Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Recently infected with the FBI. Got access to my computer again, but it seems like a lot of stuff remains.


  • Please log in to reply
9 replies to this topic

#1 WinchesterD

WinchesterD

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:03 PM

Posted 03 August 2012 - 11:19 AM

I managed to get my computer back into "working" order from having had the FBI ransomeware(I guess that is what it is called) but now I can't access google anymore. When I was able to it redirected me. I have been getting some BSOD as well, latest being "Paged fault in non paged area". I have tried running Malwarebytes, but I would either BSOD before it finished or it wouldn't find anything. Earlier I was having issues running anything in administrator. It was showing "Thread could not be created" with a missing .exe file. I tried running command prompt in admin as well, but was met with the thread error basing cmd.exe as the issue.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:03 PM

Posted 03 August 2012 - 01:04 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 WinchesterD

WinchesterD
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:03 PM

Posted 03 August 2012 - 07:06 PM

Just finished the last scan moments ago. I'll try to make each log distinguishable. Thank you very much for taking the time to assist me.


ESET

C:\TDSSKiller_Quarantine\03.08.2012_13.47.21\mbr0000\tdlfs0000\tsk0001.dta Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\03.08.2012_13.47.21\mbr0000\tdlfs0000\tsk0002.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\03.08.2012_13.47.21\mbr0000\tdlfs0000\tsk0003.dta Win32/Olmarik.AYH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\03.08.2012_13.47.21\mbr0000\tdlfs0000\tsk0004.dta Win64/Olmarik.AL trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\03.08.2012_13.47.21\mbr0000\tdlfs0000\tsk0005.dta a variant of Win32/Rootkit.Kryptik.NH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\03.08.2012_13.47.21\mbr0000\tdlfs0000\tsk0006.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\03.08.2012_13.47.21\mbr0000\tdlfs0000\tsk0010.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\03.08.2012_13.47.21\mbr0000\tdlfs0000\tsk0011.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
E:\I386\APPS\APP19117\src\CompaqPresario_Spring06.exe a variant of Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined
E:\I386\APPS\APP19117\src\HPPavillion_Spring06.exe a variant of Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined


TDSS K

13:47:21.0465 0356 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
13:47:21.0783 0356 ============================================================
13:47:21.0783 0356 Current date / time: 2012/08/03 13:47:21.0783
13:47:21.0783 0356 SystemInfo:
13:47:21.0783 0356
13:47:21.0783 0356 OS Version: 6.1.7601 ServicePack: 1.0
13:47:21.0783 0356 Product type: Workstation
13:47:21.0783 0356 ComputerName: TESTTICKLES-PC
13:47:21.0784 0356 UserName: Testtickles
13:47:21.0784 0356 Windows directory: C:\Windows
13:47:21.0784 0356 System windows directory: C:\Windows
13:47:21.0784 0356 Processor architecture: Intel x86
13:47:21.0784 0356 Number of processors: 3
13:47:21.0784 0356 Page size: 0x1000
13:47:21.0784 0356 Boot type: Normal boot
13:47:21.0784 0356 ============================================================
13:47:23.0007 0356 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:47:23.0016 0356 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:47:23.0018 0356 Drive \Device\Harddisk2\DR2 - Size: 0x4A85D55E00 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:47:26.0568 0356 ============================================================
13:47:26.0569 0356 \Device\Harddisk1\DR1:
13:47:26.0569 0356 MBR partitions:
13:47:26.0569 0356 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1C01247F
13:47:26.0569 0356 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x1C01637F, BlocksNum 0x11AE202
13:47:26.0569 0356 \Device\Harddisk0\DR0:
13:47:26.0569 0356 MBR partitions:
13:47:26.0569 0356 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
13:47:26.0569 0356 \Device\Harddisk2\DR2:
13:47:26.0571 0356 MBR partitions:
13:47:26.0571 0356 ============================================================
13:47:26.0580 0356 C: <-> \Device\Harddisk1\DR1\Partition0
13:47:26.0593 0356 D: <-> \Device\Harddisk0\DR0\Partition0
13:47:26.0617 0356 E: <-> \Device\Harddisk1\DR1\Partition1
13:47:26.0617 0356 ============================================================
13:47:26.0617 0356 Initialize success
13:47:26.0617 0356 ============================================================
13:47:37.0027 6024 ============================================================
13:47:37.0027 6024 Scan started
13:47:37.0027 6024 Mode: Manual; TDLFS;
13:47:37.0027 6024 ============================================================
13:47:39.0049 6024 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
13:47:39.0060 6024 1394ohci - ok
13:47:39.0121 6024 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
13:47:39.0128 6024 ACPI - ok
13:47:39.0154 6024 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
13:47:39.0156 6024 AcpiPmi - ok
13:47:39.0207 6024 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\drivers\adp94xx.sys
13:47:39.0228 6024 adp94xx - ok
13:47:39.0283 6024 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\drivers\adpahci.sys
13:47:39.0296 6024 adpahci - ok
13:47:39.0308 6024 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\drivers\adpu320.sys
13:47:39.0311 6024 adpu320 - ok
13:47:39.0381 6024 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
13:47:39.0384 6024 AeLookupSvc - ok
13:47:39.0454 6024 AFD (1151fd4fb0216cfed887bfde29ebd516) C:\Windows\system32\drivers\afd.sys
13:47:39.0468 6024 AFD - ok
13:47:39.0480 6024 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
13:47:39.0483 6024 agp440 - ok
13:47:39.0537 6024 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\drivers\djsvs.sys
13:47:39.0540 6024 aic78xx - ok
13:47:39.0612 6024 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
13:47:39.0615 6024 ALG - ok
13:47:39.0657 6024 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
13:47:39.0659 6024 aliide - ok
13:47:39.0733 6024 AMD External Events Utility (b90a4332cf4c6580c845266a656de4ab) C:\Windows\system32\atiesrxx.exe
13:47:39.0750 6024 AMD External Events Utility - ok
13:47:39.0861 6024 AMD FUEL Service - ok
13:47:39.0905 6024 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
13:47:39.0920 6024 amdagp - ok
13:47:39.0954 6024 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
13:47:39.0956 6024 amdide - ok
13:47:39.0986 6024 amdiox86 (ff258424f0b2ef25eb98f04ee386e6e3) C:\Windows\system32\DRIVERS\amdiox86.sys
13:47:39.0989 6024 amdiox86 - ok
13:47:40.0017 6024 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\drivers\amdk8.sys
13:47:40.0039 6024 AmdK8 - ok
13:47:40.0776 6024 amdkmdag (7844984a5e1e6f18d93af9e9bcc65436) C:\Windows\system32\DRIVERS\atikmdag.sys
13:47:40.0990 6024 amdkmdag - ok
13:47:41.0529 6024 amdkmdap (202def509d76105b08741d36c3a7e4d7) C:\Windows\system32\DRIVERS\atikmpag.sys
13:47:41.0544 6024 amdkmdap - ok
13:47:41.0650 6024 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
13:47:41.0653 6024 AmdPPM - ok
13:47:41.0700 6024 amdsata (e7f4d42d8076ec60e21715cd11743a0d) C:\Windows\system32\drivers\amdsata.sys
13:47:41.0703 6024 amdsata - ok
13:47:41.0725 6024 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\drivers\amdsbs.sys
13:47:41.0732 6024 amdsbs - ok
13:47:41.0737 6024 amdxata (146459d2b08bfdcbfa856d9947043c81) C:\Windows\system32\drivers\amdxata.sys
13:47:41.0738 6024 amdxata - ok
13:47:41.0897 6024 AODDriver4.1 (40c15ce1b832b78cc2a2f61807058763) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys
13:47:41.0900 6024 AODDriver4.1 - ok
13:47:41.0929 6024 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
13:47:41.0931 6024 AppID - ok
13:47:42.0014 6024 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
13:47:42.0017 6024 AppIDSvc - ok
13:47:42.0053 6024 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
13:47:42.0055 6024 Appinfo - ok
13:47:42.0108 6024 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\drivers\arc.sys
13:47:42.0111 6024 arc - ok
13:47:42.0126 6024 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\drivers\arcsas.sys
13:47:42.0133 6024 arcsas - ok
13:47:42.0155 6024 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
13:47:42.0156 6024 AsyncMac - ok
13:47:42.0184 6024 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
13:47:42.0184 6024 atapi - ok
13:47:42.0265 6024 AtiHDAudioService (6adc42cf4a6ab84975ca63dccfaaf5d8) C:\Windows\system32\drivers\AtihdW73.sys
13:47:42.0270 6024 AtiHDAudioService - ok
13:47:42.0701 6024 atikmdag (7844984a5e1e6f18d93af9e9bcc65436) C:\Windows\system32\DRIVERS\atikmdag.sys
13:47:42.0736 6024 atikmdag - ok
13:47:43.0147 6024 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
13:47:43.0184 6024 AudioEndpointBuilder - ok
13:47:43.0199 6024 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
13:47:43.0205 6024 Audiosrv - ok
13:47:43.0228 6024 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
13:47:43.0235 6024 AxInstSV - ok
13:47:43.0397 6024 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\drivers\bxvbdx.sys
13:47:43.0415 6024 b06bdrv - ok
13:47:43.0491 6024 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
13:47:43.0508 6024 b57nd60x - ok
13:47:43.0593 6024 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
13:47:43.0597 6024 BDESVC - ok
13:47:43.0619 6024 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
13:47:43.0621 6024 Beep - ok
13:47:43.0661 6024 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
13:47:43.0675 6024 BFE - ok
13:47:43.0746 6024 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
13:47:43.0770 6024 BITS - ok
13:47:43.0792 6024 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
13:47:43.0793 6024 blbdrive - ok
13:47:43.0799 6024 bowser (fcafaef6798d7b51ff029f99a9898961) C:\Windows\system32\DRIVERS\bowser.sys
13:47:43.0800 6024 bowser - ok
13:47:43.0804 6024 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\BrFiltLo.sys
13:47:43.0805 6024 BrFiltLo - ok
13:47:43.0832 6024 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\BrFiltUp.sys
13:47:43.0833 6024 BrFiltUp - ok
13:47:43.0876 6024 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
13:47:43.0882 6024 Browser - ok
13:47:43.0919 6024 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
13:47:43.0931 6024 Brserid - ok
13:47:43.0937 6024 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
13:47:43.0939 6024 BrSerWdm - ok
13:47:43.0943 6024 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:47:43.0944 6024 BrUsbMdm - ok
13:47:43.0948 6024 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
13:47:43.0949 6024 BrUsbSer - ok
13:47:43.0955 6024 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\drivers\bthmodem.sys
13:47:43.0957 6024 BTHMODEM - ok
13:47:43.0995 6024 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
13:47:43.0996 6024 bthserv - ok
13:47:44.0030 6024 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
13:47:44.0032 6024 cdfs - ok
13:47:44.0084 6024 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
13:47:44.0092 6024 cdrom - ok
13:47:44.0138 6024 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
13:47:44.0141 6024 CertPropSvc - ok
13:47:44.0171 6024 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\drivers\circlass.sys
13:47:44.0173 6024 circlass - ok
13:47:44.0237 6024 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
13:47:44.0252 6024 CLFS - ok
13:47:44.0486 6024 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:47:44.0490 6024 clr_optimization_v2.0.50727_32 - ok
13:47:44.0530 6024 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\drivers\CmBatt.sys
13:47:44.0532 6024 CmBatt - ok
13:47:44.0540 6024 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
13:47:44.0542 6024 cmdide - ok
13:47:44.0574 6024 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
13:47:44.0580 6024 CNG - ok
13:47:44.0594 6024 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\drivers\compbatt.sys
13:47:44.0596 6024 Compbatt - ok
13:47:44.0629 6024 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\DRIVERS\CompositeBus.sys
13:47:44.0631 6024 CompositeBus - ok
13:47:44.0669 6024 COMSysApp - ok
13:47:44.0698 6024 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\drivers\crcdisk.sys
13:47:44.0706 6024 crcdisk - ok
13:47:44.0742 6024 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll
13:47:44.0755 6024 CryptSvc - ok
13:47:44.0827 6024 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
13:47:44.0841 6024 DcomLaunch - ok
13:47:44.0883 6024 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
13:47:44.0896 6024 defragsvc - ok
13:47:44.0927 6024 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
13:47:44.0930 6024 DfsC - ok
13:47:44.0997 6024 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
13:47:45.0012 6024 Dhcp - ok
13:47:45.0021 6024 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
13:47:45.0023 6024 discache - ok
13:47:45.0105 6024 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\drivers\disk.sys
13:47:45.0107 6024 Disk - ok
13:47:45.0151 6024 Dnscache (2fe30d71919c51131405797620e0a714) C:\Windows\System32\dnsrslvr.dll
13:47:45.0162 6024 Dnscache - ok
13:47:45.0189 6024 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
13:47:45.0199 6024 dot3svc - ok
13:47:45.0229 6024 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
13:47:45.0239 6024 DPS - ok
13:47:45.0298 6024 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
13:47:45.0300 6024 drmkaud - ok
13:47:45.0359 6024 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
13:47:45.0385 6024 DXGKrnl - ok
13:47:45.0482 6024 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
13:47:45.0504 6024 EapHost - ok
13:47:45.0757 6024 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\drivers\evbdx.sys
13:47:45.0878 6024 ebdrv - ok
13:47:46.0244 6024 EFS (f42309c4191c506b71db5d1126d26318) C:\Windows\System32\lsass.exe
13:47:46.0249 6024 EFS - ok
13:47:46.0383 6024 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
13:47:46.0430 6024 ehRecvr - ok
13:47:46.0445 6024 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
13:47:46.0447 6024 ehSched - ok
13:47:46.0649 6024 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\drivers\elxstor.sys
13:47:46.0683 6024 elxstor - ok
13:47:46.0711 6024 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
13:47:46.0713 6024 ErrDev - ok
13:47:46.0803 6024 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
13:47:46.0835 6024 EventSystem - ok
13:47:46.0892 6024 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
13:47:46.0904 6024 exfat - ok
13:47:46.0918 6024 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
13:47:46.0932 6024 fastfat - ok
13:47:47.0012 6024 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
13:47:47.0027 6024 Fax - ok
13:47:47.0052 6024 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\drivers\fdc.sys
13:47:47.0053 6024 fdc - ok
13:47:47.0079 6024 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
13:47:47.0080 6024 fdPHost - ok
13:47:47.0095 6024 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
13:47:47.0097 6024 FDResPub - ok
13:47:47.0104 6024 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
13:47:47.0105 6024 FileInfo - ok
13:47:47.0110 6024 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
13:47:47.0111 6024 Filetrace - ok
13:47:47.0115 6024 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\drivers\flpydisk.sys
13:47:47.0117 6024 flpydisk - ok
13:47:47.0182 6024 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
13:47:47.0195 6024 FltMgr - ok
13:47:47.0263 6024 FontCache (fa6c66e4364d7da57aade5dcc03bb999) C:\Windows\system32\FntCache.dll
13:47:47.0283 6024 FontCache - ok
13:47:47.0391 6024 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:47:47.0393 6024 FontCache3.0.0.0 - ok
13:47:47.0432 6024 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
13:47:47.0434 6024 FsDepends - ok
13:47:47.0443 6024 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
13:47:47.0445 6024 Fs_Rec - ok
13:47:47.0483 6024 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
13:47:47.0503 6024 fvevol - ok
13:47:47.0555 6024 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\drivers\gagp30kx.sys
13:47:47.0558 6024 gagp30kx - ok
13:47:47.0597 6024 gdrv - ok
13:47:47.0689 6024 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
13:47:47.0716 6024 gpsvc - ok
13:47:47.0724 6024 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
13:47:47.0727 6024 hcw85cir - ok
13:47:47.0796 6024 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
13:47:47.0811 6024 HdAudAddService - ok
13:47:47.0841 6024 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\DRIVERS\HDAudBus.sys
13:47:47.0857 6024 HDAudBus - ok
13:47:47.0861 6024 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\drivers\HidBatt.sys
13:47:47.0862 6024 HidBatt - ok
13:47:47.0870 6024 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\drivers\hidbth.sys
13:47:47.0879 6024 HidBth - ok
13:47:47.0906 6024 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\drivers\hidir.sys
13:47:47.0923 6024 HidIr - ok
13:47:47.0963 6024 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
13:47:47.0965 6024 hidserv - ok
13:47:48.0001 6024 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
13:47:48.0002 6024 HidUsb - ok
13:47:48.0036 6024 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
13:47:48.0038 6024 hkmsvc - ok
13:47:48.0067 6024 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
13:47:48.0079 6024 HomeGroupListener - ok
13:47:48.0126 6024 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
13:47:48.0137 6024 HomeGroupProvider - ok
13:47:48.0161 6024 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
13:47:48.0163 6024 HpSAMD - ok
13:47:48.0303 6024 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
13:47:48.0321 6024 HTTP - ok
13:47:48.0325 6024 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
13:47:48.0326 6024 hwpolicy - ok
13:47:48.0380 6024 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
13:47:48.0382 6024 i8042prt - ok
13:47:48.0400 6024 iaStorV (a3cae5d281db4cff7cff8233507ee5ad) C:\Windows\system32\drivers\iaStorV.sys
13:47:48.0415 6024 iaStorV - ok
13:47:48.0605 6024 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:47:48.0632 6024 idsvc - ok
13:47:48.0666 6024 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\drivers\iirsp.sys
13:47:48.0667 6024 iirsp - ok
13:47:48.0756 6024 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
13:47:48.0773 6024 IKEEXT - ok
13:47:49.0025 6024 IntcAzAudAddService (da6ee479071883d263e75be7a67a70b8) C:\Windows\system32\drivers\RTKVHDA.sys
13:47:49.0082 6024 IntcAzAudAddService - ok
13:47:49.0581 6024 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
13:47:49.0583 6024 intelide - ok
13:47:49.0611 6024 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\drivers\intelppm.sys
13:47:49.0614 6024 intelppm - ok
13:47:49.0660 6024 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
13:47:49.0666 6024 IPBusEnum - ok
13:47:49.0676 6024 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:47:49.0679 6024 IpFilterDriver - ok
13:47:49.0751 6024 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
13:47:49.0775 6024 iphlpsvc - ok
13:47:49.0813 6024 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
13:47:49.0817 6024 IPMIDRV - ok
13:47:49.0824 6024 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
13:47:49.0830 6024 IPNAT - ok
13:47:49.0864 6024 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
13:47:49.0866 6024 IRENUM - ok
13:47:49.0876 6024 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
13:47:49.0879 6024 isapnp - ok
13:47:49.0916 6024 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
13:47:49.0926 6024 iScsiPrt - ok
13:47:49.0956 6024 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
13:47:49.0957 6024 kbdclass - ok
13:47:49.0968 6024 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
13:47:49.0970 6024 kbdhid - ok
13:47:50.0009 6024 KeyIso (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
13:47:50.0010 6024 KeyIso - ok
13:47:50.0018 6024 KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys
13:47:50.0032 6024 KSecDD - ok
13:47:50.0043 6024 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys
13:47:50.0052 6024 KSecPkg - ok
13:47:50.0104 6024 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
13:47:50.0122 6024 KtmRm - ok
13:47:50.0171 6024 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
13:47:50.0184 6024 LanmanServer - ok
13:47:50.0219 6024 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
13:47:50.0226 6024 LanmanWorkstation - ok
13:47:50.0281 6024 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
13:47:50.0283 6024 lltdio - ok
13:47:50.0324 6024 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
13:47:50.0336 6024 lltdsvc - ok
13:47:50.0356 6024 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
13:47:50.0358 6024 lmhosts - ok
13:47:50.0408 6024 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\drivers\lsi_fc.sys
13:47:50.0411 6024 LSI_FC - ok
13:47:50.0427 6024 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\drivers\lsi_sas.sys
13:47:50.0431 6024 LSI_SAS - ok
13:47:50.0456 6024 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\drivers\lsi_sas2.sys
13:47:50.0458 6024 LSI_SAS2 - ok
13:47:50.0470 6024 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\drivers\lsi_scsi.sys
13:47:50.0473 6024 LSI_SCSI - ok
13:47:50.0500 6024 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
13:47:50.0502 6024 luafv - ok
13:47:50.0629 6024 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\Windows\system32\drivers\mbamswissarmy.sys
13:47:50.0631 6024 MBAMSwissArmy - ok
13:47:50.0666 6024 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
13:47:50.0672 6024 Mcx2Svc - ok
13:47:50.0711 6024 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\drivers\megasas.sys
13:47:50.0713 6024 megasas - ok
13:47:50.0761 6024 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\drivers\MegaSR.sys
13:47:50.0767 6024 MegaSR - ok
13:47:50.0815 6024 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
13:47:50.0820 6024 MMCSS - ok
13:47:50.0826 6024 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
13:47:50.0827 6024 Modem - ok
13:47:50.0859 6024 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
13:47:50.0860 6024 monitor - ok
13:47:50.0866 6024 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
13:47:50.0867 6024 mouclass - ok
13:47:50.0872 6024 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
13:47:50.0873 6024 mouhid - ok
13:47:50.0879 6024 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
13:47:50.0888 6024 mountmgr - ok
13:47:50.0998 6024 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
13:47:51.0012 6024 MozillaMaintenance - ok
13:47:51.0040 6024 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
13:47:51.0053 6024 mpio - ok
13:47:51.0063 6024 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
13:47:51.0066 6024 mpsdrv - ok
13:47:51.0147 6024 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
13:47:51.0174 6024 MpsSvc - ok
13:47:51.0189 6024 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
13:47:51.0193 6024 MRxDAV - ok
13:47:51.0237 6024 mrxsmb (b272b4c3e085ea860c12f2e4faf2ffa2) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:47:51.0249 6024 mrxsmb - ok
13:47:51.0271 6024 mrxsmb10 (9ac33ef26c8a3ad0f117d00eb7301d03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:47:51.0275 6024 mrxsmb10 - ok
13:47:51.0282 6024 mrxsmb20 (e0abdb5ed7e199e242a7d028e76c1d3a) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:47:51.0284 6024 mrxsmb20 - ok
13:47:51.0289 6024 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
13:47:51.0290 6024 msahci - ok
13:47:51.0298 6024 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
13:47:51.0301 6024 msdsm - ok
13:47:51.0323 6024 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
13:47:51.0338 6024 MSDTC - ok
13:47:51.0351 6024 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
13:47:51.0354 6024 Msfs - ok
13:47:51.0375 6024 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
13:47:51.0376 6024 mshidkmdf - ok
13:47:51.0380 6024 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
13:47:51.0381 6024 msisadrv - ok
13:47:51.0441 6024 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
13:47:51.0453 6024 MSiSCSI - ok
13:47:51.0460 6024 msiserver - ok
13:47:51.0497 6024 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
13:47:51.0498 6024 MSKSSRV - ok
13:47:51.0539 6024 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
13:47:51.0541 6024 MSPCLOCK - ok
13:47:51.0567 6024 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
13:47:51.0569 6024 MSPQM - ok
13:47:51.0598 6024 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
13:47:51.0612 6024 MsRPC - ok
13:47:51.0630 6024 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
13:47:51.0632 6024 mssmbios - ok
13:47:51.0652 6024 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
13:47:51.0653 6024 MSTEE - ok
13:47:51.0657 6024 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\drivers\MTConfig.sys
13:47:51.0658 6024 MTConfig - ok
13:47:51.0664 6024 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
13:47:51.0666 6024 Mup - ok
13:47:51.0701 6024 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
13:47:51.0718 6024 napagent - ok
13:47:51.0765 6024 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
13:47:51.0776 6024 NativeWifiP - ok
13:47:51.0856 6024 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
13:47:51.0879 6024 NDIS - ok
13:47:51.0884 6024 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
13:47:51.0886 6024 NdisCap - ok
13:47:51.0920 6024 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
13:47:51.0922 6024 NdisTapi - ok
13:47:51.0929 6024 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
13:47:51.0945 6024 Ndisuio - ok
13:47:51.0953 6024 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
13:47:51.0956 6024 NdisWan - ok
13:47:51.0961 6024 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
13:47:51.0967 6024 NDProxy - ok
13:47:51.0971 6024 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
13:47:51.0972 6024 NetBIOS - ok
13:47:51.0987 6024 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
13:47:51.0990 6024 NetBT - ok
13:47:52.0033 6024 Netlogon (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
13:47:52.0034 6024 Netlogon - ok
13:47:52.0105 6024 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
13:47:52.0123 6024 Netman - ok
13:47:52.0162 6024 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
13:47:52.0178 6024 netprofm - ok
13:47:52.0315 6024 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:47:52.0326 6024 NetTcpPortSharing - ok
13:47:52.0416 6024 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\drivers\nfrd960.sys
13:47:52.0419 6024 nfrd960 - ok
13:47:52.0468 6024 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
13:47:52.0498 6024 NlaSvc - ok
13:47:52.0503 6024 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
13:47:52.0504 6024 Npfs - ok
13:47:52.0545 6024 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
13:47:52.0548 6024 nsi - ok
13:47:52.0552 6024 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
13:47:52.0553 6024 nsiproxy - ok
13:47:52.0655 6024 Ntfs (33c3093d09017cfe2e219f2472bff6eb) C:\Windows\system32\drivers\Ntfs.sys
13:47:52.0699 6024 Ntfs - ok
13:47:52.0738 6024 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
13:47:52.0740 6024 Null - ok
13:47:52.0785 6024 nvraid (af2eec9580c1d32fb7eaf105d9784061) C:\Windows\system32\drivers\nvraid.sys
13:47:52.0798 6024 nvraid - ok
13:47:52.0815 6024 nvstor (9283c58ebaa2618f93482eb5dabcec82) C:\Windows\system32\drivers\nvstor.sys
13:47:52.0827 6024 nvstor - ok
13:47:52.0840 6024 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
13:47:52.0842 6024 nv_agp - ok
13:47:52.0861 6024 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
13:47:52.0862 6024 ohci1394 - ok
13:47:52.0914 6024 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
13:47:52.0923 6024 p2pimsvc - ok
13:47:52.0984 6024 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
13:47:53.0006 6024 p2psvc - ok
13:47:53.0021 6024 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\drivers\parport.sys
13:47:53.0024 6024 Parport - ok
13:47:53.0049 6024 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
13:47:53.0051 6024 partmgr - ok
13:47:53.0055 6024 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\drivers\parvdm.sys
13:47:53.0056 6024 Parvdm - ok
13:47:53.0075 6024 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
13:47:53.0088 6024 PcaSvc - ok
13:47:53.0101 6024 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
13:47:53.0112 6024 pci - ok
13:47:53.0116 6024 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
13:47:53.0117 6024 pciide - ok
13:47:53.0128 6024 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\drivers\pcmcia.sys
13:47:53.0137 6024 pcmcia - ok
13:47:53.0142 6024 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
13:47:53.0143 6024 pcw - ok
13:47:53.0192 6024 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
13:47:53.0207 6024 PEAUTH - ok
13:47:53.0314 6024 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
13:47:53.0364 6024 pla - ok
13:47:53.0794 6024 PlugPlay (92dc6e68d2c856c5c2f21ae9e22112b8) C:\Windows\system32\umpnpmgr.dll
13:47:53.0819 6024 PlugPlay - ok
13:47:53.0869 6024 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
13:47:53.0874 6024 PNRPAutoReg - ok
13:47:53.0921 6024 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
13:47:53.0930 6024 PNRPsvc - ok
13:47:54.0004 6024 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
13:47:54.0016 6024 PolicyAgent - ok
13:47:54.0050 6024 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
13:47:54.0064 6024 Power - ok
13:47:54.0233 6024 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
13:47:54.0237 6024 PptpMiniport - ok
13:47:54.0283 6024 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\drivers\processr.sys
13:47:54.0286 6024 Processor - ok
13:47:54.0334 6024 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
13:47:54.0368 6024 ProfSvc - ok
13:47:54.0417 6024 ProtectedStorage (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
13:47:54.0420 6024 ProtectedStorage - ok
13:47:54.0466 6024 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
13:47:54.0478 6024 Psched - ok
13:47:54.0581 6024 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\drivers\ql2300.sys
13:47:54.0636 6024 ql2300 - ok
13:47:55.0140 6024 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\drivers\ql40xx.sys
13:47:55.0149 6024 ql40xx - ok
13:47:55.0201 6024 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
13:47:55.0221 6024 QWAVE - ok
13:47:55.0230 6024 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
13:47:55.0232 6024 QWAVEdrv - ok
13:47:55.0241 6024 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
13:47:55.0243 6024 RasAcd - ok
13:47:55.0292 6024 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:47:55.0294 6024 RasAgileVpn - ok
13:47:55.0328 6024 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
13:47:55.0334 6024 RasAuto - ok
13:47:55.0342 6024 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:47:55.0343 6024 Rasl2tp - ok
13:47:55.0365 6024 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
13:47:55.0378 6024 RasMan - ok
13:47:55.0385 6024 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
13:47:55.0387 6024 RasPppoe - ok
13:47:55.0395 6024 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
13:47:55.0414 6024 RasSstp - ok
13:47:55.0428 6024 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
13:47:55.0444 6024 rdbss - ok
13:47:55.0448 6024 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\drivers\rdpbus.sys
13:47:55.0449 6024 rdpbus - ok
13:47:55.0477 6024 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:47:55.0478 6024 RDPCDD - ok
13:47:55.0509 6024 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
13:47:55.0510 6024 RDPENCDD - ok
13:47:55.0521 6024 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
13:47:55.0522 6024 RDPREFMP - ok
13:47:55.0535 6024 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
13:47:55.0550 6024 RDPWD - ok
13:47:55.0598 6024 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
13:47:55.0612 6024 rdyboost - ok
13:47:55.0667 6024 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
13:47:55.0673 6024 RemoteAccess - ok
13:47:55.0741 6024 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
13:47:55.0770 6024 RemoteRegistry - ok
13:47:55.0830 6024 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
13:47:55.0837 6024 RpcEptMapper - ok
13:47:55.0867 6024 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
13:47:55.0871 6024 RpcLocator - ok
13:47:55.0930 6024 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
13:47:55.0941 6024 RpcSs - ok
13:47:56.0033 6024 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
13:47:56.0034 6024 rspndr - ok
13:47:56.0098 6024 RTL8167 (64ca613324d8bd0b278420ed4959afd9) C:\Windows\system32\DRIVERS\Rt86win7.sys
13:47:56.0141 6024 RTL8167 - ok
13:47:56.0182 6024 SamSs (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
13:47:56.0186 6024 SamSs - ok
13:47:56.0214 6024 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
13:47:56.0235 6024 sbp2port - ok
13:47:56.0287 6024 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
13:47:56.0339 6024 SCardSvr - ok
13:47:56.0379 6024 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
13:47:56.0382 6024 scfilter - ok
13:47:56.0454 6024 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
13:47:56.0515 6024 Schedule - ok
13:47:56.0575 6024 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
13:47:56.0577 6024 SCPolicySvc - ok
13:47:56.0618 6024 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
13:47:56.0630 6024 SDRSVC - ok
13:47:56.0665 6024 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
13:47:56.0667 6024 secdrv - ok
13:47:56.0683 6024 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
13:47:56.0686 6024 seclogon - ok
13:47:56.0694 6024 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
13:47:56.0697 6024 SENS - ok
13:47:56.0767 6024 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
13:47:56.0774 6024 SensrSvc - ok
13:47:56.0803 6024 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
13:47:56.0805 6024 Serenum - ok
13:47:56.0857 6024 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
13:47:56.0861 6024 Serial - ok
13:47:56.0870 6024 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\drivers\sermouse.sys
13:47:56.0872 6024 sermouse - ok
13:47:56.0933 6024 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
13:47:56.0947 6024 SessionEnv - ok
13:47:56.0950 6024 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
13:47:56.0951 6024 sffdisk - ok
13:47:56.0956 6024 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
13:47:56.0957 6024 sffp_mmc - ok
13:47:56.0961 6024 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
13:47:56.0962 6024 sffp_sd - ok
13:47:56.0967 6024 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\drivers\sfloppy.sys
13:47:56.0968 6024 sfloppy - ok
13:47:57.0011 6024 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
13:47:57.0020 6024 SharedAccess - ok
13:47:57.0046 6024 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
13:47:57.0062 6024 ShellHWDetection - ok
13:47:57.0067 6024 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
13:47:57.0080 6024 sisagp - ok
13:47:57.0114 6024 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\drivers\SiSRaid2.sys
13:47:57.0115 6024 SiSRaid2 - ok
13:47:57.0121 6024 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\drivers\sisraid4.sys
13:47:57.0124 6024 SiSRaid4 - ok
13:47:57.0210 6024 SkypeUpdate (f07af60b152221472fbdb2fecec4896d) C:\Program Files\Skype\Updater\Updater.exe
13:47:57.0221 6024 SkypeUpdate - ok
13:47:57.0258 6024 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
13:47:57.0262 6024 Smb - ok
13:47:57.0323 6024 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
13:47:57.0326 6024 SNMPTRAP - ok
13:47:57.0343 6024 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
13:47:57.0344 6024 spldr - ok
13:47:57.0373 6024 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
13:47:57.0391 6024 Spooler - ok
13:47:57.0548 6024 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
13:47:57.0661 6024 sppsvc - ok
13:47:58.0043 6024 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
13:47:58.0051 6024 sppuinotify - ok
13:47:58.0234 6024 srv (112127c3b2e64d7680cc39cd0a39dd7e) C:\Windows\system32\DRIVERS\srv.sys
13:47:58.0264 6024 srv - ok
13:47:58.0293 6024 srv2 (e5dd784a4ee5ebc72a86c677c988fcdb) C:\Windows\system32\DRIVERS\srv2.sys
13:47:58.0298 6024 srv2 - ok
13:47:58.0308 6024 srvnet (cdbe627e16cc9e98f343d73f8e81d258) C:\Windows\system32\DRIVERS\srvnet.sys
13:47:58.0310 6024 srvnet - ok
13:47:58.0349 6024 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
13:47:58.0362 6024 SSDPSRV - ok
13:47:58.0386 6024 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
13:47:58.0393 6024 SstpSvc - ok
13:47:58.0485 6024 Steam Client Service - ok
13:47:58.0499 6024 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\drivers\stexstor.sys
13:47:58.0501 6024 stexstor - ok
13:47:58.0594 6024 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
13:47:58.0644 6024 StiSvc - ok
13:47:58.0653 6024 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
13:47:58.0655 6024 swenum - ok
13:47:58.0704 6024 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
13:47:58.0724 6024 swprv - ok
13:47:58.0829 6024 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
13:47:58.0858 6024 SysMain - ok
13:47:58.0887 6024 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
13:47:58.0890 6024 TabletInputService - ok
13:47:58.0905 6024 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
13:47:58.0915 6024 TapiSrv - ok
13:47:58.0922 6024 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
13:47:58.0925 6024 TBS - ok
13:47:59.0149 6024 Tcpip (37e8fa3779668837ca9e2c36d2415949) C:\Windows\system32\drivers\tcpip.sys
13:47:59.0178 6024 Tcpip - ok
13:47:59.0205 6024 TCPIP6 (37e8fa3779668837ca9e2c36d2415949) C:\Windows\system32\DRIVERS\tcpip.sys
13:47:59.0213 6024 TCPIP6 - ok
13:47:59.0249 6024 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
13:47:59.0250 6024 tcpipreg - ok
13:47:59.0277 6024 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
13:47:59.0280 6024 TDPIPE - ok
13:47:59.0288 6024 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
13:47:59.0291 6024 TDTCP - ok
13:47:59.0306 6024 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
13:47:59.0309 6024 tdx - ok
13:47:59.0318 6024 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\DRIVERS\termdd.sys
13:47:59.0319 6024 TermDD - ok
13:47:59.0370 6024 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
13:47:59.0391 6024 TermService - ok
13:47:59.0425 6024 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
13:47:59.0428 6024 Themes - ok
13:47:59.0461 6024 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
13:47:59.0463 6024 THREADORDER - ok
13:47:59.0489 6024 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
13:47:59.0492 6024 TrkWks - ok
13:47:59.0580 6024 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
13:47:59.0588 6024 TrustedInstaller - ok
13:47:59.0614 6024 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:47:59.0615 6024 tssecsrv - ok
13:47:59.0636 6024 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
13:47:59.0637 6024 TsUsbFlt - ok
13:47:59.0642 6024 TsUsbGD (01246f0baad7b68ec0f472aa41e33282) C:\Windows\system32\drivers\TsUsbGD.sys
13:47:59.0643 6024 TsUsbGD - ok
13:47:59.0683 6024 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
13:47:59.0701 6024 tunnel - ok
13:47:59.0711 6024 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\drivers\uagp35.sys
13:47:59.0714 6024 uagp35 - ok
13:47:59.0736 6024 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
13:47:59.0749 6024 udfs - ok
13:47:59.0827 6024 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
13:47:59.0840 6024 UI0Detect - ok
13:47:59.0870 6024 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
13:47:59.0887 6024 uliagpkx - ok
13:47:59.0914 6024 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
13:47:59.0929 6024 umbus - ok
13:47:59.0970 6024 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\drivers\umpass.sys
13:47:59.0973 6024 UmPass - ok
13:48:00.0043 6024 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
13:48:00.0081 6024 upnphost - ok
13:48:00.0140 6024 usbaudio (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
13:48:00.0144 6024 usbaudio - ok
13:48:00.0178 6024 usbccgp (7e72e7d7e0757d59481d530fd2b0bfae) C:\Windows\system32\DRIVERS\usbccgp.sys
13:48:00.0181 6024 usbccgp - ok
13:48:00.0209 6024 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
13:48:00.0213 6024 usbcir - ok
13:48:00.0219 6024 usbehci (cfbce999c057d78979a181c9c60f208e) C:\Windows\system32\DRIVERS\usbehci.sys
13:48:00.0221 6024 usbehci - ok
13:48:00.0281 6024 usbhub (9d22aad9ac6a07c691a1113e5f860868) C:\Windows\system32\DRIVERS\usbhub.sys
13:48:00.0289 6024 usbhub - ok
13:48:00.0293 6024 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
13:48:00.0295 6024 usbohci - ok
13:48:00.0299 6024 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\drivers\usbprint.sys
13:48:00.0300 6024 usbprint - ok
13:48:00.0335 6024 USBSTOR (bf63ebfc6979fefb2bc03df7989a0c1a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:48:00.0337 6024 USBSTOR - ok
13:48:00.0342 6024 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\drivers\usbuhci.sys
13:48:00.0343 6024 usbuhci - ok
13:48:00.0403 6024 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\system32\Drivers\usbvideo.sys
13:48:00.0415 6024 usbvideo - ok
13:48:00.0456 6024 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
13:48:00.0459 6024 UxSms - ok
13:48:00.0496 6024 VaultSvc (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
13:48:00.0498 6024 VaultSvc - ok
13:48:00.0519 6024 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
13:48:00.0521 6024 vdrvroot - ok
13:48:00.0565 6024 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
13:48:00.0585 6024 vds - ok
13:48:00.0591 6024 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
13:48:00.0592 6024 vga - ok
13:48:00.0597 6024 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
13:48:00.0598 6024 VgaSave - ok
13:48:00.0622 6024 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
13:48:00.0634 6024 vhdmp - ok
13:48:00.0659 6024 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
13:48:00.0660 6024 viaagp - ok
13:48:00.0680 6024 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\drivers\viac7.sys
13:48:00.0682 6024 ViaC7 - ok
13:48:00.0686 6024 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
13:48:00.0687 6024 viaide - ok
13:48:00.0693 6024 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
13:48:00.0695 6024 volmgr - ok
13:48:00.0709 6024 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
13:48:00.0723 6024 volmgrx - ok
13:48:00.0743 6024 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
13:48:00.0746 6024 volsnap - ok
13:48:00.0772 6024 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\drivers\vsmraid.sys
13:48:00.0778 6024 vsmraid - ok
13:48:00.0901 6024 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
13:48:00.0959 6024 VSS - ok
13:48:00.0970 6024 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
13:48:00.0972 6024 vwifibus - ok
13:48:01.0013 6024 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
13:48:01.0027 6024 W32Time - ok
13:48:01.0034 6024 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\drivers\wacompen.sys
13:48:01.0035 6024 WacomPen - ok
13:48:01.0059 6024 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
13:48:01.0061 6024 WANARP - ok
13:48:01.0064 6024 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
13:48:01.0065 6024 Wanarpv6 - ok
13:48:01.0150 6024 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
13:48:01.0183 6024 wbengine - ok
13:48:01.0211 6024 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
13:48:01.0223 6024 WbioSrvc - ok
13:48:01.0251 6024 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
13:48:01.0266 6024 wcncsvc - ok
13:48:01.0272 6024 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
13:48:01.0275 6024 WcsPlugInService - ok
13:48:01.0426 6024 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\drivers\wd.sys
13:48:01.0428 6024 Wd - ok
13:48:01.0463 6024 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
13:48:01.0486 6024 Wdf01000 - ok
13:48:01.0529 6024 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
13:48:01.0538 6024 WdiServiceHost - ok
13:48:01.0545 6024 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
13:48:01.0552 6024 WdiSystemHost - ok
13:48:01.0585 6024 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
13:48:01.0597 6024 WebClient - ok
13:48:01.0609 6024 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
13:48:01.0622 6024 Wecsvc - ok
13:48:01.0630 6024 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
13:48:01.0633 6024 wercplsupport - ok
13:48:01.0673 6024 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
13:48:01.0677 6024 WerSvc - ok
13:48:01.0731 6024 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
13:48:01.0734 6024 WfpLwf - ok
13:48:01.0743 6024 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
13:48:01.0745 6024 WIMMount - ok
13:48:01.0926 6024 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
13:48:01.0978 6024 WinDefend - ok
13:48:01.0983 6024 WinHttpAutoProxySvc - ok
13:48:02.0113 6024 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
13:48:02.0123 6024 Winmgmt - ok
13:48:02.0226 6024 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
13:48:02.0286 6024 WinRM - ok
13:48:02.0397 6024 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
13:48:02.0454 6024 Wlansvc - ok
13:48:02.0600 6024 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
13:48:02.0602 6024 WmiAcpi - ok
13:48:02.0737 6024 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
13:48:02.0748 6024 wmiApSrv - ok
13:48:02.0950 6024 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
13:48:02.0980 6024 WMPNetworkSvc - ok
13:48:03.0016 6024 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
13:48:03.0020 6024 WPCSvc - ok
13:48:03.0039 6024 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
13:48:03.0046 6024 WPDBusEnum - ok
13:48:03.0192 6024 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
13:48:03.0194 6024 ws2ifsl - ok
13:48:03.0223 6024 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
13:48:03.0231 6024 wscsvc - ok
13:48:03.0238 6024 WSearch - ok
13:48:03.0357 6024 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
13:48:03.0423 6024 wuauserv - ok
13:48:03.0964 6024 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
13:48:03.0977 6024 WudfPf - ok
13:48:04.0026 6024 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
13:48:04.0035 6024 wudfsvc - ok
13:48:04.0064 6024 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
13:48:04.0077 6024 WwanSvc - ok
13:48:04.0085 6024 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
13:48:04.0112 6024 \Device\Harddisk1\DR1 ( Rootkit.Boot.Pihar.c ) - infected
13:48:04.0112 6024 \Device\Harddisk1\DR1 - detected Rootkit.Boot.Pihar.c (0)
13:48:04.0142 6024 \Device\Harddisk1\DR1 ( TDSS File System ) - warning
13:48:04.0143 6024 \Device\Harddisk1\DR1 - detected TDSS File System (1)
13:48:04.0158 6024 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
13:48:04.0224 6024 \Device\Harddisk0\DR0 - ok
13:48:04.0229 6024 MBR (0x1B8) (c010951fcc58666b2c6db8c74e524786) \Device\Harddisk2\DR2
13:48:18.0189 6024 \Device\Harddisk2\DR2 - ok
13:48:18.0196 6024 Boot (0x1200) (f28ca80626f51f1310c704b3164c4690) \Device\Harddisk1\DR1\Partition0
13:48:18.0199 6024 \Device\Harddisk1\DR1\Partition0 - ok
13:48:18.0229 6024 Boot (0x1200) (2582cc25d8728f2dabc7349aaea28835) \Device\Harddisk1\DR1\Partition1
13:48:18.0230 6024 \Device\Harddisk1\DR1\Partition1 - ok
13:48:18.0233 6024 Boot (0x1200) (a12fd6d432c005125ae2acc75e52e32d) \Device\Harddisk0\DR0\Partition0
13:48:18.0235 6024 \Device\Harddisk0\DR0\Partition0 - ok
13:48:18.0236 6024 ============================================================
13:48:18.0236 6024 Scan finished
13:48:18.0236 6024 ============================================================
13:48:18.0248 0964 Detected object count: 2
13:48:18.0248 0964 Actual detected object count: 2
13:50:08.0399 0964 \Device\Harddisk1\DR1\# - copied to quarantine
13:50:08.0400 0964 \Device\Harddisk1\DR1 - copied to quarantine
13:50:08.0485 0964 \Device\Harddisk1\DR1\TDLFS\ldrm - copied to quarantine
13:50:08.0520 0964 \Device\Harddisk1\DR1\TDLFS\cmd.dll - copied to quarantine
13:50:08.0524 0964 \Device\Harddisk1\DR1\TDLFS\cmd64.dll - copied to quarantine
13:50:08.0541 0964 \Device\Harddisk1\DR1\TDLFS\sub.dll - copied to quarantine
13:50:08.0549 0964 \Device\Harddisk1\DR1\TDLFS\subx.dll - copied to quarantine
13:50:08.0569 0964 \Device\Harddisk1\DR1\TDLFS\drv32 - copied to quarantine
13:50:08.0582 0964 \Device\Harddisk1\DR1\TDLFS\drv64 - copied to quarantine
13:50:08.0585 0964 \Device\Harddisk1\DR1\TDLFS\servers.dat - copied to quarantine
13:50:08.0588 0964 \Device\Harddisk1\DR1\TDLFS\config.ini - copied to quarantine
13:50:08.0592 0964 \Device\Harddisk1\DR1\TDLFS\ldr16 - copied to quarantine
13:50:08.0596 0964 \Device\Harddisk1\DR1\TDLFS\ldr32 - copied to quarantine
13:50:08.0601 0964 \Device\Harddisk1\DR1\TDLFS\ldr64 - copied to quarantine
13:50:08.0604 0964 \Device\Harddisk1\DR1\TDLFS\s - copied to quarantine
13:50:08.0607 0964 \Device\Harddisk1\DR1\TDLFS\u - copied to quarantine
13:50:08.0620 0964 \Device\Harddisk1\DR1 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
13:50:08.0623 0964 \Device\Harddisk1\DR1 - ok
13:50:08.0656 0964 \Device\Harddisk1\DR1 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
13:50:08.0657 0964 \Device\Harddisk1\DR1 ( TDSS File System ) - skipped by user
13:50:08.0657 0964 \Device\Harddisk1\DR1 ( TDSS File System ) - User select action: Skip


aswMBR

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-03 13:48:24
-----------------------------
13:48:24.487 OS Version: Windows 6.1.7601 Service Pack 1
13:48:24.487 Number of processors: 3 586 0x503
13:48:24.489 ComputerName: TESTTICKLES-PC UserName: Testtickles
13:48:25.329 Initialize success
13:53:59.295 AVAST engine defs: 12080300
13:56:00.952 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
13:56:00.959 Disk 0 Vendor: SAMSUNG_HD103SJ 1AJ10001 Size: 953869MB BusType: 3
13:56:00.964 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-7
13:56:00.967 Disk 1 Vendor: ST3250820AS 3.AHG Size: 238475MB BusType: 3
13:56:00.971 Disk 2 \Device\Harddisk2\DR2 -> \Device\0000006d
13:56:00.974 Disk 2 Vendor: Size: 238475MB BusType: 0
13:56:00.979 Disk 1 MBR read successfully
13:56:00.983 Disk 1 MBR scan
13:56:00.989 Disk 1 Windows XP default MBR code
13:56:00.993 Disk 1 MBR hidden
13:56:00.996 Disk 1 Partition 1 00 07 HPFS/NTFS NTFS 953867 MB offset 63
13:56:01.002 Disk 1 scanning sectors +488392065
13:56:01.023 Disk 1 scanning C:\Windows\system32\drivers
13:56:01.028 Service scanning
13:56:36.655 Modules scanning
13:56:37.184 Disk 1 trace - called modules:
13:56:37.190 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll >>UNKNOWN [0x86afab48]<<
13:56:37.194 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0x86741030]
13:56:37.199 3 CLASSPNP.SYS[8bd7759e] -> nt!IofCallDriver -> [0x862572c8]
13:56:37.203 5 ACPI.sys[833b73d4] -> nt!IofCallDriver -> \IdeDeviceP0T1L0-7[0x86264030]
13:56:37.207 \Driver\atapi[0x86ef1988] -> IRP_MJ_CREATE -> 0x86f694b1
13:56:38.186 AVAST engine scan C:\Windows
13:56:38.265 AVAST engine scan C:\Windows\system32
13:56:38.273 AVAST engine scan C:\Windows\system32\drivers
13:56:38.280 AVAST engine scan C:\Users\Testtickles
13:56:38.286 AVAST engine scan C:\ProgramData
13:56:38.290 Scan finished successfully
16:16:22.377 Disk 1 MBR has been saved successfully to "C:\Users\Testtickles\Desktop\MBR.dat"
16:16:22.405 The log file has been saved successfully to "C:\Users\Testtickles\Desktop\aswMBR.txt"

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:03 PM

Posted 03 August 2012 - 07:17 PM

Restart the PC ,run TDSSkiller and aswmbr scan once again and post the new logs

13:50:08.0657 0964 \Device\Harddisk1\DR1 ( TDSS File System ) - User select action: Skip


Do not skip it,Delete it

#5 WinchesterD

WinchesterD
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:03 PM

Posted 03 August 2012 - 07:29 PM

Avast

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-03 19:20:19
-----------------------------
19:20:19.393 OS Version: Windows 6.1.7601 Service Pack 1
19:20:19.393 Number of processors: 3 586 0x503
19:20:19.393 ComputerName: TESTTICKLES-PC UserName: Testtickles
19:20:20.267 Initialize success
19:20:28.112 AVAST engine defs: 12080300
19:20:29.641 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
19:20:29.641 Disk 0 Vendor: SAMSUNG_HD103SJ 1AJ10001 Size: 953869MB BusType: 3
19:20:29.641 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-7
19:20:29.641 Disk 1 Vendor: ST3250820AS 3.AHG Size: 238475MB BusType: 3
19:20:29.641 Disk 2 \Device\Harddisk2\DR2 -> \Device\0000006d
19:20:29.656 Disk 2 Vendor: Size: 238475MB BusType: 0
19:20:29.672 Disk 1 MBR read successfully
19:20:29.672 Disk 1 MBR scan
19:20:29.672 Disk 1 Windows 7 default MBR code
19:20:29.687 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 229412 MB offset 63
19:20:29.703 Disk 1 Partition 2 00 0C FAT32 LBA RECOVERY 9052 MB offset 469853055
19:20:29.719 Disk 1 scanning sectors +488392065
19:20:29.734 Disk 1 malicious Win32:MBRoot code @ sector 488392068 !
19:20:29.750 Disk 1 scanning C:\Windows\system32\drivers
19:20:36.271 Service scanning
19:20:42.199 Service atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys **LOCKED** 32
19:21:17.455 Modules scanning
19:21:29.888 Disk 1 trace - called modules:
19:21:29.919
19:21:31.916 AVAST engine scan C:\Windows
19:21:37.655 AVAST engine scan C:\Windows\system32
19:23:57.167 AVAST engine scan C:\Windows\system32\drivers
19:24:04.447 AVAST engine scan C:\Users\Testtickles
19:25:31.470 AVAST engine scan C:\ProgramData
19:25:39.550 Scan finished successfully
19:26:57.304 Disk 1 MBR read successfully
19:26:57.328 Disk 1 scanning sectors +488392065
19:26:57.368 Disk 1 malicious Win32:MBRoot code @ sector 488392068 !
19:26:57.376 Disk 1 sector 488392068 cleaned
19:26:57.382 Verifying disinfection
19:27:07.483 Infection fixed successfully - please reboot ASAP
19:27:58.869 Disk 1 MBR has been saved successfully to "C:\Users\Testtickles\Desktop\MBR.dat"
19:27:58.874 The log file has been saved successfully to "C:\Users\Testtickles\Desktop\aswMBR.txt"

TSDD

19:20:27.0379 2300 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
19:20:27.0659 2300 ============================================================
19:20:27.0659 2300 Current date / time: 2012/08/03 19:20:27.0659
19:20:27.0659 2300 SystemInfo:
19:20:27.0659 2300
19:20:27.0659 2300 OS Version: 6.1.7601 ServicePack: 1.0
19:20:27.0659 2300 Product type: Workstation
19:20:27.0659 2300 ComputerName: TESTTICKLES-PC
19:20:27.0659 2300 UserName: Testtickles
19:20:27.0659 2300 Windows directory: C:\Windows
19:20:27.0659 2300 System windows directory: C:\Windows
19:20:27.0659 2300 Processor architecture: Intel x86
19:20:27.0659 2300 Number of processors: 3
19:20:27.0659 2300 Page size: 0x1000
19:20:27.0659 2300 Boot type: Normal boot
19:20:27.0659 2300 ============================================================
19:20:28.0174 2300 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:20:28.0174 2300 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:20:28.0174 2300 Drive \Device\Harddisk2\DR2 - Size: 0x4A85D55E00 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:20:31.0747 2300 ============================================================
19:20:31.0747 2300 \Device\Harddisk1\DR1:
19:20:31.0762 2300 MBR partitions:
19:20:31.0762 2300 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1C01247F
19:20:31.0762 2300 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x1C01637F, BlocksNum 0x11AE202
19:20:31.0762 2300 \Device\Harddisk0\DR0:
19:20:31.0762 2300 MBR partitions:
19:20:31.0762 2300 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
19:20:31.0762 2300 \Device\Harddisk2\DR2:
19:20:31.0762 2300 MBR partitions:
19:20:31.0762 2300 ============================================================
19:20:31.0856 2300 C: <-> \Device\Harddisk1\DR1\Partition0
19:20:31.0871 2300 D: <-> \Device\Harddisk0\DR0\Partition0
19:20:31.0887 2300 E: <-> \Device\Harddisk1\DR1\Partition1
19:20:31.0887 2300 ============================================================
19:20:31.0887 2300 Initialize success
19:20:31.0887 2300 ============================================================
19:20:37.0300 0884 ============================================================
19:20:37.0300 0884 Scan started
19:20:37.0300 0884 Mode: Manual; TDLFS;
19:20:37.0300 0884 ============================================================
19:20:38.0735 0884 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
19:20:38.0751 0884 1394ohci - ok
19:20:38.0923 0884 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
19:20:38.0938 0884 ACPI - ok
19:20:38.0969 0884 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
19:20:38.0969 0884 AcpiPmi - ok
19:20:39.0266 0884 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\drivers\adp94xx.sys
19:20:39.0297 0884 adp94xx - ok
19:20:39.0484 0884 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\drivers\adpahci.sys
19:20:39.0500 0884 adpahci - ok
19:20:39.0640 0884 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\drivers\adpu320.sys
19:20:39.0640 0884 adpu320 - ok
19:20:39.0687 0884 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
19:20:39.0687 0884 AeLookupSvc - ok
19:20:39.0905 0884 AFD (1151fd4fb0216cfed887bfde29ebd516) C:\Windows\system32\drivers\afd.sys
19:20:39.0921 0884 AFD - ok
19:20:39.0952 0884 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
19:20:39.0952 0884 agp440 - ok
19:20:40.0015 0884 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\drivers\djsvs.sys
19:20:40.0015 0884 aic78xx - ok
19:20:40.0264 0884 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
19:20:40.0264 0884 ALG - ok
19:20:40.0295 0884 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
19:20:40.0295 0884 aliide - ok
19:20:40.0373 0884 AMD External Events Utility (b90a4332cf4c6580c845266a656de4ab) C:\Windows\system32\atiesrxx.exe
19:20:40.0373 0884 AMD External Events Utility - ok
19:20:40.0483 0884 AMD FUEL Service - ok
19:20:40.0514 0884 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
19:20:40.0514 0884 amdagp - ok
19:20:40.0514 0884 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
19:20:40.0514 0884 amdide - ok
19:20:40.0545 0884 amdiox86 (ff258424f0b2ef25eb98f04ee386e6e3) C:\Windows\system32\DRIVERS\amdiox86.sys
19:20:40.0545 0884 amdiox86 - ok
19:20:40.0561 0884 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\drivers\amdk8.sys
19:20:40.0561 0884 AmdK8 - ok
19:20:42.0058 0884 amdkmdag (7844984a5e1e6f18d93af9e9bcc65436) C:\Windows\system32\DRIVERS\atikmdag.sys
19:20:42.0261 0884 amdkmdag - ok
19:20:43.0337 0884 amdkmdap (202def509d76105b08741d36c3a7e4d7) C:\Windows\system32\DRIVERS\atikmpag.sys
19:20:43.0353 0884 amdkmdap - ok
19:20:43.0462 0884 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
19:20:43.0462 0884 AmdPPM - ok
19:20:43.0525 0884 amdsata (e7f4d42d8076ec60e21715cd11743a0d) C:\Windows\system32\drivers\amdsata.sys
19:20:43.0525 0884 amdsata - ok
19:20:43.0556 0884 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\drivers\amdsbs.sys
19:20:43.0556 0884 amdsbs - ok
19:20:43.0587 0884 amdxata (146459d2b08bfdcbfa856d9947043c81) C:\Windows\system32\drivers\amdxata.sys
19:20:43.0587 0884 amdxata - ok
19:20:43.0883 0884 AODDriver4.1 (40c15ce1b832b78cc2a2f61807058763) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys
19:20:43.0899 0884 AODDriver4.1 - ok
19:20:43.0977 0884 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
19:20:43.0977 0884 AppID - ok
19:20:44.0039 0884 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
19:20:44.0055 0884 AppIDSvc - ok
19:20:44.0117 0884 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
19:20:44.0117 0884 Appinfo - ok
19:20:44.0258 0884 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\drivers\arc.sys
19:20:44.0258 0884 arc - ok
19:20:44.0273 0884 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\drivers\arcsas.sys
19:20:44.0273 0884 arcsas - ok
19:20:44.0320 0884 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
19:20:44.0320 0884 AsyncMac - ok
19:20:44.0336 0884 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
19:20:44.0336 0884 atapi - ok
19:20:44.0507 0884 AtiHDAudioService (6adc42cf4a6ab84975ca63dccfaaf5d8) C:\Windows\system32\drivers\AtihdW73.sys
19:20:44.0507 0884 AtiHDAudioService - ok
19:20:45.0927 0884 atikmdag (7844984a5e1e6f18d93af9e9bcc65436) C:\Windows\system32\DRIVERS\atikmdag.sys
19:20:45.0958 0884 atikmdag - ok
19:20:46.0676 0884 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
19:20:46.0691 0884 AudioEndpointBuilder - ok
19:20:46.0691 0884 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
19:20:46.0691 0884 Audiosrv - ok
19:20:46.0879 0884 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
19:20:46.0879 0884 AxInstSV - ok
19:20:47.0362 0884 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\drivers\bxvbdx.sys
19:20:47.0378 0884 b06bdrv - ok
19:20:47.0783 0884 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
19:20:47.0799 0884 b57nd60x - ok
19:20:48.0017 0884 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
19:20:48.0017 0884 BDESVC - ok
19:20:48.0095 0884 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
19:20:48.0095 0884 Beep - ok
19:20:48.0236 0884 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
19:20:48.0251 0884 BFE - ok
19:20:48.0532 0884 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
19:20:48.0595 0884 BITS - ok
19:20:48.0626 0884 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
19:20:48.0626 0884 blbdrive - ok
19:20:48.0704 0884 bowser (fcafaef6798d7b51ff029f99a9898961) C:\Windows\system32\DRIVERS\bowser.sys
19:20:48.0704 0884 bowser - ok
19:20:48.0719 0884 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\BrFiltLo.sys
19:20:48.0719 0884 BrFiltLo - ok
19:20:48.0751 0884 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\BrFiltUp.sys
19:20:48.0751 0884 BrFiltUp - ok
19:20:48.0891 0884 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
19:20:48.0891 0884 Browser - ok
19:20:48.0938 0884 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
19:20:48.0953 0884 Brserid - ok
19:20:49.0078 0884 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
19:20:49.0078 0884 BrSerWdm - ok
19:20:49.0094 0884 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:20:49.0094 0884 BrUsbMdm - ok
19:20:49.0156 0884 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
19:20:49.0156 0884 BrUsbSer - ok
19:20:49.0203 0884 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\drivers\bthmodem.sys
19:20:49.0203 0884 BTHMODEM - ok
19:20:49.0343 0884 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
19:20:49.0343 0884 bthserv - ok
19:20:49.0406 0884 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
19:20:49.0421 0884 cdfs - ok
19:20:49.0499 0884 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
19:20:49.0499 0884 cdrom - ok
19:20:49.0655 0884 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
19:20:49.0671 0884 CertPropSvc - ok
19:20:49.0702 0884 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\drivers\circlass.sys
19:20:49.0702 0884 circlass - ok
19:20:49.0952 0884 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
19:20:49.0967 0884 CLFS - ok
19:20:50.0357 0884 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:20:50.0357 0884 clr_optimization_v2.0.50727_32 - ok
19:20:50.0373 0884 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\drivers\CmBatt.sys
19:20:50.0373 0884 CmBatt - ok
19:20:50.0373 0884 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
19:20:50.0373 0884 cmdide - ok
19:20:50.0545 0884 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
19:20:50.0576 0884 CNG - ok
19:20:50.0638 0884 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\drivers\compbatt.sys
19:20:50.0638 0884 Compbatt - ok
19:20:50.0716 0884 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\DRIVERS\CompositeBus.sys
19:20:50.0716 0884 CompositeBus - ok
19:20:50.0747 0884 COMSysApp - ok
19:20:50.0825 0884 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\drivers\crcdisk.sys
19:20:50.0825 0884 crcdisk - ok
19:20:50.0997 0884 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll
19:20:51.0028 0884 CryptSvc - ok
19:20:51.0106 0884 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
19:20:51.0137 0884 DcomLaunch - ok
19:20:51.0465 0884 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
19:20:51.0481 0884 defragsvc - ok
19:20:51.0730 0884 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
19:20:51.0746 0884 DfsC - ok
19:20:51.0871 0884 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
19:20:51.0886 0884 Dhcp - ok
19:20:51.0949 0884 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
19:20:51.0949 0884 discache - ok
19:20:52.0073 0884 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\drivers\disk.sys
19:20:52.0073 0884 Disk - ok
19:20:52.0105 0884 Dnscache (2fe30d71919c51131405797620e0a714) C:\Windows\System32\dnsrslvr.dll
19:20:52.0105 0884 Dnscache - ok
19:20:52.0167 0884 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
19:20:52.0167 0884 dot3svc - ok
19:20:52.0370 0884 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
19:20:52.0401 0884 DPS - ok
19:20:52.0495 0884 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
19:20:52.0495 0884 drmkaud - ok
19:20:52.0666 0884 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
19:20:52.0666 0884 DXGKrnl - ok
19:20:52.0713 0884 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
19:20:52.0713 0884 EapHost - ok
19:20:53.0181 0884 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\drivers\evbdx.sys
19:20:53.0306 0884 ebdrv - ok
19:20:54.0039 0884 EFS (f42309c4191c506b71db5d1126d26318) C:\Windows\System32\lsass.exe
19:20:54.0039 0884 EFS - ok
19:20:54.0242 0884 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
19:20:54.0257 0884 ehRecvr - ok
19:20:54.0320 0884 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
19:20:54.0320 0884 ehSched - ok
19:20:54.0632 0884 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\drivers\elxstor.sys
19:20:54.0663 0884 elxstor - ok
19:20:54.0694 0884 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
19:20:54.0694 0884 ErrDev - ok
19:20:54.0866 0884 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
19:20:54.0897 0884 EventSystem - ok
19:20:54.0928 0884 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
19:20:54.0944 0884 exfat - ok
19:20:54.0944 0884 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
19:20:54.0959 0884 fastfat - ok
19:20:55.0708 0884 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
19:20:55.0724 0884 Fax - ok
19:20:55.0802 0884 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\drivers\fdc.sys
19:20:55.0802 0884 fdc - ok
19:20:55.0880 0884 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
19:20:55.0880 0884 fdPHost - ok
19:20:55.0911 0884 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
19:20:55.0942 0884 FDResPub - ok
19:20:55.0958 0884 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
19:20:55.0958 0884 FileInfo - ok
19:20:55.0973 0884 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
19:20:55.0973 0884 Filetrace - ok
19:20:55.0989 0884 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\drivers\flpydisk.sys
19:20:55.0989 0884 flpydisk - ok
19:20:56.0036 0884 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
19:20:56.0036 0884 FltMgr - ok
19:20:56.0285 0884 FontCache (fa6c66e4364d7da57aade5dcc03bb999) C:\Windows\system32\FntCache.dll
19:20:56.0317 0884 FontCache - ok
19:20:56.0551 0884 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:20:56.0551 0884 FontCache3.0.0.0 - ok
19:20:56.0597 0884 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
19:20:56.0613 0884 FsDepends - ok
19:20:56.0660 0884 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
19:20:56.0660 0884 Fs_Rec - ok
19:20:56.0785 0884 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
19:20:56.0785 0884 fvevol - ok
19:20:56.0847 0884 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\drivers\gagp30kx.sys
19:20:56.0847 0884 gagp30kx - ok
19:20:56.0878 0884 gdrv - ok
19:20:57.0065 0884 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
19:20:57.0112 0884 gpsvc - ok
19:20:57.0221 0884 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
19:20:57.0221 0884 hcw85cir - ok
19:20:57.0362 0884 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
19:20:57.0377 0884 HdAudAddService - ok
19:20:57.0455 0884 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:20:57.0455 0884 HDAudBus - ok
19:20:57.0471 0884 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\drivers\HidBatt.sys
19:20:57.0471 0884 HidBatt - ok
19:20:57.0471 0884 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\drivers\hidbth.sys
19:20:57.0471 0884 HidBth - ok
19:20:57.0518 0884 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\drivers\hidir.sys
19:20:57.0533 0884 HidIr - ok
19:20:57.0596 0884 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
19:20:57.0611 0884 hidserv - ok
19:20:57.0674 0884 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
19:20:57.0674 0884 HidUsb - ok
19:20:57.0721 0884 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
19:20:57.0721 0884 hkmsvc - ok
19:20:57.0877 0884 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
19:20:57.0908 0884 HomeGroupListener - ok
19:20:57.0970 0884 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
19:20:57.0970 0884 HomeGroupProvider - ok
19:20:58.0220 0884 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
19:20:58.0220 0884 HpSAMD - ok
19:20:58.0485 0884 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
19:20:58.0516 0884 HTTP - ok
19:20:58.0516 0884 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
19:20:58.0516 0884 hwpolicy - ok
19:20:58.0594 0884 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
19:20:58.0594 0884 i8042prt - ok
19:20:58.0672 0884 iaStorV (a3cae5d281db4cff7cff8233507ee5ad) C:\Windows\system32\drivers\iaStorV.sys
19:20:58.0688 0884 iaStorV - ok
19:20:59.0015 0884 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:20:59.0031 0884 idsvc - ok
19:20:59.0140 0884 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\drivers\iirsp.sys
19:20:59.0140 0884 iirsp - ok
19:20:59.0343 0884 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
19:20:59.0374 0884 IKEEXT - ok
19:20:59.0905 0884 IntcAzAudAddService (da6ee479071883d263e75be7a67a70b8) C:\Windows\system32\drivers\RTKVHDA.sys
19:20:59.0920 0884 IntcAzAudAddService - ok
19:21:01.0106 0884 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
19:21:01.0106 0884 intelide - ok
19:21:01.0262 0884 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\drivers\intelppm.sys
19:21:01.0262 0884 intelppm - ok
19:21:01.0418 0884 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
19:21:01.0418 0884 IPBusEnum - ok
19:21:01.0480 0884 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:21:01.0480 0884 IpFilterDriver - ok
19:21:01.0543 0884 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
19:21:01.0574 0884 iphlpsvc - ok
19:21:01.0667 0884 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
19:21:01.0667 0884 IPMIDRV - ok
19:21:01.0683 0884 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
19:21:01.0683 0884 IPNAT - ok
19:21:01.0761 0884 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
19:21:01.0761 0884 IRENUM - ok
19:21:01.0855 0884 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
19:21:01.0855 0884 isapnp - ok
19:21:01.0886 0884 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
19:21:01.0901 0884 iScsiPrt - ok
19:21:02.0026 0884 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
19:21:02.0026 0884 kbdclass - ok
19:21:02.0151 0884 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
19:21:02.0151 0884 kbdhid - ok
19:21:02.0182 0884 KeyIso (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
19:21:02.0198 0884 KeyIso - ok
19:21:02.0323 0884 KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys
19:21:02.0338 0884 KSecDD - ok
19:21:02.0338 0884 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys
19:21:02.0354 0884 KSecPkg - ok
19:21:02.0510 0884 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
19:21:02.0525 0884 KtmRm - ok
19:21:02.0650 0884 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
19:21:02.0666 0884 LanmanServer - ok
19:21:02.0759 0884 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
19:21:02.0791 0884 LanmanWorkstation - ok
19:21:02.0853 0884 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
19:21:02.0853 0884 lltdio - ok
19:21:02.0947 0884 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
19:21:02.0993 0884 lltdsvc - ok
19:21:03.0025 0884 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
19:21:03.0025 0884 lmhosts - ok
19:21:03.0149 0884 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\drivers\lsi_fc.sys
19:21:03.0149 0884 LSI_FC - ok
19:21:03.0196 0884 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\drivers\lsi_sas.sys
19:21:03.0196 0884 LSI_SAS - ok
19:21:03.0290 0884 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\drivers\lsi_sas2.sys
19:21:03.0290 0884 LSI_SAS2 - ok
19:21:03.0352 0884 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\drivers\lsi_scsi.sys
19:21:03.0352 0884 LSI_SCSI - ok
19:21:03.0446 0884 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
19:21:03.0446 0884 luafv - ok
19:21:03.0617 0884 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\Windows\system32\drivers\mbamswissarmy.sys
19:21:03.0617 0884 MBAMSwissArmy - ok
19:21:03.0711 0884 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
19:21:03.0727 0884 Mcx2Svc - ok
19:21:03.0820 0884 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\drivers\megasas.sys
19:21:03.0820 0884 megasas - ok
19:21:03.0961 0884 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\drivers\MegaSR.sys
19:21:03.0961 0884 MegaSR - ok
19:21:04.0023 0884 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
19:21:04.0023 0884 MMCSS - ok
19:21:04.0039 0884 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
19:21:04.0039 0884 Modem - ok
19:21:04.0070 0884 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
19:21:04.0070 0884 monitor - ok
19:21:04.0070 0884 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
19:21:04.0085 0884 mouclass - ok
19:21:04.0101 0884 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
19:21:04.0101 0884 mouhid - ok
19:21:04.0179 0884 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
19:21:04.0195 0884 mountmgr - ok
19:21:04.0335 0884 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:21:04.0335 0884 MozillaMaintenance - ok
19:21:04.0460 0884 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
19:21:04.0460 0884 mpio - ok
19:21:04.0538 0884 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
19:21:04.0538 0884 mpsdrv - ok
19:21:04.0772 0884 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
19:21:04.0787 0884 MpsSvc - ok
19:21:04.0897 0884 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
19:21:04.0897 0884 MRxDAV - ok
19:21:04.0928 0884 mrxsmb (b272b4c3e085ea860c12f2e4faf2ffa2) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:21:04.0928 0884 mrxsmb - ok
19:21:04.0959 0884 mrxsmb10 (9ac33ef26c8a3ad0f117d00eb7301d03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:21:04.0975 0884 mrxsmb10 - ok
19:21:05.0053 0884 mrxsmb20 (e0abdb5ed7e199e242a7d028e76c1d3a) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:21:05.0053 0884 mrxsmb20 - ok
19:21:05.0068 0884 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
19:21:05.0068 0884 msahci - ok
19:21:05.0162 0884 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
19:21:05.0162 0884 msdsm - ok
19:21:05.0318 0884 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
19:21:05.0318 0884 MSDTC - ok
19:21:05.0333 0884 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
19:21:05.0333 0884 Msfs - ok
19:21:05.0380 0884 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
19:21:05.0396 0884 mshidkmdf - ok
19:21:05.0427 0884 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
19:21:05.0427 0884 msisadrv - ok
19:21:05.0521 0884 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
19:21:05.0552 0884 MSiSCSI - ok
19:21:05.0552 0884 msiserver - ok
19:21:05.0692 0884 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
19:21:05.0692 0884 MSKSSRV - ok
19:21:05.0770 0884 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
19:21:05.0770 0884 MSPCLOCK - ok
19:21:05.0864 0884 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
19:21:05.0864 0884 MSPQM - ok
19:21:06.0269 0884 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
19:21:06.0332 0884 MsRPC - ok
19:21:06.0332 0884 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
19:21:06.0347 0884 mssmbios - ok
19:21:06.0379 0884 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
19:21:06.0379 0884 MSTEE - ok
19:21:06.0379 0884 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\drivers\MTConfig.sys
19:21:06.0379 0884 MTConfig - ok
19:21:06.0472 0884 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
19:21:06.0472 0884 Mup - ok
19:21:06.0535 0884 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
19:21:06.0550 0884 napagent - ok
19:21:06.0597 0884 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
19:21:06.0597 0884 NativeWifiP - ok
19:21:06.0847 0884 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
19:21:06.0878 0884 NDIS - ok
19:21:06.0956 0884 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
19:21:06.0956 0884 NdisCap - ok
19:21:07.0003 0884 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
19:21:07.0003 0884 NdisTapi - ok
19:21:07.0018 0884 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
19:21:07.0018 0884 Ndisuio - ok
19:21:07.0034 0884 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
19:21:07.0034 0884 NdisWan - ok
19:21:07.0065 0884 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
19:21:07.0065 0884 NDProxy - ok
19:21:07.0174 0884 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
19:21:07.0174 0884 NetBIOS - ok
19:21:07.0205 0884 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
19:21:07.0221 0884 NetBT - ok
19:21:07.0377 0884 Netlogon (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
19:21:07.0377 0884 Netlogon - ok
19:21:07.0705 0884 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
19:21:07.0736 0884 Netman - ok
19:21:07.0876 0884 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
19:21:07.0907 0884 netprofm - ok
19:21:08.0079 0884 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:21:08.0079 0884 NetTcpPortSharing - ok
19:21:08.0126 0884 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\drivers\nfrd960.sys
19:21:08.0126 0884 nfrd960 - ok
19:21:08.0375 0884 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
19:21:08.0391 0884 NlaSvc - ok
19:21:08.0407 0884 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
19:21:08.0407 0884 Npfs - ok
19:21:08.0453 0884 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
19:21:08.0469 0884 nsi - ok
19:21:08.0500 0884 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
19:21:08.0500 0884 nsiproxy - ok
19:21:08.0687 0884 Ntfs (33c3093d09017cfe2e219f2472bff6eb) C:\Windows\system32\drivers\Ntfs.sys
19:21:08.0719 0884 Ntfs - ok
19:21:08.0781 0884 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
19:21:08.0781 0884 Null - ok
19:21:08.0968 0884 nvraid (af2eec9580c1d32fb7eaf105d9784061) C:\Windows\system32\drivers\nvraid.sys
19:21:08.0968 0884 nvraid - ok
19:21:08.0984 0884 nvstor (9283c58ebaa2618f93482eb5dabcec82) C:\Windows\system32\drivers\nvstor.sys
19:21:08.0984 0884 nvstor - ok
19:21:09.0015 0884 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
19:21:09.0015 0884 nv_agp - ok
19:21:09.0015 0884 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
19:21:09.0015 0884 ohci1394 - ok
19:21:09.0249 0884 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
19:21:09.0265 0884 p2pimsvc - ok
19:21:09.0311 0884 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
19:21:09.0327 0884 p2psvc - ok
19:21:09.0452 0884 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\drivers\parport.sys
19:21:09.0452 0884 Parport - ok
19:21:09.0592 0884 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
19:21:09.0592 0884 partmgr - ok
19:21:09.0670 0884 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\drivers\parvdm.sys
19:21:09.0670 0884 Parvdm - ok
19:21:09.0779 0884 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
19:21:09.0795 0884 PcaSvc - ok
19:21:09.0904 0884 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
19:21:09.0920 0884 pci - ok
19:21:09.0951 0884 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
19:21:09.0951 0884 pciide - ok
19:21:10.0076 0884 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\drivers\pcmcia.sys
19:21:10.0076 0884 pcmcia - ok
19:21:10.0091 0884 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
19:21:10.0107 0884 pcw - ok
19:21:10.0169 0884 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
19:21:10.0232 0884 PEAUTH - ok
19:21:10.0591 0884 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
19:21:10.0653 0884 pla - ok
19:21:11.0417 0884 PlugPlay (92dc6e68d2c856c5c2f21ae9e22112b8) C:\Windows\system32\umpnpmgr.dll
19:21:11.0433 0884 PlugPlay - ok
19:21:11.0464 0884 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
19:21:11.0480 0884 PNRPAutoReg - ok
19:21:11.0589 0884 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
19:21:11.0589 0884 PNRPsvc - ok
19:21:11.0745 0884 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
19:21:11.0776 0884 PolicyAgent - ok
19:21:11.0901 0884 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
19:21:11.0948 0884 Power - ok
19:21:12.0104 0884 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
19:21:12.0119 0884 PptpMiniport - ok
19:21:12.0151 0884 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\drivers\processr.sys
19:21:12.0151 0884 Processor - ok
19:21:12.0197 0884 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
19:21:12.0229 0884 ProfSvc - ok
19:21:12.0260 0884 ProtectedStorage (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
19:21:12.0260 0884 ProtectedStorage - ok
19:21:12.0322 0884 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
19:21:12.0338 0884 Psched - ok
19:21:12.0525 0884 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\drivers\ql2300.sys
19:21:12.0587 0884 ql2300 - ok
19:21:13.0711 0884 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\drivers\ql40xx.sys
19:21:13.0711 0884 ql40xx - ok
19:21:13.0898 0884 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
19:21:13.0960 0884 QWAVE - ok
19:21:13.0976 0884 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
19:21:13.0991 0884 QWAVEdrv - ok
19:21:13.0991 0884 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
19:21:13.0991 0884 RasAcd - ok
19:21:14.0085 0884 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:21:14.0085 0884 RasAgileVpn - ok
19:21:14.0179 0884 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
19:21:14.0194 0884 RasAuto - ok
19:21:14.0210 0884 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:21:14.0210 0884 Rasl2tp - ok
19:21:14.0475 0884 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
19:21:14.0522 0884 RasMan - ok
19:21:14.0709 0884 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
19:21:14.0709 0884 RasPppoe - ok
19:21:14.0725 0884 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
19:21:14.0740 0884 RasSstp - ok
19:21:14.0740 0884 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
19:21:14.0756 0884 rdbss - ok
19:21:14.0865 0884 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\drivers\rdpbus.sys
19:21:14.0865 0884 rdpbus - ok
19:21:14.0912 0884 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:21:14.0912 0884 RDPCDD - ok
19:21:14.0974 0884 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
19:21:14.0974 0884 RDPENCDD - ok
19:21:15.0005 0884 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
19:21:15.0021 0884 RDPREFMP - ok
19:21:15.0068 0884 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
19:21:15.0083 0884 RDPWD - ok
19:21:15.0177 0884 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
19:21:15.0193 0884 rdyboost - ok
19:21:15.0239 0884 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
19:21:15.0239 0884 RemoteAccess - ok
19:21:15.0333 0884 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
19:21:15.0349 0884 RemoteRegistry - ok
19:21:15.0349 0884 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
19:21:15.0349 0884 RpcEptMapper - ok
19:21:15.0395 0884 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
19:21:15.0395 0884 RpcLocator - ok
19:21:15.0645 0884 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
19:21:15.0661 0884 RpcSs - ok
19:21:15.0832 0884 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
19:21:15.0832 0884 rspndr - ok
19:21:15.0895 0884 RTL8167 (64ca613324d8bd0b278420ed4959afd9) C:\Windows\system32\DRIVERS\Rt86win7.sys
19:21:15.0895 0884 RTL8167 - ok
19:21:16.0035 0884 SamSs (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
19:21:16.0035 0884 SamSs - ok
19:21:16.0097 0884 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
19:21:16.0097 0884 sbp2port - ok
19:21:16.0238 0884 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
19:21:16.0253 0884 SCardSvr - ok
19:21:16.0285 0884 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
19:21:16.0285 0884 scfilter - ok
19:21:16.0378 0884 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
19:21:16.0394 0884 Schedule - ok
19:21:16.0565 0884 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
19:21:16.0565 0884 SCPolicySvc - ok
19:21:16.0612 0884 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
19:21:16.0612 0884 SDRSVC - ok
19:21:16.0659 0884 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
19:21:16.0659 0884 secdrv - ok
19:21:16.0737 0884 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
19:21:16.0737 0884 seclogon - ok
19:21:16.0893 0884 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
19:21:16.0909 0884 SENS - ok
19:21:16.0940 0884 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
19:21:16.0940 0884 SensrSvc - ok
19:21:16.0987 0884 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
19:21:16.0987 0884 Serenum - ok
19:21:17.0033 0884 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
19:21:17.0033 0884 Serial - ok
19:21:17.0080 0884 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\drivers\sermouse.sys
19:21:17.0080 0884 sermouse - ok
19:21:17.0143 0884 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
19:21:17.0189 0884 SessionEnv - ok
19:21:17.0189 0884 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
19:21:17.0189 0884 sffdisk - ok
19:21:17.0205 0884 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
19:21:17.0205 0884 sffp_mmc - ok
19:21:17.0205 0884 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
19:21:17.0221 0884 sffp_sd - ok
19:21:17.0252 0884 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\drivers\sfloppy.sys
19:21:17.0252 0884 sfloppy - ok
19:21:17.0314 0884 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
19:21:17.0330 0884 SharedAccess - ok
19:21:17.0392 0884 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
19:21:17.0408 0884 ShellHWDetection - ok
19:21:17.0439 0884 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
19:21:17.0439 0884 sisagp - ok
19:21:17.0470 0884 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\drivers\SiSRaid2.sys
19:21:17.0470 0884 SiSRaid2 - ok
19:21:17.0486 0884 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\drivers\sisraid4.sys
19:21:17.0486 0884 SiSRaid4 - ok
19:21:17.0845 0884 SkypeUpdate (f07af60b152221472fbdb2fecec4896d) C:\Program Files\Skype\Updater\Updater.exe
19:21:17.0876 0884 SkypeUpdate - ok
19:21:17.0985 0884 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
19:21:18.0001 0884 Smb - ok
19:21:18.0079 0884 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
19:21:18.0094 0884 SNMPTRAP - ok
19:21:18.0203 0884 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
19:21:18.0203 0884 spldr - ok
19:21:18.0547 0884 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
19:21:18.0578 0884 Spooler - ok
19:21:20.0044 0884 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
19:21:20.0185 0884 sppsvc - ok
19:21:20.0933 0884 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
19:21:20.0949 0884 sppuinotify - ok
19:21:21.0167 0884 srv (112127c3b2e64d7680cc39cd0a39dd7e) C:\Windows\system32\DRIVERS\srv.sys
19:21:21.0183 0884 srv - ok
19:21:21.0323 0884 srv2 (e5dd784a4ee5ebc72a86c677c988fcdb) C:\Windows\system32\DRIVERS\srv2.sys
19:21:21.0355 0884 srv2 - ok
19:21:21.0417 0884 srvnet (cdbe627e16cc9e98f343d73f8e81d258) C:\Windows\system32\DRIVERS\srvnet.sys
19:21:21.0417 0884 srvnet - ok
19:21:21.0557 0884 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
19:21:21.0557 0884 SSDPSRV - ok
19:21:21.0620 0884 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
19:21:21.0635 0884 SstpSvc - ok
19:21:21.0760 0884 Steam Client Service - ok
19:21:21.0823 0884 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\drivers\stexstor.sys
19:21:21.0823 0884 stexstor - ok
19:21:22.0088 0884 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
19:21:22.0150 0884 StiSvc - ok
19:21:22.0181 0884 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
19:21:22.0181 0884 swenum - ok
19:21:22.0353 0884 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
19:21:22.0400 0884 swprv - ok
19:21:24.0147 0884 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
19:21:24.0209 0884 SysMain - ok
19:21:24.0459 0884 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
19:21:24.0475 0884 TabletInputService - ok
19:21:24.0662 0884 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
19:21:24.0677 0884 TapiSrv - ok
19:21:24.0755 0884 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
19:21:24.0755 0884 TBS - ok
19:21:25.0520 0884 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
19:21:25.0567 0884 Tcpip - ok
19:21:25.0629 0884 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
19:21:25.0645 0884 TCPIP6 - ok
19:21:25.0691 0884 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
19:21:25.0691 0884 tcpipreg - ok
19:21:25.0738 0884 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
19:21:25.0738 0884 TDPIPE - ok
19:21:25.0769 0884 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
19:21:25.0769 0884 TDTCP - ok
19:21:25.0832 0884 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
19:21:25.0832 0884 tdx - ok
19:21:25.0879 0884 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\DRIVERS\termdd.sys
19:21:25.0879 0884 TermDD - ok
19:21:26.0144 0884 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
19:21:26.0159 0884 TermService - ok
19:21:26.0222 0884 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
19:21:26.0237 0884 Themes - ok
19:21:26.0347 0884 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
19:21:26.0362 0884 THREADORDER - ok
19:21:26.0393 0884 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
19:21:26.0425 0884 TrkWks - ok
19:21:26.0643 0884 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
19:21:26.0643 0884 TrustedInstaller - ok
19:21:26.0721 0884 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:21:26.0721 0884 tssecsrv - ok
19:21:26.0752 0884 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
19:21:26.0768 0884 TsUsbFlt - ok
19:21:26.0799 0884 TsUsbGD (01246f0baad7b68ec0f472aa41e33282) C:\Windows\system32\drivers\TsUsbGD.sys
19:21:26.0799 0884 TsUsbGD - ok
19:21:26.0908 0884 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
19:21:26.0908 0884 tunnel - ok
19:21:26.0955 0884 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\drivers\uagp35.sys
19:21:26.0955 0884 uagp35 - ok
19:21:27.0158 0884 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
19:21:27.0205 0884 udfs - ok
19:21:27.0251 0884 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
19:21:27.0267 0884 UI0Detect - ok
19:21:27.0392 0884 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
19:21:27.0392 0884 uliagpkx - ok
19:21:27.0485 0884 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
19:21:27.0485 0884 umbus - ok
19:21:27.0532 0884 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\drivers\umpass.sys
19:21:27.0532 0884 UmPass - ok
19:21:27.0673 0884 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
19:21:27.0704 0884 upnphost - ok
19:21:27.0860 0884 usbaudio (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
19:21:27.0860 0884 usbaudio - ok
19:21:27.0891 0884 usbccgp (7e72e7d7e0757d59481d530fd2b0bfae) C:\Windows\system32\DRIVERS\usbccgp.sys
19:21:27.0907 0884 usbccgp - ok
19:21:28.0031 0884 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
19:21:28.0031 0884 usbcir - ok
19:21:28.0094 0884 usbehci (cfbce999c057d78979a181c9c60f208e) C:\Windows\system32\DRIVERS\usbehci.sys
19:21:28.0094 0884 usbehci - ok
19:21:28.0219 0884 usbhub (9d22aad9ac6a07c691a1113e5f860868) C:\Windows\system32\DRIVERS\usbhub.sys
19:21:28.0234 0884 usbhub - ok
19:21:28.0234 0884 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
19:21:28.0234 0884 usbohci - ok
19:21:28.0265 0884 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\drivers\usbprint.sys
19:21:28.0265 0884 usbprint - ok
19:21:28.0297 0884 USBSTOR (bf63ebfc6979fefb2bc03df7989a0c1a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:21:28.0297 0884 USBSTOR - ok
19:21:28.0297 0884 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\drivers\usbuhci.sys
19:21:28.0297 0884 usbuhci - ok
19:21:28.0406 0884 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\system32\Drivers\usbvideo.sys
19:21:28.0406 0884 usbvideo - ok
19:21:28.0453 0884 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
19:21:28.0453 0884 UxSms - ok
19:21:28.0500 0884 VaultSvc (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
19:21:28.0500 0884 VaultSvc - ok
19:21:28.0562 0884 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
19:21:28.0562 0884 vdrvroot - ok
19:21:28.0656 0884 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
19:21:28.0671 0884 vds - ok
19:21:28.0687 0884 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
19:21:28.0687 0884 vga - ok
19:21:28.0687 0884 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
19:21:28.0687 0884 VgaSave - ok
19:21:28.0702 0884 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
19:21:28.0702 0884 vhdmp - ok
19:21:28.0718 0884 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
19:21:28.0718 0884 viaagp - ok
19:21:28.0718 0884 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\drivers\viac7.sys
19:21:28.0718 0884 ViaC7 - ok
19:21:28.0780 0884 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
19:21:28.0780 0884 viaide - ok
19:21:28.0936 0884 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
19:21:28.0936 0884 volmgr - ok
19:21:29.0389 0884 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
19:21:29.0436 0884 volmgrx - ok
19:21:29.0670 0884 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
19:21:29.0685 0884 volsnap - ok
19:21:29.0701 0884 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\drivers\vsmraid.sys
19:21:29.0716 0884 vsmraid - ok
19:21:29.0935 0884 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
19:21:30.0294 0884 VSS - ok
19:21:30.0356 0884 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
19:21:30.0356 0884 vwifibus - ok
19:21:30.0559 0884 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
19:21:30.0590 0884 W32Time - ok
19:21:30.0606 0884 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\drivers\wacompen.sys
19:21:30.0606 0884 WacomPen - ok
19:21:30.0637 0884 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
19:21:30.0637 0884 WANARP - ok
19:21:30.0652 0884 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
19:21:30.0652 0884 Wanarpv6 - ok
19:21:30.0777 0884 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
19:21:30.0808 0884 wbengine - ok
19:21:30.0871 0884 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
19:21:30.0902 0884 WbioSrvc - ok
19:21:30.0933 0884 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
19:21:30.0949 0884 wcncsvc - ok
19:21:30.0964 0884 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
19:21:30.0964 0884 WcsPlugInService - ok
19:21:31.0120 0884 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\drivers\wd.sys
19:21:31.0120 0884 Wd - ok
19:21:31.0183 0884 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
19:21:31.0183 0884 Wdf01000 - ok
19:21:31.0276 0884 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
19:21:31.0292 0884 WdiServiceHost - ok
19:21:31.0308 0884 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
19:21:31.0308 0884 WdiSystemHost - ok
19:21:31.0354 0884 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
19:21:31.0354 0884 WebClient - ok
19:21:31.0386 0884 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
19:21:31.0401 0884 Wecsvc - ok
19:21:31.0401 0884 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
19:21:31.0401 0884 wercplsupport - ok
19:21:31.0464 0884 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
19:21:31.0464 0884 WerSvc - ok
19:21:31.0526 0884 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
19:21:31.0526 0884 WfpLwf - ok
19:21:31.0542 0884 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
19:21:31.0542 0884 WIMMount - ok
19:21:31.0713 0884 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
19:21:31.0744 0884 WinDefend - ok
19:21:31.0760 0884 WinHttpAutoProxySvc - ok
19:21:31.0932 0884 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
19:21:31.0932 0884 Winmgmt - ok
19:21:32.0821 0884 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
19:21:32.0899 0884 WinRM - ok
19:21:33.0242 0884 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
19:21:33.0273 0884 Wlansvc - ok
19:21:33.0819 0884 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
19:21:33.0835 0884 WmiAcpi - ok
19:21:34.0334 0884 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
19:21:34.0334 0884 wmiApSrv - ok
19:21:35.0348 0884 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
19:21:35.0395 0884 WMPNetworkSvc - ok
19:21:35.0504 0884 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
19:21:35.0520 0884 WPCSvc - ok
19:21:35.0676 0884 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
19:21:35.0691 0884 WPDBusEnum - ok
19:21:36.0130 0884 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
19:21:36.0130 0884 ws2ifsl - ok
19:21:36.0270 0884 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
19:21:36.0286 0884 wscsvc - ok
19:21:36.0302 0884 WSearch - ok
19:21:36.0676 0884 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
19:21:36.0738 0884 wuauserv - ok
19:21:37.0255 0884 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
19:21:37.0255 0884 WudfPf - ok
19:21:37.0295 0884 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
19:21:37.0305 0884 wudfsvc - ok
19:21:37.0325 0884 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
19:21:37.0345 0884 WwanSvc - ok
19:21:37.0375 0884 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
19:21:38.0055 0884 \Device\Harddisk1\DR1 ( TDSS File System ) - warning
19:21:38.0055 0884 \Device\Harddisk1\DR1 - detected TDSS File System (1)
19:21:38.0055 0884 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
19:21:38.0125 0884 \Device\Harddisk0\DR0 - ok
19:21:38.0495 0884 MBR (0x1B8) (c010951fcc58666b2c6db8c74e524786) \Device\Harddisk2\DR2
19:21:52.0895 0884 \Device\Harddisk2\DR2 - ok
19:21:52.0965 0884 Boot (0x1200) (f28ca80626f51f1310c704b3164c4690) \Device\Harddisk1\DR1\Partition0
19:21:52.0995 0884 \Device\Harddisk1\DR1\Partition0 - ok
19:21:53.0045 0884 Boot (0x1200) (1b96bb0872ce755bd5aaee2304466831) \Device\Harddisk1\DR1\Partition1
19:21:53.0045 0884 \Device\Harddisk1\DR1\Partition1 - ok
19:21:53.0045 0884 Boot (0x1200) (a12fd6d432c005125ae2acc75e52e32d) \Device\Harddisk0\DR0\Partition0
19:21:53.0045 0884 \Device\Harddisk0\DR0\Partition0 - ok
19:21:53.0055 0884 ============================================================
19:21:53.0055 0884 Scan finished
19:21:53.0055 0884 ============================================================
19:21:53.0065 2504 Detected object count: 1
19:21:53.0065 2504 Actual detected object count: 1
19:21:59.0395 2504 \Device\Harddisk1\DR1\TDLFS\ldrm - copied to quarantine
19:21:59.0555 2504 \Device\Harddisk1\DR1\TDLFS\cmd.dll - copied to quarantine
19:21:59.0555 2504 \Device\Harddisk1\DR1\TDLFS\cmd64.dll - copied to quarantine
19:21:59.0585 2504 \Device\Harddisk1\DR1\TDLFS\sub.dll - copied to quarantine
19:21:59.0615 2504 \Device\Harddisk1\DR1\TDLFS\subx.dll - copied to quarantine
19:21:59.0735 2504 \Device\Harddisk1\DR1\TDLFS\drv32 - copied to quarantine
19:21:59.0745 2504 \Device\Harddisk1\DR1\TDLFS\drv64 - copied to quarantine
19:21:59.0745 2504 \Device\Harddisk1\DR1\TDLFS\servers.dat - copied to quarantine
19:21:59.0745 2504 \Device\Harddisk1\DR1\TDLFS\config.ini - copied to quarantine
19:21:59.0745 2504 \Device\Harddisk1\DR1\TDLFS\ldr16 - copied to quarantine
19:21:59.0755 2504 \Device\Harddisk1\DR1\TDLFS\ldr32 - copied to quarantine
19:21:59.0755 2504 \Device\Harddisk1\DR1\TDLFS\ldr64 - copied to quarantine
19:21:59.0755 2504 \Device\Harddisk1\DR1\TDLFS\s - copied to quarantine
19:21:59.0755 2504 \Device\Harddisk1\DR1\TDLFS\u - copied to quarantine
19:21:59.0755 2504 \Device\Harddisk1\DR1\TDLFS - deleted
19:21:59.0755 2504 \Device\Harddisk1\DR1 ( TDSS File System ) - User select action: Delete
19:22:03.0015 1072 Deinitialize success

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:03 PM

Posted 03 August 2012 - 08:26 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

`
Download

adware cleaner

Launch it click on Delete

post the generated log

#7 WinchesterD

WinchesterD
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:03 PM

Posted 05 August 2012 - 12:28 PM

Toolbox

MiniToolBox by Farbar Version: 23-07-2012
Ran by Testtickles (administrator) on 05-08-2012 at 12:27:27
Microsoft Windows 7 Home Premium Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Testtickles-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 50-E5-49-65-2B-D7
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::f534:8ef9:6b9d:3d8b%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.113(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, August 05, 2012 3:09:22 AM
Lease Expires . . . . . . . . . . : Monday, August 06, 2012 6:45:43 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 240182601
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-AA-C1-61-50-E5-49-65-2B-D7
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{0F393576-8D79-4050-8A2E-E460CE55C639}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:1c49:a57:3f57:fe8e(Preferred)
Link-local IPv6 Address . . . . . : fe80::1c49:a57:3f57:fe8e%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: DD-WRT
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4002:802::1001
74.125.139.113
74.125.139.138
74.125.139.139
74.125.139.100
74.125.139.101
74.125.139.102


Pinging google.com [74.125.139.102] with 32 bytes of data:
Reply from 74.125.139.102: bytes=32 time=17ms TTL=48
Reply from 74.125.139.102: bytes=32 time=15ms TTL=48

Ping statistics for 74.125.139.102:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 15ms, Maximum = 17ms, Average = 16ms
Server: DD-WRT
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
209.191.122.70


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=35ms TTL=48
Reply from 209.191.122.70: bytes=32 time=35ms TTL=48

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 35ms, Maximum = 35ms, Average = 35ms
Server: DD-WRT
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=2ms TTL=128
Reply from 127.0.0.1: bytes=32 time=4ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 2ms, Maximum = 4ms, Average = 3ms
===========================================================================
Interface List
11...50 e5 49 65 2b d7 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.113 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.113 276
192.168.1.113 255.255.255.255 On-link 192.168.1.113 276
192.168.1.255 255.255.255.255 On-link 192.168.1.113 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.113 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.113 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 58 ::/0 On-link
1 306 ::1/128 On-link
12 58 2001::/32 On-link
12 306 2001:0:4137:9e76:1c49:a57:3f57:fe8e/128
On-link
11 276 fe80::/64 On-link
12 306 fe80::/64 On-link
12 306 fe80::1c49:a57:3f57:fe8e/128
On-link
11 276 fe80::f534:8ef9:6b9d:3d8b/128
On-link
1 306 ff00::/8 On-link
12 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/05/2012 03:10:53 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/04/2012 07:02:22 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/04/2012 07:30:32 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/03/2012 07:32:25 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/03/2012 07:22:12 PM) (Source: Application Error) (User: )
Description: Faulting application name: Skype.exe, version: 5.10.0.116, time stamp: 0x50001496
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000204
Faulting process id: 0xa34
Faulting application start time: 0xSkype.exe0
Faulting application path: Skype.exe1
Faulting module path: Skype.exe2
Report Id: Skype.exe3

Error: (08/03/2012 06:57:10 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/03/2012 04:59:15 AM) (Source: Application Error) (User: )
Description: Faulting application name: FlashPlayerPlugin_11_3_300_268.exe, version: 11.3.300.268, time stamp: 0x500adb58
Faulting module name: uxtheme.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdb38
Exception code: 0xc0000005
Fault offset: 0x00003137
Faulting process id: 0x814
Faulting application start time: 0xFlashPlayerPlugin_11_3_300_268.exe0
Faulting application path: FlashPlayerPlugin_11_3_300_268.exe1
Faulting module path: FlashPlayerPlugin_11_3_300_268.exe2
Report Id: FlashPlayerPlugin_11_3_300_268.exe3

Error: (08/03/2012 03:14:57 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/03/2012 03:13:11 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: mshtml.dll, version: 8.0.7601.17514, time stamp: 0x4ce7b8f3
Exception code: 0xc0000005
Fault offset: 0x001f9efb
Faulting process id: 0x410
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (08/03/2012 02:32:07 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (08/05/2012 03:20:01 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (08/05/2012 03:09:22 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (08/04/2012 07:11:22 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (08/04/2012 07:00:47 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (08/04/2012 11:28:30 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (08/04/2012 07:40:57 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (08/04/2012 07:29:25 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (08/04/2012 01:50:51 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (08/03/2012 07:31:04 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (08/03/2012 07:21:52 PM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk2\DR2, has a bad block.


Microsoft Office Sessions:
=========================
Error: (08/05/2012 03:10:53 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/04/2012 07:02:22 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/04/2012 07:30:32 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/03/2012 07:32:25 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/03/2012 07:22:12 PM) (Source: Application Error)(User: )
Description: Skype.exe5.10.0.11650001496unknown0.0.0.000000000c000000500000204a3401cd71e469a74a85C:\Program Files\Skype\Phone\Skype.exeunknown32d0f429-dddb-11e1-b346-50e549652bd7

Error: (08/03/2012 06:57:10 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/03/2012 04:59:15 AM) (Source: Application Error)(User: )
Description: FlashPlayerPlugin_11_3_300_268.exe11.3.300.268500adb58uxtheme.dll6.1.7600.163854a5bdb38c00000050000313781401cd715afde73cdfC:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_268.exeC:\Windows\system32\uxtheme.dlla4e2e221-dd62-11e1-a750-50e549652bd7

Error: (08/03/2012 03:14:57 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/03/2012 03:13:11 AM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100mshtml.dll8.0.7601.175144ce7b8f3c0000005001f9efb41001cd715ab15839a2C:\Windows\system32\svchost.exeC:\Windows\System32\mshtml.dlld3a5b2d7-dd53-11e1-a750-50e549652bd7

Error: (08/03/2012 02:32:07 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


=========================== Installed Programs ============================

Adobe Flash Player 11 Plugin (Version: 11.3.300.268)
AMD Accelerated Video Transcoding (Version: 2.00.0002)
AMD APP SDK Runtime (Version: 10.0.938.1)
AMD Catalyst Install Manager (Version: 8.0.881.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2012.0611.1251.21046)
AMD Media Foundation Decoders (Version: 1.0.70611.1329)
AMD VISION Engine Control Center (Version: 2012.0611.1251.21046)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2012.0611.1251.21046)
Catalyst Control Center InstallProxy (Version: 2012.0611.1251.21046)
Catalyst Control Center Localization All (Version: 2012.0611.1251.21046)
ccc-utility (Version: 2012.0611.1251.21046)
CCC Help Chinese Standard (Version: 2012.0611.1250.21046)
CCC Help Chinese Traditional (Version: 2012.0611.1250.21046)
CCC Help Czech (Version: 2012.0611.1250.21046)
CCC Help Danish (Version: 2012.0611.1250.21046)
CCC Help Dutch (Version: 2012.0611.1250.21046)
CCC Help English (Version: 2012.0611.1250.21046)
CCC Help Finnish (Version: 2012.0611.1250.21046)
CCC Help French (Version: 2012.0611.1250.21046)
CCC Help German (Version: 2012.0611.1250.21046)
CCC Help Greek (Version: 2012.0611.1250.21046)
CCC Help Hungarian (Version: 2012.0611.1250.21046)
CCC Help Italian (Version: 2012.0611.1250.21046)
CCC Help Japanese (Version: 2012.0611.1250.21046)
CCC Help Korean (Version: 2012.0611.1250.21046)
CCC Help Norwegian (Version: 2012.0611.1250.21046)
CCC Help Polish (Version: 2012.0611.1250.21046)
CCC Help Portuguese (Version: 2012.0611.1250.21046)
CCC Help Russian (Version: 2012.0611.1250.21046)
CCC Help Spanish (Version: 2012.0611.1250.21046)
CCC Help Swedish (Version: 2012.0611.1250.21046)
CCC Help Thai (Version: 2012.0611.1250.21046)
CCC Help Turkish (Version: 2012.0611.1250.21046)
ESET Online Scanner v3
Fallout 3 - Game of the Year Edition
Java Auto Updater (Version: 2.1.6.0)
Java™ 7 Update 5 (Version: 7.0.50)
JavaFX 2.1.1 (Version: 2.1.1)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
Realtek Ethernet Controller Driver (Version: 7.38.113.2011)
Realtek High Definition Audio Driver (Version: 6.0.1.6235)
Skype™ 5.10 (Version: 5.10.116)
Steam (Version: 1.0.0.0)

========================= Memory info: ===================================

Percentage of memory in use: 27%
Total physical RAM: 3325.55 MB
Available physical RAM: 2397.84 MB
Total Pagefile: 6649.39 MB
Available Pagefile: 5263.79 MB
Total Virtual: 2047.88 MB
Available Virtual: 1935.22 MB

========================= Partitions: =====================================

1 Drive c: (HP_PAVILION) (Fixed) (Total:224.04 GB) (Free:58.94 GB) NTFS
2 Drive d: (New Volume) (Fixed) (Total:931.51 GB) (Free:657.72 GB) NTFS
3 Drive e: (HP_RECOVERY) (Fixed) (Total:8.82 GB) (Free:1.24 GB) FAT32
4 Drive g: () (Fixed) (Total:298.05 GB) (Free:159.73 GB) FAT32

========================= Users: ========================================

User accounts for \\TESTTICKLES-PC

Administrator Guest Testtickles


**** End of log ****


FSS
Farbar Service Scanner Version: 04-08-2012 01
Ran by Testtickles (administrator) on 05-08-2012 at 12:27:37
Running from "C:\Users\Testtickles\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is set to Disabled
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

Adware cleaner

# AdwCleaner v1.800 - Logfile created 08/05/2012 at 03:07:00
# Updated 01/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)
# User : Testtickles - TESTTICKLES-PC
# Running from : C:\Users\Testtickles\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Registre - GUID] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Users\Testtickles\AppData\Roaming\Mozilla\Firefox\Profiles\4tugoxxz.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [733 octets] - [05/08/2012 03:07:00]

########## EOF - C:\AdwCleaner[S1].txt - [860 octets] ##########

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:03 PM

Posted 05 August 2012 - 12:37 PM

Malwarebytes log?

#9 WinchesterD

WinchesterD
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:03 PM

Posted 05 August 2012 - 01:26 PM

I found it.


Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.04.03

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Testtickles :: TESTTICKLES-PC [administrator]

Protection: Enabled

8/4/2012 8:11:54 PM
mbam-log-2012-08-04 (20-11-54).txt

Scan type: Full scan (C:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 888490
Time elapsed: 5 hour(s), 22 minute(s), 47 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Edited by WinchesterD, 05 August 2012 - 01:32 PM.


#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:03 PM

Posted 05 August 2012 - 01:56 PM

That looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users