Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Antivirus pop up says "A known file was blocked from opening"


  • Please log in to reply
12 replies to this topic

#1 whatsherface

whatsherface

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:51 AM

Posted 02 August 2012 - 07:41 PM

My Vipre Antivirus keeps giving me a pop that says "A known bad file was blocked from opening. Program: svchost.exe (Commercial Key Logger)"
I have gotten this pop-up many times today. What is it and am I safe? I've included a screen shot of it.
Posted Image

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:51 AM

Posted 02 August 2012 - 07:55 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 whatsherface

whatsherface
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:51 AM

Posted 03 August 2012 - 10:12 PM

The TDSSkiller log is really long. Want me to just copy and paste the whole thing?

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,600 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:51 AM

Posted 03 August 2012 - 10:32 PM

Yes, post the complete log for narenxp's review.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 whatsherface

whatsherface
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:51 AM

Posted 04 August 2012 - 12:40 AM

22:05:46.0446 0112 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
22:05:46.0867 0112 ============================================================
22:05:46.0867 0112 Current date / time: 2012/08/03 22:05:46.0867
22:05:46.0867 0112 SystemInfo:
22:05:46.0867 0112
22:05:46.0867 0112 OS Version: 6.1.7601 ServicePack: 1.0
22:05:46.0867 0112 Product type: Workstation
22:05:46.0867 0112 ComputerName: ALICA-PC
22:05:46.0867 0112 UserName: Alica
22:05:46.0867 0112 Windows directory: C:\Windows
22:05:46.0867 0112 System windows directory: C:\Windows
22:05:46.0867 0112 Running under WOW64
22:05:46.0867 0112 Processor architecture: Intel x64
22:05:46.0867 0112 Number of processors: 2
22:05:46.0867 0112 Page size: 0x1000
22:05:46.0867 0112 Boot type: Normal boot
22:05:46.0867 0112 ============================================================
22:05:47.0553 0112 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:05:47.0569 0112 Drive \Device\Harddisk1\DR1 - Size: 0x1E880000 (0.48 Gb), SectorSize: 0x200, Cylinders: 0x3E, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
22:05:47.0569 0112 ============================================================
22:05:47.0569 0112 \Device\Harddisk0\DR0:
22:05:47.0569 0112 MBR partitions:
22:05:47.0569 0112 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1D4B178, BlocksNum 0x3863A6B8
22:05:47.0569 0112 \Device\Harddisk1\DR1:
22:05:47.0569 0112 Invalid mbr signature
22:05:47.0569 0112 ============================================================
22:05:47.0600 0112 C: <-> \Device\Harddisk0\DR0\Partition0
22:05:47.0600 0112 ============================================================
22:05:47.0600 0112 Initialize success
22:05:47.0600 0112 ============================================================
22:06:18.0473 1532 ============================================================
22:06:18.0473 1532 Scan started
22:06:18.0473 1532 Mode: Manual; TDLFS;
22:06:18.0473 1532 ============================================================
22:06:18.0957 1532 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
22:06:19.0004 1532 1394ohci - ok
22:06:19.0144 1532 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
22:06:19.0144 1532 ACDaemon - ok
22:06:19.0207 1532 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
22:06:19.0222 1532 ACPI - ok
22:06:19.0253 1532 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
22:06:19.0269 1532 AcpiPmi - ok
22:06:19.0316 1532 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
22:06:19.0363 1532 adp94xx - ok
22:06:19.0441 1532 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
22:06:19.0456 1532 adpahci - ok
22:06:19.0487 1532 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
22:06:19.0597 1532 adpu320 - ok
22:06:19.0659 1532 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
22:06:19.0659 1532 AeLookupSvc - ok
22:06:19.0721 1532 AFBAgent (fb2be0bae9b3f248080cdbf91ef16c7f) C:\Windows\system32\FBAgent.exe
22:06:19.0737 1532 AFBAgent - ok
22:06:19.0815 1532 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
22:06:19.0831 1532 AFD - ok
22:06:19.0971 1532 AffinegyService (7f1130830b3ba85921519a5616e29803) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
22:06:19.0971 1532 AffinegyService - ok
22:06:20.0033 1532 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
22:06:20.0033 1532 agp440 - ok
22:06:20.0096 1532 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
22:06:20.0096 1532 ALG - ok
22:06:20.0143 1532 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
22:06:20.0143 1532 aliide - ok
22:06:20.0174 1532 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
22:06:20.0189 1532 amdide - ok
22:06:20.0221 1532 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
22:06:20.0236 1532 AmdK8 - ok
22:06:20.0252 1532 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
22:06:20.0267 1532 AmdPPM - ok
22:06:20.0314 1532 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
22:06:20.0330 1532 amdsata - ok
22:06:20.0361 1532 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
22:06:20.0377 1532 amdsbs - ok
22:06:20.0408 1532 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
22:06:20.0423 1532 amdxata - ok
22:06:20.0486 1532 AmUStor (9c7f164b49cadc658d1b3c575782f346) C:\Windows\system32\drivers\AmUStor.SYS
22:06:20.0501 1532 AmUStor - ok
22:06:20.0548 1532 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
22:06:20.0579 1532 AppID - ok
22:06:20.0595 1532 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
22:06:20.0611 1532 AppIDSvc - ok
22:06:20.0642 1532 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
22:06:20.0642 1532 Appinfo - ok
22:06:20.0782 1532 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:06:20.0782 1532 Apple Mobile Device - ok
22:06:20.0829 1532 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
22:06:20.0860 1532 arc - ok
22:06:20.0876 1532 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
22:06:20.0876 1532 arcsas - ok
22:06:20.0969 1532 ASLDRService (18e5c2f937f9deb8c282df66a3761925) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
22:06:20.0969 1532 ASLDRService - ok
22:06:21.0001 1532 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
22:06:21.0001 1532 ASMMAP64 - ok
22:06:21.0032 1532 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
22:06:21.0047 1532 AsyncMac - ok
22:06:21.0094 1532 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
22:06:21.0110 1532 atapi - ok
22:06:21.0203 1532 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys
22:06:21.0281 1532 athr - ok
22:06:21.0344 1532 ATKGFNEXSrv (ed8a880abed5528174e07fb53d2f0755) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
22:06:21.0344 1532 ATKGFNEXSrv - ok
22:06:21.0469 1532 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
22:06:21.0484 1532 AudioEndpointBuilder - ok
22:06:21.0484 1532 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
22:06:21.0500 1532 AudioSrv - ok
22:06:21.0578 1532 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
22:06:21.0593 1532 AxInstSV - ok
22:06:21.0687 1532 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
22:06:21.0718 1532 b06bdrv - ok
22:06:21.0749 1532 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
22:06:21.0781 1532 b57nd60a - ok
22:06:21.0827 1532 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
22:06:21.0843 1532 BDESVC - ok
22:06:21.0874 1532 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
22:06:21.0890 1532 Beep - ok
22:06:21.0983 1532 Belkin Local Backup Service (299e54db3638a18e47bd3a2d2ef499f7) C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
22:06:21.0983 1532 Belkin Local Backup Service - ok
22:06:22.0046 1532 Belkin Network USB Helper (e62a04d615a8cac83601e1f07c010d3c) C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
22:06:22.0061 1532 Belkin Network USB Helper - ok
22:06:22.0139 1532 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
22:06:22.0155 1532 BFE - ok
22:06:22.0233 1532 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
22:06:22.0233 1532 BITS - ok
22:06:22.0295 1532 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
22:06:22.0311 1532 blbdrive - ok
22:06:22.0451 1532 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
22:06:22.0451 1532 Bonjour Service - ok
22:06:22.0545 1532 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
22:06:22.0561 1532 bowser - ok
22:06:22.0607 1532 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:06:22.0623 1532 BrFiltLo - ok
22:06:22.0623 1532 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:06:22.0639 1532 BrFiltUp - ok
22:06:22.0685 1532 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
22:06:22.0717 1532 Browser - ok
22:06:22.0732 1532 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
22:06:22.0748 1532 Brserid - ok
22:06:22.0779 1532 BrSerIf (80e52ef092f3dad03e0ee15e64f97245) C:\Windows\system32\DRIVERS\BrSerIf.sys
22:06:23.0247 1532 BrSerIf - ok
22:06:23.0387 1532 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
22:06:23.0403 1532 BrSerWdm - ok
22:06:23.0403 1532 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
22:06:23.0419 1532 BrUsbMdm - ok
22:06:23.0450 1532 BrUsbSer (601cb966fffebc6806626dc8e7aa0ef2) C:\Windows\system32\DRIVERS\BrUsbSer.sys
22:06:23.0840 1532 BrUsbSer - ok
22:06:23.0996 1532 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
22:06:24.0027 1532 BTHMODEM - ok
22:06:24.0074 1532 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
22:06:24.0074 1532 bthserv - ok
22:06:24.0089 1532 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
22:06:24.0121 1532 cdfs - ok
22:06:24.0167 1532 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
22:06:24.0199 1532 cdrom - ok
22:06:24.0245 1532 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
22:06:24.0245 1532 CertPropSvc - ok
22:06:24.0277 1532 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
22:06:24.0308 1532 circlass - ok
22:06:24.0339 1532 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
22:06:24.0355 1532 CLFS - ok
22:06:24.0417 1532 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:06:24.0417 1532 clr_optimization_v2.0.50727_32 - ok
22:06:24.0464 1532 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:06:24.0479 1532 clr_optimization_v2.0.50727_64 - ok
22:06:24.0573 1532 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:06:24.0573 1532 clr_optimization_v4.0.30319_32 - ok
22:06:24.0620 1532 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:06:24.0620 1532 clr_optimization_v4.0.30319_64 - ok
22:06:24.0651 1532 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
22:06:24.0667 1532 CmBatt - ok
22:06:24.0698 1532 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
22:06:24.0713 1532 cmdide - ok
22:06:24.0776 1532 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
22:06:25.0072 1532 CNG - ok
22:06:25.0119 1532 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
22:06:25.0135 1532 Compbatt - ok
22:06:25.0166 1532 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
22:06:25.0166 1532 CompositeBus - ok
22:06:25.0181 1532 COMSysApp - ok
22:06:25.0197 1532 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
22:06:25.0228 1532 crcdisk - ok
22:06:25.0275 1532 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
22:06:25.0275 1532 CryptSvc - ok
22:06:25.0337 1532 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
22:06:25.0353 1532 DcomLaunch - ok
22:06:25.0415 1532 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
22:06:25.0415 1532 defragsvc - ok
22:06:25.0462 1532 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
22:06:25.0478 1532 DfsC - ok
22:06:25.0525 1532 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
22:06:25.0540 1532 Dhcp - ok
22:06:25.0571 1532 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
22:06:25.0587 1532 discache - ok
22:06:25.0634 1532 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
22:06:25.0649 1532 Disk - ok
22:06:25.0681 1532 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
22:06:25.0681 1532 Dnscache - ok
22:06:25.0743 1532 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
22:06:25.0759 1532 dot3svc - ok
22:06:25.0805 1532 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
22:06:25.0805 1532 DPS - ok
22:06:25.0852 1532 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
22:06:25.0852 1532 drmkaud - ok
22:06:25.0946 1532 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
22:06:25.0961 1532 DXGKrnl - ok
22:06:26.0008 1532 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
22:06:26.0008 1532 EapHost - ok
22:06:26.0180 1532 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
22:06:26.0289 1532 ebdrv - ok
22:06:26.0414 1532 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
22:06:26.0414 1532 EFS - ok
22:06:26.0507 1532 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
22:06:26.0523 1532 ehRecvr - ok
22:06:26.0539 1532 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
22:06:26.0554 1532 ehSched - ok
22:06:26.0679 1532 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
22:06:26.0710 1532 elxstor - ok
22:06:26.0757 1532 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
22:06:26.0773 1532 ErrDev - ok
22:06:26.0835 1532 ETD (3c38648375b7f3988691f53a7aae10a9) C:\Windows\system32\DRIVERS\ETD.sys
22:06:26.0851 1532 ETD - ok
22:06:26.0897 1532 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
22:06:26.0913 1532 EventSystem - ok
22:06:26.0944 1532 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
22:06:26.0975 1532 exfat - ok
22:06:26.0991 1532 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
22:06:27.0022 1532 fastfat - ok
22:06:27.0085 1532 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
22:06:27.0085 1532 Fax - ok
22:06:27.0116 1532 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
22:06:27.0131 1532 fdc - ok
22:06:27.0163 1532 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
22:06:27.0163 1532 fdPHost - ok
22:06:27.0178 1532 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
22:06:27.0178 1532 FDResPub - ok
22:06:27.0209 1532 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
22:06:27.0241 1532 FileInfo - ok
22:06:27.0256 1532 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
22:06:27.0272 1532 Filetrace - ok
22:06:27.0303 1532 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
22:06:27.0303 1532 flpydisk - ok
22:06:27.0350 1532 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
22:06:27.0365 1532 FltMgr - ok
22:06:27.0459 1532 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
22:06:27.0475 1532 FontCache - ok
22:06:27.0553 1532 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:06:27.0553 1532 FontCache3.0.0.0 - ok
22:06:27.0615 1532 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
22:06:27.0646 1532 FsDepends - ok
22:06:27.0677 1532 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
22:06:27.0709 1532 Fs_Rec - ok
22:06:27.0755 1532 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
22:06:27.0755 1532 fvevol - ok
22:06:27.0802 1532 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
22:06:27.0802 1532 gagp30kx - ok
22:06:27.0833 1532 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:06:27.0849 1532 GEARAspiWDM - ok
22:06:27.0927 1532 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
22:06:27.0927 1532 gpsvc - ok
22:06:28.0036 1532 GUCI_AVS (5f1cf2ae2c2e14b0266e70c4960998c6) C:\Windows\system32\DRIVERS\GUCI_AVS.sys
22:06:28.0535 1532 GUCI_AVS - ok
22:06:28.0691 1532 gupdate - ok
22:06:28.0723 1532 gupdatem - ok
22:06:28.0754 1532 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
22:06:28.0769 1532 hcw85cir - ok
22:06:28.0832 1532 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
22:06:28.0863 1532 HdAudAddService - ok
22:06:28.0894 1532 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
22:06:28.0894 1532 HDAudBus - ok
22:06:28.0941 1532 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
22:06:28.0957 1532 HidBatt - ok
22:06:28.0972 1532 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
22:06:28.0988 1532 HidBth - ok
22:06:29.0019 1532 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
22:06:29.0035 1532 HidIr - ok
22:06:29.0066 1532 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
22:06:29.0066 1532 hidserv - ok
22:06:29.0113 1532 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
22:06:29.0128 1532 HidUsb - ok
22:06:29.0175 1532 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
22:06:29.0191 1532 hkmsvc - ok
22:06:29.0237 1532 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
22:06:29.0269 1532 HomeGroupListener - ok
22:06:29.0331 1532 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
22:06:29.0347 1532 HomeGroupProvider - ok
22:06:29.0378 1532 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
22:06:29.0393 1532 HpSAMD - ok
22:06:29.0456 1532 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
22:06:29.0471 1532 HTTP - ok
22:06:29.0534 1532 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
22:06:29.0549 1532 hwpolicy - ok
22:06:29.0596 1532 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
22:06:29.0612 1532 i8042prt - ok
22:06:29.0690 1532 iaStor (bbb3b6df1abb0fe35802ede85cc1c011) C:\Windows\system32\DRIVERS\iaStor.sys
22:06:29.0705 1532 iaStor - ok
22:06:29.0768 1532 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
22:06:29.0783 1532 iaStorV - ok
22:06:29.0893 1532 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:06:29.0908 1532 idsvc - ok
22:06:30.0439 1532 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys
22:06:30.0875 1532 igfx - ok
22:06:30.0985 1532 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
22:06:30.0985 1532 iirsp - ok
22:06:31.0063 1532 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
22:06:31.0078 1532 IKEEXT - ok
22:06:31.0109 1532 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
22:06:31.0109 1532 intelide - ok
22:06:31.0141 1532 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
22:06:31.0156 1532 intelppm - ok
22:06:31.0172 1532 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
22:06:31.0203 1532 IPBusEnum - ok
22:06:31.0250 1532 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:06:31.0250 1532 IpFilterDriver - ok
22:06:31.0312 1532 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
22:06:31.0328 1532 iphlpsvc - ok
22:06:31.0375 1532 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
22:06:31.0390 1532 IPMIDRV - ok
22:06:31.0421 1532 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
22:06:31.0437 1532 IPNAT - ok
22:06:31.0562 1532 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
22:06:31.0577 1532 iPod Service - ok
22:06:31.0624 1532 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
22:06:31.0624 1532 IRENUM - ok
22:06:31.0655 1532 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
22:06:31.0671 1532 isapnp - ok
22:06:31.0702 1532 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
22:06:31.0718 1532 iScsiPrt - ok
22:06:31.0749 1532 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
22:06:31.0765 1532 kbdclass - ok
22:06:31.0780 1532 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
22:06:31.0796 1532 kbdhid - ok
22:06:31.0843 1532 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
22:06:31.0843 1532 kbfiltr - ok
22:06:31.0889 1532 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:06:31.0889 1532 KeyIso - ok
22:06:31.0921 1532 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
22:06:31.0952 1532 KSecDD - ok
22:06:31.0983 1532 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
22:06:31.0999 1532 KSecPkg - ok
22:06:32.0030 1532 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
22:06:32.0045 1532 ksthunk - ok
22:06:32.0092 1532 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
22:06:32.0123 1532 KtmRm - ok
22:06:32.0155 1532 L1E (b8e670d7ef61615fa03104552854fac9) C:\Windows\system32\DRIVERS\L1E62x64.sys
22:06:32.0170 1532 L1E - ok
22:06:32.0217 1532 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
22:06:32.0217 1532 LanmanServer - ok
22:06:32.0264 1532 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
22:06:32.0279 1532 LanmanWorkstation - ok
22:06:32.0326 1532 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
22:06:32.0342 1532 lltdio - ok
22:06:32.0389 1532 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
22:06:32.0435 1532 lltdsvc - ok
22:06:32.0451 1532 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
22:06:32.0467 1532 lmhosts - ok
22:06:32.0513 1532 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
22:06:32.0513 1532 LSI_FC - ok
22:06:32.0545 1532 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
22:06:32.0545 1532 LSI_SAS - ok
22:06:32.0560 1532 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:06:32.0576 1532 LSI_SAS2 - ok
22:06:32.0591 1532 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:06:32.0591 1532 LSI_SCSI - ok
22:06:32.0623 1532 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
22:06:32.0623 1532 luafv - ok
22:06:32.0654 1532 lullaby (085435ae1a124361304044029b5cc644) C:\Windows\system32\DRIVERS\lullaby.sys
22:06:32.0685 1532 lullaby - ok
22:06:32.0732 1532 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
22:06:32.0732 1532 Mcx2Svc - ok
22:06:32.0779 1532 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
22:06:32.0779 1532 megasas - ok
22:06:32.0857 1532 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
22:06:32.0857 1532 MegaSR - ok
22:06:32.0903 1532 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
22:06:32.0903 1532 MMCSS - ok
22:06:32.0919 1532 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
22:06:32.0919 1532 Modem - ok
22:06:32.0950 1532 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
22:06:32.0950 1532 monitor - ok
22:06:32.0997 1532 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
22:06:32.0997 1532 mouclass - ok
22:06:33.0044 1532 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
22:06:33.0044 1532 mouhid - ok
22:06:33.0091 1532 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
22:06:33.0106 1532 mountmgr - ok
22:06:33.0137 1532 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
22:06:33.0137 1532 mpio - ok
22:06:33.0153 1532 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
22:06:33.0169 1532 mpsdrv - ok
22:06:33.0231 1532 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
22:06:33.0247 1532 MpsSvc - ok
22:06:33.0293 1532 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
22:06:33.0309 1532 MRxDAV - ok
22:06:33.0356 1532 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:06:33.0356 1532 mrxsmb - ok
22:06:33.0403 1532 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:06:33.0621 1532 mrxsmb10 - ok
22:06:33.0652 1532 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:06:33.0652 1532 mrxsmb20 - ok
22:06:33.0699 1532 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
22:06:33.0699 1532 msahci - ok
22:06:33.0746 1532 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
22:06:33.0746 1532 msdsm - ok
22:06:33.0777 1532 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
22:06:33.0793 1532 MSDTC - ok
22:06:33.0824 1532 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
22:06:33.0839 1532 Msfs - ok
22:06:33.0855 1532 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
22:06:33.0871 1532 mshidkmdf - ok
22:06:33.0902 1532 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
22:06:33.0902 1532 msisadrv - ok
22:06:33.0949 1532 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
22:06:33.0964 1532 MSiSCSI - ok
22:06:33.0964 1532 msiserver - ok
22:06:34.0011 1532 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
22:06:34.0027 1532 MSKSSRV - ok
22:06:34.0042 1532 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
22:06:34.0058 1532 MSPCLOCK - ok
22:06:34.0058 1532 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
22:06:34.0073 1532 MSPQM - ok
22:06:34.0136 1532 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
22:06:34.0167 1532 MsRPC - ok
22:06:34.0198 1532 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
22:06:34.0214 1532 mssmbios - ok
22:06:34.0245 1532 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
22:06:34.0261 1532 MSTEE - ok
22:06:34.0261 1532 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
22:06:34.0261 1532 MTConfig - ok
22:06:34.0307 1532 MTsensor (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys
22:06:34.0323 1532 MTsensor - ok
22:06:34.0354 1532 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
22:06:34.0354 1532 Mup - ok
22:06:34.0417 1532 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
22:06:34.0417 1532 napagent - ok
22:06:34.0463 1532 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
22:06:34.0495 1532 NativeWifiP - ok
22:06:34.0588 1532 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
22:06:34.0604 1532 NDIS - ok
22:06:34.0619 1532 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
22:06:34.0635 1532 NdisCap - ok
22:06:34.0666 1532 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
22:06:34.0666 1532 NdisTapi - ok
22:06:34.0697 1532 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
22:06:34.0713 1532 Ndisuio - ok
22:06:34.0760 1532 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
22:06:34.0760 1532 NdisWan - ok
22:06:34.0807 1532 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
22:06:34.0822 1532 NDProxy - ok
22:06:34.0869 1532 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
22:06:34.0885 1532 NetBIOS - ok
22:06:34.0931 1532 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
22:06:34.0963 1532 NetBT - ok
22:06:34.0994 1532 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:06:35.0009 1532 Netlogon - ok
22:06:35.0072 1532 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
22:06:35.0087 1532 Netman - ok
22:06:35.0119 1532 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
22:06:35.0119 1532 netprofm - ok
22:06:35.0181 1532 netr7364 (81b8d0c1ce44a7fdbd596b693783950c) C:\Windows\system32\DRIVERS\netr7364.sys
22:06:35.0197 1532 netr7364 - ok
22:06:35.0275 1532 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:06:35.0290 1532 NetTcpPortSharing - ok
22:06:35.0337 1532 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
22:06:35.0337 1532 nfrd960 - ok
22:06:35.0399 1532 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
22:06:35.0399 1532 NlaSvc - ok
22:06:35.0431 1532 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
22:06:35.0446 1532 Npfs - ok
22:06:35.0477 1532 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
22:06:35.0477 1532 nsi - ok
22:06:35.0493 1532 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
22:06:35.0509 1532 nsiproxy - ok
22:06:35.0618 1532 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
22:06:35.0696 1532 Ntfs - ok
22:06:35.0789 1532 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
22:06:35.0805 1532 Null - ok
22:06:35.0852 1532 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
22:06:35.0867 1532 nvraid - ok
22:06:35.0914 1532 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
22:06:35.0930 1532 nvstor - ok
22:06:35.0977 1532 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
22:06:35.0977 1532 nv_agp - ok
22:06:36.0039 1532 NWADI (17bcf5df3c54dcf2af2e164eb84a0169) C:\Windows\system32\DRIVERS\NWADIenum.sys
22:06:36.0039 1532 NWADI - ok
22:06:36.0086 1532 NWUSBCDFIL64 (de3abd010d9734cd4ad4e0ba81f50b63) C:\Windows\system32\DRIVERS\NwUsbCdFil64.sys
22:06:36.0101 1532 NWUSBCDFIL64 - ok
22:06:36.0148 1532 NWUSBModem (a3fadcf96abf4803e7a946cd48641ac3) C:\Windows\system32\DRIVERS\nwusbmdm.sys
22:06:36.0164 1532 NWUSBModem - ok
22:06:36.0195 1532 NWUSBPort (a3fadcf96abf4803e7a946cd48641ac3) C:\Windows\system32\DRIVERS\nwusbser.sys
22:06:36.0195 1532 NWUSBPort - ok
22:06:36.0257 1532 NWUSBPort2 (a3fadcf96abf4803e7a946cd48641ac3) C:\Windows\system32\DRIVERS\nwusbser2.sys
22:06:36.0273 1532 NWUSBPort2 - ok
22:06:36.0382 1532 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:06:36.0382 1532 odserv - ok
22:06:36.0429 1532 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
22:06:36.0460 1532 ohci1394 - ok
22:06:36.0523 1532 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:06:36.0523 1532 ose - ok
22:06:36.0569 1532 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
22:06:36.0601 1532 p2pimsvc - ok
22:06:36.0647 1532 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
22:06:36.0694 1532 p2psvc - ok
22:06:36.0741 1532 papycpu - ok
22:06:36.0757 1532 papyjoy - ok
22:06:36.0788 1532 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
22:06:36.0803 1532 Parport - ok
22:06:36.0835 1532 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
22:06:36.0866 1532 partmgr - ok
22:06:36.0928 1532 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
22:06:36.0928 1532 PcaSvc - ok
22:06:36.0975 1532 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
22:06:36.0991 1532 pci - ok
22:06:37.0006 1532 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
22:06:37.0006 1532 pciide - ok
22:06:37.0037 1532 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
22:06:37.0069 1532 pcmcia - ok
22:06:37.0100 1532 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
22:06:37.0100 1532 pcw - ok
22:06:37.0147 1532 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
22:06:37.0193 1532 PEAUTH - ok
22:06:37.0256 1532 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
22:06:37.0271 1532 PerfHost - ok
22:06:37.0396 1532 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
22:06:37.0537 1532 pla - ok
22:06:37.0615 1532 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
22:06:37.0630 1532 PlugPlay - ok
22:06:37.0661 1532 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
22:06:37.0661 1532 PNRPAutoReg - ok
22:06:37.0708 1532 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
22:06:37.0708 1532 PNRPsvc - ok
22:06:37.0771 1532 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
22:06:37.0771 1532 PolicyAgent - ok
22:06:37.0817 1532 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
22:06:37.0833 1532 Power - ok
22:06:37.0927 1532 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
22:06:37.0927 1532 PptpMiniport - ok
22:06:37.0958 1532 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
22:06:37.0973 1532 Processor - ok
22:06:38.0020 1532 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
22:06:38.0036 1532 ProfSvc - ok
22:06:38.0051 1532 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:06:38.0067 1532 ProtectedStorage - ok
22:06:38.0114 1532 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
22:06:38.0114 1532 Psched - ok
22:06:38.0129 1532 PTUMWBus - ok
22:06:38.0129 1532 PTUMWFLT - ok
22:06:38.0145 1532 PTUMWMdm - ok
22:06:38.0161 1532 PTUMWNET - ok
22:06:38.0176 1532 PTUMWVsp - ok
22:06:38.0207 1532 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
22:06:38.0223 1532 PxHlpa64 - ok
22:06:38.0317 1532 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
22:06:38.0395 1532 ql2300 - ok
22:06:38.0504 1532 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
22:06:38.0519 1532 ql40xx - ok
22:06:38.0551 1532 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
22:06:38.0597 1532 QWAVE - ok
22:06:38.0613 1532 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
22:06:38.0644 1532 QWAVEdrv - ok
22:06:38.0660 1532 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
22:06:38.0675 1532 RasAcd - ok
22:06:38.0707 1532 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
22:06:38.0722 1532 RasAgileVpn - ok
22:06:38.0753 1532 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
22:06:38.0769 1532 RasAuto - ok
22:06:38.0816 1532 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:06:38.0831 1532 Rasl2tp - ok
22:06:38.0894 1532 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
22:06:38.0925 1532 RasMan - ok
22:06:38.0972 1532 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
22:06:38.0987 1532 RasPppoe - ok
22:06:39.0019 1532 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
22:06:39.0019 1532 RasSstp - ok
22:06:39.0065 1532 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
22:06:39.0112 1532 rdbss - ok
22:06:39.0128 1532 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
22:06:39.0128 1532 rdpbus - ok
22:06:39.0159 1532 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:06:39.0175 1532 RDPCDD - ok
22:06:39.0190 1532 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
22:06:39.0206 1532 RDPENCDD - ok
22:06:39.0221 1532 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
22:06:39.0237 1532 RDPREFMP - ok
22:06:39.0268 1532 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
22:06:39.0565 1532 RDPWD - ok
22:06:39.0799 1532 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
22:06:39.0814 1532 rdyboost - ok
22:06:39.0845 1532 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
22:06:39.0845 1532 RemoteAccess - ok
22:06:39.0877 1532 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
22:06:39.0892 1532 RemoteRegistry - ok
22:06:39.0939 1532 RimUsb (5790bca445cc40df8b38c2c48608aac2) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
22:06:39.0939 1532 RimUsb - ok
22:06:39.0970 1532 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
22:06:39.0986 1532 RpcEptMapper - ok
22:06:40.0017 1532 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
22:06:40.0017 1532 RpcLocator - ok
22:06:40.0064 1532 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
22:06:40.0079 1532 RpcSs - ok
22:06:40.0126 1532 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
22:06:40.0126 1532 rspndr - ok
22:06:40.0157 1532 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:06:40.0157 1532 SamSs - ok
22:06:40.0376 1532 SBAMSvc (39c35dd3df985dde1cf8ac3b76c35d64) C:\Program Files (x86)\Sunbelt Software\VIPRE\SBAMSvc.exe
22:06:40.0407 1532 SBAMSvc - ok
22:06:40.0547 1532 sbapifs (db7f9394b2f2d446df14d46c61b0e94b) C:\Windows\system32\DRIVERS\sbapifs.sys
22:06:40.0547 1532 sbapifs - ok
22:06:40.0641 1532 SbFw (cdb954c736d51dc5fa712c039af4f683) C:\Windows\system32\drivers\SbFw.sys
22:06:40.0657 1532 SbFw - ok
22:06:40.0703 1532 SBFWIMCL (5de22e3cb6140213da2e0599b08d525c) C:\Windows\system32\DRIVERS\sbfwim.sys
22:06:40.0703 1532 SBFWIMCL - ok
22:06:40.0766 1532 SbHips (a5bc45f8c2f30350e7566799c86b2f5d) C:\Windows\system32\drivers\sbhips.sys
22:06:40.0781 1532 SbHips - ok
22:06:40.0813 1532 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
22:06:40.0844 1532 sbp2port - ok
22:06:40.0922 1532 SBPIMSvc (1b74c5525b3647481eea5c6bddf8bcea) C:\Program Files (x86)\Sunbelt Software\VIPRE\SBPIMSvc.exe
22:06:40.0922 1532 SBPIMSvc - ok
22:06:40.0984 1532 SBRE (fd833bee2fd9befdc0afd1941a306d9e) C:\Windows\system32\drivers\SBREdrv.sys
22:06:41.0000 1532 SBRE - ok
22:06:41.0062 1532 SbTis (f9955774a6bf0a5ca696f591c7b80a79) C:\Windows\system32\drivers\sbtis.sys
22:06:41.0078 1532 SbTis - ok
22:06:41.0109 1532 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
22:06:41.0140 1532 SCardSvr - ok
22:06:41.0171 1532 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
22:06:41.0203 1532 scfilter - ok
22:06:41.0359 1532 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
22:06:41.0390 1532 Schedule - ok
22:06:41.0437 1532 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
22:06:41.0437 1532 SCPolicySvc - ok
22:06:41.0468 1532 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
22:06:41.0515 1532 SDRSVC - ok
22:06:41.0593 1532 SeaPort (4a5809a1d796e2675ac0332bf7b0cb11) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
22:06:41.0608 1532 SeaPort - ok
22:06:41.0671 1532 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
22:06:41.0686 1532 secdrv - ok
22:06:41.0733 1532 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
22:06:41.0764 1532 seclogon - ok
22:06:41.0795 1532 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
22:06:41.0795 1532 SENS - ok
22:06:41.0827 1532 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
22:06:41.0842 1532 SensrSvc - ok
22:06:41.0858 1532 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
22:06:41.0858 1532 Serenum - ok
22:06:41.0889 1532 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
22:06:41.0905 1532 Serial - ok
22:06:41.0951 1532 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
22:06:41.0951 1532 sermouse - ok
22:06:42.0014 1532 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
22:06:42.0014 1532 SessionEnv - ok
22:06:42.0029 1532 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
22:06:42.0045 1532 sffdisk - ok
22:06:42.0061 1532 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
22:06:42.0061 1532 sffp_mmc - ok
22:06:42.0092 1532 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
22:06:42.0092 1532 sffp_sd - ok
22:06:42.0107 1532 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
22:06:42.0123 1532 sfloppy - ok
22:06:42.0170 1532 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
22:06:42.0201 1532 SharedAccess - ok
22:06:42.0248 1532 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
22:06:42.0248 1532 ShellHWDetection - ok
22:06:42.0295 1532 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys
22:06:42.0295 1532 SiSGbeLH - ok
22:06:42.0310 1532 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:06:42.0326 1532 SiSRaid2 - ok
22:06:42.0326 1532 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
22:06:42.0341 1532 SiSRaid4 - ok
22:06:42.0357 1532 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
22:06:42.0357 1532 Smb - ok
22:06:42.0435 1532 SMSIVZAM5X64 (b5d3c24e4ea8e6d4850e83dad8c510d4) C:\PROGRA~2\VERIZO~1\VZACCE~1\SMSIVZAM5X64.SYS
22:06:42.0435 1532 SMSIVZAM5X64 - ok
22:06:42.0482 1532 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
22:06:42.0482 1532 SNMPTRAP - ok
22:06:42.0513 1532 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
22:06:42.0529 1532 spldr - ok
22:06:42.0591 1532 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
22:06:42.0607 1532 Spooler - ok
22:06:42.0809 1532 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
22:06:42.0825 1532 sppsvc - ok
22:06:42.0950 1532 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
22:06:42.0981 1532 sppuinotify - ok
22:06:43.0043 1532 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
22:06:43.0075 1532 srv - ok
22:06:43.0121 1532 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
22:06:43.0153 1532 srv2 - ok
22:06:43.0168 1532 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
22:06:43.0199 1532 srvnet - ok
22:06:43.0231 1532 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
22:06:43.0246 1532 SSDPSRV - ok
22:06:43.0262 1532 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
22:06:43.0277 1532 SstpSvc - ok
22:06:43.0309 1532 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
22:06:43.0324 1532 stexstor - ok
22:06:43.0387 1532 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
22:06:43.0433 1532 stisvc - ok
22:06:43.0449 1532 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
22:06:43.0465 1532 swenum - ok
22:06:43.0527 1532 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
22:06:43.0558 1532 swprv - ok
22:06:43.0605 1532 sxuptp (52eb25bd8ab4e331028c48b178441b36) C:\Windows\system32\DRIVERS\sxuptp.sys
22:06:43.0621 1532 sxuptp - ok
22:06:43.0746 1532 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
22:06:43.0778 1532 SysMain - ok
22:06:43.0871 1532 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
22:06:43.0902 1532 TabletInputService - ok
22:06:43.0949 1532 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
22:06:43.0996 1532 TapiSrv - ok
22:06:44.0043 1532 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
22:06:44.0058 1532 TBS - ok
22:06:44.0199 1532 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
22:06:44.0339 1532 Tcpip - ok
22:06:44.0495 1532 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
22:06:44.0526 1532 TCPIP6 - ok
22:06:44.0604 1532 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
22:06:44.0604 1532 tcpipreg - ok
22:06:44.0636 1532 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
22:06:44.0651 1532 TDPIPE - ok
22:06:44.0682 1532 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
22:06:44.0698 1532 TDTCP - ok
22:06:44.0745 1532 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
22:06:44.0760 1532 tdx - ok
22:06:44.0792 1532 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
22:06:44.0823 1532 TermDD - ok
22:06:44.0870 1532 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
22:06:44.0885 1532 TermService - ok
22:06:44.0901 1532 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
22:06:44.0916 1532 Themes - ok
22:06:44.0948 1532 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
22:06:44.0963 1532 THREADORDER - ok
22:06:45.0010 1532 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
22:06:45.0010 1532 TrkWks - ok
22:06:45.0088 1532 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
22:06:45.0088 1532 TrustedInstaller - ok
22:06:45.0135 1532 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:06:45.0150 1532 tssecsrv - ok
22:06:45.0213 1532 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
22:06:45.0228 1532 TsUsbFlt - ok
22:06:45.0291 1532 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
22:06:45.0306 1532 tunnel - ok
22:06:45.0338 1532 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
22:06:45.0338 1532 uagp35 - ok
22:06:45.0400 1532 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
22:06:45.0400 1532 udfs - ok
22:06:45.0478 1532 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
22:06:45.0478 1532 UI0Detect - ok
22:06:45.0525 1532 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
22:06:45.0525 1532 uliagpkx - ok
22:06:45.0572 1532 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
22:06:45.0572 1532 umbus - ok
22:06:45.0603 1532 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
22:06:45.0603 1532 UmPass - ok
22:06:45.0634 1532 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
22:06:45.0650 1532 upnphost - ok
22:06:45.0712 1532 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
22:06:45.0712 1532 USBAAPL64 - ok
22:06:45.0759 1532 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
22:06:45.0774 1532 usbccgp - ok
22:06:45.0806 1532 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
22:06:45.0806 1532 usbcir - ok
22:06:45.0837 1532 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
22:06:45.0868 1532 usbehci - ok
22:06:45.0899 1532 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
22:06:45.0946 1532 usbhub - ok
22:06:45.0977 1532 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
22:06:45.0977 1532 usbohci - ok
22:06:46.0024 1532 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
22:06:46.0024 1532 usbprint - ok
22:06:46.0086 1532 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
22:06:46.0086 1532 usbscan - ok
22:06:46.0133 1532 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:06:46.0133 1532 USBSTOR - ok
22:06:46.0164 1532 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
22:06:46.0180 1532 usbuhci - ok
22:06:46.0227 1532 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
22:06:46.0242 1532 usbvideo - ok
22:06:46.0274 1532 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
22:06:46.0274 1532 UxSms - ok
22:06:46.0320 1532 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:06:46.0320 1532 VaultSvc - ok
22:06:46.0352 1532 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
22:06:46.0352 1532 vdrvroot - ok
22:06:46.0414 1532 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
22:06:46.0430 1532 vds - ok
22:06:46.0461 1532 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
22:06:46.0461 1532 vga - ok
22:06:46.0492 1532 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
22:06:46.0492 1532 VgaSave - ok
22:06:46.0539 1532 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
22:06:46.0554 1532 vhdmp - ok
22:06:46.0679 1532 VIAHdAudAddService (fe595d1a1b781190bb483444b62cc607) C:\Windows\system32\drivers\viahduaa.sys
22:06:46.0695 1532 VIAHdAudAddService - ok
22:06:46.0742 1532 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
22:06:46.0742 1532 viaide - ok
22:06:46.0773 1532 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
22:06:46.0788 1532 volmgr - ok
22:06:46.0835 1532 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
22:06:46.0851 1532 volmgrx - ok
22:06:46.0898 1532 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
22:06:46.0913 1532 volsnap - ok
22:06:46.0960 1532 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
22:06:46.0960 1532 vsmraid - ok
22:06:47.0069 1532 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
22:06:47.0085 1532 VSS - ok
22:06:47.0241 1532 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
22:06:47.0256 1532 vwifibus - ok
22:06:47.0272 1532 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
22:06:47.0288 1532 vwififlt - ok
22:06:47.0334 1532 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
22:06:47.0334 1532 W32Time - ok
22:06:47.0366 1532 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
22:06:47.0381 1532 WacomPen - ok
22:06:47.0428 1532 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
22:06:47.0459 1532 WANARP - ok
22:06:47.0459 1532 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
22:06:47.0475 1532 Wanarpv6 - ok
22:06:47.0584 1532 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
22:06:47.0615 1532 WatAdminSvc - ok
22:06:47.0724 1532 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
22:06:47.0740 1532 wbengine - ok
22:06:47.0834 1532 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
22:06:47.0880 1532 WbioSrvc - ok
22:06:47.0943 1532 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
22:06:48.0005 1532 wcncsvc - ok
22:06:48.0161 1532 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
22:06:48.0177 1532 WcsPlugInService - ok
22:06:48.0224 1532 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
22:06:48.0224 1532 Wd - ok
22:06:48.0286 1532 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
22:06:48.0286 1532 WDC_SAM - ok
22:06:48.0348 1532 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
22:06:48.0395 1532 Wdf01000 - ok
22:06:48.0426 1532 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
22:06:48.0426 1532 WdiServiceHost - ok
22:06:48.0426 1532 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
22:06:48.0442 1532 WdiSystemHost - ok
22:06:48.0504 1532 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
22:06:48.0551 1532 WebClient - ok
22:06:48.0582 1532 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
22:06:48.0614 1532 Wecsvc - ok
22:06:48.0645 1532 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
22:06:48.0645 1532 wercplsupport - ok
22:06:48.0676 1532 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
22:06:48.0676 1532 WerSvc - ok
22:06:48.0738 1532 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
22:06:48.0738 1532 WfpLwf - ok
22:06:48.0785 1532 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
22:06:48.0785 1532 WimFltr - ok
22:06:48.0816 1532 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
22:06:48.0816 1532 WIMMount - ok
22:06:48.0863 1532 WinDefend - ok
22:06:48.0879 1532 WinHttpAutoProxySvc - ok
22:06:48.0957 1532 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
22:06:48.0957 1532 Winmgmt - ok
22:06:49.0097 1532 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
22:06:49.0206 1532 WinRM - ok
22:06:49.0331 1532 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
22:06:49.0347 1532 WinUsb - ok
22:06:49.0409 1532 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
22:06:49.0440 1532 Wlansvc - ok
22:06:49.0674 1532 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:06:49.0690 1532 wlidsvc - ok
22:06:49.0800 1532 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
22:06:49.0816 1532 WmiAcpi - ok
22:06:49.0878 1532 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
22:06:49.0878 1532 wmiApSrv - ok
22:06:49.0909 1532 WMPNetworkSvc - ok
22:06:49.0941 1532 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
22:06:49.0941 1532 WPCSvc - ok
22:06:49.0972 1532 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
22:06:49.0972 1532 WPDBusEnum - ok
22:06:50.0003 1532 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
22:06:50.0003 1532 ws2ifsl - ok
22:06:50.0019 1532 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
22:06:50.0034 1532 wscsvc - ok
22:06:50.0034 1532 WSearch - ok
22:06:50.0190 1532 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
22:06:50.0237 1532 wuauserv - ok
22:06:50.0362 1532 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
22:06:50.0377 1532 WudfPf - ok
22:06:50.0409 1532 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:06:50.0440 1532 WUDFRd - ok
22:06:50.0471 1532 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
22:06:50.0487 1532 wudfsvc - ok
22:06:50.0518 1532 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
22:06:50.0549 1532 WwanSvc - ok
22:06:50.0596 1532 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
22:06:50.0658 1532 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
22:06:50.0658 1532 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
22:06:50.0752 1532 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
22:06:50.0752 1532 \Device\Harddisk0\DR0 - detected TDSS File System (1)
22:06:51.0001 1532 Boot (0x1200) (0d3f1507c4849be6084ce4b5ef64b55c) \Device\Harddisk0\DR0\Partition0
22:06:51.0001 1532 \Device\Harddisk0\DR0\Partition0 - ok
22:06:51.0001 1532 ============================================================
22:06:51.0001 1532 Scan finished
22:06:51.0001 1532 ============================================================
22:06:51.0017 1984 Detected object count: 2
22:06:51.0017 1984 Actual detected object count: 2
22:07:44.0151 1984 \Device\Harddisk0\DR0\# - copied to quarantine
22:07:44.0166 1984 \Device\Harddisk0\DR0 - copied to quarantine
22:07:44.0260 1984 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
22:07:44.0276 1984 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
22:07:44.0291 1984 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
22:07:44.0307 1984 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
22:07:44.0400 1984 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
22:07:44.0416 1984 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
22:07:44.0432 1984 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
22:07:44.0447 1984 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
22:07:44.0447 1984 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
22:07:44.0463 1984 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
22:07:44.0478 1984 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
22:07:44.0494 1984 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
22:07:44.0510 1984 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
22:07:44.0541 1984 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
22:07:44.0541 1984 \Device\Harddisk0\DR0 - ok
22:07:44.0603 1984 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
22:07:44.0603 1984 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
22:07:44.0603 1984 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
22:07:55.0274 4796 Deinitialize success



aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-03 22:13:54
-----------------------------
22:13:54.215 OS Version: Windows x64 6.1.7601 Service Pack 1
22:13:54.215 Number of processors: 2 586 0x170A
22:13:54.215 ComputerName: ALICA-PC UserName: Alica
22:13:56.228 Initialize success
22:17:02.620 AVAST engine defs: 12080301
22:17:17.191 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
22:17:17.206 Disk 0 Vendor: ST950032 0002 Size: 476940MB BusType: 3
22:17:17.222 Disk 0 MBR read successfully
22:17:17.222 Disk 0 MBR scan
22:17:17.222 Disk 0 Windows VISTA default MBR code
22:17:17.237 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 14997 MB offset 2048
22:17:17.269 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 461940 MB offset 30716280
22:17:17.284 Disk 0 scanning C:\Windows\system32\drivers
22:17:48.782 Service scanning
22:18:49.619 Modules scanning
22:18:49.619 Disk 0 trace - called modules:
22:18:49.649 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys
22:18:49.649 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c1e690]
22:18:49.649 3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> [0xfffffa8004a8ab20]
22:18:49.649 5 ACPI.sys[fffff88000f767a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004a90050]
22:18:53.882 AVAST engine scan C:\Windows
22:19:09.138 AVAST engine scan C:\Windows\system32
22:28:20.411 AVAST engine scan C:\Windows\system32\drivers
22:28:47.805 AVAST engine scan C:\Users\Alica
22:31:24.847 File: C:\Users\Alica\AppData\Local\MyHeritage.com\vrhhgwra.dll **INFECTED** Win32:Kryptik-JLW [Trj]
22:31:30.459 File: C:\Users\Alica\AppData\Local\Temp\5542.tmp **INFECTED** Win32:Alureon-AUU [Drp]
22:36:42.057 Disk 0 MBR has been saved successfully to "C:\Users\Alica\Desktop\MBR.dat"
22:36:42.063 The log file has been saved successfully to "C:\Users\Alica\Desktop\aswMBR.txt"
22:40:59.234 Disk 0 MBR has been saved successfully to "C:\Users\Alica\Desktop\MBR.dat"
22:40:59.273 The log file has been saved successfully to "C:\Users\Alica\Desktop\aswMBR.txt"
22:41:18.713 Disk 0 MBR has been saved successfully to "C:\Users\Alica\Desktop\MBR.dat"
22:41:18.721 The log file has been saved successfully to "C:\Users\Alica\Desktop\aswMBR1.txt"




C:\ProgramData\Microsoft\Windows\DRM\4FE3.tmp Win64/Olmarik.AH trojan cleaned by deleting - quarantined
C:\ProgramData\Microsoft\Windows\DRM\4FF4.tmp Win64/Olmarik.AH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\03.08.2012_22.05.46\mbr0000\tdlfs0000\tsk0000.dta Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\03.08.2012_22.05.46\mbr0000\tdlfs0000\tsk0001.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\03.08.2012_22.05.46\mbr0000\tdlfs0000\tsk0002.dta Win32/Olmarik.AYH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\03.08.2012_22.05.46\mbr0000\tdlfs0000\tsk0003.dta Win64/Olmarik.AL trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\03.08.2012_22.05.46\mbr0000\tdlfs0000\tsk0004.dta a variant of Win32/Rootkit.Kryptik.NP trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\03.08.2012_22.05.46\mbr0000\tdlfs0000\tsk0005.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\03.08.2012_22.05.46\mbr0000\tdlfs0000\tsk0009.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\03.08.2012_22.05.46\mbr0000\tdlfs0000\tsk0010.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:51 AM

Posted 04 August 2012 - 05:30 AM

Run TDSSkiller once again and delete this one

22:07:44.0603 1984 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#7 whatsherface

whatsherface
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:51 AM

Posted 04 August 2012 - 07:14 PM

MiniToolBox by Farbar Version: 23-07-2012
Ran by Alica (administrator) on 04-08-2012 at 18:53:08
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Atheros AR9285 Wireless Network Adapter = Wireless Network Connection (Connected)
Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Alica-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Belkin

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller
Physical Address. . . . . . . . . : E0-CB-4E-3D-C5-E2
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter
Physical Address. . . . . . . . . : 00-25-D3-ED-69-D5
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::9925:2033:720d:cb9a%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, August 04, 2012 6:45:04 PM
Lease Expires . . . . . . . . . . : Wednesday, September 11, 2148 1:21:38 AM
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DHCPv6 IAID . . . . . . . . . . . : 234890707
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-B8-7E-65-00-25-D3-ED-69-D5
DNS Servers . . . . . . . . . . . : 192.168.2.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{6E3132AA-57A6-4DBA-8AE4-8BCF4956F3EB}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 16:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:2c15:2e41:3f57:fdfd(Preferred)
Link-local IPv6 Address . . . . . : fe80::2c15:2e41:3f57:fdfd%24(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.Belkin:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{773BEC91-AEA4-42A1-8557-B8B2EE1B1829}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: router.belkin
Address: 192.168.2.1

Name: google.com
Addresses: 2607:f8b0:4002:802::100e
74.125.139.113
74.125.139.138
74.125.139.139
74.125.139.100
74.125.139.101
74.125.139.102


Pinging google.com [74.125.139.113] with 32 bytes of data:
Reply from 74.125.139.113: bytes=32 time=47ms TTL=46
Reply from 74.125.139.113: bytes=32 time=73ms TTL=46

Ping statistics for 74.125.139.113:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 47ms, Maximum = 73ms, Average = 60ms
Server: router.belkin
Address: 192.168.2.1

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
209.191.122.70


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=65ms TTL=51
Reply from 72.30.38.140: bytes=32 time=163ms TTL=51

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 65ms, Maximum = 163ms, Average = 114ms
Server: router.belkin
Address: 192.168.2.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...e0 cb 4e 3d c5 e2 ......Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller
10...00 25 d3 ed 69 d5 ......Atheros AR9285 Wireless Network Adapter
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
24...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
25...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
26...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
21...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.2 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.2.0 255.255.255.0 On-link 192.168.2.2 281
192.168.2.2 255.255.255.255 On-link 192.168.2.2 281
192.168.2.255 255.255.255.255 On-link 192.168.2.2 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.2.2 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.2.2 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
24 58 ::/0 On-link
1 306 ::1/128 On-link
24 58 2001::/32 On-link
24 306 2001:0:9d38:953c:2c15:2e41:3f57:fdfd/128
On-link
10 281 fe80::/64 On-link
24 306 fe80::/64 On-link
24 306 fe80::2c15:2e41:3f57:fdfd/128
On-link
10 281 fe80::9925:2033:720d:cb9a/128
On-link
1 306 ff00::/8 On-link
24 306 ff00::/8 On-link
10 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/03/2012 10:46:47 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/03/2012 10:46:38 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/03/2012 10:46:37 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/03/2012 10:46:34 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/01/2012 05:15:00 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (07/30/2012 07:07:41 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24

Error: (07/30/2012 07:07:41 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 23

Error: (07/30/2012 07:07:41 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 22

Error: (07/30/2012 07:07:41 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 21

Error: (07/30/2012 07:07:41 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 20


System errors:
=============
Error: (08/04/2012 01:37:58 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
papycpu
papyjoy

Error: (08/04/2012 01:37:36 PM) (Source: Microsoft-Windows-BitLocker-Driver) (User: NT AUTHORITY)
Description: Encrypted volume check: Volume information on D: cannot be read.

Error: (08/04/2012 01:37:28 PM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\drivers\papyjoy.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (08/04/2012 01:37:28 PM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\drivers\papycpu.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (08/04/2012 01:37:00 PM) (Source: Service Control Manager) (User: )
Description: The UPnP Device Host service failed to start due to the following error:
%%1069

Error: (08/04/2012 01:37:00 PM) (Source: Service Control Manager) (User: )
Description: The upnphost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error:
%%50

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (08/04/2012 01:37:00 PM) (Source: DCOM) (User: )
Description: 1069upnphost{204810B9-73B2-11D4-BF42-00B0D0118B56}

Error: (08/04/2012 11:14:54 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
papycpu
papyjoy

Error: (08/04/2012 11:14:06 AM) (Source: Microsoft-Windows-BitLocker-Driver) (User: NT AUTHORITY)
Description: Encrypted volume check: Volume information on D: cannot be read.

Error: (08/04/2012 11:13:58 AM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\drivers\papyjoy.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 10 ActiveX (Version: 10.3.181.14)
Adobe Flash Player 10 Plugin (Version: 10.0.32.18)
Adobe Reader 9.4.6 MUI (Version: 9.4.6)
Alcor Micro USB Card Reader (Version: 1.5.17.25482)
AOL Toolbar
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
ArcSoft Print Creations - Album Page
ArcSoft Print Creations (Version: 2.8.255.384)
ASUS AI Recovery (Version: 1.0.7)
ASUS CopyProtect (Version: 1.0.0015)
ASUS FancyStart (Version: 1.0.6)
ASUS LifeFrame3 (Version: 3.0.20)
ASUS Live Update (Version: 2.5.9)
ASUS MultiFrame (Version: 1.0.0019)
ASUS Power4Gear Hybrid (Version: 1.1.25)
ASUS SmartLogon (Version: 1.0.0007)
ASUS Splendid Video Enhancement Technology (Version: 1.02.0028)
ASUS USB2.0 UVC VGA WebCam
ASUS Virtual Camera (Version: 1.0.19)
ASUS_Screensaver
ATK Package (Version: 1.0.0000)
Belkin Setup and Router Monitor
Belkin USB Print and Storage Center (Version: 1.1.2)
Bonjour (Version: 3.0.0.10)
CCleaner (Version: 3.19)
CCScore (Version: 8.02.0000.0001)
Choice Guard (Version: 1.2.87.0)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
ControlDeck (Version: 1.0.4)
Coupon Printer for Windows (Version: 5.0.0.1)
Download Updater (AOL LLC)
ESET Online Scanner v3
ESSBrwr (Version: 8.02.0000.0001)
ESSCDBK (Version: 8.02.0000.0001)
ESScore (Version: 8.02.0000.0001)
ESSgui (Version: 8.02.0000.0001)
ESSini (Version: 8.02.0000.0001)
ESSPCD (Version: 8.02.0000.0001)
ESSPDock (Version: 6.03.0001.0004)
ESSTOOLS (Version: 5.00.0000.0004)
essvatgt (Version: 8.00.0000.0001)
ETDWare PS/2-x64 7.0.5.9_WHQL
Fast Boot (Version: 1.0.4)
Google Chrome (Version: 21.0.1180.60)
Google Update Helper (Version: 1.3.21.57)
Hot Rod American Street Drag
iCloud (Version: 1.1.0.40)
Intel® Control Center (Version: 1.2.0.1006)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.1986)
iTunes (Version: 10.6.3.25)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 22 (Version: 6.0.220)
Java™ 6 Update 31 (Version: 6.0.310)
Kodak EasyShare software
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Search Enhancement Pack (Version: 3.0.127.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
Mobile Broadband Generic Drivers (Version: 2.03.06.002.14)
MobileMe Control Panel (Version: 3.1.8.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NASCAR® Legends Demo
netbrdg (Version: 7.01.0000.0001)
OfotoXMI (Version: 8.02.1000.0001)
OpenOffice.org 3.3 (Version: 3.3.9567)
Platform (Version: 1.34)
QuickTime (Version: 7.72.80.56)
Roxio Burn (Version: 1.2)
Roxio Roxio Burn (Version: 1.0.0)
Roxio Update Manager (Version: 6.0.0)
Safari (Version: 5.34.57.2)
SFR (Version: 8.01.0000.0001)
SHASTA (Version: 7.01.0000.0001)
skin0001 (Version: 8.02.0000.0001)
SKINXSDK (Version: 8.02.0000.0001)
staticcr (Version: 8.02.0000.0001)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Verizon Wireless MiFi-2200 Firmware Updates (Version: 1.0.0)
VIA Platform Device Manager (Version: 1.34)
Video Mover
VIPRE Antivirus Premium (Version: 4.0.4194)
Visual C++ 8.0 Runtime Setup Package (x64) (Version: 9.0.0.623)
VPRINTOL (Version: 8.02.0000.0001)
VZAccess Manager (Version: 7.0.10.1)
Windows Live Essentials (Version: 14.0.8050.1202)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live Writer (Version: 14.0.8050.1202)
WinFlash (Version: 2.26.0)
WinRAR archiver
WIRELESS (Version: 8.02.0000.0001)
Wireless Console 3 (Version: 3.0.14)
Yahoo! Detect

========================= Memory info: ===================================

Percentage of memory in use: 41%
Total physical RAM: 4061.09 MB
Available physical RAM: 2381.15 MB
Total Pagefile: 8120.36 MB
Available Pagefile: 6275.68 MB
Total Virtual: 4095.88 MB
Available Virtual: 3968.55 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:451.11 GB) (Free:351.14 GB) NTFS

========================= Users: ========================================

User accounts for \\ALICA-PC

Administrator Alica Guest


**** End of log ****







Farbar Service Scanner Version: 04-08-2012 01
Ran by Alica (administrator) on 04-08-2012 at 18:54:49
Running from "C:\Users\Alica\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SJ6XOTUU"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is set to Demand
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****





# AdwCleaner v1.800 - Logfile created 08/04/2012 at 18:58:20
# Updated 01/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Alica - ALICA-PC
# Running from : C:\Users\Alica\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7IHJQDVR\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\Program Files (x86)\Common Files\Software Update Utility
File Deleted : C:\Windows\Uninstall.exe

***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
[x64] Key Deleted : HKLM\SOFTWARE\Software

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v21.0.1180.60

File : C:\Users\Alica\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted : "description": "The fastest way to search the web.",

*************************

AdwCleaner[S1].txt - [338 octets] - [04/08/2012 18:56:34]
AdwCleaner[S2].txt - [3202 octets] - [04/08/2012 18:58:20]

########## EOF - C:\AdwCleaner[S2].txt - [3330 octets] ##########







On a side note: I have another computer that uses the same router. It has better virus protection and is ran all of the time. Nothing seems to be out of place for it. DO I need to do anything for it?

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:51 AM

Posted 04 August 2012 - 11:38 PM

On a side note: I have another computer that uses the same router. It has better virus protection and is ran all of the time. Nothing seems to be out of place for it. DO I need to do anything for it?


If you're suspicious ,you can run these tools to make sure that every scan comes out clean

I still need the MBAM log

#9 whatsherface

whatsherface
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:51 AM

Posted 05 August 2012 - 07:36 PM

This is the clean log I got after I ran it the first time and it had some infections and I removed them.
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.04.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Alica :: ALICA-PC [administrator]

8/4/2012 1:39:16 PM
mbam-log-2012-08-04 (13-39-16).txt

Scan type: Full scan (C:\|D:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 352758
Time elapsed: 2 hour(s), 6 minute(s), 58 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:51 AM

Posted 05 August 2012 - 08:26 PM

That looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#11 whatsherface

whatsherface
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:51 AM

Posted 05 August 2012 - 08:47 PM

What would people like me do without people like you? Thank you so much!

P.S. should I run some of those programs regularly?

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:51 AM

Posted 05 August 2012 - 08:52 PM

You're welcome :)

Make sure to run frequent scans with VIPRE and malwarebytes,Other tools can be removed.

#13 amakuchan

amakuchan

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:01:51 PM

Posted 18 August 2014 - 10:50 PM

I have the same problem as whatsherface 
how to solve them
 
can u help me..
 
this is my log report
 
10:28:52.0203 0x0cbc  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
10:29:01.0250 0x0cbc  ============================================================
10:29:01.0250 0x0cbc  Current date / time: 2014/08/19 10:29:01.0250
10:29:01.0250 0x0cbc  SystemInfo:
10:29:01.0250 0x0cbc  
10:29:01.0250 0x0cbc  OS Version: 5.1.2600 ServicePack: 3.0
10:29:01.0250 0x0cbc  Product type: Workstation
10:29:01.0250 0x0cbc  ComputerName: BILLING-9E03D4E
10:29:01.0250 0x0cbc  UserName: Billing
10:29:01.0250 0x0cbc  Windows directory: C:\WINDOWS
10:29:01.0250 0x0cbc  System windows directory: C:\WINDOWS
10:29:01.0250 0x0cbc  Processor architecture: Intel x86
10:29:01.0250 0x0cbc  Number of processors: 2
10:29:01.0250 0x0cbc  Page size: 0x1000
10:29:01.0250 0x0cbc  Boot type: Normal boot
10:29:01.0250 0x0cbc  ============================================================
10:29:02.0921 0x0cbc  KLMD registered as C:\WINDOWS\system32\drivers\32123111.sys
10:29:03.0046 0x0cbc  System UUID: {79EEA6BB-E48F-2D8F-8907-141ADCD88BCA}
10:29:03.0765 0x0cbc  Drive \Device\Harddisk0\DR0 - Size: 0x12A1E0DE00 ( 74.53 Gb ), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
10:29:03.0781 0x0cbc  Drive \Device\Harddisk1\DR1 - Size: 0x9526FBC00 ( 37.29 Gb ), SectorSize: 0x200, Cylinders: 0x1303, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
10:29:03.0796 0x0cbc  ============================================================
10:29:03.0796 0x0cbc  \Device\Harddisk0\DR0:
10:29:03.0796 0x0cbc  MBR partitions:
10:29:03.0796 0x0cbc  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2711637
10:29:03.0812 0x0cbc  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x27116B5, BlocksNum 0x3A962B1
10:29:03.0843 0x0cbc  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x61A79A5, BlocksNum 0x3362C5B
10:29:03.0843 0x0cbc  \Device\Harddisk1\DR1:
10:29:03.0843 0x0cbc  MBR partitions:
10:29:03.0843 0x0cbc  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xD448A3
10:29:03.0859 0x0cbc  \Device\Harddisk1\DR1\Partition2: MBR, Type 0xB, StartLBA 0xD44921, BlocksNum 0x28EFE31
10:29:03.0890 0x0cbc  \Device\Harddisk1\DR1\Partition3: MBR, Type 0xB, StartLBA 0x3634791, BlocksNum 0x145C7B2
10:29:03.0890 0x0cbc  ============================================================
10:29:04.0000 0x0cbc  D: <-> \Device\Harddisk0\DR0\Partition2
10:29:04.0046 0x0cbc  E: <-> \Device\Harddisk0\DR0\Partition3
10:29:04.0093 0x0cbc  C: <-> \Device\Harddisk0\DR0\Partition1
10:29:04.0140 0x0cbc  G: <-> \Device\Harddisk1\DR1\Partition1
10:29:04.0156 0x0cbc  H: <-> \Device\Harddisk1\DR1\Partition2
10:29:04.0187 0x0cbc  I: <-> \Device\Harddisk1\DR1\Partition3
10:29:04.0187 0x0cbc  ============================================================
10:29:04.0187 0x0cbc  Initialize success
10:29:04.0187 0x0cbc  ============================================================
10:29:08.0968 0x0744  ============================================================
10:29:08.0968 0x0744  Scan started
10:29:08.0968 0x0744  Mode: Manual; 
10:29:08.0968 0x0744  ============================================================
10:29:08.0968 0x0744  KSN ping started
10:29:11.0734 0x0744  KSN ping finished: true
10:29:12.0500 0x0744  ================ Scan system memory ========================
10:29:12.0500 0x0744  System memory - ok
10:29:12.0500 0x0744  ================ Scan services =============================
10:29:12.0562 0x0744  Abiosdsk - ok
10:29:12.0562 0x0744  abp480n5 - ok
10:29:12.0593 0x0744  [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
10:29:12.0593 0x0744  ACPI - ok
10:29:12.0687 0x0744  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
10:29:12.0718 0x0744  ACPIEC - ok
10:29:12.0734 0x0744  adpu160m - ok
10:29:12.0765 0x0744  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
10:29:12.0796 0x0744  aec - ok
10:29:12.0828 0x0744  [ 322D0E36693D6E24A2398BEE62A268CD, FB0BFF5846E50DBCC2826639318A6A1DE79EE7DEA2719ED74A5F6F44454E13D0 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
10:29:12.0859 0x0744  AFD - ok
10:29:12.0875 0x0744  Aha154x - ok
10:29:12.0875 0x0744  aic78u2 - ok
10:29:12.0875 0x0744  aic78xx - ok
10:29:12.0890 0x0744  [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
10:29:12.0921 0x0744  Alerter - ok
10:29:12.0937 0x0744  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             C:\WINDOWS\System32\alg.exe
10:29:12.0937 0x0744  ALG - ok
10:29:12.0937 0x0744  AliIde - ok
10:29:13.0046 0x0744  [ 267FC636801EDC5AB28E14036349E3BE, CFEF5DF5F9BE820283376BB86DB3CF6609C02D316A742E17459A2BFA42E724E0 ] Ambfilt         C:\WINDOWS\system32\drivers\Ambfilt.sys
10:29:13.0171 0x0744  Ambfilt - ok
10:29:13.0187 0x0744  amsint - ok
10:29:13.0265 0x0744  [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
10:29:13.0296 0x0744  AntiVirSchedulerService - ok
10:29:13.0328 0x0744  [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
10:29:13.0375 0x0744  AntiVirService - ok
10:29:13.0406 0x0744  [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
10:29:13.0453 0x0744  AppMgmt - ok
10:29:13.0468 0x0744  asc - ok
10:29:13.0468 0x0744  asc3350p - ok
10:29:13.0468 0x0744  asc3550 - ok
10:29:13.0546 0x0744  [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
10:29:13.0593 0x0744  aspnet_state - ok
10:29:13.0625 0x0744  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:29:13.0640 0x0744  AsyncMac - ok
10:29:13.0656 0x0744  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
10:29:13.0656 0x0744  atapi - ok
10:29:13.0671 0x0744  Atdisk - ok
10:29:13.0718 0x0744  [ 1BD87FEC00508DCFC23AF4727BA14333, 3EF55A839D1F98F6BF2D9C37C3ECF145792529A82760A6337C269E64EFED8116 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
10:29:13.0812 0x0744  Ati HotKey Poller - ok
10:29:14.0031 0x0744  [ CAADF7AA3ABC6AFCB3D02B129DE9863A, 5C4FC4D47ECFAA4CA96AC5D4559BBA7EC9221C9081A8B08D3CB49E65C5EEE294 ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
10:29:14.0234 0x0744  ati2mtag - ok
10:29:14.0265 0x0744  [ B2A236DC65E90170A369164384EFB460, BFF7814126AE7833B66DC098186096BFE5AC0E2AFE99AEF435C7628F35319FC0 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdXP3.sys
10:29:14.0296 0x0744  AtiHDAudioService - ok
10:29:14.0328 0x0744  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
10:29:14.0375 0x0744  Atmarpc - ok
10:29:14.0390 0x0744  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
10:29:14.0421 0x0744  AudioSrv - ok
10:29:14.0437 0x0744  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
10:29:14.0484 0x0744  audstub - ok
10:29:14.0500 0x0744  [ B0A63DD71CB0CB597D8BD5C364E73F7C, 572B31F3FC962F50110D42A08CDD0614323E18C213575710CEEFA35EE7CAE8C5 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
10:29:14.0500 0x0744  avgntflt - ok
10:29:14.0531 0x0744  [ 05AF7CBF0BDA1571BBADC36703EB9CA4, 3925AD58053769D317D3CF0DDDF7371B010F2F4C839CF7B44F327AE9D0AB5442 ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
10:29:14.0578 0x0744  avipbb - ok
10:29:14.0609 0x0744  [ A59D07E02A75EDC8FA141470C5EC96C3, A20416444B3C15F85651383F8D40F4F93400B1B78A60174A2AD3A6308836ED93 ] Avira.OE.ServiceHost C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
10:29:14.0703 0x0744  Avira.OE.ServiceHost - ok
10:29:14.0734 0x0744  [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys
10:29:14.0765 0x0744  avkmgr - ok
10:29:14.0781 0x0744  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
10:29:14.0828 0x0744  Beep - ok
10:29:14.0859 0x0744  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            C:\WINDOWS\system32\qmgr.dll
10:29:14.0890 0x0744  BITS - ok
10:29:14.0906 0x0744  [ A06CE3399D16DB864F55FAEB1F1927A9, 3430FA8552D91670D9FB0A921C735ADBE2DA7FF108C199DDEEF2FB2E50713AF3 ] Browser         C:\WINDOWS\System32\browser.dll
10:29:14.0953 0x0744  Browser - ok
10:29:14.0968 0x0744  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
10:29:14.0984 0x0744  cbidf2k - ok
10:29:15.0000 0x0744  cd20xrnt - ok
10:29:15.0015 0x0744  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
10:29:15.0046 0x0744  Cdaudio - ok
10:29:15.0062 0x0744  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
10:29:15.0078 0x0744  Cdfs - ok
10:29:15.0078 0x0744  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
10:29:15.0125 0x0744  Cdrom - ok
10:29:15.0125 0x0744  Changer - ok
10:29:15.0140 0x0744  [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
10:29:15.0187 0x0744  CiSvc - ok
10:29:15.0203 0x0744  [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
10:29:15.0234 0x0744  ClipSrv - ok
10:29:15.0281 0x0744  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:29:15.0312 0x0744  clr_optimization_v2.0.50727_32 - ok
10:29:15.0343 0x0744  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:29:15.0437 0x0744  clr_optimization_v4.0.30319_32 - ok
10:29:15.0453 0x0744  CmdIde - ok
10:29:15.0453 0x0744  COMSysApp - ok
10:29:15.0468 0x0744  Cpqarray - ok
10:29:15.0484 0x0744  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
10:29:15.0515 0x0744  CryptSvc - ok
10:29:15.0515 0x0744  dac2w2k - ok
10:29:15.0531 0x0744  dac960nt - ok
10:29:15.0562 0x0744  [ 2589FE6015A316C0F5D5112B4DA7B509, 2753785BA07A1A7A25E275332F5F9F403F6E8CBF396FD0905D6BA84B98C403A6 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
10:29:15.0593 0x0744  DcomLaunch - ok
10:29:15.0609 0x0744  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
10:29:15.0609 0x0744  Dhcp - ok
10:29:15.0640 0x0744  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
10:29:15.0640 0x0744  Disk - ok
10:29:15.0640 0x0744  dmadmin - ok
10:29:15.0687 0x0744  [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
10:29:15.0781 0x0744  dmboot - ok
10:29:15.0812 0x0744  [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
10:29:15.0812 0x0744  dmio - ok
10:29:15.0828 0x0744  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
10:29:15.0828 0x0744  dmload - ok
10:29:15.0828 0x0744  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        C:\WINDOWS\System32\dmserver.dll
10:29:15.0859 0x0744  dmserver - ok
10:29:15.0890 0x0744  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
10:29:15.0921 0x0744  DMusic - ok
10:29:15.0937 0x0744  [ 474B4DC3983173E4B4C9740B0DAC98A6, C0B1B5B3A87529FFA93BCFCC2BC013A96CAD7F5049ED4D999E8D5D9AC91F95B7 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
10:29:15.0968 0x0744  Dnscache - ok
10:29:15.0984 0x0744  [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
10:29:16.0031 0x0744  Dot3svc - ok
10:29:16.0046 0x0744  dpti2o - ok
10:29:16.0062 0x0744  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
10:29:16.0078 0x0744  drmkaud - ok
10:29:16.0109 0x0744  [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         C:\WINDOWS\System32\eapsvc.dll
10:29:16.0156 0x0744  EapHost - ok
10:29:16.0187 0x0744  [ B92F2B3247F0A99490C1298A1D3D7B4C, ABEF71FE2B6EE12F67F1D29D7977D779BED178B292D57B6850488095CFCBCF33 ] EPSON_EB_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE
10:29:16.0234 0x0744  EPSON_EB_RPCV4_04 - ok
10:29:16.0265 0x0744  [ 651336B99C75FB54E4B5971CF458F9BD, EAE41E576B4C30989B3705C81ECDC0B164216D177C26D4C69EEB67CC153F3D5D ] EPSON_PM_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE
10:29:16.0296 0x0744  EPSON_PM_RPCV4_04 - ok
10:29:16.0312 0x0744  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
10:29:16.0343 0x0744  ERSvc - ok
10:29:16.0359 0x0744  [ 0E776ED5F7CC9F94299E70461B7B8185, 22750B3829133D1D4BB3CE2FA6247BE2373B5D15A6ED1C8A71673AA1CE7D9530 ] Eventlog        C:\WINDOWS\system32\services.exe
10:29:16.0375 0x0744  Eventlog - ok
10:29:16.0390 0x0744  [ 19A799805B24990867B00C120D300C3A, 3C8CB64BE0508B5136D4F4919DA665AB86366EFFFFDD890A9B27E7CE39DCF098 ] EventSystem     C:\WINDOWS\system32\es.dll
10:29:16.0437 0x0744  EventSystem - ok
10:29:16.0468 0x0744  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
10:29:16.0468 0x0744  Fastfat - ok
10:29:16.0500 0x0744  [ 1926899BF9FFE2602B63074971700412, F5C48EDBE5C6507527630B49C95BAA9F1E47EACC5A910F2B9A4528733E81A966 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
10:29:16.0546 0x0744  FastUserSwitchingCompatibility - ok
10:29:16.0562 0x0744  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
10:29:16.0578 0x0744  Fdc - ok
10:29:16.0593 0x0744  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
10:29:16.0625 0x0744  Fips - ok
10:29:16.0625 0x0744  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
10:29:16.0640 0x0744  Flpydisk - ok
10:29:16.0671 0x0744  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys
10:29:16.0687 0x0744  FltMgr - ok
10:29:16.0718 0x0744  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
10:29:16.0750 0x0744  FontCache3.0.0.0 - ok
10:29:16.0765 0x0744  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:29:16.0796 0x0744  Fs_Rec - ok
10:29:16.0812 0x0744  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
10:29:16.0812 0x0744  Ftdisk - ok
10:29:16.0843 0x0744  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
10:29:16.0859 0x0744  Gpc - ok
10:29:16.0890 0x0744  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
10:29:16.0906 0x0744  gupdate - ok
10:29:16.0906 0x0744  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
10:29:16.0906 0x0744  gupdatem - ok
10:29:16.0937 0x0744  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
10:29:16.0953 0x0744  HDAudBus - ok
10:29:17.0000 0x0744  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
10:29:17.0031 0x0744  helpsvc - ok
10:29:17.0031 0x0744  HidServ - ok
10:29:17.0062 0x0744  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
10:29:17.0078 0x0744  hidusb - ok
10:29:17.0109 0x0744  [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
10:29:17.0140 0x0744  hkmsvc - ok
10:29:17.0156 0x0744  hpn - ok
10:29:17.0187 0x0744  [ F6AACF5BCE2893E0C1754AFEB672E5C9, 62A7A70515B5570A649DC30A3A122B1302F6839A63927C8B29EBE04ABA654892 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
10:29:17.0203 0x0744  HTTP - ok
10:29:17.0234 0x0744  [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
10:29:17.0265 0x0744  HTTPFilter - ok
10:29:17.0281 0x0744  i2omgmt - ok
10:29:17.0281 0x0744  i2omp - ok
10:29:17.0312 0x0744  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
10:29:17.0343 0x0744  i8042prt - ok
10:29:17.0437 0x0744  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:29:17.0546 0x0744  idsvc - ok
10:29:17.0562 0x0744  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
10:29:17.0609 0x0744  Imapi - ok
10:29:17.0625 0x0744  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    C:\WINDOWS\system32\imapi.exe
10:29:17.0640 0x0744  ImapiService - ok
10:29:17.0640 0x0744  ini910u - ok
10:29:17.0906 0x0744  [ 5AEE48DFE412821D588D513DB7F50F6B, 7E2D8C953ED5E2612EC85486A4ECC7174FFEA34D46BE8F6866ED051D73D94729 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
10:29:18.0484 0x0744  IntcAzAudAddService - ok
10:29:18.0500 0x0744  IntelIde - ok
10:29:18.0531 0x0744  [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
10:29:18.0531 0x0744  intelppm - ok
10:29:18.0546 0x0744  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
10:29:18.0578 0x0744  Ip6Fw - ok
10:29:18.0609 0x0744  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:29:18.0640 0x0744  IpFilterDriver - ok
10:29:18.0671 0x0744  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
10:29:18.0687 0x0744  IpInIp - ok
10:29:18.0718 0x0744  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
10:29:18.0718 0x0744  IpNat - ok
10:29:18.0734 0x0744  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
10:29:18.0781 0x0744  IPSec - ok
10:29:18.0812 0x0744  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
10:29:18.0828 0x0744  IRENUM - ok
10:29:18.0859 0x0744  [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
10:29:18.0859 0x0744  isapnp - ok
10:29:18.0875 0x0744  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
10:29:18.0890 0x0744  Kbdclass - ok
10:29:18.0906 0x0744  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
10:29:18.0953 0x0744  kmixer - ok
10:29:18.0984 0x0744  [ 1705745D900DABF2D89F90EBADDC7517, FE90589415BDB3BA482D3EBE1A87A7BF1429791E8F18BCB66BF8874631CC8B2C ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
10:29:18.0984 0x0744  KSecDD - ok
10:29:19.0000 0x0744  [ 140F9B777FA84E2F5EEEA5CADC112E53, 2765CC4F0F7CA82A3A54A5F5FFE034CE82E77A49BD61E96F8083DB30FF4AA02F ] L1c             C:\WINDOWS\system32\DRIVERS\l1c51x86.sys
10:29:19.0000 0x0744  L1c - ok
10:29:19.0031 0x0744  [ F385F4B02C535BFFE1D70CAB80838123, A1695E161673BCB77CE150C2D98A07FCB454C53F10EEBECD754D2CC40DEAA1E0 ] LanmanServer    C:\WINDOWS\System32\srvsvc.dll
10:29:19.0046 0x0744  LanmanServer - ok
10:29:19.0078 0x0744  [ 1B67B632786FEF1C1BBAEF46C2F3F2E6, 48A6DB1EC7515F0DDD0639AEE3056F32C273B4D541F3647915A32ABA140DA34A ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
10:29:19.0140 0x0744  lanmanworkstation - ok
10:29:19.0140 0x0744  lbrtfdc - ok
10:29:19.0171 0x0744  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
10:29:19.0203 0x0744  LmHosts - ok
10:29:19.0218 0x0744  [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
10:29:19.0250 0x0744  Messenger - ok
10:29:19.0296 0x0744  [ FAFE367D032ED82E9332B4C741A20216, 7B123766E360570E0FCB211835B7910D6A1806C25A06BCA9227AB9E993376CA8 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
10:29:19.0312 0x0744  Microsoft Office Groove Audit Service - ok
10:29:19.0328 0x0744  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
10:29:19.0359 0x0744  mnmdd - ok
10:29:19.0390 0x0744  [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
10:29:19.0421 0x0744  mnmsrvc - ok
10:29:19.0437 0x0744  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
10:29:19.0453 0x0744  Modem - ok
10:29:19.0531 0x0744  [ C7D9F9717916B34C1B00DD4834AF485C, A9512A03E8142C83534189963F90ADA6FA425BD606928C40C3D724177105A658 ] Monfilt         C:\WINDOWS\system32\drivers\Monfilt.sys
10:29:19.0796 0x0744  Monfilt - ok
10:29:19.0812 0x0744  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
10:29:19.0843 0x0744  Mouclass - ok
10:29:19.0843 0x0744  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
10:29:19.0890 0x0744  mouhid - ok
10:29:19.0906 0x0744  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
10:29:19.0921 0x0744  MountMgr - ok
10:29:19.0937 0x0744  [ B4646E0FB400FF89B83FE8BC27B92D2E, 864CF4AB4D0CFB679BFBF41A4B813B92033879170FDAD0A9D2AECA6291769652 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
10:29:20.0000 0x0744  MozillaMaintenance - ok
10:29:20.0015 0x0744  mraid35x - ok
10:29:20.0031 0x0744  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
10:29:20.0046 0x0744  MRxDAV - ok
10:29:20.0078 0x0744  [ 68755F0FF16070178B54674FE5B847B0, 2FFBCE3A67FA7E30E373624521C602E5510C5565F04381C6C9F961253DA928A6 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:29:20.0109 0x0744  MRxSmb - ok
10:29:20.0125 0x0744  [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
10:29:20.0140 0x0744  MSDTC - ok
10:29:20.0171 0x0744  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
10:29:20.0171 0x0744  Msfs - ok
10:29:20.0171 0x0744  MSIServer - ok
10:29:20.0203 0x0744  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:29:20.0234 0x0744  MSKSSRV - ok
10:29:20.0250 0x0744  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:29:20.0281 0x0744  MSPCLOCK - ok
10:29:20.0296 0x0744  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
10:29:20.0328 0x0744  MSPQM - ok
10:29:20.0343 0x0744  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
10:29:20.0343 0x0744  mssmbios - ok
10:29:20.0359 0x0744  [ 2F625D11385B1A94360BFC70AAEFDEE1, 23E4974120233CF1A7BEE48977706A0A55418699379D1450502ABEB24191AC80 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
10:29:20.0359 0x0744  Mup - ok
10:29:20.0390 0x0744  [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        C:\WINDOWS\System32\qagentrt.dll
10:29:20.0484 0x0744  napagent - ok
10:29:20.0515 0x0744  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
10:29:20.0515 0x0744  NDIS - ok
10:29:20.0531 0x0744  [ 1AB3D00C991AB086E69DB84B6C0ED78F, 1F881FCCF5557C44C078D99CA2DD38D635413D6212DBEDC06A428EDAC7F8B04E ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:29:20.0546 0x0744  NdisTapi - ok
10:29:20.0562 0x0744  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:29:20.0578 0x0744  Ndisuio - ok
10:29:20.0593 0x0744  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:29:20.0625 0x0744  NdisWan - ok
10:29:20.0656 0x0744  [ 6215023940CFD3702B46ABC304E1D45A, C767F3A349B365F6E7566C0738E2F62D8FFF8CB4457347E3614BD403BC6CADCB ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
10:29:20.0687 0x0744  NDProxy - ok
10:29:20.0718 0x0744  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
10:29:20.0718 0x0744  NetBIOS - ok
10:29:20.0734 0x0744  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
10:29:20.0812 0x0744  NetBT - ok
10:29:20.0828 0x0744  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          C:\WINDOWS\system32\netdde.exe
10:29:20.0875 0x0744  NetDDE - ok
10:29:20.0890 0x0744  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
10:29:20.0890 0x0744  NetDDEdsdm - ok
10:29:20.0906 0x0744  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        C:\WINDOWS\system32\lsass.exe
10:29:20.0953 0x0744  Netlogon - ok
10:29:20.0968 0x0744  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          C:\WINDOWS\System32\netman.dll
10:29:20.0968 0x0744  Netman - ok
10:29:21.0000 0x0744  [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:29:21.0046 0x0744  NetTcpPortSharing - ok
10:29:21.0078 0x0744  [ B4138E99236F0F57D4CF49BAE98A0746, DDEAE046C1165C41F06933E808B143118208B02BB83FA80BEF8F550D4DC78149 ] Nla             C:\WINDOWS\System32\mswsock.dll
10:29:21.0093 0x0744  Nla - ok
10:29:21.0109 0x0744  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
10:29:21.0109 0x0744  Npfs - ok
10:29:21.0140 0x0744  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
10:29:21.0156 0x0744  Ntfs - ok
10:29:21.0171 0x0744  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
10:29:21.0171 0x0744  NtLmSsp - ok
10:29:21.0218 0x0744  [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
10:29:21.0265 0x0744  NtmsSvc - ok
10:29:21.0296 0x0744  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
10:29:21.0312 0x0744  Null - ok
10:29:21.0328 0x0744  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
10:29:21.0359 0x0744  NwlnkFlt - ok
10:29:21.0359 0x0744  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
10:29:21.0390 0x0744  NwlnkFwd - ok
10:29:21.0500 0x0744  [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:29:21.0546 0x0744  odserv - ok
10:29:21.0609 0x0744  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:29:21.0656 0x0744  ose - ok
10:29:21.0687 0x0744  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
10:29:21.0718 0x0744  Parport - ok
10:29:21.0734 0x0744  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
10:29:21.0734 0x0744  PartMgr - ok
10:29:21.0781 0x0744  [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
10:29:21.0796 0x0744  ParVdm - ok
10:29:21.0812 0x0744  [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
10:29:21.0812 0x0744  PCI - ok
10:29:21.0812 0x0744  PCIDump - ok
10:29:21.0843 0x0744  [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
10:29:21.0843 0x0744  PCIIde - ok
10:29:21.0875 0x0744  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
10:29:21.0921 0x0744  Pcmcia - ok
10:29:21.0921 0x0744  PDCOMP - ok
10:29:21.0921 0x0744  PDFRAME - ok
10:29:21.0937 0x0744  PDRELI - ok
10:29:21.0937 0x0744  PDRFRAME - ok
10:29:21.0953 0x0744  perc2 - ok
10:29:21.0953 0x0744  perc2hib - ok
10:29:21.0984 0x0744  [ 0E776ED5F7CC9F94299E70461B7B8185, 22750B3829133D1D4BB3CE2FA6247BE2373B5D15A6ED1C8A71673AA1CE7D9530 ] PlugPlay        C:\WINDOWS\system32\services.exe
10:29:21.0984 0x0744  PlugPlay - ok
10:29:22.0000 0x0744  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
10:29:22.0000 0x0744  PolicyAgent - ok
10:29:22.0015 0x0744  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:29:22.0031 0x0744  PptpMiniport - ok
10:29:22.0031 0x0744  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
10:29:22.0046 0x0744  ProtectedStorage - ok
10:29:22.0062 0x0744  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
10:29:22.0093 0x0744  PSched - ok
10:29:22.0109 0x0744  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
10:29:22.0140 0x0744  Ptilink - ok
10:29:22.0140 0x0744  ql1080 - ok
10:29:22.0156 0x0744  Ql10wnt - ok
10:29:22.0156 0x0744  ql12160 - ok
10:29:22.0156 0x0744  ql1240 - ok
10:29:22.0171 0x0744  ql1280 - ok
10:29:22.0187 0x0744  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:29:22.0218 0x0744  RasAcd - ok
10:29:22.0250 0x0744  [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto         C:\WINDOWS\System32\rasauto.dll
10:29:22.0281 0x0744  RasAuto - ok
10:29:22.0296 0x0744  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:29:22.0328 0x0744  Rasl2tp - ok
10:29:22.0375 0x0744  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan          C:\WINDOWS\System32\rasmans.dll
10:29:22.0390 0x0744  RasMan - ok
10:29:22.0406 0x0744  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:29:22.0437 0x0744  RasPppoe - ok
10:29:22.0453 0x0744  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
10:29:22.0484 0x0744  Raspti - ok
10:29:22.0500 0x0744  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:29:22.0515 0x0744  Rdbss - ok
10:29:22.0531 0x0744  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
10:29:22.0562 0x0744  RDPCDD - ok
10:29:22.0593 0x0744  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
10:29:22.0656 0x0744  rdpdr - ok
10:29:22.0718 0x0744  [ 6728E45B66F93C08F11DE2E316FC70DD, EA63ECD4F84CAE08BD2BF843C48AF505B1B9D7B61349A63536C9C6FEBEF23452 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
10:29:22.0750 0x0744  RDPWD - ok
10:29:22.0796 0x0744  [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
10:29:22.0843 0x0744  RDSessMgr - ok
10:29:22.0875 0x0744  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
10:29:22.0906 0x0744  redbook - ok
10:29:22.0937 0x0744  [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
10:29:22.0968 0x0744  RemoteAccess - ok
10:29:23.0000 0x0744  [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
10:29:23.0031 0x0744  RemoteRegistry - ok
10:29:23.0046 0x0744  [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator      C:\WINDOWS\system32\locator.exe
10:29:23.0078 0x0744  RpcLocator - ok
10:29:23.0109 0x0744  [ 2589FE6015A316C0F5D5112B4DA7B509, 2753785BA07A1A7A25E275332F5F9F403F6E8CBF396FD0905D6BA84B98C403A6 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
10:29:23.0125 0x0744  RpcSs - ok
10:29:23.0156 0x0744  [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            C:\WINDOWS\system32\rsvp.exe
10:29:23.0187 0x0744  RSVP - ok
10:29:23.0187 0x0744  [ D507C1400284176573224903819FFDA3, DD0BDB2AB39A8A0A300B6D60FB6A7F5BA08C4DB8F59E0A784FB763EA8AD72AB2 ] rtl8139         C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
10:29:23.0218 0x0744  rtl8139 - ok
10:29:23.0234 0x0744  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs           C:\WINDOWS\system32\lsass.exe
10:29:23.0234 0x0744  SamSs - ok
10:29:23.0375 0x0744  [ AD720D4D463B72C58DA9FF5933723A66, 9686C81C191EFE4B2BA60A9BF75A97B128675A6C4981467B67852FBD8E74B125 ] SBAMSvc         C:\Program Files\Sunbelt Software\VIPRE\SBAMSvc.exe
10:29:23.0593 0x0744  SBAMSvc - ok
10:29:23.0625 0x0744  [ 8FE075898DF6B206D0A5CF0FEB581B5E, 758995EFBC29D9D3C30DD4D84BEE37E3BE6FF49A7DF8625A9342A3CA8D54D341 ] sbaphd          C:\WINDOWS\system32\drivers\sbaphd.sys
10:29:23.0656 0x0744  sbaphd - ok
10:29:23.0671 0x0744  [ 29658F5353D5B73CA514A784E6AAC54E, ADB33EAFE66BB10200695D8BD71385455907E95D7E7EE1FB6B2DB8FA9B7167F9 ] sbapifs         C:\WINDOWS\system32\drivers\sbapifs.sys
10:29:23.0671 0x0744  sbapifs - ok
10:29:23.0718 0x0744  [ 2342F1018886D8B966C3803BD0C535DD, 50EE2C8578753060027DC7018F8C0B45A3F8342C703EDF5AA70250795597BB30 ] SbFw            C:\WINDOWS\system32\drivers\SbFw.sys
10:29:23.0796 0x0744  SbFw - ok
10:29:23.0812 0x0744  [ 12148D9EA75FF7905D973711B2B24E53, 35CA17D519BED0C15FC8CC47FB6A41AA45D6790CAD3CA548B43B68E94A994C88 ] SBFWIMCL        C:\WINDOWS\system32\DRIVERS\sbfwim.sys
10:29:23.0812 0x0744  SBFWIMCL - ok
10:29:23.0828 0x0744  [ 12148D9EA75FF7905D973711B2B24E53, 35CA17D519BED0C15FC8CC47FB6A41AA45D6790CAD3CA548B43B68E94A994C88 ] SBFWIMCLMP      C:\WINDOWS\system32\DRIVERS\SBFWIM.sys
10:29:23.0828 0x0744  SBFWIMCLMP - ok
10:29:23.0859 0x0744  [ F4611243FE224E59E8052A3BAD8BC4C7, 309487D73E7E4CC55064A368B6AD8637DC93B5830D84E499766FC7C97E25A2BF ] sbhips          C:\WINDOWS\system32\drivers\sbhips.sys
10:29:23.0890 0x0744  sbhips - ok
10:29:23.0921 0x0744  [ 9FFBE1A6D3A919D83AD7984DBC012F8C, 9335836C13294FA68CE3B328E9B7E38810007440A1953987CF44251C8865BCCF ] SBPIMSvc        C:\Program Files\Sunbelt Software\VIPRE\SBPIMSvc.exe
10:29:23.0953 0x0744  SBPIMSvc - ok
10:29:23.0984 0x0744  [ C1AE5D1F53285D79A0B73A62AF20734F, B3690E063F3C4D8545CD8A3576E78938BC9BC607365B3D91BB5C490C20CC9B85 ] SBRE            C:\WINDOWS\system32\drivers\SBREDrv.sys
10:29:24.0015 0x0744  SBRE - ok
10:29:24.0046 0x0744  [ EB6AE9F7FC9E42D993EB30B2F382BF46, 1ACFA3EFB997C0DE49A26DE0A8C770930588EC6B72A05EF087CBEC32ED9396DD ] SbTis           C:\WINDOWS\system32\drivers\sbtis.sys
10:29:24.0093 0x0744  SbTis - ok
10:29:24.0125 0x0744  [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
10:29:24.0156 0x0744  SCardSvr - ok
10:29:24.0187 0x0744  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
10:29:24.0250 0x0744  Schedule - ok
10:29:24.0265 0x0744  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
10:29:24.0312 0x0744  Secdrv - ok
10:29:24.0328 0x0744  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon        C:\WINDOWS\System32\seclogon.dll
10:29:24.0375 0x0744  seclogon - ok
10:29:24.0390 0x0744  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS            C:\WINDOWS\system32\sens.dll
10:29:24.0421 0x0744  SENS - ok
10:29:24.0437 0x0744  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
10:29:24.0468 0x0744  serenum - ok
10:29:24.0484 0x0744  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
10:29:24.0515 0x0744  Serial - ok
10:29:24.0546 0x0744  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
10:29:24.0578 0x0744  Sfloppy - ok
10:29:24.0609 0x0744  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
10:29:24.0625 0x0744  SharedAccess - ok
10:29:24.0656 0x0744  [ 1926899BF9FFE2602B63074971700412, F5C48EDBE5C6507527630B49C95BAA9F1E47EACC5A910F2B9A4528733E81A966 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
10:29:24.0656 0x0744  ShellHWDetection - ok
10:29:24.0671 0x0744  Simbad - ok
10:29:24.0671 0x0744  Sparrow - ok
10:29:24.0703 0x0744  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
10:29:24.0734 0x0744  splitter - ok
10:29:24.0765 0x0744  [ D8E14A61ACC1D4A6CD0D38AEBAC7FA3B, 130D686A220AF97EBF33DD481B79990F259B4EE38DD95A35CD3D0F0517790FF0 ] Spooler         C:\WINDOWS\system32\spoolsv.exe
10:29:24.0765 0x0744  Spooler - ok
10:29:24.0781 0x0744  [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
10:29:24.0812 0x0744  sr - ok
10:29:24.0843 0x0744  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice       C:\WINDOWS\system32\srsvc.dll
10:29:24.0906 0x0744  srservice - ok
10:29:24.0937 0x0744  [ 5252605079810904E31C332E241CD59B, 039DD965DE2137219168F95CA3BF1CA7353957026BDD0481F7964E2578DF2128 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
10:29:24.0953 0x0744  Srv - ok
10:29:24.0984 0x0744  [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
10:29:24.0984 0x0744  SSDPSRV - ok
10:29:25.0000 0x0744  [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv          C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
10:29:25.0062 0x0744  ssmdrv - ok
10:29:25.0093 0x0744  [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
10:29:25.0140 0x0744  stisvc - ok
10:29:25.0156 0x0744  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
10:29:25.0187 0x0744  swenum - ok
10:29:25.0203 0x0744  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
10:29:25.0234 0x0744  swmidi - ok
10:29:25.0234 0x0744  SwPrv - ok
10:29:25.0250 0x0744  symc810 - ok
10:29:25.0250 0x0744  symc8xx - ok
10:29:25.0265 0x0744  sym_hi - ok
10:29:25.0265 0x0744  sym_u3 - ok
10:29:25.0296 0x0744  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
10:29:25.0328 0x0744  sysaudio - ok
10:29:25.0343 0x0744  [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
10:29:25.0406 0x0744  SysmonLog - ok
10:29:25.0437 0x0744  [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
10:29:25.0468 0x0744  TapiSrv - ok
10:29:25.0500 0x0744  [ 93EA8D04EC73A85DB02EB8805988F733, 013008E23F5F14E0C836C28524D1181759BAF84530C6331163882A772217F398 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:29:25.0593 0x0744  Tcpip - ok
10:29:25.0609 0x0744  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
10:29:25.0640 0x0744  TDPIPE - ok
10:29:25.0640 0x0744  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
10:29:25.0671 0x0744  TDTCP - ok
10:29:25.0687 0x0744  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
10:29:25.0718 0x0744  TermDD - ok
10:29:25.0750 0x0744  [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService     C:\WINDOWS\System32\termsrv.dll
10:29:25.0765 0x0744  TermService - ok
10:29:25.0796 0x0744  [ 1926899BF9FFE2602B63074971700412, F5C48EDBE5C6507527630B49C95BAA9F1E47EACC5A910F2B9A4528733E81A966 ] Themes          C:\WINDOWS\System32\shsvcs.dll
10:29:25.0796 0x0744  Themes - ok
10:29:25.0828 0x0744  [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
10:29:25.0906 0x0744  TlntSvr - ok
10:29:25.0906 0x0744  TosIde - ok
10:29:25.0921 0x0744  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
10:29:25.0953 0x0744  TrkWks - ok
10:29:25.0968 0x0744  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
10:29:26.0015 0x0744  Udfs - ok
10:29:26.0015 0x0744  ultra - ok
10:29:26.0062 0x0744  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
10:29:26.0140 0x0744  Update - ok
10:29:26.0156 0x0744  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost        C:\WINDOWS\System32\upnphost.dll
10:29:26.0187 0x0744  upnphost - ok
10:29:26.0203 0x0744  [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS             C:\WINDOWS\System32\ups.exe
10:29:26.0250 0x0744  UPS - ok
10:29:26.0250 0x0744  [ 65DCF09D0E37D4C6B11B5B0B76D470A7, 90EBA8BAF45932B453D905EDF2BDDDF3A432BFD50B9F7DF58CDEAE98D11C2E2F ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
10:29:26.0281 0x0744  usbehci - ok
10:29:26.0296 0x0744  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
10:29:26.0328 0x0744  usbhub - ok
10:29:26.0343 0x0744  [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
10:29:26.0375 0x0744  usbprint - ok
10:29:26.0390 0x0744  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
10:29:26.0421 0x0744  USBSTOR - ok
10:29:26.0437 0x0744  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
10:29:26.0468 0x0744  usbuhci - ok
10:29:26.0484 0x0744  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
10:29:26.0515 0x0744  VgaSave - ok
10:29:26.0531 0x0744  ViaIde - ok
10:29:26.0546 0x0744  [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
10:29:26.0546 0x0744  VolSnap - ok
10:29:26.0562 0x0744  [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS             C:\WINDOWS\System32\vssvc.exe
10:29:26.0625 0x0744  VSS - ok
10:29:26.0640 0x0744  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time         C:\WINDOWS\system32\w32time.dll
10:29:26.0687 0x0744  W32Time - ok
10:29:26.0718 0x0744  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:29:26.0750 0x0744  Wanarp - ok
10:29:26.0765 0x0744  WDICA - ok
10:29:26.0781 0x0744  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
10:29:26.0812 0x0744  wdmaud - ok
10:29:26.0843 0x0744  [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient       C:\WINDOWS\System32\webclnt.dll
10:29:26.0875 0x0744  WebClient - ok
10:29:26.0937 0x0744  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
10:29:27.0000 0x0744  winmgmt - ok
10:29:27.0046 0x0744  [ C7E39EA41233E9F5B86C8DA3A9F1E4A8, 98C21DEEB7124426D749FACDAD06EBD7F500AE5C465A98D558919C2A51C08554 ] WmdmPmSN        C:\WINDOWS\system32\mspmsnsv.dll
10:29:27.0078 0x0744  WmdmPmSN - ok
10:29:27.0109 0x0744  [ BAB489A5FE26F2D0C910CF7AF7E4CF92, 700325258CA7A2BC2D7AA6E3176194D21229BEA76EA37BEAE117BBF87CE4ECD4 ] Wmi             C:\WINDOWS\System32\advapi32.dll
10:29:27.0140 0x0744  Wmi - ok
10:29:27.0203 0x0744  [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
10:29:27.0250 0x0744  WmiApSrv - ok
10:29:27.0312 0x0744  [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:29:27.0359 0x0744  WPFFontCache_v0400 - ok
10:29:27.0390 0x0744  [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
10:29:27.0421 0x0744  wscsvc - ok
10:29:27.0437 0x0744  [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
10:29:27.0484 0x0744  wuauserv - ok
10:29:27.0531 0x0744  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
10:29:27.0546 0x0744  WZCSVC - ok
10:29:27.0562 0x0744  [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
10:29:27.0625 0x0744  xmlprov - ok
10:29:27.0625 0x0744  ================ Scan global ===============================
10:29:27.0656 0x0744  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
10:29:27.0750 0x0744  [ 1618F36D4F7F6CCCEB3EE44BA95BE85C, 1ED920E475221228EF215708701EC166A0B1BBCBD236E5B047420EBD0FF1371A ] C:\WINDOWS\system32\winsrv.dll
10:29:27.0859 0x0744  [ 1618F36D4F7F6CCCEB3EE44BA95BE85C, 1ED920E475221228EF215708701EC166A0B1BBCBD236E5B047420EBD0FF1371A ] C:\WINDOWS\system32\winsrv.dll
10:29:27.0890 0x0744  [ 0E776ED5F7CC9F94299E70461B7B8185, 22750B3829133D1D4BB3CE2FA6247BE2373B5D15A6ED1C8A71673AA1CE7D9530 ] C:\WINDOWS\system32\services.exe
10:29:27.0890 0x0744  [ Global ] - ok
10:29:27.0890 0x0744  ================ Scan MBR ==================================
10:29:27.0906 0x0744  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
10:29:28.0328 0x0744  \Device\Harddisk0\DR0 - ok
10:29:28.0328 0x0744  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
10:29:28.0343 0x0744  \Device\Harddisk1\DR1 - ok
10:29:28.0343 0x0744  ================ Scan VBR ==================================
10:29:28.0343 0x0744  [ 1F12A69D6ABC9713D1BFCB1A23AF58C4 ] \Device\Harddisk0\DR0\Partition1
10:29:28.0343 0x0744  \Device\Harddisk0\DR0\Partition1 - ok
10:29:28.0343 0x0744  [ B5F81AD9CFD4482300B951EF97E7D603 ] \Device\Harddisk0\DR0\Partition2
10:29:28.0343 0x0744  \Device\Harddisk0\DR0\Partition2 - ok
10:29:28.0375 0x0744  [ 4DCB46EB03F2E0FCF6E39B6DEA909119 ] \Device\Harddisk0\DR0\Partition3
10:29:28.0375 0x0744  \Device\Harddisk0\DR0\Partition3 - ok
10:29:28.0375 0x0744  [ 103EA75A51D7784864E95C5227BCE62C ] \Device\Harddisk1\DR1\Partition1
10:29:28.0375 0x0744  \Device\Harddisk1\DR1\Partition1 - ok
10:29:28.0375 0x0744  [ 0118F455D7AB7676AF71ED3AC53F5B03 ] \Device\Harddisk1\DR1\Partition2
10:29:28.0390 0x0744  \Device\Harddisk1\DR1\Partition2 - ok
10:29:28.0390 0x0744  [ 17BE46B454646950666159EF1FC85509 ] \Device\Harddisk1\DR1\Partition3
10:29:28.0390 0x0744  \Device\Harddisk1\DR1\Partition3 - ok
10:29:28.0390 0x0744  ================ Scan generic autorun ======================
10:29:28.0437 0x0744  [ 7BBE4CF421AECC7F0226EDD75F12079F, 8E78FC5E0657DB066F9EBAADEA9AFECB1AAA570DD9C08C7ED42116704D2E379D ] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE
10:29:28.0515 0x0744  IMJPMIG8.1 - ok
10:29:28.0562 0x0744  [ 024DC0F68DF5FD6AE9DD82DFBAF479D6, FDBF0FD05CFB757C704B22703DF23E05207F14877A4EF52E3032012B6FD0C4E0 ] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
10:29:28.0656 0x0744  PHIME2002ASync - ok
10:29:28.0671 0x0744  [ 024DC0F68DF5FD6AE9DD82DFBAF479D6, FDBF0FD05CFB757C704B22703DF23E05207F14877A4EF52E3032012B6FD0C4E0 ] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
10:29:28.0687 0x0744  PHIME2002A - ok
10:29:28.0703 0x0744  [ 38D198A2DD54A67120040566A38103BA, 01604BD91A5B2C0DDC7B52036511F8219952626716E75979D8464F2C56BA0114 ] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
10:29:28.0703 0x0744  GrooveMonitor - ok
10:29:28.0750 0x0744  [ D3B5015D8AE7B02284E94EA13CCBC41A, 625F2450D5ADF0C0EEDCF9F96360814D4B96304158FAF6792E42893DFEB2A671 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
10:29:28.0781 0x0744  StartCCC - ok
10:29:29.0671 0x0744  [ 529ABF7BC07F5688EF22B8F7FE2C76BF, 7EEBCFE1F77F80600073D7812AEB7AB9C66C0E2A042C4F5F3812C91704F7A12E ] C:\WINDOWS\RTHDCPL.EXE
10:29:30.0828 0x0744  RTHDCPL - ok
10:29:30.0890 0x0744  WinServ - ok
10:29:30.0968 0x0744  [ 2AA5DD75EA1281432C40D22B5FD87D3A, 9868D4176C8F08EB72B0B992D3E2A480C587930CA025B4FDF3212F99B79C3017 ] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
10:29:31.0046 0x0744  avgnt - ok
10:29:31.0109 0x0744  [ DD84E59C944632525A79FD8F6F0E4C96, DB1021B03DACC015D3BF98B05AE4AF578D002336821155E88A7A31CC52B6CF1C ] C:\Program Files\Sunbelt Software\VIPRE\SBAMTray.exe
10:29:31.0265 0x0744  SBAMTray - ok
10:29:31.0265 0x0744  WinUpdate - ok
10:29:31.0296 0x0744  [ 51DAD159BD771681B67593B9B8289A45, 40A7277819C2D7BCA10D22DC2F443F986DF04E777D3A4A0C89CC0991B020607C ] C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
10:29:31.0328 0x0744  Avira Systray - ok
10:29:31.0343 0x0744  [ CC34849D63619D8D6C8ADC144F2C71A4, 4E86AEC78F006F31196643F38DFF45B9135E0C994FB1A7E14273D7867CC70F91 ] C:\Program Files\Sunbelt Software\VIPRE\SBRC.exe
10:29:31.0390 0x0744  SBRegRebootCleaner - ok
10:29:31.0406 0x0744  [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\CTFMON.EXE
10:29:31.0437 0x0744  CTFMON.EXE - ok
10:29:31.0437 0x0744  nltide_2 - ok
10:29:31.0453 0x0744  [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\CTFMON.EXE
10:29:31.0453 0x0744  CTFMON.EXE - ok
10:29:31.0453 0x0744  nltide_2 - ok
10:29:31.0453 0x0744  [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe
10:29:31.0453 0x0744  CTFMON.EXE - ok
10:29:31.0500 0x0744  [ C59C2E8A24E556C84C26EF5F972DFD44, 4BC6E5595F50E9E94914FFB51C8288AF30894D98B6F2D7899497781A48CC1E78 ] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGEI.EXE
10:29:31.0515 0x0744  EPSON T13 T22E Series - ok
10:29:31.0515 0x0744  Userinet - ok
10:29:31.0515 0x0744  Waiting for KSN requests completion. In queue: 184
10:29:32.0515 0x0744  Waiting for KSN requests completion. In queue: 184
10:29:33.0515 0x0744  Waiting for KSN requests completion. In queue: 184
10:29:34.0515 0x0744  Waiting for KSN requests completion. In queue: 184
10:29:35.0546 0x0744  AV detected via SS1: Avira Desktop, 14.0.6.522, enabled, updated
10:29:35.0546 0x0744  AV detected via SS1: Sunbelt VIPRE, 4.0.3904, enabled, updated
10:29:35.0546 0x0744  FW detected via SS1: Sunbelt VIPRE, 4.0.3904, disabled
10:29:35.0546 0x0744  Win FW state via NFM: disabled
10:29:38.0265 0x0744  ============================================================
10:29:38.0265 0x0744  Scan finished
10:29:38.0265 0x0744  ============================================================
10:29:38.0281 0x0fc4  Detected object count: 0
10:29:38.0281 0x0fc4  Actual detected object count: 0
 
 
aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-08-19 10:34:35
-----------------------------
10:34:35.140    OS Version: Windows 5.1.2600 Service Pack 3
10:34:35.140    Number of processors: 2 586 0x170A
10:34:35.140    ComputerName: BILLING-9E03D4E  UserName: Billing
10:34:35.968    Initialize success
10:34:36.062    VM: initialized successfully
10:34:36.078    VM: Intel CPU virtualization not supported 
10:35:00.437    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
10:35:00.437    Disk 0 Vendor: WDC_WD800BD-22MRA1 10.01E01 Size: 76318MB BusType: 3
10:35:00.437    Disk 1  \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T1L0-17
10:35:00.437    Disk 1 Vendor: MAXTOR_4K040H2 A08.1500 Size: 38182MB BusType: 3
10:35:00.500    Disk 0 MBR read successfully
10:35:00.500    Disk 0 MBR scan
10:35:00.515    Disk 0 Windows XP default MBR code
10:35:00.515    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS        20002 MB offset 63
10:35:00.515    Disk 0 default boot code
10:35:00.515    Disk 0 Partition - 00     0F Extended LBA             56305 MB offset 40965750
10:35:00.531    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS        29996 MB offset 40965813
10:35:00.546    Disk 0 Partition - 00     05     Extended             26309 MB offset 102398310
10:35:00.562    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        26309 MB offset 102398373
10:35:00.562    Disk 0 scanning sectors +156280320
10:35:00.671    Disk 0 scanning C:\WINDOWS\system32\drivers
10:35:06.000    Service scanning
10:35:19.750    Modules scanning
10:35:38.562    Disk 0 trace - called modules:
10:35:38.578    ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS 
10:35:38.578    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x89d9aab8]
10:35:38.578    3 CLASSPNP.SYS[f74c7fd7] -> nt!IofCallDriver -> \Device\00000062[0x89e44b78]
10:35:38.578    5 ACPI.sys[f735e620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x89e29940]
10:35:38.578    Scan finished successfully
10:36:33.187    Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Billing\My Documents\My Pictures\MBR.dat"
10:36:33.203    The log file has been saved successfully to "C:\Documents and Settings\Billing\My Documents\My Pictures\aswMBR.txt"
 
 
 
 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users