 2876 LSI_SAS - ok
10:53:15.0485 2876 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
10:53:15.0492 2876 LSI_SAS2 - ok
10:53:15.0510 2876 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
10:53:15.0517 2876 LSI_SCSI - ok
10:53:15.0528 2876 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
10:53:15.0529 2876 luafv - ok
10:53:15.0551 2876 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
10:53:15.0558 2876 Mcx2Svc - ok
10:53:15.0583 2876 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
10:53:15.0588 2876 megasas - ok
10:53:15.0608 2876 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
10:53:15.0619 2876 MegaSR - ok
10:53:15.0715 2876 Microsoft SharePoint Workspace Audit Service - ok
10:53:15.0746 2876 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
10:53:15.0749 2876 MMCSS - ok
10:53:15.0760 2876 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
10:53:15.0766 2876 Modem - ok
10:53:15.0797 2876 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
10:53:15.0798 2876 monitor - ok
10:53:15.0810 2876 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
10:53:15.0816 2876 mouclass - ok
10:53:15.0832 2876 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
10:53:15.0837 2876 mouhid - ok
10:53:15.0847 2876 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
10:53:15.0856 2876 mountmgr - ok
10:53:15.0872 2876 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
10:53:15.0882 2876 mpio - ok
10:53:15.0893 2876 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
10:53:15.0899 2876 mpsdrv - ok
10:53:15.0945 2876 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
10:53:15.0955 2876 MpsSvc - ok
10:53:16.0157 2876 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
10:53:16.0174 2876 MRxDAV - ok
10:53:16.0208 2876 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:53:16.0219 2876 mrxsmb - ok
10:53:16.0266 2876 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:53:16.0280 2876 mrxsmb10 - ok
10:53:16.0295 2876 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:53:16.0303 2876 mrxsmb20 - ok
10:53:16.0320 2876 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
10:53:16.0325 2876 msahci - ok
10:53:16.0344 2876 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
10:53:16.0352 2876 msdsm - ok
10:53:16.0382 2876 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
10:53:16.0395 2876 MSDTC - ok
10:53:16.0413 2876 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
10:53:16.0417 2876 Msfs - ok
10:53:16.0430 2876 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
10:53:16.0434 2876 mshidkmdf - ok
10:53:16.0496 2876 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
10:53:16.0501 2876 msisadrv - ok
10:53:16.0541 2876 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
10:53:16.0549 2876 MSiSCSI - ok
10:53:16.0554 2876 msiserver - ok
10:53:16.0571 2876 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
10:53:16.0574 2876 MSKSSRV - ok
10:53:16.0587 2876 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
10:53:16.0591 2876 MSPCLOCK - ok
10:53:16.0595 2876 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
10:53:16.0598 2876 MSPQM - ok
10:53:16.0621 2876 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
10:53:16.0633 2876 MsRPC - ok
10:53:16.0654 2876 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
10:53:16.0655 2876 mssmbios - ok
10:53:16.0660 2876 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
10:53:16.0665 2876 MSTEE - ok
10:53:16.0684 2876 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
10:53:16.0689 2876 MTConfig - ok
10:53:16.0696 2876 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
10:53:16.0701 2876 Mup - ok
10:53:16.0742 2876 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
10:53:16.0748 2876 napagent - ok
10:53:16.0777 2876 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
10:53:16.0788 2876 NativeWifiP - ok
10:53:16.0855 2876 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
10:53:16.0886 2876 NDIS - ok
10:53:17.0081 2876 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
10:53:17.0091 2876 NdisCap - ok
10:53:17.0133 2876 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
10:53:17.0139 2876 NdisTapi - ok
10:53:17.0150 2876 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
10:53:17.0160 2876 Ndisuio - ok
10:53:17.0173 2876 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
10:53:17.0183 2876 NdisWan - ok
10:53:17.0191 2876 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
10:53:17.0198 2876 NDProxy - ok
10:53:17.0205 2876 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
10:53:17.0213 2876 NetBIOS - ok
10:53:17.0229 2876 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
10:53:17.0232 2876 NetBT - ok
10:53:17.0248 2876 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:53:17.0249 2876 Netlogon - ok
10:53:17.0292 2876 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
10:53:17.0297 2876 Netman - ok
10:53:17.0362 2876 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:53:17.0372 2876 NetMsmqActivator - ok
10:53:17.0379 2876 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:53:17.0380 2876 NetPipeActivator - ok
10:53:17.0427 2876 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
10:53:17.0432 2876 netprofm - ok
10:53:17.0448 2876 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:53:17.0449 2876 NetTcpActivator - ok
10:53:17.0453 2876 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:53:17.0455 2876 NetTcpPortSharing - ok
10:53:17.0625 2876 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
10:53:17.0636 2876 nfrd960 - ok
10:53:17.0674 2876 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
10:53:17.0679 2876 NlaSvc - ok
10:53:17.0693 2876 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
10:53:17.0698 2876 Npfs - ok
10:53:17.0708 2876 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
10:53:17.0710 2876 nsi - ok
10:53:17.0715 2876 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
10:53:17.0715 2876 nsiproxy - ok
10:53:17.0809 2876 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
10:53:17.0880 2876 Ntfs - ok
10:53:17.0999 2876 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
10:53:18.0004 2876 Null - ok
10:53:18.0064 2876 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
10:53:18.0072 2876 nvraid - ok
10:53:18.0124 2876 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
10:53:18.0134 2876 nvstor - ok
10:53:18.0176 2876 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
10:53:18.0184 2876 nv_agp - ok
10:53:18.0196 2876 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
10:53:18.0204 2876 ohci1394 - ok
10:53:18.0308 2876 ose64 (4965b005492cba7719e82b71e3245495) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:53:18.0326 2876 ose64 - ok
10:53:18.0544 2876 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:53:18.0670 2876 osppsvc - ok
10:53:19.0619 2876 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
10:53:19.0629 2876 p2pimsvc - ok
10:53:19.0758 2876 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
10:53:19.0772 2876 p2psvc - ok
10:53:20.0051 2876 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
10:53:20.0077 2876 Parport - ok
10:53:20.0140 2876 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
10:53:20.0151 2876 partmgr - ok
10:53:20.0169 2876 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
10:53:20.0172 2876 PcaSvc - ok
10:53:20.0302 2876 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
10:53:20.0306 2876 pci - ok
10:53:20.0334 2876 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
10:53:20.0338 2876 pciide - ok
10:53:20.0360 2876 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
10:53:20.0373 2876 pcmcia - ok
10:53:20.0387 2876 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
10:53:20.0392 2876 pcw - ok
10:53:20.0456 2876 pdfcDispatcher - ok
10:53:20.0500 2876 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
10:53:20.0521 2876 PEAUTH - ok
10:53:21.0014 2876 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
10:53:21.0018 2876 PerfHost - ok
10:53:21.0257 2876 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
10:53:21.0341 2876 pla - ok
10:53:21.0852 2876 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
10:53:21.0869 2876 PlugPlay - ok
10:53:21.0910 2876 PnkBstrA - ok
10:53:21.0941 2876 PnkBstrB - ok
10:53:21.0985 2876 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
10:53:21.0994 2876 PNRPAutoReg - ok
10:53:22.0013 2876 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
10:53:22.0019 2876 PNRPsvc - ok
10:53:22.0479 2876 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
10:53:22.0490 2876 PolicyAgent - ok
10:53:22.0540 2876 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
10:53:22.0544 2876 Power - ok
10:53:22.0794 2876 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
10:53:22.0815 2876 PptpMiniport - ok
10:53:22.0848 2876 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
10:53:22.0856 2876 Processor - ok
10:53:23.0069 2876 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
10:53:23.0077 2876 ProfSvc - ok
10:53:23.0188 2876 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:53:23.0191 2876 ProtectedStorage - ok
10:53:23.0286 2876 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
10:53:23.0289 2876 Psched - ok
10:53:23.0389 2876 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
10:53:23.0457 2876 ql2300 - ok
10:53:23.0754 2876 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
10:53:23.0762 2876 ql40xx - ok
10:53:23.0803 2876 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
10:53:23.0817 2876 QWAVE - ok
10:53:23.0825 2876 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
10:53:23.0831 2876 QWAVEdrv - ok
10:53:23.0836 2876 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
10:53:23.0840 2876 RasAcd - ok
10:53:23.0863 2876 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
10:53:23.0868 2876 RasAgileVpn - ok
10:53:23.0881 2876 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
10:53:23.0888 2876 RasAuto - ok
10:53:23.0909 2876 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:53:23.0921 2876 Rasl2tp - ok
10:53:23.0943 2876 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
10:53:23.0956 2876 RasMan - ok
10:53:23.0965 2876 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
10:53:23.0972 2876 RasPppoe - ok
10:53:23.0981 2876 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
10:53:23.0988 2876 RasSstp - ok
10:53:24.0007 2876 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
10:53:24.0021 2876 rdbss - ok
10:53:24.0042 2876 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
10:53:24.0047 2876 rdpbus - ok
10:53:24.0052 2876 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:53:24.0053 2876 RDPCDD - ok
10:53:24.0079 2876 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
10:53:24.0080 2876 RDPENCDD - ok
10:53:24.0090 2876 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
10:53:24.0090 2876 RDPREFMP - ok
10:53:24.0197 2876 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
10:53:24.0216 2876 RDPWD - ok
10:53:24.0254 2876 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
10:53:24.0268 2876 rdyboost - ok
10:53:24.0379 2876 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
10:53:24.0392 2876 RemoteAccess - ok
10:53:24.0414 2876 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
10:53:24.0427 2876 RemoteRegistry - ok
10:53:24.0490 2876 RoxioNow Service (085d18c71ab2611a3d61528132b6501e) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
10:53:24.0494 2876 RoxioNow Service - ok
10:53:24.0555 2876 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
10:53:24.0559 2876 RpcEptMapper - ok
10:53:24.0655 2876 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
10:53:24.0665 2876 RpcLocator - ok
10:53:24.0714 2876 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
10:53:24.0720 2876 RpcSs - ok
10:53:24.0845 2876 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
10:53:24.0858 2876 rspndr - ok
10:53:24.0922 2876 RTL8167 (f4c374b1c46de294b573bb43723ac3f6) C:\Windows\system32\DRIVERS\Rt64win7.sys
10:53:24.0932 2876 RTL8167 - ok
10:53:24.0985 2876 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:53:24.0987 2876 SamSs - ok
10:53:25.0116 2876 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
10:53:25.0117 2876 SASDIFSV - ok
10:53:25.0173 2876 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
10:53:25.0174 2876 SASKUTIL - ok
10:53:25.0280 2876 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
10:53:25.0304 2876 sbp2port - ok
10:53:25.0447 2876 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
10:53:25.0474 2876 SCardSvr - ok
10:53:25.0570 2876 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
10:53:25.0586 2876 scfilter - ok
10:53:25.0717 2876 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
10:53:25.0732 2876 Schedule - ok
10:53:26.0140 2876 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
10:53:26.0142 2876 SCPolicySvc - ok
10:53:26.0239 2876 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
10:53:26.0252 2876 sdbus - ok
10:53:26.0410 2876 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
10:53:26.0452 2876 SDRSVC - ok
10:53:26.0659 2876 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
10:53:26.0664 2876 SeaPort - ok
10:53:26.0752 2876 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
10:53:26.0759 2876 secdrv - ok
10:53:26.0773 2876 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
10:53:26.0781 2876 seclogon - ok
10:53:26.0795 2876 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
10:53:26.0797 2876 SENS - ok
10:53:26.0889 2876 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
10:53:26.0903 2876 SensrSvc - ok
10:53:27.0015 2876 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
10:53:27.0037 2876 Serenum - ok
10:53:27.0088 2876 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
10:53:27.0095 2876 Serial - ok
10:53:27.0129 2876 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
10:53:27.0134 2876 sermouse - ok
10:53:27.0174 2876 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
10:53:27.0182 2876 SessionEnv - ok
10:53:27.0207 2876 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
10:53:27.0211 2876 sffdisk - ok
10:53:27.0217 2876 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
10:53:27.0223 2876 sffp_mmc - ok
10:53:27.0229 2876 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
10:53:27.0233 2876 sffp_sd - ok
10:53:27.0246 2876 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
10:53:27.0250 2876 sfloppy - ok
10:53:27.0286 2876 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
10:53:27.0299 2876 SharedAccess - ok
10:53:27.0355 2876 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
10:53:27.0365 2876 ShellHWDetection - ok
10:53:27.0455 2876 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
10:53:27.0464 2876 SiSRaid2 - ok
10:53:27.0484 2876 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
10:53:27.0492 2876 SiSRaid4 - ok
10:53:27.0520 2876 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
10:53:27.0527 2876 Smb - ok
10:53:27.0560 2876 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
10:53:27.0565 2876 SNMPTRAP - ok
10:53:27.0570 2876 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
10:53:27.0576 2876 spldr - ok
10:53:27.0599 2876 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
10:53:27.0604 2876 Spooler - ok
10:53:28.0222 2876 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
10:53:28.0251 2876 sppsvc - ok
10:53:28.0730 2876 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
10:53:28.0747 2876 sppuinotify - ok
10:53:28.0928 2876 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
10:53:28.0955 2876 srv - ok
10:53:28.0974 2876 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
10:53:28.0995 2876 srv2 - ok
10:53:29.0004 2876 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
10:53:29.0012 2876 srvnet - ok
10:53:29.0135 2876 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
10:53:29.0144 2876 SSDPSRV - ok
10:53:29.0159 2876 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
10:53:29.0173 2876 SstpSvc - ok
10:53:29.0274 2876 Steam Client Service - ok
10:53:29.0321 2876 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
10:53:29.0332 2876 stexstor - ok
10:53:29.0531 2876 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
10:53:29.0546 2876 stisvc - ok
10:53:29.0578 2876 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
10:53:29.0584 2876 swenum - ok
10:53:29.0627 2876 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
10:53:29.0636 2876 swprv - ok
10:53:29.0846 2876 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
10:53:29.0908 2876 SysMain - ok
10:53:30.0258 2876 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
10:53:30.0274 2876 TabletInputService - ok
10:53:30.0314 2876 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
10:53:30.0327 2876 TapiSrv - ok
10:53:30.0343 2876 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
10:53:30.0351 2876 TBS - ok
10:53:30.0505 2876 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
10:53:30.0553 2876 Tcpip - ok
10:53:31.0056 2876 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
10:53:31.0068 2876 TCPIP6 - ok
10:53:31.0441 2876 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
10:53:31.0456 2876 tcpipreg - ok
10:53:31.0501 2876 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
10:53:31.0505 2876 TDPIPE - ok
10:53:31.0570 2876 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
10:53:31.0578 2876 TDTCP - ok
10:53:31.0595 2876 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
10:53:31.0604 2876 tdx - ok
10:53:31.0688 2876 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
10:53:31.0708 2876 TermDD - ok
10:53:31.0867 2876 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
10:53:31.0884 2876 TermService - ok
10:53:31.0893 2876 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
10:53:31.0896 2876 Themes - ok
10:53:31.0957 2876 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
10:53:31.0959 2876 THREADORDER - ok
10:53:31.0986 2876 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
10:53:31.0989 2876 TrkWks - ok
10:53:32.0127 2876 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
10:53:32.0131 2876 TrustedInstaller - ok
10:53:32.0238 2876 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:53:32.0250 2876 tssecsrv - ok
10:53:32.0281 2876 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
10:53:32.0289 2876 TsUsbFlt - ok
10:53:32.0329 2876 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
10:53:32.0337 2876 TsUsbGD - ok
10:53:32.0364 2876 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
10:53:32.0374 2876 tunnel - ok
10:53:32.0398 2876 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
10:53:32.0405 2876 uagp35 - ok
10:53:32.0451 2876 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
10:53:32.0463 2876 udfs - ok
10:53:32.0544 2876 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
10:53:32.0561 2876 UI0Detect - ok
10:53:32.0603 2876 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
10:53:32.0615 2876 uliagpkx - ok
10:53:32.0660 2876 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
10:53:32.0670 2876 umbus - ok
10:53:32.0686 2876 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
10:53:32.0702 2876 UmPass - ok
10:53:32.0809 2876 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
10:53:32.0814 2876 upnphost - ok
10:53:32.0876 2876 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
10:53:32.0884 2876 USBAAPL64 - ok
10:53:32.0903 2876 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
10:53:32.0910 2876 usbccgp - ok
10:53:32.0962 2876 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
10:53:32.0972 2876 usbcir - ok
10:53:32.0985 2876 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
10:53:32.0990 2876 usbehci - ok
10:53:33.0001 2876 usbfilter (573d192e268f0c5b486b7e96f661e538) C:\Windows\system32\drivers\usbfilter.sys
10:53:33.0006 2876 usbfilter - ok
10:53:33.0071 2876 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\drivers\usbhub.sys
10:53:33.0086 2876 usbhub - ok
10:53:33.0110 2876 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
10:53:33.0115 2876 usbohci - ok
10:53:33.0132 2876 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
10:53:33.0137 2876 usbprint - ok
10:53:33.0161 2876 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
10:53:33.0167 2876 usbscan - ok
10:53:33.0184 2876 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:53:33.0192 2876 USBSTOR - ok
10:53:33.0208 2876 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
10:53:33.0213 2876 usbuhci - ok
10:53:33.0237 2876 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
10:53:33.0239 2876 UxSms - ok
10:53:33.0338 2876 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:53:33.0342 2876 VaultSvc - ok
10:53:33.0450 2876 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
10:53:33.0472 2876 vdrvroot - ok
10:53:33.0681 2876 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
10:53:33.0732 2876 vds - ok
10:53:33.0821 2876 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
10:53:33.0830 2876 vga - ok
10:53:33.0873 2876 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
10:53:33.0878 2876 VgaSave - ok
10:53:33.0913 2876 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
10:53:33.0930 2876 vhdmp - ok
10:53:33.0986 2876 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
10:53:33.0993 2876 viaide - ok
10:53:34.0016 2876 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
10:53:34.0024 2876 volmgr - ok
10:53:34.0047 2876 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
10:53:34.0063 2876 volmgrx - ok
10:53:34.0084 2876 volsnap (df8126bd41180351a093a3ad2fc8903b) C:\Windows\system32\drivers\volsnap.sys
10:53:34.0097 2876 volsnap - ok
10:53:34.0216 2876 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
10:53:34.0240 2876 vsmraid - ok
10:53:34.0473 2876 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
10:53:34.0542 2876 VSS - ok
10:53:35.0064 2876 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
10:53:35.0075 2876 vwifibus - ok
10:53:35.0141 2876 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
10:53:35.0169 2876 W32Time - ok
10:53:35.0206 2876 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
10:53:35.0211 2876 WacomPen - ok
10:53:35.0247 2876 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
10:53:35.0255 2876 WANARP - ok
10:53:35.0259 2876 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
10:53:35.0260 2876 Wanarpv6 - ok
10:53:35.0490 2876 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
10:53:35.0555 2876 WatAdminSvc - ok
10:53:35.0961 2876 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
10:53:36.0055 2876 wbengine - ok
10:53:36.0258 2876 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
10:53:36.0311 2876 WbioSrvc - ok
10:53:36.0341 2876 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
10:53:36.0358 2876 wcncsvc - ok
10:53:36.0366 2876 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
10:53:36.0375 2876 WcsPlugInService - ok
10:53:36.0507 2876 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
10:53:36.0524 2876 Wd - ok
10:53:36.0587 2876 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
10:53:36.0605 2876 Wdf01000 - ok
10:53:36.0691 2876 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
10:53:36.0694 2876 WdiServiceHost - ok
10:53:36.0704 2876 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
10:53:36.0706 2876 WdiSystemHost - ok
10:53:36.0729 2876 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
10:53:36.0738 2876 WebClient - ok
10:53:36.0760 2876 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
10:53:36.0770 2876 Wecsvc - ok
10:53:36.0785 2876 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
10:53:36.0787 2876 wercplsupport - ok
10:53:36.0814 2876 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
10:53:36.0816 2876 WerSvc - ok
10:53:36.0837 2876 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
10:53:36.0841 2876 WfpLwf - ok
10:53:36.0852 2876 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
10:53:36.0858 2876 WIMMount - ok
10:53:36.0943 2876 WinDefend - ok
10:53:36.0953 2876 WinHttpAutoProxySvc - ok
10:53:37.0033 2876 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
10:53:37.0038 2876 Winmgmt - ok
10:53:37.0121 2876 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
10:53:37.0174 2876 WinRM - ok
10:53:37.0357 2876 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
10:53:37.0371 2876 WinUsb - ok
10:53:37.0436 2876 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
10:53:37.0463 2876 Wlansvc - ok
10:53:37.0542 2876 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
10:53:37.0556 2876 wlcrasvc - ok
10:53:37.0698 2876 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:53:37.0736 2876 wlidsvc - ok
10:53:37.0862 2876 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
10:53:37.0869 2876 WmiAcpi - ok
10:53:37.0924 2876 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
10:53:37.0940 2876 wmiApSrv - ok
10:53:37.0987 2876 WMPNetworkSvc - ok
10:53:38.0046 2876 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
10:53:38.0058 2876 WPCSvc - ok
10:53:38.0072 2876 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
10:53:38.0079 2876 WPDBusEnum - ok
10:53:38.0128 2876 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
10:53:38.0133 2876 ws2ifsl - ok
10:53:38.0151 2876 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
10:53:38.0154 2876 wscsvc - ok
10:53:38.0160 2876 WSearch - ok
10:53:38.0258 2876 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
10:53:38.0304 2876 wuauserv - ok
10:53:38.0379 2876 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
10:53:38.0390 2876 WudfPf - ok
10:53:38.0417 2876 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
10:53:38.0420 2876 wudfsvc - ok
10:53:38.0440 2876 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
10:53:38.0457 2876 WwanSvc - ok
10:53:38.0497 2876 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
10:53:38.0584 2876 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected
10:53:38.0584 2876 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b (0)
10:53:38.0613 2876 Boot (0x1200) (a3ea75ac5a0d1bbdd11adfdf3807b11f) \Device\Harddisk0\DR0\Partition0
10:53:38.0615 2876 \Device\Harddisk0\DR0\Partition0 - ok
10:53:38.0628 2876 Boot (0x1200) (3335490a35d28ddbde91b37e830d1dc4) \Device\Harddisk0\DR0\Partition1
10:53:38.0630 2876 \Device\Harddisk0\DR0\Partition1 - ok
10:53:38.0659 2876 Boot (0x1200) (be1db2b216e7a1b18f08a36f796b5da8) \Device\Harddisk0\DR0\Partition2
10:53:38.0661 2876 \Device\Harddisk0\DR0\Partition2 - ok
10:53:38.0662 2876 ============================================================
10:53:38.0662 2876 Scan finished
10:53:38.0662 2876 ============================================================
10:53:38.0682 2848 Detected object count: 1
10:53:38.0683 2848 Actual detected object count: 1
10:53:58.0041 2848 \Device\Harddisk0\DR0\# - copied to quarantine
10:53:58.0042 2848 \Device\Harddisk0\DR0 - copied to quarantine
10:53:58.0115 2848 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
10:53:58.0119 2848 \Device\Harddisk0\DR0\TDLFS\vbr - copied to quarantine
10:53:58.0124 2848 \Device\Harddisk0\DR0\TDLFS\bid - copied to quarantine
10:53:58.0129 2848 \Device\Harddisk0\DR0\TDLFS\affid - copied to quarantine
10:53:58.0133 2848 \Device\Harddisk0\DR0\TDLFS\boot - copied to quarantine
10:53:58.0139 2848 \Device\Harddisk0\DR0\TDLFS\cmd32 - copied to quarantine
10:53:58.0145 2848 \Device\Harddisk0\DR0\TDLFS\cmd64 - copied to quarantine
10:53:58.0150 2848 \Device\Harddisk0\DR0\TDLFS\dbg32 - copied to quarantine
10:53:58.0153 2848 \Device\Harddisk0\DR0\TDLFS\dbg64 - copied to quarantine
10:53:58.0157 2848 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
10:53:58.0161 2848 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
10:53:58.0164 2848 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
10:53:58.0168 2848 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
10:53:58.0171 2848 \Device\Harddisk0\DR0\TDLFS\subid - copied to quarantine
10:53:58.0175 2848 \Device\Harddisk0\DR0\TDLFS\info - copied to quarantine
10:53:58.0178 2848 \Device\Harddisk0\DR0\TDLFS\main - copied to quarantine
10:53:58.0181 2848 \Device\Harddisk0\DR0\TDLFS\mainfb.script - copied to quarantine
10:53:58.0190 2848 \Device\Harddisk0\DR0\TDLFS\com64 - copied to quarantine
10:53:58.0196 2848 \Device\Harddisk0\DR0\TDLFS\bbr232 - copied to quarantine
10:53:58.0203 2848 \Device\Harddisk0\DR0\TDLFS\serf332 - copied to quarantine
10:53:58.0261 2848 \Device\Harddisk0\DR0\TDLFS\serf364 - copied to quarantine
10:53:58.0277 2848 \Device\Harddisk0\DR0\TDLFS\bbr264 - copied to quarantine
10:53:58.0289 2848 \Device\Harddisk0\DR0\TDLFS\serf_conf - copied to quarantine
10:53:58.0411 2848 \Device\Harddisk0\DR0\TDLFS\bbr_conf - copied to quarantine
10:53:58.0416 2848 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - will be cured on reboot
10:53:58.0422 2848 \Device\Harddisk0\DR0 - ok
10:53:58.0700 2848 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Cure
10:54:11.0108 5068 Deinitialize success

Edited by kcg421, 28 April 2012 - 11:11 AM.


#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 62,052 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:50 AM

Posted 28 April 2012 - 09:00 PM

Hello. you had alot of rootkits removed.
10:53:38.0682 2848 Detected object count: 1
10:53:38.0683 2848 Actual detected object count: 1
10:53:58.0041 2848 \Device\Harddisk0\DR0\# - copied to quarantine
10:53:58.0042 2848 \Device\Harddisk0\DR0 - copied to quarantine
10:53:58.0115 2848 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
10:53:58.0119 2848 \Device\Harddisk0\DR0\TDLFS\vbr - copied to quarantine
10:53:58.0124 2848 \Device\Harddisk0\DR0\TDLFS\bid - copied to quarantine
10:53:58.0129 2848 \Device\Harddisk0\DR0\TDLFS\affid - copied to quarantine
10:53:58.0133 2848 \Device\Harddisk0\DR0\TDLFS\boot - copied to quarantine
10:53:58.0139 2848 \Device\Harddisk0\DR0\TDLFS\cmd32 - copied to quarantine
10:53:58.0145 2848 \Device\Harddisk0\DR0\TDLFS\cmd64 - copied to quarantine
10:53:58.0150 2848 \Device\Harddisk0\DR0\TDLFS\dbg32 - copied to quarantine
10:53:58.0153 2848 \Device\Harddisk0\DR0\TDLFS\dbg64 - copied to quarantine
10:53:58.0157 2848 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
10:53:58.0161 2848 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
10:53:58.0164 2848 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
10:53:58.0168 2848 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
10:53:58.0171 2848 \Device\Harddisk0\DR0\TDLFS\subid - copied to quarantine
10:53:58.0175 2848 \Device\Harddisk0\DR0\TDLFS\info - copied to quarantine
10:53:58.0178 2848 \Device\Harddisk0\DR0\TDLFS\main - copied to quarantine
10:53:58.0181 2848 \Device\Harddisk0\DR0\TDLFS\mainfb.script - copied to quarantine
10:53:58.0190 2848 \Device\Harddisk0\DR0\TDLFS\com64 - copied to quarantine
10:53:58.0196 2848 \Device\Harddisk0\DR0\TDLFS\bbr232 - copied to quarantine
10:53:58.0203 2848 \Device\Harddisk0\DR0\TDLFS\serf332 - copied to quarantine
10:53:58.0261 2848 \Device\Harddisk0\DR0\TDLFS\serf364 - copied to quarantine
10:53:58.0277 2848 \Device\Harddisk0\DR0\TDLFS\bbr264 - copied to quarantine
10:53:58.0289 2848 \Device\Harddisk0\DR0\TDLFS\serf_conf - copied to quarantine
10:53:58.0411 2848 \Device\Harddisk0\DR0\TDLFS\bbr_conf - copied to quarantine
10:53:58.0416 2848 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - will be cured on reboot
10:53:58.0422 2848 \Device\Harddisk0\DR0 - ok
10:53:58.0700 2848 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Cure
10:54:11.0108 5068 Deinitialize success



You need yo Reboot if you havent.

You cut the installed programs from the list ..I look there for exploitable applications and eisks..

Free Antivirus use this... Avira Antivir



I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#9 kcg421

kcg421
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wis/MN
  • Local time:06:50 AM

Posted 28 April 2012 - 09:40 PM

I didnt cut it when it makes the log every time there is nothing there

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 62,052 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:50 AM

Posted 28 April 2012 - 10:09 PM

Hmmm.. try running with only that checked
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#11 kcg421

kcg421
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wis/MN
  • Local time:06:50 AM

Posted 28 April 2012 - 10:38 PM

nothing again also doing the ESET scan right now waiting for it to get done

Edited by kcg421, 28 April 2012 - 10:44 PM.


#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 62,052 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:50 AM

Posted 28 April 2012 - 10:45 PM

Ok, I will check the tool with its author..

Are the redirects gone now?

Run the ESET scan.. I'll look back in the am..

Edited by boopme, 28 April 2012 - 10:45 PM.

How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#13 kcg421

kcg421
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wis/MN
  • Local time:06:50 AM

Posted 28 April 2012 - 11:06 PM

yes i think they are gone google seams to be running fine every time i type something in... waiting to see if the SMART HDD virus comes back ... was having problems with that too but restored to a privious date and it just came back again later ... ... it would throw up a input error ... like 20 of them and then hide most of my files and log me off my account randomly ... my solution was to restor my system to a privous date which seamed to work but the google alwasy stuck around and later the other virus would come back and do the same thing which i did the same thing ... hapend about 4 times ... now the google one gone ... waitin to see if the other one is too..

#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 62,052 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:50 AM

Posted 28 April 2012 - 11:24 PM

Usually running RKill,MBAm then Tdss killer kills that.
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#15 kcg421

kcg421
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wis/MN
  • Local time:06:50 AM

Posted 29 April 2012 - 03:31 AM

omg it is 3 in the morning and i jsut got down with that scan took 4 or 5 hours ... i got done with the scan and it went to somethign asking me if i want to buy the product and i could not get the log ... this was frustrating :( i will have to post it up this upcoming monday ... only next time i have to do anyting ... ugh this is dissapointing




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users