Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Reventon Infection still there, Removed by MS Security essentials


  • Please log in to reply
8 replies to this topic

#1 red_devil028

red_devil028

  • Members
  • 63 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:19 PM

Posted 04 September 2012 - 01:04 PM

allright,

hectic day with us today...

in the sense we had at apoint 8 Revention infections in, all different versions and the thing seems to have updated, i sent a notice to grinler with the info already...

On 7 of the occasions i have been able to fix it... however, there is one occasion here, with windows XP installed... where i could NOT find any of the data descripted in his help page, neither what i had in my own notes.

Now in My desperation i went to check in the antivirus logs and yep, reventon.lnk was in there with a Trace, and it was quarantined...

However, Starting up in normal mode instead of safe... Reventon startup popped up... as usual...

Restarting in safe mode again checking the MSCONFIG startup list... No reventon trace to find...

Back to manual searching... No result...

As i then went on and made a HJT log...
No result that was pointed out in Grinlers guide...

This is the first and only computer with this symptom... i am not wanting to reinstall at the moment...

I am looking for a possible solution... before the final idea of reinstalling...

Hope anyone can find any ideas, HJT log will only be posted in request and allowance of admins
Current systems: CM STACKER Custom PC / MSI CX 620 / ACER Z5751 Touchscreen

Current role: PC Technician @ Computrac Belgium - Specialisation: Hardware.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:19 PM

Posted 04 September 2012 - 01:06 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 red_devil028

red_devil028
  • Topic Starter

  • Members
  • 63 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:19 PM

Posted 05 September 2012 - 08:22 AM

Shows us no infections, attempted to fix the MBR however... ((don't worry i know what i do)) still no good...

Eset would not want to start the installer. still gives the error, i had it removed for a while disabeling services so i assume it is there somewhere

What i am trying now is via IE history view and check manual in multiple folders... hoping i will find what he does, as long as i can fetch what exe it runs under i know what i do...

Any tools that logs the startup would be great, however, can't find anything for now.




14:25:45.0781 1452 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
14:25:45.0843 1452 ============================================================
14:25:45.0843 1452 Current date / time: 2012/09/05 14:25:45.0843
14:25:45.0843 1452 SystemInfo:
14:25:45.0843 1452
14:25:45.0843 1452 OS Version: 5.1.2600 ServicePack: 3.0
14:25:45.0843 1452 Product type: Workstation
14:25:45.0843 1452 ComputerName: DELLD520
14:25:45.0843 1452 UserName: Gebruiker
14:25:45.0843 1452 Windows directory: C:\WINDOWS
14:25:45.0843 1452 System windows directory: C:\WINDOWS
14:25:45.0843 1452 Processor architecture: Intel x86
14:25:45.0843 1452 Number of processors: 1
14:25:45.0843 1452 Page size: 0x1000
14:25:45.0843 1452 Boot type: Safe boot with network
14:25:45.0843 1452 ============================================================
14:25:48.0015 1452 Drive \Device\Harddisk0\DR0 - Size: 0x950A60000 (37.26 Gb), SectorSize: 0x200, Cylinders: 0x1300, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
14:25:48.0015 1452 Drive \Device\Harddisk1\DR2 - Size: 0x1DD800000 (7.46 Gb), SectorSize: 0x200, Cylinders: 0x3CD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:25:48.0015 1452 ============================================================
14:25:48.0015 1452 \Device\Harddisk0\DR0:
14:25:48.0015 1452 MBR partitions:
14:25:48.0015 1452 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A852C1
14:25:48.0015 1452 \Device\Harddisk1\DR2:
14:25:48.0015 1452 MBR partitions:
14:25:48.0015 1452 \Device\Harddisk1\DR2\Partition1: MBR, Type 0xC, StartLBA 0x1F80, BlocksNum 0xEEA080
14:25:48.0015 1452 ============================================================
14:25:48.0031 1452 C: <-> \Device\Harddisk0\DR0\Partition1
14:25:48.0062 1452 ============================================================
14:25:48.0062 1452 Initialize success
14:25:48.0062 1452 ============================================================
14:26:07.0953 1488 ============================================================
14:26:07.0953 1488 Scan started
14:26:07.0953 1488 Mode: Manual; TDLFS;
14:26:07.0953 1488 ============================================================
14:26:08.0859 1488 ================ Scan system memory ========================
14:26:08.0859 1488 System memory - ok
14:26:08.0859 1488 ================ Scan services =============================
14:26:09.0078 1488 Abiosdsk - ok
14:26:09.0109 1488 abp480n5 - ok
14:26:09.0171 1488 [ 02273A448BA21A7D447DAEB47810D40C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:26:09.0171 1488 ACPI - ok
14:26:09.0296 1488 [ 63F517B1A87DABF3F5ACB8A7952FC1D1 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
14:26:09.0296 1488 ACPIEC - ok
14:26:09.0437 1488 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:26:09.0437 1488 AdobeFlashPlayerUpdateSvc - ok
14:26:09.0468 1488 adpu160m - ok
14:26:09.0562 1488 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
14:26:09.0562 1488 aec - ok
14:26:09.0640 1488 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
14:26:09.0640 1488 AFD - ok
14:26:09.0656 1488 Aha154x - ok
14:26:09.0703 1488 aic78u2 - ok
14:26:09.0718 1488 aic78xx - ok
14:26:09.0765 1488 [ 8BED67D13DCB55B3E9FF6DAC4C6D3B49 ] Alerter C:\WINDOWS\system32\alrsvc.dll
14:26:09.0781 1488 Alerter - ok
14:26:09.0828 1488 [ DAB2A89FDE5CF791161200D90C1BCB12 ] ALG C:\WINDOWS\System32\alg.exe
14:26:09.0828 1488 ALG - ok
14:26:09.0843 1488 AliIde - ok
14:26:09.0875 1488 amsint - ok
14:26:09.0937 1488 [ 434A70FA278EB3C42140E3755C2FA4F8 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
14:26:09.0937 1488 AppMgmt - ok
14:26:09.0984 1488 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
14:26:09.0984 1488 Arp1394 - ok
14:26:10.0000 1488 asc - ok
14:26:10.0031 1488 asc3350p - ok
14:26:10.0062 1488 asc3550 - ok
14:26:10.0187 1488 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
14:26:10.0187 1488 aspnet_state - ok
14:26:10.0234 1488 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:26:10.0234 1488 AsyncMac - ok
14:26:10.0312 1488 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
14:26:10.0312 1488 atapi - ok
14:26:10.0328 1488 Atdisk - ok
14:26:10.0390 1488 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:26:10.0390 1488 Atmarpc - ok
14:26:10.0453 1488 [ F10745ED3195360E69AA4A6E7768C0E0 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
14:26:10.0484 1488 AudioSrv - ok
14:26:10.0531 1488 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
14:26:10.0531 1488 audstub - ok
14:26:10.0593 1488 [ C768C8A463D32C219CE291645A0621A4 ] bcm4sbxp C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
14:26:10.0593 1488 bcm4sbxp - ok
14:26:10.0656 1488 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
14:26:10.0656 1488 Beep - ok
14:26:10.0734 1488 [ 5C0073A51C4873430FA8B262E92183FF ] BITS C:\WINDOWS\system32\qmgr.dll
14:26:10.0750 1488 BITS - ok
14:26:10.0812 1488 [ 139102D1865D3C1F152A25ABD16242DB ] Browser C:\WINDOWS\System32\browser.dll
14:26:10.0812 1488 Browser - ok
14:26:10.0859 1488 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
14:26:10.0859 1488 cbidf2k - ok
14:26:10.0890 1488 cd20xrnt - ok
14:26:10.0921 1488 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
14:26:10.0921 1488 Cdaudio - ok
14:26:11.0000 1488 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
14:26:11.0015 1488 Cdfs - ok
14:26:11.0046 1488 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:26:11.0046 1488 Cdrom - ok
14:26:11.0062 1488 cerc6 - ok
14:26:11.0109 1488 Changer - ok
14:26:11.0156 1488 [ BD85400700B80FBE3D4A3412BCE74861 ] CiSvc C:\WINDOWS\system32\cisvc.exe
14:26:11.0156 1488 CiSvc - ok
14:26:11.0203 1488 [ 4FB6108130829666C8FE96B442FEAD94 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
14:26:11.0203 1488 ClipSrv - ok
14:26:11.0265 1488 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:26:11.0281 1488 clr_optimization_v2.0.50727_32 - ok
14:26:11.0343 1488 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
14:26:11.0359 1488 CmBatt - ok
14:26:11.0375 1488 CmdIde - ok
14:26:11.0421 1488 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
14:26:11.0421 1488 Compbatt - ok
14:26:11.0437 1488 COMSysApp - ok
14:26:11.0468 1488 Cpqarray - ok
14:26:11.0546 1488 [ 0A9CF5D3CF63A8699F28C814EF821C7E ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
14:26:11.0546 1488 CryptSvc - ok
14:26:11.0609 1488 [ BDADECBF7D4FC30B6281B92FA1F7A082 ] cxbp0wdm C:\WINDOWS\system32\DRIVERS\cxbp0wdm.sys
14:26:11.0625 1488 cxbp0wdm - ok
14:26:11.0640 1488 dac2w2k - ok
14:26:11.0671 1488 dac960nt - ok
14:26:11.0750 1488 [ D9883335CC1C17AFC3A09C8AC3E4DBE4 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
14:26:11.0765 1488 DcomLaunch - ok
14:26:11.0796 1488 [ 146AB038F5DBB366122D28444999AB2C ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
14:26:11.0812 1488 Dhcp - ok
14:26:11.0828 1488 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
14:26:11.0828 1488 Disk - ok
14:26:11.0843 1488 dmadmin - ok
14:26:11.0937 1488 [ DEC123E0C75971D0CC7A6C6A75E28429 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
14:26:11.0968 1488 dmboot - ok
14:26:12.0015 1488 [ 7268E66259722F6228C730685B201092 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
14:26:12.0015 1488 dmio - ok
14:26:12.0078 1488 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
14:26:12.0078 1488 dmload - ok
14:26:12.0125 1488 [ 127DB74184E2D3D31655DA525A5EFDE1 ] dmserver C:\WINDOWS\System32\dmserver.dll
14:26:12.0125 1488 dmserver - ok
14:26:12.0218 1488 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
14:26:12.0218 1488 DMusic - ok
14:26:12.0296 1488 [ DE6CDB6CBC5C27B9085CFA6DFE8E5025 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
14:26:12.0296 1488 Dnscache - ok
14:26:12.0359 1488 [ 90EE765E1A598B578852901F74F914F1 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
14:26:12.0359 1488 Dot3svc - ok
14:26:12.0390 1488 dpti2o - ok
14:26:12.0437 1488 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
14:26:12.0437 1488 drmkaud - ok
14:26:12.0484 1488 [ E6BBDEBF7081899D161C773E8D84D015 ] EapHost C:\WINDOWS\System32\eapsvc.dll
14:26:12.0484 1488 EapHost - ok
14:26:12.0531 1488 [ 2F5C7F650B7AF178988946EE4B0D9C01 ] ERSvc C:\WINDOWS\System32\ersvc.dll
14:26:12.0531 1488 ERSvc - ok
14:26:12.0593 1488 [ 657B69389B893F440B07590C9E963F23 ] Eventlog C:\WINDOWS\system32\services.exe
14:26:12.0593 1488 Eventlog - ok
14:26:12.0656 1488 [ 97912DC0679D2DA60CCE589BBC196D72 ] EventSystem C:\WINDOWS\system32\es.dll
14:26:12.0656 1488 EventSystem - ok
14:26:12.0843 1488 [ C37B83B51CDF10E5BB6F78A7E4FED11A ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
14:26:12.0890 1488 EvtEng - ok
14:26:12.0953 1488 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
14:26:12.0953 1488 Fastfat - ok
14:26:13.0046 1488 [ 2D5D4156292150FE571872C1B88E9299 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
14:26:13.0046 1488 FastUserSwitchingCompatibility - ok
14:26:13.0093 1488 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
14:26:13.0093 1488 Fdc - ok
14:26:13.0125 1488 [ 8BFFFB5AC954E19DFDB96D56512AA518 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
14:26:13.0125 1488 Fips - ok
14:26:13.0171 1488 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
14:26:13.0171 1488 Flpydisk - ok
14:26:13.0234 1488 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
14:26:13.0234 1488 FltMgr - ok
14:26:13.0359 1488 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
14:26:13.0359 1488 FontCache3.0.0.0 - ok
14:26:13.0406 1488 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:26:13.0406 1488 Fs_Rec - ok
14:26:13.0421 1488 [ FA8CA22E70245C81FF29C36AF56292FC ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:26:13.0437 1488 Ftdisk - ok
14:26:13.0453 1488 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:26:13.0453 1488 Gpc - ok
14:26:13.0515 1488 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:26:13.0515 1488 HDAudBus - ok
14:26:13.0578 1488 [ 5327BAD9B35C33D2A64B64E4CF282ECD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
14:26:13.0578 1488 helpsvc - ok
14:26:13.0640 1488 [ 10003105AAB8D5A7DB51A9CB3D9F55A3 ] HidServ C:\WINDOWS\System32\hidserv.dll
14:26:13.0656 1488 HidServ - ok
14:26:13.0718 1488 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:26:13.0718 1488 HidUsb - ok
14:26:13.0765 1488 [ 1FF903FFA2DA1704E5A5443D37D8E49E ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
14:26:13.0765 1488 hkmsvc - ok
14:26:13.0812 1488 hpn - ok
14:26:13.0921 1488 [ 5DA42D24712E00728CEA2342A65009B2 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
14:26:13.0921 1488 hpqcxs08 - ok
14:26:13.0968 1488 [ D86A39BF100069444D026D22D9A6E555 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
14:26:13.0968 1488 hpqddsvc - ok
14:26:14.0078 1488 [ A04F4AC48895774A2CF9D1C9EAAACEF0 ] HPSLPSVC C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
14:26:14.0109 1488 HPSLPSVC - ok
14:26:14.0187 1488 [ E8EC1767EA315A39A0DD8989952CA0E9 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys
14:26:14.0234 1488 HSF_DPV - ok
14:26:14.0281 1488 [ 61478FA42EE04562E7F11F4DCA87E9C8 ] HSXHWAZL C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys
14:26:14.0281 1488 HSXHWAZL - ok
14:26:14.0375 1488 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
14:26:14.0375 1488 HTTP - ok
14:26:14.0453 1488 [ 2529C7BA05242BEED0027F554D0513BB ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
14:26:14.0484 1488 HTTPFilter - ok
14:26:14.0546 1488 [ 20330198554B7DDB44403AF21D6AE179 ] hwdatacard C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
14:26:14.0546 1488 hwdatacard - ok
14:26:14.0562 1488 i2omgmt - ok
14:26:14.0593 1488 i2omp - ok
14:26:14.0656 1488 [ C43372D0682F8E32E4EC21117E089EC0 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:26:14.0656 1488 i8042prt - ok
14:26:14.0953 1488 [ E8C7CC369C2FB657E0792AF70DF529E6 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
14:26:15.0187 1488 ialm - ok
14:26:15.0375 1488 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:26:15.0484 1488 idsvc - ok
14:26:15.0531 1488 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
14:26:15.0531 1488 Imapi - ok
14:26:15.0578 1488 [ A117772F94C854DE5D1BBC1F1962B192 ] ImapiService C:\WINDOWS\system32\imapi.exe
14:26:15.0578 1488 ImapiService - ok
14:26:15.0625 1488 ini910u - ok
14:26:15.0656 1488 IntelIde - ok
14:26:15.0718 1488 [ 2D2254FAC267E6B1C7865E8EBEF60C6D ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
14:26:15.0718 1488 intelppm - ok
14:26:15.0781 1488 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
14:26:15.0781 1488 Ip6Fw - ok
14:26:15.0843 1488 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:26:15.0859 1488 IpFilterDriver - ok
14:26:15.0890 1488 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:26:15.0890 1488 IpInIp - ok
14:26:15.0937 1488 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:26:15.0953 1488 IpNat - ok
14:26:15.0984 1488 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:26:15.0984 1488 IPSec - ok
14:26:16.0031 1488 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
14:26:16.0031 1488 IRENUM - ok
14:26:16.0109 1488 [ 0B78E1A31340E1FB1E389D5633F7C3A0 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:26:16.0109 1488 isapnp - ok
14:26:16.0203 1488 [ 381B25DC8E958D905B33130D500BBF29 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
14:26:16.0218 1488 JavaQuickStarterService - ok
14:26:16.0281 1488 [ 380397621E94B32C744E7B2CC1330390 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:26:16.0281 1488 Kbdclass - ok
14:26:16.0328 1488 [ B833B70FE639F01FB36CEDABE57EF031 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
14:26:16.0328 1488 kbdhid - ok
14:26:16.0390 1488 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
14:26:16.0390 1488 kmixer - ok
14:26:16.0453 1488 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
14:26:16.0468 1488 KSecDD - ok
14:26:16.0531 1488 [ C7955E7EDAEA462D04F1C4BE1D340372 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
14:26:16.0531 1488 LanmanServer - ok
14:26:16.0593 1488 [ A936A575EAF6DCE8DC08BC0C53972ADD ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
14:26:16.0609 1488 lanmanworkstation - ok
14:26:16.0640 1488 lbrtfdc - ok
14:26:16.0718 1488 [ 91AE20C5C2776C511994AA1308C05283 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
14:26:16.0718 1488 LmHosts - ok
14:26:16.0765 1488 [ E246A32C445056996074A397DA56E815 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
14:26:16.0765 1488 mdmxsdk - ok
14:26:16.0812 1488 [ C56A45A03DCA11712DE9FDF98224230B ] Messenger C:\WINDOWS\System32\msgsvc.dll
14:26:16.0812 1488 Messenger - ok
14:26:16.0921 1488 Microsoft SharePoint Workspace Audit Service - ok
14:26:16.0968 1488 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
14:26:16.0968 1488 mnmdd - ok
14:26:17.0046 1488 [ 5B1D994DCF1895AFA27600E46A2F0FEA ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
14:26:17.0046 1488 mnmsrvc - ok
14:26:17.0093 1488 [ 8114EEAC353F549331AB73E9AF4219ED ] Modem C:\WINDOWS\system32\drivers\Modem.sys
14:26:17.0093 1488 Modem - ok
14:26:17.0125 1488 [ 1A4E2214DD63E4A876463D3427EE8261 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:26:17.0125 1488 Mouclass - ok
14:26:17.0187 1488 [ 18017899254E01371E1A39754D6BF98C ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:26:17.0187 1488 mouhid - ok
14:26:17.0234 1488 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
14:26:17.0234 1488 MountMgr - ok
14:26:17.0265 1488 [ D993BEA500E7382DC4E760BF4F35EFCB ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
14:26:17.0265 1488 MpFilter - ok
14:26:17.0296 1488 mraid35x - ok
14:26:17.0359 1488 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:26:17.0359 1488 MRxDAV - ok
14:26:17.0437 1488 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:26:17.0453 1488 MRxSmb - ok
14:26:17.0531 1488 [ 21EA21984D7D1AD50DB2E627020AB14C ] MSDTC C:\WINDOWS\system32\msdtc.exe
14:26:17.0531 1488 MSDTC - ok
14:26:17.0609 1488 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
14:26:17.0609 1488 Msfs - ok
14:26:17.0625 1488 MSIServer - ok
14:26:17.0687 1488 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:26:17.0703 1488 MSKSSRV - ok
14:26:17.0781 1488 [ 24516BF4E12A46CB67302E2CDCB8CDDF ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
14:26:17.0812 1488 MsMpSvc - ok
14:26:17.0859 1488 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:26:17.0890 1488 MSPCLOCK - ok
14:26:17.0921 1488 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
14:26:17.0921 1488 MSPQM - ok
14:26:17.0968 1488 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:26:17.0968 1488 mssmbios - ok
14:26:18.0000 1488 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
14:26:18.0015 1488 Mup - ok
14:26:18.0078 1488 [ 87E394C810794D3C70CF22E8316CB23E ] napagent C:\WINDOWS\System32\qagentrt.dll
14:26:18.0093 1488 napagent - ok
14:26:18.0156 1488 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
14:26:18.0156 1488 NDIS - ok
14:26:18.0187 1488 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:26:18.0187 1488 NdisTapi - ok
14:26:18.0234 1488 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:26:18.0234 1488 Ndisuio - ok
14:26:18.0296 1488 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:26:18.0296 1488 NdisWan - ok
14:26:18.0359 1488 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
14:26:18.0359 1488 NDProxy - ok
14:26:18.0437 1488 [ A081CB6FB9A12668F233EB5414BE3A0E ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
14:26:18.0453 1488 Net Driver HPZ12 - ok
14:26:18.0484 1488 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
14:26:18.0484 1488 NetBIOS - ok
14:26:18.0515 1488 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
14:26:18.0531 1488 NetBT - ok
14:26:18.0578 1488 [ DC6BAE085E9B3C2F3A963ED46791FEAB ] NetDDE C:\WINDOWS\system32\netdde.exe
14:26:18.0593 1488 NetDDE - ok
14:26:18.0609 1488 [ DC6BAE085E9B3C2F3A963ED46791FEAB ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
14:26:18.0625 1488 NetDDEdsdm - ok
14:26:18.0671 1488 [ 8754210A3399D19610CE2D71E0C3E5D9 ] Netlogon C:\WINDOWS\system32\lsass.exe
14:26:18.0671 1488 Netlogon - ok
14:26:18.0718 1488 [ 5431FB616ECAE0D587C5B97D0B86CBD8 ] Netman C:\WINDOWS\System32\netman.dll
14:26:18.0734 1488 Netman - ok
14:26:18.0781 1488 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:26:18.0796 1488 NetTcpPortSharing - ok
14:26:19.0015 1488 [ 91F027C242D3FF6E5C09F92A0518297F ] NETw5x32 C:\WINDOWS\system32\DRIVERS\NETw5x32.sys
14:26:19.0218 1488 NETw5x32 - ok
14:26:19.0281 1488 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
14:26:19.0281 1488 NIC1394 - ok
14:26:19.0328 1488 [ 4522CBE00A9E9EEE36AA82ED4B319148 ] Nla C:\WINDOWS\System32\mswsock.dll
14:26:19.0343 1488 Nla - ok
14:26:19.0390 1488 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
14:26:19.0390 1488 Npfs - ok
14:26:19.0437 1488 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
14:26:19.0468 1488 Ntfs - ok
14:26:19.0515 1488 [ 8754210A3399D19610CE2D71E0C3E5D9 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
14:26:19.0515 1488 NtLmSsp - ok
14:26:19.0578 1488 [ AC1A78237B53044735693633F8235468 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
14:26:19.0593 1488 NtmsSvc - ok
14:26:19.0640 1488 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
14:26:19.0640 1488 Null - ok
14:26:19.0703 1488 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:26:19.0703 1488 NwlnkFlt - ok
14:26:19.0734 1488 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:26:19.0734 1488 NwlnkFwd - ok
14:26:19.0796 1488 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
14:26:19.0796 1488 ohci1394 - ok
14:26:19.0812 1488 ooqa - ok
14:26:19.0968 1488 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:26:19.0968 1488 ose - ok
14:26:20.0250 1488 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:26:20.0453 1488 osppsvc - ok
14:26:20.0515 1488 [ E3934CCC20A4D24F1924E13D36D2A5BD ] Parport C:\WINDOWS\system32\drivers\Parport.sys
14:26:20.0531 1488 Parport - ok
14:26:20.0578 1488 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
14:26:20.0578 1488 PartMgr - ok
14:26:20.0640 1488 [ 1EADE28746A64C21E0A808BB12A63326 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
14:26:20.0640 1488 ParVdm - ok
14:26:20.0718 1488 [ 3B166F9F753C21AEDAA9A6BD76B49655 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
14:26:20.0718 1488 PCI - ok
14:26:20.0750 1488 PCIDump - ok
14:26:20.0781 1488 [ B31EDEBA4DA28283F6B8DC4756FB9585 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
14:26:20.0781 1488 PCIIde - ok
14:26:20.0828 1488 [ 2137FFD65F8E609A3A5ACD487C56CCE0 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
14:26:20.0828 1488 Pcmcia - ok
14:26:20.0859 1488 PDCOMP - ok
14:26:20.0906 1488 PDFRAME - ok
14:26:20.0921 1488 PDRELI - ok
14:26:20.0953 1488 PDRFRAME - ok
14:26:20.0984 1488 perc2 - ok
14:26:21.0015 1488 perc2hib - ok
14:26:21.0109 1488 [ 657B69389B893F440B07590C9E963F23 ] PlugPlay C:\WINDOWS\system32\services.exe
14:26:21.0109 1488 PlugPlay - ok
14:26:21.0203 1488 [ 65BC271F337637731D3C71455AE1F476 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
14:26:21.0203 1488 Pml Driver HPZ12 - ok
14:26:21.0250 1488 [ 8754210A3399D19610CE2D71E0C3E5D9 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
14:26:21.0250 1488 PolicyAgent - ok
14:26:21.0281 1488 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:26:21.0281 1488 PptpMiniport - ok
14:26:21.0312 1488 [ 8754210A3399D19610CE2D71E0C3E5D9 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
14:26:21.0312 1488 ProtectedStorage - ok
14:26:21.0343 1488 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
14:26:21.0343 1488 PSched - ok
14:26:21.0375 1488 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:26:21.0390 1488 Ptilink - ok
14:26:21.0406 1488 ql1080 - ok
14:26:21.0421 1488 Ql10wnt - ok
14:26:21.0453 1488 ql12160 - ok
14:26:21.0484 1488 ql1240 - ok
14:26:21.0500 1488 ql1280 - ok
14:26:21.0546 1488 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:26:21.0546 1488 RasAcd - ok
14:26:21.0578 1488 [ 0575D034B1292CA3A9BB9F67A8EE289C ] RasAuto C:\WINDOWS\System32\rasauto.dll
14:26:21.0593 1488 RasAuto - ok
14:26:21.0625 1488 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:26:21.0625 1488 Rasl2tp - ok
14:26:21.0671 1488 [ 9E7E2DF6971A5F00102BE3F901CC3BDC ] RasMan C:\WINDOWS\System32\rasmans.dll
14:26:21.0671 1488 RasMan - ok
14:26:21.0687 1488 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:26:21.0703 1488 RasPppoe - ok
14:26:21.0718 1488 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
14:26:21.0718 1488 Raspti - ok
14:26:21.0750 1488 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:26:21.0765 1488 Rdbss - ok
14:26:21.0781 1488 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:26:21.0796 1488 RDPCDD - ok
14:26:21.0875 1488 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
14:26:21.0890 1488 rdpdr - ok
14:26:22.0000 1488 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
14:26:22.0000 1488 RDPWD - ok
14:26:22.0031 1488 [ EA9FDF71D696B532BDC44C8BFF03A737 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
14:26:22.0046 1488 RDSessMgr - ok
14:26:22.0078 1488 [ 4173BC66E485FD77A03C4819F60BD0DA ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
14:26:22.0093 1488 redbook - ok
14:26:22.0218 1488 [ C96980CCCF84329824623B0B50383703 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
14:26:22.0218 1488 RegSrvc - ok
14:26:22.0281 1488 [ 4007ABF5D9BF0E55451D775443D1F985 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
14:26:22.0296 1488 RemoteAccess - ok
14:26:22.0343 1488 [ 2FD5B89BF9289C774C5C730DEA96CD91 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
14:26:22.0343 1488 RemoteRegistry - ok
14:26:22.0390 1488 [ BE078F8F7EC2491EFDD79A53353A060F ] RpcLocator C:\WINDOWS\system32\locator.exe
14:26:22.0406 1488 RpcLocator - ok
14:26:22.0484 1488 [ D9883335CC1C17AFC3A09C8AC3E4DBE4 ] RpcSs C:\WINDOWS\system32\rpcss.dll
14:26:22.0484 1488 RpcSs - ok
14:26:22.0546 1488 [ AD1B5F1B99FFF08C99F443D784711A81 ] RSVP C:\WINDOWS\system32\rsvp.exe
14:26:22.0546 1488 RSVP - ok
14:26:22.0640 1488 [ 0FCB7EEB0E81A777735A5AF185F56C2B ] S24EventMonitor C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
14:26:22.0687 1488 S24EventMonitor - ok
14:26:22.0765 1488 [ 96B4494D4734970F47C566E098C4F527 ] s24trans C:\WINDOWS\system32\DRIVERS\s24trans.sys
14:26:22.0765 1488 s24trans - ok
14:26:22.0796 1488 [ 8754210A3399D19610CE2D71E0C3E5D9 ] SamSs C:\WINDOWS\system32\lsass.exe
14:26:22.0796 1488 SamSs - ok
14:26:22.0859 1488 [ 1B4CD62174E907C7EF8EC5D4D0A2A616 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
14:26:22.0859 1488 SCardSvr - ok
14:26:22.0921 1488 [ 7C288AE0F75CB18CFF1DF6179A67AD8F ] Schedule C:\WINDOWS\system32\schedsvc.dll
14:26:22.0921 1488 Schedule - ok
14:26:22.0968 1488 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:26:22.0968 1488 Secdrv - ok
14:26:23.0046 1488 [ 6983665BEA867125B1DA5757CD8B2F9D ] seclogon C:\WINDOWS\System32\seclogon.dll
14:26:23.0046 1488 seclogon - ok
14:26:23.0062 1488 [ F6EC8F1E50E40237BDDEE1CB7FE20B42 ] SENS C:\WINDOWS\system32\sens.dll
14:26:23.0062 1488 SENS - ok
14:26:23.0093 1488 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
14:26:23.0109 1488 serenum - ok
14:26:23.0125 1488 [ 92C21762653BB2CE51147EB8A9AA654F ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
14:26:23.0125 1488 Serial - ok
14:26:23.0187 1488 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
14:26:23.0187 1488 Sfloppy - ok
14:26:23.0265 1488 [ 7579C4BE909D47F10F3D8D801CB13ED9 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
14:26:23.0265 1488 SharedAccess - ok
14:26:23.0343 1488 [ 2D5D4156292150FE571872C1B88E9299 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
14:26:23.0343 1488 ShellHWDetection - ok
14:26:23.0375 1488 Simbad - ok
14:26:23.0453 1488 Sparrow - ok
14:26:23.0531 1488 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
14:26:23.0531 1488 splitter - ok
14:26:23.0593 1488 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
14:26:23.0593 1488 Spooler - ok
14:26:23.0640 1488 [ 64D2A7640E0767ECD3BCB38D3200E7CE ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
14:26:23.0640 1488 sr - ok
14:26:23.0703 1488 [ 81CBF363C414620CAA61BD6843D8FDB9 ] srservice C:\WINDOWS\system32\srsvc.dll
14:26:23.0703 1488 srservice - ok
14:26:23.0765 1488 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
14:26:23.0765 1488 Srv - ok
14:26:23.0828 1488 [ 5B9D0DE64BE96A806819516440FD211C ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
14:26:23.0828 1488 SSDPSRV - ok
14:26:23.0937 1488 [ 951801DFB54D86F611F0AF47825476F9 ] STHDA C:\WINDOWS\system32\drivers\sthda.sys
14:26:24.0000 1488 STHDA - ok
14:26:24.0062 1488 [ BF8AA066BB0398DDCBC9573153D39B8C ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
14:26:24.0062 1488 StillCam - ok
14:26:24.0109 1488 [ 5AE996186D2DC694FEF88F14A3FC9242 ] stisvc C:\WINDOWS\system32\wiaservc.dll
14:26:24.0125 1488 stisvc - ok
14:26:24.0171 1488 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
14:26:24.0171 1488 swenum - ok
14:26:24.0203 1488 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
14:26:24.0203 1488 swmidi - ok
14:26:24.0218 1488 SwPrv - ok
14:26:24.0250 1488 symc810 - ok
14:26:24.0265 1488 symc8xx - ok
14:26:24.0296 1488 sym_hi - ok
14:26:24.0328 1488 sym_u3 - ok
14:26:24.0359 1488 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
14:26:24.0359 1488 sysaudio - ok
14:26:24.0437 1488 [ 251EAE7C56C6AB9490311A3C9757E18D ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
14:26:24.0437 1488 SysmonLog - ok
14:26:24.0500 1488 [ 2BC9FB448F0C2394FF53C83A7BB04731 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
14:26:24.0515 1488 TapiSrv - ok
14:26:24.0562 1488 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:26:24.0562 1488 Tcpip - ok
14:26:24.0625 1488 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
14:26:24.0625 1488 TDPIPE - ok
14:26:24.0687 1488 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
14:26:24.0687 1488 TDTCP - ok
14:26:24.0734 1488 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
14:26:24.0734 1488 TermDD - ok
14:26:24.0781 1488 [ E0AEF86A594C9990D6321C5CA239C5B7 ] TermService C:\WINDOWS\System32\termsrv.dll
14:26:24.0781 1488 TermService - ok
14:26:24.0843 1488 [ 2D5D4156292150FE571872C1B88E9299 ] Themes C:\WINDOWS\System32\shsvcs.dll
14:26:24.0859 1488 Themes - ok
14:26:24.0921 1488 [ 78A2FE13662A119875F10E9FFCB49A8F ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
14:26:24.0921 1488 TlntSvr - ok
14:26:24.0937 1488 TosIde - ok
14:26:24.0984 1488 [ 20655E8CA1C78BC7088B18E93806D21B ] TrkWks C:\WINDOWS\system32\trkwks.dll
14:26:24.0984 1488 TrkWks - ok
14:26:25.0109 1488 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
14:26:25.0109 1488 Udfs - ok
14:26:25.0125 1488 UIUSys - ok
14:26:25.0156 1488 ultra - ok
14:26:25.0234 1488 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
14:26:25.0234 1488 Update - ok
14:26:25.0296 1488 [ 01653D6C9604F1FB31A76EC94E08954F ] upnphost C:\WINDOWS\System32\upnphost.dll
14:26:25.0296 1488 upnphost - ok
14:26:25.0328 1488 [ A89796DD0DE24CF03B3A39407E1F46A3 ] UPS C:\WINDOWS\System32\ups.exe
14:26:25.0343 1488 UPS - ok
14:26:25.0484 1488 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
14:26:25.0484 1488 usbaudio - ok
14:26:25.0562 1488 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:26:25.0562 1488 usbccgp - ok
14:26:25.0640 1488 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:26:25.0640 1488 usbehci - ok
14:26:25.0703 1488 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:26:25.0703 1488 usbhub - ok
14:26:25.0750 1488 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
14:26:25.0750 1488 usbprint - ok
14:26:25.0812 1488 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:26:25.0812 1488 usbscan - ok
14:26:25.0875 1488 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:26:25.0875 1488 USBSTOR - ok
14:26:25.0906 1488 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
14:26:25.0906 1488 usbuhci - ok
14:26:25.0953 1488 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
14:26:25.0953 1488 VgaSave - ok
14:26:25.0968 1488 ViaIde - ok
14:26:26.0093 1488 [ 2C9965F11443A82538C79FCAC5969183 ] VMCService C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
14:26:26.0093 1488 VMCService - ok
14:26:26.0125 1488 [ 8AB662B3C4691E6DDF61C96BB5B7D103 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
14:26:26.0125 1488 VolSnap - ok
14:26:26.0203 1488 [ A585EDD6965B301DE8A45C6768C7C215 ] VSS C:\WINDOWS\System32\vssvc.exe
14:26:26.0203 1488 VSS - ok
14:26:26.0296 1488 [ 390D8E65F362327AD510B08971478301 ] W32Time C:\WINDOWS\system32\w32time.dll
14:26:26.0312 1488 W32Time - ok
14:26:26.0343 1488 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:26:26.0343 1488 Wanarp - ok
14:26:26.0375 1488 WDICA - ok
14:26:26.0437 1488 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
14:26:26.0437 1488 wdmaud - ok
14:26:26.0484 1488 [ 33D8E2812054D97A0AEC9B8F04277927 ] WebClient C:\WINDOWS\System32\webclnt.dll
14:26:26.0484 1488 WebClient - ok
14:26:26.0546 1488 [ BA6B6FB242A6BA4068C8B763063BEB63 ] winachsf C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys
14:26:26.0578 1488 winachsf - ok
14:26:26.0703 1488 [ F9E105F369C18E4001E0C05AAF600D73 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
14:26:26.0703 1488 winmgmt - ok
14:26:26.0828 1488 [ C9B9942EECA0B82E35D60627E365510A ] WLANKEEPER C:\Program Files\Intel\WiFi\bin\WLKeeper.exe
14:26:26.0843 1488 WLANKEEPER - ok
14:26:26.0921 1488 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
14:26:26.0921 1488 WmdmPmSN - ok
14:26:27.0000 1488 [ 93F8EB8C7CD4E325EC92EDBFC545103D ] Wmi C:\WINDOWS\System32\advapi32.dll
14:26:27.0031 1488 Wmi - ok
14:26:27.0062 1488 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
14:26:27.0062 1488 WmiAcpi - ok
14:26:27.0156 1488 [ 87F11D161207C7063EDABAC0AADC33C3 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
14:26:27.0156 1488 WmiApSrv - ok
14:26:27.0312 1488 [ 79A01ACD485687EE602411A06B63A9A5 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
14:26:27.0343 1488 WMPNetworkSvc - ok
14:26:27.0421 1488 [ 843F7FA8EA38E6A4262976DCC994C81A ] wscsvc C:\WINDOWS\system32\wscsvc.dll
14:26:27.0453 1488 wscsvc - ok
14:26:27.0500 1488 [ 1E8FDDDEF3FE260BADAB06DAE10D753A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
14:26:27.0515 1488 wuauserv - ok
14:26:27.0593 1488 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
14:26:27.0609 1488 WudfPf - ok
14:26:27.0640 1488 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
14:26:27.0640 1488 WudfRd - ok
14:26:27.0718 1488 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
14:26:27.0734 1488 WudfSvc - ok
14:26:27.0812 1488 [ E99782DBB8FFA2AEE72B31DAC8D8D887 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
14:26:27.0828 1488 WZCSVC - ok
14:26:27.0875 1488 [ FD3C38635808920F8235BF2FED642F54 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
14:26:27.0890 1488 xmlprov - ok
14:26:28.0031 1488 ================ Scan global ===============================
14:26:28.0125 1488 [ 953AD498333B03F7CE547151F96EF241 ] C:\WINDOWS\system32\basesrv.dll
14:26:28.0171 1488 [ C7CC71181F7FD61C49EFF278003827A5 ] C:\WINDOWS\system32\winsrv.dll
14:26:28.0218 1488 [ C7CC71181F7FD61C49EFF278003827A5 ] C:\WINDOWS\system32\winsrv.dll
14:26:28.0250 1488 [ 657B69389B893F440B07590C9E963F23 ] C:\WINDOWS\system32\services.exe
14:26:28.0250 1488 [Global] - ok
14:26:28.0265 1488 ================ Scan MBR ==================================
14:26:28.0296 1488 [ 3051207086651214E435112E51817DC5 ] \Device\Harddisk0\DR0
14:26:28.0562 1488 \Device\Harddisk0\DR0 - ok
14:26:28.0593 1488 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR2
14:26:33.0234 1488 \Device\Harddisk1\DR2 - ok
14:26:33.0250 1488 ================ Scan VBR ==================================
14:26:33.0265 1488 [ D4A0F2C0E8A7E601C61956D5AE2A8647 ] \Device\Harddisk0\DR0\Partition1
14:26:33.0265 1488 \Device\Harddisk0\DR0\Partition1 - ok
14:26:33.0281 1488 [ 0CF720223A828E641FF38A767F2E758C ] \Device\Harddisk1\DR2\Partition1
14:26:33.0281 1488 \Device\Harddisk1\DR2\Partition1 - ok
14:26:33.0296 1488 ============================================================
14:26:33.0296 1488 Scan finished
14:26:33.0296 1488 ============================================================
14:26:33.0343 1480 Detected object count: 0
14:26:33.0343 1480 Actual detected object count: 0
14:27:06.0656 1504 ============================================================
14:27:06.0656 1504 Scan started
14:27:06.0656 1504 Mode: Manual; TDLFS;
14:27:06.0656 1504 ============================================================
14:27:07.0156 1504 ================ Scan system memory ========================
14:27:07.0156 1504 System memory - ok
14:27:07.0171 1504 ================ Scan services =============================
14:27:07.0328 1504 Abiosdsk - ok
14:27:07.0359 1504 abp480n5 - ok
14:27:07.0406 1504 [ 02273A448BA21A7D447DAEB47810D40C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:27:07.0406 1504 ACPI - ok
14:27:07.0468 1504 [ 63F517B1A87DABF3F5ACB8A7952FC1D1 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
14:27:07.0468 1504 ACPIEC - ok
14:27:07.0546 1504 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:27:07.0562 1504 AdobeFlashPlayerUpdateSvc - ok
14:27:07.0578 1504 adpu160m - ok
14:27:07.0656 1504 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
14:27:07.0656 1504 aec - ok
14:27:07.0718 1504 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
14:27:07.0718 1504 AFD - ok
14:27:07.0750 1504 Aha154x - ok
14:27:07.0796 1504 aic78u2 - ok
14:27:07.0812 1504 aic78xx - ok
14:27:07.0875 1504 [ 8BED67D13DCB55B3E9FF6DAC4C6D3B49 ] Alerter C:\WINDOWS\system32\alrsvc.dll
14:27:07.0875 1504 Alerter - ok
14:27:07.0937 1504 [ DAB2A89FDE5CF791161200D90C1BCB12 ] ALG C:\WINDOWS\System32\alg.exe
14:27:07.0937 1504 ALG - ok
14:27:07.0968 1504 AliIde - ok
14:27:08.0000 1504 amsint - ok
14:27:08.0046 1504 [ 434A70FA278EB3C42140E3755C2FA4F8 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
14:27:08.0046 1504 AppMgmt - ok
14:27:08.0093 1504 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
14:27:08.0093 1504 Arp1394 - ok
14:27:08.0125 1504 asc - ok
14:27:08.0156 1504 asc3350p - ok
14:27:08.0187 1504 asc3550 - ok
14:27:08.0312 1504 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
14:27:08.0312 1504 aspnet_state - ok
14:27:08.0359 1504 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:27:08.0359 1504 AsyncMac - ok
14:27:08.0421 1504 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
14:27:08.0421 1504 atapi - ok
14:27:08.0437 1504 Atdisk - ok
14:27:08.0484 1504 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:27:08.0500 1504 Atmarpc - ok
14:27:08.0546 1504 [ F10745ED3195360E69AA4A6E7768C0E0 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
14:27:08.0546 1504 AudioSrv - ok
14:27:08.0593 1504 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
14:27:08.0593 1504 audstub - ok
14:27:08.0671 1504 [ C768C8A463D32C219CE291645A0621A4 ] bcm4sbxp C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
14:27:08.0671 1504 bcm4sbxp - ok
14:27:08.0734 1504 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
14:27:08.0734 1504 Beep - ok
14:27:08.0812 1504 [ 5C0073A51C4873430FA8B262E92183FF ] BITS C:\WINDOWS\system32\qmgr.dll
14:27:08.0828 1504 BITS - ok
14:27:08.0890 1504 [ 139102D1865D3C1F152A25ABD16242DB ] Browser C:\WINDOWS\System32\browser.dll
14:27:08.0890 1504 Browser - ok
14:27:08.0921 1504 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
14:27:08.0921 1504 cbidf2k - ok
14:27:08.0968 1504 cd20xrnt - ok
14:27:09.0015 1504 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
14:27:09.0015 1504 Cdaudio - ok
14:27:09.0062 1504 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
14:27:09.0062 1504 Cdfs - ok
14:27:09.0109 1504 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:27:09.0109 1504 Cdrom - ok
14:27:09.0140 1504 cerc6 - ok
14:27:09.0187 1504 Changer - ok
14:27:09.0234 1504 [ BD85400700B80FBE3D4A3412BCE74861 ] CiSvc C:\WINDOWS\system32\cisvc.exe
14:27:09.0234 1504 CiSvc - ok
14:27:09.0281 1504 [ 4FB6108130829666C8FE96B442FEAD94 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
14:27:09.0281 1504 ClipSrv - ok
14:27:09.0328 1504 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:27:09.0343 1504 clr_optimization_v2.0.50727_32 - ok
14:27:09.0406 1504 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
14:27:09.0406 1504 CmBatt - ok
14:27:09.0437 1504 CmdIde - ok
14:27:09.0468 1504 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
14:27:09.0468 1504 Compbatt - ok
14:27:09.0484 1504 COMSysApp - ok
14:27:09.0546 1504 Cpqarray - ok
14:27:09.0578 1504 [ 0A9CF5D3CF63A8699F28C814EF821C7E ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
14:27:09.0578 1504 CryptSvc - ok
14:27:09.0625 1504 [ BDADECBF7D4FC30B6281B92FA1F7A082 ] cxbp0wdm C:\WINDOWS\system32\DRIVERS\cxbp0wdm.sys
14:27:09.0625 1504 cxbp0wdm - ok
14:27:09.0656 1504 dac2w2k - ok
14:27:09.0671 1504 dac960nt - ok
14:27:09.0750 1504 [ D9883335CC1C17AFC3A09C8AC3E4DBE4 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
14:27:09.0750 1504 DcomLaunch - ok
14:27:09.0796 1504 [ 146AB038F5DBB366122D28444999AB2C ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
14:27:09.0796 1504 Dhcp - ok
14:27:09.0812 1504 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
14:27:09.0812 1504 Disk - ok
14:27:09.0843 1504 dmadmin - ok
14:27:09.0937 1504 [ DEC123E0C75971D0CC7A6C6A75E28429 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
14:27:09.0937 1504 dmboot - ok
14:27:09.0984 1504 [ 7268E66259722F6228C730685B201092 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
14:27:09.0984 1504 dmio - ok
14:27:10.0046 1504 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
14:27:10.0046 1504 dmload - ok
14:27:10.0078 1504 [ 127DB74184E2D3D31655DA525A5EFDE1 ] dmserver C:\WINDOWS\System32\dmserver.dll
14:27:10.0078 1504 dmserver - ok
14:27:10.0156 1504 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
14:27:10.0156 1504 DMusic - ok
14:27:10.0218 1504 [ DE6CDB6CBC5C27B9085CFA6DFE8E5025 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
14:27:10.0218 1504 Dnscache - ok
14:27:10.0281 1504 [ 90EE765E1A598B578852901F74F914F1 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
14:27:10.0281 1504 Dot3svc - ok
14:27:10.0312 1504 dpti2o - ok
14:27:10.0359 1504 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
14:27:10.0359 1504 drmkaud - ok
14:27:10.0406 1504 [ E6BBDEBF7081899D161C773E8D84D015 ] EapHost C:\WINDOWS\System32\eapsvc.dll
14:27:10.0406 1504 EapHost - ok
14:27:10.0437 1504 [ 2F5C7F650B7AF178988946EE4B0D9C01 ] ERSvc C:\WINDOWS\System32\ersvc.dll
14:27:10.0437 1504 ERSvc - ok
14:27:10.0531 1504 [ 657B69389B893F440B07590C9E963F23 ] Eventlog C:\WINDOWS\system32\services.exe
14:27:10.0531 1504 Eventlog - ok
14:27:10.0578 1504 [ 97912DC0679D2DA60CCE589BBC196D72 ] EventSystem C:\WINDOWS\system32\es.dll
14:27:10.0578 1504 EventSystem - ok
14:27:10.0750 1504 [ C37B83B51CDF10E5BB6F78A7E4FED11A ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
14:27:10.0765 1504 EvtEng - ok
14:27:10.0843 1504 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
14:27:10.0843 1504 Fastfat - ok
14:27:10.0906 1504 [ 2D5D4156292150FE571872C1B88E9299 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
14:27:10.0906 1504 FastUserSwitchingCompatibility - ok
14:27:10.0937 1504 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
14:27:10.0937 1504 Fdc - ok
14:27:10.0984 1504 [ 8BFFFB5AC954E19DFDB96D56512AA518 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
14:27:10.0984 1504 Fips - ok
14:27:11.0015 1504 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
14:27:11.0015 1504 Flpydisk - ok
14:27:11.0078 1504 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
14:27:11.0078 1504 FltMgr - ok
14:27:11.0187 1504 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
14:27:11.0187 1504 FontCache3.0.0.0 - ok
14:27:11.0218 1504 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:27:11.0218 1504 Fs_Rec - ok
14:27:11.0250 1504 [ FA8CA22E70245C81FF29C36AF56292FC ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:27:11.0250 1504 Ftdisk - ok
14:27:11.0296 1504 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:27:11.0296 1504 Gpc - ok
14:27:11.0359 1504 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:27:11.0375 1504 HDAudBus - ok
14:27:11.0453 1504 [ 5327BAD9B35C33D2A64B64E4CF282ECD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
14:27:11.0453 1504 helpsvc - ok
14:27:11.0484 1504 [ 10003105AAB8D5A7DB51A9CB3D9F55A3 ] HidServ C:\WINDOWS\System32\hidserv.dll
14:27:11.0484 1504 HidServ - ok
14:27:11.0531 1504 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:27:11.0531 1504 HidUsb - ok
14:27:11.0578 1504 [ 1FF903FFA2DA1704E5A5443D37D8E49E ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
14:27:11.0578 1504 hkmsvc - ok
14:27:11.0609 1504 hpn - ok
14:27:11.0734 1504 [ 5DA42D24712E00728CEA2342A65009B2 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
14:27:11.0734 1504 hpqcxs08 - ok
14:27:11.0796 1504 [ D86A39BF100069444D026D22D9A6E555 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
14:27:11.0796 1504 hpqddsvc - ok
14:27:11.0875 1504 [ A04F4AC48895774A2CF9D1C9EAAACEF0 ] HPSLPSVC C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
14:27:11.0875 1504 HPSLPSVC - ok
14:27:11.0953 1504 [ E8EC1767EA315A39A0DD8989952CA0E9 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys
14:27:11.0968 1504 HSF_DPV - ok
14:27:12.0000 1504 [ 61478FA42EE04562E7F11F4DCA87E9C8 ] HSXHWAZL C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys
14:27:12.0000 1504 HSXHWAZL - ok
14:27:12.0062 1504 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
14:27:12.0062 1504 HTTP - ok
14:27:12.0125 1504 [ 2529C7BA05242BEED0027F554D0513BB ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
14:27:12.0125 1504 HTTPFilter - ok
14:27:12.0187 1504 [ 20330198554B7DDB44403AF21D6AE179 ] hwdatacard C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
14:27:12.0187 1504 hwdatacard - ok
14:27:12.0218 1504 i2omgmt - ok
14:27:12.0234 1504 i2omp - ok
14:27:12.0296 1504 [ C43372D0682F8E32E4EC21117E089EC0 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:27:12.0296 1504 i8042prt - ok
14:27:12.0593 1504 [ E8C7CC369C2FB657E0792AF70DF529E6 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
14:27:12.0656 1504 ialm - ok
14:27:12.0828 1504 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:27:12.0828 1504 idsvc - ok
14:27:12.0906 1504 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
14:27:12.0906 1504 Imapi - ok
14:27:12.0953 1504 [ A117772F94C854DE5D1BBC1F1962B192 ] ImapiService C:\WINDOWS\system32\imapi.exe
14:27:12.0953 1504 ImapiService - ok
14:27:13.0000 1504 ini910u - ok
14:27:13.0031 1504 IntelIde - ok
14:27:13.0093 1504 [ 2D2254FAC267E6B1C7865E8EBEF60C6D ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
14:27:13.0093 1504 intelppm - ok
14:27:13.0140 1504 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
14:27:13.0140 1504 Ip6Fw - ok
14:27:13.0203 1504 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:27:13.0203 1504 IpFilterDriver - ok
14:27:13.0250 1504 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:27:13.0250 1504 IpInIp - ok
14:27:13.0296 1504 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:27:13.0296 1504 IpNat - ok
14:27:13.0328 1504 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:27:13.0328 1504 IPSec - ok
14:27:13.0390 1504 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
14:27:13.0390 1504 IRENUM - ok
14:27:13.0468 1504 [ 0B78E1A31340E1FB1E389D5633F7C3A0 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:27:13.0468 1504 isapnp - ok
14:27:13.0578 1504 [ 381B25DC8E958D905B33130D500BBF29 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
14:27:13.0578 1504 JavaQuickStarterService - ok
14:27:13.0640 1504 [ 380397621E94B32C744E7B2CC1330390 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:27:13.0640 1504 Kbdclass - ok
14:27:13.0671 1504 [ B833B70FE639F01FB36CEDABE57EF031 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
14:27:13.0671 1504 kbdhid - ok
14:27:13.0734 1504 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
14:27:13.0734 1504 kmixer - ok
14:27:13.0796 1504 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
14:27:13.0796 1504 KSecDD - ok
14:27:13.0875 1504 [ C7955E7EDAEA462D04F1C4BE1D340372 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
14:27:13.0875 1504 LanmanServer - ok
14:27:13.0937 1504 [ A936A575EAF6DCE8DC08BC0C53972ADD ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
14:27:13.0937 1504 lanmanworkstation - ok
14:27:13.0968 1504 lbrtfdc - ok
14:27:14.0046 1504 [ 91AE20C5C2776C511994AA1308C05283 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
14:27:14.0046 1504 LmHosts - ok
14:27:14.0093 1504 [ E246A32C445056996074A397DA56E815 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
14:27:14.0093 1504 mdmxsdk - ok
14:27:14.0140 1504 [ C56A45A03DCA11712DE9FDF98224230B ] Messenger C:\WINDOWS\System32\msgsvc.dll
14:27:14.0140 1504 Messenger - ok
14:27:14.0234 1504 Microsoft SharePoint Workspace Audit Service - ok
14:27:14.0296 1504 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
14:27:14.0296 1504 mnmdd - ok
14:27:14.0343 1504 [ 5B1D994DCF1895AFA27600E46A2F0FEA ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
14:27:14.0343 1504 mnmsrvc - ok
14:27:14.0390 1504 [ 8114EEAC353F549331AB73E9AF4219ED ] Modem C:\WINDOWS\system32\drivers\Modem.sys
14:27:14.0390 1504 Modem - ok
14:27:14.0406 1504 [ 1A4E2214DD63E4A876463D3427EE8261 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:27:14.0406 1504 Mouclass - ok
14:27:14.0453 1504 [ 18017899254E01371E1A39754D6BF98C ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:27:14.0453 1504 mouhid - ok
14:27:14.0500 1504 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
14:27:14.0500 1504 MountMgr - ok
14:27:14.0546 1504 [ D993BEA500E7382DC4E760BF4F35EFCB ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
14:27:14.0546 1504 MpFilter - ok
14:27:14.0578 1504 mraid35x - ok
14:27:14.0625 1504 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:27:14.0625 1504 MRxDAV - ok
14:27:14.0703 1504 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:27:14.0703 1504 MRxSmb - ok
14:27:14.0765 1504 [ 21EA21984D7D1AD50DB2E627020AB14C ] MSDTC C:\WINDOWS\system32\msdtc.exe
14:27:14.0765 1504 MSDTC - ok
14:27:14.0828 1504 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
14:27:14.0828 1504 Msfs - ok
14:27:14.0859 1504 MSIServer - ok
14:27:14.0906 1504 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:27:14.0921 1504 MSKSSRV - ok
14:27:14.0984 1504 [ 24516BF4E12A46CB67302E2CDCB8CDDF ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
14:27:14.0984 1504 MsMpSvc - ok
14:27:15.0046 1504 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:27:15.0046 1504 MSPCLOCK - ok
14:27:15.0078 1504 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
14:27:15.0078 1504 MSPQM - ok
14:27:15.0140 1504 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:27:15.0140 1504 mssmbios - ok
14:27:15.0187 1504 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
14:27:15.0187 1504 Mup - ok
14:27:15.0234 1504 [ 87E394C810794D3C70CF22E8316CB23E ] napagent C:\WINDOWS\System32\qagentrt.dll
14:27:15.0250 1504 napagent - ok
14:27:15.0281 1504 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
14:27:15.0281 1504 NDIS - ok
14:27:15.0328 1504 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:27:15.0328 1504 NdisTapi - ok
14:27:15.0359 1504 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:27:15.0359 1504 Ndisuio - ok
14:27:15.0437 1504 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:27:15.0437 1504 NdisWan - ok
14:27:15.0484 1504 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
14:27:15.0484 1504 NDProxy - ok
14:27:15.0593 1504 [ A081CB6FB9A12668F233EB5414BE3A0E ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
14:27:15.0593 1504 Net Driver HPZ12 - ok
14:27:15.0640 1504 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
14:27:15.0640 1504 NetBIOS - ok
14:27:15.0671 1504 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
14:27:15.0671 1504 NetBT - ok
14:27:15.0703 1504 [ DC6BAE085E9B3C2F3A963ED46791FEAB ] NetDDE C:\WINDOWS\system32\netdde.exe
14:27:15.0703 1504 NetDDE - ok
14:27:15.0718 1504 [ DC6BAE085E9B3C2F3A963ED46791FEAB ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
14:27:15.0718 1504 NetDDEdsdm - ok
14:27:15.0750 1504 [ 8754210A3399D19610CE2D71E0C3E5D9 ] Netlogon C:\WINDOWS\system32\lsass.exe
14:27:15.0750 1504 Netlogon - ok
14:27:15.0812 1504 [ 5431FB616ECAE0D587C5B97D0B86CBD8 ] Netman C:\WINDOWS\System32\netman.dll
14:27:15.0812 1504 Netman - ok
14:27:15.0875 1504 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:27:15.0875 1504 NetTcpPortSharing - ok
14:27:16.0109 1504 [ 91F027C242D3FF6E5C09F92A0518297F ] NETw5x32 C:\WINDOWS\system32\DRIVERS\NETw5x32.sys
14:27:16.0156 1504 NETw5x32 - ok
14:27:16.0218 1504 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
14:27:16.0218 1504 NIC1394 - ok
14:27:16.0281 1504 [ 4522CBE00A9E9EEE36AA82ED4B319148 ] Nla C:\WINDOWS\System32\mswsock.dll
14:27:16.0281 1504 Nla - ok
14:27:16.0312 1504 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
14:27:16.0312 1504 Npfs - ok
14:27:16.0375 1504 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
14:27:16.0375 1504 Ntfs - ok
14:27:16.0437 1504 [ 8754210A3399D19610CE2D71E0C3E5D9 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
14:27:16.0437 1504 NtLmSsp - ok
14:27:16.0500 1504 [ AC1A78237B53044735693633F8235468 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
14:27:16.0515 1504 NtmsSvc - ok
14:27:16.0562 1504 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
14:27:16.0562 1504 Null - ok
14:27:16.0656 1504 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:27:16.0656 1504 NwlnkFlt - ok
14:27:16.0671 1504 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:27:16.0687 1504 NwlnkFwd - ok
14:27:16.0718 1504 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
14:27:16.0734 1504 ohci1394 - ok
14:27:16.0750 1504 ooqa - ok
14:27:16.0875 1504 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:27:16.0875 1504 ose - ok
14:27:17.0156 1504 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:27:17.0203 1504 osppsvc - ok
14:27:17.0265 1504 [ E3934CCC20A4D24F1924E13D36D2A5BD ] Parport C:\WINDOWS\system32\drivers\Parport.sys
14:27:17.0265 1504 Parport - ok
14:27:17.0328 1504 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
14:27:17.0328 1504 PartMgr - ok
14:27:17.0359 1504 [ 1EADE28746A64C21E0A808BB12A63326 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
14:27:17.0359 1504 ParVdm - ok
14:27:17.0421 1504 [ 3B166F9F753C21AEDAA9A6BD76B49655 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
14:27:17.0421 1504 PCI - ok
14:27:17.0453 1504 PCIDump - ok
14:27:17.0484 1504 [ B31EDEBA4DA28283F6B8DC4756FB9585 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
14:27:17.0484 1504 PCIIde - ok
14:27:17.0531 1504 [ 2137FFD65F8E609A3A5ACD487C56CCE0 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
14:27:17.0531 1504 Pcmcia - ok
14:27:17.0562 1504 PDCOMP - ok
14:27:17.0578 1504 PDFRAME - ok
14:27:17.0609 1504 PDRELI - ok
14:27:17.0640 1504 PDRFRAME - ok
14:27:17.0671 1504 perc2 - ok
14:27:17.0703 1504 perc2hib - ok
14:27:17.0812 1504 [ 657B69389B893F440B07590C9E963F23 ] PlugPlay C:\WINDOWS\system32\services.exe
14:27:17.0812 1504 PlugPlay - ok
14:27:17.0906 1504 [ 65BC271F337637731D3C71455AE1F476 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
14:27:17.0906 1504 Pml Driver HPZ12 - ok
14:27:17.0953 1504 [ 8754210A3399D19610CE2D71E0C3E5D9 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
14:27:17.0953 1504 PolicyAgent - ok
14:27:18.0000 1504 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:27:18.0000 1504 PptpMiniport - ok
14:27:18.0015 1504 [ 8754210A3399D19610CE2D71E0C3E5D9 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
14:27:18.0015 1504 ProtectedStorage - ok
14:27:18.0031 1504 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
14:27:18.0046 1504 PSched - ok
14:27:18.0078 1504 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:27:18.0078 1504 Ptilink - ok
14:27:18.0093 1504 ql1080 - ok
14:27:18.0125 1504 Ql10wnt - ok
14:27:18.0140 1504 ql12160 - ok
14:27:18.0171 1504 ql1240 - ok
14:27:18.0187 1504 ql1280 - ok
14:27:18.0218 1504 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:27:18.0218 1504 RasAcd - ok
14:27:18.0250 1504 [ 0575D034B1292CA3A9BB9F67A8EE289C ] RasAuto C:\WINDOWS\System32\rasauto.dll
14:27:18.0250 1504 RasAuto - ok
14:27:18.0281 1504 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:27:18.0281 1504 Rasl2tp - ok
14:27:18.0328 1504 [ 9E7E2DF6971A5F00102BE3F901CC3BDC ] RasMan C:\WINDOWS\System32\rasmans.dll
14:27:18.0328 1504 RasMan - ok
14:27:18.0343 1504 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:27:18.0343 1504 RasPppoe - ok
14:27:18.0375 1504 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
14:27:18.0375 1504 Raspti - ok
14:27:18.0406 1504 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:27:18.0406 1504 Rdbss - ok
14:27:18.0421 1504 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:27:18.0421 1504 RDPCDD - ok
14:27:18.0531 1504 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
14:27:18.0531 1504 rdpdr - ok
14:27:18.0640 1504 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
14:27:18.0640 1504 RDPWD - ok
14:27:18.0671 1504 [ EA9FDF71D696B532BDC44C8BFF03A737 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
14:27:18.0687 1504 RDSessMgr - ok
14:27:18.0703 1504 [ 4173BC66E485FD77A03C4819F60BD0DA ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
14:27:18.0703 1504 redbook - ok
14:27:18.0812 1504 [ C96980CCCF84329824623B0B50383703 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
14:27:18.0828 1504 RegSrvc - ok
14:27:18.0890 1504 [ 4007ABF5D9BF0E55451D775443D1F985 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
14:27:18.0890 1504 RemoteAccess - ok
14:27:18.0953 1504 [ 2FD5B89BF9289C774C5C730DEA96CD91 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
14:27:18.0953 1504 RemoteRegistry - ok
14:27:19.0015 1504 [ BE078F8F7EC2491EFDD79A53353A060F ] RpcLocator C:\WINDOWS\system32\locator.exe
14:27:19.0015 1504 RpcLocator - ok
14:27:19.0078 1504 [ D9883335CC1C17AFC3A09C8AC3E4DBE4 ] RpcSs C:\WINDOWS\system32\rpcss.dll
14:27:19.0093 1504 RpcSs - ok
14:27:19.0156 1504 [ AD1B5F1B99FFF08C99F443D784711A81 ] RSVP C:\WINDOWS\system32\rsvp.exe
14:27:19.0156 1504 RSVP - ok
14:27:19.0234 1504 [ 0FCB7EEB0E81A777735A5AF185F56C2B ] S24EventMonitor C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
14:27:19.0250 1504 S24EventMonitor - ok
14:27:19.0328 1504 [ 96B4494D4734970F47C566E098C4F527 ] s24trans C:\WINDOWS\system32\DRIVERS\s24trans.sys
14:27:19.0328 1504 s24trans - ok
14:27:19.0359 1504 [ 8754210A3399D19610CE2D71E0C3E5D9 ] SamSs C:\WINDOWS\system32\lsass.exe
14:27:19.0359 1504 SamSs - ok
14:27:19.0421 1504 [ 1B4CD62174E907C7EF8EC5D4D0A2A616 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
14:27:19.0421 1504 SCardSvr - ok
14:27:19.0500 1504 [ 7C288AE0F75CB18CFF1DF6179A67AD8F ] Schedule C:\WINDOWS\system32\schedsvc.dll
14:27:19.0500 1504 Schedule - ok
14:27:19.0546 1504 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:27:19.0546 1504 Secdrv - ok
14:27:19.0609 1504 [ 6983665BEA867125B1DA5757CD8B2F9D ] seclogon C:\WINDOWS\System32\seclogon.dll
14:27:19.0609 1504 seclogon - ok
14:27:19.0640 1504 [ F6EC8F1E50E40237BDDEE1CB7FE20B42 ] SENS C:\WINDOWS\system32\sens.dll
14:27:19.0640 1504 SENS - ok
14:27:19.0671 1504 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
14:27:19.0671 1504 serenum - ok
14:27:19.0718 1504 [ 92C21762653BB2CE51147EB8A9AA654F ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
14:27:19.0718 1504 Serial - ok
14:27:19.0781 1504 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
14:27:19.0781 1504 Sfloppy - ok
14:27:19.0859 1504 [ 7579C4BE909D47F10F3D8D801CB13ED9 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
14:27:19.0859 1504 SharedAccess - ok
14:27:19.0906 1504 [ 2D5D4156292150FE571872C1B88E9299 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
14:27:19.0921 1504 ShellHWDetection - ok
14:27:19.0937 1504 Simbad - ok
14:27:20.0000 1504 Sparrow - ok
14:27:20.0062 1504 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
14:27:20.0062 1504 splitter - ok
14:27:20.0125 1504 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
14:27:20.0125 1504 Spooler - ok
14:27:20.0156 1504 [ 64D2A7640E0767ECD3BCB38D3200E7CE ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
14:27:20.0156 1504 sr - ok
14:27:20.0203 1504 [ 81CBF363C414620CAA61BD6843D8FDB9 ] srservice C:\WINDOWS\system32\srsvc.dll
14:27:20.0203 1504 srservice - ok
14:27:20.0281 1504 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
14:27:20.0281 1504 Srv - ok
14:27:20.0359 1504 [ 5B9D0DE64BE96A806819516440FD211C ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
14:27:20.0359 1504 SSDPSRV - ok
14:27:20.0468 1504 [ 951801DFB54D86F611F0AF47825476F9 ] STHDA C:\WINDOWS\system32\drivers\sthda.sys
14:27:20.0484 1504 STHDA - ok
14:27:20.0546 1504 [ BF8AA066BB0398DDCBC9573153D39B8C ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
14:27:20.0546 1504 StillCam - ok
14:27:20.0593 1504 [ 5AE996186D2DC694FEF88F14A3FC9242 ] stisvc C:\WINDOWS\system32\wiaservc.dll
14:27:20.0609 1504 stisvc - ok
14:27:20.0640 1504 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
14:27:20.0640 1504 swenum - ok
14:27:20.0671 1504 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
14:27:20.0671 1504 swmidi - ok
14:27:20.0703 1504 SwPrv - ok
14:27:20.0734 1504 symc810 - ok
14:27:20.0750 1504 symc8xx - ok
14:27:20.0781 1504 sym_hi - ok
14:27:20.0812 1504 sym_u3 - ok
14:27:20.0843 1504 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
14:27:20.0843 1504 sysaudio - ok
14:27:20.0890 1504 [ 251EAE7C56C6AB9490311A3C9757E18D ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
14:27:20.0890 1504 SysmonLog - ok
14:27:20.0937 1504 [ 2BC9FB448F0C2394FF53C83A7BB04731 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
14:27:20.0937 1504 TapiSrv - ok
14:27:21.0000 1504 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:27:21.0000 1504 Tcpip - ok
14:27:21.0062 1504 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
14:27:21.0062 1504 TDPIPE - ok
14:27:21.0093 1504 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
14:27:21.0109 1504 TDTCP - ok
14:27:21.0156 1504 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
14:27:21.0156 1504 TermDD - ok
14:27:21.0203 1504 [ E0AEF86A594C9990D6321C5CA239C5B7 ] TermService C:\WINDOWS\System32\termsrv.dll
14:27:21.0203 1504 TermService - ok
14:27:21.0234 1504 [ 2D5D4156292150FE571872C1B88E9299 ] Themes C:\WINDOWS\System32\shsvcs.dll
14:27:21.0234 1504 Themes - ok
14:27:21.0296 1504 [ 78A2FE13662A119875F10E9FFCB49A8F ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
14:27:21.0296 1504 TlntSvr - ok
14:27:21.0328 1504 TosIde - ok
14:27:21.0375 1504 [ 20655E8CA1C78BC7088B18E93806D21B ] TrkWks C:\WINDOWS\system32\trkwks.dll
14:27:21.0390 1504 TrkWks - ok
14:27:21.0437 1504 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
14:27:21.0437 1504 Udfs - ok
14:27:21.0468 1504 UIUSys - ok
14:27:21.0484 1504 ultra - ok
14:27:21.0562 1504 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
14:27:21.0562 1504 Update - ok
14:27:21.0625 1504 [ 01653D6C9604F1FB31A76EC94E08954F ] upnphost C:\WINDOWS\System32\upnphost.dll
14:27:21.0625 1504 upnphost - ok
14:27:21.0656 1504 [ A89796DD0DE24CF03B3A39407E1F46A3 ] UPS C:\WINDOWS\System32\ups.exe
14:27:21.0656 1504 UPS - ok
14:27:21.0718 1504 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
14:27:21.0718 1504 usbaudio - ok
14:27:21.0765 1504 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:27:21.0765 1504 usbccgp - ok
14:27:21.0843 1504 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:27:21.0843 1504 usbehci - ok
14:27:21.0890 1504 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:27:21.0890 1504 usbhub - ok
14:27:21.0921 1504 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
14:27:21.0921 1504 usbprint - ok
14:27:21.0984 1504 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:27:21.0984 1504 usbscan - ok
14:27:22.0046 1504 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:27:22.0046 1504 USBSTOR - ok
14:27:22.0078 1504 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
14:27:22.0078 1504 usbuhci - ok
14:27:22.0125 1504 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
14:27:22.0125 1504 VgaSave - ok
14:27:22.0140 1504 ViaIde - ok
14:27:22.0250 1504 [ 2C9965F11443A82538C79FCAC5969183 ] VMCService C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
14:27:22.0250 1504 VMCService - ok
14:27:22.0296 1504 [ 8AB662B3C4691E6DDF61C96BB5B7D103 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
14:27:22.0296 1504 VolSnap - ok
14:27:22.0375 1504 [ A585EDD6965B301DE8A45C6768C7C215 ] VSS C:\WINDOWS\System32\vssvc.exe
14:27:22.0375 1504 VSS - ok
14:27:22.0437 1504 [ 390D8E65F362327AD510B08971478301 ] W32Time C:\WINDOWS\system32\w32time.dll
14:27:22.0453 1504 W32Time - ok
14:27:22.0500 1504 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:27:22.0500 1504 Wanarp - ok
14:27:22.0531 1504 WDICA - ok
14:27:22.0593 1504 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
14:27:22.0593 1504 wdmaud - ok
14:27:22.0640 1504 [ 33D8E2812054D97A0AEC9B8F04277927 ] WebClient C:\WINDOWS\System32\webclnt.dll
14:27:22.0640 1504 WebClient - ok
14:27:22.0734 1504 [ BA6B6FB242A6BA4068C8B763063BEB63 ] winachsf C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys
14:27:22.0734 1504 winachsf - ok
14:27:22.0859 1504 [ F9E105F369C18E4001E0C05AAF600D73 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
14:27:22.0859 1504 winmgmt - ok
14:27:23.0000 1504 [ C9B9942EECA0B82E35D60627E365510A ] WLANKEEPER C:\Program Files\Intel\WiFi\bin\WLKeeper.exe
14:27:23.0000 1504 WLANKEEPER - ok
14:27:23.0062 1504 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
14:27:23.0062 1504 WmdmPmSN - ok
14:27:23.0140 1504 [ 93F8EB8C7CD4E325EC92EDBFC545103D ] Wmi C:\WINDOWS\System32\advapi32.dll
14:27:23.0140 1504 Wmi - ok
14:27:23.0171 1504 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
14:27:23.0171 1504 WmiAcpi - ok
14:27:23.0234 1504 [ 87F11D161207C7063EDABAC0AADC33C3 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
14:27:23.0234 1504 WmiApSrv - ok
14:27:23.0343 1504 [ 79A01ACD485687EE602411A06B63A9A5 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
14:27:23.0359 1504 WMPNetworkSvc - ok
14:27:23.0421 1504 [ 843F7FA8EA38E6A4262976DCC994C81A ] wscsvc C:\WINDOWS\system32\wscsvc.dll
14:27:23.0437 1504 wscsvc - ok
14:27:23.0500 1504 [ 1E8FDDDEF3FE260BADAB06DAE10D753A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
14:27:23.0500 1504 wuauserv - ok
14:27:23.0593 1504 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
14:27:23.0593 1504 WudfPf - ok
14:27:23.0625 1504 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
14:27:23.0625 1504 WudfRd - ok
14:27:23.0671 1504 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
14:27:23.0671 1504 WudfSvc - ok
14:27:23.0750 1504 [ E99782DBB8FFA2AEE72B31DAC8D8D887 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
14:27:23.0750 1504 WZCSVC - ok
14:27:23.0828 1504 [ FD3C38635808920F8235BF2FED642F54 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
14:27:23.0828 1504 xmlprov - ok
14:27:23.0937 1504 ================ Scan global ===============================
14:27:23.0984 1504 [ 953AD498333B03F7CE547151F96EF241 ] C:\WINDOWS\system32\basesrv.dll
14:27:24.0046 1504 [ C7CC71181F7FD61C49EFF278003827A5 ] C:\WINDOWS\system32\winsrv.dll
14:27:24.0078 1504 [ C7CC71181F7FD61C49EFF278003827A5 ] C:\WINDOWS\system32\winsrv.dll
14:27:24.0093 1504 [ 657B69389B893F440B07590C9E963F23 ] C:\WINDOWS\system32\services.exe
14:27:24.0109 1504 [Global] - ok
14:27:24.0109 1504 ================ Scan MBR ==================================
14:27:24.0156 1504 [ 3051207086651214E435112E51817DC5 ] \Device\Harddisk0\DR0
14:27:24.0437 1504 \Device\Harddisk0\DR0 - ok
14:27:24.0468 1504 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR2
14:27:29.0140 1504 \Device\Harddisk1\DR2 - ok
14:27:29.0156 1504 ================ Scan VBR ==================================
14:27:29.0171 1504 [ D4A0F2C0E8A7E601C61956D5AE2A8647 ] \Device\Harddisk0\DR0\Partition1
14:27:29.0171 1504 \Device\Harddisk0\DR0\Partition1 - ok
14:27:29.0187 1504 [ 0CF720223A828E641FF38A767F2E758C ] \Device\Harddisk1\DR2\Partition1
14:27:29.0187 1504 \Device\Harddisk1\DR2\Partition1 - ok
14:27:29.0203 1504 ============================================================
14:27:29.0203 1504 Scan finished
14:27:29.0203 1504 ============================================================
14:27:29.0250 1496 Detected object count: 0
14:27:29.0250 1496 Actual detected object count: 0


---


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-05 14:45:33
-----------------------------
14:45:33.375 OS Version: Windows 5.1.2600 Service Pack 3
14:45:33.375 Number of processors: 1 586 0xE08
14:45:33.375 ComputerName: DELLD520 UserName:
14:45:34.187 Initialize success
14:45:38.078 AVAST engine download error: 0
14:45:46.671 Verifying
14:45:56.687 Disk 0 Windows 501 MBR fixed successfully
14:45:56.718 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
14:45:56.734 Disk 0 Vendor: FUJITSU_MHV2040BH 00850028 Size: 38154MB BusType: 3
14:45:56.750 Disk 0 MBR read successfully
14:45:56.765 Disk 0 MBR scan
14:45:56.781 Disk 0 Windows XP default MBR code
14:45:56.796 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 38154 MB offset 63
14:45:56.828 Disk 0 scanning sectors +78140160
14:45:56.875 Disk 0 scanning C:\WINDOWS\system32\drivers
14:46:02.812 Service scanning
14:46:19.671 Modules scanning
14:46:31.281 Disk 0 trace - called modules:
14:46:32.390 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
14:46:32.453 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86390958]
14:46:32.500 3 CLASSPNP.SYS[f766bfd7] -> nt!IofCallDriver -> \Device\00000072[0x86360030]
14:46:32.562 5 ACPI.sys[f75c1620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x86382d98]
14:46:32.625 Scan finished successfully
14:53:32.734 Disk 0 MBR has been saved successfully to "E:\MBR.dat"
14:53:32.828 The log file has been saved successfully to "E:\aswMBR.txt"
Current systems: CM STACKER Custom PC / MSI CX 620 / ACER Z5751 Touchscreen

Current role: PC Technician @ Computrac Belgium - Specialisation: Hardware.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:19 PM

Posted 05 September 2012 - 08:27 AM

14:45:38.078 AVAST engine download error: 0


boot into SAFEMODE WITH NETWORKING

Update ASWMBR and scan again

Run ESET online scanner and scan

#5 red_devil028

red_devil028
  • Topic Starter

  • Members
  • 63 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:19 PM

Posted 05 September 2012 - 08:59 AM

14:45:38.078 AVAST engine download error: 0


boot into SAFEMODE WITH NETWORKING

Update ASWMBR and scan again

Run ESET online scanner and scan

I allways do that with reventon or any ransomware thing...

However,
I found it. it was under a different folder acting as WWANCFG.exe, putting samples and msconfig screenies on stick and sending to grinler.

Also AnVir seems to be a great program for finding this out, must you make notes for future reference

Thanks
Current systems: CM STACKER Custom PC / MSI CX 620 / ACER Z5751 Touchscreen

Current role: PC Technician @ Computrac Belgium - Specialisation: Hardware.

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:19 PM

Posted 05 September 2012 - 09:02 AM

Do you still need help?

I'm not sure why you created a topic ?

Hope anyone can find any ideas, HJT log will only be posted in request and allowance of admins


If you want to get HJT log analyzed

Read the guide here on preparing logs

http://www.bleepingcomputer.com/forums/topic34773.html

and create a topic here

http://www.bleepingcomputer.com/forums/forum22.html

Good luck

#7 red_devil028

red_devil028
  • Topic Starter

  • Members
  • 63 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:19 PM

Posted 05 September 2012 - 09:08 AM

my stuff is fine, now, this is a customers pc so will be out of the door in a few hours, so a HJT analyze cannot be anymore. however, if possible for reviewing references on how to add to the solution would be fine.

I had 8 reventon attacks in yesterday. a few of them wich had updated versions, like this one.

For prevention reasons to other people i would like to send stuff in that i discovered, i took screenies and copied the EXE files to a USB stick so anyone wanting them can review them, ((i will only hand those exe's to grinler to observe))

Thanks
Current systems: CM STACKER Custom PC / MSI CX 620 / ACER Z5751 Touchscreen

Current role: PC Technician @ Computrac Belgium - Specialisation: Hardware.

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:19 PM

Posted 05 September 2012 - 09:11 AM

Next time,if you want to recommend or suggest advices regarding infections,create a topic here

http://www.bleepingcomputer.com/forums/forum25.html

This forum is for malware removal

Thanks

#9 red_devil028

red_devil028
  • Topic Starter

  • Members
  • 63 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:19 PM

Posted 05 September 2012 - 09:13 AM

Allright, is bookmarked at work here now. will do.
Current systems: CM STACKER Custom PC / MSI CX 620 / ACER Z5751 Touchscreen

Current role: PC Technician @ Computrac Belgium - Specialisation: Hardware.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users