Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan horse Dropper.Generic_c.MMI


  • This topic is locked This topic is locked
6 replies to this topic

#1 BartK

BartK

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:56 AM

Posted 19 July 2012 - 07:52 PM

Hello everyone,

I am having an issue with an apparent trojan horse virus detected by my antivirus program, AVG Anti-Virus Free 2012. The problem started earlier today, and seems to have occured after I installed a suddenly appearing update for Adobe Flash Player, which I ignorantly accepted. Since then, each time I start up my computer, the desktop icons are rearranged to the left as though the arrangement has been reset, and I have been getting the following warning from AVG Resident Shield frequently:

File name: c:\Windows\System32\services.exe
Threat name: Trojan horse Dropper.Generic_c.MMI
Process name: C:\Program Files (x86)\AVG\AVG PC Tuneup\BoostSpeed.exe (changed, see below)
Process-ID: 3068 (changed, see below)

It should be noted that the process name and -ID were different at first, but after searching Google for a while, I found a recommendation of installing AVG PC Tuneup, which would supposedly solve the issue with the desktop icons. However, after installing and using the program, the warning from AVG Reisdent Shield started appearing even more frequently and is reappearing at least three times per minute as I am writing this post, with the process name and -ID changed to the ones displayed above. I do not remember what the initial name and ID were, nor do I know where to find this.

The frequent warning stirred me to search around the internet for possible solutions, concluding that many others are experiencing this issue and that it is likely because of a virus installed by the (fake) Adobe Flash Player update. The issue does not seem easily resolvable and most people were requested a lot of complicated information that I did not understand too well. Several people were advised a quick fix through "cmd.exe", but they reported recurring of the virus within a day, and therefore I did not attempt this. Elsewhere, a guide explained how to remove a "services.exe virus", telling me to go to the Task Manager and find services.exe in the Processes tab, but it was not listed there.

Furthermore, I am using Windows 7 and AVG Anti-Virus Free 2012. I have installed every recent update for both the operating system and the anti-virus program, and have performed several scans with AVG, each showing services.exe as a white-listed trojan horse virus, with the message "All problems have been solved." I have no idea what to do, and it seems to be getting out of hand, so I hope any of you can help me with this problem!

Thanks in advance!

- Bart

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:56 AM

Posted 19 July 2012 - 08:01 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 BartK

BartK
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:56 AM

Posted 20 July 2012 - 07:00 AM

TDSS Killer LOG Report:

12:10:53.0827 3400 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
12:10:53.0988 3400 ============================================================
12:10:53.0988 3400 Current date / time: 2012/07/20 12:10:53.0988
12:10:53.0988 3400 SystemInfo:
12:10:53.0988 3400
12:10:53.0988 3400 OS Version: 6.1.7601 ServicePack: 1.0
12:10:53.0988 3400 Product type: Workstation
12:10:53.0988 3400 ComputerName: PC_VAN_BART
12:10:53.0989 3400 UserName: Bart
12:10:53.0989 3400 Windows directory: C:\Windows
12:10:53.0989 3400 System windows directory: C:\Windows
12:10:53.0989 3400 Running under WOW64
12:10:53.0989 3400 Processor architecture: Intel x64
12:10:53.0989 3400 Number of processors: 4
12:10:53.0989 3400 Page size: 0x1000
12:10:53.0989 3400 Boot type: Normal boot
12:10:53.0989 3400 ============================================================
12:10:55.0303 3400 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:10:55.0333 3400 ============================================================
12:10:55.0333 3400 \Device\Harddisk0\DR0:
12:10:55.0333 3400 MBR partitions:
12:10:55.0333 3400 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xA010000
12:10:55.0347 3400 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xA011000, BlocksNum 0x30374800
12:10:55.0347 3400 ============================================================
12:10:55.0373 3400 C: <-> \Device\Harddisk0\DR0\Partition0
12:10:55.0400 3400 D: <-> \Device\Harddisk0\DR0\Partition1
12:10:55.0400 3400 ============================================================
12:10:55.0400 3400 Initialize success
12:10:55.0400 3400 ============================================================
12:11:28.0075 1892 ============================================================
12:11:28.0075 1892 Scan started
12:11:28.0075 1892 Mode: Manual; TDLFS;
12:11:28.0075 1892 ============================================================
12:11:29.0206 1892 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
12:11:29.0219 1892 1394ohci - ok
12:11:29.0289 1892 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
12:11:29.0293 1892 ACPI - ok
12:11:29.0315 1892 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
12:11:29.0325 1892 AcpiPmi - ok
12:11:29.0357 1892 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys
12:11:29.0359 1892 adfs - ok
12:11:29.0415 1892 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
12:11:29.0420 1892 adp94xx - ok
12:11:29.0452 1892 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
12:11:29.0458 1892 adpahci - ok
12:11:29.0476 1892 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
12:11:29.0480 1892 adpu320 - ok
12:11:29.0530 1892 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
12:11:29.0531 1892 AeLookupSvc - ok
12:11:29.0584 1892 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
12:11:29.0597 1892 AFD - ok
12:11:29.0630 1892 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
12:11:29.0641 1892 agp440 - ok
12:11:29.0659 1892 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
12:11:29.0661 1892 ALG - ok
12:11:29.0674 1892 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
12:11:29.0684 1892 aliide - ok
12:11:29.0701 1892 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
12:11:29.0711 1892 amdide - ok
12:11:29.0781 1892 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
12:11:29.0783 1892 AmdK8 - ok
12:11:29.0813 1892 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
12:11:29.0815 1892 AmdPPM - ok
12:11:29.0852 1892 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
12:11:29.0864 1892 amdsata - ok
12:11:29.0883 1892 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
12:11:29.0886 1892 amdsbs - ok
12:11:29.0903 1892 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
12:11:29.0904 1892 amdxata - ok
12:11:29.0943 1892 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
12:11:29.0954 1892 AppID - ok
12:11:29.0990 1892 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
12:11:29.0992 1892 AppIDSvc - ok
12:11:30.0023 1892 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
12:11:30.0024 1892 Appinfo - ok
12:11:30.0116 1892 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:11:30.0118 1892 Apple Mobile Device - ok
12:11:30.0149 1892 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
12:11:30.0151 1892 arc - ok
12:11:30.0168 1892 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
12:11:30.0170 1892 arcsas - ok
12:11:30.0216 1892 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
12:11:30.0217 1892 AsyncMac - ok
12:11:30.0234 1892 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
12:11:30.0234 1892 atapi - ok
12:11:30.0496 1892 atikmdag (3efd964d52221360af0673cd61c2f4f5) C:\Windows\system32\drivers\atikmdag.sys
12:11:30.0551 1892 atikmdag - ok
12:11:30.0674 1892 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
12:11:30.0683 1892 AudioEndpointBuilder - ok
12:11:30.0690 1892 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
12:11:30.0696 1892 AudioSrv - ok
12:11:30.0984 1892 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
12:11:31.0036 1892 AVGIDSAgent - ok
12:11:31.0125 1892 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
12:11:31.0127 1892 AVGIDSDriver - ok
12:11:31.0148 1892 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
12:11:31.0150 1892 AVGIDSEH - ok
12:11:31.0156 1892 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
12:11:31.0157 1892 AVGIDSFilter - ok
12:11:31.0200 1892 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
12:11:31.0205 1892 Avgldx64 - ok
12:11:31.0228 1892 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
12:11:31.0230 1892 Avgmfx64 - ok
12:11:31.0317 1892 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
12:11:31.0319 1892 Avgrkx64 - ok
12:11:31.0349 1892 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
12:11:31.0354 1892 Avgtdia - ok
12:11:31.0424 1892 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
12:11:31.0427 1892 avgwd - ok
12:11:31.0462 1892 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
12:11:31.0465 1892 AxInstSV - ok
12:11:31.0517 1892 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
12:11:31.0535 1892 b06bdrv - ok
12:11:31.0569 1892 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
12:11:31.0574 1892 b57nd60a - ok
12:11:31.0638 1892 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
12:11:31.0640 1892 BDESVC - ok
12:11:31.0646 1892 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
12:11:31.0647 1892 Beep - ok
12:11:31.0710 1892 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
12:11:31.0722 1892 BITS - ok
12:11:31.0759 1892 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
12:11:31.0761 1892 blbdrive - ok
12:11:31.0867 1892 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
12:11:31.0873 1892 Bonjour Service - ok
12:11:31.0910 1892 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
12:11:31.0912 1892 bowser - ok
12:11:31.0940 1892 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:11:31.0941 1892 BrFiltLo - ok
12:11:31.0957 1892 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:11:31.0959 1892 BrFiltUp - ok
12:11:31.0983 1892 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
12:11:31.0985 1892 Browser - ok
12:11:32.0023 1892 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
12:11:32.0027 1892 Brserid - ok
12:11:32.0040 1892 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
12:11:32.0041 1892 BrSerWdm - ok
12:11:32.0051 1892 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
12:11:32.0053 1892 BrUsbMdm - ok
12:11:32.0064 1892 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
12:11:32.0065 1892 BrUsbSer - ok
12:11:32.0089 1892 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
12:11:32.0091 1892 BTHMODEM - ok
12:11:32.0135 1892 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
12:11:32.0137 1892 bthserv - ok
12:11:32.0180 1892 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
12:11:32.0182 1892 cdfs - ok
12:11:32.0220 1892 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
12:11:32.0232 1892 cdrom - ok
12:11:32.0264 1892 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
12:11:32.0266 1892 CertPropSvc - ok
12:11:32.0291 1892 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
12:11:32.0293 1892 circlass - ok
12:11:32.0326 1892 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
12:11:32.0331 1892 CLFS - ok
12:11:32.0424 1892 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:11:32.0426 1892 clr_optimization_v2.0.50727_32 - ok
12:11:32.0469 1892 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:11:32.0471 1892 clr_optimization_v2.0.50727_64 - ok
12:11:32.0534 1892 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:11:32.0536 1892 clr_optimization_v4.0.30319_32 - ok
12:11:32.0570 1892 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:11:32.0572 1892 clr_optimization_v4.0.30319_64 - ok
12:11:32.0597 1892 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
12:11:32.0599 1892 CmBatt - ok
12:11:32.0615 1892 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
12:11:32.0633 1892 cmdide - ok
12:11:32.0689 1892 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
12:11:32.0696 1892 CNG - ok
12:11:32.0712 1892 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
12:11:32.0713 1892 Compbatt - ok
12:11:32.0757 1892 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
12:11:32.0767 1892 CompositeBus - ok
12:11:32.0790 1892 COMSysApp - ok
12:11:32.0818 1892 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
12:11:32.0820 1892 crcdisk - ok
12:11:32.0881 1892 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
12:11:32.0884 1892 CryptSvc - ok
12:11:33.0003 1892 DAUpdaterSvc (80861969541971176e005d2c09dae851) D:\Games\Dragon Age Origins\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
12:11:33.0015 1892 DAUpdaterSvc - ok
12:11:33.0074 1892 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
12:11:33.0083 1892 DcomLaunch - ok
12:11:33.0139 1892 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
12:11:33.0144 1892 defragsvc - ok
12:11:33.0189 1892 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
12:11:33.0191 1892 DfsC - ok
12:11:33.0232 1892 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
12:11:33.0237 1892 Dhcp - ok
12:11:33.0268 1892 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
12:11:33.0270 1892 discache - ok
12:11:33.0303 1892 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
12:11:33.0305 1892 Disk - ok
12:11:33.0332 1892 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
12:11:33.0335 1892 Dnscache - ok
12:11:33.0367 1892 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
12:11:33.0371 1892 dot3svc - ok
12:11:33.0390 1892 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
12:11:33.0393 1892 DPS - ok
12:11:33.0431 1892 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
12:11:33.0432 1892 drmkaud - ok
12:11:33.0498 1892 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
12:11:33.0523 1892 DXGKrnl - ok
12:11:33.0552 1892 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
12:11:33.0554 1892 EapHost - ok
12:11:33.0648 1892 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
12:11:33.0679 1892 ebdrv - ok
12:11:33.0776 1892 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
12:11:33.0777 1892 EFS - ok
12:11:33.0843 1892 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
12:11:33.0853 1892 ehRecvr - ok
12:11:33.0898 1892 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
12:11:33.0901 1892 ehSched - ok
12:11:33.0982 1892 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
12:11:33.0990 1892 elxstor - ok
12:11:34.0017 1892 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
12:11:34.0027 1892 ErrDev - ok
12:11:34.0086 1892 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
12:11:34.0092 1892 EventSystem - ok
12:11:34.0154 1892 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
12:11:34.0157 1892 exfat - ok
12:11:34.0182 1892 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
12:11:34.0185 1892 fastfat - ok
12:11:34.0243 1892 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
12:11:34.0253 1892 Fax - ok
12:11:34.0268 1892 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
12:11:34.0270 1892 fdc - ok
12:11:34.0293 1892 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
12:11:34.0294 1892 fdPHost - ok
12:11:34.0305 1892 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
12:11:34.0306 1892 FDResPub - ok
12:11:34.0338 1892 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
12:11:34.0340 1892 FileInfo - ok
12:11:34.0351 1892 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
12:11:34.0352 1892 Filetrace - ok
12:11:34.0425 1892 FLEXnet Licensing Service (1f63900e2eb00101b9aca2b7a870704e) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:11:34.0435 1892 FLEXnet Licensing Service - ok
12:11:34.0505 1892 FLEXnet Licensing Service 64 (1c3fb052a0bb72edaed90785c34d6eed) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
12:11:34.0518 1892 FLEXnet Licensing Service 64 - ok
12:11:34.0602 1892 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
12:11:34.0603 1892 flpydisk - ok
12:11:34.0630 1892 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
12:11:34.0634 1892 FltMgr - ok
12:11:34.0686 1892 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
12:11:34.0702 1892 FontCache - ok
12:11:34.0796 1892 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:11:34.0807 1892 FontCache3.0.0.0 - ok
12:11:34.0831 1892 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
12:11:34.0833 1892 FsDepends - ok
12:11:34.0869 1892 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
12:11:34.0871 1892 Fs_Rec - ok
12:11:34.0905 1892 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
12:11:34.0909 1892 fvevol - ok
12:11:34.0932 1892 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
12:11:34.0934 1892 gagp30kx - ok
12:11:34.0948 1892 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:11:34.0950 1892 GEARAspiWDM - ok
12:11:35.0010 1892 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
12:11:35.0022 1892 gpsvc - ok
12:11:35.0104 1892 gupdate (626a24ed1228580b9518c01930936df9) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:11:35.0106 1892 gupdate - ok
12:11:35.0134 1892 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:11:35.0136 1892 gupdatem - ok
12:11:35.0159 1892 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
12:11:35.0160 1892 hcw85cir - ok
12:11:35.0215 1892 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
12:11:35.0232 1892 HdAudAddService - ok
12:11:35.0272 1892 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
12:11:35.0274 1892 HDAudBus - ok
12:11:35.0284 1892 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
12:11:35.0285 1892 HidBatt - ok
12:11:35.0296 1892 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
12:11:35.0298 1892 HidBth - ok
12:11:35.0322 1892 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
12:11:35.0324 1892 HidIr - ok
12:11:35.0342 1892 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
12:11:35.0343 1892 hidserv - ok
12:11:35.0374 1892 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
12:11:35.0375 1892 HidUsb - ok
12:11:35.0429 1892 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
12:11:35.0431 1892 hkmsvc - ok
12:11:35.0472 1892 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
12:11:35.0476 1892 HomeGroupListener - ok
12:11:35.0503 1892 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
12:11:35.0507 1892 HomeGroupProvider - ok
12:11:35.0542 1892 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
12:11:35.0553 1892 HpSAMD - ok
12:11:35.0601 1892 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
12:11:35.0612 1892 HTTP - ok
12:11:35.0638 1892 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
12:11:35.0640 1892 hwpolicy - ok
12:11:35.0677 1892 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
12:11:35.0688 1892 i8042prt - ok
12:11:35.0722 1892 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
12:11:35.0738 1892 iaStorV - ok
12:11:35.0874 1892 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:11:35.0909 1892 idsvc - ok
12:11:35.0952 1892 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
12:11:35.0954 1892 iirsp - ok
12:11:36.0015 1892 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
12:11:36.0027 1892 IKEEXT - ok
12:11:36.0166 1892 IntcAzAudAddService (13089f31aa37cde1ce3784ee01a48484) C:\Windows\system32\drivers\RTKVHD64.sys
12:11:36.0200 1892 IntcAzAudAddService - ok
12:11:36.0303 1892 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
12:11:36.0314 1892 intelide - ok
12:11:36.0352 1892 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
12:11:36.0353 1892 intelppm - ok
12:11:36.0384 1892 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
12:11:36.0387 1892 IPBusEnum - ok
12:11:36.0409 1892 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:11:36.0420 1892 IpFilterDriver - ok
12:11:36.0459 1892 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
12:11:36.0470 1892 IPMIDRV - ok
12:11:36.0504 1892 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
12:11:36.0507 1892 IPNAT - ok
12:11:36.0581 1892 iPod Service (46d249f9db7844cc01050a9345f0f61b) C:\Program Files\iPod\bin\iPodService.exe
12:11:36.0591 1892 iPod Service - ok
12:11:36.0642 1892 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
12:11:36.0643 1892 IRENUM - ok
12:11:36.0755 1892 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
12:11:36.0771 1892 isapnp - ok
12:11:36.0842 1892 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
12:11:36.0856 1892 iScsiPrt - ok
12:11:36.0901 1892 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
12:11:36.0912 1892 kbdclass - ok
12:11:36.0947 1892 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
12:11:36.0948 1892 kbdhid - ok
12:11:36.0997 1892 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:11:36.0998 1892 KeyIso - ok
12:11:37.0019 1892 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
12:11:37.0021 1892 KSecDD - ok
12:11:37.0054 1892 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
12:11:37.0056 1892 KSecPkg - ok
12:11:37.0081 1892 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
12:11:37.0082 1892 ksthunk - ok
12:11:37.0134 1892 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
12:11:37.0141 1892 KtmRm - ok
12:11:37.0182 1892 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
12:11:37.0187 1892 LanmanServer - ok
12:11:37.0216 1892 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
12:11:37.0219 1892 LanmanWorkstation - ok
12:11:37.0289 1892 Linksys_adapter_H (584528bf596a54b2bf6be5067adda44a) C:\Windows\system32\DRIVERS\AE2500w764.sys
12:11:37.0299 1892 Linksys_adapter_H - ok
12:11:37.0358 1892 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
12:11:37.0359 1892 lltdio - ok
12:11:37.0402 1892 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
12:11:37.0407 1892 lltdsvc - ok
12:11:37.0432 1892 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
12:11:37.0434 1892 lmhosts - ok
12:11:37.0514 1892 LMS (50c7ce53ef461870410355f1f2e7d515) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
12:11:37.0517 1892 LMS - ok
12:11:37.0551 1892 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
12:11:37.0553 1892 LSI_FC - ok
12:11:37.0569 1892 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
12:11:37.0581 1892 LSI_SAS - ok
12:11:37.0593 1892 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:11:37.0595 1892 LSI_SAS2 - ok
12:11:37.0612 1892 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:11:37.0615 1892 LSI_SCSI - ok
12:11:37.0631 1892 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
12:11:37.0633 1892 luafv - ok
12:11:37.0667 1892 lvpepf64 (07389f6925e490d2db7882110e99921c) C:\Windows\system32\DRIVERS\lv302a64.sys
12:11:37.0667 1892 lvpepf64 - ok
12:11:37.0722 1892 LVPr2M64 (7717a2cb550267860d3933f3fba0216f) C:\Windows\system32\DRIVERS\LVPr2M64.sys
12:11:37.0723 1892 LVPr2M64 - ok
12:11:37.0726 1892 LVPr2Mon (7717a2cb550267860d3933f3fba0216f) C:\Windows\system32\DRIVERS\LVPr2M64.sys
12:11:37.0727 1892 LVPr2Mon - ok
12:11:37.0806 1892 LVPrcS64 (8ebeb7e7a0c3d295ca6bbcfa942c6aa8) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
12:11:37.0809 1892 LVPrcS64 - ok
12:11:37.0852 1892 LVRS64 (7f0ba3a6e8996f15693c6b7d81da049e) C:\Windows\system32\DRIVERS\lvrs64.sys
12:11:37.0858 1892 LVRS64 - ok
12:11:37.0888 1892 LVUSBS64 (5c3ff68267a5d242ee79ee01b993d6ce) C:\Windows\system32\drivers\LVUSBS64.sys
12:11:37.0889 1892 LVUSBS64 - ok
12:11:37.0911 1892 MBfilt (8ff2d95cba49b405c5de27039ff0bf35) C:\Windows\system32\drivers\MBfilt64.sys
12:11:37.0913 1892 MBfilt - ok
12:11:37.0981 1892 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
12:11:37.0985 1892 McComponentHostService - ok
12:11:38.0045 1892 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys
12:11:38.0049 1892 mcdbus - ok
12:11:38.0092 1892 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
12:11:38.0100 1892 Mcx2Svc - ok
12:11:38.0128 1892 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
12:11:38.0130 1892 megasas - ok
12:11:38.0161 1892 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
12:11:38.0166 1892 MegaSR - ok
12:11:38.0191 1892 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
12:11:38.0193 1892 MEIx64 - ok
12:11:38.0244 1892 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
12:11:38.0247 1892 MMCSS - ok
12:11:38.0259 1892 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
12:11:38.0261 1892 Modem - ok
12:11:38.0274 1892 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
12:11:38.0274 1892 monitor - ok
12:11:38.0315 1892 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
12:11:38.0327 1892 mouclass - ok
12:11:38.0362 1892 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
12:11:38.0363 1892 mouhid - ok
12:11:38.0398 1892 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
12:11:38.0401 1892 mountmgr - ok
12:11:38.0506 1892 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:11:38.0508 1892 MozillaMaintenance - ok
12:11:38.0529 1892 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
12:11:38.0542 1892 mpio - ok
12:11:38.0554 1892 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
12:11:38.0556 1892 mpsdrv - ok
12:11:38.0594 1892 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
12:11:38.0607 1892 MRxDAV - ok
12:11:38.0638 1892 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:11:38.0641 1892 mrxsmb - ok
12:11:38.0678 1892 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:11:38.0682 1892 mrxsmb10 - ok
12:11:38.0700 1892 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:11:38.0702 1892 mrxsmb20 - ok
12:11:38.0722 1892 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
12:11:38.0724 1892 msahci - ok
12:11:38.0750 1892 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
12:11:38.0763 1892 msdsm - ok
12:11:38.0793 1892 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
12:11:38.0796 1892 MSDTC - ok
12:11:38.0827 1892 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
12:11:38.0829 1892 Msfs - ok
12:11:38.0857 1892 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
12:11:38.0859 1892 mshidkmdf - ok
12:11:38.0875 1892 MSICDSetup - ok
12:11:38.0893 1892 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
12:11:38.0894 1892 msisadrv - ok
12:11:38.0920 1892 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
12:11:38.0923 1892 MSiSCSI - ok
12:11:38.0926 1892 msiserver - ok
12:11:38.0951 1892 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
12:11:38.0953 1892 MSKSSRV - ok
12:11:39.0003 1892 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
12:11:39.0004 1892 MSPCLOCK - ok
12:11:39.0013 1892 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
12:11:39.0014 1892 MSPQM - ok
12:11:39.0050 1892 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
12:11:39.0056 1892 MsRPC - ok
12:11:39.0104 1892 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
12:11:39.0105 1892 mssmbios - ok
12:11:39.0114 1892 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
12:11:39.0115 1892 MSTEE - ok
12:11:39.0144 1892 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
12:11:39.0146 1892 MTConfig - ok
12:11:39.0167 1892 MTsensor (6936198f2cc25b39cf5262436c80df46) C:\Windows\system32\DRIVERS\ASACPI.sys
12:11:39.0169 1892 MTsensor - ok
12:11:39.0182 1892 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
12:11:39.0184 1892 Mup - ok
12:11:39.0225 1892 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
12:11:39.0232 1892 napagent - ok
12:11:39.0287 1892 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
12:11:39.0292 1892 NativeWifiP - ok
12:11:39.0349 1892 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
12:11:39.0380 1892 NDIS - ok
12:11:39.0478 1892 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
12:11:39.0533 1892 NdisCap - ok
12:11:39.0630 1892 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
12:11:39.0632 1892 NdisTapi - ok
12:11:39.0670 1892 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
12:11:39.0671 1892 Ndisuio - ok
12:11:39.0699 1892 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
12:11:39.0712 1892 NdisWan - ok
12:11:39.0744 1892 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
12:11:39.0751 1892 NDProxy - ok
12:11:39.0789 1892 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
12:11:39.0790 1892 NetBIOS - ok
12:11:39.0816 1892 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
12:11:39.0820 1892 NetBT - ok
12:11:39.0870 1892 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:11:39.0871 1892 Netlogon - ok
12:11:39.0919 1892 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
12:11:39.0925 1892 Netman - ok
12:11:39.0966 1892 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
12:11:39.0973 1892 netprofm - ok
12:11:40.0040 1892 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:11:40.0041 1892 NetTcpPortSharing - ok
12:11:40.0070 1892 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
12:11:40.0071 1892 nfrd960 - ok
12:11:40.0104 1892 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
12:11:40.0109 1892 NlaSvc - ok
12:11:40.0122 1892 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
12:11:40.0124 1892 Npfs - ok
12:11:40.0140 1892 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
12:11:40.0141 1892 nsi - ok
12:11:40.0162 1892 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
12:11:40.0163 1892 nsiproxy - ok
12:11:40.0249 1892 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
12:11:40.0270 1892 Ntfs - ok
12:11:40.0369 1892 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
12:11:40.0370 1892 Null - ok
12:11:40.0408 1892 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys
12:11:40.0415 1892 NVENETFD - ok
12:11:40.0461 1892 NVHDA (f2662fdc20518ee8a8eed4f61ba42349) C:\Windows\system32\drivers\nvhda64v.sys
12:11:40.0464 1892 NVHDA - ok
12:11:40.0843 1892 nvlddmkm (9ce8977440293d56641e17b0a3f0c2eb) C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:11:40.0999 1892 nvlddmkm - ok
12:11:41.0112 1892 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
12:11:41.0124 1892 nvraid - ok
12:11:41.0147 1892 nvsmu (a3ac469ad99ac3fd63afccfc29a90fa9) C:\Windows\system32\DRIVERS\nvsmu.sys
12:11:41.0149 1892 nvsmu - ok
12:11:41.0165 1892 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
12:11:41.0178 1892 nvstor - ok
12:11:41.0259 1892 nvsvc (03af3264e58c6e3402fba2a5d470a6b5) C:\Windows\system32\nvvsvc.exe
12:11:41.0272 1892 nvsvc - ok
12:11:41.0307 1892 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
12:11:41.0319 1892 nv_agp - ok
12:11:41.0416 1892 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:11:41.0423 1892 odserv - ok
12:11:41.0458 1892 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
12:11:41.0469 1892 ohci1394 - ok
12:11:41.0501 1892 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:11:41.0504 1892 ose - ok
12:11:41.0535 1892 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
12:11:41.0541 1892 p2pimsvc - ok
12:11:41.0567 1892 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
12:11:41.0574 1892 p2psvc - ok
12:11:41.0601 1892 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
12:11:41.0603 1892 Parport - ok
12:11:41.0624 1892 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
12:11:41.0626 1892 partmgr - ok
12:11:41.0641 1892 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
12:11:41.0644 1892 PcaSvc - ok
12:11:41.0673 1892 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
12:11:41.0677 1892 pci - ok
12:11:41.0695 1892 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
12:11:41.0696 1892 pciide - ok
12:11:41.0716 1892 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
12:11:41.0720 1892 pcmcia - ok
12:11:41.0738 1892 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
12:11:41.0739 1892 pcw - ok
12:11:41.0779 1892 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
12:11:41.0788 1892 PEAUTH - ok
12:11:41.0873 1892 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
12:11:41.0875 1892 PerfHost - ok
12:11:42.0022 1892 PID_PEPI (ae0b94363da0f60d42b9d05b352f61ed) C:\Windows\system32\DRIVERS\LV302V64.SYS
12:11:42.0036 1892 PID_PEPI - ok
12:11:42.0138 1892 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
12:11:42.0155 1892 pla - ok
12:11:42.0200 1892 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
12:11:42.0207 1892 PlugPlay - ok
12:11:42.0234 1892 PnkBstrA - ok
12:11:42.0261 1892 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
12:11:42.0263 1892 PNRPAutoReg - ok
12:11:42.0288 1892 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
12:11:42.0292 1892 PNRPsvc - ok
12:11:42.0336 1892 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
12:11:42.0351 1892 PolicyAgent - ok
12:11:42.0395 1892 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
12:11:42.0399 1892 Power - ok
12:11:42.0433 1892 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
12:11:42.0444 1892 PptpMiniport - ok
12:11:42.0465 1892 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
12:11:42.0467 1892 Processor - ok
12:11:42.0494 1892 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
12:11:42.0498 1892 ProfSvc - ok
12:11:42.0528 1892 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:11:42.0529 1892 ProtectedStorage - ok
12:11:42.0565 1892 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
12:11:42.0567 1892 Psched - ok
12:11:42.0635 1892 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
12:11:42.0652 1892 ql2300 - ok
12:11:42.0757 1892 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
12:11:42.0760 1892 ql40xx - ok
12:11:42.0812 1892 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
12:11:42.0817 1892 QWAVE - ok
12:11:42.0831 1892 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
12:11:42.0833 1892 QWAVEdrv - ok
12:11:42.0842 1892 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
12:11:42.0844 1892 RasAcd - ok
12:11:42.0866 1892 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
12:11:42.0868 1892 RasAgileVpn - ok
12:11:42.0878 1892 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
12:11:42.0882 1892 RasAuto - ok
12:11:42.0907 1892 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:11:42.0914 1892 Rasl2tp - ok
12:11:42.0961 1892 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
12:11:42.0965 1892 RasMan - ok
12:11:42.0978 1892 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
12:11:42.0980 1892 RasPppoe - ok
12:11:42.0995 1892 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
12:11:42.0997 1892 RasSstp - ok
12:11:43.0022 1892 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
12:11:43.0033 1892 rdbss - ok
12:11:43.0050 1892 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
12:11:43.0051 1892 rdpbus - ok
12:11:43.0083 1892 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:11:43.0084 1892 RDPCDD - ok
12:11:43.0104 1892 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
12:11:43.0105 1892 RDPENCDD - ok
12:11:43.0123 1892 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
12:11:43.0124 1892 RDPREFMP - ok
12:11:43.0169 1892 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
12:11:43.0180 1892 RDPWD - ok
12:11:43.0230 1892 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
12:11:43.0233 1892 rdyboost - ok
12:11:43.0265 1892 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
12:11:43.0268 1892 RemoteAccess - ok
12:11:43.0289 1892 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
12:11:43.0293 1892 RemoteRegistry - ok
12:11:43.0304 1892 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
12:11:43.0307 1892 RpcEptMapper - ok
12:11:43.0327 1892 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
12:11:43.0329 1892 RpcLocator - ok
12:11:43.0385 1892 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
12:11:43.0388 1892 RpcSs - ok
12:11:43.0408 1892 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
12:11:43.0409 1892 rspndr - ok
12:11:43.0451 1892 RTL8167 (afc12dfa4c7b089673ad67402ca19edb) C:\Windows\system32\DRIVERS\Rt64win7.sys
12:11:43.0457 1892 RTL8167 - ok
12:11:43.0488 1892 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:11:43.0489 1892 SamSs - ok
12:11:43.0514 1892 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
12:11:43.0522 1892 sbp2port - ok
12:11:43.0561 1892 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
12:11:43.0577 1892 SCardSvr - ok
12:11:43.0604 1892 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
12:11:43.0605 1892 scfilter - ok
12:11:43.0645 1892 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
12:11:43.0659 1892 Schedule - ok
12:11:43.0689 1892 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
12:11:43.0690 1892 SCPolicySvc - ok
12:11:43.0714 1892 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
12:11:43.0717 1892 SDRSVC - ok
12:11:43.0765 1892 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
12:11:43.0766 1892 secdrv - ok
12:11:43.0796 1892 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
12:11:43.0798 1892 seclogon - ok
12:11:43.0830 1892 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
12:11:43.0832 1892 SENS - ok
12:11:43.0845 1892 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
12:11:43.0847 1892 SensrSvc - ok
12:11:43.0875 1892 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
12:11:43.0876 1892 Serenum - ok
12:11:43.0905 1892 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
12:11:43.0907 1892 Serial - ok
12:11:43.0943 1892 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
12:11:43.0950 1892 sermouse - ok
12:11:43.0980 1892 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
12:11:43.0983 1892 SessionEnv - ok
12:11:44.0016 1892 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
12:11:44.0023 1892 sffdisk - ok
12:11:44.0060 1892 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
12:11:44.0070 1892 sffp_mmc - ok
12:11:44.0094 1892 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
12:11:44.0103 1892 sffp_sd - ok
12:11:44.0129 1892 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
12:11:44.0131 1892 sfloppy - ok
12:11:44.0181 1892 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
12:11:44.0187 1892 ShellHWDetection - ok
12:11:44.0209 1892 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:11:44.0211 1892 SiSRaid2 - ok
12:11:44.0274 1892 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
12:11:44.0276 1892 SiSRaid4 - ok
12:11:44.0304 1892 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
12:11:44.0306 1892 Smb - ok
12:11:44.0344 1892 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
12:11:44.0346 1892 SNMPTRAP - ok
12:11:44.0353 1892 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
12:11:44.0354 1892 spldr - ok
12:11:44.0392 1892 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
12:11:44.0397 1892 Spooler - ok
12:11:44.0523 1892 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
12:11:44.0546 1892 sppsvc - ok
12:11:44.0598 1892 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
12:11:44.0601 1892 sppuinotify - ok
12:11:44.0812 1892 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
12:11:44.0818 1892 srv - ok
12:11:44.0852 1892 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
12:11:44.0858 1892 srv2 - ok
12:11:44.0879 1892 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
12:11:44.0882 1892 srvnet - ok
12:11:44.0929 1892 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
12:11:44.0933 1892 SSDPSRV - ok
12:11:44.0946 1892 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
12:11:44.0949 1892 SstpSvc - ok
12:11:45.0010 1892 Steam Client Service - ok
12:11:45.0097 1892 Stereo Service (34b0167b9ac3f39b6977a2e2c30cacc1) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
12:11:45.0103 1892 Stereo Service - ok
12:11:45.0131 1892 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
12:11:45.0132 1892 stexstor - ok
12:11:45.0173 1892 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
12:11:45.0181 1892 stisvc - ok
12:11:45.0215 1892 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
12:11:45.0224 1892 swenum - ok
12:11:45.0258 1892 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
12:11:45.0266 1892 swprv - ok
12:11:45.0352 1892 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
12:11:45.0373 1892 SysMain - ok
12:11:45.0442 1892 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
12:11:45.0445 1892 TabletInputService - ok
12:11:45.0474 1892 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
12:11:45.0480 1892 TapiSrv - ok
12:11:45.0499 1892 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
12:11:45.0502 1892 TBS - ok
12:11:45.0588 1892 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
12:11:45.0607 1892 Tcpip - ok
12:11:45.0715 1892 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
12:11:45.0729 1892 TCPIP6 - ok
12:11:45.0778 1892 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
12:11:45.0778 1892 tcpipreg - ok
12:11:45.0799 1892 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
12:11:45.0800 1892 TDPIPE - ok
12:11:45.0815 1892 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
12:11:45.0820 1892 TDTCP - ok
12:11:45.0839 1892 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
12:11:45.0846 1892 tdx - ok
12:11:45.0882 1892 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
12:11:45.0891 1892 TermDD - ok
12:11:45.0929 1892 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
12:11:45.0937 1892 TermService - ok
12:11:45.0966 1892 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
12:11:45.0968 1892 Themes - ok
12:11:45.0995 1892 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
12:11:45.0996 1892 THREADORDER - ok
12:11:46.0020 1892 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
12:11:46.0024 1892 TrkWks - ok
12:11:46.0064 1892 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
12:11:46.0066 1892 TrustedInstaller - ok
12:11:46.0093 1892 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
12:11:46.0095 1892 tssecsrv - ok
12:11:46.0130 1892 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
12:11:46.0132 1892 TsUsbFlt - ok
12:11:46.0164 1892 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
12:11:46.0175 1892 tunnel - ok
12:11:46.0202 1892 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
12:11:46.0204 1892 uagp35 - ok
12:11:46.0233 1892 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
12:11:46.0248 1892 udfs - ok
12:11:46.0265 1892 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
12:11:46.0267 1892 UI0Detect - ok
12:11:46.0306 1892 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
12:11:46.0317 1892 uliagpkx - ok
12:11:46.0353 1892 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
12:11:46.0363 1892 umbus - ok
12:11:46.0397 1892 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
12:11:46.0399 1892 UmPass - ok
12:11:46.0532 1892 UNS (374ebda379a8f38e0cfc2211611e7167) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
12:11:46.0557 1892 UNS - ok
12:11:46.0662 1892 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
12:11:46.0668 1892 upnphost - ok
12:11:46.0738 1892 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
12:11:46.0740 1892 USBAAPL64 - ok
12:11:46.0778 1892 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
12:11:46.0780 1892 usbaudio - ok
12:11:46.0820 1892 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
12:11:46.0821 1892 usbccgp - ok
12:11:46.0889 1892 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
12:11:46.0900 1892 usbcir - ok
12:11:46.0921 1892 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
12:11:46.0930 1892 usbehci - ok
12:11:46.0965 1892 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
12:11:46.0978 1892 usbhub - ok
12:11:46.0991 1892 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
12:11:46.0998 1892 usbohci - ok
12:11:47.0018 1892 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
12:11:47.0019 1892 usbprint - ok
12:11:47.0053 1892 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
12:11:47.0054 1892 USBSTOR - ok
12:11:47.0066 1892 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
12:11:47.0075 1892 usbuhci - ok
12:11:47.0102 1892 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
12:11:47.0104 1892 UxSms - ok
12:11:47.0123 1892 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:11:47.0124 1892 VaultSvc - ok
12:11:47.0146 1892 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
12:11:47.0148 1892 vdrvroot - ok
12:11:47.0183 1892 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
12:11:47.0192 1892 vds - ok
12:11:47.0210 1892 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
12:11:47.0211 1892 vga - ok
12:11:47.0222 1892 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
12:11:47.0223 1892 VgaSave - ok
12:11:47.0286 1892 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
12:11:47.0301 1892 vhdmp - ok
12:11:47.0323 1892 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
12:11:47.0333 1892 viaide - ok
12:11:47.0356 1892 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
12:11:47.0358 1892 volmgr - ok
12:11:47.0391 1892 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
12:11:47.0401 1892 volmgrx - ok
12:11:47.0433 1892 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
12:11:47.0438 1892 volsnap - ok
12:11:47.0466 1892 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
12:11:47.0469 1892 vsmraid - ok
12:11:47.0539 1892 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
12:11:47.0560 1892 VSS - ok
12:11:47.0634 1892 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
12:11:47.0635 1892 vwifibus - ok
12:11:47.0663 1892 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
12:11:47.0664 1892 vwififlt - ok
12:11:47.0725 1892 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
12:11:47.0732 1892 W32Time - ok
12:11:47.0746 1892 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
12:11:47.0747 1892 WacomPen - ok
12:11:47.0832 1892 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
12:11:47.0843 1892 WANARP - ok
12:11:47.0846 1892 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
12:11:47.0848 1892 Wanarpv6 - ok
12:11:47.0936 1892 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
12:11:47.0952 1892 WatAdminSvc - ok
12:11:48.0021 1892 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
12:11:48.0042 1892 wbengine - ok
12:11:48.0127 1892 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
12:11:48.0132 1892 WbioSrvc - ok
12:11:48.0166 1892 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
12:11:48.0172 1892 wcncsvc - ok
12:11:48.0190 1892 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
12:11:48.0193 1892 WcsPlugInService - ok
12:11:48.0227 1892 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
12:11:48.0228 1892 Wd - ok
12:11:48.0257 1892 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
12:11:48.0264 1892 Wdf01000 - ok
12:11:48.0274 1892 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
12:11:48.0275 1892 WdiServiceHost - ok
12:11:48.0277 1892 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
12:11:48.0279 1892 WdiSystemHost - ok
12:11:48.0301 1892 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
12:11:48.0305 1892 WebClient - ok
12:11:48.0341 1892 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
12:11:48.0345 1892 Wecsvc - ok
12:11:48.0360 1892 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
12:11:48.0362 1892 wercplsupport - ok
12:11:48.0394 1892 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
12:11:48.0396 1892 WerSvc - ok
12:11:48.0410 1892 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
12:11:48.0411 1892 WfpLwf - ok
12:11:48.0421 1892 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
12:11:48.0422 1892 WIMMount - ok
12:11:48.0426 1892 WinHttpAutoProxySvc - ok
12:11:48.0488 1892 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
12:11:48.0491 1892 Winmgmt - ok
12:11:48.0575 1892 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
12:11:48.0597 1892 WinRM - ok
12:11:48.0702 1892 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
12:11:48.0715 1892 Wlansvc - ok
12:11:48.0860 1892 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:11:48.0881 1892 wlidsvc - ok
12:11:48.0947 1892 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
12:11:48.0953 1892 WmiAcpi - ok
12:11:49.0012 1892 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
12:11:49.0015 1892 wmiApSrv - ok
12:11:49.0048 1892 WMPNetworkSvc - ok
12:11:49.0071 1892 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
12:11:49.0073 1892 WPCSvc - ok
12:11:49.0093 1892 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
12:11:49.0095 1892 WPDBusEnum - ok
12:11:49.0112 1892 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
12:11:49.0113 1892 ws2ifsl - ok
12:11:49.0117 1892 WSearch - ok
12:11:49.0224 1892 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
12:11:49.0250 1892 wuauserv - ok
12:11:49.0323 1892 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
12:11:49.0325 1892 WudfPf - ok
12:11:49.0359 1892 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
12:11:49.0362 1892 WUDFRd - ok
12:11:49.0412 1892 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
12:11:49.0416 1892 wudfsvc - ok
12:11:49.0440 1892 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
12:11:49.0446 1892 WwanSvc - ok
12:11:49.0488 1892 xusb21 (2c6bc21b2d5b58d8b1d638c1704cb494) C:\Windows\system32\DRIVERS\xusb21.sys
12:11:49.0489 1892 xusb21 - ok
12:11:49.0534 1892 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
12:11:49.0768 1892 \Device\Harddisk0\DR0 - ok
12:11:49.0771 1892 Boot (0x1200) (e0651584cbf747b082fcbae5d12446b3) \Device\Harddisk0\DR0\Partition0
12:11:49.0772 1892 \Device\Harddisk0\DR0\Partition0 - ok
12:11:49.0791 1892 Boot (0x1200) (94bf10cd7444a3367b2dbff069957963) \Device\Harddisk0\DR0\Partition1
12:11:49.0806 1892 \Device\Harddisk0\DR0\Partition1 - ok
12:11:49.0806 1892 ============================================================
12:11:49.0807 1892 Scan finished
12:11:49.0807 1892 ============================================================
12:11:49.0817 3352 Detected object count: 0
12:11:49.0817 3352 Actual detected object count: 0


aswMBR log Results:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-20 12:17:14
-----------------------------
12:17:14.401 OS Version: Windows x64 6.1.7601 Service Pack 1
12:17:14.401 Number of processors: 4 586 0x2A07
12:17:14.401 ComputerName: PC_VAN_BART UserName: Bart
12:17:14.755 Initialize success
12:18:40.545 AVAST engine defs: 12072000
12:18:46.894 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
12:18:46.897 Disk 0 Vendor: SAMSUNG_HD502HJ 1AJ100E4 Size: 476940MB BusType: 3
12:18:46.906 Disk 0 MBR read successfully
12:18:46.910 Disk 0 MBR scan
12:18:46.914 Disk 0 Windows 7 default MBR code
12:18:46.928 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 81952 MB offset 2048
12:18:46.934 Disk 0 Partition - 00 0F Extended LBA 394986 MB offset 167839744
12:18:46.956 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 394985 MB offset 167841792
12:18:47.001 Disk 0 scanning C:\Windows\system32\drivers
12:18:56.109 Service scanning
12:19:03.253 Service MSICDSetup E:\CDriver64.sys **LOCKED** 21
12:19:12.136 Modules scanning
12:19:12.145 Disk 0 trace - called modules:
12:19:12.489 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
12:19:12.495 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004cfc060]
12:19:12.500 3 CLASSPNP.SYS[fffff8800165143f] -> nt!IofCallDriver -> [0xfffffa8004aa5520]
12:19:12.505 5 ACPI.sys[fffff88000f287a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004a92060]
12:19:13.379 AVAST engine scan C:\Windows
12:19:15.507 AVAST engine scan C:\Windows\system32
12:21:24.858 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
12:21:27.415 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
12:22:33.213 AVAST engine scan C:\Windows\system32\drivers
12:22:48.632 AVAST engine scan C:\Users\Bart
12:28:42.796 AVAST engine scan C:\ProgramData
12:29:57.231 Scan finished successfully
12:33:34.755 Disk 0 MBR has been saved successfully to "C:\Users\Bart\Documents\MBR.dat"
12:33:34.758 The log file has been saved successfully to "C:\Users\Bart\Documents\aswMBR.txt"


ESET Online Scanner:

C:\Windows\Installer\{01cb156a-68a2-b8ec-36fe-a9bb56a4b6bd}\U\00000008.@ Win64/Agent.BA trojan cleaned by deleting - quarantined
C:\Windows\Installer\{01cb156a-68a2-b8ec-36fe-a9bb56a4b6bd}\U\80000000.@ Win64/Sirefef.AE trojan cleaned by deleting - quarantined
C:\Windows\Installer\{01cb156a-68a2-b8ec-36fe-a9bb56a4b6bd}\U\80000032.@ a variant of Win32/Sirefef.FD trojan cleaned by deleting - quarantined
C:\Windows\Installer\{01cb156a-68a2-b8ec-36fe-a9bb56a4b6bd}\U\80000064.@ Win64/Sirefef.AN trojan cleaned by deleting - quarantined
Operating memory multiple threats


It should also be noted that this morning, when I turned on the PC again (I posted last night), AVG immediately detected another 'virus', which it supposedly removed, called "C:\Windows\Sysnative\RUNDLL32.EXE. During the aswMBR scan, it warned me about two other infected files which also could not be removed safely, called "C:\Windows\assembly\GAC_64\Desktop.ini" and "C:\Windows\assembly\GAC_32\Desktop.ini. I received the same warning during the ESET Online Scanner scan.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:56 AM

Posted 20 July 2012 - 07:54 AM

We need advanced tools to remove this one

Read the guide here

http://www.bleepingcomputer.com/forums/topic34773.html

and create a topic here

http://www.bleepingcomputer.com/forums/forum22.html

Good luck

#5 BartK

BartK
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:56 AM

Posted 20 July 2012 - 09:34 AM

Alright, thank you!

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:56 AM

Posted 20 July 2012 - 09:35 AM

You're welcome :)

#7 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 37,067 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:05:56 AM

Posted 20 July 2012 - 11:40 PM

Hello,

Now that you have posted a log here: http://www.bleepingcomputer.com/forums/topic461583.html you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a MRT Team member, nor should you ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the MRT Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the MRT Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the MRT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRT Team member is already assisting you and not open the thread to respond.

Please be patient. It may take several days to get a response but your log will be reviewed and answered as soon as possible. I advise checking your topic once a day for responses as the e-mail notification system is unreliable.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

To avoid confusion, I am closing this topic. Good luck with your log.

Orange Blossom :cherry:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Internet Security, NoScript Firefox ext.


animinionsmalltext.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users