Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

svchost.exe Trojan Agent


  • Please log in to reply
15 replies to this topic

#1 Virgorival

Virgorival

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:04:07 PM

Posted 14 August 2012 - 11:55 PM

maybe 3rd times the charm

I keep getting this Trojan popping up on me

I do alot of over night rendering so I don't acutally often shut off my computer as often as I Should
So far I noticed it will sometimes Restart my computer on its own, or it seems anyways. But when I do, it seemes ever other time I get a BSoD and restart it in safe mode to run Malware to catch it again

and again and again, so this time I'd like to kill this thing and not get it back
Last Malware scan did pick up a rootkit 0Access, which I think was creating a Google redirect

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:07 PM

Posted 15 August 2012 - 02:37 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Virgorival

Virgorival
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:04:07 PM

Posted 15 August 2012 - 02:49 AM

02:46:08.0635 10824 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05
02:46:09.0056 10824 ============================================================
02:46:09.0056 10824 Current date / time: 2012/08/15 02:46:09.0056
02:46:09.0056 10824 SystemInfo:
02:46:09.0056 10824
02:46:09.0056 10824 OS Version: 6.1.7601 ServicePack: 1.0
02:46:09.0056 10824 Product type: Workstation
02:46:09.0056 10824 ComputerName: PATCHOULI
02:46:09.0056 10824 UserName: Rival
02:46:09.0056 10824 Windows directory: C:\Windows
02:46:09.0056 10824 System windows directory: C:\Windows
02:46:09.0056 10824 Running under WOW64
02:46:09.0056 10824 Processor architecture: Intel x64
02:46:09.0056 10824 Number of processors: 6
02:46:09.0056 10824 Page size: 0x1000
02:46:09.0056 10824 Boot type: Normal boot
02:46:09.0056 10824 ============================================================
02:46:09.0896 10824 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
02:46:09.0899 10824 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
02:46:16.0994 10824 ============================================================
02:46:16.0994 10824 \Device\Harddisk0\DR0:
02:46:16.0994 10824 MBR partitions:
02:46:16.0994 10824 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1394800, BlocksNum 0x73371800
02:46:16.0994 10824 \Device\Harddisk1\DR1:
02:46:16.0995 10824 MBR partitions:
02:46:16.0995 10824 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
02:46:16.0995 10824 ============================================================
02:46:17.0021 10824 C: <-> \Device\Harddisk0\DR0\Partition1
02:46:17.0055 10824 F: <-> \Device\Harddisk1\DR1\Partition1
02:46:17.0055 10824 ============================================================
02:46:17.0055 10824 Initialize success
02:46:17.0055 10824 ============================================================
02:46:28.0443 9648 ============================================================
02:46:28.0443 9648 Scan started
02:46:28.0443 9648 Mode: Manual;
02:46:28.0443 9648 ============================================================
02:46:34.0356 9648 ================ Scan services =============================
02:46:34.0415 9648 [ 7d9d615201a483d6fa99491c2e655a5a ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
02:46:34.0416 9648 !SASCORE - ok
02:46:34.0552 9648 [ a87d604aea360176311474c87a63bb88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
02:46:34.0554 9648 1394ohci - ok
02:46:34.0575 9648 [ d81d9e70b8a6dd14d42d7b4efa65d5f2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
02:46:34.0578 9648 ACPI - ok
02:46:34.0586 9648 [ 99f8e788246d495ce3794d7e7821d2ca ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
02:46:34.0587 9648 AcpiPmi - ok
02:46:34.0650 9648 [ 62b7936f9036dd6ed36e6a7efa805dc0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
02:46:34.0651 9648 AdobeARMservice - ok
02:46:34.0741 9648 [ f19c98ad81d2c0e1bbfd8153d2c80ee8 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
02:46:34.0742 9648 AdobeFlashPlayerUpdateSvc - ok
02:46:34.0773 9648 [ 2f6b34b83843f0c5118b63ac634f5bf4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
02:46:34.0777 9648 adp94xx - ok
02:46:34.0784 9648 [ 597f78224ee9224ea1a13d6350ced962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
02:46:34.0787 9648 adpahci - ok
02:46:34.0798 9648 [ e109549c90f62fb570b9540c4b148e54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
02:46:34.0820 9648 adpu320 - ok
02:46:34.0845 9648 [ 4b78b431f225fd8624c5655cb1de7b61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
02:46:34.0845 9648 AeLookupSvc - ok
02:46:34.0913 9648 [ 1c7857b62de5994a75b054a9fd4c3825 ] AFD C:\Windows\system32\drivers\afd.sys
02:46:34.0918 9648 AFD - ok
02:46:34.0933 9648 [ 608c14dba7299d8cb6ed035a68a15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
02:46:34.0935 9648 agp440 - ok
02:46:34.0952 9648 [ 4b4c16b50fdcd6b5cd21721eda2ed54c ] ahcix64s C:\Windows\system32\DRIVERS\ahcix64s.sys
02:46:34.0954 9648 ahcix64s - ok
02:46:34.0969 9648 [ 3290d6946b5e30e70414990574883ddb ] ALG C:\Windows\System32\alg.exe
02:46:34.0972 9648 ALG - ok
02:46:34.0985 9648 [ 5812713a477a3ad7363c7438ca2ee038 ] aliide C:\Windows\system32\drivers\aliide.sys
02:46:34.0987 9648 aliide - ok
02:46:35.0017 9648 [ 9c616ba191b80f5cd1a1b9553e107100 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
02:46:35.0020 9648 AMD External Events Utility - ok
02:46:35.0065 9648 AMD FUEL Service - ok
02:46:35.0072 9648 [ 1ff8b4431c353ce385c875f194924c0c ] amdide C:\Windows\system32\drivers\amdide.sys
02:46:35.0073 9648 amdide - ok
02:46:35.0105 9648 [ 6a2eeb0c4133b20773bb3dd0b7b377b4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
02:46:35.0106 9648 amdiox64 - ok
02:46:35.0118 9648 [ 7024f087cff1833a806193ef9d22cda9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
02:46:35.0119 9648 AmdK8 - ok
02:46:35.0273 9648 [ 5165e83751b8ff40e5e4925996fcc506 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
02:46:35.0410 9648 amdkmdag - ok
02:46:35.0441 9648 [ 86ab3cf484260c4318f3a6e8b035f422 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
02:46:35.0443 9648 amdkmdap - ok
02:46:35.0462 9648 [ 1e56388b3fe0d031c44144eb8c4d6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
02:46:35.0463 9648 AmdPPM - ok
02:46:35.0477 9648 [ d4121ae6d0c0e7e13aa221aa57ef2d49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
02:46:35.0479 9648 amdsata - ok
02:46:35.0488 9648 [ f67f933e79241ed32ff46a4f29b5120b ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
02:46:35.0490 9648 amdsbs - ok
02:46:35.0505 9648 [ 540daf1cea6094886d72126fd7c33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
02:46:35.0506 9648 amdxata - ok
02:46:35.0530 9648 [ 5b25d1a753cc3a3edb909bb759ac1098 ] AODDriver4.1 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
02:46:35.0531 9648 AODDriver4.1 - ok
02:46:35.0565 9648 [ 89a69c3f2f319b43379399547526d952 ] AppID C:\Windows\system32\drivers\appid.sys
02:46:35.0567 9648 AppID - ok
02:46:35.0591 9648 [ 0bc381a15355a3982216f7172f545de1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
02:46:35.0593 9648 AppIDSvc - ok
02:46:35.0621 9648 [ 3977d4a871ca0d4f2ed1e7db46829731 ] Appinfo C:\Windows\System32\appinfo.dll
02:46:35.0622 9648 Appinfo - ok
02:46:35.0639 9648 [ c484f8ceb1717c540242531db7845c4e ] arc C:\Windows\system32\DRIVERS\arc.sys
02:46:35.0641 9648 arc - ok
02:46:35.0664 9648 [ 019af6924aefe7839f61c830227fe79c ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
02:46:35.0666 9648 arcsas - ok
02:46:35.0695 9648 [ edaa17ce771c696655b6585f7cad2100 ] ASInsHelp C:\Windows\SysWow64\drivers\AsInsHelp64.sys
02:46:35.0695 9648 ASInsHelp - ok
02:46:35.0706 9648 [ fef9dd9ea587f8886ade43c1befbdafe ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
02:46:35.0707 9648 AsIO - ok
02:46:35.0712 9648 [ 26d66e32e78d3059715b3a17bc679cd9 ] AsUpIO C:\Windows\syswow64\drivers\AsUpIO.sys
02:46:35.0712 9648 AsUpIO - ok
02:46:35.0736 9648 [ 769765ce2cc62867468cea93969b2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
02:46:35.0737 9648 AsyncMac - ok
02:46:35.0747 9648 [ 02062c0b390b7729edc9e69c680a6f3c ] atapi C:\Windows\system32\drivers\atapi.sys
02:46:35.0748 9648 atapi - ok
02:46:35.0788 9648 [ 24464b908e143d2561e9e452fee97309 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
02:46:35.0788 9648 AtiHDAudioService - ok
02:46:35.0802 9648 [ 77c149e6d702737b2e372dee166faef8 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
02:46:35.0804 9648 AtiHdmiService - ok
02:46:35.0972 9648 [ 5165e83751b8ff40e5e4925996fcc506 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
02:46:36.0019 9648 atikmdag - ok
02:46:36.0037 9648 [ 7c5d273e29dcc5505469b299c6f29163 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
02:46:36.0037 9648 AtiPcie - ok
02:46:36.0078 9648 [ f23fef6d569fce88671949894a8becf1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
02:46:36.0082 9648 AudioEndpointBuilder - ok
02:46:36.0091 9648 [ f23fef6d569fce88671949894a8becf1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
02:46:36.0094 9648 AudioSrv - ok
02:46:36.0127 9648 [ a6bf31a71b409dfa8cac83159e1e2aff ] AxInstSV C:\Windows\System32\AxInstSV.dll
02:46:36.0129 9648 AxInstSV - ok
02:46:36.0152 9648 [ 3e5b191307609f7514148c6832bb0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
02:46:36.0157 9648 b06bdrv - ok
02:46:36.0167 9648 [ b5ace6968304a3900eeb1ebfd9622df2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
02:46:36.0169 9648 b57nd60a - ok
02:46:36.0202 9648 [ fde360167101b4e45a96f939f388aeb0 ] BDESVC C:\Windows\System32\bdesvc.dll
02:46:36.0204 9648 BDESVC - ok
02:46:36.0217 9648 [ 16a47ce2decc9b099349a5f840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
02:46:36.0219 9648 Beep - ok
02:46:36.0233 9648 [ 61583ee3c3a17003c4acd0475646b4d3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
02:46:36.0234 9648 blbdrive - ok
02:46:36.0251 9648 [ 6c02a83164f5cc0a262f4199f0871cf5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
02:46:36.0253 9648 bowser - ok
02:46:36.0270 9648 [ f09eee9edc320b5e1501f749fde686c8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
02:46:36.0271 9648 BrFiltLo - ok
02:46:36.0284 9648 [ b114d3098e9bdb8bea8b053685831be6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
02:46:36.0285 9648 BrFiltUp - ok
02:46:36.0299 9648 [ 5c2f352a4e961d72518261257aae204b ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
02:46:36.0301 9648 BridgeMP - ok
02:46:36.0334 9648 [ 8ef0d5c41ec907751b8429162b1239ed ] Browser C:\Windows\System32\browser.dll
02:46:36.0334 9648 Browser - ok
02:46:36.0347 9648 [ 43bea8d483bf1870f018e2d02e06a5bd ] Brserid C:\Windows\System32\Drivers\Brserid.sys
02:46:36.0350 9648 Brserid - ok
02:46:36.0364 9648 [ a6eca2151b08a09caceca35c07f05b42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
02:46:36.0365 9648 BrSerWdm - ok
02:46:36.0371 9648 [ b79968002c277e869cf38bd22cd61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
02:46:36.0372 9648 BrUsbMdm - ok
02:46:36.0378 9648 [ a87528880231c54e75ea7a44943b38bf ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
02:46:36.0378 9648 BrUsbSer - ok
02:46:36.0393 9648 [ 9da669f11d1f894ab4eb69bf546a42e8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
02:46:36.0394 9648 BTHMODEM - ok
02:46:36.0414 9648 [ 95f9c2976059462cbbf227f7aab10de9 ] bthserv C:\Windows\system32\bthserv.dll
02:46:36.0416 9648 bthserv - ok
02:46:36.0530 9648 catchme - ok
02:46:36.0553 9648 [ b8bd2bb284668c84865658c77574381a ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
02:46:36.0555 9648 cdfs - ok
02:46:36.0589 9648 [ f036ce71586e93d94dab220d7bdf4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
02:46:36.0591 9648 cdrom - ok
02:46:36.0622 9648 [ f17d1d393bbc69c5322fbfafaca28c7f ] CertPropSvc C:\Windows\System32\certprop.dll
02:46:36.0624 9648 CertPropSvc - ok
02:46:36.0640 9648 [ d7cd5c4e1b71fa62050515314cfb52cf ] circlass C:\Windows\system32\DRIVERS\circlass.sys
02:46:36.0642 9648 circlass - ok
02:46:36.0663 9648 [ fe1ec06f2253f691fe36217c592a0206 ] CLFS C:\Windows\system32\CLFS.sys
02:46:36.0667 9648 CLFS - ok
02:46:36.0703 9648 [ d88040f816fda31c3b466f0fa0918f29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
02:46:36.0705 9648 clr_optimization_v2.0.50727_32 - ok
02:46:36.0752 9648 [ d1ceea2b47cb998321c579651ce3e4f8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
02:46:36.0753 9648 clr_optimization_v2.0.50727_64 - ok
02:46:36.0800 9648 [ c5a75eb48e2344abdc162bda79e16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
02:46:36.0804 9648 clr_optimization_v4.0.30319_32 - ok
02:46:36.0825 9648 [ c6f9af94dcd58122a4d7e89db6bed29d ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
02:46:36.0827 9648 clr_optimization_v4.0.30319_64 - ok
02:46:36.0839 9648 [ 0840155d0bddf1190f84a663c284bd33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
02:46:36.0842 9648 CmBatt - ok
02:46:36.0860 9648 [ e19d3f095812725d88f9001985b94edd ] cmdide C:\Windows\system32\drivers\cmdide.sys
02:46:36.0862 9648 cmdide - ok
02:46:36.0894 9648 [ 9ac4f97c2d3e93367e2148ea940cd2cd ] CNG C:\Windows\system32\Drivers\cng.sys
02:46:36.0899 9648 CNG - ok
02:46:36.0917 9648 [ 102de219c3f61415f964c88e9085ad14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
02:46:36.0928 9648 Compbatt - ok
02:46:36.0953 9648 [ 03edb043586cceba243d689bdda370a8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
02:46:36.0955 9648 CompositeBus - ok
02:46:36.0959 9648 COMSysApp - ok
02:46:36.0994 9648 cpuz135 - ok
02:46:36.0999 9648 [ 1c827878a998c18847245fe1f34ee597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
02:46:36.0999 9648 crcdisk - ok
02:46:37.0047 9648 [ 4f5414602e2544a4554d95517948b705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
02:46:37.0048 9648 CryptSvc - ok
02:46:37.0083 9648 [ 958ef96991abccfdac0953c4a24081dc ] DAZContentManagementService C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe
02:46:37.0085 9648 DAZContentManagementService - ok
02:46:37.0129 9648 [ 5c627d1b1138676c0a7ab2c2c190d123 ] DcomLaunch C:\Windows\system32\rpcss.dll
02:46:37.0132 9648 DcomLaunch - ok
02:46:37.0155 9648 [ 3cec7631a84943677aa8fa8ee5b6b43d ] defragsvc C:\Windows\System32\defragsvc.dll
02:46:37.0158 9648 defragsvc - ok
02:46:37.0185 9648 [ 0a403702cb00432ac818523cd416bf67 ] Device Handle Service C:\Windows\SysWOW64\AsHookDevice.exe
02:46:37.0186 9648 Device Handle Service - ok
02:46:37.0222 9648 [ 9bb2ef44eaa163b29c4a4587887a0fe4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
02:46:37.0225 9648 DfsC - ok
02:46:37.0263 9648 [ 43d808f5d9e1a18e5eeb5ebc83969e4e ] Dhcp C:\Windows\system32\dhcpcore.dll
02:46:37.0265 9648 Dhcp - ok
02:46:37.0276 9648 [ 13096b05847ec78f0977f2c0f79e9ab3 ] discache C:\Windows\system32\drivers\discache.sys
02:46:37.0276 9648 discache - ok
02:46:37.0304 9648 [ 9819eee8b5ea3784ec4af3b137a5244c ] Disk C:\Windows\system32\DRIVERS\disk.sys
02:46:37.0305 9648 Disk - ok
02:46:37.0333 9648 [ 16835866aaa693c7d7fceba8fff706e4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
02:46:37.0335 9648 Dnscache - ok
02:46:37.0375 9648 [ b1fb3ddca0fdf408750d5843591afbc6 ] dot3svc C:\Windows\System32\dot3svc.dll
02:46:37.0378 9648 dot3svc - ok
02:46:37.0394 9648 [ b26f4f737e8f9df4f31af6cf31d05820 ] DPS C:\Windows\system32\dps.dll
02:46:37.0395 9648 DPS - ok
02:46:37.0414 9648 [ 9b19f34400d24df84c858a421c205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
02:46:37.0415 9648 drmkaud - ok
02:46:37.0455 9648 [ f5bee30450e18e6b83a5012c100616fd ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
02:46:37.0460 9648 DXGKrnl - ok
02:46:37.0482 9648 [ e2dda8726da9cb5b2c4000c9018a9633 ] EapHost C:\Windows\System32\eapsvc.dll
02:46:37.0484 9648 EapHost - ok
02:46:37.0532 9648 [ dc5d737f51be844d8c82c695eb17372f ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
02:46:37.0576 9648 ebdrv - ok
02:46:37.0611 9648 [ c118a82cd78818c29ab228366ebf81c3 ] EFS C:\Windows\System32\lsass.exe
02:46:37.0611 9648 EFS - ok
02:46:37.0645 9648 [ c4002b6b41975f057d98c439030cea07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
02:46:37.0652 9648 ehRecvr - ok
02:46:37.0670 9648 [ 4705e8ef9934482c5bb488ce28afc681 ] ehSched C:\Windows\ehome\ehsched.exe
02:46:37.0673 9648 ehSched - ok
02:46:37.0689 9648 [ 0e5da5369a0fcaea12456dd852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
02:46:37.0694 9648 elxstor - ok
02:46:37.0724 9648 [ 34a3c54752046e79a126e15c51db409b ] ErrDev C:\Windows\system32\drivers\errdev.sys
02:46:37.0726 9648 ErrDev - ok
02:46:37.0746 9648 [ 4166f82be4d24938977dd1746be9b8a0 ] EventSystem C:\Windows\system32\es.dll
02:46:37.0748 9648 EventSystem - ok
02:46:37.0760 9648 [ a510c654ec00c1e9bdd91eeb3a59823b ] exfat C:\Windows\system32\drivers\exfat.sys
02:46:37.0762 9648 exfat - ok
02:46:37.0777 9648 [ 0adc83218b66a6db380c330836f3e36d ] fastfat C:\Windows\system32\drivers\fastfat.sys
02:46:37.0780 9648 fastfat - ok
02:46:37.0816 9648 [ dbefd454f8318a0ef691fdd2eaab44eb ] Fax C:\Windows\system32\fxssvc.exe
02:46:37.0823 9648 Fax - ok
02:46:37.0837 9648 [ d765d19cd8ef61f650c384f62fac00ab ] fdc C:\Windows\system32\DRIVERS\fdc.sys
02:46:37.0839 9648 fdc - ok
02:46:37.0859 9648 [ 0438cab2e03f4fb61455a7956026fe86 ] fdPHost C:\Windows\system32\fdPHost.dll
02:46:37.0861 9648 fdPHost - ok
02:46:37.0874 9648 [ 802496cb59a30349f9a6dd22d6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
02:46:37.0876 9648 FDResPub - ok
02:46:37.0885 9648 [ 655661be46b5f5f3fd454e2c3095b930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
02:46:37.0887 9648 FileInfo - ok
02:46:37.0895 9648 [ 5f671ab5bc87eea04ec38a6cd5962a47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
02:46:37.0897 9648 Filetrace - ok
02:46:37.0904 9648 [ c172a0f53008eaeb8ea33fe10e177af5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
02:46:37.0906 9648 flpydisk - ok
02:46:37.0956 9648 [ da6b67270fd9db3697b20fce94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
02:46:37.0959 9648 FltMgr - ok
02:46:38.0002 9648 [ 5c4cb4086fb83115b153e47add961a0c ] FontCache C:\Windows\system32\FntCache.dll
02:46:38.0020 9648 FontCache - ok
02:46:38.0074 9648 [ a8b7f3818ab65695e3a0bb3279f6dce6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
02:46:38.0075 9648 FontCache3.0.0.0 - ok
02:46:38.0079 9648 [ d43703496149971890703b4b1b723eac ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
02:46:38.0080 9648 FsDepends - ok
02:46:38.0102 9648 [ 07da62c960ddccc2d35836aeab4fc578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
02:46:38.0104 9648 fssfltr - ok
02:46:38.0179 9648 [ 28ddeeec44e988657b732cf404d504cb ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
02:46:38.0205 9648 fsssvc - ok
02:46:38.0240 9648 [ 6bd9295cc032dd3077c671fccf579a7b ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
02:46:38.0241 9648 Fs_Rec - ok
02:46:38.0321 9648 [ ae6f0a6562d3eccd613de1fd8612ac4e ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
02:46:38.0324 9648 Futuremark SystemInfo Service - ok
02:46:38.0365 9648 [ 1f7b25b858fa27015169fe95e54108ed ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
02:46:38.0368 9648 fvevol - ok
02:46:38.0381 9648 [ 8c778d335c9d272cfd3298ab02abe3b6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
02:46:38.0383 9648 gagp30kx - ok
02:46:38.0419 9648 [ 277bbc7e1aa1ee957f573a10eca7ef3a ] gpsvc C:\Windows\System32\gpsvc.dll
02:46:38.0426 9648 gpsvc - ok
02:46:38.0508 9648 [ f02a533f517eb38333cb12a9e8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
02:46:38.0510 9648 gupdate - ok
02:46:38.0525 9648 [ f02a533f517eb38333cb12a9e8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
02:46:38.0526 9648 gupdatem - ok
02:46:38.0576 9648 [ cc839e8d766cc31a7710c9f38cf3e375 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
02:46:38.0578 9648 gusvc - ok
02:46:38.0589 9648 [ f2523ef6460fc42405b12248338ab2f0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
02:46:38.0591 9648 hcw85cir - ok
02:46:38.0645 9648 [ 975761c778e33cd22498059b91e7373a ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
02:46:38.0648 9648 HdAudAddService - ok
02:46:38.0675 9648 [ 97bfed39b6b79eb12cddbfeed51f56bb ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
02:46:38.0678 9648 HDAudBus - ok
02:46:38.0698 9648 [ 78e86380454a7b10a5eb255dc44a355f ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
02:46:38.0699 9648 HidBatt - ok
02:46:38.0710 9648 [ 7fd2a313f7afe5c4dab14798c48dd104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
02:46:38.0712 9648 HidBth - ok
02:46:38.0722 9648 [ 0a77d29f311b88cfae3b13f9c1a73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
02:46:38.0724 9648 HidIr - ok
02:46:38.0736 9648 [ bd9eb3958f213f96b97b1d897dee006d ] hidserv C:\Windows\System32\hidserv.dll
02:46:38.0739 9648 hidserv - ok
02:46:38.0751 9648 [ 9592090a7e2b61cd582b612b6df70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
02:46:38.0752 9648 HidUsb - ok
02:46:38.0781 9648 [ 387e72e739e15e3d37907a86d9ff98e2 ] hkmsvc C:\Windows\system32\kmsvc.dll
02:46:38.0783 9648 hkmsvc - ok
02:46:38.0816 9648 [ efdfb3dd38a4376f93e7985173813abd ] HomeGroupListener C:\Windows\system32\ListSvc.dll
02:46:38.0822 9648 HomeGroupListener - ok
02:46:38.0892 9648 [ 908acb1f594274965a53926b10c81e89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
02:46:38.0912 9648 HomeGroupProvider - ok
02:46:38.0976 9648 [ 39d2abcd392f3d8a6dce7b60ae7b8efc ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
02:46:38.0978 9648 HpSAMD - ok
02:46:38.0999 9648 [ 0ea7de1acb728dd5a369fd742d6eee28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
02:46:39.0006 9648 HTTP - ok
02:46:39.0021 9648 [ a5462bd6884960c9dc85ed49d34ff392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
02:46:39.0021 9648 hwpolicy - ok
02:46:39.0050 9648 [ fa55c73d4affa7ee23ac4be53b4592d3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
02:46:39.0052 9648 i8042prt - ok
02:46:39.0377 9648 [ aaaf44db3bd0b9d1fb6969b23ecc8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
02:46:39.0382 9648 iaStorV - ok
02:46:39.0433 9648 [ 5988fc40f8db5b0739cd1e3a5d0d78bd ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
02:46:39.0441 9648 idsvc - ok
02:46:39.0530 9648 [ a87261ef1546325b559374f5689cf5bc ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
02:46:39.0609 9648 igfx - ok
02:46:39.0623 9648 [ 5c18831c61933628f5bb0ea2675b9d21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
02:46:39.0624 9648 iirsp - ok
02:46:39.0642 9648 [ fcd84c381e0140af901e58d48882d26b ] IKEEXT C:\Windows\System32\ikeext.dll
02:46:39.0650 9648 IKEEXT - ok
02:46:39.0673 9648 [ f00f20e70c6ec3aa366910083a0518aa ] intelide C:\Windows\system32\drivers\intelide.sys
02:46:39.0674 9648 intelide - ok
02:46:39.0682 9648 [ ada036632c664caa754079041cf1f8c1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
02:46:39.0684 9648 intelppm - ok
02:46:39.0707 9648 [ 098a91c54546a3b878dad6a7e90a455b ] IPBusEnum C:\Windows\system32\ipbusenum.dll
02:46:39.0709 9648 IPBusEnum - ok
02:46:39.0726 9648 [ c9f0e1bd74365a8771590e9008d22ab6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
02:46:39.0727 9648 IpFilterDriver - ok
02:46:39.0742 9648 [ 0fc1aea580957aa8817b8f305d18ca3a ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
02:46:39.0743 9648 IPMIDRV - ok
02:46:39.0752 9648 [ af9b39a7e7b6caa203b3862582e9f2d0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
02:46:39.0753 9648 IPNAT - ok
02:46:39.0762 9648 [ 3abf5e7213eb28966d55d58b515d5ce9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
02:46:39.0763 9648 IRENUM - ok
02:46:39.0776 9648 [ 2f7b28dc3e1183e5eb418df55c204f38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
02:46:39.0777 9648 isapnp - ok
02:46:39.0792 9648 [ d931d7309deb2317035b07c9f9e6b0bd ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
02:46:39.0795 9648 iScsiPrt - ok
02:46:39.0817 9648 [ bc02336f1cba7dcc7d1213bb588a68a5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
02:46:39.0817 9648 kbdclass - ok
02:46:39.0836 9648 [ 0705eff5b42a9db58548eec3b26bb484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
02:46:39.0837 9648 kbdhid - ok
02:46:39.0850 9648 [ c118a82cd78818c29ab228366ebf81c3 ] KeyIso C:\Windows\system32\lsass.exe
02:46:39.0850 9648 KeyIso - ok
02:46:39.0880 9648 [ 97a7070aea4c058b6418519e869a63b4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
02:46:39.0882 9648 KSecDD - ok
02:46:39.0900 9648 [ 26c43a7c2862447ec59deda188d1da07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
02:46:39.0901 9648 KSecPkg - ok
02:46:39.0918 9648 [ 6869281e78cb31a43e969f06b57347c4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
02:46:39.0919 9648 ksthunk - ok
02:46:39.0976 9648 [ 6ab66e16aa859232f64deb66887a8c9c ] KtmRm C:\Windows\system32\msdtckrm.dll
02:46:39.0981 9648 KtmRm - ok
02:46:40.0021 9648 [ d9f42719019740baa6d1c6d536cbdaa6 ] LanmanServer C:\Windows\System32\srvsvc.dll
02:46:40.0024 9648 LanmanServer - ok
02:46:40.0056 9648 [ 851a1382eed3e3a7476db004f4ee3e1a ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
02:46:40.0058 9648 LanmanWorkstation - ok
02:46:40.0074 9648 [ 1538831cf8ad2979a04c423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
02:46:40.0076 9648 lltdio - ok
02:46:40.0100 9648 [ c1185803384ab3feed115f79f109427f ] lltdsvc C:\Windows\System32\lltdsvc.dll
02:46:40.0103 9648 lltdsvc - ok
02:46:40.0119 9648 [ f993a32249b66c9d622ea5592a8b76b8 ] lmhosts C:\Windows\System32\lmhsvc.dll
02:46:40.0120 9648 lmhosts - ok
02:46:40.0130 9648 [ 1a93e54eb0ece102495a51266dcdb6a6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
02:46:40.0132 9648 LSI_FC - ok
02:46:40.0139 9648 [ 1047184a9fdc8bdbff857175875ee810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
02:46:40.0141 9648 LSI_SAS - ok
02:46:40.0154 9648 [ 30f5c0de1ee8b5bc9306c1f0e4a75f93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
02:46:40.0156 9648 LSI_SAS2 - ok
02:46:40.0178 9648 [ 0504eacaff0d3c8aed161c4b0d369d4a ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
02:46:40.0180 9648 LSI_SCSI - ok
02:46:40.0203 9648 [ 43d0f98e1d56ccddb0d5254cff7b356e ] luafv C:\Windows\system32\drivers\luafv.sys
02:46:40.0205 9648 luafv - ok
02:46:40.0234 9648 [ 0be09cd858abf9df6ed259d57a1a1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
02:46:40.0235 9648 Mcx2Svc - ok
02:46:40.0251 9648 [ a55805f747c6edb6a9080d7c633bd0f4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
02:46:40.0253 9648 megasas - ok
02:46:40.0264 9648 [ baf74ce0072480c3b6b7c13b2a94d6b3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
02:46:40.0267 9648 MegaSR - ok
02:46:40.0282 9648 [ e40e80d0304a73e8d269f7141d77250b ] MMCSS C:\Windows\system32\mmcss.dll
02:46:40.0284 9648 MMCSS - ok
02:46:40.0292 9648 [ 800ba92f7010378b09f9ed9270f07137 ] Modem C:\Windows\system32\drivers\modem.sys
02:46:40.0293 9648 Modem - ok
02:46:40.0305 9648 [ b03d591dc7da45ece20b3b467e6aadaa ] monitor C:\Windows\system32\DRIVERS\monitor.sys
02:46:40.0305 9648 monitor - ok
02:46:40.0314 9648 [ 7d27ea49f3c1f687d357e77a470aea99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
02:46:40.0314 9648 mouclass - ok
02:46:40.0331 9648 [ d3bf052c40b0c4166d9fd86a4288c1e6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
02:46:40.0332 9648 mouhid - ok
02:46:40.0375 9648 [ 32e7a3d591d671a6df2db515a5cbe0fa ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
02:46:40.0377 9648 mountmgr - ok
02:46:40.0438 9648 [ 96aa8ba23142cc8e2b30f3cae0c80254 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
02:46:40.0440 9648 MozillaMaintenance - ok
02:46:40.0475 9648 [ a44b420d30bd56e145d6a2bc8768ec58 ] mpio C:\Windows\system32\drivers\mpio.sys
02:46:40.0477 9648 mpio - ok
02:46:40.0487 9648 [ 6c38c9e45ae0ea2fa5e551f2ed5e978f ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
02:46:40.0488 9648 mpsdrv - ok
02:46:40.0518 9648 [ dc722758b8261e1abafd31a3c0a66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
02:46:40.0520 9648 MRxDAV - ok
02:46:40.0545 9648 [ a5d9106a73dc88564c825d317cac68ac ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
02:46:40.0547 9648 mrxsmb - ok
02:46:40.0561 9648 [ d711b3c1d5f42c0c2415687be09fc163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
02:46:40.0564 9648 mrxsmb10 - ok
02:46:40.0585 9648 [ 9423e9d355c8d303e76b8cfbd8a5c30c ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
02:46:40.0587 9648 mrxsmb20 - ok
02:46:40.0609 9648 [ c25f0bafa182cbca2dd3c851c2e75796 ] msahci C:\Windows\system32\drivers\msahci.sys
02:46:40.0610 9648 msahci - ok
02:46:40.0634 9648 [ db801a638d011b9633829eb6f663c900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
02:46:40.0635 9648 msdsm - ok
02:46:40.0647 9648 [ de0ece52236cfa3ed2dbfc03f28253a8 ] MSDTC C:\Windows\System32\msdtc.exe
02:46:40.0649 9648 MSDTC - ok
02:46:40.0669 9648 [ aa3fb40e17ce1388fa1bedab50ea8f96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
02:46:40.0670 9648 Msfs - ok
02:46:40.0682 9648 [ f9d215a46a8b9753f61767fa72a20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
02:46:40.0683 9648 mshidkmdf - ok
02:46:40.0692 9648 [ d916874bbd4f8b07bfb7fa9b3ccae29d ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
02:46:40.0693 9648 msisadrv - ok
02:46:40.0723 9648 [ 808e98ff49b155c522e6400953177b08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
02:46:40.0725 9648 MSiSCSI - ok
02:46:40.0729 9648 msiserver - ok
02:46:40.0747 9648 [ 49ccf2c4fea34ffad8b1b59d49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
02:46:40.0748 9648 MSKSSRV - ok
02:46:40.0759 9648 [ bdd71ace35a232104ddd349ee70e1ab3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
02:46:40.0760 9648 MSPCLOCK - ok
02:46:40.0768 9648 [ 4ed981241db27c3383d72092b618a1d0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
02:46:40.0769 9648 MSPQM - ok
02:46:40.0797 9648 [ 759a9eeb0fa9ed79da1fb7d4ef78866d ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
02:46:40.0801 9648 MsRPC - ok
02:46:40.0810 9648 [ 0eed230e37515a0eaee3c2e1bc97b288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
02:46:40.0810 9648 mssmbios - ok
02:46:40.0819 9648 [ 2e66f9ecb30b4221a318c92ac2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
02:46:40.0820 9648 MSTEE - ok
02:46:40.0827 9648 [ 7ea404308934e675bffde8edf0757bcd ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
02:46:40.0828 9648 MTConfig - ok
02:46:40.0853 9648 [ 19b006b181e3875fd254f7b67acf1e7c ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
02:46:40.0853 9648 MTsensor - ok
02:46:40.0876 9648 [ f9a18612fd3526fe473c1bda678d61c8 ] Mup C:\Windows\system32\Drivers\mup.sys
02:46:40.0876 9648 Mup - ok
02:46:40.0910 9648 [ 582ac6d9873e31dfa28a4547270862dd ] napagent C:\Windows\system32\qagentRT.dll
02:46:40.0915 9648 napagent - ok
02:46:40.0947 9648 [ 1ea3749c4114db3e3161156ffffa6b33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
02:46:40.0950 9648 NativeWifiP - ok
02:46:40.0978 9648 [ 79b47fd40d9a817e932f9d26fac0a81c ] NDIS C:\Windows\system32\drivers\ndis.sys
02:46:40.0998 9648 NDIS - ok
02:46:41.0041 9648 [ 9f9a1f53aad7da4d6fef5bb73ab811ac ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
02:46:41.0042 9648 NdisCap - ok
02:46:41.0064 9648 [ 30639c932d9fef22b31268fe25a1b6e5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
02:46:41.0066 9648 NdisTapi - ok
02:46:41.0095 9648 [ 136185f9fb2cc61e573e676aa5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
02:46:41.0096 9648 Ndisuio - ok
02:46:41.0126 9648 [ 53f7305169863f0a2bddc49e116c2e11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
02:46:41.0128 9648 NdisWan - ok
02:46:41.0132 9648 [ 015c0d8e0e0421b4cfd48cffe2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
02:46:41.0133 9648 NDProxy - ok
02:46:41.0152 9648 [ dc6530a291d4bdf6df399f1f128e7f8f ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
02:46:41.0154 9648 Net Driver HPZ12 - ok
02:46:41.0169 9648 [ 86743d9f5d2b1048062b14b1d84501c4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
02:46:41.0170 9648 NetBIOS - ok
02:46:41.0187 9648 [ 09594d1089c523423b32a4229263f068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
02:46:41.0190 9648 NetBT - ok
02:46:41.0198 9648 [ c118a82cd78818c29ab228366ebf81c3 ] Netlogon C:\Windows\system32\lsass.exe
02:46:41.0199 9648 Netlogon - ok
02:46:41.0225 9648 [ 847d3ae376c0817161a14a82c8922a9e ] Netman C:\Windows\System32\netman.dll
02:46:41.0229 9648 Netman - ok
02:46:41.0248 9648 [ 5f28111c648f1e24f7dbc87cdeb091b8 ] netprofm C:\Windows\System32\netprofm.dll
02:46:41.0253 9648 netprofm - ok
02:46:41.0283 9648 [ 44d4bd55191624c82a2745296ba42814 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
02:46:41.0290 9648 netr28x - ok
02:46:41.0313 9648 [ 3e5a36127e201ddf663176b66828fafe ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
02:46:41.0315 9648 NetTcpPortSharing - ok
02:46:41.0343 9648 [ 77889813be4d166cdab78ddba990da92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
02:46:41.0345 9648 nfrd960 - ok
02:46:41.0358 9648 [ 1ee99a89cc788ada662441d1e9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
02:46:41.0361 9648 NlaSvc - ok
02:46:41.0375 9648 [ 1e4c4ab5c9b8dd13179bbdc75a2a01f7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
02:46:41.0377 9648 Npfs - ok
02:46:41.0396 9648 [ d54bfdf3e0c953f823b3d0bfe4732528 ] nsi C:\Windows\system32\nsisvc.dll
02:46:41.0398 9648 nsi - ok
02:46:41.0404 9648 [ e7f5ae18af4168178a642a9247c63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
02:46:41.0405 9648 nsiproxy - ok
02:46:41.0441 9648 [ a2f74975097f52a00745f9637451fdd8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
02:46:41.0466 9648 Ntfs - ok
02:46:41.0480 9648 [ 9899284589f75fa8724ff3d16aed75c1 ] Null C:\Windows\system32\drivers\Null.sys
02:46:41.0481 9648 Null - ok
02:46:41.0521 9648 [ 0a92cb65770442ed0dc44834632f66ad ] nvraid C:\Windows\system32\drivers\nvraid.sys
02:46:41.0523 9648 nvraid - ok
02:46:41.0534 9648 [ dab0e87525c10052bf65f06152f37e4a ] nvstor C:\Windows\system32\drivers\nvstor.sys
02:46:41.0536 9648 nvstor - ok
02:46:41.0549 9648 [ 270d7cd42d6e3979f6dd0146650f0e05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
02:46:41.0551 9648 nv_agp - ok
02:46:41.0564 9648 [ 3589478e4b22ce21b41fa1bfc0b8b8a0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
02:46:41.0565 9648 ohci1394 - ok
02:46:41.0580 9648 [ 3eac4455472cc2c97107b5291e0dcafe ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
02:46:41.0584 9648 p2pimsvc - ok
02:46:41.0596 9648 [ 927463ecb02179f88e4b9a17568c63c3 ] p2psvc C:\Windows\system32\p2psvc.dll
02:46:41.0600 9648 p2psvc - ok
02:46:41.0609 9648 [ 0086431c29c35be1dbc43f52cc273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
02:46:41.0611 9648 Parport - ok
02:46:41.0639 9648 [ e9766131eeade40a27dc27d2d68fba9c ] partmgr C:\Windows\system32\drivers\partmgr.sys
02:46:41.0640 9648 partmgr - ok
02:46:41.0650 9648 [ 3aeaa8b561e63452c655dc0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
02:46:41.0653 9648 PcaSvc - ok
02:46:41.0665 9648 [ 94575c0571d1462a0f70bde6bd6ee6b3 ] pci C:\Windows\system32\drivers\pci.sys
02:46:41.0667 9648 pci - ok
02:46:41.0675 9648 [ b5b8b5ef2e5cb34df8dcf8831e3534fa ] pciide C:\Windows\system32\drivers\pciide.sys
02:46:41.0675 9648 pciide - ok
02:46:41.0688 9648 [ b2e81d4e87ce48589f98cb8c05b01f2f ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
02:46:41.0691 9648 pcmcia - ok
02:46:41.0697 9648 [ d6b9c2e1a11a3a4b26a182ffef18f603 ] pcw C:\Windows\system32\drivers\pcw.sys
02:46:41.0698 9648 pcw - ok
02:46:41.0717 9648 [ 68769c3356b3be5d1c732c97b9a80d6e ] PEAUTH C:\Windows\system32\drivers\peauth.sys
02:46:41.0723 9648 PEAUTH - ok
02:46:41.0748 9648 [ e495e408c93141e8fc72dc0c6046ddfa ] PerfHost C:\Windows\SysWow64\perfhost.exe
02:46:41.0750 9648 PerfHost - ok
02:46:41.0811 9648 [ c7cf6a6e137463219e1259e3f0f0dd6c ] pla C:\Windows\system32\pla.dll
02:46:41.0836 9648 pla - ok
02:46:41.0867 9648 [ 25fbdef06c4d92815b353f6e792c8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
02:46:41.0872 9648 PlugPlay - ok
02:46:41.0896 9648 [ 71f62c51dfdfbc04c83c5c64b2b8058e ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
02:46:41.0898 9648 Pml Driver HPZ12 - ok
02:46:41.0911 9648 [ 7195581cec9bb7d12abe54036acc2e38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
02:46:41.0913 9648 PNRPAutoReg - ok
02:46:41.0920 9648 [ 3eac4455472cc2c97107b5291e0dcafe ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
02:46:41.0922 9648 PNRPsvc - ok
02:46:41.0940 9648 [ 4f15d75adf6156bf56eced6d4a55c389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
02:46:41.0945 9648 PolicyAgent - ok
02:46:41.0960 9648 [ 6ba9d927dded70bd1a9caded45f8b184 ] Power C:\Windows\system32\umpo.dll
02:46:41.0962 9648 Power - ok
02:46:41.0996 9648 [ f92a2c41117a11a00be01ca01a7fcde9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
02:46:42.0006 9648 PptpMiniport - ok
02:46:42.0022 9648 [ 0d922e23c041efb1c3fac2a6f943c9bf ] Processor C:\Windows\system32\DRIVERS\processr.sys
02:46:42.0023 9648 Processor - ok
02:46:42.0053 9648 [ 53e83f1f6cf9d62f32801cf66d8352a8 ] ProfSvc C:\Windows\system32\profsvc.dll
02:46:42.0056 9648 ProfSvc - ok
02:46:42.0064 9648 [ c118a82cd78818c29ab228366ebf81c3 ] ProtectedStorage C:\Windows\system32\lsass.exe
02:46:42.0065 9648 ProtectedStorage - ok
02:46:42.0104 9648 [ 0557cf5a2556bd58e26384169d72438d ] Psched C:\Windows\system32\DRIVERS\pacer.sys
02:46:42.0106 9648 Psched - ok
02:46:42.0154 9648 [ a283e768fa12ef33087f07b01f82d6dd ] PSEXESVC C:\Windows\PSEXESVC.EXE
02:46:42.0157 9648 PSEXESVC - ok
02:46:42.0193 9648 [ a53a15a11ebfd21077463ee2c7afeef0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
02:46:42.0219 9648 ql2300 - ok
02:46:42.0227 9648 [ 4f6d12b51de1aaeff7dc58c4d75423c8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
02:46:42.0229 9648 ql40xx - ok
02:46:42.0250 9648 [ 906191634e99aea92c4816150bda3732 ] QWAVE C:\Windows\system32\qwave.dll
02:46:42.0253 9648 QWAVE - ok
02:46:42.0264 9648 [ 76707bb36430888d9ce9d705398adb6c ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
02:46:42.0266 9648 QWAVEdrv - ok
02:46:42.0278 9648 [ 5a0da8ad5762fa2d91678a8a01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
02:46:42.0279 9648 RasAcd - ok
02:46:42.0296 9648 [ 7ecff9b22276b73f43a99a15a6094e90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
02:46:42.0298 9648 RasAgileVpn - ok
02:46:42.0314 9648 [ 8f26510c5383b8dbe976de1cd00fc8c7 ] RasAuto C:\Windows\System32\rasauto.dll
02:46:42.0316 9648 RasAuto - ok
02:46:42.0353 9648 [ 471815800ae33e6f1c32fb1b97c490ca ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
02:46:42.0356 9648 Rasl2tp - ok
02:46:42.0390 9648 [ ee867a0870fc9e4972ba9eaad35651e2 ] RasMan C:\Windows\System32\rasmans.dll
02:46:42.0394 9648 RasMan - ok
02:46:42.0405 9648 [ 855c9b1cd4756c5e9a2aa58a15f58c25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
02:46:42.0406 9648 RasPppoe - ok
02:46:42.0425 9648 [ e8b1e447b008d07ff47d016c2b0eeecb ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
02:46:42.0427 9648 RasSstp - ok
02:46:42.0440 9648 [ 77f665941019a1594d887a74f301fa2f ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
02:46:42.0443 9648 rdbss - ok
02:46:42.0456 9648 [ 302da2a0539f2cf54d7c6cc30c1f2d8d ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
02:46:42.0457 9648 rdpbus - ok
02:46:42.0467 9648 [ cea6cc257fc9b7715f1c2b4849286d24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
02:46:42.0468 9648 RDPCDD - ok
02:46:42.0490 9648 [ bb5971a4f00659529a5c44831af22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
02:46:42.0490 9648 RDPENCDD - ok
02:46:42.0496 9648 [ 216f3fa57533d98e1f74ded70113177a ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
02:46:42.0497 9648 RDPREFMP - ok
02:46:42.0534 9648 [ e61608aa35e98999af9aaeeea6114b0a ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
02:46:42.0536 9648 RDPWD - ok
02:46:42.0572 9648 [ 34ed295fa0121c241bfef24764fc4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
02:46:42.0574 9648 rdyboost - ok
02:46:42.0601 9648 [ 254fb7a22d74e5511c73a3f6d802f192 ] RemoteAccess C:\Windows\System32\mprdim.dll
02:46:42.0604 9648 RemoteAccess - ok
02:46:42.0617 9648 [ e4d94f24081440b5fc5aa556c7c62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
02:46:42.0619 9648 RemoteRegistry - ok
02:46:42.0631 9648 [ e4dc58cf7b3ea515ae917ff0d402a7bb ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
02:46:42.0633 9648 RpcEptMapper - ok
02:46:42.0647 9648 [ d5ba242d4cf8e384db90e6a8ed850b8c ] RpcLocator C:\Windows\system32\locator.exe
02:46:42.0648 9648 RpcLocator - ok
02:46:42.0664 9648 [ 5c627d1b1138676c0a7ab2c2c190d123 ] RpcSs C:\Windows\system32\rpcss.dll
02:46:42.0667 9648 RpcSs - ok
02:46:42.0676 9648 [ ddc86e4f8e7456261e637e3552e804ff ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
02:46:42.0678 9648 rspndr - ok
02:46:42.0721 9648 [ 2777226ee8bf50b059d7a7c90177e99c ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
02:46:42.0723 9648 RTL8167 - ok
02:46:42.0730 9648 [ c118a82cd78818c29ab228366ebf81c3 ] SamSs C:\Windows\system32\lsass.exe
02:46:42.0731 9648 SamSs - ok
02:46:42.0784 9648 [ 3289766038db2cb14d07dc84392138d5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
02:46:42.0784 9648 SASDIFSV - ok
02:46:42.0795 9648 [ 58a38e75f3316a83c23df6173d41f2b5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
02:46:42.0796 9648 SASKUTIL - ok
02:46:42.0828 9648 [ ac03af3329579fffb455aa2daabbe22b ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
02:46:42.0830 9648 sbp2port - ok
02:46:42.0844 9648 [ 9b7395789e3791a3b6d000fe6f8b131e ] SCardSvr C:\Windows\System32\SCardSvr.dll
02:46:42.0847 9648 SCardSvr - ok
02:46:42.0879 9648 [ 253f38d0d7074c02ff8deb9836c97d2b ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
02:46:42.0881 9648 scfilter - ok
02:46:42.0923 9648 [ 262f6592c3299c005fd6bec90fc4463a ] Schedule C:\Windows\system32\schedsvc.dll
02:46:42.0930 9648 Schedule - ok
02:46:42.0965 9648 [ f17d1d393bbc69c5322fbfafaca28c7f ] SCPolicySvc C:\Windows\System32\certprop.dll
02:46:42.0966 9648 SCPolicySvc - ok
02:46:42.0991 9648 [ 6ea4234dc55346e0709560fe7c2c1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
02:46:42.0993 9648 SDRSVC - ok
02:46:43.0006 9648 [ 3ea8a16169c26afbeb544e0e48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
02:46:43.0021 9648 secdrv - ok
02:46:43.0025 9648 [ bc617a4e1b4fa8df523a061739a0bd87 ] seclogon C:\Windows\system32\seclogon.dll
02:46:43.0027 9648 seclogon - ok
02:46:43.0041 9648 [ c32ab8fa018ef34c0f113bd501436d21 ] SENS C:\Windows\system32\sens.dll
02:46:43.0043 9648 SENS - ok
02:46:43.0053 9648 [ 0336cffafaab87a11541f1cf1594b2b2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
02:46:43.0055 9648 SensrSvc - ok
02:46:43.0065 9648 [ cb624c0035412af0debec78c41f5ca1b ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
02:46:43.0066 9648 Serenum - ok
02:46:43.0073 9648 [ c1d8e28b2c2adfaec4ba89e9fda69bd6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
02:46:43.0075 9648 Serial - ok
02:46:43.0091 9648 [ 1c545a7d0691cc4a027396535691c3e3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
02:46:43.0091 9648 sermouse - ok
02:46:43.0125 9648 [ 0b6231bf38174a1628c4ac812cc75804 ] SessionEnv C:\Windows\system32\sessenv.dll
02:46:43.0128 9648 SessionEnv - ok
02:46:43.0141 9648 [ a554811bcd09279536440c964ae35bbf ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
02:46:43.0142 9648 sffdisk - ok
02:46:43.0153 9648 [ ff414f0baefeba59bc6c04b3db0b87bf ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
02:46:43.0155 9648 sffp_mmc - ok
02:46:43.0158 9648 [ dd85b78243a19b59f0637dcf284da63c ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
02:46:43.0159 9648 sffp_sd - ok
02:46:43.0166 9648 [ a9d601643a1647211a1ee2ec4e433ff4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
02:46:43.0167 9648 sfloppy - ok
02:46:43.0194 9648 [ aaf932b4011d14052955d4b212a4da8d ] ShellHWDetection C:\Windows\System32\shsvcs.dll
02:46:43.0197 9648 ShellHWDetection - ok
02:46:43.0207 9648 [ 843caf1e5fde1ffd5ff768f23a51e2e1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
02:46:43.0208 9648 SiSRaid2 - ok
02:46:43.0213 9648 [ 6a6c106d42e9ffff8b9fcb4f754f6da4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
02:46:43.0214 9648 SiSRaid4 - ok
02:46:43.0334 9648 [ 0f97e7a47a52f4a36969f0fc319654c2 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
02:46:43.0377 9648 Skype C2C Service - ok
02:46:43.0439 9648 [ f07af60b152221472fbdb2fecec4896d ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
02:46:43.0440 9648 SkypeUpdate - ok
02:46:43.0456 9648 [ 548260a7b8654e024dc30bf8a7c5baa4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
02:46:43.0458 9648 Smb - ok
02:46:43.0472 9648 [ 6313f223e817cc09aa41811daa7f541d ] SNMPTRAP C:\Windows\System32\snmptrap.exe
02:46:43.0474 9648 SNMPTRAP - ok
02:46:43.0484 9648 [ b9e31e5cacdfe584f34f730a677803f9 ] spldr C:\Windows\system32\drivers\spldr.sys
02:46:43.0485 9648 spldr - ok
02:46:43.0501 9648 [ b96c17b5dc1424d56eea3a99e97428cd ] Spooler C:\Windows\System32\spoolsv.exe
02:46:43.0504 9648 Spooler - ok
02:46:43.0580 9648 [ e17e0188bb90fae42d83e98707efa59c ] sppsvc C:\Windows\system32\sppsvc.exe
02:46:43.0632 9648 sppsvc - ok
02:46:43.0664 9648 [ 93d7d61317f3d4bc4f4e9f8a96a7de45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
02:46:43.0666 9648 sppuinotify - ok
02:46:43.0687 9648 [ 441fba48bff01fdb9d5969ebc1838f0b ] srv C:\Windows\system32\DRIVERS\srv.sys
02:46:43.0692 9648 srv - ok
02:46:43.0707 9648 [ b4adebbf5e3677cce9651e0f01f7cc28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
02:46:43.0711 9648 srv2 - ok
02:46:43.0720 9648 [ 27e461f0be5bff5fc737328f749538c3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
02:46:43.0722 9648 srvnet - ok
02:46:43.0749 9648 [ 51b52fbd583cde8aa9ba62b8b4298f33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
02:46:43.0752 9648 SSDPSRV - ok
02:46:43.0764 9648 [ ab7aebf58dad8daab7a6c45e6a8885cb ] SstpSvc C:\Windows\system32\sstpsvc.dll
02:46:43.0769 9648 SstpSvc - ok
02:46:43.0785 9648 [ f3817967ed533d08327dc73bc4d5542a ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
02:46:43.0787 9648 stexstor - ok
02:46:43.0804 9648 [ 8dd52e8e6128f4b2da92ce27402871c1 ] stisvc C:\Windows\System32\wiaservc.dll
02:46:43.0811 9648 stisvc - ok
02:46:43.0844 9648 [ d01ec09b6711a5f8e7e6564a4d0fbc90 ] swenum C:\Windows\system32\drivers\swenum.sys
02:46:43.0844 9648 swenum - ok
02:46:43.0910 9648 [ f577910a133a592234ebaad3f3afa258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
02:46:43.0916 9648 SwitchBoard - ok
02:46:43.0929 9648 [ e08e46fdd841b7184194011ca1955a0b ] swprv C:\Windows\System32\swprv.dll
02:46:43.0935 9648 swprv - ok
02:46:43.0986 9648 [ bf9ccc0bf39b418c8d0ae8b05cf95b7d ] SysMain C:\Windows\system32\sysmain.dll
02:46:44.0012 9648 SysMain - ok
02:46:44.0056 9648 [ e3c61fd7b7c2557e1f1b0b4cec713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
02:46:44.0058 9648 TabletInputService - ok
02:46:44.0191 9648 [ c4c20cfa4f42e9b7454e895c5c47bcd3 ] TabletServicePen C:\Program Files\Tablet\Pen\Pen_Tablet.exe
02:46:44.0278 9648 TabletServicePen - ok
02:46:44.0311 9648 [ 40f0849f65d13ee87b9a9ae3c1dd6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
02:46:44.0315 9648 TapiSrv - ok
02:46:44.0327 9648 [ 1be03ac720f4d302ea01d40f588162f6 ] TBS C:\Windows\System32\tbssvc.dll
02:46:44.0328 9648 TBS - ok
02:46:44.0528 9648 [ acb82bda8f46c84f465c1afa517dc4b9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
02:46:44.0581 9648 Tcpip - ok
02:46:44.0687 9648 [ acb82bda8f46c84f465c1afa517dc4b9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
02:46:44.0696 9648 TCPIP6 - ok
02:46:44.0746 9648 [ df687e3d8836bfb04fcc0615bf15a519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
02:46:44.0747 9648 tcpipreg - ok
02:46:44.0772 9648 [ 3371d21011695b16333a3934340c4e7c ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
02:46:44.0773 9648 TDPIPE - ok
02:46:44.0802 9648 [ 51c5eceb1cdee2468a1748be550cfbc8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
02:46:44.0806 9648 TDTCP - ok
02:46:44.0817 9648 [ ddad5a7ab24d8b65f8d724f5c20fd806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
02:46:44.0820 9648 tdx - ok
02:46:44.0828 9648 [ 561e7e1f06895d78de991e01dd0fb6e5 ] TermDD C:\Windows\system32\drivers\termdd.sys
02:46:44.0829 9648 TermDD - ok
02:46:44.0849 9648 [ 2e648163254233755035b46dd7b89123 ] TermService C:\Windows\System32\termsrv.dll
02:46:44.0855 9648 TermService - ok
02:46:44.0869 9648 [ f0344071948d1a1fa732231785a0664c ] Themes C:\Windows\system32\themeservice.dll
02:46:44.0871 9648 Themes - ok
02:46:44.0885 9648 [ e40e80d0304a73e8d269f7141d77250b ] THREADORDER C:\Windows\system32\mmcss.dll
02:46:44.0886 9648 THREADORDER - ok
02:46:44.0925 9648 [ 7625dcf246e488e523dc1f64c38abda2 ] TouchServicePen C:\Program Files\Tablet\Pen\Pen_TouchService.exe
02:46:44.0930 9648 TouchServicePen - ok
02:46:44.0946 9648 [ 7e7afd841694f6ac397e99d75cead49d ] TrkWks C:\Windows\System32\trkwks.dll
02:46:44.0950 9648 TrkWks - ok
02:46:45.0000 9648 [ 773212b2aaa24c1e31f10246b15b276c ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
02:46:45.0002 9648 TrustedInstaller - ok
02:46:45.0028 9648 [ ce18b2cdfc837c99e5fae9ca6cba5d30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
02:46:45.0030 9648 tssecsrv - ok
02:46:45.0077 9648 [ d11c783e3ef9a3c52c0ebe83cc5000e9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
02:46:45.0079 9648 TsUsbFlt - ok
02:46:45.0094 9648 [ 3566a8daafa27af944f5d705eaa64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
02:46:45.0097 9648 tunnel - ok
02:46:45.0110 9648 [ b4dd609bd7e282bfc683cec7eaaaad67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
02:46:45.0112 9648 uagp35 - ok
02:46:45.0146 9648 [ ff4232a1a64012baa1fd97c7b67df593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
02:46:45.0149 9648 udfs - ok
02:46:45.0163 9648 [ 3cbdec8d06b9968aba702eba076364a1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
02:46:45.0166 9648 UI0Detect - ok
02:46:45.0170 9648 [ 4bfe1bc28391222894cbf1e7d0e42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
02:46:45.0171 9648 uliagpkx - ok
02:46:45.0182 9648 [ dc54a574663a895c8763af0fa1ff7561 ] umbus C:\Windows\system32\drivers\umbus.sys
02:46:45.0184 9648 umbus - ok
02:46:45.0187 9648 [ b2e8e8cb557b156da5493bbddcc1474d ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
02:46:45.0188 9648 UmPass - ok
02:46:45.0200 9648 [ d47ec6a8e81633dd18d2436b19baf6de ] upnphost C:\Windows\System32\upnphost.dll
02:46:45.0204 9648 upnphost - ok
02:46:45.0219 9648 [ 6f1a3157a1c89435352ceb543cdb359c ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
02:46:45.0221 9648 usbccgp - ok
02:46:45.0245 9648 [ af0892a803fdda7492f595368e3b68e7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
02:46:45.0247 9648 usbcir - ok
02:46:45.0260 9648 [ c025055fe7b87701eb042095df1a2d7b ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
02:46:45.0262 9648 usbehci - ok
02:46:45.0281 9648 [ 2c780746dc44a28fe67004dc58173f05 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
02:46:45.0281 9648 usbfilter - ok
02:46:45.0292 9648 [ 287c6c9410b111b68b52ca298f7b8c24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
02:46:45.0295 9648 usbhub - ok
02:46:45.0303 9648 [ 9840fc418b4cbd632d3d0a667a725c31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
02:46:45.0305 9648 usbohci - ok
02:46:45.0316 9648 [ 73188f58fb384e75c4063d29413cee3d ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
02:46:45.0318 9648 usbprint - ok
02:46:45.0333 9648 [ fed648b01349a3c8395a5169db5fb7d6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
02:46:45.0335 9648 USBSTOR - ok
02:46:45.0339 9648 [ 62069a34518bcf9c1fd9e74b3f6db7cd ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
02:46:45.0340 9648 usbuhci - ok
02:46:45.0354 9648 [ edbb23cbcf2cdf727d64ff9b51a6070e ] UxSms C:\Windows\System32\uxsms.dll
02:46:45.0355 9648 UxSms - ok
02:46:45.0369 9648 [ c118a82cd78818c29ab228366ebf81c3 ] VaultSvc C:\Windows\system32\lsass.exe
02:46:45.0369 9648 VaultSvc - ok
02:46:45.0373 9648 [ c5c876ccfc083ff3b128f933823e87bd ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
02:46:45.0374 9648 vdrvroot - ok
02:46:45.0414 9648 [ 8d6b481601d01a456e75c3210f1830be ] vds C:\Windows\System32\vds.exe
02:46:45.0420 9648 vds - ok
02:46:45.0429 9648 [ da4da3f5e02943c2dc8c6ed875de68dd ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
02:46:45.0431 9648 vga - ok
02:46:45.0435 9648 [ 53e92a310193cb3c03bea963de7d9cfc ] VgaSave C:\Windows\System32\drivers\vga.sys
02:46:45.0436 9648 VgaSave - ok
02:46:45.0448 9648 [ 2ce2df28c83aeaf30084e1b1eb253cbb ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
02:46:45.0450 9648 vhdmp - ok
02:46:45.0486 9648 [ d4944dbf92e07f1f641cb512065966e6 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
02:46:45.0493 9648 VIAHdAudAddService - ok
02:46:45.0506 9648 [ e5689d93ffe4e5d66c0178761240dd54 ] viaide C:\Windows\system32\drivers\viaide.sys
02:46:45.0508 9648 viaide - ok
02:46:45.0515 9648 [ d2aafd421940f640b407aefaaebd91b0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
02:46:45.0516 9648 volmgr - ok
02:46:45.0553 9648 [ a255814907c89be58b79ef2f189b843b ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
02:46:45.0557 9648 volmgrx - ok
02:46:45.0575 9648 [ 0d08d2f3b3ff84e433346669b5e0f639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
02:46:45.0578 9648 volsnap - ok
02:46:45.0590 9648 [ 5e2016ea6ebaca03c04feac5f330d997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
02:46:45.0592 9648 vsmraid - ok
02:46:45.0674 9648 [ b60ba0bc31b0cb414593e169f6f21cc2 ] VSS C:\Windows\system32\vssvc.exe
02:46:45.0751 9648 VSS - ok
02:46:45.0763 9648 [ 36d4720b72b5c5d9cb2b9c29e9df67a1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
02:46:45.0765 9648 vwifibus - ok
02:46:45.0774 9648 [ 6a3d66263414ff0d6fa754c646612f3f ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
02:46:45.0776 9648 vwififlt - ok
02:46:45.0797 9648 [ 1c9d80cc3849b3788048078c26486e1a ] W32Time C:\Windows\system32\w32time.dll
02:46:45.0802 9648 W32Time - ok
02:46:45.0841 9648 [ fe75777289278a4941fe6139e82b3bd9 ] wacmoumonitor C:\Windows\system32\DRIVERS\wacmoumonitor.sys
02:46:45.0843 9648 wacmoumonitor - ok
02:46:45.0869 9648 [ e04d43c7d1641e95d35cae6086c7e350 ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys
02:46:45.0869 9648 wacommousefilter - ok
02:46:45.0879 9648 [ 4e9440f4f152a7b944cb1663d3935a3e ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
02:46:45.0880 9648 WacomPen - ok
02:46:45.0905 9648 [ ec1ceb237e365330c1fcfc4876aa0ac0 ] wacomvhid C:\Windows\system32\DRIVERS\wacomvhid.sys
02:46:45.0906 9648 wacomvhid - ok
02:46:45.0930 9648 [ 356afd78a6ed4457169241ac3965230c ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
02:46:45.0932 9648 WANARP - ok
02:46:45.0950 9648 [ 356afd78a6ed4457169241ac3965230c ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
02:46:45.0951 9648 Wanarpv6 - ok
02:46:46.0005 9648 [ 3cec96de223e49eaae3651fcf8faea6c ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
02:46:46.0031 9648 WatAdminSvc - ok
02:46:46.0063 9648 [ 78f4e7f5c56cb9716238eb57da4b6a75 ] wbengine C:\Windows\system32\wbengine.exe
02:46:46.0089 9648 wbengine - ok
02:46:46.0105 9648 [ 3aa101e8edab2db4131333f4325c76a3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
02:46:46.0108 9648 WbioSrvc - ok
02:46:46.0121 9648 [ 7368a2afd46e5a4481d1de9d14848edd ] wcncsvc C:\Windows\System32\wcncsvc.dll
02:46:46.0126 9648 wcncsvc - ok
02:46:46.0141 9648 [ 20f7441334b18cee52027661df4a6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
02:46:46.0144 9648 WcsPlugInService - ok
02:46:46.0157 9648 [ 72889e16ff12ba0f235467d6091b17dc ] Wd C:\Windows\system32\DRIVERS\wd.sys
02:46:46.0158 9648 Wd - ok
02:46:46.0178 9648 [ 441bd2d7b4f98134c3a4f9fa570fd250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
02:46:46.0184 9648 Wdf01000 - ok
02:46:46.0195 9648 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiServiceHost C:\Windows\system32\wdi.dll
02:46:46.0198 9648 WdiServiceHost - ok
02:46:46.0203 9648 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiSystemHost C:\Windows\system32\wdi.dll
02:46:46.0204 9648 WdiSystemHost - ok
02:46:46.0234 9648 [ 3db6d04e1c64272f8b14eb8bc4616280 ] WebClient C:\Windows\System32\webclnt.dll
02:46:46.0238 9648 WebClient - ok
02:46:46.0255 9648 [ c749025a679c5103e575e3b48e092c43 ] Wecsvc C:\Windows\system32\wecsvc.dll
02:46:46.0259 9648 Wecsvc - ok
02:46:46.0271 9648 [ 7e591867422dc788b9e5bd337a669a08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
02:46:46.0274 9648 wercplsupport - ok
02:46:46.0294 9648 [ 6d137963730144698cbd10f202e9f251 ] WerSvc C:\Windows\System32\WerSvc.dll
02:46:46.0296 9648 WerSvc - ok
02:46:46.0306 9648 [ 611b23304bf067451a9fdee01fbdd725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
02:46:46.0307 9648 WfpLwf - ok
02:46:46.0316 9648 [ 05ecaec3e4529a7153b3136ceb49f0ec ] WIMMount C:\Windows\system32\drivers\wimmount.sys
02:46:46.0318 9648 WIMMount - ok
02:46:46.0322 9648 WinHttpAutoProxySvc - ok
02:46:46.0366 9648 [ 19b07e7e8915d701225da41cb3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
02:46:46.0368 9648 Winmgmt - ok
02:46:46.0482 9648 [ bcb1310604aa415c4508708975b3931e ] WinRM C:\Windows\system32\WsmSvc.dll
02:46:46.0524 9648 WinRM - ok
02:46:46.0581 9648 [ fe88b288356e7b47b74b13372add906d ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
02:46:46.0582 9648 WinUsb - ok
02:46:46.0601 9648 [ 4fada86e62f18a1b2f42ba18ae24e6aa ] Wlansvc C:\Windows\System32\wlansvc.dll
02:46:46.0606 9648 Wlansvc - ok
02:46:46.0642 9648 [ 06c8fa1cf39de6a735b54d906ba791c6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
02:46:46.0645 9648 wlcrasvc - ok
02:46:46.0726 9648 [ 2bacd71123f42cea603f4e205e1ae337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
02:46:46.0752 9648 wlidsvc - ok
02:46:46.0759 9648 [ f6ff8944478594d0e414d3f048f0d778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
02:46:46.0760 9648 WmiAcpi - ok
02:46:46.0775 9648 [ 38b84c94c5a8af291adfea478ae54f93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
02:46:46.0778 9648 wmiApSrv - ok
02:46:46.0797 9648 WMPNetworkSvc - ok
02:46:46.0813 9648 [ 96c6e7100d724c69fcf9e7bf590d1dca ] WPCSvc C:\Windows\System32\wpcsvc.dll
02:46:46.0816 9648 WPCSvc - ok
02:46:46.0869 9648 [ 93221146d4ebbf314c29b23cd6cc391d ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
02:46:46.0871 9648 WPDBusEnum - ok
02:46:46.0899 9648 [ 6bcc1d7d2fd2453957c5479a32364e52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
02:46:46.0900 9648 ws2ifsl - ok
02:46:46.0903 9648 WSearch - ok
02:46:46.0923 9648 [ d3381dc54c34d79b22cee0d65ba91b7c ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
02:46:46.0925 9648 WudfPf - ok
02:46:46.0973 9648 [ cf8d590be3373029d57af80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
02:46:46.0976 9648 WUDFRd - ok
02:46:47.0014 9648 [ 7a95c95b6c4cf292d689106bcae49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
02:46:47.0016 9648 wudfsvc - ok
02:46:47.0032 9648 [ 9a3452b3c2a46c073166c5cf49fad1ae ] WwanSvc C:\Windows\System32\wwansvc.dll
02:46:47.0036 9648 WwanSvc - ok
02:46:47.0050 9648 ================ Scan global ===============================
02:46:47.0061 9648 (ba0cd8c393e8c9f83354106093832c7b) C:\Windows\system32\basesrv.dll
02:46:47.0109 9648 (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll
02:46:47.0116 9648 (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll
02:46:47.0130 9648 (d6160f9d869ba3af0b787f971db56368) C:\Windows\system32\sxssrv.dll
02:46:47.0161 9648 (014a9cb92514e27c0107614df764bc06) C:\Windows\system32\services.exe
02:46:47.0165 9648 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - infected
02:46:47.0165 9648 C:\Windows\system32\services.exe - detected Virus.Win64.ZAccess.b (0)
02:46:47.0165 9648 ================ Scan MBR ==================================
02:46:47.0168 9648 MBR (0x1B8) (4976d4a7a40b83fc7f06ee4bdd84eb9b) \Device\Harddisk0\DR0
02:46:47.0168 9648 Suspicious mbr (Forged): \Device\Harddisk0\DR0
02:46:47.0192 9648 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
02:46:47.0192 9648 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
02:46:47.0654 9648 MBR (0x1B8) (671b81004fdd1588fa9ed1331c9ceca9) \Device\Harddisk1\DR1
02:46:47.0661 9648 \Device\Harddisk1\DR1 - ok
02:46:47.0661 9648 ================ Scan VBR ==================================
02:46:47.0664 9648 Boot (0x1200) (04879ef0d98b65f9854d49c3fe7d1003) \Device\Harddisk0\DR0\Partition1
02:46:47.0665 9648 \Device\Harddisk0\DR0\Partition1 - ok
02:46:47.0669 9648 Boot (0x1200) (fa0e1ae13c2e642b824cb112475b45db) \Device\Harddisk1\DR1\Partition1
02:46:47.0671 9648 \Device\Harddisk1\DR1\Partition1 - ok
02:46:47.0672 9648 ============================================================
02:46:47.0672 9648 Scan finished
02:46:47.0672 9648 ============================================================
02:46:47.0684 10860 Detected object count: 2
02:46:47.0684 10860 Actual detected object count: 2
02:46:59.0851 10860 C:\Windows\system32\services.exe - copied to quarantine
02:47:00.0256 10860 C:\Windows\assembly\GAC_32\desktop.ini - copied to quarantine
02:47:00.0256 10860 C:\Windows\assembly\GAC_64\desktop.ini - copied to quarantine
02:47:00.0394 10860 C:\Windows\installer\{b22b0583-4748-ebf7-64a1-21f70e4d6814}\@ - copied to quarantine
02:47:00.0395 10860 C:\Windows\installer\{b22b0583-4748-ebf7-64a1-21f70e4d6814}\L\00000004.@ - copied to quarantine
02:47:00.0396 10860 C:\Windows\installer\{b22b0583-4748-ebf7-64a1-21f70e4d6814}\L\201d3dde - copied to quarantine
02:47:00.0396 10860 C:\Windows\installer\{b22b0583-4748-ebf7-64a1-21f70e4d6814}\U\00000004.@ - copied to quarantine
02:47:00.0397 10860 C:\Windows\installer\{b22b0583-4748-ebf7-64a1-21f70e4d6814}\U\00000008.@ - copied to quarantine
02:47:00.0398 10860 C:\Windows\installer\{b22b0583-4748-ebf7-64a1-21f70e4d6814}\U\000000cb.@ - copied to quarantine
02:47:00.0399 10860 C:\Windows\installer\{b22b0583-4748-ebf7-64a1-21f70e4d6814}\U\80000000.@ - copied to quarantine
02:47:00.0399 10860 C:\Windows\installer\{b22b0583-4748-ebf7-64a1-21f70e4d6814}\U\80000032.@ - copied to quarantine
02:47:00.0400 10860 C:\Windows\installer\{b22b0583-4748-ebf7-64a1-21f70e4d6814}\U\80000064.@ - copied to quarantine
02:47:00.0559 10860 C:\Users\Rival\AppData\Local\{b22b0583-4748-ebf7-64a1-21f70e4d6814}\@ - copied to quarantine
02:47:13.0646 10860 Backup copy found, using it..
02:47:13.0685 10860 C:\Windows\assembly\GAC_32\desktop.ini - will be deleted on reboot
02:47:13.0685 10860 C:\Windows\assembly\GAC_64\desktop.ini - will be deleted on reboot
02:47:13.0705 10860 C:\Windows\installer\{b22b0583-4748-ebf7-64a1-21f70e4d6814}\@ - will be deleted on reboot
02:47:13.0706 10860 C:\Windows\installer\{b22b0583-4748-ebf7-64a1-21f70e4d6814}\U\00000004.@ - will be deleted on reboot
02:47:13.0706 10860 C:\Windows\installer\{b22b0583-4748-ebf7-64a1-21f70e4d6814}\U\00000008.@ - will be deleted on reboot
02:47:13.0706 10860 C:\Windows\installer\{b22b0583-4748-ebf7-64a1-21f70e4d6814}\U\000000cb.@ - will be deleted on reboot
02:47:13.0706 10860 C:\Windows\installer\{b22b0583-4748-ebf7-64a1-21f70e4d6814}\U\80000000.@ - will be deleted on reboot
02:47:13.0706 10860 C:\Windows\installer\{b22b0583-4748-ebf7-64a1-21f70e4d6814}\U\80000032.@ - will be deleted on reboot
02:47:13.0707 10860 C:\Windows\installer\{b22b0583-4748-ebf7-64a1-21f70e4d6814}\U\80000064.@ - will be deleted on reboot
02:47:13.0739 10860 C:\Users\Rival\AppData\Local\{b22b0583-4748-ebf7-64a1-21f70e4d6814}\@ - will be deleted on reboot
02:47:13.0750 10860 C:\Windows\system32\services.exe - will be cured on reboot
02:47:13.0750 10860 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - User select action: Cure
02:47:14.0341 10860 \Device\Harddisk0\DR0\# - copied to quarantine
02:47:14.0342 10860 \Device\Harddisk0\DR0 - copied to quarantine
02:47:14.0378 10860 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
02:47:14.0379 10860 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
02:47:14.0383 10860 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
02:47:14.0387 10860 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
02:47:14.0399 10860 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
02:47:14.0406 10860 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
02:47:14.0407 10860 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
02:47:14.0407 10860 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
02:47:14.0408 10860 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
02:47:14.0410 10860 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
02:47:14.0412 10860 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
02:47:14.0412 10860 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
02:47:14.0413 10860 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
02:47:14.0414 10860 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
02:47:14.0440 10860 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
02:47:14.0442 10860 \Device\Harddisk0\DR0 - ok
02:47:14.0457 10860 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure

#4 Virgorival

Virgorival
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:04:07 PM

Posted 15 August 2012 - 02:58 AM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-15 02:49:56
-----------------------------
02:49:56.743 OS Version: Windows x64 6.1.7601 Service Pack 1
02:49:56.744 Number of processors: 6 586 0xA00
02:49:56.744 ComputerName: PATCHOULI UserName: Rival
02:50:01.521 Initialize success
02:51:00.299 AVAST engine defs: 12081500
02:51:10.663 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
02:51:10.664 Disk 0 Vendor: ST31000524AS JC45 Size: 953869MB BusType: 3
02:51:10.666 Device \Driver\atapi -> MajorFunction fffffa80085135e8
02:51:10.668 Disk 0 MBR read successfully
02:51:10.670 Disk 0 MBR scan
02:51:10.673 Disk 0 unknown MBR code
02:51:10.675 Disk 0 MBR hidden
02:51:10.692 Disk 0 Partition 1 00 1B Hidd FAT32 NTFS 10024 MB offset 2048
02:51:10.712 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 943843 MB offset 20531200
02:51:10.728 Disk 0 scanning C:\Windows\system32\drivers
02:51:19.923 Service scanning
02:51:20.607 Service 83937995 C:\Windows\system32\drivers\23075463.sys **HIDDEN**
02:51:36.686 Modules scanning
02:51:36.696 Disk 0 trace - called modules:
02:51:36.702 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa800972aad0]<<55301298.sys >>UNKNOWN [0xfffffa80085135e8]<<
02:51:36.705 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007b05790]
02:51:36.710 3 CLASSPNP.SYS[fffff8800160143f] -> nt!IofCallDriver -> [0xfffffa800795c9b0]
02:51:36.713 5 ACPI.sys[fffff88000e437a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8007a44060]
02:51:36.724 \Driver\atapi[0xfffffa800842b7a0] -> IRP_MJ_CREATE -> 0xfffffa80085135e8
02:51:41.784 AVAST engine scan C:\Windows
02:51:44.473 AVAST engine scan C:\Windows\system32
02:53:12.409 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
02:53:14.215 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
02:54:08.715 AVAST engine scan C:\Windows\system32\drivers
02:54:19.787 AVAST engine scan C:\Users\Rival
02:57:59.118 Disk 0 MBR has been saved successfully to "C:\Users\Rival\Desktop\MBR.dat"
02:57:59.124 The log file has been saved successfully to "C:\Users\Rival\Desktop\aswMBR.txt"

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:07 PM

Posted 15 August 2012 - 02:59 AM

Restart the PC and run TDSSkiller and aswmbr once again and post the new logs

#6 Virgorival

Virgorival
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:04:07 PM

Posted 15 August 2012 - 03:19 AM

03:16:34.0374 1300 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05
03:16:35.0263 1300 ============================================================
03:16:35.0263 1300 Current date / time: 2012/08/15 03:16:35.0263
03:16:35.0263 1300 SystemInfo:
03:16:35.0263 1300
03:16:35.0263 1300 OS Version: 6.1.7601 ServicePack: 1.0
03:16:35.0263 1300 Product type: Workstation
03:16:35.0263 1300 ComputerName: PATCHOULI
03:16:35.0263 1300 UserName: Rival
03:16:35.0263 1300 Windows directory: C:\Windows
03:16:35.0263 1300 System windows directory: C:\Windows
03:16:35.0263 1300 Running under WOW64
03:16:35.0263 1300 Processor architecture: Intel x64
03:16:35.0263 1300 Number of processors: 6
03:16:35.0263 1300 Page size: 0x1000
03:16:35.0263 1300 Boot type: Normal boot
03:16:35.0263 1300 ============================================================
03:16:46.0046 1300 BG loaded
03:16:49.0119 1300 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
03:16:49.0166 1300 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
03:16:49.0634 1300 ============================================================
03:16:49.0634 1300 \Device\Harddisk0\DR0:
03:16:49.0696 1300 MBR partitions:
03:16:49.0696 1300 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1394800, BlocksNum 0x73371800
03:16:49.0696 1300 \Device\Harddisk1\DR1:
03:16:49.0696 1300 MBR partitions:
03:16:49.0696 1300 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
03:16:49.0696 1300 ============================================================
03:16:49.0836 1300 C: <-> \Device\Harddisk0\DR0\Partition1
03:16:49.0868 1300 F: <-> \Device\Harddisk1\DR1\Partition1
03:16:49.0868 1300 ============================================================
03:16:49.0868 1300 Initialize success
03:16:49.0868 1300 ============================================================
03:17:02.0154 3192 ============================================================
03:17:02.0154 3192 Scan started
03:17:02.0154 3192 Mode: Manual;
03:17:02.0154 3192 ============================================================
03:17:08.0030 3192 ================ Scan services =============================
03:17:09.0630 3192 [ 7d9d615201a483d6fa99491c2e655a5a ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
03:17:09.0631 3192 !SASCORE - ok
03:17:12.0580 3192 [ a87d604aea360176311474c87a63bb88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
03:17:12.0583 3192 1394ohci - ok
03:17:12.0684 3192 [ d81d9e70b8a6dd14d42d7b4efa65d5f2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
03:17:12.0687 3192 ACPI - ok
03:17:12.0714 3192 [ 99f8e788246d495ce3794d7e7821d2ca ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
03:17:12.0715 3192 AcpiPmi - ok
03:17:12.0894 3192 [ 62b7936f9036dd6ed36e6a7efa805dc0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
03:17:12.0894 3192 AdobeARMservice - ok
03:17:15.0233 3192 [ f19c98ad81d2c0e1bbfd8153d2c80ee8 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
03:17:15.0248 3192 AdobeFlashPlayerUpdateSvc - ok
03:17:15.0283 3192 [ 2f6b34b83843f0c5118b63ac634f5bf4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
03:17:15.0289 3192 adp94xx - ok
03:17:15.0307 3192 [ 597f78224ee9224ea1a13d6350ced962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
03:17:15.0322 3192 adpahci - ok
03:17:15.0381 3192 [ e109549c90f62fb570b9540c4b148e54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
03:17:15.0384 3192 adpu320 - ok
03:17:15.0420 3192 [ 4b78b431f225fd8624c5655cb1de7b61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
03:17:15.0421 3192 AeLookupSvc - ok
03:17:15.0549 3192 [ 1c7857b62de5994a75b054a9fd4c3825 ] AFD C:\Windows\system32\drivers\afd.sys
03:17:15.0552 3192 AFD - ok
03:17:15.0592 3192 [ 608c14dba7299d8cb6ed035a68a15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
03:17:15.0606 3192 agp440 - ok
03:17:15.0661 3192 [ 4b4c16b50fdcd6b5cd21721eda2ed54c ] ahcix64s C:\Windows\system32\DRIVERS\ahcix64s.sys
03:17:15.0670 3192 ahcix64s - ok
03:17:15.0695 3192 [ 3290d6946b5e30e70414990574883ddb ] ALG C:\Windows\System32\alg.exe
03:17:15.0697 3192 ALG - ok
03:17:15.0710 3192 [ 5812713a477a3ad7363c7438ca2ee038 ] aliide C:\Windows\system32\drivers\aliide.sys
03:17:15.0712 3192 aliide - ok
03:17:15.0759 3192 [ 9c616ba191b80f5cd1a1b9553e107100 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
03:17:15.0760 3192 AMD External Events Utility - ok
03:17:15.0865 3192 AMD FUEL Service - ok
03:17:15.0897 3192 [ 1ff8b4431c353ce385c875f194924c0c ] amdide C:\Windows\system32\drivers\amdide.sys
03:17:15.0907 3192 amdide - ok
03:17:15.0949 3192 [ 6a2eeb0c4133b20773bb3dd0b7b377b4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
03:17:15.0949 3192 amdiox64 - ok
03:17:15.0992 3192 [ 7024f087cff1833a806193ef9d22cda9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
03:17:16.0021 3192 AmdK8 - ok
03:17:16.0425 3192 [ 5165e83751b8ff40e5e4925996fcc506 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
03:17:16.0473 3192 amdkmdag - ok
03:17:16.0516 3192 [ 86ab3cf484260c4318f3a6e8b035f422 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
03:17:16.0518 3192 amdkmdap - ok
03:17:16.0545 3192 [ 1e56388b3fe0d031c44144eb8c4d6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
03:17:16.0546 3192 AmdPPM - ok
03:17:16.0568 3192 [ d4121ae6d0c0e7e13aa221aa57ef2d49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
03:17:16.0571 3192 amdsata - ok
03:17:16.0604 3192 [ f67f933e79241ed32ff46a4f29b5120b ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
03:17:16.0607 3192 amdsbs - ok
03:17:16.0621 3192 [ 540daf1cea6094886d72126fd7c33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
03:17:16.0636 3192 amdxata - ok
03:17:16.0696 3192 [ 5b25d1a753cc3a3edb909bb759ac1098 ] AODDriver4.1 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
03:17:16.0697 3192 AODDriver4.1 - ok
03:17:16.0721 3192 [ 89a69c3f2f319b43379399547526d952 ] AppID C:\Windows\system32\drivers\appid.sys
03:17:16.0722 3192 AppID - ok
03:17:16.0749 3192 [ 0bc381a15355a3982216f7172f545de1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
03:17:16.0775 3192 AppIDSvc - ok
03:17:16.0998 3192 [ 3977d4a871ca0d4f2ed1e7db46829731 ] Appinfo C:\Windows\System32\appinfo.dll
03:17:16.0998 3192 Appinfo - ok
03:17:17.0072 3192 [ c484f8ceb1717c540242531db7845c4e ] arc C:\Windows\system32\DRIVERS\arc.sys
03:17:17.0082 3192 arc - ok
03:17:17.0096 3192 [ 019af6924aefe7839f61c830227fe79c ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
03:17:17.0099 3192 arcsas - ok
03:17:17.0152 3192 [ edaa17ce771c696655b6585f7cad2100 ] ASInsHelp C:\Windows\SysWow64\drivers\AsInsHelp64.sys
03:17:17.0153 3192 ASInsHelp - ok
03:17:17.0180 3192 [ fef9dd9ea587f8886ade43c1befbdafe ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
03:17:17.0181 3192 AsIO - ok
03:17:17.0186 3192 [ 26d66e32e78d3059715b3a17bc679cd9 ] AsUpIO C:\Windows\syswow64\drivers\AsUpIO.sys
03:17:17.0186 3192 AsUpIO - ok
03:17:17.0210 3192 [ 769765ce2cc62867468cea93969b2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
03:17:17.0212 3192 AsyncMac - ok
03:17:17.0263 3192 [ 02062c0b390b7729edc9e69c680a6f3c ] atapi C:\Windows\system32\drivers\atapi.sys
03:17:17.0263 3192 atapi - ok
03:17:17.0345 3192 [ 24464b908e143d2561e9e452fee97309 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
03:17:17.0346 3192 AtiHDAudioService - ok
03:17:17.0368 3192 [ 77c149e6d702737b2e372dee166faef8 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
03:17:17.0370 3192 AtiHdmiService - ok
03:17:17.0815 3192 [ 5165e83751b8ff40e5e4925996fcc506 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
03:17:17.0860 3192 atikmdag - ok
03:17:18.0043 3192 [ 7c5d273e29dcc5505469b299c6f29163 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
03:17:18.0058 3192 AtiPcie - ok
03:17:18.0223 3192 [ f23fef6d569fce88671949894a8becf1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
03:17:18.0226 3192 AudioEndpointBuilder - ok
03:17:18.0246 3192 [ f23fef6d569fce88671949894a8becf1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
03:17:18.0249 3192 AudioSrv - ok
03:17:18.0316 3192 [ a6bf31a71b409dfa8cac83159e1e2aff ] AxInstSV C:\Windows\System32\AxInstSV.dll
03:17:18.0334 3192 AxInstSV - ok
03:17:18.0384 3192 [ 3e5b191307609f7514148c6832bb0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
03:17:18.0390 3192 b06bdrv - ok
03:17:18.0465 3192 [ b5ace6968304a3900eeb1ebfd9622df2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
03:17:18.0482 3192 b57nd60a - ok
03:17:18.0516 3192 [ fde360167101b4e45a96f939f388aeb0 ] BDESVC C:\Windows\System32\bdesvc.dll
03:17:18.0518 3192 BDESVC - ok
03:17:18.0549 3192 [ 16a47ce2decc9b099349a5f840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
03:17:18.0549 3192 Beep - ok
03:17:18.0634 3192 [ 61583ee3c3a17003c4acd0475646b4d3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
03:17:18.0635 3192 blbdrive - ok
03:17:18.0666 3192 [ 6c02a83164f5cc0a262f4199f0871cf5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
03:17:18.0666 3192 bowser - ok
03:17:18.0676 3192 [ f09eee9edc320b5e1501f749fde686c8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
03:17:18.0678 3192 BrFiltLo - ok
03:17:18.0698 3192 [ b114d3098e9bdb8bea8b053685831be6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
03:17:18.0700 3192 BrFiltUp - ok
03:17:18.0721 3192 [ 5c2f352a4e961d72518261257aae204b ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
03:17:18.0724 3192 BridgeMP - ok
03:17:18.0782 3192 [ 8ef0d5c41ec907751b8429162b1239ed ] Browser C:\Windows\System32\browser.dll
03:17:18.0783 3192 Browser - ok
03:17:18.0804 3192 [ 43bea8d483bf1870f018e2d02e06a5bd ] Brserid C:\Windows\System32\Drivers\Brserid.sys
03:17:18.0819 3192 Brserid - ok
03:17:18.0870 3192 [ a6eca2151b08a09caceca35c07f05b42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
03:17:18.0891 3192 BrSerWdm - ok
03:17:18.0944 3192 [ b79968002c277e869cf38bd22cd61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
03:17:18.0946 3192 BrUsbMdm - ok
03:17:18.0959 3192 [ a87528880231c54e75ea7a44943b38bf ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
03:17:18.0960 3192 BrUsbSer - ok
03:17:18.0982 3192 [ 9da669f11d1f894ab4eb69bf546a42e8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
03:17:18.0991 3192 BTHMODEM - ok
03:17:19.0045 3192 [ 95f9c2976059462cbbf227f7aab10de9 ] bthserv C:\Windows\system32\bthserv.dll
03:17:19.0068 3192 bthserv - ok
03:17:19.0523 3192 catchme - ok
03:17:19.0607 3192 [ b8bd2bb284668c84865658c77574381a ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
03:17:19.0608 3192 cdfs - ok
03:17:19.0669 3192 [ f036ce71586e93d94dab220d7bdf4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
03:17:19.0670 3192 cdrom - ok
03:17:19.0751 3192 [ f17d1d393bbc69c5322fbfafaca28c7f ] CertPropSvc C:\Windows\System32\certprop.dll
03:17:19.0953 3192 CertPropSvc - ok
03:17:19.0986 3192 [ d7cd5c4e1b71fa62050515314cfb52cf ] circlass C:\Windows\system32\DRIVERS\circlass.sys
03:17:19.0987 3192 circlass - ok
03:17:20.0034 3192 [ fe1ec06f2253f691fe36217c592a0206 ] CLFS C:\Windows\system32\CLFS.sys
03:17:20.0038 3192 CLFS - ok
03:17:20.0132 3192 [ d88040f816fda31c3b466f0fa0918f29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
03:17:20.0146 3192 clr_optimization_v2.0.50727_32 - ok
03:17:20.0214 3192 [ d1ceea2b47cb998321c579651ce3e4f8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
03:17:20.0229 3192 clr_optimization_v2.0.50727_64 - ok
03:17:20.0304 3192 [ c5a75eb48e2344abdc162bda79e16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
03:17:20.0365 3192 clr_optimization_v4.0.30319_32 - ok
03:17:20.0399 3192 [ c6f9af94dcd58122a4d7e89db6bed29d ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
03:17:20.0400 3192 clr_optimization_v4.0.30319_64 - ok
03:17:20.0426 3192 [ 0840155d0bddf1190f84a663c284bd33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
03:17:20.0427 3192 CmBatt - ok
03:17:20.0439 3192 [ e19d3f095812725d88f9001985b94edd ] cmdide C:\Windows\system32\drivers\cmdide.sys
03:17:20.0440 3192 cmdide - ok
03:17:20.0491 3192 [ 9ac4f97c2d3e93367e2148ea940cd2cd ] CNG C:\Windows\system32\Drivers\cng.sys
03:17:20.0496 3192 CNG - ok
03:17:20.0513 3192 [ 102de219c3f61415f964c88e9085ad14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
03:17:20.0514 3192 Compbatt - ok
03:17:20.0557 3192 [ 03edb043586cceba243d689bdda370a8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
03:17:20.0557 3192 CompositeBus - ok
03:17:20.0565 3192 COMSysApp - ok
03:17:20.0631 3192 cpuz135 - ok
03:17:20.0739 3192 [ 1c827878a998c18847245fe1f34ee597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
03:17:20.0741 3192 crcdisk - ok
03:17:20.0793 3192 [ 4f5414602e2544a4554d95517948b705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
03:17:20.0794 3192 CryptSvc - ok
03:17:20.0854 3192 [ 958ef96991abccfdac0953c4a24081dc ] DAZContentManagementService C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe
03:17:20.0854 3192 DAZContentManagementService - ok
03:17:20.0900 3192 [ 5c627d1b1138676c0a7ab2c2c190d123 ] DcomLaunch C:\Windows\system32\rpcss.dll
03:17:20.0903 3192 DcomLaunch - ok
03:17:20.0926 3192 [ 3cec7631a84943677aa8fa8ee5b6b43d ] defragsvc C:\Windows\System32\defragsvc.dll
03:17:20.0929 3192 defragsvc - ok
03:17:20.0973 3192 [ 0a403702cb00432ac818523cd416bf67 ] Device Handle Service C:\Windows\SysWOW64\AsHookDevice.exe
03:17:20.0975 3192 Device Handle Service - ok
03:17:21.0034 3192 [ 9bb2ef44eaa163b29c4a4587887a0fe4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
03:17:21.0035 3192 DfsC - ok
03:17:21.0084 3192 [ 43d808f5d9e1a18e5eeb5ebc83969e4e ] Dhcp C:\Windows\system32\dhcpcore.dll
03:17:21.0086 3192 Dhcp - ok
03:17:21.0105 3192 [ 13096b05847ec78f0977f2c0f79e9ab3 ] discache C:\Windows\system32\drivers\discache.sys
03:17:21.0105 3192 discache - ok
03:17:21.0165 3192 [ 9819eee8b5ea3784ec4af3b137a5244c ] Disk C:\Windows\system32\DRIVERS\disk.sys
03:17:21.0167 3192 Disk - ok
03:17:21.0259 3192 [ 16835866aaa693c7d7fceba8fff706e4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
03:17:21.0260 3192 Dnscache - ok
03:17:21.0379 3192 [ b1fb3ddca0fdf408750d5843591afbc6 ] dot3svc C:\Windows\System32\dot3svc.dll
03:17:21.0382 3192 dot3svc - ok
03:17:21.0406 3192 [ b26f4f737e8f9df4f31af6cf31d05820 ] DPS C:\Windows\system32\dps.dll
03:17:21.0407 3192 DPS - ok
03:17:21.0425 3192 [ 9b19f34400d24df84c858a421c205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
03:17:21.0440 3192 drmkaud - ok
03:17:21.0502 3192 [ f5bee30450e18e6b83a5012c100616fd ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
03:17:21.0506 3192 DXGKrnl - ok
03:17:21.0535 3192 [ e2dda8726da9cb5b2c4000c9018a9633 ] EapHost C:\Windows\System32\eapsvc.dll
03:17:21.0536 3192 EapHost - ok
03:17:21.0721 3192 [ dc5d737f51be844d8c82c695eb17372f ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
03:17:21.0788 3192 ebdrv - ok
03:17:21.0822 3192 [ c118a82cd78818c29ab228366ebf81c3 ] EFS C:\Windows\System32\lsass.exe
03:17:21.0823 3192 EFS - ok
03:17:21.0898 3192 [ c4002b6b41975f057d98c439030cea07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
03:17:21.0924 3192 ehRecvr - ok
03:17:21.0957 3192 [ 4705e8ef9934482c5bb488ce28afc681 ] ehSched C:\Windows\ehome\ehsched.exe
03:17:21.0959 3192 ehSched - ok
03:17:22.0001 3192 [ 0e5da5369a0fcaea12456dd852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
03:17:22.0026 3192 elxstor - ok
03:17:22.0086 3192 [ 34a3c54752046e79a126e15c51db409b ] ErrDev C:\Windows\system32\drivers\errdev.sys
03:17:22.0095 3192 ErrDev - ok
03:17:22.0133 3192 [ 4166f82be4d24938977dd1746be9b8a0 ] EventSystem C:\Windows\system32\es.dll
03:17:22.0135 3192 EventSystem - ok
03:17:22.0154 3192 [ a510c654ec00c1e9bdd91eeb3a59823b ] exfat C:\Windows\system32\drivers\exfat.sys
03:17:22.0157 3192 exfat - ok
03:17:22.0172 3192 [ 0adc83218b66a6db380c330836f3e36d ] fastfat C:\Windows\system32\drivers\fastfat.sys
03:17:22.0187 3192 fastfat - ok
03:17:22.0219 3192 [ dbefd454f8318a0ef691fdd2eaab44eb ] Fax C:\Windows\system32\fxssvc.exe
03:17:22.0223 3192 Fax - ok
03:17:22.0273 3192 [ d765d19cd8ef61f650c384f62fac00ab ] fdc C:\Windows\system32\DRIVERS\fdc.sys
03:17:22.0275 3192 fdc - ok
03:17:22.0295 3192 [ 0438cab2e03f4fb61455a7956026fe86 ] fdPHost C:\Windows\system32\fdPHost.dll
03:17:22.0296 3192 fdPHost - ok
03:17:22.0311 3192 [ 802496cb59a30349f9a6dd22d6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
03:17:22.0311 3192 FDResPub - ok
03:17:22.0321 3192 [ 655661be46b5f5f3fd454e2c3095b930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
03:17:22.0323 3192 FileInfo - ok
03:17:22.0348 3192 [ 5f671ab5bc87eea04ec38a6cd5962a47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
03:17:22.0349 3192 Filetrace - ok
03:17:22.0365 3192 [ c172a0f53008eaeb8ea33fe10e177af5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
03:17:22.0371 3192 flpydisk - ok
03:17:22.0426 3192 [ da6b67270fd9db3697b20fce94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
03:17:22.0427 3192 FltMgr - ok
03:17:22.0513 3192 [ 5c4cb4086fb83115b153e47add961a0c ] FontCache C:\Windows\system32\FntCache.dll
03:17:22.0519 3192 FontCache - ok
03:17:22.0577 3192 [ a8b7f3818ab65695e3a0bb3279f6dce6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
03:17:22.0579 3192 FontCache3.0.0.0 - ok
03:17:22.0600 3192 [ d43703496149971890703b4b1b723eac ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
03:17:22.0602 3192 FsDepends - ok
03:17:22.0630 3192 [ 07da62c960ddccc2d35836aeab4fc578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
03:17:22.0631 3192 fssfltr - ok
03:17:22.0715 3192 [ 28ddeeec44e988657b732cf404d504cb ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
03:17:22.0791 3192 fsssvc - ok
03:17:22.0835 3192 [ 6bd9295cc032dd3077c671fccf579a7b ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
03:17:22.0836 3192 Fs_Rec - ok
03:17:22.0932 3192 [ ae6f0a6562d3eccd613de1fd8612ac4e ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
03:17:22.0935 3192 Futuremark SystemInfo Service - ok
03:17:23.0003 3192 [ 1f7b25b858fa27015169fe95e54108ed ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
03:17:23.0007 3192 fvevol - ok
03:17:23.0034 3192 [ 8c778d335c9d272cfd3298ab02abe3b6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
03:17:23.0036 3192 gagp30kx - ok
03:17:23.0106 3192 [ 277bbc7e1aa1ee957f573a10eca7ef3a ] gpsvc C:\Windows\System32\gpsvc.dll
03:17:23.0109 3192 gpsvc - ok
03:17:23.0194 3192 [ f02a533f517eb38333cb12a9e8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
03:17:23.0195 3192 gupdate - ok
03:17:23.0224 3192 [ f02a533f517eb38333cb12a9e8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
03:17:23.0225 3192 gupdatem - ok
03:17:23.0270 3192 [ cc839e8d766cc31a7710c9f38cf3e375 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
03:17:23.0275 3192 gusvc - ok
03:17:23.0300 3192 [ f2523ef6460fc42405b12248338ab2f0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
03:17:23.0301 3192 hcw85cir - ok
03:17:23.0383 3192 [ 975761c778e33cd22498059b91e7373a ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
03:17:23.0388 3192 HdAudAddService - ok
03:17:23.0411 3192 [ 97bfed39b6b79eb12cddbfeed51f56bb ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
03:17:23.0412 3192 HDAudBus - ok
03:17:23.0425 3192 [ 78e86380454a7b10a5eb255dc44a355f ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
03:17:23.0426 3192 HidBatt - ok
03:17:23.0438 3192 [ 7fd2a313f7afe5c4dab14798c48dd104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
03:17:23.0440 3192 HidBth - ok
03:17:23.0450 3192 [ 0a77d29f311b88cfae3b13f9c1a73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
03:17:23.0451 3192 HidIr - ok
03:17:23.0481 3192 [ bd9eb3958f213f96b97b1d897dee006d ] hidserv C:\Windows\System32\hidserv.dll
03:17:23.0482 3192 hidserv - ok
03:17:23.0495 3192 [ 9592090a7e2b61cd582b612b6df70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
03:17:23.0495 3192 HidUsb - ok
03:17:23.0533 3192 [ 387e72e739e15e3d37907a86d9ff98e2 ] hkmsvc C:\Windows\system32\kmsvc.dll
03:17:23.0536 3192 hkmsvc - ok
03:17:23.0570 3192 [ efdfb3dd38a4376f93e7985173813abd ] HomeGroupListener C:\Windows\system32\ListSvc.dll
03:17:23.0590 3192 HomeGroupListener - ok
03:17:23.0629 3192 [ 908acb1f594274965a53926b10c81e89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
03:17:23.0631 3192 HomeGroupProvider - ok
03:17:23.0829 3192 [ 39d2abcd392f3d8a6dce7b60ae7b8efc ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
03:17:23.0831 3192 HpSAMD - ok
03:17:23.0897 3192 [ 0ea7de1acb728dd5a369fd742d6eee28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
03:17:23.0901 3192 HTTP - ok
03:17:24.0073 3192 [ a5462bd6884960c9dc85ed49d34ff392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
03:17:24.0075 3192 hwpolicy - ok
03:17:24.0152 3192 [ fa55c73d4affa7ee23ac4be53b4592d3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
03:17:24.0154 3192 i8042prt - ok
03:17:24.0193 3192 [ aaaf44db3bd0b9d1fb6969b23ecc8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
03:17:24.0209 3192 iaStorV - ok
03:17:24.0472 3192 [ 5988fc40f8db5b0739cd1e3a5d0d78bd ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
03:17:24.0515 3192 idsvc - ok
03:17:24.0778 3192 [ a87261ef1546325b559374f5689cf5bc ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
03:17:24.0862 3192 igfx - ok
03:17:24.0893 3192 [ 5c18831c61933628f5bb0ea2675b9d21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
03:17:24.0895 3192 iirsp - ok
03:17:24.0931 3192 [ fcd84c381e0140af901e58d48882d26b ] IKEEXT C:\Windows\System32\ikeext.dll
03:17:24.0944 3192 IKEEXT - ok
03:17:24.0967 3192 [ f00f20e70c6ec3aa366910083a0518aa ] intelide C:\Windows\system32\drivers\intelide.sys
03:17:24.0970 3192 intelide - ok
03:17:24.0994 3192 [ ada036632c664caa754079041cf1f8c1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
03:17:24.0999 3192 intelppm - ok
03:17:25.0018 3192 [ 098a91c54546a3b878dad6a7e90a455b ] IPBusEnum C:\Windows\system32\ipbusenum.dll
03:17:25.0021 3192 IPBusEnum - ok
03:17:25.0054 3192 [ c9f0e1bd74365a8771590e9008d22ab6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
03:17:25.0067 3192 IpFilterDriver - ok
03:17:25.0087 3192 [ 0fc1aea580957aa8817b8f305d18ca3a ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
03:17:25.0089 3192 IPMIDRV - ok
03:17:25.0105 3192 [ af9b39a7e7b6caa203b3862582e9f2d0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
03:17:25.0115 3192 IPNAT - ok
03:17:25.0140 3192 [ 3abf5e7213eb28966d55d58b515d5ce9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
03:17:25.0142 3192 IRENUM - ok
03:17:25.0162 3192 [ 2f7b28dc3e1183e5eb418df55c204f38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
03:17:25.0163 3192 isapnp - ok
03:17:25.0180 3192 [ d931d7309deb2317035b07c9f9e6b0bd ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
03:17:25.0183 3192 iScsiPrt - ok
03:17:25.0211 3192 [ bc02336f1cba7dcc7d1213bb588a68a5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
03:17:25.0212 3192 kbdclass - ok
03:17:25.0231 3192 [ 0705eff5b42a9db58548eec3b26bb484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
03:17:25.0231 3192 kbdhid - ok
03:17:25.0253 3192 [ c118a82cd78818c29ab228366ebf81c3 ] KeyIso C:\Windows\system32\lsass.exe
03:17:25.0254 3192 KeyIso - ok
03:17:25.0283 3192 [ 97a7070aea4c058b6418519e869a63b4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
03:17:25.0293 3192 KSecDD - ok
03:17:25.0320 3192 [ 26c43a7c2862447ec59deda188d1da07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
03:17:25.0323 3192 KSecPkg - ok
03:17:25.0337 3192 [ 6869281e78cb31a43e969f06b57347c4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
03:17:25.0338 3192 ksthunk - ok
03:17:25.0389 3192 [ 6ab66e16aa859232f64deb66887a8c9c ] KtmRm C:\Windows\system32\msdtckrm.dll
03:17:25.0394 3192 KtmRm - ok
03:17:25.0449 3192 [ d9f42719019740baa6d1c6d536cbdaa6 ] LanmanServer C:\Windows\System32\srvsvc.dll
03:17:25.0451 3192 LanmanServer - ok
03:17:25.0484 3192 [ 851a1382eed3e3a7476db004f4ee3e1a ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
03:17:25.0485 3192 LanmanWorkstation - ok
03:17:25.0527 3192 [ 1538831cf8ad2979a04c423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
03:17:25.0527 3192 lltdio - ok
03:17:25.0545 3192 [ c1185803384ab3feed115f79f109427f ] lltdsvc C:\Windows\System32\lltdsvc.dll
03:17:25.0549 3192 lltdsvc - ok
03:17:25.0580 3192 [ f993a32249b66c9d622ea5592a8b76b8 ] lmhosts C:\Windows\System32\lmhsvc.dll
03:17:25.0581 3192 lmhosts - ok
03:17:25.0608 3192 [ 1a93e54eb0ece102495a51266dcdb6a6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
03:17:25.0610 3192 LSI_FC - ok
03:17:25.0617 3192 [ 1047184a9fdc8bdbff857175875ee810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
03:17:25.0619 3192 LSI_SAS - ok
03:17:25.0640 3192 [ 30f5c0de1ee8b5bc9306c1f0e4a75f93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
03:17:25.0642 3192 LSI_SAS2 - ok
03:17:25.0656 3192 [ 0504eacaff0d3c8aed161c4b0d369d4a ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
03:17:25.0658 3192 LSI_SCSI - ok
03:17:25.0673 3192 [ 43d0f98e1d56ccddb0d5254cff7b356e ] luafv C:\Windows\system32\drivers\luafv.sys
03:17:25.0673 3192 luafv - ok
03:17:25.0711 3192 [ 0be09cd858abf9df6ed259d57a1a1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
03:17:25.0714 3192 Mcx2Svc - ok
03:17:25.0729 3192 [ a55805f747c6edb6a9080d7c633bd0f4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
03:17:25.0731 3192 megasas - ok
03:17:25.0742 3192 [ baf74ce0072480c3b6b7c13b2a94d6b3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
03:17:25.0753 3192 MegaSR - ok
03:17:25.0768 3192 [ e40e80d0304a73e8d269f7141d77250b ] MMCSS C:\Windows\system32\mmcss.dll
03:17:25.0769 3192 MMCSS - ok
03:17:25.0778 3192 [ 800ba92f7010378b09f9ed9270f07137 ] Modem C:\Windows\system32\drivers\modem.sys
03:17:25.0779 3192 Modem - ok
03:17:25.0799 3192 [ b03d591dc7da45ece20b3b467e6aadaa ] monitor C:\Windows\system32\DRIVERS\monitor.sys
03:17:25.0800 3192 monitor - ok
03:17:25.0808 3192 [ 7d27ea49f3c1f687d357e77a470aea99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
03:17:25.0809 3192 mouclass - ok
03:17:25.0842 3192 [ d3bf052c40b0c4166d9fd86a4288c1e6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
03:17:25.0842 3192 mouhid - ok
03:17:25.0853 3192 [ 32e7a3d591d671a6df2db515a5cbe0fa ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
03:17:25.0855 3192 mountmgr - ok
03:17:25.0916 3192 [ 96aa8ba23142cc8e2b30f3cae0c80254 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
03:17:25.0918 3192 MozillaMaintenance - ok
03:17:25.0970 3192 [ a44b420d30bd56e145d6a2bc8768ec58 ] mpio C:\Windows\system32\drivers\mpio.sys
03:17:25.0972 3192 mpio - ok
03:17:25.0981 3192 [ 6c38c9e45ae0ea2fa5e551f2ed5e978f ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
03:17:25.0983 3192 mpsdrv - ok
03:17:26.0013 3192 [ dc722758b8261e1abafd31a3c0a66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
03:17:26.0022 3192 MRxDAV - ok
03:17:26.0048 3192 [ a5d9106a73dc88564c825d317cac68ac ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
03:17:26.0049 3192 mrxsmb - ok
03:17:26.0064 3192 [ d711b3c1d5f42c0c2415687be09fc163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
03:17:26.0066 3192 mrxsmb10 - ok
03:17:26.0087 3192 [ 9423e9d355c8d303e76b8cfbd8a5c30c ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
03:17:26.0088 3192 mrxsmb20 - ok
03:17:26.0112 3192 [ c25f0bafa182cbca2dd3c851c2e75796 ] msahci C:\Windows\system32\drivers\msahci.sys
03:17:26.0113 3192 msahci - ok
03:17:26.0128 3192 [ db801a638d011b9633829eb6f663c900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
03:17:26.0131 3192 msdsm - ok
03:17:26.0158 3192 [ de0ece52236cfa3ed2dbfc03f28253a8 ] MSDTC C:\Windows\System32\msdtc.exe
03:17:26.0161 3192 MSDTC - ok
03:17:26.0180 3192 [ aa3fb40e17ce1388fa1bedab50ea8f96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
03:17:26.0181 3192 Msfs - ok
03:17:26.0193 3192 [ f9d215a46a8b9753f61767fa72a20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
03:17:26.0202 3192 mshidkmdf - ok
03:17:26.0220 3192 [ d916874bbd4f8b07bfb7fa9b3ccae29d ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
03:17:26.0222 3192 msisadrv - ok
03:17:26.0243 3192 [ 808e98ff49b155c522e6400953177b08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
03:17:26.0246 3192 MSiSCSI - ok
03:17:26.0249 3192 msiserver - ok
03:17:26.0266 3192 [ 49ccf2c4fea34ffad8b1b59d49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
03:17:26.0267 3192 MSKSSRV - ok
03:17:26.0275 3192 [ bdd71ace35a232104ddd349ee70e1ab3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
03:17:26.0276 3192 MSPCLOCK - ok
03:17:26.0280 3192 [ 4ed981241db27c3383d72092b618a1d0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
03:17:26.0281 3192 MSPQM - ok
03:17:26.0309 3192 [ 759a9eeb0fa9ed79da1fb7d4ef78866d ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
03:17:26.0313 3192 MsRPC - ok
03:17:26.0330 3192 [ 0eed230e37515a0eaee3c2e1bc97b288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
03:17:26.0330 3192 mssmbios - ok
03:17:26.0334 3192 [ 2e66f9ecb30b4221a318c92ac2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
03:17:26.0335 3192 MSTEE - ok
03:17:26.0346 3192 [ 7ea404308934e675bffde8edf0757bcd ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
03:17:26.0348 3192 MTConfig - ok
03:17:26.0381 3192 [ 19b006b181e3875fd254f7b67acf1e7c ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
03:17:26.0381 3192 MTsensor - ok
03:17:26.0403 3192 [ f9a18612fd3526fe473c1bda678d61c8 ] Mup C:\Windows\system32\Drivers\mup.sys
03:17:26.0411 3192 Mup - ok
03:17:26.0447 3192 [ 582ac6d9873e31dfa28a4547270862dd ] napagent C:\Windows\system32\qagentRT.dll
03:17:26.0450 3192 napagent - ok
03:17:26.0484 3192 [ 1ea3749c4114db3e3161156ffffa6b33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
03:17:26.0485 3192 NativeWifiP - ok
03:17:26.0539 3192 [ 79b47fd40d9a817e932f9d26fac0a81c ] NDIS C:\Windows\system32\drivers\ndis.sys
03:17:26.0557 3192 NDIS - ok
03:17:26.0568 3192 [ 9f9a1f53aad7da4d6fef5bb73ab811ac ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
03:17:26.0570 3192 NdisCap - ok
03:17:26.0592 3192 [ 30639c932d9fef22b31268fe25a1b6e5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
03:17:26.0592 3192 NdisTapi - ok
03:17:26.0639 3192 [ 136185f9fb2cc61e573e676aa5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
03:17:26.0640 3192 Ndisuio - ok
03:17:26.0670 3192 [ 53f7305169863f0a2bddc49e116c2e11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
03:17:26.0671 3192 NdisWan - ok
03:17:26.0686 3192 [ 015c0d8e0e0421b4cfd48cffe2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
03:17:26.0686 3192 NDProxy - ok
03:17:26.0730 3192 [ dc6530a291d4bdf6df399f1f128e7f8f ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
03:17:26.0731 3192 Net Driver HPZ12 - ok
03:17:26.0746 3192 [ 86743d9f5d2b1048062b14b1d84501c4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
03:17:26.0747 3192 NetBIOS - ok
03:17:26.0815 3192 [ 09594d1089c523423b32a4229263f068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
03:17:26.0816 3192 NetBT - ok
03:17:26.0834 3192 [ c118a82cd78818c29ab228366ebf81c3 ] Netlogon C:\Windows\system32\lsass.exe
03:17:26.0835 3192 Netlogon - ok
03:17:26.0889 3192 [ 847d3ae376c0817161a14a82c8922a9e ] Netman C:\Windows\System32\netman.dll
03:17:26.0891 3192 Netman - ok
03:17:26.0934 3192 [ 5f28111c648f1e24f7dbc87cdeb091b8 ] netprofm C:\Windows\System32\netprofm.dll
03:17:26.0937 3192 netprofm - ok
03:17:26.0998 3192 [ 44d4bd55191624c82a2745296ba42814 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
03:17:27.0011 3192 netr28x - ok
03:17:27.0040 3192 [ 3e5a36127e201ddf663176b66828fafe ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
03:17:27.0042 3192 NetTcpPortSharing - ok
03:17:27.0071 3192 [ 77889813be4d166cdab78ddba990da92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
03:17:27.0072 3192 nfrd960 - ok
03:17:27.0086 3192 [ 1ee99a89cc788ada662441d1e9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
03:17:27.0088 3192 NlaSvc - ok
03:17:27.0095 3192 [ 1e4c4ab5c9b8dd13179bbdc75a2a01f7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
03:17:27.0095 3192 Npfs - ok
03:17:27.0123 3192 [ d54bfdf3e0c953f823b3d0bfe4732528 ] nsi C:\Windows\system32\nsisvc.dll
03:17:27.0124 3192 nsi - ok
03:17:27.0128 3192 [ e7f5ae18af4168178a642a9247c63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
03:17:27.0129 3192 nsiproxy - ok
03:17:27.0168 3192 [ a2f74975097f52a00745f9637451fdd8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
03:17:27.0190 3192 Ntfs - ok
03:17:27.0199 3192 [ 9899284589f75fa8724ff3d16aed75c1 ] Null C:\Windows\system32\drivers\Null.sys
03:17:27.0199 3192 Null - ok
03:17:27.0274 3192 [ 0a92cb65770442ed0dc44834632f66ad ] nvraid C:\Windows\system32\drivers\nvraid.sys
03:17:27.0289 3192 nvraid - ok
03:17:27.0364 3192 [ dab0e87525c10052bf65f06152f37e4a ] nvstor C:\Windows\system32\drivers\nvstor.sys
03:17:27.0370 3192 nvstor - ok
03:17:27.0402 3192 [ 270d7cd42d6e3979f6dd0146650f0e05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
03:17:27.0416 3192 nv_agp - ok
03:17:27.0443 3192 [ 3589478e4b22ce21b41fa1bfc0b8b8a0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
03:17:27.0443 3192 ohci1394 - ok
03:17:27.0458 3192 [ 3eac4455472cc2c97107b5291e0dcafe ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
03:17:27.0458 3192 p2pimsvc - ok
03:17:27.0474 3192 [ 927463ecb02179f88e4b9a17568c63c3 ] p2psvc C:\Windows\system32\p2psvc.dll
03:17:27.0474 3192 p2psvc - ok
03:17:27.0489 3192 [ 0086431c29c35be1dbc43f52cc273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
03:17:27.0489 3192 Parport - ok
03:17:27.0536 3192 [ e9766131eeade40a27dc27d2d68fba9c ] partmgr C:\Windows\system32\drivers\partmgr.sys
03:17:27.0552 3192 partmgr - ok
03:17:27.0567 3192 [ 3aeaa8b561e63452c655dc0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
03:17:27.0567 3192 PcaSvc - ok
03:17:27.0583 3192 [ 94575c0571d1462a0f70bde6bd6ee6b3 ] pci C:\Windows\system32\drivers\pci.sys
03:17:27.0583 3192 pci - ok
03:17:27.0583 3192 [ b5b8b5ef2e5cb34df8dcf8831e3534fa ] pciide C:\Windows\system32\drivers\pciide.sys
03:17:27.0583 3192 pciide - ok
03:17:27.0614 3192 [ b2e81d4e87ce48589f98cb8c05b01f2f ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
03:17:27.0614 3192 pcmcia - ok
03:17:27.0614 3192 [ d6b9c2e1a11a3a4b26a182ffef18f603 ] pcw C:\Windows\system32\drivers\pcw.sys
03:17:27.0614 3192 pcw - ok
03:17:27.0630 3192 [ 68769c3356b3be5d1c732c97b9a80d6e ] PEAUTH C:\Windows\system32\drivers\peauth.sys
03:17:27.0645 3192 PEAUTH - ok
03:17:27.0677 3192 [ e495e408c93141e8fc72dc0c6046ddfa ] PerfHost C:\Windows\SysWow64\perfhost.exe
03:17:27.0677 3192 PerfHost - ok
03:17:27.0770 3192 [ c7cf6a6e137463219e1259e3f0f0dd6c ] pla C:\Windows\system32\pla.dll
03:17:27.0817 3192 pla - ok
03:17:27.0864 3192 [ 25fbdef06c4d92815b353f6e792c8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
03:17:27.0864 3192 PlugPlay - ok
03:17:27.0879 3192 [ 71f62c51dfdfbc04c83c5c64b2b8058e ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
03:17:27.0879 3192 Pml Driver HPZ12 - ok
03:17:27.0895 3192 [ 7195581cec9bb7d12abe54036acc2e38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
03:17:27.0895 3192 PNRPAutoReg - ok
03:17:27.0911 3192 [ 3eac4455472cc2c97107b5291e0dcafe ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
03:17:27.0926 3192 PNRPsvc - ok
03:17:27.0942 3192 [ 4f15d75adf6156bf56eced6d4a55c389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
03:17:27.0942 3192 PolicyAgent - ok
03:17:27.0957 3192 [ 6ba9d927dded70bd1a9caded45f8b184 ] Power C:\Windows\system32\umpo.dll
03:17:27.0957 3192 Power - ok
03:17:28.0004 3192 [ f92a2c41117a11a00be01ca01a7fcde9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
03:17:28.0004 3192 PptpMiniport - ok
03:17:28.0020 3192 [ 0d922e23c041efb1c3fac2a6f943c9bf ] Processor C:\Windows\system32\DRIVERS\processr.sys
03:17:28.0020 3192 Processor - ok
03:17:28.0067 3192 [ 53e83f1f6cf9d62f32801cf66d8352a8 ] ProfSvc C:\Windows\system32\profsvc.dll
03:17:28.0067 3192 ProfSvc - ok
03:17:28.0082 3192 [ c118a82cd78818c29ab228366ebf81c3 ] ProtectedStorage C:\Windows\system32\lsass.exe
03:17:28.0082 3192 ProtectedStorage - ok
03:17:28.0129 3192 [ 0557cf5a2556bd58e26384169d72438d ] Psched C:\Windows\system32\DRIVERS\pacer.sys
03:17:28.0129 3192 Psched - ok
03:17:28.0191 3192 [ a283e768fa12ef33087f07b01f82d6dd ] PSEXESVC C:\Windows\PSEXESVC.EXE
03:17:28.0207 3192 PSEXESVC - ok
03:17:28.0238 3192 [ a53a15a11ebfd21077463ee2c7afeef0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
03:17:28.0269 3192 ql2300 - ok
03:17:28.0269 3192 [ 4f6d12b51de1aaeff7dc58c4d75423c8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
03:17:28.0269 3192 ql40xx - ok
03:17:28.0285 3192 [ 906191634e99aea92c4816150bda3732 ] QWAVE C:\Windows\system32\qwave.dll
03:17:28.0285 3192 QWAVE - ok
03:17:28.0301 3192 [ 76707bb36430888d9ce9d705398adb6c ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
03:17:28.0301 3192 QWAVEdrv - ok
03:17:28.0316 3192 [ 5a0da8ad5762fa2d91678a8a01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
03:17:28.0316 3192 RasAcd - ok
03:17:28.0347 3192 [ 7ecff9b22276b73f43a99a15a6094e90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
03:17:28.0347 3192 RasAgileVpn - ok
03:17:28.0363 3192 [ 8f26510c5383b8dbe976de1cd00fc8c7 ] RasAuto C:\Windows\System32\rasauto.dll
03:17:28.0363 3192 RasAuto - ok
03:17:28.0379 3192 [ 471815800ae33e6f1c32fb1b97c490ca ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
03:17:28.0379 3192 Rasl2tp - ok
03:17:28.0394 3192 [ ee867a0870fc9e4972ba9eaad35651e2 ] RasMan C:\Windows\System32\rasmans.dll
03:17:28.0410 3192 RasMan - ok
03:17:28.0410 3192 [ 855c9b1cd4756c5e9a2aa58a15f58c25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
03:17:28.0410 3192 RasPppoe - ok
03:17:28.0425 3192 [ e8b1e447b008d07ff47d016c2b0eeecb ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
03:17:28.0425 3192 RasSstp - ok
03:17:28.0472 3192 [ 77f665941019a1594d887a74f301fa2f ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
03:17:28.0472 3192 rdbss - ok
03:17:28.0608 3192 [ 302da2a0539f2cf54d7c6cc30c1f2d8d ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
03:17:28.0609 3192 rdpbus - ok
03:17:28.0619 3192 [ cea6cc257fc9b7715f1c2b4849286d24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
03:17:28.0620 3192 RDPCDD - ok
03:17:28.0650 3192 [ bb5971a4f00659529a5c44831af22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
03:17:28.0650 3192 RDPENCDD - ok
03:17:28.0659 3192 [ 216f3fa57533d98e1f74ded70113177a ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
03:17:28.0659 3192 RDPREFMP - ok
03:17:28.0702 3192 [ e61608aa35e98999af9aaeeea6114b0a ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
03:17:28.0704 3192 RDPWD - ok
03:17:28.0715 3192 [ 34ed295fa0121c241bfef24764fc4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
03:17:28.0718 3192 rdyboost - ok
03:17:28.0837 3192 [ 254fb7a22d74e5511c73a3f6d802f192 ] RemoteAccess C:\Windows\System32\mprdim.dll
03:17:28.0839 3192 RemoteAccess - ok
03:17:28.0852 3192 [ e4d94f24081440b5fc5aa556c7c62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
03:17:28.0854 3192 RemoteRegistry - ok
03:17:28.0866 3192 [ e4dc58cf7b3ea515ae917ff0d402a7bb ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
03:17:28.0867 3192 RpcEptMapper - ok
03:17:28.0882 3192 [ d5ba242d4cf8e384db90e6a8ed850b8c ] RpcLocator C:\Windows\system32\locator.exe
03:17:28.0883 3192 RpcLocator - ok
03:17:28.0908 3192 [ 5c627d1b1138676c0a7ab2c2c190d123 ] RpcSs C:\Windows\system32\rpcss.dll
03:17:28.0911 3192 RpcSs - ok
03:17:28.0920 3192 [ ddc86e4f8e7456261e637e3552e804ff ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
03:17:28.0920 3192 rspndr - ok
03:17:28.0956 3192 [ 2777226ee8bf50b059d7a7c90177e99c ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
03:17:28.0958 3192 RTL8167 - ok
03:17:28.0965 3192 [ c118a82cd78818c29ab228366ebf81c3 ] SamSs C:\Windows\system32\lsass.exe
03:17:28.0966 3192 SamSs - ok
03:17:29.0044 3192 [ 3289766038db2cb14d07dc84392138d5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
03:17:29.0044 3192 SASDIFSV - ok
03:17:29.0064 3192 [ 58a38e75f3316a83c23df6173d41f2b5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
03:17:29.0064 3192 SASKUTIL - ok
03:17:29.0096 3192 [ ac03af3329579fffb455aa2daabbe22b ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
03:17:29.0098 3192 sbp2port - ok
03:17:29.0121 3192 [ 9b7395789e3791a3b6d000fe6f8b131e ] SCardSvr C:\Windows\System32\SCardSvr.dll
03:17:29.0133 3192 SCardSvr - ok
03:17:29.0165 3192 [ 253f38d0d7074c02ff8deb9836c97d2b ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
03:17:29.0172 3192 scfilter - ok
03:17:29.0310 3192 [ 262f6592c3299c005fd6bec90fc4463a ] Schedule C:\Windows\system32\schedsvc.dll
03:17:29.0316 3192 Schedule - ok
03:17:29.0358 3192 [ f17d1d393bbc69c5322fbfafaca28c7f ] SCPolicySvc C:\Windows\System32\certprop.dll
03:17:29.0359 3192 SCPolicySvc - ok
03:17:29.0436 3192 [ 6ea4234dc55346e0709560fe7c2c1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
03:17:29.0447 3192 SDRSVC - ok
03:17:29.0516 3192 [ 3ea8a16169c26afbeb544e0e48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
03:17:29.0516 3192 secdrv - ok
03:17:29.0546 3192 [ bc617a4e1b4fa8df523a061739a0bd87 ] seclogon C:\Windows\system32\seclogon.dll
03:17:29.0547 3192 seclogon - ok
03:17:29.0576 3192 [ c32ab8fa018ef34c0f113bd501436d21 ] SENS C:\Windows\system32\sens.dll
03:17:29.0577 3192 SENS - ok
03:17:29.0613 3192 [ 0336cffafaab87a11541f1cf1594b2b2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
03:17:29.0615 3192 SensrSvc - ok
03:17:29.0633 3192 [ cb624c0035412af0debec78c41f5ca1b ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
03:17:29.0659 3192 Serenum - ok
03:17:29.0724 3192 [ c1d8e28b2c2adfaec4ba89e9fda69bd6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
03:17:29.0738 3192 Serial - ok
03:17:29.0785 3192 [ 1c545a7d0691cc4a027396535691c3e3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
03:17:29.0805 3192 sermouse - ok
03:17:29.0835 3192 [ 0b6231bf38174a1628c4ac812cc75804 ] SessionEnv C:\Windows\system32\sessenv.dll
03:17:29.0845 3192 SessionEnv - ok
03:17:29.0867 3192 [ a554811bcd09279536440c964ae35bbf ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
03:17:29.0876 3192 sffdisk - ok
03:17:29.0905 3192 [ ff414f0baefeba59bc6c04b3db0b87bf ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
03:17:29.0906 3192 sffp_mmc - ok
03:17:29.0923 3192 [ dd85b78243a19b59f0637dcf284da63c ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
03:17:29.0926 3192 sffp_sd - ok
03:17:29.0942 3192 [ a9d601643a1647211a1ee2ec4e433ff4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
03:17:29.0954 3192 sfloppy - ok
03:17:30.0037 3192 [ aaf932b4011d14052955d4b212a4da8d ] ShellHWDetection C:\Windows\System32\shsvcs.dll
03:17:30.0039 3192 ShellHWDetection - ok
03:17:30.0075 3192 [ 843caf1e5fde1ffd5ff768f23a51e2e1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
03:17:30.0076 3192 SiSRaid2 - ok
03:17:30.0092 3192 [ 6a6c106d42e9ffff8b9fcb4f754f6da4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
03:17:30.0093 3192 SiSRaid4 - ok
03:17:30.0272 3192 [ 0f97e7a47a52f4a36969f0fc319654c2 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
03:17:30.0286 3192 Skype C2C Service - ok
03:17:30.0340 3192 [ f07af60b152221472fbdb2fecec4896d ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
03:17:30.0341 3192 SkypeUpdate - ok
03:17:30.0357 3192 [ 548260a7b8654e024dc30bf8a7c5baa4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
03:17:30.0360 3192 Smb - ok
03:17:30.0423 3192 [ 6313f223e817cc09aa41811daa7f541d ] SNMPTRAP C:\Windows\System32\snmptrap.exe
03:17:30.0425 3192 SNMPTRAP - ok
03:17:30.0444 3192 [ b9e31e5cacdfe584f34f730a677803f9 ] spldr C:\Windows\system32\drivers\spldr.sys
03:17:30.0446 3192 spldr - ok
03:17:30.0460 3192 [ b96c17b5dc1424d56eea3a99e97428cd ] Spooler C:\Windows\System32\spoolsv.exe
03:17:30.0463 3192 Spooler - ok
03:17:30.0538 3192 [ e17e0188bb90fae42d83e98707efa59c ] sppsvc C:\Windows\system32\sppsvc.exe
03:17:30.0554 3192 sppsvc - ok
03:17:30.0582 3192 [ 93d7d61317f3d4bc4f4e9f8a96a7de45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
03:17:30.0585 3192 sppuinotify - ok
03:17:30.0601 3192 [ 441fba48bff01fdb9d5969ebc1838f0b ] srv C:\Windows\system32\DRIVERS\srv.sys
03:17:30.0601 3192 srv - ok
03:17:30.0616 3192 [ b4adebbf5e3677cce9651e0f01f7cc28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
03:17:30.0616 3192 srv2 - ok
03:17:30.0632 3192 [ 27e461f0be5bff5fc737328f749538c3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
03:17:30.0632 3192 srvnet - ok
03:17:30.0663 3192 [ 51b52fbd583cde8aa9ba62b8b4298f33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
03:17:30.0663 3192 SSDPSRV - ok
03:17:30.0679 3192 [ ab7aebf58dad8daab7a6c45e6a8885cb ] SstpSvc C:\Windows\system32\sstpsvc.dll
03:17:30.0679 3192 SstpSvc - ok
03:17:30.0694 3192 [ f3817967ed533d08327dc73bc4d5542a ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
03:17:30.0694 3192 stexstor - ok
03:17:30.0710 3192 [ 8dd52e8e6128f4b2da92ce27402871c1 ] stisvc C:\Windows\System32\wiaservc.dll
03:17:30.0725 3192 stisvc - ok
03:17:30.0741 3192 [ d01ec09b6711a5f8e7e6564a4d0fbc90 ] swenum C:\Windows\system32\drivers\swenum.sys
03:17:30.0741 3192 swenum - ok
03:17:30.0819 3192 [ f577910a133a592234ebaad3f3afa258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
03:17:30.0819 3192 SwitchBoard - ok
03:17:30.0835 3192 [ e08e46fdd841b7184194011ca1955a0b ] swprv C:\Windows\System32\swprv.dll
03:17:30.0850 3192 swprv - ok
03:17:30.0897 3192 [ bf9ccc0bf39b418c8d0ae8b05cf95b7d ] SysMain C:\Windows\system32\sysmain.dll
03:17:30.0897 3192 SysMain - ok
03:17:30.0944 3192 [ e3c61fd7b7c2557e1f1b0b4cec713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
03:17:30.0944 3192 TabletInputService - ok
03:17:31.0084 3192 [ c4c20cfa4f42e9b7454e895c5c47bcd3 ] TabletServicePen C:\Program Files\Tablet\Pen\Pen_Tablet.exe
03:17:31.0115 3192 TabletServicePen - ok
03:17:31.0131 3192 [ 40f0849f65d13ee87b9a9ae3c1dd6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
03:17:31.0147 3192 TapiSrv - ok
03:17:31.0147 3192 [ 1be03ac720f4d302ea01d40f588162f6 ] TBS C:\Windows\System32\tbssvc.dll
03:17:31.0162 3192 TBS - ok
03:17:31.0209 3192 [ acb82bda8f46c84f465c1afa517dc4b9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
03:17:31.0240 3192 Tcpip - ok
03:17:31.0271 3192 [ acb82bda8f46c84f465c1afa517dc4b9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
03:17:31.0287 3192 TCPIP6 - ok
03:17:31.0303 3192 [ df687e3d8836bfb04fcc0615bf15a519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
03:17:31.0303 3192 tcpipreg - ok
03:17:31.0334 3192 [ 3371d21011695b16333a3934340c4e7c ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
03:17:31.0334 3192 TDPIPE - ok
03:17:31.0365 3192 [ 51c5eceb1cdee2468a1748be550cfbc8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
03:17:31.0365 3192 TDTCP - ok
03:17:31.0381 3192 [ ddad5a7ab24d8b65f8d724f5c20fd806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
03:17:31.0381 3192 tdx - ok
03:17:31.0412 3192 [ 561e7e1f06895d78de991e01dd0fb6e5 ] TermDD C:\Windows\system32\drivers\termdd.sys
03:17:31.0412 3192 TermDD - ok
03:17:31.0427 3192 [ 2e648163254233755035b46dd7b89123 ] TermService C:\Windows\System32\termsrv.dll
03:17:31.0443 3192 TermService - ok
03:17:31.0459 3192 [ f0344071948d1a1fa732231785a0664c ] Themes C:\Windows\system32\themeservice.dll
03:17:31.0459 3192 Themes - ok
03:17:31.0459 3192 [ e40e80d0304a73e8d269f7141d77250b ] THREADORDER C:\Windows\system32\mmcss.dll
03:17:31.0459 3192 THREADORDER - ok
03:17:31.0505 3192 [ 7625dcf246e488e523dc1f64c38abda2 ] TouchServicePen C:\Program Files\Tablet\Pen\Pen_TouchService.exe
03:17:31.0505 3192 TouchServicePen - ok
03:17:31.0521 3192 [ 7e7afd841694f6ac397e99d75cead49d ] TrkWks C:\Windows\System32\trkwks.dll
03:17:31.0521 3192 TrkWks - ok
03:17:31.0568 3192 [ 773212b2aaa24c1e31f10246b15b276c ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
03:17:31.0568 3192 TrustedInstaller - ok
03:17:31.0599 3192 [ ce18b2cdfc837c99e5fae9ca6cba5d30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
03:17:31.0599 3192 tssecsrv - ok
03:17:31.0630 3192 [ d11c783e3ef9a3c52c0ebe83cc5000e9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
03:17:31.0646 3192 TsUsbFlt - ok
03:17:31.0677 3192 [ 3566a8daafa27af944f5d705eaa64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
03:17:31.0677 3192 tunnel - ok
03:17:31.0677 3192 [ b4dd609bd7e282bfc683cec7eaaaad67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
03:17:31.0677 3192 uagp35 - ok
03:17:31.0724 3192 [ ff4232a1a64012baa1fd97c7b67df593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
03:17:31.0724 3192 udfs - ok
03:17:31.0739 3192 [ 3cbdec8d06b9968aba702eba076364a1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
03:17:31.0739 3192 UI0Detect - ok
03:17:31.0739 3192 [ 4bfe1bc28391222894cbf1e7d0e42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
03:17:31.0755 3192 uliagpkx - ok
03:17:31.0771 3192 [ dc54a574663a895c8763af0fa1ff7561 ] umbus C:\Windows\system32\drivers\umbus.sys
03:17:31.0771 3192 umbus - ok
03:17:31.0786 3192 [ b2e8e8cb557b156da5493bbddcc1474d ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
03:17:31.0786 3192 UmPass - ok
03:17:31.0802 3192 [ d47ec6a8e81633dd18d2436b19baf6de ] upnphost C:\Windows\System32\upnphost.dll
03:17:31.0802 3192 upnphost - ok
03:17:31.0817 3192 [ 6f1a3157a1c89435352ceb543cdb359c ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
03:17:31.0817 3192 usbccgp - ok
03:17:31.0833 3192 [ af0892a803fdda7492f595368e3b68e7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
03:17:31.0833 3192 usbcir - ok
03:17:31.0849 3192 [ c025055fe7b87701eb042095df1a2d7b ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
03:17:31.0849 3192 usbehci - ok
03:17:31.0864 3192 [ 2c780746dc44a28fe67004dc58173f05 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
03:17:31.0864 3192 usbfilter - ok
03:17:31.0880 3192 [ 287c6c9410b111b68b52ca298f7b8c24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
03:17:31.0880 3192 usbhub - ok
03:17:31.0895 3192 [ 9840fc418b4cbd632d3d0a667a725c31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
03:17:31.0895 3192 usbohci - ok
03:17:31.0895 3192 [ 73188f58fb384e75c4063d29413cee3d ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
03:17:31.0911 3192 usbprint - ok
03:17:31.0927 3192 [ fed648b01349a3c8395a5169db5fb7d6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
03:17:31.0927 3192 USBSTOR - ok
03:17:31.0927 3192 [ 62069a34518bcf9c1fd9e74b3f6db7cd ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
03:17:31.0927 3192 usbuhci - ok
03:17:31.0927 3192 [ edbb23cbcf2cdf727d64ff9b51a6070e ] UxSms C:\Windows\System32\uxsms.dll
03:17:31.0927 3192 UxSms - ok
03:17:31.0942 3192 [ c118a82cd78818c29ab228366ebf81c3 ] VaultSvc C:\Windows\system32\lsass.exe
03:17:31.0942 3192 VaultSvc - ok
03:17:31.0942 3192 [ c5c876ccfc083ff3b128f933823e87bd ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
03:17:31.0942 3192 vdrvroot - ok
03:17:31.0958 3192 [ 8d6b481601d01a456e75c3210f1830be ] vds C:\Windows\System32\vds.exe
03:17:31.0958 3192 vds - ok
03:17:31.0973 3192 [ da4da3f5e02943c2dc8c6ed875de68dd ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
03:17:31.0973 3192 vga - ok
03:17:31.0973 3192 [ 53e92a310193cb3c03bea963de7d9cfc ] VgaSave C:\Windows\System32\drivers\vga.sys
03:17:31.0973 3192 VgaSave - ok
03:17:31.0989 3192 [ 2ce2df28c83aeaf30084e1b1eb253cbb ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
03:17:31.0989 3192 vhdmp - ok
03:17:32.0036 3192 [ d4944dbf92e07f1f641cb512065966e6 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
03:17:32.0036 3192 VIAHdAudAddService - ok
03:17:32.0067 3192 [ e5689d93ffe4e5d66c0178761240dd54 ] viaide C:\Windows\system32\drivers\viaide.sys
03:17:32.0067 3192 viaide - ok
03:17:32.0083 3192 [ d2aafd421940f640b407aefaaebd91b0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
03:17:32.0083 3192 volmgr - ok
03:17:32.0114 3192 [ a255814907c89be58b79ef2f189b843b ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
03:17:32.0114 3192 volmgrx - ok
03:17:32.0129 3192 [ 0d08d2f3b3ff84e433346669b5e0f639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
03:17:32.0129 3192 volsnap - ok
03:17:32.0145 3192 [ 5e2016ea6ebaca03c04feac5f330d997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
03:17:32.0161 3192 vsmraid - ok
03:17:32.0270 3192 [ b60ba0bc31b0cb414593e169f6f21cc2 ] VSS C:\Windows\system32\vssvc.exe
03:17:32.0317 3192 VSS - ok
03:17:32.0348 3192 [ 36d4720b72b5c5d9cb2b9c29e9df67a1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
03:17:32.0348 3192 vwifibus - ok
03:17:32.0379 3192 [ 6a3d66263414ff0d6fa754c646612f3f ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
03:17:32.0379 3192 vwififlt - ok
03:17:32.0426 3192 [ 1c9d80cc3849b3788048078c26486e1a ] W32Time C:\Windows\system32\w32time.dll
03:17:32.0426 3192 W32Time - ok
03:17:32.0473 3192 [ fe75777289278a4941fe6139e82b3bd9 ] wacmoumonitor C:\Windows\system32\DRIVERS\wacmoumonitor.sys
03:17:32.0473 3192 wacmoumonitor - ok
03:17:32.0504 3192 [ e04d43c7d1641e95d35cae6086c7e350 ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys
03:17:32.0504 3192 wacommousefilter - ok
03:17:32.0504 3192 [ 4e9440f4f152a7b944cb1663d3935a3e ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
03:17:32.0504 3192 WacomPen - ok
03:17:32.0535 3192 [ ec1ceb237e365330c1fcfc4876aa0ac0 ] wacomvhid C:\Windows\system32\DRIVERS\wacomvhid.sys
03:17:32.0535 3192 wacomvhid - ok
03:17:32.0535 3192 [ 356afd78a6ed4457169241ac3965230c ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
03:17:32.0535 3192 WANARP - ok
03:17:32.0551 3192 [ 356afd78a6ed4457169241ac3965230c ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
03:17:32.0551 3192 Wanarpv6 - ok
03:17:32.0597 3192 [ 3cec96de223e49eaae3651fcf8faea6c ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
03:17:32.0613 3192 WatAdminSvc - ok
03:17:32.0644 3192 [ 78f4e7f5c56cb9716238eb57da4b6a75 ] wbengine C:\Windows\system32\wbengine.exe
03:17:32.0675 3192 wbengine - ok
03:17:32.0691 3192 [ 3aa101e8edab2db4131333f4325c76a3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
03:17:32.0691 3192 WbioSrvc - ok
03:17:32.0707 3192 [ 7368a2afd46e5a4481d1de9d14848edd ] wcncsvc C:\Windows\System32\wcncsvc.dll
03:17:32.0707 3192 wcncsvc - ok
03:17:32.0722 3192 [ 20f7441334b18cee52027661df4a6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
03:17:32.0722 3192 WcsPlugInService - ok
03:17:32.0738 3192 [ 72889e16ff12ba0f235467d6091b17dc ] Wd C:\Windows\system32\DRIVERS\wd.sys
03:17:32.0738 3192 Wd - ok
03:17:32.0769 3192 [ 441bd2d7b4f98134c3a4f9fa570fd250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
03:17:32.0769 3192 Wdf01000 - ok
03:17:32.0785 3192 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiServiceHost C:\Windows\system32\wdi.dll
03:17:32.0785 3192 WdiServiceHost - ok
03:17:32.0785 3192 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiSystemHost C:\Windows\system32\wdi.dll
03:17:32.0785 3192 WdiSystemHost - ok
03:17:32.0816 3192 [ 3db6d04e1c64272f8b14eb8bc4616280 ] WebClient C:\Windows\System32\webclnt.dll
03:17:32.0816 3192 WebClient - ok
03:17:32.0847 3192 [ c749025a679c5103e575e3b48e092c43 ] Wecsvc C:\Windows\system32\wecsvc.dll
03:17:32.0847 3192 Wecsvc - ok
03:17:32.0863 3192 [ 7e591867422dc788b9e5bd337a669a08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
03:17:32.0863 3192 wercplsupport - ok
03:17:32.0878 3192 [ 6d137963730144698cbd10f202e9f251 ] WerSvc C:\Windows\System32\WerSvc.dll
03:17:32.0878 3192 WerSvc - ok
03:17:32.0894 3192 [ 611b23304bf067451a9fdee01fbdd725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
03:17:32.0894 3192 WfpLwf - ok
03:17:32.0909 3192 [ 05ecaec3e4529a7153b3136ceb49f0ec ] WIMMount C:\Windows\system32\drivers\wimmount.sys
03:17:32.0909 3192 WIMMount - ok
03:17:32.0909 3192 WinHttpAutoProxySvc - ok
03:17:32.0956 3192 [ 19b07e7e8915d701225da41cb3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
03:17:32.0956 3192 Winmgmt - ok
03:17:33.0065 3192 [ bcb1310604aa415c4508708975b3931e ] WinRM C:\Windows\system32\WsmSvc.dll
03:17:33.0112 3192 WinRM - ok
03:17:33.0159 3192 [ fe88b288356e7b47b74b13372add906d ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
03:17:33.0159 3192 WinUsb - ok
03:17:33.0190 3192 [ 4fada86e62f18a1b2f42ba18ae24e6aa ] Wlansvc C:\Windows\System32\wlansvc.dll
03:17:33.0206 3192 Wlansvc - ok
03:17:33.0221 3192 [ 06c8fa1cf39de6a735b54d906ba791c6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
03:17:33.0237 3192 wlcrasvc - ok
03:17:33.0315 3192 [ 2bacd71123f42cea603f4e205e1ae337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
03:17:33.0315 3192 wlidsvc - ok
03:17:33.0346 3192 [ f6ff8944478594d0e414d3f048f0d778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
03:17:33.0346 3192 WmiAcpi - ok
03:17:33.0362 3192 [ 38b84c94c5a8af291adfea478ae54f93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
03:17:33.0362 3192 wmiApSrv - ok
03:17:33.0393 3192 WMPNetworkSvc - ok
03:17:33.0393 3192 [ 96c6e7100d724c69fcf9e7bf590d1dca ] WPCSvc C:\Windows\System32\wpcsvc.dll
03:17:33.0409 3192 WPCSvc - ok
03:17:33.0424 3192 [ 93221146d4ebbf314c29b23cd6cc391d ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
03:17:33.0424 3192 WPDBusEnum - ok
03:17:33.0455 3192 [ 6bcc1d7d2fd2453957c5479a32364e52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
03:17:33.0455 3192 ws2ifsl - ok
03:17:33.0455 3192 WSearch - ok
03:17:33.0471 3192 [ d3381dc54c34d79b22cee0d65ba91b7c ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
03:17:33.0471 3192 WudfPf - ok
03:17:33.0487 3192 [ cf8d590be3373029d57af80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
03:17:33.0487 3192 WUDFRd - ok
03:17:33.0502 3192 [ 7a95c95b6c4cf292d689106bcae49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
03:17:33.0502 3192 wudfsvc - ok
03:17:33.0518 3192 [ 9a3452b3c2a46c073166c5cf49fad1ae ] WwanSvc C:\Windows\System32\wwansvc.dll
03:17:33.0518 3192 WwanSvc - ok
03:17:33.0533 3192 ================ Scan global ===============================
03:17:33.0549 3192 (ba0cd8c393e8c9f83354106093832c7b) C:\Windows\system32\basesrv.dll
03:17:33.0565 3192 (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll
03:17:33.0565 3192 (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll
03:17:33.0596 3192 (d6160f9d869ba3af0b787f971db56368) C:\Windows\system32\sxssrv.dll
03:17:33.0627 3192 (24acb7e5be595468e3b9aa488b9b4fcb) C:\Windows\system32\services.exe
03:17:33.0627 3192 [Global] - ok
03:17:33.0627 3192 ================ Scan MBR ==================================
03:17:33.0658 3192 MBR (0x1B8) (4976d4a7a40b83fc7f06ee4bdd84eb9b) \Device\Harddisk0\DR0
03:17:33.0799 3192 \Device\Harddisk0\DR0 - ok
03:17:34.0251 3192 MBR (0x1B8) (671b81004fdd1588fa9ed1331c9ceca9) \Device\Harddisk1\DR1
03:17:34.0251 3192 \Device\Harddisk1\DR1 - ok
03:17:34.0251 3192 ================ Scan VBR ==================================
03:17:34.0267 3192 Boot (0x1200) (04879ef0d98b65f9854d49c3fe7d1003) \Device\Harddisk0\DR0\Partition1
03:17:34.0267 3192 \Device\Harddisk0\DR0\Partition1 - ok
03:17:34.0282 3192 Boot (0x1200) (fa0e1ae13c2e642b824cb112475b45db) \Device\Harddisk1\DR1\Partition1
03:17:34.0282 3192 \Device\Harddisk1\DR1\Partition1 - ok
03:17:34.0282 3192 ============================================================
03:17:34.0282 3192 Scan finished
03:17:34.0282 3192 ============================================================
03:17:34.0313 3216 Detected object count: 0
03:17:34.0313 3216 Actual detected object count: 0

#7 Virgorival

Virgorival
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:04:07 PM

Posted 15 August 2012 - 03:27 AM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-15 03:20:10
-----------------------------
03:20:10.058 OS Version: Windows x64 6.1.7601 Service Pack 1
03:20:10.058 Number of processors: 6 586 0xA00
03:20:10.058 ComputerName: PATCHOULI UserName: Rival
03:20:15.579 Initialize success
03:20:22.632 AVAST engine defs: 12081500
03:20:24.400 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
03:20:24.400 Disk 0 Vendor: ST31000524AS JC45 Size: 953869MB BusType: 3
03:20:24.415 Disk 0 MBR read successfully
03:20:24.415 Disk 0 MBR scan
03:20:24.415 Disk 0 unknown MBR code
03:20:24.431 Disk 0 Partition 1 00 1B Hidd FAT32 NTFS 10024 MB offset 2048
03:20:24.447 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 943843 MB offset 20531200
03:20:24.462 Disk 0 scanning C:\Windows\system32\drivers
03:20:39.123 Service scanning
03:20:57.182 Modules scanning
03:20:57.182 Disk 0 trace - called modules:
03:20:57.214 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys
03:20:57.214 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007a20060]
03:20:57.214 3 CLASSPNP.SYS[fffff8800195a43f] -> nt!IofCallDriver -> [0xfffffa8007935940]
03:20:57.214 5 ACPI.sys[fffff88000f677a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8007a1d060]
03:20:58.711 AVAST engine scan C:\Windows
03:21:10.216 AVAST engine scan C:\Windows\system32
03:23:32.285 AVAST engine scan C:\Windows\system32\drivers
03:23:44.389 AVAST engine scan C:\Users\Rival
03:26:02.246 Disk 0 MBR has been saved successfully to "C:\Users\Rival\Desktop\MBR.dat"
03:26:02.252 The log file has been saved successfully to "C:\Users\Rival\Desktop\aswMBR.txt"

#8 Virgorival

Virgorival
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:04:07 PM

Posted 15 August 2012 - 05:09 AM

C:\ProgramData\Microsoft\Windows\DRM\9E13.tmp Win64/Olmarik.AH trojan cleaned by deleting - quarantined
C:\ProgramData\Microsoft\Windows\DRM\9E33.tmp Win64/Olmarik.AH trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Windows\Installer\{b22b0583-4748-ebf7-64a1-21f70e4d6814}\n.vir Win64/Sirefef.W trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Windows\Installer\{b22b0583-4748-ebf7-64a1-21f70e4d6814}\U\00000008.@.vir Win64/Agent.BA trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Windows\Installer\{b22b0583-4748-ebf7-64a1-21f70e4d6814}\U\000000cb.@.vir Win64/Conedex.B trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Windows\Installer\{b22b0583-4748-ebf7-64a1-21f70e4d6814}\U\80000000.@.vir Win64/Sirefef.AP trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Windows\Installer\{b22b0583-4748-ebf7-64a1-21f70e4d6814}\U\80000032.@.vir a variant of Win32/Sirefef.FD trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Windows\System32\services.exe.vir Win64/Patched.B.Gen trojan deleted - quarantined
C:\TDSSKiller_Quarantine\13.08.2012_14.36.30\mbr0000\tdlfs0000\tsk0000.dta Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\13.08.2012_14.36.30\mbr0000\tdlfs0000\tsk0001.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\13.08.2012_14.36.30\mbr0000\tdlfs0000\tsk0002.dta Win32/Olmarik.AYH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\13.08.2012_14.36.30\mbr0000\tdlfs0000\tsk0003.dta Win64/Olmarik.AL trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\13.08.2012_14.36.30\mbr0000\tdlfs0000\tsk0004.dta a variant of Win32/Rootkit.Kryptik.NH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\13.08.2012_14.36.30\mbr0000\tdlfs0000\tsk0005.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\13.08.2012_14.36.30\mbr0000\tdlfs0000\tsk0009.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\13.08.2012_14.36.30\mbr0000\tdlfs0000\tsk0010.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\15.08.2012_02.46.09\mbr0000\tdlfs0000\tsk0000.dta Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\15.08.2012_02.46.09\mbr0000\tdlfs0000\tsk0001.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\15.08.2012_02.46.09\mbr0000\tdlfs0000\tsk0002.dta Win32/Olmarik.AYH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\15.08.2012_02.46.09\mbr0000\tdlfs0000\tsk0003.dta Win64/Olmarik.AL trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\15.08.2012_02.46.09\mbr0000\tdlfs0000\tsk0004.dta a variant of Win32/Rootkit.Kryptik.NP trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\15.08.2012_02.46.09\mbr0000\tdlfs0000\tsk0005.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\15.08.2012_02.46.09\mbr0000\tdlfs0000\tsk0009.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\15.08.2012_02.46.09\mbr0000\tdlfs0000\tsk0010.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\15.08.2012_02.46.09\zasubsys0000\file0000\tsk0000.dta Win64/Patched.B.Gen trojan deleted - quarantined
C:\TDSSKiller_Quarantine\15.08.2012_02.46.09\zasubsys0000\zafs0000\tsk0000.dta Win32/Sirefef.EZ trojan deleted - quarantined
C:\TDSSKiller_Quarantine\15.08.2012_02.46.09\zasubsys0000\zafs0000\tsk0001.dta Win64/Sirefef.AD trojan deleted - quarantined
C:\TDSSKiller_Quarantine\15.08.2012_02.46.09\zasubsys0000\zafs0000\tsk0006.dta Win64/Agent.BA trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\15.08.2012_02.46.09\zasubsys0000\zafs0000\tsk0007.dta Win64/Conedex.B trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\15.08.2012_02.46.09\zasubsys0000\zafs0000\tsk0008.dta Win64/Sirefef.AP trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\15.08.2012_02.46.09\zasubsys0000\zafs0000\tsk0009.dta a variant of Win32/Sirefef.FD trojan cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7GYD72KZ\imp[1].js HTML/Iframe.B.Gen virus deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7GYD72KZ\imp[4].js HTML/Iframe.B.Gen virus deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7GYD72KZ\imp[5].js HTML/Iframe.B.Gen virus deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\{b22b0583-4748-ebf7-64a1-21f70e4d6814}\n Win64/Sirefef.W trojan cleaned by deleting - quarantined

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:07 PM

Posted 15 August 2012 - 05:27 AM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Create a restore point before trying this

Download

adware cleaner

Launch it click on Delete

post the generated log

#10 zero masterus

zero masterus

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:04:07 PM

Posted 15 August 2012 - 01:19 PM

Hi there,
My computer has picked up a trojan agent from I don't know where and is implanted in an svchost.exe. From what I have read from other forums, I know that MalwareBytes can only detect, not remove; so, what can I do to remove these "agents".

What do the agents do to my computer?

halts startup and goes into system repair
once in a while, the screen turns black and displays an emergency restart
Windows Firewall and Defender is shut off
When Hibernate is selected, it instead shuts off; and, when turned on, says that the system shut down wrongfully.

Also, I am using my neighbors connection, given his consent of course, could I have received this through their network connection?

#11 Virgorival

Virgorival
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:04:07 PM

Posted 15 August 2012 - 04:01 PM

MiniToolBox by Farbar Version: 23-07-2012
Ran by Rival (administrator) on 15-08-2012 at 15:59:21
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Patchouli
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : F4-6D-04-9E-56-17
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::cc7:ec5f:4496:154b%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.101(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, August 15, 2012 3:48:23 PM
Lease Expires . . . . . . . . . . : Thursday, August 16, 2012 3:48:22 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 234938452
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-2F-FD-D6-F4-6D-04-9E-56-17
DNS Servers . . . . . . . . . . . : 192.168.15.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{6E24409E-A34A-4D00-AC4C-39F45C50C0E2}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: WiMaxCPE
Address: 192.168.15.1

Name: google.com
Addresses: 2607:f8b0:400a:800::1008
173.194.33.1
173.194.33.3
173.194.33.8
173.194.33.0
173.194.33.5
173.194.33.4
173.194.33.2
173.194.33.9
173.194.33.7
173.194.33.6
173.194.33.14


Pinging google.com [173.194.33.14] with 32 bytes of data:
Reply from 173.194.33.14: bytes=32 time=129ms TTL=50
Reply from 173.194.33.14: bytes=32 time=145ms TTL=50

Ping statistics for 173.194.33.14:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 129ms, Maximum = 145ms, Average = 137ms
Server: WiMaxCPE
Address: 192.168.15.1

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=125ms TTL=46
Reply from 72.30.38.140: bytes=32 time=168ms TTL=46

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 125ms, Maximum = 168ms, Average = 146ms
Server: WiMaxCPE
Address: 192.168.15.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
10...f4 6d 04 9e 56 17 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.101 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.101 276
192.168.1.101 255.255.255.255 On-link 192.168.1.101 276
192.168.1.255 255.255.255.255 On-link 192.168.1.101 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.101 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.101 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
10 276 fe80::/64 On-link
10 276 fe80::cc7:ec5f:4496:154b/128
On-link
1 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\SysWOW64\nwprovau.dll [File Not found] ()
Catalog5 03 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 04 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 mswsock.dll [File Not found] ()
x64-Catalog9 02 mswsock.dll [File Not found] ()
x64-Catalog9 03 mswsock.dll [File Not found] ()
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 mswsock.dll [File Not found] ()
x64-Catalog9 09 mswsock.dll [File Not found] ()
x64-Catalog9 10 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/15/2012 00:34:57 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 90080108

Error: (08/15/2012 11:09:00 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (08/15/2012 03:27:36 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/15/2012 03:27:29 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/15/2012 03:27:29 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/15/2012 03:04:00 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x7ff34970
Faulting process id: 0xad0
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (08/15/2012 02:58:52 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/15/2012 02:58:52 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/15/2012 02:58:49 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/15/2012 00:58:20 AM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16447 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 11a4

Start Time: 01cd7aa93e4be2d2

Termination Time: 7

Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Report Id: 331a5480-e69e-11e1-83a0-f46d049e5617


System errors:
=============
Error: (08/15/2012 03:50:31 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (08/15/2012 03:50:31 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (08/15/2012 03:48:27 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (08/15/2012 03:48:25 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (08/15/2012 03:48:25 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (08/15/2012 03:16:57 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (08/15/2012 03:16:57 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (08/15/2012 03:12:25 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (08/15/2012 03:12:22 AM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (08/15/2012 03:12:22 AM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.


Microsoft Office Sessions:
=========================
Error: (08/15/2012 00:34:57 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 90080108

Error: (08/15/2012 11:09:00 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (08/15/2012 03:27:36 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Rival\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3CZ98MIG\esetsmartinstaller_enu.exe

Error: (08/15/2012 03:27:29 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Rival\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3CZ98MIG\esetsmartinstaller_enu.exe

Error: (08/15/2012 03:27:29 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Rival\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3CZ98MIG\esetsmartinstaller_enu.exe

Error: (08/15/2012 03:04:00 AM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c5unknown0.0.0.000000000c00000057ff34970ad001cd7aa8d8e36b1a\\.\globalroot\systemroot\svchost.exeunknownc4c5a122-e6af-11e1-83a0-f46d049e5617

Error: (08/15/2012 02:58:52 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Rival\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3CZ98MIG\esetsmartinstaller_enu.exe

Error: (08/15/2012 02:58:52 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Rival\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3CZ98MIG\esetsmartinstaller_enu.exe

Error: (08/15/2012 02:58:49 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Rival\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3CZ98MIG\esetsmartinstaller_enu.exe

Error: (08/15/2012 00:58:20 AM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.1644711a401cd7aa93e4be2d27C:\Program Files (x86)\Internet Explorer\iexplore.exe331a5480-e69e-11e1-83a0-f46d049e5617


=========================== Installed Programs ============================

3D Bridge DS4 (64bit) (Version: 1.0.11.47)
3DMark Vantage (Version: 1.1.0)
64 Bit HP CIO Components Installer (Version: 1.2.0)
Adobe AIR (Version: 3.3.0.3670)
Adobe Community Help (Version: 3.0.0)
Adobe Community Help (Version: 3.0.0.400)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.271)
Adobe Flash Player 11 Plugin (Version: 11.3.300.271)
Adobe Media Player (Version: 1.8)
Adobe Photoshop CS5 (Version: 12.0)
Adobe Reader X (10.1.3) MUI (Version: 10.1.3)
AI Manager (Version: 1.08.10)
AIM 7
AMD Accelerated Video Transcoding (Version: 2.00.0002)
AMD APP SDK Runtime (Version: 10.0.938.1)
AMD Catalyst Install Manager (Version: 8.0.881.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2012.0611.1251.21046)
AMD Media Foundation Decoders (Version: 1.0.70611.1329)
AMD Steady Video Plug-In (Version: 2.04.0000)
AMD USB Filter Driver (Version: 1.0.15.94)
AMD VISION Engine Control Center (Version: 2012.0611.1251.21046)
ASUS Backup Wizard (Version: 1.00.10)
ASUSUpdate (Version: 7.18.03)
AsusVibe2.0 (Version: 2.0.2.562)
ATI AVIVO64 Codecs (Version: 11.6.0.10627)
Bamboo (Version: 5.2.5-5)
Bamboo Dock (Version: 4.0)
Bamboo Dock (Version: 4.0.0)
Best Buy pc app (Version: 3.2.2.1)
BitTornado 0.3.18 (Version: 0.3.18)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2012.0611.1251.21046)
Catalyst Control Center InstallProxy (Version: 2010.0210.2206.39615)
Catalyst Control Center InstallProxy (Version: 2012.0611.1251.21046)
Catalyst Control Center Localization All (Version: 2012.0611.1251.21046)
ccc-utility64 (Version: 2012.0611.1251.21046)
CCC Help Chinese Standard (Version: 2012.0611.1250.21046)
CCC Help Chinese Traditional (Version: 2012.0611.1250.21046)
CCC Help Czech (Version: 2012.0611.1250.21046)
CCC Help Danish (Version: 2012.0611.1250.21046)
CCC Help Dutch (Version: 2012.0611.1250.21046)
CCC Help English (Version: 2012.0611.1250.21046)
CCC Help Finnish (Version: 2012.0611.1250.21046)
CCC Help French (Version: 2012.0611.1250.21046)
CCC Help German (Version: 2012.0611.1250.21046)
CCC Help Greek (Version: 2012.0611.1250.21046)
CCC Help Hungarian (Version: 2012.0611.1250.21046)
CCC Help Italian (Version: 2012.0611.1250.21046)
CCC Help Japanese (Version: 2012.0611.1250.21046)
CCC Help Korean (Version: 2012.0611.1250.21046)
CCC Help Norwegian (Version: 2012.0611.1250.21046)
CCC Help Polish (Version: 2012.0611.1250.21046)
CCC Help Portuguese (Version: 2012.0611.1250.21046)
CCC Help Russian (Version: 2012.0611.1250.21046)
CCC Help Spanish (Version: 2012.0611.1250.21046)
CCC Help Swedish (Version: 2012.0611.1250.21046)
CCC Help Thai (Version: 2012.0611.1250.21046)
CCC Help Turkish (Version: 2012.0611.1250.21046)
CCleaner (Version: 3.19)
Complément Messenger (Version: 15.4.3502.0922)
Contrôle ActiveX Windows Live Mesh pour connexions ŕ distance (Version: 15.4.5722.2)
Control ActiveX de Windows Live Mesh para conexiones remotas (Version: 15.4.5722.2)
D3DX10 (Version: 15.4.2368.0902)
DAZ Content Management Service (Version: 4.8.1.7)
DAZ Studio 4 (64bit) (Version: 4.0.3.47)
Download Updater (AOL LLC)
DriveImage XML (Private Edition) (Version: 2.30)
DS4 Default Content (Version: 4.0.0.19)
EPU-4 Engine (Version: 1.01.02)
ESET Online Scanner v3
Futuremark SystemInfo (Version: 4.9.0)
Galerie de photos Windows Live (Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (Version: 15.4.3502.0922)
Ghost Recon Online (NCSA-Live) (Version: 1.27.3703.2)
Google Chrome (Version: 21.0.1180.79)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.115)
GoZ DS4 (64bit) (Version: 1.0.3.47)
Hexagon 2 (Version: 2.5.1.79)
HydraVision (Version: 4.2.208.0)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 29 (64-bit) (Version: 6.0.290)
Java™ 6 Update 29 (Version: 6.0.290)
Junk Mail filter update (Version: 15.4.3502.0922)
MagicTunePremium (Version: 4.0.14)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Mozilla Firefox 12.0 (x86 en-US) (Version: 12.0)
Mozilla Maintenance Service (Version: 12.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
MultiScreen (Version: 1.00.0000)
NVIDIA PhysX (Version: 9.10.0513)
PDF Settings CS5 (Version: 10.0)
Platform (Version: 1.34)
Ralink RT2860 Wireless LAN Card (Version: 1.2.0.1)
Reality 2.2 (Version: 2.2)
Realtek Ethernet Controller Driver (Version: 7.31.1025.2010)
Samsung_MonSetup (Version: 1.00.0000)
Skype Click to Call (Version: 6.1.10441)
Skype™ 5.10 (Version: 5.10.116)
SUPERAntiSpyware (Version: 5.1.1002)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
VIA Platform Device Manager (Version: 1.34)
Victoria 4.2 Base (Version: ps_pe069_Victoria4)
VLC media player 2.0.3 (Version: 2.0.3)
WebTablet FB Plugin (Version: 2.0.0.1)
WebTablet IE Plugin (Version: 1.1.0.12)
WebTablet Netscape Plugin (Version: 1.1.0.10)
Winamp (Version: 5.621 )
Windows Live (Version: 15.4.3502.0922)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live Fotogalerie (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (Version: 15.4.5722.2)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Mesh ActiveX control for remote connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR 4.01 (32-bit) (Version: 4.01.0)

========================= Memory info: ===================================

Percentage of memory in use: 26%
Total physical RAM: 8191.18 MB
Available physical RAM: 5980.55 MB
Total Pagefile: 16380.54 MB
Available Pagefile: 13563.87 MB
Total Virtual: 4095.88 MB
Available Virtual: 3954.1 MB

========================= Partitions: =====================================

1 Drive c: (WIN7) (Fixed) (Total:921.72 GB) (Free:803.91 GB) NTFS
2 Drive d: (XFX_VGA_A8.84W) (CDROM) (Total:0.41 GB) (Free:0 GB) CDFS
4 Drive f: (Fawn) (Fixed) (Total:931.51 GB) (Free:857.79 GB) NTFS

========================= Users: ========================================

User accounts for \\PATCHOULI

Administrator Guest Rival


**** End of log ****

#12 Virgorival

Virgorival
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:04:07 PM

Posted 15 August 2012 - 04:02 PM

Farbar Service Scanner Version: 06-08-2012
Ran by Rival (administrator) on 15-08-2012 at 16:02:03
Running from "C:\Users\Rival\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3CZ98MIG"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of BITS. The value does not exist.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to open SharedAccess registry key. The service key does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:07 PM

Posted 15 August 2012 - 07:40 PM

MBAM and ADWARE CLEANER logs?

Download

MpsSvc
BFE
wscsvc
defender
wuauserv
BITS
Sharedaccess

Launch them ,click YES when you get UAC prompt

restart the PC


Download

Windows repair tool

Extract and launch the Repair_Windows.exe file

Click on Start repairs tab-click on Start

check mark following options alone

Reset registry permissions
reset file permissions
Repair WMI
Repair Windows Firewall.
Remove Policies Set By Infections
Repair Winsock & DNS Cache
Repair hosts


Checkmark Restart System When Finished option
click the Start button

System should restart after repair

Post the FSS log

#14 Virgorival

Virgorival
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:04:07 PM

Posted 15 August 2012 - 10:12 PM

(( Sorry got called away to work early ))

# AdwCleaner v1.801 - Logfile created 08/15/2012 at 16:03:43
# Updated 14/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Rival - PATCHOULI
# Boot Mode : Normal
# Running from : C:\Users\Rival\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QRVYST3W\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files (x86)\Common Files\Software Update Utility
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.xpt
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.xpt

***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v12.0 (en-US)

Profile name : default
File : C:\Users\Rival\AppData\Roaming\Mozilla\Firefox\Profiles\dc1pzkbt.default\prefs.js

C:\Users\Rival\AppData\Roaming\Mozilla\Firefox\Profiles\dc1pzkbt.default\user.js ... Deleted !

[OK] File is clean.

-\\ Google Chrome v21.0.1180.79

File : C:\Users\Rival\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted : "description": "The fastest way to search the web.",

*************************

AdwCleaner[R1].txt - [3296 octets] - [15/08/2012 16:03:20]
AdwCleaner[S1].txt - [2806 octets] - [15/08/2012 16:03:43]

########## EOF - C:\AdwCleaner[S1].txt - [2934 octets] ##########

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.15.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Rival :: PATCHOULI [administrator]

8/15/2012 3:50:16 PM
mbam-log-2012-08-15 (15-50-16).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 202549
Time elapsed: 4 minute(s), 55 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#15 Virgorival

Virgorival
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:04:07 PM

Posted 15 August 2012 - 11:13 PM

post which log again?

if you mean rerun FSS

Farbar Service Scanner Version: 06-08-2012
Ran by Rival (administrator) on 15-08-2012 at 23:12:02
Running from "C:\Users\Rival\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HF0RZLP9"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend: "%ProgramFiles(x86)%\Windows Defender\mpsvc.dll".


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users