Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

browser hijack


  • Please log in to reply
5 replies to this topic

#1 avbakpak

avbakpak

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:08:35 PM

Posted 07 November 2012 - 06:23 PM

am running vista home premium sp2.
When I open a new web page (regardless of the browser), i get a page with two seperate (hijacked) tabs.
one is for mysearchresults.com the other is for safesearch.lavasoft.com
I have run spybot, malware bytes and a scan using eset antivirus.

please help!

many thanks


*Moderator Edit: Moved topic from Vista to the more appropriate forum. ~ Queen-Evie*

Edited by Queen-Evie, 07 November 2012 - 07:03 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:35 AM

Posted 07 November 2012 - 07:01 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 avbakpak

avbakpak
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:08:35 PM

Posted 11 November 2012 - 04:39 PM

wow, thank you for the fast response!

here are the logs:

tdsskiller:

14:26:53.0152 5080 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
14:26:55.0155 5080 ============================================================
14:26:55.0155 5080 Current date / time: 2012/11/09 14:26:55.0155
14:26:55.0155 5080 SystemInfo:
14:26:55.0155 5080
14:26:55.0156 5080 OS Version: 6.0.6002 ServicePack: 2.0
14:26:55.0156 5080 Product type: Workstation
14:26:55.0156 5080 ComputerName: VE
14:26:55.0156 5080 UserName: mami & papi
14:26:55.0156 5080 Windows directory: C:\Windows
14:26:55.0156 5080 System windows directory: C:\Windows
14:26:55.0156 5080 Processor architecture: Intel x86
14:26:55.0156 5080 Number of processors: 2
14:26:55.0156 5080 Page size: 0x1000
14:26:55.0156 5080 Boot type: Normal boot
14:26:55.0156 5080 ============================================================
14:26:56.0473 5080 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:26:56.0670 5080 ============================================================
14:26:56.0670 5080 \Device\Harddisk0\DR0:
14:26:56.0670 5080 MBR partitions:
14:26:56.0670 5080 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2301C40F
14:26:56.0670 5080 ============================================================
14:26:56.0706 5080 C: <-> \Device\Harddisk0\DR0\Partition1
14:26:56.0706 5080 ============================================================
14:26:56.0706 5080 Initialize success
14:26:56.0706 5080 ============================================================
14:27:19.0790 4024 ============================================================
14:27:19.0790 4024 Scan started
14:27:19.0790 4024 Mode: Manual; TDLFS;
14:27:19.0790 4024 ============================================================
14:27:20.0100 4024 ================ Scan system memory ========================
14:27:20.0100 4024 System memory - ok
14:27:20.0101 4024 ================ Scan services =============================
14:27:20.0250 4024 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
14:27:20.0267 4024 ACPI - ok
14:27:20.0336 4024 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
14:27:20.0338 4024 AdobeARMservice - ok
14:27:20.0376 4024 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
14:27:20.0408 4024 adp94xx - ok
14:27:20.0440 4024 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
14:27:20.0440 4024 adpahci - ok
14:27:20.0441 4024 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
14:27:20.0441 4024 adpu160m - ok
14:27:20.0449 4024 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
14:27:20.0452 4024 adpu320 - ok
14:27:20.0486 4024 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:27:20.0487 4024 AeLookupSvc - ok
14:27:20.0548 4024 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
14:27:20.0552 4024 AFD - ok
14:27:20.0573 4024 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:27:20.0574 4024 agp440 - ok
14:27:20.0594 4024 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
14:27:20.0595 4024 aic78xx - ok
14:27:20.0612 4024 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
14:27:20.0614 4024 ALG - ok
14:27:20.0631 4024 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
14:27:20.0633 4024 aliide - ok
14:27:20.0658 4024 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
14:27:20.0660 4024 amdagp - ok
14:27:20.0674 4024 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
14:27:20.0676 4024 amdide - ok
14:27:20.0689 4024 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
14:27:20.0691 4024 AmdK7 - ok
14:27:20.0703 4024 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:27:20.0739 4024 AmdK8 - ok
14:27:20.0769 4024 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
14:27:20.0771 4024 Appinfo - ok
14:27:20.0800 4024 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
14:27:20.0802 4024 arc - ok
14:27:20.0812 4024 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
14:27:20.0813 4024 arcsas - ok
14:27:20.0841 4024 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:27:20.0859 4024 AsyncMac - ok
14:27:20.0905 4024 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
14:27:20.0905 4024 atapi - ok
14:27:20.0962 4024 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:27:20.0966 4024 AudioEndpointBuilder - ok
14:27:20.0979 4024 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
14:27:20.0981 4024 Audiosrv - ok
14:27:21.0063 4024 [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
14:27:21.0064 4024 BcmSqlStartupSvc - ok
14:27:21.0096 4024 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
14:27:21.0096 4024 Beep - ok
14:27:21.0153 4024 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
14:27:21.0158 4024 BFE - ok
14:27:21.0224 4024 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
14:27:21.0241 4024 BITS - ok
14:27:21.0258 4024 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
14:27:21.0259 4024 blbdrive - ok
14:27:21.0311 4024 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:27:21.0350 4024 bowser - ok
14:27:21.0367 4024 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
14:27:21.0368 4024 BrFiltLo - ok
14:27:21.0379 4024 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
14:27:21.0380 4024 BrFiltUp - ok
14:27:21.0404 4024 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
14:27:21.0405 4024 Browser - ok
14:27:21.0423 4024 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
14:27:21.0425 4024 Brserid - ok
14:27:21.0435 4024 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
14:27:21.0466 4024 BrSerWdm - ok
14:27:21.0481 4024 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
14:27:21.0481 4024 BrUsbMdm - ok
14:27:21.0481 4024 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
14:27:21.0481 4024 BrUsbSer - ok
14:27:21.0498 4024 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
14:27:21.0498 4024 BTHMODEM - ok
14:27:21.0524 4024 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:27:21.0546 4024 cdfs - ok
14:27:21.0604 4024 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:27:21.0669 4024 cdrom - ok
14:27:21.0739 4024 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
14:27:21.0740 4024 CertPropSvc - ok
14:27:21.0773 4024 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
14:27:21.0774 4024 circlass - ok
14:27:21.0825 4024 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
14:27:21.0842 4024 CLFS - ok
14:27:21.0886 4024 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:27:21.0888 4024 clr_optimization_v2.0.50727_32 - ok
14:27:21.0974 4024 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:27:21.0976 4024 clr_optimization_v4.0.30319_32 - ok
14:27:21.0998 4024 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:27:21.0999 4024 cmdide - ok
14:27:22.0017 4024 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\drivers\compbatt.sys
14:27:22.0018 4024 Compbatt - ok
14:27:22.0026 4024 COMSysApp - ok
14:27:22.0039 4024 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
14:27:22.0087 4024 crcdisk - ok
14:27:22.0099 4024 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
14:27:22.0101 4024 Crusoe - ok
14:27:22.0165 4024 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:27:22.0167 4024 CryptSvc - ok
14:27:22.0234 4024 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:27:22.0251 4024 DcomLaunch - ok
14:27:22.0299 4024 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:27:22.0318 4024 DfsC - ok
14:27:22.0403 4024 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
14:27:22.0435 4024 DFSR - ok
14:27:22.0487 4024 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
14:27:22.0490 4024 Dhcp - ok
14:27:22.0554 4024 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
14:27:22.0563 4024 disk - ok
14:27:22.0616 4024 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:27:22.0618 4024 Dnscache - ok
14:27:22.0667 4024 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
14:27:22.0670 4024 dot3svc - ok
14:27:22.0702 4024 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
14:27:22.0704 4024 DPS - ok
14:27:22.0730 4024 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:27:22.0767 4024 drmkaud - ok
14:27:22.0825 4024 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:27:22.0831 4024 DXGKrnl - ok
14:27:22.0877 4024 [ AC9CF17EE2AE003C98EB4F5336C38058 ] E100B C:\Windows\system32\DRIVERS\e100b325.sys
14:27:22.0929 4024 E100B - ok
14:27:22.0974 4024 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
14:27:22.0982 4024 E1G60 - ok
14:27:23.0026 4024 [ A8A6BE9655FCFCA1B5148614F02A547F ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
14:27:23.0033 4024 eamonm - ok
14:27:23.0079 4024 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
14:27:23.0081 4024 EapHost - ok
14:27:23.0132 4024 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
14:27:23.0139 4024 Ecache - ok
14:27:23.0200 4024 [ 65FA62F80E3D2A6646B44811947904AF ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
14:27:23.0236 4024 ehdrv - ok
14:27:23.0298 4024 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:27:23.0304 4024 ehRecvr - ok
14:27:23.0318 4024 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
14:27:23.0320 4024 ehSched - ok
14:27:23.0336 4024 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
14:27:23.0337 4024 ehstart - ok
14:27:23.0461 4024 [ 52F63774A1866258BF64488A75CA1757 ] ekrn C:\Program Files\ESET\ESET Smart Security\ekrn.exe
14:27:23.0473 4024 ekrn - ok
14:27:23.0497 4024 [ 389823DB299B350F2EE830D47376EEAC ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
14:27:23.0530 4024 ElbyCDIO - ok
14:27:23.0581 4024 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
14:27:23.0596 4024 elxstor - ok
14:27:23.0642 4024 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
14:27:23.0659 4024 EMDMgmt - ok
14:27:23.0719 4024 [ 87C004FE66F62D2609E273D23E5C8AC5 ] epfw C:\Windows\system32\DRIVERS\epfw.sys
14:27:23.0726 4024 epfw - ok
14:27:23.0747 4024 [ 7B80EF4C699EC6AE7F15216B90B0B0D2 ] EpfwLWF C:\Windows\system32\DRIVERS\EpfwLWF.sys
14:27:23.0812 4024 EpfwLWF - ok
14:27:23.0836 4024 [ E7823FDC3372CFA6EAED38EF4C60E363 ] epfwwfp C:\Windows\system32\DRIVERS\epfwwfp.sys
14:27:23.0872 4024 epfwwfp - ok
14:27:23.0887 4024 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:27:23.0888 4024 ErrDev - ok
14:27:23.0948 4024 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
14:27:23.0952 4024 EventSystem - ok
14:27:24.0001 4024 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
14:27:24.0002 4024 exfat - ok
14:27:24.0042 4024 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:27:24.0044 4024 fastfat - ok
14:27:24.0055 4024 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:27:24.0088 4024 fdc - ok
14:27:24.0108 4024 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
14:27:24.0109 4024 fdPHost - ok
14:27:24.0118 4024 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
14:27:24.0120 4024 FDResPub - ok
14:27:24.0140 4024 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:27:24.0173 4024 FileInfo - ok
14:27:24.0189 4024 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:27:24.0207 4024 Filetrace - ok
14:27:24.0221 4024 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:27:24.0239 4024 flpydisk - ok
14:27:24.0267 4024 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:27:24.0304 4024 FltMgr - ok
14:27:24.0392 4024 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
14:27:24.0398 4024 FontCache - ok
14:27:24.0431 4024 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:27:24.0432 4024 FontCache3.0.0.0 - ok
14:27:24.0475 4024 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:27:24.0475 4024 Fs_Rec - ok
14:27:24.0506 4024 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
14:27:24.0508 4024 gagp30kx - ok
14:27:24.0563 4024 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
14:27:24.0580 4024 gpsvc - ok
14:27:24.0679 4024 [ 626A24ED1228580B9518C01930936DF9 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
14:27:24.0680 4024 gupdate - ok
14:27:24.0714 4024 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
14:27:24.0716 4024 gupdatem - ok
14:27:24.0759 4024 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:27:24.0777 4024 HdAudAddService - ok
14:27:24.0839 4024 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:27:24.0906 4024 HDAudBus - ok
14:27:24.0922 4024 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
14:27:24.0923 4024 HidBth - ok
14:27:24.0938 4024 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
14:27:24.0939 4024 HidIr - ok
14:27:24.0986 4024 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
14:27:24.0988 4024 hidserv - ok
14:27:25.0038 4024 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:27:25.0072 4024 HidUsb - ok
14:27:25.0096 4024 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:27:25.0099 4024 hkmsvc - ok
14:27:25.0111 4024 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
14:27:25.0112 4024 HpCISSs - ok
14:27:25.0169 4024 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:27:25.0227 4024 HTTP - ok
14:27:25.0240 4024 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
14:27:25.0242 4024 i2omp - ok
14:27:25.0270 4024 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
14:27:25.0308 4024 i8042prt - ok
14:27:25.0335 4024 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
14:27:25.0340 4024 iaStorV - ok
14:27:25.0429 4024 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:27:25.0454 4024 idsvc - ok
14:27:25.0525 4024 [ 038815297078D236D8CC064C295A74C6 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
14:27:25.0610 4024 igfx - ok
14:27:25.0624 4024 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
14:27:25.0625 4024 iirsp - ok
14:27:25.0698 4024 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
14:27:25.0714 4024 IKEEXT - ok
14:27:25.0773 4024 [ B9CBD3DEA7CA02868621173BF7A2AF9F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
14:27:25.0890 4024 IntcAzAudAddService - ok
14:27:25.0918 4024 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
14:27:25.0952 4024 intelide - ok
14:27:25.0973 4024 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:27:26.0011 4024 intelppm - ok
14:27:26.0040 4024 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:27:26.0043 4024 IPBusEnum - ok
14:27:26.0063 4024 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:27:26.0100 4024 IpFilterDriver - ok
14:27:26.0153 4024 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:27:26.0157 4024 iphlpsvc - ok
14:27:26.0165 4024 IpInIp - ok
14:27:26.0186 4024 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
14:27:26.0188 4024 IPMIDRV - ok
14:27:26.0206 4024 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
14:27:26.0243 4024 IPNAT - ok
14:27:26.0253 4024 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:27:26.0287 4024 IRENUM - ok
14:27:26.0301 4024 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:27:26.0302 4024 isapnp - ok
14:27:26.0361 4024 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
14:27:26.0404 4024 iScsiPrt - ok
14:27:26.0411 4024 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
14:27:26.0414 4024 iteatapi - ok
14:27:26.0444 4024 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
14:27:26.0446 4024 iteraid - ok
14:27:26.0485 4024 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
14:27:26.0488 4024 IviRegMgr - ok
14:27:26.0501 4024 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:27:26.0565 4024 kbdclass - ok
14:27:26.0576 4024 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
14:27:26.0577 4024 kbdhid - ok
14:27:26.0619 4024 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
14:27:26.0622 4024 KeyIso - ok
14:27:26.0669 4024 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:27:26.0709 4024 KSecDD - ok
14:27:26.0776 4024 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
14:27:26.0776 4024 KtmRm - ok
14:27:26.0807 4024 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
14:27:26.0813 4024 LanmanServer - ok
14:27:26.0867 4024 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:27:26.0874 4024 LanmanWorkstation - ok
14:27:26.0897 4024 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:27:26.0932 4024 lltdio - ok
14:27:26.0961 4024 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:27:26.0966 4024 lltdsvc - ok
14:27:26.0985 4024 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:27:26.0988 4024 lmhosts - ok
14:27:27.0019 4024 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
14:27:27.0021 4024 LSI_FC - ok
14:27:27.0034 4024 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
14:27:27.0036 4024 LSI_SAS - ok
14:27:27.0049 4024 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
14:27:27.0051 4024 LSI_SCSI - ok
14:27:27.0069 4024 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
14:27:27.0072 4024 luafv - ok
14:27:27.0087 4024 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:27:27.0090 4024 Mcx2Svc - ok
14:27:27.0119 4024 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
14:27:27.0120 4024 megasas - ok
14:27:27.0149 4024 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
14:27:27.0154 4024 MegaSR - ok
14:27:27.0179 4024 MEMSWEEP2 - ok
14:27:27.0273 4024 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
14:27:27.0275 4024 Microsoft Office Groove Audit Service - ok
14:27:27.0297 4024 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
14:27:27.0299 4024 MMCSS - ok
14:27:27.0314 4024 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
14:27:27.0347 4024 Modem - ok
14:27:27.0373 4024 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:27:27.0391 4024 monitor - ok
14:27:27.0406 4024 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:27:27.0425 4024 mouclass - ok
14:27:27.0438 4024 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:27:27.0456 4024 mouhid - ok
14:27:27.0467 4024 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
14:27:27.0485 4024 MountMgr - ok
14:27:27.0509 4024 [ 15D5398EED42C2504BB3D4FC875C15D1 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
14:27:27.0511 4024 MozillaMaintenance - ok
14:27:27.0530 4024 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
14:27:27.0532 4024 mpio - ok
14:27:27.0549 4024 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:27:27.0597 4024 mpsdrv - ok
14:27:27.0649 4024 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
14:27:27.0655 4024 MpsSvc - ok
14:27:27.0668 4024 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
14:27:27.0669 4024 Mraid35x - ok
14:27:27.0708 4024 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:27:27.0710 4024 MRxDAV - ok
14:27:27.0751 4024 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:27:27.0772 4024 mrxsmb - ok
14:27:27.0783 4024 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:27:27.0835 4024 mrxsmb10 - ok
14:27:27.0850 4024 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:27:27.0851 4024 mrxsmb20 - ok
14:27:27.0861 4024 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys
14:27:27.0862 4024 msahci - ok
14:27:27.0876 4024 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:27:27.0878 4024 msdsm - ok
14:27:27.0897 4024 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
14:27:27.0900 4024 MSDTC - ok
14:27:27.0923 4024 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:27:27.0925 4024 Msfs - ok
14:27:27.0950 4024 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:27:27.0972 4024 msisadrv - ok
14:27:28.0006 4024 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:27:28.0008 4024 MSiSCSI - ok
14:27:28.0015 4024 msiserver - ok
14:27:28.0076 4024 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:27:28.0116 4024 MSKSSRV - ok
14:27:28.0147 4024 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:27:28.0151 4024 MSPCLOCK - ok
14:27:28.0174 4024 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:27:28.0177 4024 MSPQM - ok
14:27:28.0216 4024 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:27:28.0218 4024 MsRPC - ok
14:27:28.0228 4024 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
14:27:28.0255 4024 mssmbios - ok
14:27:28.0315 4024 MSSQL$MSSMLBIZ - ok
14:27:28.0354 4024 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
14:27:28.0355 4024 MSSQLServerADHelper - ok
14:27:28.0387 4024 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:27:28.0412 4024 MSTEE - ok
14:27:28.0462 4024 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
14:27:28.0497 4024 Mup - ok
14:27:28.0552 4024 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
14:27:28.0569 4024 napagent - ok
14:27:28.0621 4024 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:27:28.0672 4024 NativeWifiP - ok
14:27:28.0742 4024 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:27:28.0795 4024 NDIS - ok
14:27:28.0816 4024 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:27:28.0822 4024 NdisTapi - ok
14:27:28.0835 4024 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:27:28.0896 4024 Ndisuio - ok
14:27:28.0922 4024 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:27:28.0967 4024 NdisWan - ok
14:27:28.0984 4024 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:27:28.0985 4024 NDProxy - ok
14:27:28.0996 4024 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:27:29.0030 4024 NetBIOS - ok
14:27:29.0082 4024 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
14:27:29.0123 4024 netbt - ok
14:27:29.0135 4024 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
14:27:29.0138 4024 Netlogon - ok
14:27:29.0160 4024 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
14:27:29.0177 4024 Netman - ok
14:27:29.0196 4024 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
14:27:29.0202 4024 netprofm - ok
14:27:29.0244 4024 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:27:29.0247 4024 NetTcpPortSharing - ok
14:27:29.0259 4024 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
14:27:29.0261 4024 nfrd960 - ok
14:27:29.0280 4024 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:27:29.0286 4024 NlaSvc - ok
14:27:29.0330 4024 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:27:29.0332 4024 Npfs - ok
14:27:29.0345 4024 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
14:27:29.0349 4024 nsi - ok
14:27:29.0368 4024 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:27:29.0420 4024 nsiproxy - ok
14:27:29.0492 4024 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:27:29.0517 4024 Ntfs - ok
14:27:29.0537 4024 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
14:27:29.0538 4024 ntrigdigi - ok
14:27:29.0552 4024 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
14:27:29.0554 4024 Null - ok
14:27:29.0572 4024 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:27:29.0574 4024 nvraid - ok
14:27:29.0596 4024 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:27:29.0598 4024 nvstor - ok
14:27:29.0612 4024 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:27:29.0615 4024 nv_agp - ok
14:27:29.0623 4024 NwlnkFlt - ok
14:27:29.0634 4024 NwlnkFwd - ok
14:27:29.0711 4024 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:27:29.0717 4024 odserv - ok
14:27:29.0744 4024 [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
14:27:29.0752 4024 ohci1394 - ok
14:27:29.0781 4024 [ 5D8C35C3D60DCD73C6BF2FD249BFCC42 ] OKAV Agent Service C:\Program Files\Trend Micro\OKAVAgent\OKAVAgent.exe
14:27:29.0783 4024 OKAV Agent Service - ok
14:27:29.0819 4024 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:27:29.0822 4024 ose - ok
14:27:29.0883 4024 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
14:27:29.0900 4024 p2pimsvc - ok
14:27:29.0941 4024 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
14:27:29.0957 4024 p2psvc - ok
14:27:29.0957 4024 [ 8A79FDF04A73428597E2CAF9D0D67850 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:27:29.0977 4024 Parport - ok
14:27:30.0023 4024 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:27:30.0060 4024 partmgr - ok
14:27:30.0090 4024 [ 6C580025C81CAF3AE9E3617C22CAD00E ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
14:27:30.0144 4024 Parvdm - ok
14:27:30.0174 4024 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
14:27:30.0178 4024 PcaSvc - ok
14:27:30.0232 4024 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
14:27:30.0274 4024 pci - ok
14:27:30.0299 4024 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
14:27:30.0301 4024 pciide - ok
14:27:30.0318 4024 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
14:27:30.0320 4024 pcmcia - ok
14:27:30.0356 4024 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:27:30.0410 4024 PEAUTH - ok
14:27:30.0482 4024 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
14:27:30.0516 4024 pla - ok
14:27:30.0569 4024 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:27:30.0576 4024 PlugPlay - ok
14:27:30.0599 4024 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
14:27:30.0609 4024 PNRPAutoReg - ok
14:27:30.0633 4024 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
14:27:30.0644 4024 PNRPsvc - ok
14:27:30.0703 4024 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:27:30.0709 4024 PolicyAgent - ok
14:27:30.0744 4024 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:27:30.0780 4024 PptpMiniport - ok
14:27:30.0801 4024 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
14:27:30.0802 4024 Processor - ok
14:27:30.0851 4024 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
14:27:30.0857 4024 ProfSvc - ok
14:27:30.0868 4024 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
14:27:30.0871 4024 ProtectedStorage - ok
14:27:30.0918 4024 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
14:27:30.0920 4024 PSched - ok
14:27:30.0963 4024 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
14:27:31.0017 4024 ql2300 - ok
14:27:31.0017 4024 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
14:27:31.0033 4024 ql40xx - ok
14:27:31.0034 4024 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
14:27:31.0042 4024 QWAVE - ok
14:27:31.0055 4024 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:27:31.0056 4024 QWAVEdrv - ok
14:27:31.0129 4024 [ 432F5B15E21A54B48072593F03570326 ] RalinkRegistryWriter C:\Program Files\Ovislink\Common\RalinkRegistryWriter.exe
14:27:31.0131 4024 RalinkRegistryWriter - ok
14:27:31.0158 4024 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:27:31.0208 4024 RasAcd - ok
14:27:31.0244 4024 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
14:27:31.0249 4024 RasAuto - ok
14:27:31.0262 4024 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:27:31.0327 4024 Rasl2tp - ok
14:27:31.0373 4024 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
14:27:31.0379 4024 RasMan - ok
14:27:31.0419 4024 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:27:31.0438 4024 RasPppoe - ok
14:27:31.0461 4024 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:27:31.0480 4024 RasSstp - ok
14:27:31.0515 4024 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:27:31.0520 4024 rdbss - ok
14:27:31.0545 4024 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:27:31.0577 4024 RDPCDD - ok
14:27:31.0609 4024 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
14:27:31.0612 4024 rdpdr - ok
14:27:31.0618 4024 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:27:31.0652 4024 RDPENCDD - ok
14:27:31.0692 4024 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:27:31.0694 4024 RDPWD - ok
14:27:31.0718 4024 [ 001B4278407F4303EFC902A2B16F2453 ] regi C:\Windows\system32\drivers\regi.sys
14:27:31.0738 4024 regi - ok
14:27:31.0780 4024 [ 27CE3D4C589E5FAE38EA0BD0FDFA3FD6 ] RegKill C:\Windows\system32\Drivers\RegKill.sys
14:27:31.0800 4024 RegKill - ok
14:27:31.0834 4024 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:27:31.0837 4024 RemoteAccess - ok
14:27:31.0885 4024 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:27:31.0890 4024 RemoteRegistry - ok
14:27:31.0910 4024 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
14:27:31.0912 4024 RpcLocator - ok
14:27:31.0934 4024 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
14:27:31.0940 4024 RpcSs - ok
14:27:31.0964 4024 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:27:31.0987 4024 rspndr - ok
14:27:31.0995 4024 rt61x86 - ok
14:27:32.0004 4024 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
14:27:32.0006 4024 SamSs - ok
14:27:32.0024 4024 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:27:32.0026 4024 sbp2port - ok
14:27:32.0074 4024 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:27:32.0078 4024 SCardSvr - ok
14:27:32.0139 4024 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
14:27:32.0157 4024 Schedule - ok
14:27:32.0197 4024 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
14:27:32.0198 4024 SCPolicySvc - ok
14:27:32.0226 4024 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:27:32.0230 4024 SDRSVC - ok
14:27:32.0260 4024 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:27:32.0261 4024 secdrv - ok
14:27:32.0288 4024 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
14:27:32.0292 4024 seclogon - ok
14:27:32.0332 4024 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
14:27:32.0353 4024 SENS - ok
14:27:32.0366 4024 [ CE9EC966638EF0B10B864DDEDF62A099 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:27:32.0402 4024 Serenum - ok
14:27:32.0419 4024 [ 6D663022DB3E7058907784AE14B69898 ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:27:32.0754 4024 Serial - ok
14:27:32.0771 4024 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
14:27:32.0772 4024 sermouse - ok
14:27:32.0828 4024 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
14:27:32.0833 4024 SessionEnv - ok
14:27:32.0856 4024 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:27:32.0857 4024 sffdisk - ok
14:27:32.0876 4024 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:27:32.0878 4024 sffp_mmc - ok
14:27:32.0887 4024 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:27:32.0889 4024 sffp_sd - ok
14:27:32.0898 4024 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
14:27:32.0900 4024 sfloppy - ok
14:27:32.0936 4024 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:27:32.0942 4024 SharedAccess - ok
14:27:32.0999 4024 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:27:33.0005 4024 ShellHWDetection - ok
14:27:33.0020 4024 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
14:27:33.0021 4024 sisagp - ok
14:27:33.0041 4024 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
14:27:33.0072 4024 SiSRaid2 - ok
14:27:33.0087 4024 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
14:27:33.0087 4024 SiSRaid4 - ok
14:27:33.0171 4024 [ A37740568718F245E818D0C5575B9AA9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
14:27:33.0173 4024 SkypeUpdate - ok
14:27:33.0295 4024 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
14:27:33.0363 4024 slsvc - ok
14:27:33.0390 4024 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
14:27:33.0395 4024 SLUINotify - ok
14:27:33.0441 4024 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:27:33.0477 4024 Smb - ok
14:27:33.0516 4024 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:27:33.0520 4024 SNMPTRAP - ok
14:27:33.0762 4024 [ 11BB0E11D42CC3A43D741D9B30839BE1 ] SNPSTD3 C:\Windows\system32\DRIVERS\snpstd3.sys
14:27:33.0979 4024 SNPSTD3 - ok
14:27:34.0007 4024 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
14:27:34.0009 4024 spldr - ok
14:27:34.0064 4024 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
14:27:34.0089 4024 Spooler - ok
14:27:34.0147 4024 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
14:27:34.0173 4024 SQLBrowser - ok
14:27:34.0205 4024 [ D89083C4EB02DACA8F944B0E05E57F9D ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
14:27:34.0207 4024 SQLWriter - ok
14:27:34.0265 4024 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
14:27:34.0342 4024 srv - ok
14:27:34.0393 4024 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:27:34.0429 4024 srv2 - ok
14:27:34.0480 4024 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:27:34.0515 4024 srvnet - ok
14:27:34.0544 4024 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:27:34.0551 4024 SSDPSRV - ok
14:27:34.0577 4024 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:27:34.0583 4024 SstpSvc - ok
14:27:34.0634 4024 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
14:27:34.0651 4024 stisvc - ok
14:27:34.0671 4024 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
14:27:34.0677 4024 swenum - ok
14:27:34.0738 4024 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
14:27:34.0757 4024 swprv - ok
14:27:34.0776 4024 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
14:27:34.0779 4024 Symc8xx - ok
14:27:34.0792 4024 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
14:27:34.0794 4024 Sym_hi - ok
14:27:34.0811 4024 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
14:27:34.0813 4024 Sym_u3 - ok
14:27:34.0872 4024 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
14:27:34.0889 4024 SysMain - ok
14:27:34.0914 4024 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:27:34.0920 4024 TabletInputService - ok
14:27:34.0967 4024 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:27:34.0984 4024 TapiSrv - ok
14:27:34.0996 4024 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
14:27:35.0002 4024 TBS - ok
14:27:35.0073 4024 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:27:35.0166 4024 Tcpip - ok
14:27:35.0197 4024 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
14:27:35.0197 4024 Tcpip6 - ok
14:27:35.0231 4024 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:27:35.0283 4024 tcpipreg - ok
14:27:35.0321 4024 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:27:35.0356 4024 TDPIPE - ok
14:27:35.0370 4024 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:27:35.0434 4024 TDTCP - ok
14:27:35.0478 4024 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:27:35.0515 4024 tdx - ok
14:27:35.0562 4024 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
14:27:35.0597 4024 TermDD - ok
14:27:35.0658 4024 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
14:27:35.0676 4024 TermService - ok
14:27:35.0690 4024 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
14:27:35.0696 4024 Themes - ok
14:27:35.0714 4024 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
14:27:35.0717 4024 THREADORDER - ok
14:27:35.0749 4024 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
14:27:35.0755 4024 TrkWks - ok
14:27:35.0819 4024 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:27:35.0821 4024 TrustedInstaller - ok
14:27:35.0855 4024 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:27:35.0890 4024 tssecsrv - ok
14:27:35.0912 4024 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
14:27:35.0946 4024 tunmp - ok
14:27:35.0970 4024 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:27:36.0041 4024 tunnel - ok
14:27:36.0070 4024 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
14:27:36.0072 4024 uagp35 - ok
14:27:36.0121 4024 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:27:36.0181 4024 udfs - ok
14:27:36.0230 4024 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:27:36.0246 4024 UI0Detect - ok
14:27:36.0261 4024 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:27:36.0261 4024 uliagpkx - ok
14:27:36.0266 4024 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
14:27:36.0272 4024 uliahci - ok
14:27:36.0286 4024 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
14:27:36.0289 4024 UlSata - ok
14:27:36.0307 4024 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
14:27:36.0311 4024 ulsata2 - ok
14:27:36.0325 4024 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:27:36.0331 4024 umbus - ok
14:27:36.0353 4024 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
14:27:36.0369 4024 upnphost - ok
14:27:36.0445 4024 [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
14:27:36.0470 4024 usbaudio - ok
14:27:36.0509 4024 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:27:36.0528 4024 usbccgp - ok
14:27:36.0552 4024 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:27:36.0554 4024 usbcir - ok
14:27:36.0569 4024 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:27:36.0588 4024 usbehci - ok
14:27:36.0628 4024 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:27:36.0654 4024 usbhub - ok
14:27:36.0673 4024 [ 7BDB7B0E7D45AC0402D78B90789EF47C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
14:27:36.0691 4024 usbohci - ok
14:27:36.0708 4024 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:27:36.0726 4024 usbprint - ok
14:27:36.0735 4024 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
14:27:36.0753 4024 usbscan - ok
14:27:36.0763 4024 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:27:36.0782 4024 USBSTOR - ok
14:27:36.0797 4024 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
14:27:36.0815 4024 usbuhci - ok
14:27:36.0860 4024 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
14:27:36.0864 4024 UxSms - ok
14:27:36.0920 4024 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
14:27:36.0937 4024 vds - ok
14:27:36.0947 4024 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:27:36.0966 4024 vga - ok
14:27:36.0981 4024 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
14:27:36.0983 4024 VgaSave - ok
14:27:36.0993 4024 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
14:27:36.0996 4024 viaagp - ok
14:27:37.0013 4024 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
14:27:37.0015 4024 ViaC7 - ok
14:27:37.0024 4024 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
14:27:37.0026 4024 viaide - ok
14:27:37.0044 4024 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:27:37.0063 4024 volmgr - ok
14:27:37.0116 4024 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:27:37.0166 4024 volmgrx - ok
14:27:37.0219 4024 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:27:37.0244 4024 volsnap - ok
14:27:37.0289 4024 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
14:27:37.0289 4024 vsmraid - ok
14:27:37.0334 4024 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
14:27:37.0359 4024 VSS - ok
14:27:37.0407 4024 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
14:27:37.0414 4024 W32Time - ok
14:27:37.0427 4024 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
14:27:37.0429 4024 WacomPen - ok
14:27:37.0446 4024 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
14:27:37.0489 4024 Wanarp - ok
14:27:37.0494 4024 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:27:37.0495 4024 Wanarpv6 - ok
14:27:37.0513 4024 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:27:37.0530 4024 wcncsvc - ok
14:27:37.0548 4024 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:27:37.0553 4024 WcsPlugInService - ok
14:27:37.0564 4024 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
14:27:37.0566 4024 Wd - ok
14:27:37.0584 4024 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:27:37.0650 4024 Wdf01000 - ok
14:27:37.0662 4024 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:27:37.0667 4024 WdiServiceHost - ok
14:27:37.0674 4024 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:27:37.0678 4024 WdiSystemHost - ok
14:27:37.0724 4024 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
14:27:37.0730 4024 WebClient - ok
14:27:37.0781 4024 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:27:37.0788 4024 Wecsvc - ok
14:27:37.0802 4024 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:27:37.0807 4024 wercplsupport - ok
14:27:37.0859 4024 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
14:27:37.0865 4024 WerSvc - ok
14:27:37.0911 4024 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
14:27:37.0917 4024 WinDefend - ok
14:27:37.0926 4024 WinHttpAutoProxySvc - ok
14:27:37.0952 4024 [ 808797B2B9094574B042B66569B5A7B0 ] WinI2C-DDC C:\Windows\system32\drivers\DDCDrv.sys
14:27:37.0985 4024 WinI2C-DDC - ok
14:27:38.0054 4024 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:27:38.0058 4024 Winmgmt - ok
14:27:38.0138 4024 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
14:27:38.0196 4024 WinRM - ok
14:27:38.0256 4024 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
14:27:38.0273 4024 Wlansvc - ok
14:27:38.0303 4024 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:27:38.0305 4024 WmiAcpi - ok
14:27:38.0379 4024 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:27:38.0379 4024 wmiApSrv - ok
14:27:38.0422 4024 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
14:27:38.0447 4024 WMPNetworkSvc - ok
14:27:38.0507 4024 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:27:38.0523 4024 WPCSvc - ok
14:27:38.0572 4024 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:27:38.0579 4024 WPDBusEnum - ok
14:27:38.0638 4024 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
14:27:38.0673 4024 WpdUsb - ok
14:27:38.0804 4024 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
14:27:38.0829 4024 WPFFontCache_v0400 - ok
14:27:38.0855 4024 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:27:38.0858 4024 ws2ifsl - ok
14:27:38.0901 4024 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
14:27:38.0907 4024 wscsvc - ok
14:27:38.0913 4024 WSearch - ok
14:27:39.0011 4024 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
14:27:39.0045 4024 wuauserv - ok
14:27:39.0066 4024 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:27:39.0074 4024 WUDFRd - ok
14:27:39.0104 4024 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:27:39.0110 4024 wudfsvc - ok
14:27:39.0176 4024 [ 7D1F3B131D503EF43EE594B5A2B9B427 ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
14:27:39.0237 4024 yukonwlh - ok
14:27:39.0242 4024 ================ Scan global ===============================
14:27:39.0271 4024 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
14:27:39.0329 4024 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
14:27:39.0355 4024 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
14:27:39.0426 4024 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
14:27:39.0441 4024 [Global] - ok
14:27:39.0442 4024 ================ Scan MBR ==================================
14:27:39.0444 4024 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
14:27:39.0964 4024 \Device\Harddisk0\DR0 - ok
14:27:39.0964 4024 ================ Scan VBR ==================================
14:27:39.0967 4024 [ 104BE217D1C5D2F39C35A353BB3693C6 ] \Device\Harddisk0\DR0\Partition1
14:27:39.0969 4024 \Device\Harddisk0\DR0\Partition1 - ok
14:27:39.0970 4024 ============================================================
14:27:39.0970 4024 Scan finished
14:27:39.0970 4024 ============================================================
14:27:39.0983 3980 Detected object count: 0
14:27:39.0983 3980 Actual detected object count: 0

#4 avbakpak

avbakpak
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:08:35 PM

Posted 11 November 2012 - 04:44 PM

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-11-09 14:41:38
-----------------------------
14:41:38.312 OS Version: Windows 6.0.6002 Service Pack 2
14:41:38.312 Number of processors: 2 586 0xF0D
14:41:38.313 ComputerName: VE UserName:
14:42:12.047 Initialize success
15:35:19.167 AVAST engine defs: 12110801
15:37:02.962 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
15:37:02.966 Disk 0 Vendor: WDC_WD3200AAJS-08L7A0 01.03E01 Size: 305245MB BusType: 3
15:37:02.977 Disk 0 MBR read successfully
15:37:02.981 Disk 0 MBR scan
15:37:02.990 Disk 0 Windows VISTA default MBR code
15:37:03.003 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 286776 MB offset 2048
15:37:03.043 Disk 0 Partition 2 00 12 Compaq diag MSWIN4.1 18465 MB offset 587320335
15:37:03.055 Disk 0 scanning sectors +625137345
15:37:03.124 Disk 0 scanning C:\Windows\system32\drivers
15:37:20.836 Service scanning
15:37:47.216 Modules scanning
15:38:02.850 Disk 0 trace - called modules:
15:38:02.880 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys
15:38:03.234 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x859c0980]
15:38:03.243 3 CLASSPNP.SYS[8a5a78b3] -> nt!IofCallDriver -> [0x85350b90]
15:38:03.251 5 acpi.sys[806996bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x8494f840]
15:38:04.704 AVAST engine scan C:\Windows
15:38:08.862 AVAST engine scan C:\Windows\system32
15:43:21.762 AVAST engine scan C:\Windows\system32\drivers
15:43:43.094 AVAST engine scan C:\Users\mami & papi
15:47:30.170 File: C:\Users\mami & papi\Downloads\familykeylogger\familykeylogger\crack\ctfmon.exe **INFECTED** Win32:FamilyKeyLogger [Trj]
15:47:30.497 File: C:\Users\mami & papi\Downloads\familykeylogger\familykeylogger\FamilyKeyLogger-setup.exe **INFECTED** Win32:Trojan-gen
15:48:56.024 AVAST engine scan C:\ProgramData
15:50:00.839 Scan finished successfully
10:39:20.764 Disk 0 MBR has been saved successfully to "C:\Users\mami & papi\Desktop\PC SYSTEM\MBR.dat"
10:39:20.786 The log file has been saved successfully to "C:\Users\mami & papi\Desktop\PC SYSTEM\aswMBR.txt"

#5 avbakpak

avbakpak
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:08:35 PM

Posted 11 November 2012 - 06:19 PM

ESET List of found threats:

NO THREATS FOUND

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:35 AM

Posted 11 November 2012 - 06:20 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users