Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

West Yorkshire Police Ukash virus


  • This topic is locked This topic is locked
19 replies to this topic

#1 PersonaUser314

PersonaUser314

  • Members
  • 73 posts
  • OFFLINE
  •  
  • Local time:08:33 AM

Posted 21 May 2012 - 07:00 AM

Last tuesday, I switched on my computer and the desktop was replaced by a black screen with an 'official' looking notice on it from the West Yorkshire Police claiming that my computer had been locked due to illegal activity and a fine was needed to unlock it. Thinking this seemed a bit fishy, I used a friend's computer to search around the net and I'm almost 100% sure that this is a virus infecting my computer (though I do intend to call WY Police's contact number to get an official confirmation that it is malware or something). The problem is that it's been rather resistant to attempts to rid the Hard Drve of the virus. For one thing, I cannot access my desktop (save for safe mode, but I have no clue what to do in safe mode, so...). For another, a friend of mine took the Hard Drive from my computer to attempt to clean the virus from it over the weekend, but though she cleaned something off of it, th computer remained locked and many commands in safe mode failed to work.

Many of the onlne fixes I read about for this seemed to operate under the assumption that the desktop was accessable, therefore being useless to me. So I'm asking for help here.

I'll apologise in advance about any potentially late replies to responses posted to this topic, as my only methods of getting online right now are usng the 'net function on my PS3 and the laptop's in my university library, which I can't be on all the time.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:33 AM

Posted 21 May 2012 - 10:36 AM

Boot into safemode with networking

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply



Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

upload the log file to

www.filedropper.com

Post the link here

good luck

Edited by narenxp, 21 May 2012 - 10:41 AM.


#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:33 AM

Posted 21 May 2012 - 11:04 AM

If it persists,try this by Kaspersky RannohDecryptor
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 PersonaUser314

PersonaUser314
  • Topic Starter

  • Members
  • 73 posts
  • OFFLINE
  •  
  • Local time:08:33 AM

Posted 23 May 2012 - 01:09 PM

OK, Safe Mode with Networking doesn't work - there is no network connection despite having the ethernet cable being plugged into the back of the tower (we also tried a dongle, same result) so we can't get on the net to download any of these things. Any other suggestions??


Double edit: K we got it working using a USB, here's the logs:

TDSS -

19:22:55.0558 1936 TDSS rootkit removing tool 2.7.37.0 May 23 2012 08:15:30

19:22:55.0699 1936 ============================================================

19:22:55.0699 1936 Current date / time: 2012/05/23 19:22:55.0699

19:22:55.0699 1936 SystemInfo:

19:22:55.0699 1936

19:22:55.0699 1936 OS Version: 6.1.7601 ServicePack: 1.0

19:22:55.0699 1936 Product type: Workstation

19:22:55.0699 1936 ComputerName: LAUREN-PC

19:22:55.0699 1936 UserName: Lauren

19:22:55.0699 1936 Windows directory: C:\Windows

19:22:55.0699 1936 System windows directory: C:\Windows

19:22:55.0699 1936 Processor architecture: Intel x86

19:22:55.0699 1936 Number of processors: 4

19:22:55.0699 1936 Page size: 0x1000

19:22:55.0699 1936 Boot type: Safe boot with network

19:22:55.0699 1936 ============================================================

19:22:56.0650 1936 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

19:22:56.0650 1936 Drive \Device\Harddisk5\DR5 - Size: 0xF0E00000 (3.76 Gb), SectorSize: 0x200, Cylinders: 0x1EB, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

19:22:56.0650 1936 ============================================================

19:22:56.0650 1936 \Device\Harddisk0\DR0:

19:22:56.0650 1936 MBR partitions:

19:22:56.0650 1936 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1F800, BlocksNum 0x1E00000

19:22:56.0650 1936 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E1F800, BlocksNum 0x38566000

19:22:56.0650 1936 \Device\Harddisk5\DR5:

19:22:56.0650 1936 MBR partitions:

19:22:56.0666 1936 \Device\Harddisk5\DR5\Partition0: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x786FC1

19:22:56.0666 1936 ============================================================

19:22:56.0681 1936 C: <-> \Device\Harddisk0\DR0\Partition1

19:22:56.0713 1936 D: <-> \Device\Harddisk0\DR0\Partition0

19:22:56.0713 1936 ============================================================

19:22:56.0713 1936 Initialize success

19:22:56.0713 1936 ============================================================

19:23:10.0456 0900 ============================================================

19:23:10.0456 0900 Scan started

19:23:10.0456 0900 Mode: Manual; TDLFS;

19:23:10.0456 0900 ============================================================

19:23:10.0799 0900 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys

19:23:10.0799 0900 1394ohci - ok

19:23:10.0831 0900 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys

19:23:10.0831 0900 ACPI - ok

19:23:10.0846 0900 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys

19:23:10.0846 0900 AcpiPmi - ok

19:23:10.0971 0900 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

19:23:10.0971 0900 AdobeARMservice - ok

19:23:11.0018 0900 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

19:23:11.0018 0900 AdobeFlashPlayerUpdateSvc - ok

19:23:11.0080 0900 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys

19:23:11.0080 0900 adp94xx - ok

19:23:11.0096 0900 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys

19:23:11.0096 0900 adpahci - ok

19:23:11.0127 0900 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys

19:23:11.0127 0900 adpu320 - ok

19:23:11.0158 0900 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll

19:23:11.0158 0900 AeLookupSvc - ok

19:23:11.0221 0900 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys

19:23:11.0221 0900 AFD - ok

19:23:11.0236 0900 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys

19:23:11.0236 0900 agp440 - ok

19:23:11.0283 0900 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys

19:23:11.0283 0900 aic78xx - ok

19:23:11.0470 0900 Akamai (1125c7d9fb8898015829c387c1bc87c7) c:\program files\common files\akamai/netsession_win_6c825ce.dll

19:23:11.0470 0900 Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_6c825ce.dll. md5: 1125c7d9fb8898015829c387c1bc87c7

19:23:11.0470 0900 Akamai ( HiddenFile.Multi.Generic ) - warning

19:23:11.0470 0900 Akamai - detected HiddenFile.Multi.Generic (1)

19:23:11.0579 0900 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe

19:23:11.0579 0900 ALG - ok

19:23:11.0626 0900 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys

19:23:11.0626 0900 aliide - ok

19:23:11.0642 0900 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys

19:23:11.0642 0900 amdagp - ok

19:23:11.0657 0900 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys

19:23:11.0657 0900 amdide - ok

19:23:11.0704 0900 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys

19:23:11.0704 0900 AmdK8 - ok

19:23:11.0720 0900 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys

19:23:11.0720 0900 AmdPPM - ok

19:23:11.0751 0900 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys

19:23:11.0751 0900 amdsata - ok

19:23:11.0767 0900 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys

19:23:11.0767 0900 amdsbs - ok

19:23:11.0782 0900 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys

19:23:11.0782 0900 amdxata - ok

19:23:11.0798 0900 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys

19:23:11.0798 0900 AppID - ok

19:23:11.0845 0900 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll

19:23:11.0860 0900 AppIDSvc - ok

19:23:11.0876 0900 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll

19:23:11.0876 0900 Appinfo - ok

19:23:11.0969 0900 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

19:23:11.0969 0900 Apple Mobile Device - ok

19:23:12.0016 0900 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys

19:23:12.0016 0900 arc - ok

19:23:12.0032 0900 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys

19:23:12.0032 0900 arcsas - ok

19:23:12.0063 0900 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys

19:23:12.0063 0900 AsyncMac - ok

19:23:12.0079 0900 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys

19:23:12.0079 0900 atapi - ok

19:23:12.0110 0900 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll

19:23:12.0125 0900 AudioEndpointBuilder - ok

19:23:12.0125 0900 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll

19:23:12.0125 0900 Audiosrv - ok

19:23:12.0157 0900 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll

19:23:12.0157 0900 AxInstSV - ok

19:23:12.0188 0900 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys

19:23:12.0203 0900 b06bdrv - ok

19:23:12.0235 0900 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys

19:23:12.0235 0900 b57nd60x - ok

19:23:12.0281 0900 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll

19:23:12.0281 0900 BDESVC - ok

19:23:12.0297 0900 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys

19:23:12.0297 0900 Beep - ok

19:23:12.0328 0900 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll

19:23:12.0328 0900 BFE - ok

19:23:12.0375 0900 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\system32\qmgr.dll

19:23:12.0515 0900 BITS - ok

19:23:12.0547 0900 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys

19:23:12.0547 0900 blbdrive - ok

19:23:12.0656 0900 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe

19:23:12.0656 0900 Bonjour Service - ok

19:23:12.0703 0900 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys

19:23:12.0703 0900 bowser - ok

19:23:12.0734 0900 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys

19:23:12.0734 0900 BrFiltLo - ok

19:23:12.0734 0900 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys

19:23:12.0734 0900 BrFiltUp - ok

19:23:12.0765 0900 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys

19:23:12.0765 0900 BridgeMP - ok

19:23:12.0781 0900 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll

19:23:12.0781 0900 Browser - ok

19:23:12.0812 0900 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys

19:23:12.0812 0900 Brserid - ok

19:23:12.0827 0900 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys

19:23:12.0827 0900 BrSerWdm - ok

19:23:12.0827 0900 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys

19:23:12.0843 0900 BrUsbMdm - ok

19:23:12.0859 0900 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys

19:23:12.0859 0900 BrUsbSer - ok

19:23:12.0859 0900 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys

19:23:12.0859 0900 BTHMODEM - ok

19:23:12.0905 0900 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll

19:23:12.0905 0900 bthserv - ok

19:23:13.0015 0900 catchme - ok

19:23:13.0030 0900 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys

19:23:13.0030 0900 cdfs - ok

19:23:13.0061 0900 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys

19:23:13.0061 0900 cdrom - ok

19:23:13.0077 0900 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll

19:23:13.0077 0900 CertPropSvc - ok

19:23:13.0124 0900 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys

19:23:13.0124 0900 circlass - ok

19:23:13.0155 0900 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys

19:23:13.0155 0900 CLFS - ok

19:23:13.0233 0900 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

19:23:13.0233 0900 clr_optimization_v2.0.50727_32 - ok

19:23:13.0311 0900 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

19:23:13.0342 0900 clr_optimization_v4.0.30319_32 - ok

19:23:13.0342 0900 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys

19:23:13.0342 0900 CmBatt - ok

19:23:13.0373 0900 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys

19:23:13.0373 0900 cmdide - ok

19:23:13.0405 0900 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys

19:23:13.0405 0900 CNG - ok

19:23:13.0420 0900 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys

19:23:13.0436 0900 Compbatt - ok

19:23:13.0451 0900 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys

19:23:13.0451 0900 CompositeBus - ok

19:23:13.0467 0900 COMSysApp - ok

19:23:13.0467 0900 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys

19:23:13.0483 0900 crcdisk - ok

19:23:13.0498 0900 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll

19:23:13.0498 0900 CryptSvc - ok

19:23:13.0545 0900 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll

19:23:13.0545 0900 DcomLaunch - ok

19:23:13.0592 0900 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll

19:23:13.0592 0900 defragsvc - ok

19:23:13.0607 0900 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys

19:23:13.0623 0900 DfsC - ok

19:23:13.0639 0900 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll

19:23:13.0639 0900 Dhcp - ok

19:23:13.0670 0900 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys

19:23:13.0670 0900 discache - ok

19:23:13.0717 0900 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys

19:23:13.0717 0900 Disk - ok

19:23:13.0748 0900 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll

19:23:13.0748 0900 Dnscache - ok

19:23:13.0779 0900 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll

19:23:13.0779 0900 dot3svc - ok

19:23:13.0795 0900 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll

19:23:13.0810 0900 DPS - ok

19:23:13.0857 0900 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys

19:23:13.0873 0900 drmkaud - ok

19:23:13.0919 0900 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys

19:23:13.0919 0900 DXGKrnl - ok

19:23:13.0966 0900 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll

19:23:13.0966 0900 EapHost - ok

19:23:14.0075 0900 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys

19:23:14.0122 0900 ebdrv - ok

19:23:14.0200 0900 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe

19:23:14.0200 0900 EFS - ok

19:23:14.0247 0900 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe

19:23:14.0247 0900 ehRecvr - ok

19:23:14.0278 0900 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe

19:23:14.0278 0900 ehSched - ok

19:23:14.0341 0900 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys

19:23:14.0341 0900 elxstor - ok

19:23:14.0356 0900 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys

19:23:14.0356 0900 ErrDev - ok

19:23:14.0403 0900 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll

19:23:14.0403 0900 EventSystem - ok

19:23:14.0419 0900 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys

19:23:14.0434 0900 exfat - ok

19:23:14.0450 0900 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys

19:23:14.0450 0900 fastfat - ok

19:23:14.0497 0900 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe

19:23:14.0497 0900 Fax - ok

19:23:14.0512 0900 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys

19:23:14.0512 0900 fdc - ok

19:23:14.0528 0900 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll

19:23:14.0528 0900 fdPHost - ok

19:23:14.0543 0900 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll

19:23:14.0543 0900 FDResPub - ok

19:23:14.0543 0900 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys

19:23:14.0543 0900 FileInfo - ok

19:23:14.0559 0900 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys

19:23:14.0559 0900 Filetrace - ok

19:23:14.0575 0900 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys

19:23:14.0575 0900 flpydisk - ok

19:23:14.0590 0900 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys

19:23:14.0590 0900 FltMgr - ok

19:23:14.0637 0900 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll

19:23:14.0653 0900 FontCache - ok

19:23:14.0746 0900 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

19:23:14.0746 0900 FontCache3.0.0.0 - ok

19:23:14.0762 0900 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys

19:23:14.0762 0900 FsDepends - ok

19:23:14.0777 0900 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys

19:23:14.0777 0900 Fs_Rec - ok

19:23:14.0809 0900 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys

19:23:14.0824 0900 fvevol - ok

19:23:14.0855 0900 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys

19:23:14.0855 0900 gagp30kx - ok

19:23:14.0887 0900 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

19:23:14.0887 0900 GEARAspiWDM - ok

19:23:14.0918 0900 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll

19:23:14.0933 0900 gpsvc - ok

19:23:15.0027 0900 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe

19:23:15.0027 0900 gupdate - ok

19:23:15.0058 0900 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe

19:23:15.0058 0900 gupdatem - ok

19:23:15.0089 0900 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys

19:23:15.0089 0900 hcw85cir - ok

19:23:15.0136 0900 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys

19:23:15.0136 0900 HdAudAddService - ok

19:23:15.0152 0900 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys

19:23:15.0152 0900 HDAudBus - ok

19:23:15.0167 0900 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys

19:23:15.0183 0900 HidBatt - ok

19:23:15.0183 0900 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys

19:23:15.0183 0900 HidBth - ok

19:23:15.0214 0900 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys

19:23:15.0214 0900 HidIr - ok

19:23:15.0245 0900 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\System32\hidserv.dll

19:23:15.0245 0900 hidserv - ok

19:23:15.0261 0900 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys

19:23:15.0261 0900 HidUsb - ok

19:23:15.0277 0900 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll

19:23:15.0277 0900 hkmsvc - ok

19:23:15.0308 0900 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll

19:23:15.0308 0900 HomeGroupListener - ok

19:23:15.0339 0900 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll

19:23:15.0339 0900 HomeGroupProvider - ok

19:23:15.0355 0900 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys

19:23:15.0355 0900 HpSAMD - ok

19:23:15.0401 0900 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys

19:23:15.0401 0900 HTTP - ok

19:23:15.0417 0900 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys

19:23:15.0417 0900 hwpolicy - ok

19:23:15.0433 0900 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys

19:23:15.0433 0900 i8042prt - ok

19:23:15.0479 0900 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys

19:23:15.0479 0900 iaStorV - ok

19:23:15.0589 0900 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

19:23:15.0604 0900 idsvc - ok

19:23:15.0745 0900 igfx (9467514ea189475a6e7fdc5d7bde9d3f) C:\Windows\system32\DRIVERS\igdkmd32.sys

19:23:15.0823 0900 igfx - ok

19:23:15.0932 0900 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys

19:23:15.0932 0900 iirsp - ok

19:23:15.0979 0900 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll

19:23:15.0994 0900 IKEEXT - ok

19:23:16.0010 0900 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys

19:23:16.0010 0900 intelide - ok

19:23:16.0025 0900 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys

19:23:16.0025 0900 intelppm - ok

19:23:16.0057 0900 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll

19:23:16.0057 0900 IPBusEnum - ok

19:23:16.0088 0900 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys

19:23:16.0088 0900 IpFilterDriver - ok

19:23:16.0119 0900 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll

19:23:16.0119 0900 iphlpsvc - ok

19:23:16.0150 0900 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys

19:23:16.0150 0900 IPMIDRV - ok

19:23:16.0166 0900 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys

19:23:16.0166 0900 IPNAT - ok

19:23:16.0259 0900 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe

19:23:16.0275 0900 iPod Service - ok

19:23:16.0291 0900 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys

19:23:16.0291 0900 IRENUM - ok

19:23:16.0306 0900 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys

19:23:16.0306 0900 isapnp - ok

19:23:16.0322 0900 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys

19:23:16.0337 0900 iScsiPrt - ok

19:23:16.0353 0900 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys

19:23:16.0353 0900 kbdclass - ok

19:23:16.0384 0900 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys

19:23:16.0400 0900 kbdhid - ok

19:23:16.0415 0900 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe

19:23:16.0415 0900 KeyIso - ok

19:23:16.0415 0900 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys

19:23:16.0415 0900 KSecDD - ok

19:23:16.0431 0900 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys

19:23:16.0431 0900 KSecPkg - ok

19:23:16.0462 0900 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll

19:23:16.0462 0900 KtmRm - ok

19:23:16.0478 0900 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\System32\srvsvc.dll

19:23:16.0493 0900 LanmanServer - ok

19:23:16.0509 0900 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll

19:23:16.0525 0900 LanmanWorkstation - ok

19:23:16.0571 0900 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys

19:23:16.0571 0900 lltdio - ok

19:23:16.0603 0900 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll

19:23:16.0603 0900 lltdsvc - ok

19:23:16.0618 0900 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll

19:23:16.0618 0900 lmhosts - ok

19:23:16.0649 0900 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys

19:23:16.0649 0900 LSI_FC - ok

19:23:16.0665 0900 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys

19:23:16.0665 0900 LSI_SAS - ok

19:23:16.0681 0900 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys

19:23:16.0681 0900 LSI_SAS2 - ok

19:23:16.0727 0900 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys

19:23:16.0727 0900 LSI_SCSI - ok

19:23:16.0759 0900 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys

19:23:16.0759 0900 luafv - ok

19:23:16.0805 0900 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\Windows\system32\drivers\mbamswissarmy.sys

19:23:16.0805 0900 MBAMSwissArmy - ok

19:23:16.0852 0900 mcdbus (8fd868e32459ece2a1bb0169f513d31e) C:\Windows\system32\DRIVERS\mcdbus.sys

19:23:16.0852 0900 mcdbus - ok

19:23:16.0868 0900 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll

19:23:16.0868 0900 Mcx2Svc - ok

19:23:16.0915 0900 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys

19:23:16.0915 0900 megasas - ok

19:23:16.0930 0900 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys

19:23:16.0930 0900 MegaSR - ok

19:23:16.0977 0900 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll

19:23:16.0977 0900 MMCSS - ok

19:23:16.0993 0900 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys

19:23:17.0008 0900 Modem - ok

19:23:17.0039 0900 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys

19:23:17.0039 0900 monitor - ok

19:23:17.0055 0900 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys

19:23:17.0055 0900 mouclass - ok

19:23:17.0086 0900 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys

19:23:17.0086 0900 mouhid - ok

19:23:17.0102 0900 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys

19:23:17.0102 0900 mountmgr - ok

19:23:17.0164 0900 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

19:23:17.0164 0900 MozillaMaintenance - ok

19:23:17.0211 0900 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\Windows\system32\DRIVERS\MpFilter.sys

19:23:17.0211 0900 MpFilter - ok

19:23:17.0242 0900 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys

19:23:17.0242 0900 mpio - ok

19:23:17.0273 0900 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys

19:23:17.0273 0900 mpsdrv - ok

19:23:17.0320 0900 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll

19:23:17.0320 0900 MpsSvc - ok

19:23:17.0336 0900 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys

19:23:17.0336 0900 MRxDAV - ok

19:23:17.0383 0900 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys

19:23:17.0383 0900 mrxsmb - ok

19:23:17.0414 0900 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys

19:23:17.0414 0900 mrxsmb10 - ok

19:23:17.0414 0900 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys

19:23:17.0414 0900 mrxsmb20 - ok

19:23:17.0445 0900 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys

19:23:17.0445 0900 msahci - ok

19:23:17.0476 0900 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys

19:23:17.0476 0900 msdsm - ok

19:23:17.0507 0900 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe

19:23:17.0507 0900 MSDTC - ok

19:23:17.0554 0900 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys

19:23:17.0554 0900 Msfs - ok

19:23:17.0554 0900 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys

19:23:17.0554 0900 mshidkmdf - ok

19:23:17.0570 0900 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys

19:23:17.0570 0900 msisadrv - ok

19:23:17.0617 0900 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll

19:23:17.0617 0900 MSiSCSI - ok

19:23:17.0632 0900 msiserver - ok

19:23:17.0648 0900 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys

19:23:17.0648 0900 MSKSSRV - ok

19:23:17.0741 0900 MsMpSvc (24516bf4e12a46cb67302e2cdcb8cddf) c:\Program Files\Microsoft Security Client\MsMpEng.exe

19:23:17.0741 0900 MsMpSvc - ok

19:23:17.0757 0900 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys

19:23:17.0757 0900 MSPCLOCK - ok

19:23:17.0773 0900 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys

19:23:17.0773 0900 MSPQM - ok

19:23:17.0788 0900 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys

19:23:17.0788 0900 MsRPC - ok

19:23:17.0804 0900 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys

19:23:17.0804 0900 mssmbios - ok

19:23:17.0835 0900 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys

19:23:17.0835 0900 MSTEE - ok

19:23:17.0835 0900 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys

19:23:17.0835 0900 MTConfig - ok

19:23:17.0851 0900 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys

19:23:17.0866 0900 Mup - ok

19:23:17.0882 0900 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll

19:23:17.0897 0900 napagent - ok

19:23:17.0913 0900 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys

19:23:17.0913 0900 NativeWifiP - ok

19:23:17.0944 0900 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys

19:23:17.0960 0900 NDIS - ok

19:23:17.0975 0900 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys

19:23:17.0975 0900 NdisCap - ok

19:23:17.0991 0900 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys

19:23:17.0991 0900 NdisTapi - ok

19:23:18.0007 0900 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys

19:23:18.0007 0900 Ndisuio - ok

19:23:18.0022 0900 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys

19:23:18.0022 0900 NdisWan - ok

19:23:18.0053 0900 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys

19:23:18.0053 0900 NDProxy - ok

19:23:18.0053 0900 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys

19:23:18.0053 0900 NetBIOS - ok

19:23:18.0085 0900 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys

19:23:18.0085 0900 NetBT - ok

19:23:18.0116 0900 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe

19:23:18.0116 0900 Netlogon - ok

19:23:18.0163 0900 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll

19:23:18.0163 0900 Netman - ok

19:23:18.0178 0900 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll

19:23:18.0194 0900 netprofm - ok

19:23:18.0225 0900 netr73 (847b64e9069946556bcfcdce638566d8) C:\Windows\system32\DRIVERS\netr73.sys

19:23:18.0225 0900 netr73 - ok

19:23:18.0319 0900 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

19:23:18.0334 0900 NetTcpPortSharing - ok

19:23:18.0381 0900 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys

19:23:18.0381 0900 nfrd960 - ok

19:23:18.0412 0900 NisDrv (b52f26bade7d7e4a79706e3fd91834cd) C:\Windows\system32\DRIVERS\NisDrvWFP.sys

19:23:18.0412 0900 NisDrv - ok

19:23:18.0568 0900 NisSrv (290c0d4c4889398797f8df3be00b9698) c:\Program Files\Microsoft Security Client\NisSrv.exe

19:23:18.0568 0900 NisSrv - ok

19:23:18.0599 0900 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll

19:23:18.0599 0900 NlaSvc - ok

19:23:18.0615 0900 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys

19:23:18.0615 0900 Npfs - ok

19:23:18.0646 0900 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll

19:23:18.0646 0900 nsi - ok

19:23:18.0662 0900 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys

19:23:18.0662 0900 nsiproxy - ok

19:23:18.0724 0900 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys

19:23:18.0755 0900 Ntfs - ok

19:23:18.0787 0900 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys

19:23:18.0787 0900 Null - ok

19:23:18.0818 0900 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys

19:23:18.0818 0900 nvraid - ok

19:23:18.0833 0900 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys

19:23:18.0833 0900 nvstor - ok

19:23:18.0865 0900 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys

19:23:18.0865 0900 nv_agp - ok

19:23:18.0865 0900 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys

19:23:18.0865 0900 ohci1394 - ok

19:23:18.0943 0900 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

19:23:18.0943 0900 ose - ok

19:23:18.0974 0900 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll

19:23:18.0989 0900 p2pimsvc - ok

19:23:19.0021 0900 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll

19:23:19.0021 0900 p2psvc - ok

19:23:19.0067 0900 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys

19:23:19.0067 0900 Parport - ok

19:23:19.0099 0900 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys

19:23:19.0099 0900 partmgr - ok

19:23:19.0114 0900 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys

19:23:19.0114 0900 Parvdm - ok

19:23:19.0130 0900 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll

19:23:19.0130 0900 PcaSvc - ok

19:23:19.0161 0900 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys

19:23:19.0161 0900 pci - ok

19:23:19.0177 0900 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys

19:23:19.0177 0900 pciide - ok

19:23:19.0192 0900 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys

19:23:19.0208 0900 pcmcia - ok

19:23:19.0208 0900 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys

19:23:19.0223 0900 pcw - ok

19:23:19.0255 0900 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys

19:23:19.0255 0900 PEAUTH - ok

19:23:19.0317 0900 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll

19:23:19.0348 0900 pla - ok

19:23:19.0457 0900 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll

19:23:19.0457 0900 PlugPlay - ok

19:23:19.0489 0900 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll

19:23:19.0489 0900 PNRPAutoReg - ok

19:23:19.0520 0900 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll

19:23:19.0520 0900 PNRPsvc - ok

19:23:19.0551 0900 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll

19:23:19.0551 0900 PolicyAgent - ok

19:23:19.0582 0900 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll

19:23:19.0582 0900 Power - ok

19:23:19.0629 0900 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys

19:23:19.0629 0900 PptpMiniport - ok

19:23:19.0645 0900 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys

19:23:19.0645 0900 Processor - ok

19:23:19.0691 0900 Profos - ok

19:23:19.0723 0900 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll

19:23:19.0738 0900 ProfSvc - ok

19:23:19.0754 0900 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe

19:23:19.0754 0900 ProtectedStorage - ok

19:23:19.0769 0900 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys

19:23:19.0769 0900 Psched - ok

19:23:19.0816 0900 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys

19:23:19.0847 0900 ql2300 - ok

19:23:19.0910 0900 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys

19:23:19.0910 0900 ql40xx - ok

19:23:19.0957 0900 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll

19:23:19.0957 0900 QWAVE - ok

19:23:19.0957 0900 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys

19:23:19.0957 0900 QWAVEdrv - ok

19:23:19.0972 0900 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys

19:23:19.0972 0900 RasAcd - ok

19:23:20.0019 0900 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys

19:23:20.0019 0900 RasAgileVpn - ok

19:23:20.0035 0900 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll

19:23:20.0035 0900 RasAuto - ok

19:23:20.0035 0900 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys

19:23:20.0035 0900 Rasl2tp - ok

19:23:20.0066 0900 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll

19:23:20.0066 0900 RasMan - ok

19:23:20.0081 0900 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys

19:23:20.0081 0900 RasPppoe - ok

19:23:20.0081 0900 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys

19:23:20.0097 0900 RasSstp - ok

19:23:20.0128 0900 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys

19:23:20.0128 0900 rdbss - ok

19:23:20.0144 0900 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys

19:23:20.0144 0900 rdpbus - ok

19:23:20.0144 0900 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys

19:23:20.0159 0900 RDPCDD - ok

19:23:20.0175 0900 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys

19:23:20.0175 0900 RDPENCDD - ok

19:23:20.0191 0900 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys

19:23:20.0191 0900 RDPREFMP - ok

19:23:20.0206 0900 RDPWD (244c83332f44589ae98fc347f11b2693) C:\Windows\system32\drivers\RDPWD.sys

19:23:20.0206 0900 RDPWD - ok

19:23:20.0253 0900 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys

19:23:20.0253 0900 rdyboost - ok

19:23:20.0284 0900 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll

19:23:20.0284 0900 RemoteAccess - ok

19:23:20.0315 0900 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll

19:23:20.0331 0900 RemoteRegistry - ok

19:23:20.0331 0900 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll

19:23:20.0331 0900 RpcEptMapper - ok

19:23:20.0362 0900 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe

19:23:20.0362 0900 RpcLocator - ok

19:23:20.0393 0900 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll

19:23:20.0393 0900 RpcSs - ok

19:23:20.0425 0900 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys

19:23:20.0425 0900 rspndr - ok

19:23:20.0471 0900 RTL8167 (7dfd48e24479b68b258d8770121155a0) C:\Windows\system32\DRIVERS\Rt86win7.sys

19:23:20.0471 0900 RTL8167 - ok

19:23:20.0487 0900 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe

19:23:20.0487 0900 SamSs - ok

19:23:20.0518 0900 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys

19:23:20.0518 0900 sbp2port - ok

19:23:20.0549 0900 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll

19:23:20.0549 0900 SCardSvr - ok

19:23:20.0581 0900 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys

19:23:20.0581 0900 scfilter - ok

19:23:20.0612 0900 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll

19:23:20.0627 0900 Schedule - ok

19:23:20.0643 0900 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll

19:23:20.0643 0900 SCPolicySvc - ok

19:23:20.0737 0900 sdkwybjimitkp (a6657924650661d80eb406c733513237) C:\Users\Lauren\AppData\Local\Temp\DAT4501.tmp.exe

19:23:20.0737 0900 sdkwybjimitkp - ok

19:23:20.0768 0900 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll

19:23:20.0768 0900 SDRSVC - ok

19:23:20.0815 0900 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

19:23:20.0815 0900 secdrv - ok

19:23:20.0846 0900 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll

19:23:20.0846 0900 seclogon - ok

19:23:20.0846 0900 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\system32\sens.dll

19:23:20.0846 0900 SENS - ok

19:23:20.0877 0900 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll

19:23:20.0893 0900 SensrSvc - ok

19:23:20.0893 0900 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys

19:23:20.0893 0900 Serenum - ok

19:23:20.0908 0900 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys

19:23:20.0908 0900 Serial - ok

19:23:20.0939 0900 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys

19:23:20.0939 0900 sermouse - ok

19:23:20.0971 0900 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll

19:23:20.0971 0900 SessionEnv - ok

19:23:20.0986 0900 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys

19:23:21.0002 0900 sffdisk - ok

19:23:21.0017 0900 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys

19:23:21.0017 0900 sffp_mmc - ok

19:23:21.0017 0900 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys

19:23:21.0017 0900 sffp_sd - ok

19:23:21.0049 0900 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys

19:23:21.0049 0900 sfloppy - ok

19:23:21.0095 0900 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll

19:23:21.0111 0900 SharedAccess - ok

19:23:21.0127 0900 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll

19:23:21.0142 0900 ShellHWDetection - ok

19:23:21.0158 0900 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys

19:23:21.0158 0900 sisagp - ok

19:23:21.0173 0900 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys

19:23:21.0173 0900 SiSRaid2 - ok

19:23:21.0189 0900 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys

19:23:21.0189 0900 SiSRaid4 - ok

19:23:21.0220 0900 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys

19:23:21.0220 0900 Smb - ok

19:23:21.0251 0900 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe

19:23:21.0251 0900 SNMPTRAP - ok

19:23:21.0267 0900 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys

19:23:21.0267 0900 spldr - ok

19:23:21.0298 0900 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe

19:23:21.0298 0900 Spooler - ok

19:23:21.0392 0900 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe

19:23:21.0439 0900 sppsvc - ok

19:23:21.0517 0900 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll

19:23:21.0517 0900 sppuinotify - ok

19:23:21.0563 0900 sptd (f42efefb765235f24b24e1d2b6f99f46) C:\Windows\System32\Drivers\sptd.sys

19:23:21.0563 0900 sptd - ok

19:23:21.0595 0900 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys

19:23:21.0595 0900 srv - ok

19:23:21.0610 0900 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys

19:23:21.0626 0900 srv2 - ok

19:23:21.0641 0900 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys

19:23:21.0641 0900 srvnet - ok

19:23:21.0673 0900 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll

19:23:21.0673 0900 SSDPSRV - ok

19:23:21.0688 0900 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll

19:23:21.0704 0900 SstpSvc - ok

19:23:21.0751 0900 Steam Client Service - ok

19:23:21.0782 0900 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys

19:23:21.0797 0900 stexstor - ok

19:23:21.0829 0900 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll

19:23:21.0844 0900 StiSvc - ok

19:23:21.0860 0900 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys

19:23:21.0860 0900 swenum - ok

19:23:21.0891 0900 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll

19:23:21.0891 0900 swprv - ok

19:23:21.0938 0900 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll

19:23:21.0969 0900 SysMain - ok

19:23:21.0985 0900 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll

19:23:21.0985 0900 TabletInputService - ok

19:23:22.0016 0900 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll

19:23:22.0016 0900 TapiSrv - ok

19:23:22.0031 0900 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll

19:23:22.0031 0900 TBS - ok

19:23:22.0109 0900 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys

19:23:22.0141 0900 Tcpip - ok

19:23:22.0172 0900 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys

19:23:22.0172 0900 TCPIP6 - ok

19:23:22.0187 0900 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys

19:23:22.0187 0900 tcpipreg - ok

19:23:22.0219 0900 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys

19:23:22.0219 0900 TDPIPE - ok

19:23:22.0234 0900 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys

19:23:22.0234 0900 TDTCP - ok

19:23:22.0265 0900 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys

19:23:22.0265 0900 tdx - ok

19:23:22.0297 0900 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys

19:23:22.0297 0900 TermDD - ok

19:23:22.0312 0900 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll

19:23:22.0312 0900 TermService - ok

19:23:22.0359 0900 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll

19:23:22.0359 0900 Themes - ok

19:23:22.0390 0900 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll

19:23:22.0390 0900 THREADORDER - ok

19:23:22.0406 0900 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll

19:23:22.0421 0900 TrkWks - ok

19:23:22.0437 0900 Trufos - ok

19:23:22.0484 0900 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe

19:23:22.0499 0900 TrustedInstaller - ok

19:23:22.0515 0900 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys

19:23:22.0515 0900 tssecsrv - ok

19:23:22.0531 0900 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys

19:23:22.0531 0900 TsUsbFlt - ok

19:23:22.0562 0900 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys

19:23:22.0562 0900 tunnel - ok

19:23:22.0593 0900 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys

19:23:22.0593 0900 uagp35 - ok

19:23:22.0624 0900 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys

19:23:22.0624 0900 udfs - ok

19:23:22.0655 0900 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe

19:23:22.0655 0900 UI0Detect - ok

19:23:22.0687 0900 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys

19:23:22.0687 0900 uliagpkx - ok

19:23:22.0702 0900 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys

19:23:22.0702 0900 umbus - ok

19:23:22.0718 0900 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys

19:23:22.0733 0900 UmPass - ok

19:23:22.0749 0900 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll

19:23:22.0749 0900 upnphost - ok

19:23:22.0780 0900 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys

19:23:22.0780 0900 USBAAPL - ok

19:23:22.0811 0900 usbaudio (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys

19:23:22.0811 0900 usbaudio - ok

19:23:22.0843 0900 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys

19:23:22.0843 0900 usbccgp - ok

19:23:22.0874 0900 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys

19:23:22.0874 0900 usbcir - ok

19:23:22.0905 0900 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys

19:23:22.0905 0900 usbehci - ok

19:23:22.0921 0900 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys

19:23:22.0921 0900 usbhub - ok

19:23:22.0952 0900 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys

19:23:22.0952 0900 usbohci - ok

19:23:22.0983 0900 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys

19:23:22.0983 0900 usbprint - ok

19:23:22.0999 0900 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS

19:23:22.0999 0900 USBSTOR - ok

19:23:23.0014 0900 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys

19:23:23.0014 0900 usbuhci - ok

19:23:23.0045 0900 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll

19:23:23.0045 0900 UxSms - ok

19:23:23.0077 0900 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe

19:23:23.0077 0900 VaultSvc - ok

19:23:23.0092 0900 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys

19:23:23.0092 0900 vdrvroot - ok

19:23:23.0123 0900 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe

19:23:23.0123 0900 vds - ok

19:23:23.0155 0900 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys

19:23:23.0155 0900 vga - ok

19:23:23.0170 0900 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys

19:23:23.0170 0900 VgaSave - ok

19:23:23.0186 0900 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys

19:23:23.0186 0900 vhdmp - ok

19:23:23.0217 0900 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys

19:23:23.0217 0900 viaagp - ok

19:23:23.0233 0900 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys

19:23:23.0233 0900 ViaC7 - ok

19:23:23.0233 0900 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys

19:23:23.0233 0900 viaide - ok

19:23:23.0248 0900 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys

19:23:23.0248 0900 volmgr - ok

19:23:23.0264 0900 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys

19:23:23.0264 0900 volmgrx - ok

19:23:23.0279 0900 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys

19:23:23.0279 0900 volsnap - ok

19:23:23.0295 0900 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys

19:23:23.0311 0900 vsmraid - ok

19:23:23.0357 0900 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe

19:23:23.0357 0900 VSS - ok

19:23:23.0373 0900 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys

19:23:23.0373 0900 vwifibus - ok

19:23:23.0435 0900 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll

19:23:23.0435 0900 W32Time - ok

19:23:23.0451 0900 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys

19:23:23.0451 0900 WacomPen - ok

19:23:23.0482 0900 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys

19:23:23.0482 0900 WANARP - ok

19:23:23.0498 0900 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys

19:23:23.0498 0900 Wanarpv6 - ok

19:23:23.0794 0900 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe

19:23:23.0810 0900 WatAdminSvc - ok

19:23:23.0888 0900 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe

19:23:23.0903 0900 wbengine - ok

19:23:23.0935 0900 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll

19:23:23.0935 0900 WbioSrvc - ok

19:23:23.0966 0900 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll

19:23:23.0966 0900 wcncsvc - ok

19:23:23.0981 0900 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll

19:23:23.0981 0900 WcsPlugInService - ok

19:23:24.0044 0900 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys

19:23:24.0044 0900 Wd - ok

19:23:24.0059 0900 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys

19:23:24.0075 0900 Wdf01000 - ok

19:23:24.0075 0900 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll

19:23:24.0091 0900 WdiServiceHost - ok

19:23:24.0091 0900 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll

19:23:24.0091 0900 WdiSystemHost - ok

19:23:24.0106 0900 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll

19:23:24.0106 0900 WebClient - ok

19:23:24.0122 0900 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll

19:23:24.0122 0900 Wecsvc - ok

19:23:24.0137 0900 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll

19:23:24.0137 0900 wercplsupport - ok

19:23:24.0169 0900 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll

19:23:24.0169 0900 WerSvc - ok

19:23:24.0200 0900 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys

19:23:24.0200 0900 WfpLwf - ok

19:23:24.0215 0900 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys

19:23:24.0231 0900 WIMMount - ok

19:23:24.0293 0900 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll

19:23:24.0309 0900 WinDefend - ok

19:23:24.0309 0900 WinHttpAutoProxySvc - ok

19:23:24.0371 0900 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll

19:23:24.0371 0900 Winmgmt - ok

19:23:24.0418 0900 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll

19:23:24.0434 0900 WinRM - ok

19:23:24.0496 0900 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys

19:23:24.0496 0900 WinUsb - ok

19:23:24.0543 0900 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll

19:23:24.0559 0900 Wlansvc - ok

19:23:24.0699 0900 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

19:23:24.0715 0900 wlidsvc - ok

19:23:24.0808 0900 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys

19:23:24.0808 0900 WmiAcpi - ok

19:23:24.0886 0900 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe

19:23:24.0886 0900 wmiApSrv - ok

19:23:24.0980 0900 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe

19:23:24.0995 0900 WMPNetworkSvc - ok

19:23:25.0027 0900 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll

19:23:25.0027 0900 WPCSvc - ok

19:23:25.0042 0900 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll

19:23:25.0042 0900 WPDBusEnum - ok

19:23:25.0089 0900 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys

19:23:25.0105 0900 ws2ifsl - ok

19:23:25.0105 0900 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\system32\wscsvc.dll

19:23:25.0105 0900 wscsvc - ok

19:23:25.0120 0900 WSearch - ok

19:23:25.0183 0900 wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll

19:23:25.0214 0900 wuauserv - ok

19:23:25.0261 0900 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys

19:23:25.0261 0900 WudfPf - ok

19:23:25.0292 0900 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys

19:23:25.0292 0900 WUDFRd - ok

19:23:25.0307 0900 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll

19:23:25.0323 0900 wudfsvc - ok

19:23:25.0354 0900 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll

19:23:25.0354 0900 WwanSvc - ok

19:23:25.0401 0900 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

19:23:25.0557 0900 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

19:23:25.0557 0900 \Device\Harddisk0\DR0 - detected TDSS File System (1)

19:23:25.0557 0900 MBR (0x1B8) (739b36f7a373fc81121d831231b6d311) \Device\Harddisk5\DR5

19:23:25.0666 0900 \Device\Harddisk5\DR5 - ok

19:23:25.0666 0900 Boot (0x1200) (8932ad8f8d26fd7c88492eb9db4d99f7) \Device\Harddisk0\DR0\Partition0

19:23:25.0682 0900 \Device\Harddisk0\DR0\Partition0 - ok

19:23:25.0682 0900 Boot (0x1200) (26a6788cbea3e7ffa6374235105a91e1) \Device\Harddisk0\DR0\Partition1

19:23:25.0682 0900 \Device\Harddisk0\DR0\Partition1 - ok

19:23:25.0682 0900 Boot (0x1200) (63ee9e3cc767e06779d997ccd012a108) \Device\Harddisk5\DR5\Partition0

19:23:25.0697 0900 \Device\Harddisk5\DR5\Partition0 - ok

19:23:25.0697 0900 ============================================================

19:23:25.0697 0900 Scan finished

19:23:25.0697 0900 ============================================================

19:23:25.0697 1880 Detected object count: 2

19:23:25.0697 1880 Actual detected object count: 2

ESET -

C:\Users\Lauren\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FW2SEPU6\6[1].exe a variant of Win32/Kryptik.AFRN trojan cleaned by deleting - quarantined

C:\Users\Lauren\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OKVHPXZS\7[1].exe a variant of Win32/Kryptik.AFVY trojan cleaned by deleting - quarantined

C:\Users\Lauren\AppData\Local\temp\DAT4501.tmp.exe a variant of Win32/Kryptik.AFVY trojan cleaned by deleting - quarantined

C:\Users\Lauren\AppData\Roaming\Mitlhdpbxkn\004458D0EED80C345F3B.exe a variant of Win32/Kryptik.AFRN trojan cleaned by deleting - quarantined

C:\Windows\System32\555465A5EED80C342A71.exe a variant of Win32/Kryptik.AFRN trojan cleaned by deleting - quarantined

aswMBR -

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software

Run date: 2012-05-23 20:05:05

-----------------------------

20:05:05.664 OS Version: Windows 6.1.7601 Service Pack 1

20:05:05.664 Number of processors: 4 586 0x1707

20:05:05.664 ComputerName: LAUREN-PC UserName: Lauren

20:05:24.774 Initialize success

20:08:21.632 AVAST engine defs: 12051401

20:08:28.199 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0

20:08:28.199 Disk 0 Vendor: ST3500418AS CC44 Size: 476940MB BusType: 3

20:08:28.199 Disk 5 \Device\Harddisk5\DR5 -> \Device\0000006e

20:08:28.199 Disk 5 Vendor: Size: 476940MB BusType: 0

20:08:28.277 Disk 0 MBR read successfully

20:08:28.277 Disk 0 MBR scan

20:08:28.277 Disk 0 Windows 7 default MBR code

20:08:28.277 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 62 MB offset 63

20:08:28.293 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 15360 MB offset 129024

20:08:28.309 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 461516 MB offset 31586304

20:08:28.309 Disk 0 scanning sectors +976771072

20:08:28.371 Disk 0 scanning C:\Windows\system32\drivers

20:08:36.935 Service scanning

20:08:52.301 Modules scanning

20:08:57.325 Disk 0 trace - called modules:

20:08:57.340 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys

20:08:57.356 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85990200]

20:08:57.356 3 CLASSPNP.SYS[8b73159e] -> nt!IofCallDriver -> [0x8580fd88]

20:08:57.356 5 ACPI.sys[8afa93d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x8582b908]

20:09:00.881 AVAST engine scan C:\Windows

20:09:03.455 AVAST engine scan C:\Windows\system32

20:11:36.663 AVAST engine scan C:\Windows\system32\drivers

20:11:54.993 AVAST engine scan C:\Windows\system32\config\systemprofile

20:12:56.660 AVAST engine scan C:\ProgramData

20:13:42.634 Scan finished successfully

20:14:39.714 Disk 0 MBR has been saved successfully to "F:\MBR.dat"

20:14:39.745 The log file has been saved successfully to "F:\aswMBR.txt"


Autoruns link: http://www.filedropper.com/autoruns_6

Do you want me to run the RannohDecryptor scans as well?

Edited by PersonaUser314, 23 May 2012 - 02:23 PM.


#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:33 AM

Posted 23 May 2012 - 07:58 PM

Was this the end of the TDSS log? Usually it will say something about choices for action on found items.

19:23:25.0697 1880 Detected object count: 2

19:23:25.0697 1880 Actual detected object count: 2

Edited by boopme, 23 May 2012 - 07:59 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 PersonaUser314

PersonaUser314
  • Topic Starter

  • Members
  • 73 posts
  • OFFLINE
  •  
  • Local time:08:33 AM

Posted 24 May 2012 - 05:03 PM

That was the end of the log, but I ran TDSS again just to be sure and got this new log (I think we skipped a step by accident with TDSS the first time around: 22:55:23.0872 0900 TDSS rootkit removing tool 2.7.37.0 May 23 2012 08:15:30

22:55:23.0904 0900 ============================================================

22:55:23.0904 0900 Current date / time: 2012/05/24 22:55:23.0904

22:55:23.0904 0900 SystemInfo:

22:55:23.0904 0900

22:55:23.0904 0900 OS Version: 6.1.7601 ServicePack: 1.0

22:55:23.0904 0900 Product type: Workstation

22:55:23.0904 0900 ComputerName: LAUREN-PC

22:55:23.0904 0900 UserName: Lauren

22:55:23.0904 0900 Windows directory: C:\Windows

22:55:23.0904 0900 System windows directory: C:\Windows

22:55:23.0904 0900 Processor architecture: Intel x86

22:55:23.0904 0900 Number of processors: 4

22:55:23.0904 0900 Page size: 0x1000

22:55:23.0904 0900 Boot type: Safe boot with network

22:55:23.0904 0900 ============================================================

22:55:24.0699 0900 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

22:55:24.0730 0900 Drive \Device\Harddisk5\DR6 - Size: 0xF0E00000 (3.76 Gb), SectorSize: 0x200, Cylinders: 0x1EB, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

22:55:24.0730 0900 ============================================================

22:55:24.0730 0900 \Device\Harddisk0\DR0:

22:55:24.0730 0900 MBR partitions:

22:55:24.0730 0900 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1F800, BlocksNum 0x1E00000

22:55:24.0730 0900 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E1F800, BlocksNum 0x38566000

22:55:24.0730 0900 \Device\Harddisk5\DR6:

22:55:24.0730 0900 MBR partitions:

22:55:24.0730 0900 \Device\Harddisk5\DR6\Partition0: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x786FC1

22:55:24.0730 0900 ============================================================

22:55:24.0746 0900 C: <-> \Device\Harddisk0\DR0\Partition1

22:55:24.0777 0900 D: <-> \Device\Harddisk0\DR0\Partition0

22:55:24.0777 0900 ============================================================

22:55:24.0777 0900 Initialize success

22:55:24.0777 0900 ============================================================

22:55:57.0069 1672 ============================================================

22:55:57.0069 1672 Scan started

22:55:57.0069 1672 Mode: Manual; TDLFS;

22:55:57.0069 1672 ============================================================

22:55:57.0646 1672 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys

22:55:57.0646 1672 1394ohci - ok

22:55:57.0678 1672 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys

22:55:57.0678 1672 ACPI - ok

22:55:57.0693 1672 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys

22:55:57.0693 1672 AcpiPmi - ok

22:55:57.0818 1672 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

22:55:57.0818 1672 AdobeARMservice - ok

22:55:57.0865 1672 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

22:55:57.0865 1672 AdobeFlashPlayerUpdateSvc - ok

22:55:57.0927 1672 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys

22:55:57.0927 1672 adp94xx - ok

22:55:57.0943 1672 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys

22:55:57.0943 1672 adpahci - ok

22:55:57.0958 1672 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys

22:55:57.0958 1672 adpu320 - ok

22:55:58.0005 1672 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll

22:55:58.0005 1672 AeLookupSvc - ok

22:55:58.0052 1672 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys

22:55:58.0052 1672 AFD - ok

22:55:58.0083 1672 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys

22:55:58.0083 1672 agp440 - ok

22:55:58.0114 1672 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys

22:55:58.0114 1672 aic78xx - ok

22:55:58.0317 1672 Akamai (1125c7d9fb8898015829c387c1bc87c7) c:\program files\common files\akamai/netsession_win_6c825ce.dll

22:55:58.0317 1672 Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_6c825ce.dll. md5: 1125c7d9fb8898015829c387c1bc87c7

22:55:58.0317 1672 Akamai ( HiddenFile.Multi.Generic ) - warning

22:55:58.0317 1672 Akamai - detected HiddenFile.Multi.Generic (1)

22:55:58.0426 1672 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe

22:55:58.0426 1672 ALG - ok

22:55:58.0458 1672 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys

22:55:58.0458 1672 aliide - ok

22:55:58.0489 1672 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys

22:55:58.0489 1672 amdagp - ok

22:55:58.0504 1672 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys

22:55:58.0504 1672 amdide - ok

22:55:58.0536 1672 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys

22:55:58.0536 1672 AmdK8 - ok

22:55:58.0551 1672 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys

22:55:58.0551 1672 AmdPPM - ok

22:55:58.0582 1672 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys

22:55:58.0582 1672 amdsata - ok

22:55:58.0598 1672 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys

22:55:58.0598 1672 amdsbs - ok

22:55:58.0614 1672 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys

22:55:58.0614 1672 amdxata - ok

22:55:58.0645 1672 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys

22:55:58.0645 1672 AppID - ok

22:55:58.0676 1672 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll

22:55:58.0676 1672 AppIDSvc - ok

22:55:58.0707 1672 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll

22:55:58.0707 1672 Appinfo - ok

22:55:58.0785 1672 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

22:55:58.0785 1672 Apple Mobile Device - ok

22:55:58.0832 1672 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys

22:55:58.0832 1672 arc - ok

22:55:58.0848 1672 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys

22:55:58.0848 1672 arcsas - ok

22:55:58.0863 1672 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys

22:55:58.0863 1672 AsyncMac - ok

22:55:58.0879 1672 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys

22:55:58.0879 1672 atapi - ok

22:55:58.0910 1672 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll

22:55:58.0910 1672 AudioEndpointBuilder - ok

22:55:58.0926 1672 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll

22:55:58.0926 1672 Audiosrv - ok

22:55:58.0957 1672 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll

22:55:58.0957 1672 AxInstSV - ok

22:55:58.0988 1672 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys

22:55:58.0988 1672 b06bdrv - ok

22:55:59.0035 1672 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys

22:55:59.0035 1672 b57nd60x - ok

22:55:59.0066 1672 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll

22:55:59.0066 1672 BDESVC - ok

22:55:59.0082 1672 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys

22:55:59.0082 1672 Beep - ok

22:55:59.0113 1672 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll

22:55:59.0113 1672 BFE - ok

22:55:59.0144 1672 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\system32\qmgr.dll

22:55:59.0160 1672 BITS - ok

22:55:59.0160 1672 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys

22:55:59.0160 1672 blbdrive - ok

22:55:59.0269 1672 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe

22:55:59.0269 1672 Bonjour Service - ok

22:55:59.0316 1672 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys

22:55:59.0316 1672 bowser - ok

22:55:59.0347 1672 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys

22:55:59.0347 1672 BrFiltLo - ok

22:55:59.0347 1672 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys

22:55:59.0347 1672 BrFiltUp - ok

22:55:59.0378 1672 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys

22:55:59.0378 1672 BridgeMP - ok

22:55:59.0394 1672 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll

22:55:59.0394 1672 Browser - ok

22:55:59.0409 1672 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys

22:55:59.0409 1672 Brserid - ok

22:55:59.0425 1672 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys

22:55:59.0425 1672 BrSerWdm - ok

22:55:59.0440 1672 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys

22:55:59.0440 1672 BrUsbMdm - ok

22:55:59.0456 1672 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys

22:55:59.0456 1672 BrUsbSer - ok

22:55:59.0456 1672 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys

22:55:59.0456 1672 BTHMODEM - ok

22:55:59.0503 1672 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll

22:55:59.0503 1672 bthserv - ok

22:55:59.0596 1672 catchme - ok

22:55:59.0612 1672 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys

22:55:59.0612 1672 cdfs - ok

22:55:59.0659 1672 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys

22:55:59.0659 1672 cdrom - ok

22:55:59.0659 1672 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll

22:55:59.0659 1672 CertPropSvc - ok

22:55:59.0706 1672 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys

22:55:59.0706 1672 circlass - ok

22:55:59.0737 1672 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys

22:55:59.0737 1672 CLFS - ok

22:55:59.0815 1672 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

22:55:59.0815 1672 clr_optimization_v2.0.50727_32 - ok

22:55:59.0893 1672 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

22:55:59.0893 1672 clr_optimization_v4.0.30319_32 - ok

22:55:59.0908 1672 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys

22:55:59.0908 1672 CmBatt - ok

22:55:59.0924 1672 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys

22:55:59.0924 1672 cmdide - ok

22:55:59.0955 1672 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys

22:55:59.0955 1672 CNG - ok

22:55:59.0986 1672 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys

22:55:59.0986 1672 Compbatt - ok

22:56:00.0002 1672 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys

22:56:00.0018 1672 CompositeBus - ok

22:56:00.0018 1672 COMSysApp - ok

22:56:00.0033 1672 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys

22:56:00.0033 1672 crcdisk - ok

22:56:00.0064 1672 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll

22:56:00.0064 1672 CryptSvc - ok

22:56:00.0080 1672 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll

22:56:00.0096 1672 DcomLaunch - ok

22:56:00.0127 1672 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll

22:56:00.0127 1672 defragsvc - ok

22:56:00.0158 1672 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys

22:56:00.0158 1672 DfsC - ok

22:56:00.0174 1672 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll

22:56:00.0174 1672 Dhcp - ok

22:56:00.0205 1672 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys

22:56:00.0205 1672 discache - ok

22:56:00.0236 1672 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys

22:56:00.0236 1672 Disk - ok

22:56:00.0267 1672 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll

22:56:00.0267 1672 Dnscache - ok

22:56:00.0298 1672 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll

22:56:00.0298 1672 dot3svc - ok

22:56:00.0330 1672 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll

22:56:00.0330 1672 DPS - ok

22:56:00.0361 1672 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys

22:56:00.0361 1672 drmkaud - ok

22:56:00.0408 1672 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys

22:56:00.0423 1672 DXGKrnl - ok

22:56:00.0454 1672 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll

22:56:00.0454 1672 EapHost - ok

22:56:00.0564 1672 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys

22:56:00.0610 1672 ebdrv - ok

22:56:00.0688 1672 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe

22:56:00.0688 1672 EFS - ok

22:56:00.0735 1672 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe

22:56:00.0735 1672 ehRecvr - ok

22:56:00.0766 1672 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe

22:56:00.0766 1672 ehSched - ok

22:56:00.0813 1672 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys

22:56:00.0813 1672 elxstor - ok

22:56:00.0844 1672 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys

22:56:00.0844 1672 ErrDev - ok

22:56:00.0876 1672 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll

22:56:00.0876 1672 EventSystem - ok

22:56:00.0907 1672 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys

22:56:00.0907 1672 exfat - ok

22:56:00.0922 1672 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys

22:56:00.0922 1672 fastfat - ok

22:56:00.0954 1672 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe

22:56:00.0969 1672 Fax - ok

22:56:00.0969 1672 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys

22:56:00.0969 1672 fdc - ok

22:56:00.0985 1672 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll

22:56:00.0985 1672 fdPHost - ok

22:56:01.0000 1672 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll

22:56:01.0000 1672 FDResPub - ok

22:56:01.0032 1672 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys

22:56:01.0047 1672 FileInfo - ok

22:56:01.0047 1672 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys

22:56:01.0047 1672 Filetrace - ok

22:56:01.0063 1672 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys

22:56:01.0063 1672 flpydisk - ok

22:56:01.0078 1672 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys

22:56:01.0094 1672 FltMgr - ok

22:56:01.0141 1672 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll

22:56:01.0156 1672 FontCache - ok

22:56:01.0250 1672 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

22:56:01.0250 1672 FontCache3.0.0.0 - ok

22:56:01.0266 1672 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys

22:56:01.0266 1672 FsDepends - ok

22:56:01.0281 1672 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys

22:56:01.0281 1672 Fs_Rec - ok

22:56:01.0312 1672 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys

22:56:01.0312 1672 fvevol - ok

22:56:01.0359 1672 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys

22:56:01.0359 1672 gagp30kx - ok

22:56:01.0390 1672 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

22:56:01.0390 1672 GEARAspiWDM - ok

22:56:01.0422 1672 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll

22:56:01.0422 1672 gpsvc - ok

22:56:01.0531 1672 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe

22:56:01.0531 1672 gupdate - ok

22:56:01.0546 1672 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe

22:56:01.0546 1672 gupdatem - ok

22:56:01.0578 1672 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys

22:56:01.0578 1672 hcw85cir - ok

22:56:01.0609 1672 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys

22:56:01.0609 1672 HdAudAddService - ok

22:56:01.0640 1672 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys

22:56:01.0640 1672 HDAudBus - ok

22:56:01.0656 1672 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys

22:56:01.0656 1672 HidBatt - ok

22:56:01.0671 1672 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys

22:56:01.0671 1672 HidBth - ok

22:56:01.0687 1672 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys

22:56:01.0687 1672 HidIr - ok

22:56:01.0718 1672 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\System32\hidserv.dll

22:56:01.0718 1672 hidserv - ok

22:56:01.0734 1672 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys

22:56:01.0734 1672 HidUsb - ok

22:56:01.0765 1672 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll

22:56:01.0765 1672 hkmsvc - ok

22:56:01.0796 1672 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll

22:56:01.0796 1672 HomeGroupListener - ok

22:56:01.0812 1672 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll

22:56:01.0812 1672 HomeGroupProvider - ok

22:56:01.0827 1672 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys

22:56:01.0827 1672 HpSAMD - ok

22:56:01.0874 1672 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys

22:56:01.0874 1672 HTTP - ok

22:56:01.0890 1672 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys

22:56:01.0890 1672 hwpolicy - ok

22:56:01.0905 1672 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys

22:56:01.0905 1672 i8042prt - ok

22:56:01.0952 1672 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys

22:56:01.0952 1672 iaStorV - ok

22:56:02.0061 1672 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

22:56:02.0061 1672 idsvc - ok

22:56:02.0217 1672 igfx (9467514ea189475a6e7fdc5d7bde9d3f) C:\Windows\system32\DRIVERS\igdkmd32.sys

22:56:02.0295 1672 igfx - ok

22:56:02.0404 1672 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys

22:56:02.0404 1672 iirsp - ok

22:56:02.0451 1672 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll

22:56:02.0451 1672 IKEEXT - ok

22:56:02.0467 1672 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys

22:56:02.0482 1672 intelide - ok

22:56:02.0498 1672 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys

22:56:02.0498 1672 intelppm - ok

22:56:02.0529 1672 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll

22:56:02.0529 1672 IPBusEnum - ok

22:56:02.0545 1672 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys

22:56:02.0545 1672 IpFilterDriver - ok

22:56:02.0576 1672 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll

22:56:02.0576 1672 iphlpsvc - ok

22:56:02.0592 1672 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys

22:56:02.0592 1672 IPMIDRV - ok

22:56:02.0607 1672 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys

22:56:02.0607 1672 IPNAT - ok

22:56:02.0716 1672 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe

22:56:02.0716 1672 iPod Service - ok

22:56:02.0732 1672 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys

22:56:02.0732 1672 IRENUM - ok

22:56:02.0763 1672 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys

22:56:02.0763 1672 isapnp - ok

22:56:02.0779 1672 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys

22:56:02.0794 1672 iScsiPrt - ok

22:56:02.0810 1672 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys

22:56:02.0810 1672 kbdclass - ok

22:56:02.0826 1672 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys

22:56:02.0826 1672 kbdhid - ok

22:56:02.0857 1672 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe

22:56:02.0857 1672 KeyIso - ok

22:56:02.0857 1672 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys

22:56:02.0872 1672 KSecDD - ok

22:56:02.0872 1672 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys

22:56:02.0888 1672 KSecPkg - ok

22:56:02.0919 1672 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll

22:56:02.0919 1672 KtmRm - ok

22:56:02.0935 1672 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\System32\srvsvc.dll

22:56:02.0935 1672 LanmanServer - ok

22:56:02.0950 1672 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll

22:56:02.0950 1672 LanmanWorkstation - ok

22:56:02.0997 1672 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys

22:56:02.0997 1672 lltdio - ok

22:56:03.0044 1672 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll

22:56:03.0044 1672 lltdsvc - ok

22:56:03.0060 1672 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll

22:56:03.0060 1672 lmhosts - ok

22:56:03.0075 1672 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys

22:56:03.0075 1672 LSI_FC - ok

22:56:03.0106 1672 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys

22:56:03.0106 1672 LSI_SAS - ok

22:56:03.0106 1672 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys

22:56:03.0106 1672 LSI_SAS2 - ok

22:56:03.0138 1672 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys

22:56:03.0138 1672 LSI_SCSI - ok

22:56:03.0169 1672 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys

22:56:03.0169 1672 luafv - ok

22:56:03.0216 1672 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\Windows\system32\drivers\mbamswissarmy.sys

22:56:03.0216 1672 MBAMSwissArmy - ok

22:56:03.0247 1672 mcdbus (8fd868e32459ece2a1bb0169f513d31e) C:\Windows\system32\DRIVERS\mcdbus.sys

22:56:03.0247 1672 mcdbus - ok

22:56:03.0278 1672 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll

22:56:03.0278 1672 Mcx2Svc - ok

22:56:03.0294 1672 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys

22:56:03.0294 1672 megasas - ok

22:56:03.0325 1672 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys

22:56:03.0325 1672 MegaSR - ok

22:56:03.0356 1672 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll

22:56:03.0356 1672 MMCSS - ok

22:56:03.0372 1672 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys

22:56:03.0372 1672 Modem - ok

22:56:03.0403 1672 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys

22:56:03.0403 1672 monitor - ok

22:56:03.0418 1672 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys

22:56:03.0418 1672 mouclass - ok

22:56:03.0434 1672 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys

22:56:03.0434 1672 mouhid - ok

22:56:03.0465 1672 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys

22:56:03.0465 1672 mountmgr - ok

22:56:03.0528 1672 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

22:56:03.0528 1672 MozillaMaintenance - ok

22:56:03.0574 1672 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\Windows\system32\DRIVERS\MpFilter.sys

22:56:03.0574 1672 MpFilter - ok

22:56:03.0590 1672 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys

22:56:03.0590 1672 mpio - ok

22:56:03.0621 1672 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys

22:56:03.0621 1672 mpsdrv - ok

22:56:03.0652 1672 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll

22:56:03.0668 1672 MpsSvc - ok

22:56:03.0684 1672 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys

22:56:03.0684 1672 MRxDAV - ok

22:56:03.0730 1672 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys

22:56:03.0730 1672 mrxsmb - ok

22:56:03.0762 1672 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys

22:56:03.0762 1672 mrxsmb10 - ok

22:56:03.0777 1672 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys

22:56:03.0777 1672 mrxsmb20 - ok

22:56:03.0793 1672 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys

22:56:03.0793 1672 msahci - ok

22:56:03.0824 1672 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys

22:56:03.0824 1672 msdsm - ok

22:56:03.0855 1672 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe

22:56:03.0855 1672 MSDTC - ok

22:56:03.0886 1672 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys

22:56:03.0886 1672 Msfs - ok

22:56:03.0902 1672 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys

22:56:03.0902 1672 mshidkmdf - ok

22:56:03.0918 1672 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys

22:56:03.0918 1672 msisadrv - ok

22:56:03.0964 1672 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll

22:56:03.0964 1672 MSiSCSI - ok

22:56:03.0964 1672 msiserver - ok

22:56:03.0980 1672 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys

22:56:03.0980 1672 MSKSSRV - ok

22:56:04.0089 1672 MsMpSvc (24516bf4e12a46cb67302e2cdcb8cddf) c:\Program Files\Microsoft Security Client\MsMpEng.exe

22:56:04.0089 1672 MsMpSvc - ok

22:56:04.0105 1672 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys

22:56:04.0105 1672 MSPCLOCK - ok

22:56:04.0120 1672 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys

22:56:04.0120 1672 MSPQM - ok

22:56:04.0136 1672 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys

22:56:04.0136 1672 MsRPC - ok

22:56:04.0152 1672 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys

22:56:04.0152 1672 mssmbios - ok

22:56:04.0167 1672 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys

22:56:04.0167 1672 MSTEE - ok

22:56:04.0183 1672 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys

22:56:04.0183 1672 MTConfig - ok

22:56:04.0198 1672 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys

22:56:04.0198 1672 Mup - ok

22:56:04.0230 1672 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll

22:56:04.0230 1672 napagent - ok

22:56:04.0261 1672 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys

22:56:04.0261 1672 NativeWifiP - ok

22:56:04.0308 1672 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys

22:56:04.0308 1672 NDIS - ok

22:56:04.0323 1672 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys

22:56:04.0323 1672 NdisCap - ok

22:56:04.0339 1672 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys

22:56:04.0339 1672 NdisTapi - ok

22:56:04.0370 1672 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys

22:56:04.0370 1672 Ndisuio - ok

22:56:04.0370 1672 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys

22:56:04.0370 1672 NdisWan - ok

22:56:04.0401 1672 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys

22:56:04.0401 1672 NDProxy - ok

22:56:04.0417 1672 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys

22:56:04.0417 1672 NetBIOS - ok

22:56:04.0448 1672 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys

22:56:04.0448 1672 NetBT - ok

22:56:04.0464 1672 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe

22:56:04.0464 1672 Netlogon - ok

22:56:04.0526 1672 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll

22:56:04.0526 1672 Netman - ok

22:56:04.0542 1672 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll

22:56:04.0542 1672 netprofm - ok

22:56:04.0573 1672 netr73 (847b64e9069946556bcfcdce638566d8) C:\Windows\system32\DRIVERS\netr73.sys

22:56:04.0588 1672 netr73 - ok

22:56:04.0666 1672 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

22:56:04.0666 1672 NetTcpPortSharing - ok

22:56:04.0713 1672 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys

22:56:04.0713 1672 nfrd960 - ok

22:56:04.0760 1672 NisDrv (b52f26bade7d7e4a79706e3fd91834cd) C:\Windows\system32\DRIVERS\NisDrvWFP.sys

22:56:04.0760 1672 NisDrv - ok

22:56:04.0822 1672 NisSrv (290c0d4c4889398797f8df3be00b9698) c:\Program Files\Microsoft Security Client\NisSrv.exe

22:56:04.0838 1672 NisSrv - ok

22:56:04.0854 1672 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll

22:56:04.0869 1672 NlaSvc - ok

22:56:04.0869 1672 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys

22:56:04.0869 1672 Npfs - ok

22:56:04.0900 1672 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll

22:56:04.0916 1672 nsi - ok

22:56:04.0916 1672 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys

22:56:04.0916 1672 nsiproxy - ok

22:56:04.0978 1672 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys

22:56:04.0994 1672 Ntfs - ok

22:56:05.0025 1672 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys

22:56:05.0025 1672 Null - ok

22:56:05.0041 1672 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys

22:56:05.0041 1672 nvraid - ok

22:56:05.0072 1672 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys

22:56:05.0072 1672 nvstor - ok

22:56:05.0103 1672 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys

22:56:05.0103 1672 nv_agp - ok

22:56:05.0103 1672 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys

22:56:05.0103 1672 ohci1394 - ok

22:56:05.0181 1672 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

22:56:05.0181 1672 ose - ok

22:56:05.0212 1672 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll

22:56:05.0228 1672 p2pimsvc - ok

22:56:05.0228 1672 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll

22:56:05.0244 1672 p2psvc - ok

22:56:05.0275 1672 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys

22:56:05.0275 1672 Parport - ok

22:56:05.0290 1672 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys

22:56:05.0290 1672 partmgr - ok

22:56:05.0306 1672 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys

22:56:05.0306 1672 Parvdm - ok

22:56:05.0322 1672 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll

22:56:05.0337 1672 PcaSvc - ok

22:56:05.0353 1672 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys

22:56:05.0353 1672 pci - ok

22:56:05.0368 1672 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys

22:56:05.0368 1672 pciide - ok

22:56:05.0384 1672 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys

22:56:05.0384 1672 pcmcia - ok

22:56:05.0400 1672 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys

22:56:05.0400 1672 pcw - ok

22:56:05.0431 1672 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys

22:56:05.0446 1672 PEAUTH - ok

22:56:05.0509 1672 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll

22:56:05.0509 1672 pla - ok

22:56:05.0634 1672 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll

22:56:05.0634 1672 PlugPlay - ok

22:56:05.0665 1672 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll

22:56:05.0665 1672 PNRPAutoReg - ok

22:56:05.0680 1672 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll

22:56:05.0680 1672 PNRPsvc - ok

22:56:05.0712 1672 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll

22:56:05.0712 1672 PolicyAgent - ok

22:56:05.0743 1672 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll

22:56:05.0743 1672 Power - ok

22:56:05.0790 1672 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys

22:56:05.0790 1672 PptpMiniport - ok

22:56:05.0805 1672 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys

22:56:05.0805 1672 Processor - ok

22:56:05.0852 1672 Profos - ok

22:56:05.0868 1672 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll

22:56:05.0868 1672 ProfSvc - ok

22:56:05.0883 1672 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe

22:56:05.0883 1672 ProtectedStorage - ok

22:56:05.0914 1672 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys

22:56:05.0914 1672 Psched - ok

22:56:05.0961 1672 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys

22:56:05.0977 1672 ql2300 - ok

22:56:06.0055 1672 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys

22:56:06.0055 1672 ql40xx - ok

22:56:06.0086 1672 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll

22:56:06.0102 1672 QWAVE - ok

22:56:06.0102 1672 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys

22:56:06.0102 1672 QWAVEdrv - ok

22:56:06.0117 1672 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys

22:56:06.0117 1672 RasAcd - ok

22:56:06.0148 1672 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys

22:56:06.0164 1672 RasAgileVpn - ok

22:56:06.0164 1672 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll

22:56:06.0164 1672 RasAuto - ok

22:56:06.0195 1672 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys

22:56:06.0195 1672 Rasl2tp - ok

22:56:06.0226 1672 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll

22:56:06.0226 1672 RasMan - ok

22:56:06.0226 1672 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys

22:56:06.0242 1672 RasPppoe - ok

22:56:06.0258 1672 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys

22:56:06.0258 1672 RasSstp - ok

22:56:06.0289 1672 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys

22:56:06.0289 1672 rdbss - ok

22:56:06.0304 1672 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys

22:56:06.0304 1672 rdpbus - ok

22:56:06.0320 1672 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys

22:56:06.0320 1672 RDPCDD - ok

22:56:06.0336 1672 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys

22:56:06.0336 1672 RDPENCDD - ok

22:56:06.0351 1672 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys

22:56:06.0351 1672 RDPREFMP - ok

22:56:06.0367 1672 RDPWD (244c83332f44589ae98fc347f11b2693) C:\Windows\system32\drivers\RDPWD.sys

22:56:06.0367 1672 RDPWD - ok

22:56:06.0398 1672 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys

22:56:06.0414 1672 rdyboost - ok

22:56:06.0445 1672 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll

22:56:06.0445 1672 RemoteAccess - ok

22:56:06.0476 1672 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll

22:56:06.0476 1672 RemoteRegistry - ok

22:56:06.0476 1672 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll

22:56:06.0476 1672 RpcEptMapper - ok

22:56:06.0523 1672 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe

22:56:06.0523 1672 RpcLocator - ok

22:56:06.0538 1672 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll

22:56:06.0538 1672 RpcSs - ok

22:56:06.0570 1672 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys

22:56:06.0570 1672 rspndr - ok

22:56:06.0616 1672 RTL8167 (7dfd48e24479b68b258d8770121155a0) C:\Windows\system32\DRIVERS\Rt86win7.sys

22:56:06.0616 1672 RTL8167 - ok

22:56:06.0632 1672 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe

22:56:06.0632 1672 SamSs - ok

22:56:06.0663 1672 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys

22:56:06.0663 1672 sbp2port - ok

22:56:06.0694 1672 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll

22:56:06.0694 1672 SCardSvr - ok

22:56:06.0726 1672 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys

22:56:06.0726 1672 scfilter - ok

22:56:06.0741 1672 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll

22:56:06.0757 1672 Schedule - ok

22:56:06.0757 1672 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll

22:56:06.0757 1672 SCPolicySvc - ok

22:56:06.0788 1672 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll

22:56:06.0788 1672 SDRSVC - ok

22:56:06.0835 1672 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

22:56:06.0835 1672 secdrv - ok

22:56:06.0866 1672 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll

22:56:06.0866 1672 seclogon - ok

22:56:06.0882 1672 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\system32\sens.dll

22:56:06.0882 1672 SENS - ok

22:56:06.0913 1672 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll

22:56:06.0913 1672 SensrSvc - ok

22:56:06.0928 1672 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys

22:56:06.0944 1672 Serenum - ok

22:56:06.0960 1672 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys

22:56:06.0960 1672 Serial - ok

22:56:06.0975 1672 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys

22:56:06.0975 1672 sermouse - ok

22:56:07.0006 1672 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll

22:56:07.0006 1672 SessionEnv - ok

22:56:07.0038 1672 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys

22:56:07.0038 1672 sffdisk - ok

22:56:07.0038 1672 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys

22:56:07.0038 1672 sffp_mmc - ok

22:56:07.0053 1672 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys

22:56:07.0053 1672 sffp_sd - ok

22:56:07.0084 1672 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys

22:56:07.0084 1672 sfloppy - ok

22:56:07.0147 1672 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll

22:56:07.0147 1672 SharedAccess - ok

22:56:07.0178 1672 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll

22:56:07.0178 1672 ShellHWDetection - ok

22:56:07.0209 1672 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys

22:56:07.0209 1672 sisagp - ok

22:56:07.0225 1672 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys

22:56:07.0225 1672 SiSRaid2 - ok

22:56:07.0225 1672 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys

22:56:07.0225 1672 SiSRaid4 - ok

22:56:07.0256 1672 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys

22:56:07.0256 1672 Smb - ok

22:56:07.0303 1672 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe

22:56:07.0303 1672 SNMPTRAP - ok

22:56:07.0303 1672 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys

22:56:07.0303 1672 spldr - ok

22:56:07.0334 1672 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe

22:56:07.0334 1672 Spooler - ok

22:56:07.0428 1672 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe

22:56:07.0443 1672 sppsvc - ok

22:56:07.0521 1672 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll

22:56:07.0521 1672 sppuinotify - ok

22:56:07.0568 1672 sptd (f42efefb765235f24b24e1d2b6f99f46) C:\Windows\System32\Drivers\sptd.sys

22:56:07.0584 1672 sptd - ok

22:56:07.0615 1672 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys

22:56:07.0615 1672 srv - ok

22:56:07.0630 1672 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys

22:56:07.0630 1672 srv2 - ok

22:56:07.0646 1672 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys

22:56:07.0646 1672 srvnet - ok

22:56:07.0677 1672 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll

22:56:07.0677 1672 SSDPSRV - ok

22:56:07.0693 1672 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll

22:56:07.0693 1672 SstpSvc - ok

22:56:07.0755 1672 Steam Client Service - ok

22:56:07.0786 1672 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys

22:56:07.0786 1672 stexstor - ok

22:56:07.0833 1672 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll

22:56:07.0833 1672 StiSvc - ok

22:56:07.0849 1672 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys

22:56:07.0849 1672 swenum - ok

22:56:07.0880 1672 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll

22:56:07.0880 1672 swprv - ok

22:56:07.0927 1672 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll

22:56:07.0942 1672 SysMain - ok

22:56:07.0974 1672 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll

22:56:07.0974 1672 TabletInputService - ok

22:56:08.0005 1672 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll

22:56:08.0005 1672 TapiSrv - ok

22:56:08.0020 1672 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll

22:56:08.0020 1672 TBS - ok

22:56:08.0098 1672 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys

22:56:08.0098 1672 Tcpip - ok

22:56:08.0114 1672 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys

22:56:08.0114 1672 TCPIP6 - ok

22:56:08.0145 1672 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys

22:56:08.0145 1672 tcpipreg - ok

22:56:08.0161 1672 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys

22:56:08.0176 1672 TDPIPE - ok

22:56:08.0192 1672 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys

22:56:08.0192 1672 TDTCP - ok

22:56:08.0208 1672 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys

22:56:08.0208 1672 tdx - ok

22:56:08.0239 1672 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys

22:56:08.0239 1672 TermDD - ok

22:56:08.0270 1672 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll

22:56:08.0270 1672 TermService - ok

22:56:08.0301 1672 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll

22:56:08.0301 1672 Themes - ok

22:56:08.0332 1672 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll

22:56:08.0332 1672 THREADORDER - ok

22:56:08.0348 1672 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll

22:56:08.0348 1672 TrkWks - ok

22:56:08.0379 1672 Trufos - ok

22:56:08.0426 1672 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe

22:56:08.0426 1672 TrustedInstaller - ok

22:56:08.0457 1672 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys

22:56:08.0457 1672 tssecsrv - ok

22:56:08.0457 1672 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys

22:56:08.0457 1672 TsUsbFlt - ok

22:56:08.0504 1672 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys

22:56:08.0504 1672 tunnel - ok

22:56:08.0535 1672 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys

22:56:08.0535 1672 uagp35 - ok

22:56:08.0551 1672 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys

22:56:08.0551 1672 udfs - ok

22:56:08.0582 1672 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe

22:56:08.0582 1672 UI0Detect - ok

22:56:08.0613 1672 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys

22:56:08.0613 1672 uliagpkx - ok

22:56:08.0644 1672 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys

22:56:08.0644 1672 umbus - ok

22:56:08.0676 1672 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys

22:56:08.0676 1672 UmPass - ok

22:56:08.0707 1672 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll

22:56:08.0707 1672 upnphost - ok

22:56:08.0738 1672 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys

22:56:08.0738 1672 USBAAPL - ok

22:56:08.0785 1672 usbaudio (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys

22:56:08.0785 1672 usbaudio - ok

22:56:08.0816 1672 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys

22:56:08.0816 1672 usbccgp - ok

22:56:08.0832 1672 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys

22:56:08.0832 1672 usbcir - ok

22:56:08.0847 1672 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys

22:56:08.0863 1672 usbehci - ok

22:56:08.0878 1672 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys

22:56:08.0878 1672 usbhub - ok

22:56:08.0910 1672 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys

22:56:08.0910 1672 usbohci - ok

22:56:08.0941 1672 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys

22:56:08.0941 1672 usbprint - ok

22:56:08.0956 1672 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS

22:56:08.0956 1672 USBSTOR - ok

22:56:08.0972 1672 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys

22:56:08.0972 1672 usbuhci - ok

22:56:09.0003 1672 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll

22:56:09.0003 1672 UxSms - ok

22:56:09.0019 1672 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe

22:56:09.0019 1672 VaultSvc - ok

22:56:09.0034 1672 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys

22:56:09.0034 1672 vdrvroot - ok

22:56:09.0066 1672 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe

22:56:09.0066 1672 vds - ok

22:56:09.0097 1672 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys

22:56:09.0097 1672 vga - ok

22:56:09.0128 1672 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys

22:56:09.0128 1672 VgaSave - ok

22:56:09.0144 1672 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys

22:56:09.0144 1672 vhdmp - ok

22:56:09.0159 1672 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys

22:56:09.0159 1672 viaagp - ok

22:56:09.0175 1672 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys

22:56:09.0175 1672 ViaC7 - ok

22:56:09.0190 1672 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys

22:56:09.0190 1672 viaide - ok

22:56:09.0190 1672 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys

22:56:09.0190 1672 volmgr - ok

22:56:09.0206 1672 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys

22:56:09.0206 1672 volmgrx - ok

22:56:09.0222 1672 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys

22:56:09.0237 1672 volsnap - ok

22:56:09.0253 1672 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys

22:56:09.0253 1672 vsmraid - ok

22:56:09.0300 1672 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe

22:56:09.0300 1672 VSS - ok

22:56:09.0315 1672 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys

22:56:09.0315 1672 vwifibus - ok

22:56:09.0362 1672 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll

22:56:09.0362 1672 W32Time - ok

22:56:09.0378 1672 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys

22:56:09.0378 1672 WacomPen - ok

22:56:09.0424 1672 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys

22:56:09.0424 1672 WANARP - ok

22:56:09.0424 1672 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys

22:56:09.0424 1672 Wanarpv6 - ok

22:56:09.0502 1672 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe

22:56:09.0518 1672 WatAdminSvc - ok

22:56:09.0580 1672 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe

22:56:09.0596 1672 wbengine - ok

22:56:09.0627 1672 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll

22:56:09.0627 1672 WbioSrvc - ok

22:56:09.0643 1672 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll

22:56:09.0658 1672 wcncsvc - ok

22:56:09.0658 1672 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll

22:56:09.0658 1672 WcsPlugInService - ok

22:56:09.0705 1672 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys

22:56:09.0721 1672 Wd - ok

22:56:09.0736 1672 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys

22:56:09.0736 1672 Wdf01000 - ok

22:56:09.0752 1672 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll

22:56:09.0752 1672 WdiServiceHost - ok

22:56:09.0752 1672 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll

22:56:09.0752 1672 WdiSystemHost - ok

22:56:09.0768 1672 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll

22:56:09.0768 1672 WebClient - ok

22:56:09.0783 1672 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll

22:56:09.0783 1672 Wecsvc - ok

22:56:09.0799 1672 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll

22:56:09.0799 1672 wercplsupport - ok

22:56:09.0814 1672 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll

22:56:09.0830 1672 WerSvc - ok

22:56:09.0846 1672 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys

22:56:09.0846 1672 WfpLwf - ok

22:56:09.0877 1672 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys

22:56:09.0877 1672 WIMMount - ok

22:56:09.0955 1672 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll

22:56:09.0955 1672 WinDefend - ok

22:56:09.0955 1672 WinHttpAutoProxySvc - ok

22:56:10.0017 1672 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll

22:56:10.0017 1672 Winmgmt - ok

22:56:10.0064 1672 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll

22:56:10.0080 1672 WinRM - ok

22:56:10.0142 1672 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys

22:56:10.0142 1672 WinUsb - ok

22:56:10.0189 1672 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll

22:56:10.0189 1672 Wlansvc - ok

22:56:10.0314 1672 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

22:56:10.0345 1672 wlidsvc - ok

22:56:10.0438 1672 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys

22:56:10.0438 1672 WmiAcpi - ok

22:56:10.0501 1672 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe

22:56:10.0501 1672 wmiApSrv - ok

22:56:10.0563 1672 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe

22:56:10.0579 1672 WMPNetworkSvc - ok

22:56:10.0594 1672 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll

22:56:10.0610 1672 WPCSvc - ok

22:56:10.0626 1672 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll

22:56:10.0626 1672 WPDBusEnum - ok

22:56:10.0688 1672 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys

22:56:10.0688 1672 ws2ifsl - ok

22:56:10.0704 1672 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\system32\wscsvc.dll

22:56:10.0704 1672 wscsvc - ok

22:56:10.0704 1672 WSearch - ok

22:56:10.0766 1672 wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll

22:56:10.0797 1672 wuauserv - ok

22:56:10.0860 1672 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys

22:56:10.0860 1672 WudfPf - ok

22:56:10.0875 1672 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys

22:56:10.0875 1672 WUDFRd - ok

22:56:10.0906 1672 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll

22:56:10.0906 1672 wudfsvc - ok

22:56:10.0938 1672 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll

22:56:10.0938 1672 WwanSvc - ok

22:56:11.0000 1672 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

22:56:11.0172 1672 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

22:56:11.0172 1672 \Device\Harddisk0\DR0 - detected TDSS File System (1)

22:56:11.0172 1672 MBR (0x1B8) (739b36f7a373fc81121d831231b6d311) \Device\Harddisk5\DR6

22:56:11.0265 1672 \Device\Harddisk5\DR6 - ok

22:56:11.0296 1672 Boot (0x1200) (8932ad8f8d26fd7c88492eb9db4d99f7) \Device\Harddisk0\DR0\Partition0

22:56:11.0296 1672 \Device\Harddisk0\DR0\Partition0 - ok

22:56:11.0296 1672 Boot (0x1200) (26a6788cbea3e7ffa6374235105a91e1) \Device\Harddisk0\DR0\Partition1

22:56:11.0296 1672 \Device\Harddisk0\DR0\Partition1 - ok

22:56:11.0312 1672 Boot (0x1200) (a09bad305401e8211f8c8ba06e62518f) \Device\Harddisk5\DR6\Partition0

22:56:11.0312 1672 \Device\Harddisk5\DR6\Partition0 - ok

22:56:11.0312 1672 ============================================================

22:56:11.0312 1672 Scan finished

22:56:11.0312 1672 ============================================================

22:56:11.0312 1288 Detected object count: 2

22:56:11.0312 1288 Actual detected object count: 2

22:56:58.0580 1288 c:\program files\common files\akamai/netsession_win_6c825ce.dll - copied to quarantine

22:56:58.0580 1288 HKLM\SYSTEM\ControlSet001\services\Akamai - will be deleted on reboot

22:56:58.0596 1288 HKLM\SYSTEM\ControlSet002\services\Akamai - will be deleted on reboot

22:56:58.0689 1288 c:\program files\common files\akamai/netsession_win_6c825ce.dll - will be deleted on reboot

22:56:58.0689 1288 Akamai ( HiddenFile.Multi.Generic ) - User select action: Delete

22:56:58.0752 1288 \Device\Harddisk0\DR0\TDLFS\cfg.ini - copied to quarantine

22:56:58.0752 1288 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine

22:56:58.0752 1288 \Device\Harddisk0\DR0\TDLFS\bckfg.tmp - copied to quarantine

22:56:58.0752 1288 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine

22:56:58.0752 1288 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine

22:56:58.0752 1288 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine

22:56:58.0752 1288 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine

22:56:58.0767 1288 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
22:55:23.0872 0900 TDSS rootkit removing tool 2.7.37.0 May 23 2012 08:15:30

22:55:23.0904 0900 ============================================================

22:55:23.0904 0900 Current date / time: 2012/05/24 22:55:23.0904

22:55:23.0904 0900 SystemInfo:

22:55:23.0904 0900

22:55:23.0904 0900 OS Version: 6.1.7601 ServicePack: 1.0

22:55:23.0904 0900 Product type: Workstation

22:55:23.0904 0900 ComputerName: LAUREN-PC

22:55:23.0904 0900 UserName: Lauren

22:55:23.0904 0900 Windows directory: C:\Windows

22:55:23.0904 0900 System windows directory: C:\Windows

22:55:23.0904 0900 Processor architecture: Intel x86

22:55:23.0904 0900 Number of processors: 4

22:55:23.0904 0900 Page size: 0x1000

22:55:23.0904 0900 Boot type: Safe boot with network

22:55:23.0904 0900 ============================================================

22:55:24.0699 0900 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

22:55:24.0730 0900 Drive \Device\Harddisk5\DR6 - Size: 0xF0E00000 (3.76 Gb), SectorSize: 0x200, Cylinders: 0x1EB, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

22:55:24.0730 0900 ============================================================

22:55:24.0730 0900 \Device\Harddisk0\DR0:

22:55:24.0730 0900 MBR partitions:

22:55:24.0730 0900 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1F800, BlocksNum 0x1E00000

22:55:24.0730 0900 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E1F800, BlocksNum 0x38566000

22:55:24.0730 0900 \Device\Harddisk5\DR6:

22:55:24.0730 0900 MBR partitions:

22:55:24.0730 0900 \Device\Harddisk5\DR6\Partition0: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x786FC1

22:55:24.0730 0900 ============================================================

22:55:24.0746 0900 C: <-> \Device\Harddisk0\DR0\Partition1

22:55:24.0777 0900 D: <-> \Device\Harddisk0\DR0\Partition0

22:55:24.0777 0900 ============================================================

22:55:24.0777 0900 Initialize success

22:55:24.0777 0900 ============================================================

22:55:57.0069 1672 ============================================================

22:55:57.0069 1672 Scan started

22:55:57.0069 1672 Mode: Manual; TDLFS;

22:55:57.0069 1672 ============================================================

22:55:57.0646 1672 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys

22:55:57.0646 1672 1394ohci - ok

22:55:57.0678 1672 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys

22:55:57.0678 1672 ACPI - ok

22:55:57.0693 1672 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys

22:55:57.0693 1672 AcpiPmi - ok

22:55:57.0818 1672 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

22:55:57.0818 1672 AdobeARMservice - ok

22:55:57.0865 1672 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

22:55:57.0865 1672 AdobeFlashPlayerUpdateSvc - ok

22:55:57.0927 1672 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys

22:55:57.0927 1672 adp94xx - ok

22:55:57.0943 1672 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys

22:55:57.0943 1672 adpahci - ok

22:55:57.0958 1672 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys

22:55:57.0958 1672 adpu320 - ok

22:55:58.0005 1672 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll

22:55:58.0005 1672 AeLookupSvc - ok

22:55:58.0052 1672 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys

22:55:58.0052 1672 AFD - ok

22:55:58.0083 1672 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys

22:55:58.0083 1672 agp440 - ok

22:55:58.0114 1672 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys

22:55:58.0114 1672 aic78xx - ok

22:55:58.0317 1672 Akamai (1125c7d9fb8898015829c387c1bc87c7) c:\program files\common files\akamai/netsession_win_6c825ce.dll

22:55:58.0317 1672 Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_6c825ce.dll. md5: 1125c7d9fb8898015829c387c1bc87c7

22:55:58.0317 1672 Akamai ( HiddenFile.Multi.Generic ) - warning

22:55:58.0317 1672 Akamai - detected HiddenFile.Multi.Generic (1)

22:55:58.0426 1672 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe

22:55:58.0426 1672 ALG - ok

22:55:58.0458 1672 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys

22:55:58.0458 1672 aliide - ok

22:55:58.0489 1672 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys

22:55:58.0489 1672 amdagp - ok

22:55:58.0504 1672 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys

22:55:58.0504 1672 amdide - ok

22:55:58.0536 1672 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys

22:55:58.0536 1672 AmdK8 - ok

22:55:58.0551 1672 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys

22:55:58.0551 1672 AmdPPM - ok

22:55:58.0582 1672 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys

22:55:58.0582 1672 amdsata - ok

22:55:58.0598 1672 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys

22:55:58.0598 1672 amdsbs - ok

22:55:58.0614 1672 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys

22:55:58.0614 1672 amdxata - ok

22:55:58.0645 1672 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys

22:55:58.0645 1672 AppID - ok

22:55:58.0676 1672 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll

22:55:58.0676 1672 AppIDSvc - ok

22:55:58.0707 1672 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll

22:55:58.0707 1672 Appinfo - ok

22:55:58.0785 1672 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

22:55:58.0785 1672 Apple Mobile Device - ok

22:55:58.0832 1672 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys

22:55:58.0832 1672 arc - ok

22:55:58.0848 1672 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys

22:55:58.0848 1672 arcsas - ok

22:55:58.0863 1672 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys

22:55:58.0863 1672 AsyncMac - ok

22:55:58.0879 1672 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys

22:55:58.0879 1672 atapi - ok

22:55:58.0910 1672 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll

22:55:58.0910 1672 AudioEndpointBuilder - ok

22:55:58.0926 1672 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll

22:55:58.0926 1672 Audiosrv - ok

22:55:58.0957 1672 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll

22:55:58.0957 1672 AxInstSV - ok

22:55:58.0988 1672 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys

22:55:58.0988 1672 b06bdrv - ok

22:55:59.0035 1672 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys

22:55:59.0035 1672 b57nd60x - ok

22:55:59.0066 1672 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll

22:55:59.0066 1672 BDESVC - ok

22:55:59.0082 1672 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys

22:55:59.0082 1672 Beep - ok

22:55:59.0113 1672 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll

22:55:59.0113 1672 BFE - ok

22:55:59.0144 1672 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\system32\qmgr.dll

22:55:59.0160 1672 BITS - ok

22:55:59.0160 1672 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys

22:55:59.0160 1672 blbdrive - ok

22:55:59.0269 1672 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe

22:55:59.0269 1672 Bonjour Service - ok

22:55:59.0316 1672 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys

22:55:59.0316 1672 bowser - ok

22:55:59.0347 1672 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys

22:55:59.0347 1672 BrFiltLo - ok

22:55:59.0347 1672 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys

22:55:59.0347 1672 BrFiltUp - ok

22:55:59.0378 1672 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys

22:55:59.0378 1672 BridgeMP - ok

22:55:59.0394 1672 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll

22:55:59.0394 1672 Browser - ok

22:55:59.0409 1672 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys

22:55:59.0409 1672 Brserid - ok

22:55:59.0425 1672 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys

22:55:59.0425 1672 BrSerWdm - ok

22:55:59.0440 1672 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys

22:55:59.0440 1672 BrUsbMdm - ok

22:55:59.0456 1672 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys

22:55:59.0456 1672 BrUsbSer - ok

22:55:59.0456 1672 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys

22:55:59.0456 1672 BTHMODEM - ok

22:55:59.0503 1672 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll

22:55:59.0503 1672 bthserv - ok

22:55:59.0596 1672 catchme - ok

22:55:59.0612 1672 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys

22:55:59.0612 1672 cdfs - ok

22:55:59.0659 1672 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys

22:55:59.0659 1672 cdrom - ok

22:55:59.0659 1672 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll

22:55:59.0659 1672 CertPropSvc - ok

22:55:59.0706 1672 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys

22:55:59.0706 1672 circlass - ok

22:55:59.0737 1672 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys

22:55:59.0737 1672 CLFS - ok

22:55:59.0815 1672 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

22:55:59.0815 1672 clr_optimization_v2.0.50727_32 - ok

22:55:59.0893 1672 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

22:55:59.0893 1672 clr_optimization_v4.0.30319_32 - ok

22:55:59.0908 1672 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys

22:55:59.0908 1672 CmBatt - ok

22:55:59.0924 1672 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys

22:55:59.0924 1672 cmdide - ok

22:55:59.0955 1672 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys

22:55:59.0955 1672 CNG - ok

22:55:59.0986 1672 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys

22:55:59.0986 1672 Compbatt - ok

22:56:00.0002 1672 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys

22:56:00.0018 1672 CompositeBus - ok

22:56:00.0018 1672 COMSysApp - ok

22:56:00.0033 1672 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys

22:56:00.0033 1672 crcdisk - ok

22:56:00.0064 1672 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll

22:56:00.0064 1672 CryptSvc - ok

22:56:00.0080 1672 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll

22:56:00.0096 1672 DcomLaunch - ok

22:56:00.0127 1672 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll

22:56:00.0127 1672 defragsvc - ok

22:56:00.0158 1672 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys

22:56:00.0158 1672 DfsC - ok

22:56:00.0174 1672 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll

22:56:00.0174 1672 Dhcp - ok

22:56:00.0205 1672 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys

22:56:00.0205 1672 discache - ok

22:56:00.0236 1672 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys

22:56:00.0236 1672 Disk - ok

22:56:00.0267 1672 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll

22:56:00.0267 1672 Dnscache - ok

22:56:00.0298 1672 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll

22:56:00.0298 1672 dot3svc - ok

22:56:00.0330 1672 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll

22:56:00.0330 1672 DPS - ok

22:56:00.0361 1672 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys

22:56:00.0361 1672 drmkaud - ok

22:56:00.0408 1672 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys

22:56:00.0423 1672 DXGKrnl - ok

22:56:00.0454 1672 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll

22:56:00.0454 1672 EapHost - ok

22:56:00.0564 1672 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys

22:56:00.0610 1672 ebdrv - ok

22:56:00.0688 1672 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe

22:56:00.0688 1672 EFS - ok

22:56:00.0735 1672 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe

22:56:00.0735 1672 ehRecvr - ok

22:56:00.0766 1672 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe

22:56:00.0766 1672 ehSched - ok

22:56:00.0813 1672 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys

22:56:00.0813 1672 elxstor - ok

22:56:00.0844 1672 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys

22:56:00.0844 1672 ErrDev - ok

22:56:00.0876 1672 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll

22:56:00.0876 1672 EventSystem - ok

22:56:00.0907 1672 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys

22:56:00.0907 1672 exfat - ok

22:56:00.0922 1672 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys

22:56:00.0922 1672 fastfat - ok

22:56:00.0954 1672 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe

22:56:00.0969 1672 Fax - ok

22:56:00.0969 1672 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys

22:56:00.0969 1672 fdc - ok

22:56:00.0985 1672 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll

22:56:00.0985 1672 fdPHost - ok

22:56:01.0000 1672 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll

22:56:01.0000 1672 FDResPub - ok

22:56:01.0032 1672 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys

22:56:01.0047 1672 FileInfo - ok

22:56:01.0047 1672 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys

22:56:01.0047 1672 Filetrace - ok

22:56:01.0063 1672 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys

22:56:01.0063 1672 flpydisk - ok

22:56:01.0078 1672 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys

22:56:01.0094 1672 FltMgr - ok

22:56:01.0141 1672 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll

22:56:01.0156 1672 FontCache - ok

22:56:01.0250 1672 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

22:56:01.0250 1672 FontCache3.0.0.0 - ok

22:56:01.0266 1672 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys

22:56:01.0266 1672 FsDepends - ok

22:56:01.0281 1672 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys

22:56:01.0281 1672 Fs_Rec - ok

22:56:01.0312 1672 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys

22:56:01.0312 1672 fvevol - ok

22:56:01.0359 1672 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys

22:56:01.0359 1672 gagp30kx - ok

22:56:01.0390 1672 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

22:56:01.0390 1672 GEARAspiWDM - ok

22:56:01.0422 1672 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll

22:56:01.0422 1672 gpsvc - ok

22:56:01.0531 1672 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe

22:56:01.0531 1672 gupdate - ok

22:56:01.0546 1672 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe

22:56:01.0546 1672 gupdatem - ok

22:56:01.0578 1672 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys

22:56:01.0578 1672 hcw85cir - ok

22:56:01.0609 1672 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys

22:56:01.0609 1672 HdAudAddService - ok

22:56:01.0640 1672 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys

22:56:01.0640 1672 HDAudBus - ok

22:56:01.0656 1672 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys

22:56:01.0656 1672 HidBatt - ok

22:56:01.0671 1672 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys

22:56:01.0671 1672 HidBth - ok

22:56:01.0687 1672 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys

22:56:01.0687 1672 HidIr - ok

22:56:01.0718 1672 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\System32\hidserv.dll

22:56:01.0718 1672 hidserv - ok

22:56:01.0734 1672 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys

22:56:01.0734 1672 HidUsb - ok

22:56:01.0765 1672 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll

22:56:01.0765 1672 hkmsvc - ok

22:56:01.0796 1672 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll

22:56:01.0796 1672 HomeGroupListener - ok

22:56:01.0812 1672 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll

22:56:01.0812 1672 HomeGroupProvider - ok

22:56:01.0827 1672 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys

22:56:01.0827 1672 HpSAMD - ok

22:56:01.0874 1672 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys

22:56:01.0874 1672 HTTP - ok

22:56:01.0890 1672 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys

22:56:01.0890 1672 hwpolicy - ok

22:56:01.0905 1672 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys

22:56:01.0905 1672 i8042prt - ok

22:56:01.0952 1672 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys

22:56:01.0952 1672 iaStorV - ok

22:56:02.0061 1672 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

22:56:02.0061 1672 idsvc - ok

22:56:02.0217 1672 igfx (9467514ea189475a6e7fdc5d7bde9d3f) C:\Windows\system32\DRIVERS\igdkmd32.sys

22:56:02.0295 1672 igfx - ok

22:56:02.0404 1672 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys

22:56:02.0404 1672 iirsp - ok

22:56:02.0451 1672 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll

22:56:02.0451 1672 IKEEXT - ok

22:56:02.0467 1672 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys

22:56:02.0482 1672 intelide - ok

22:56:02.0498 1672 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys

22:56:02.0498 1672 intelppm - ok

22:56:02.0529 1672 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll

22:56:02.0529 1672 IPBusEnum - ok

22:56:02.0545 1672 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys

22:56:02.0545 1672 IpFilterDriver - ok

22:56:02.0576 1672 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll

22:56:02.0576 1672 iphlpsvc - ok

22:56:02.0592 1672 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys

22:56:02.0592 1672 IPMIDRV - ok

22:56:02.0607 1672 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys

22:56:02.0607 1672 IPNAT - ok

22:56:02.0716 1672 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe

22:56:02.0716 1672 iPod Service - ok

22:56:02.0732 1672 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys

22:56:02.0732 1672 IRENUM - ok

22:56:02.0763 1672 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys

22:56:02.0763 1672 isapnp - ok

22:56:02.0779 1672 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys

22:56:02.0794 1672 iScsiPrt - ok

22:56:02.0810 1672 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys

22:56:02.0810 1672 kbdclass - ok

22:56:02.0826 1672 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys

22:56:02.0826 1672 kbdhid - ok

22:56:02.0857 1672 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe

22:56:02.0857 1672 KeyIso - ok

22:56:02.0857 1672 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys

22:56:02.0872 1672 KSecDD - ok

22:56:02.0872 1672 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys

22:56:02.0888 1672 KSecPkg - ok

22:56:02.0919 1672 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll

22:56:02.0919 1672 KtmRm - ok

22:56:02.0935 1672 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\System32\srvsvc.dll

22:56:02.0935 1672 LanmanServer - ok

22:56:02.0950 1672 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll

22:56:02.0950 1672 LanmanWorkstation - ok

22:56:02.0997 1672 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys

22:56:02.0997 1672 lltdio - ok

22:56:03.0044 1672 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll

22:56:03.0044 1672 lltdsvc - ok

22:56:03.0060 1672 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll

22:56:03.0060 1672 lmhosts - ok

22:56:03.0075 1672 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys

22:56:03.0075 1672 LSI_FC - ok

22:56:03.0106 1672 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys

22:56:03.0106 1672 LSI_SAS - ok

22:56:03.0106 1672 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys

22:56:03.0106 1672 LSI_SAS2 - ok

22:56:03.0138 1672 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys

22:56:03.0138 1672 LSI_SCSI - ok

22:56:03.0169 1672 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys

22:56:03.0169 1672 luafv - ok

22:56:03.0216 1672 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\Windows\system32\drivers\mbamswissarmy.sys

22:56:03.0216 1672 MBAMSwissArmy - ok

22:56:03.0247 1672 mcdbus (8fd868e32459ece2a1bb0169f513d31e) C:\Windows\system32\DRIVERS\mcdbus.sys

22:56:03.0247 1672 mcdbus - ok

22:56:03.0278 1672 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll

22:56:03.0278 1672 Mcx2Svc - ok

22:56:03.0294 1672 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys

22:56:03.0294 1672 megasas - ok

22:56:03.0325 1672 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys

22:56:03.0325 1672 MegaSR - ok

22:56:03.0356 1672 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll

22:56:03.0356 1672 MMCSS - ok

22:56:03.0372 1672 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys

22:56:03.0372 1672 Modem - ok

22:56:03.0403 1672 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys

22:56:03.0403 1672 monitor - ok

22:56:03.0418 1672 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys

22:56:03.0418 1672 mouclass - ok

22:56:03.0434 1672 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys

22:56:03.0434 1672 mouhid - ok

22:56:03.0465 1672 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys

22:56:03.0465 1672 mountmgr - ok

22:56:03.0528 1672 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

22:56:03.0528 1672 MozillaMaintenance - ok

22:56:03.0574 1672 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\Windows\system32\DRIVERS\MpFilter.sys

22:56:03.0574 1672 MpFilter - ok

22:56:03.0590 1672 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys

22:56:03.0590 1672 mpio - ok

22:56:03.0621 1672 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys

22:56:03.0621 1672 mpsdrv - ok

22:56:03.0652 1672 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll

22:56:03.0668 1672 MpsSvc - ok

22:56:03.0684 1672 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys

22:56:03.0684 1672 MRxDAV - ok

22:56:03.0730 1672 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys

22:56:03.0730 1672 mrxsmb - ok

22:56:03.0762 1672 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys

22:56:03.0762 1672 mrxsmb10 - ok

22:56:03.0777 1672 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys

22:56:03.0777 1672 mrxsmb20 - ok

22:56:03.0793 1672 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys

22:56:03.0793 1672 msahci - ok

22:56:03.0824 1672 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys

22:56:03.0824 1672 msdsm - ok

22:56:03.0855 1672 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe

22:56:03.0855 1672 MSDTC - ok

22:56:03.0886 1672 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys

22:56:03.0886 1672 Msfs - ok

22:56:03.0902 1672 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys

22:56:03.0902 1672 mshidkmdf - ok

22:56:03.0918 1672 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys

22:56:03.0918 1672 msisadrv - ok

22:56:03.0964 1672 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll

22:56:03.0964 1672 MSiSCSI - ok

22:56:03.0964 1672 msiserver - ok

22:56:03.0980 1672 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys

22:56:03.0980 1672 MSKSSRV - ok

22:56:04.0089 1672 MsMpSvc (24516bf4e12a46cb67302e2cdcb8cddf) c:\Program Files\Microsoft Security Client\MsMpEng.exe

22:56:04.0089 1672 MsMpSvc - ok

22:56:04.0105 1672 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys

22:56:04.0105 1672 MSPCLOCK - ok

22:56:04.0120 1672 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys

22:56:04.0120 1672 MSPQM - ok

22:56:04.0136 1672 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys

22:56:04.0136 1672 MsRPC - ok

22:56:04.0152 1672 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys

22:56:04.0152 1672 mssmbios - ok

22:56:04.0167 1672 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys

22:56:04.0167 1672 MSTEE - ok

22:56:04.0183 1672 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys

22:56:04.0183 1672 MTConfig - ok

22:56:04.0198 1672 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys

22:56:04.0198 1672 Mup - ok

22:56:04.0230 1672 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll

22:56:04.0230 1672 napagent - ok

22:56:04.0261 1672 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys

22:56:04.0261 1672 NativeWifiP - ok

22:56:04.0308 1672 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys

22:56:04.0308 1672 NDIS - ok

22:56:04.0323 1672 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys

22:56:04.0323 1672 NdisCap - ok

22:56:04.0339 1672 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys

22:56:04.0339 1672 NdisTapi - ok

22:56:04.0370 1672 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys

22:56:04.0370 1672 Ndisuio - ok

22:56:04.0370 1672 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys

22:56:04.0370 1672 NdisWan - ok

22:56:04.0401 1672 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys

22:56:04.0401 1672 NDProxy - ok

22:56:04.0417 1672 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys

22:56:04.0417 1672 NetBIOS - ok

22:56:04.0448 1672 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys

22:56:04.0448 1672 NetBT - ok

22:56:04.0464 1672 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe

22:56:04.0464 1672 Netlogon - ok

22:56:04.0526 1672 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll

22:56:04.0526 1672 Netman - ok

22:56:04.0542 1672 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll

22:56:04.0542 1672 netprofm - ok

22:56:04.0573 1672 netr73 (847b64e9069946556bcfcdce638566d8) C:\Windows\system32\DRIVERS\netr73.sys

22:56:04.0588 1672 netr73 - ok

22:56:04.0666 1672 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

22:56:04.0666 1672 NetTcpPortSharing - ok

22:56:04.0713 1672 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys

22:56:04.0713 1672 nfrd960 - ok

22:56:04.0760 1672 NisDrv (b52f26bade7d7e4a79706e3fd91834cd) C:\Windows\system32\DRIVERS\NisDrvWFP.sys

22:56:04.0760 1672 NisDrv - ok

22:56:04.0822 1672 NisSrv (290c0d4c4889398797f8df3be00b9698) c:\Program Files\Microsoft Security Client\NisSrv.exe

22:56:04.0838 1672 NisSrv - ok

22:56:04.0854 1672 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll

22:56:04.0869 1672 NlaSvc - ok

22:56:04.0869 1672 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys

22:56:04.0869 1672 Npfs - ok

22:56:04.0900 1672 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll

22:56:04.0916 1672 nsi - ok

22:56:04.0916 1672 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys

22:56:04.0916 1672 nsiproxy - ok

22:56:04.0978 1672 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys

22:56:04.0994 1672 Ntfs - ok

22:56:05.0025 1672 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys

22:56:05.0025 1672 Null - ok

22:56:05.0041 1672 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys

22:56:05.0041 1672 nvraid - ok

22:56:05.0072 1672 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys

22:56:05.0072 1672 nvstor - ok

22:56:05.0103 1672 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys

22:56:05.0103 1672 nv_agp - ok

22:56:05.0103 1672 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys

22:56:05.0103 1672 ohci1394 - ok

22:56:05.0181 1672 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

22:56:05.0181 1672 ose - ok

22:56:05.0212 1672 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll

22:56:05.0228 1672 p2pimsvc - ok

22:56:05.0228 1672 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll

22:56:05.0244 1672 p2psvc - ok

22:56:05.0275 1672 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys

22:56:05.0275 1672 Parport - ok

22:56:05.0290 1672 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys

22:56:05.0290 1672 partmgr - ok

22:56:05.0306 1672 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys

22:56:05.0306 1672 Parvdm - ok

22:56:05.0322 1672 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll

22:56:05.0337 1672 PcaSvc - ok

22:56:05.0353 1672 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys

22:56:05.0353 1672 pci - ok

22:56:05.0368 1672 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys

22:56:05.0368 1672 pciide - ok

22:56:05.0384 1672 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys

22:56:05.0384 1672 pcmcia - ok

22:56:05.0400 1672 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys

22:56:05.0400 1672 pcw - ok

22:56:05.0431 1672 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys

22:56:05.0446 1672 PEAUTH - ok

22:56:05.0509 1672 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll

22:56:05.0509 1672 pla - ok

22:56:05.0634 1672 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll

22:56:05.0634 1672 PlugPlay - ok

22:56:05.0665 1672 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll

22:56:05.0665 1672 PNRPAutoReg - ok

22:56:05.0680 1672 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll

22:56:05.0680 1672 PNRPsvc - ok

22:56:05.0712 1672 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll

22:56:05.0712 1672 PolicyAgent - ok

22:56:05.0743 1672 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll

22:56:05.0743 1672 Power - ok

22:56:05.0790 1672 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys

22:56:05.0790 1672 PptpMiniport - ok

22:56:05.0805 1672 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys

22:56:05.0805 1672 Processor - ok

22:56:05.0852 1672 Profos - ok

22:56:05.0868 1672 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll

22:56:05.0868 1672 ProfSvc - ok

22:56:05.0883 1672 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe

22:56:05.0883 1672 ProtectedStorage - ok

22:56:05.0914 1672 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys

22:56:05.0914 1672 Psched - ok

22:56:05.0961 1672 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys

22:56:05.0977 1672 ql2300 - ok

22:56:06.0055 1672 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys

22:56:06.0055 1672 ql40xx - ok

22:56:06.0086 1672 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll

22:56:06.0102 1672 QWAVE - ok

22:56:06.0102 1672 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys

22:56:06.0102 1672 QWAVEdrv - ok

22:56:06.0117 1672 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys

22:56:06.0117 1672 RasAcd - ok

22:56:06.0148 1672 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys

22:56:06.0164 1672 RasAgileVpn - ok

22:56:06.0164 1672 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll

22:56:06.0164 1672 RasAuto - ok

22:56:06.0195 1672 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys

22:56:06.0195 1672 Rasl2tp - ok

22:56:06.0226 1672 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll

22:56:06.0226 1672 RasMan - ok

22:56:06.0226 1672 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys

22:56:06.0242 1672 RasPppoe - ok

22:56:06.0258 1672 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys

22:56:06.0258 1672 RasSstp - ok

22:56:06.0289 1672 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys

22:56:06.0289 1672 rdbss - ok

22:56:06.0304 1672 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys

22:56:06.0304 1672 rdpbus - ok

22:56:06.0320 1672 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys

22:56:06.0320 1672 RDPCDD - ok

22:56:06.0336 1672 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys

22:56:06.0336 1672 RDPENCDD - ok

22:56:06.0351 1672 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys

22:56:06.0351 1672 RDPREFMP - ok

22:56:06.0367 1672 RDPWD (244c83332f44589ae98fc347f11b2693) C:\Windows\system32\drivers\RDPWD.sys

22:56:06.0367 1672 RDPWD - ok

22:56:06.0398 1672 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys

22:56:06.0414 1672 rdyboost - ok

22:56:06.0445 1672 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll

22:56:06.0445 1672 RemoteAccess - ok

22:56:06.0476 1672 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll

22:56:06.0476 1672 RemoteRegistry - ok

22:56:06.0476 1672 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll

22:56:06.0476 1672 RpcEptMapper - ok

22:56:06.0523 1672 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe

22:56:06.0523 1672 RpcLocator - ok

22:56:06.0538 1672 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll

22:56:06.0538 1672 RpcSs - ok

22:56:06.0570 1672 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys

22:56:06.0570 1672 rspndr - ok

22:56:06.0616 1672 RTL8167 (7dfd48e24479b68b258d8770121155a0) C:\Windows\system32\DRIVERS\Rt86win7.sys

22:56:06.0616 1672 RTL8167 - ok

22:56:06.0632 1672 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe

22:56:06.0632 1672 SamSs - ok

22:56:06.0663 1672 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys

22:56:06.0663 1672 sbp2port - ok

22:56:06.0694 1672 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll

22:56:06.0694 1672 SCardSvr - ok

22:56:06.0726 1672 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys

22:56:06.0726 1672 scfilter - ok

22:56:06.0741 1672 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll

22:56:06.0757 1672 Schedule - ok

22:56:06.0757 1672 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll

22:56:06.0757 1672 SCPolicySvc - ok

22:56:06.0788 1672 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll

22:56:06.0788 1672 SDRSVC - ok

22:56:06.0835 1672 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

22:56:06.0835 1672 secdrv - ok

22:56:06.0866 1672 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll

22:56:06.0866 1672 seclogon - ok

22:56:06.0882 1672 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\system32\sens.dll

22:56:06.0882 1672 SENS - ok

22:56:06.0913 1672 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll

22:56:06.0913 1672 SensrSvc - ok

22:56:06.0928 1672 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys

22:56:06.0944 1672 Serenum - ok

22:56:06.0960 1672 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys

22:56:06.0960 1672 Serial - ok

22:56:06.0975 1672 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys

22:56:06.0975 1672 sermouse - ok

22:56:07.0006 1672 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll

22:56:07.0006 1672 SessionEnv - ok

22:56:07.0038 1672 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys

22:56:07.0038 1672 sffdisk - ok

22:56:07.0038 1672 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys

22:56:07.0038 1672 sffp_mmc - ok

22:56:07.0053 1672 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys

22:56:07.0053 1672 sffp_sd - ok

22:56:07.0084 1672 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys

22:56:07.0084 1672 sfloppy - ok

22:56:07.0147 1672 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll

22:56:07.0147 1672 SharedAccess - ok

22:56:07.0178 1672 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll

22:56:07.0178 1672 ShellHWDetection - ok

22:56:07.0209 1672 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys

22:56:07.0209 1672 sisagp - ok

22:56:07.0225 1672 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys

22:56:07.0225 1672 SiSRaid2 - ok

22:56:07.0225 1672 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys

22:56:07.0225 1672 SiSRaid4 - ok

22:56:07.0256 1672 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys

22:56:07.0256 1672 Smb - ok

22:56:07.0303 1672 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe

22:56:07.0303 1672 SNMPTRAP - ok

22:56:07.0303 1672 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys

22:56:07.0303 1672 spldr - ok

22:56:07.0334 1672 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe

22:56:07.0334 1672 Spooler - ok

22:56:07.0428 1672 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe

22:56:07.0443 1672 sppsvc - ok

22:56:07.0521 1672 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll

22:56:07.0521 1672 sppuinotify - ok

22:56:07.0568 1672 sptd (f42efefb765235f24b24e1d2b6f99f46) C:\Windows\System32\Drivers\sptd.sys

22:56:07.0584 1672 sptd - ok

22:56:07.0615 1672 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys

22:56:07.0615 1672 srv - ok

22:56:07.0630 1672 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys

22:56:07.0630 1672 srv2 - ok

22:56:07.0646 1672 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys

22:56:07.0646 1672 srvnet - ok

22:56:07.0677 1672 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll

22:56:07.0677 1672 SSDPSRV - ok

22:56:07.0693 1672 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll

22:56:07.0693 1672 SstpSvc - ok

22:56:07.0755 1672 Steam Client Service - ok

22:56:07.0786 1672 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys

22:56:07.0786 1672 stexstor - ok

22:56:07.0833 1672 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll

22:56:07.0833 1672 StiSvc - ok

22:56:07.0849 1672 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys

22:56:07.0849 1672 swenum - ok

22:56:07.0880 1672 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll

22:56:07.0880 1672 swprv - ok

22:56:07.0927 1672 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll

22:56:07.0942 1672 SysMain - ok

22:56:07.0974 1672 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll

22:56:07.0974 1672 TabletInputService - ok

22:56:08.0005 1672 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll

22:56:08.0005 1672 TapiSrv - ok

22:56:08.0020 1672 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll

22:56:08.0020 1672 TBS - ok

22:56:08.0098 1672 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys

22:56:08.0098 1672 Tcpip - ok

22:56:08.0114 1672 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys

22:56:08.0114 1672 TCPIP6 - ok

22:56:08.0145 1672 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys

22:56:08.0145 1672 tcpipreg - ok

22:56:08.0161 1672 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys

22:56:08.0176 1672 TDPIPE - ok

22:56:08.0192 1672 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys

22:56:08.0192 1672 TDTCP - ok

22:56:08.0208 1672 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys

22:56:08.0208 1672 tdx - ok

22:56:08.0239 1672 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys

22:56:08.0239 1672 TermDD - ok

22:56:08.0270 1672 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll

22:56:08.0270 1672 TermService - ok

22:56:08.0301 1672 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll

22:56:08.0301 1672 Themes - ok

22:56:08.0332 1672 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll

22:56:08.0332 1672 THREADORDER - ok

22:56:08.0348 1672 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll

22:56:08.0348 1672 TrkWks - ok

22:56:08.0379 1672 Trufos - ok

22:56:08.0426 1672 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe

22:56:08.0426 1672 TrustedInstaller - ok

22:56:08.0457 1672 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys

22:56:08.0457 1672 tssecsrv - ok

22:56:08.0457 1672 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys

22:56:08.0457 1672 TsUsbFlt - ok

22:56:08.0504 1672 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys

22:56:08.0504 1672 tunnel - ok

22:56:08.0535 1672 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys

22:56:08.0535 1672 uagp35 - ok

22:56:08.0551 1672 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys

22:56:08.0551 1672 udfs - ok

22:56:08.0582 1672 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe

22:56:08.0582 1672 UI0Detect - ok

22:56:08.0613 1672 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys

22:56:08.0613 1672 uliagpkx - ok

22:56:08.0644 1672 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys

22:56:08.0644 1672 umbus - ok

22:56:08.0676 1672 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys

22:56:08.0676 1672 UmPass - ok

22:56:08.0707 1672 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll

22:56:08.0707 1672 upnphost - ok

22:56:08.0738 1672 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys

22:56:08.0738 1672 USBAAPL - ok

22:56:08.0785 1672 usbaudio (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys

22:56:08.0785 1672 usbaudio - ok

22:56:08.0816 1672 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys

22:56:08.0816 1672 usbccgp - ok

22:56:08.0832 1672 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys

22:56:08.0832 1672 usbcir - ok

22:56:08.0847 1672 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys

22:56:08.0863 1672 usbehci - ok

22:56:08.0878 1672 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys

22:56:08.0878 1672 usbhub - ok

22:56:08.0910 1672 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys

22:56:08.0910 1672 usbohci - ok

22:56:08.0941 1672 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys

22:56:08.0941 1672 usbprint - ok

22:56:08.0956 1672 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS

22:56:08.0956 1672 USBSTOR - ok

22:56:08.0972 1672 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys

22:56:08.0972 1672 usbuhci - ok

22:56:09.0003 1672 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll

22:56:09.0003 1672 UxSms - ok

22:56:09.0019 1672 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe

22:56:09.0019 1672 VaultSvc - ok

22:56:09.0034 1672 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys

22:56:09.0034 1672 vdrvroot - ok

22:56:09.0066 1672 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe

22:56:09.0066 1672 vds - ok

22:56:09.0097 1672 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys

22:56:09.0097 1672 vga - ok

22:56:09.0128 1672 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys

22:56:09.0128 1672 VgaSave - ok

22:56:09.0144 1672 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys

22:56:09.0144 1672 vhdmp - ok

22:56:09.0159 1672 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys

22:56:09.0159 1672 viaagp - ok

22:56:09.0175 1672 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys

22:56:09.0175 1672 ViaC7 - ok

22:56:09.0190 1672 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys

22:56:09.0190 1672 viaide - ok

22:56:09.0190 1672 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys

22:56:09.0190 1672 volmgr - ok

22:56:09.0206 1672 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys

22:56:09.0206 1672 volmgrx - ok

22:56:09.0222 1672 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys

22:56:09.0237 1672 volsnap - ok

22:56:09.0253 1672 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys

22:56:09.0253 1672 vsmraid - ok

22:56:09.0300 1672 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe

22:56:09.0300 1672 VSS - ok

22:56:09.0315 1672 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys

22:56:09.0315 1672 vwifibus - ok

22:56:09.0362 1672 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll

22:56:09.0362 1672 W32Time - ok

22:56:09.0378 1672 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys

22:56:09.0378 1672 WacomPen - ok

22:56:09.0424 1672 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys

22:56:09.0424 1672 WANARP - ok

22:56:09.0424 1672 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys

22:56:09.0424 1672 Wanarpv6 - ok

22:56:09.0502 1672 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe

22:56:09.0518 1672 WatAdminSvc - ok

22:56:09.0580 1672 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe

22:56:09.0596 1672 wbengine - ok

22:56:09.0627 1672 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll

22:56:09.0627 1672 WbioSrvc - ok

22:56:09.0643 1672 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll

22:56:09.0658 1672 wcncsvc - ok

22:56:09.0658 1672 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll

22:56:09.0658 1672 WcsPlugInService - ok

22:56:09.0705 1672 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys

22:56:09.0721 1672 Wd - ok

22:56:09.0736 1672 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys

22:56:09.0736 1672 Wdf01000 - ok

22:56:09.0752 1672 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll

22:56:09.0752 1672 WdiServiceHost - ok

22:56:09.0752 1672 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll

22:56:09.0752 1672 WdiSystemHost - ok

22:56:09.0768 1672 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll

22:56:09.0768 1672 WebClient - ok

22:56:09.0783 1672 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll

22:56:09.0783 1672 Wecsvc - ok

22:56:09.0799 1672 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll

22:56:09.0799 1672 wercplsupport - ok

22:56:09.0814 1672 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll

22:56:09.0830 1672 WerSvc - ok

22:56:09.0846 1672 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys

22:56:09.0846 1672 WfpLwf - ok

22:56:09.0877 1672 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys

22:56:09.0877 1672 WIMMount - ok

22:56:09.0955 1672 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll

22:56:09.0955 1672 WinDefend - ok

22:56:09.0955 1672 WinHttpAutoProxySvc - ok

22:56:10.0017 1672 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll

22:56:10.0017 1672 Winmgmt - ok

22:56:10.0064 1672 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll

22:56:10.0080 1672 WinRM - ok

22:56:10.0142 1672 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys

22:56:10.0142 1672 WinUsb - ok

22:56:10.0189 1672 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll

22:56:10.0189 1672 Wlansvc - ok

22:56:10.0314 1672 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

22:56:10.0345 1672 wlidsvc - ok

22:56:10.0438 1672 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys

22:56:10.0438 1672 WmiAcpi - ok

22:56:10.0501 1672 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe

22:56:10.0501 1672 wmiApSrv - ok

22:56:10.0563 1672 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe

22:56:10.0579 1672 WMPNetworkSvc - ok

22:56:10.0594 1672 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll

22:56:10.0610 1672 WPCSvc - ok

22:56:10.0626 1672 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll

22:56:10.0626 1672 WPDBusEnum - ok

22:56:10.0688 1672 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys

22:56:10.0688 1672 ws2ifsl - ok

22:56:10.0704 1672 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\system32\wscsvc.dll

22:56:10.0704 1672 wscsvc - ok

22:56:10.0704 1672 WSearch - ok

22:56:10.0766 1672 wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll

22:56:10.0797 1672 wuauserv - ok

22:56:10.0860 1672 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys

22:56:10.0860 1672 WudfPf - ok

22:56:10.0875 1672 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys

22:56:10.0875 1672 WUDFRd - ok

22:56:10.0906 1672 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll

22:56:10.0906 1672 wudfsvc - ok

22:56:10.0938 1672 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll

22:56:10.0938 1672 WwanSvc - ok

22:56:11.0000 1672 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

22:56:11.0172 1672 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

22:56:11.0172 1672 \Device\Harddisk0\DR0 - detected TDSS File System (1)

22:56:11.0172 1672 MBR (0x1B8) (739b36f7a373fc81121d831231b6d311) \Device\Harddisk5\DR6

22:56:11.0265 1672 \Device\Harddisk5\DR6 - ok

22:56:11.0296 1672 Boot (0x1200) (8932ad8f8d26fd7c88492eb9db4d99f7) \Device\Harddisk0\DR0\Partition0

22:56:11.0296 1672 \Device\Harddisk0\DR0\Partition0 - ok

22:56:11.0296 1672 Boot (0x1200) (26a6788cbea3e7ffa6374235105a91e1) \Device\Harddisk0\DR0\Partition1

22:56:11.0296 1672 \Device\Harddisk0\DR0\Partition1 - ok

22:56:11.0312 1672 Boot (0x1200) (a09bad305401e8211f8c8ba06e62518f) \Device\Harddisk5\DR6\Partition0

22:56:11.0312 1672 \Device\Harddisk5\DR6\Partition0 - ok

22:56:11.0312 1672 ============================================================

22:56:11.0312 1672 Scan finished

22:56:11.0312 1672 ============================================================

22:56:11.0312 1288 Detected object count: 2

22:56:11.0312 1288 Actual detected object count: 2

22:56:58.0580 1288 c:\program files\common files\akamai/netsession_win_6c825ce.dll - copied to quarantine

22:56:58.0580 1288 HKLM\SYSTEM\ControlSet001\services\Akamai - will be deleted on reboot

22:56:58.0596 1288 HKLM\SYSTEM\ControlSet002\services\Akamai - will be deleted on reboot

22:56:58.0689 1288 c:\program files\common files\akamai/netsession_win_6c825ce.dll - will be deleted on reboot

22:56:58.0689 1288 Akamai ( HiddenFile.Multi.Generic ) - User select action: Delete

22:56:58.0752 1288 \Device\Harddisk0\DR0\TDLFS\cfg.ini - copied to quarantine

22:56:58.0752 1288 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine

22:56:58.0752 1288 \Device\Harddisk0\DR0\TDLFS\bckfg.tmp - copied to quarantine

22:56:58.0752 1288 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine

22:56:58.0752 1288 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine

22:56:58.0752 1288 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine

22:56:58.0752 1288 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine

22:56:58.0767 1288 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine

22:56:58.0767 1288 \Device\Harddisk0\DR0\TDLFS\keywords - copied to quarantine

22:56:58.0767 1288 \Device\Harddisk0\DR0\TDLFS - deleted

22:56:58.0767 1288 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete

22:57:12.0870 1008 Deinitialize success
22:56:58.0767 1288 \Device\Harddisk0\DR0\TDLFS\keywords - copied to quarantine

22:56:58.0767 1288 \Device\Harddisk0\DR0\TDLFS - deleted

22:56:58.0767 1288 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete

22:57:12.0870 1008 Deinitialize success


Now after TDSS ran, it asked to reboot the computer, which I did. I can now access the desktop (though a lot of the files on my desktop like mp3s or jpeg pictures are locked and changed to .txt data). I assume there's more to fixing my computer than just this though.

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:33 AM

Posted 24 May 2012 - 07:14 PM

I just realized I Hijacked narenxp off this topic,,,sorry/


OK, that's what I expected to see. This is a nasty malware.. At least that is gone..
Do NOT run a Temp file or Registry cleaner..

Have you run the Autoruns segment of post 2?


One more scan please

I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 PersonaUser314

PersonaUser314
  • Topic Starter

  • Members
  • 73 posts
  • OFFLINE
  •  
  • Local time:08:33 AM

Posted 25 May 2012 - 06:03 PM

I ran the autoruns segment, the link is at the bottom of the second post I made, do you need me to run it again?

Here is the log produced by this latest ESETS Scan:

C:\TDSSKiller_Quarantine\24.05.2012_22.55.23\tdlfs0000\tsk0003.dta a variant of Win32/Olmarik.AWO trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\24.05.2012_22.55.23\tdlfs0000\tsk0005.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\24.05.2012_22.55.23\tdlfs0000\tsk0006.dta Win64/Olmarik.N trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\24.05.2012_22.55.23\tdlfs0000\tsk0007.dta Win64/Olmarik.A trojan cleaned by deleting - quarantined
C:\_OTL\MovedFiles\02062012_170051\C_Users\Lauren\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\ac8c29b-1344be85 Java/TrojanDownloader.OpenStream.NBW trojan deleted - quarantined

#9 PersonaUser314

PersonaUser314
  • Topic Starter

  • Members
  • 73 posts
  • OFFLINE
  •  
  • Local time:08:33 AM

Posted 30 May 2012 - 06:30 AM

Bumping this topic since it's been 5 days without a response. Can anyone finish helping me?

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:33 AM

Posted 30 May 2012 - 06:18 PM

Hello, sorry we lost you. Are you still seeing any signs of it?

Run this next as it appears you may have exploitable apps.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 PersonaUser314

PersonaUser314
  • Topic Starter

  • Members
  • 73 posts
  • OFFLINE
  •  
  • Local time:08:33 AM

Posted 31 May 2012 - 04:57 PM

My friend suggested yesterday that the reason all my files are locked and read as odd extensions could have had something to do with her initial attmepts at fixing it, and suggested downloading a file unlocker of some sort. Would this be correct/advisable???

Here's the MiniToolBox log in the meantime:

MiniToolBox by Farbar Version: 14-01-2012
Ran by Lauren (administrator) on 31-05-2012 at 22:55:35
Microsoft Windows 7 Home Premium Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek RTL8102E/RTL8103E Family PCI-E Fast Ethernet NIC (NDIS 6.20) = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Lauren-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : lan

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : lan
Description . . . . . . . . . . . : Realtek RTL8102E/RTL8103E Family PCI-E Fast Ethernet NIC (NDIS 6.20)
Physical Address. . . . . . . . . : 00-24-E8-14-22-80
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::795f:b1d3:c755:87b6%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.74(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 31 May 2012 22:47:21
Lease Expires . . . . . . . . . . : 01 June 2012 22:47:21
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 234890472
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-77-BC-CB-00-24-E8-14-22-80
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Reusable ISATAP Interface {782A613D-48D7-4CB2-83F2-C8D9601CD2A8}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.lan:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : lan
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:1413:1c1e:3f57:feb5(Preferred)
Link-local IPv6 Address . . . . . : fe80::1413:1c1e:3f57:feb5%16(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: dsldevice.lan
Address: 192.168.1.254

Name: google.com
Addresses: 173.194.34.65
173.194.34.78
173.194.34.73
173.194.34.68
173.194.34.70
173.194.34.67
173.194.34.66
173.194.34.64
173.194.34.71
173.194.34.72
173.194.34.69


Pinging google.com [173.194.41.98] with 32 bytes of data:
Reply from 173.194.41.98: bytes=32 time=23ms TTL=55
Reply from 173.194.41.98: bytes=32 time=22ms TTL=55

Ping statistics for 173.194.41.98:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 22ms, Maximum = 23ms, Average = 22ms
Server: dsldevice.lan
Address: 192.168.1.254

Name: yahoo.com
Addresses: 209.191.122.70
72.30.38.140
98.139.183.24


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=190ms TTL=51
Reply from 72.30.38.140: bytes=32 time=179ms TTL=51

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 179ms, Maximum = 190ms, Average = 184ms
Server: dsldevice.lan
Address: 192.168.1.254

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
10...00 24 e8 14 22 80 ......Realtek RTL8102E/RTL8103E Family PCI-E Fast Ethernet NIC (NDIS 6.20)
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.74 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.74 276
192.168.1.74 255.255.255.255 On-link 192.168.1.74 276
192.168.1.255 255.255.255.255 On-link 192.168.1.74 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.74 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.74 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
16 58 ::/0 On-link
1 306 ::1/128 On-link
16 58 2001::/32 On-link
16 306 2001:0:5ef5:79fb:1413:1c1e:3f57:feb5/128
On-link
10 276 fe80::/64 On-link
16 306 fe80::/64 On-link
16 306 fe80::1413:1c1e:3f57:feb5/128
On-link
10 276 fe80::795f:b1d3:c755:87b6/128
On-link
1 306 ff00::/8 On-link
16 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 38 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 39 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 40 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 41 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 42 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 43 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 44 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/26/2012 11:00:28 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/26/2012 10:55:21 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/26/2012 10:30:27 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/26/2012 10:30:26 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/26/2012 10:30:26 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/26/2012 10:30:26 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/26/2012 10:30:26 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/26/2012 10:25:13 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/26/2012 10:25:13 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/26/2012 10:25:12 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.


System errors:
=============
Error: (05/31/2012 02:34:00 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.127.711.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (05/31/2012 02:33:58 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.127.711.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (05/31/2012 04:18:37 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.127.711.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (05/30/2012 02:34:00 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.127.711.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (05/30/2012 02:33:58 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.127.711.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (05/29/2012 02:34:00 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.127.711.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (05/29/2012 02:33:58 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.127.711.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (05/28/2012 02:34:00 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.127.711.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (05/28/2012 02:33:58 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.127.711.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (05/27/2012 02:34:00 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.127.711.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608


Microsoft Office Sessions:
=========================
Error: (05/26/2012 11:00:28 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/26/2012 10:55:21 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/26/2012 10:30:27 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/26/2012 10:30:26 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/26/2012 10:30:26 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/26/2012 10:30:26 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/26/2012 10:30:26 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/26/2012 10:25:13 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/26/2012 10:25:13 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/26/2012 10:25:12 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.


=========================== Installed Programs ============================

???????????
7-Zip 4.65
Adobe AIR (Version: 2.0.3.13070)
Adobe Flash Player 11 Plugin (Version: 11.2.202.235)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Akamai NetSession Interface Service
Alon Audio Extractor 3.0
Amazon MP3 Downloader 1.0.9
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
Audacity 1.2.6
Audiosurf
Belkin 54Mbps Wireless Network Adapter (Version: 1.00.01)
Bonjour (Version: 3.0.0.10)
Comical 0.8
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Consolas Font Family (Version: 1.00.0000)
D3DX10 (Version: 15.4.2368.0902)
DAEMON Tools Lite (Version: 4.45.1.0236)
ESET Online Scanner v3
GIMP 2.6.7
Google Update Helper (Version: 1.3.21.111)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.1930)
Intel® TV Wizard
IsoBuster 2.8.5 (Version: 2.8.5)
iTunes (Version: 10.6.1.7)
Java Auto Updater (Version: 2.1.5.3)
Java™ 7 Update 2 (Version: 7.0.20)
K-Lite Mega Codec Pack 7.7.0 (Version: 7.7.0)
Katawa Shoujo
LAME v3.98.2 for Audacity
Malwarebytes Anti-Malware version 1.60.0.1800 (Version: 1.60.0.1800)
MELTY BLOOD Act Cadenza Ver.B WindowsӁ
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
mkv2vob (Version: 2.4.9)
Mozilla Firefox 12.0 (x86 en-GB) (Version: 12.0)
Mozilla Maintenance Service (Version: 12.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT Redists (Version: 1.0)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
Origin (Version: 8.5.0.4550)
Project64 1.6 (Version: 1.6)
QuickTime (Version: 7.71.80.42)
RPS CRT (Version: 9.0.34)
SEGA Genesis & Mega Drive Classics
Steam (Version: 1.0.0.0)
StepMania 3.9a (remove only)
Terraria
The Sims™ 3 (Version: 1.31.118)
The Sims™ 3 Ambitions (Version: 4.0.87)
The Sims™ 3 Generations (Version: 8.0.152)
The Sims™ 3 Late Night (Version: 6.0.81)
The Sims™ 3 Pets (Version: 10.0.96)
The Sims™ 3 World Adventures (Version: 2.0.86)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
VoiceOver Kit (Version: 1.42.128.0)
Vuze (Version: 4.7)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Movie Maker 2.6 (Version: 2.6.4037.0)
Xiph.Org Open Codecs 0.85.17777 (Version: 0.85.17777)
Yume Nikki 0.10 English v3

========================= Memory info: ===================================

Percentage of memory in use: 32%
Total physical RAM: 3317.18 MB
Available physical RAM: 2242.58 MB
Total Pagefile: 6632.64 MB
Available Pagefile: 5470.52 MB
Total Virtual: 2047.88 MB
Available Virtual: 1935.63 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:450.7 GB) (Free:97.53 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:15 GB) (Free:14.03 GB) NTFS
3 Drive e: (Sims3EP05) (CDROM) (Total:5.3 GB) (Free:0 GB) UDF
7 Drive j: (MBACverB) (CDROM) (Total:2.36 GB) (Free:0 GB) UDF

========================= Users: ========================================

User accounts for \\LAUREN-PC

Administrator Guest Lauren


**** End of log ****

#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:33 AM

Posted 31 May 2012 - 10:19 PM

Your java is 2 updates behind... Download the latest version of Java Runtime Environment (JRE) Version 7

That is a good app. Try it and see.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 PersonaUser314

PersonaUser314
  • Topic Starter

  • Members
  • 73 posts
  • OFFLINE
  •  
  • Local time:08:33 AM

Posted 03 June 2012 - 10:07 AM

K, I've installed the latest version of Java. What's next?

#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:33 AM

Posted 03 June 2012 - 12:33 PM

If there are no more problems or signs of infection, you should Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been backed up, renamed and saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Posted Image > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Posted Image > Run... and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
Vista and Windows 7 users can refer to these links:
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 PersonaUser314

PersonaUser314
  • Topic Starter

  • Members
  • 73 posts
  • OFFLINE
  •  
  • Local time:08:33 AM

Posted 04 June 2012 - 12:45 PM

Before I make a restore point, I want to ask again abut my 'locked' files. Currently, all the files in my documents, on my desktop, e.t.c are locked, the come up as the file name, dot, its previous extension, dot, a sequence of 4 random letters (eg.g higo, none of the extension sequences are the same 4 letters) Can you tell me how to unlock them? Wou8ld it be something to do with a virus???




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users